Blame SPECS/openldap.spec

767ab2
%global _hardened_build 1
767ab2
767ab2
%global systemctl_bin /usr/bin/systemctl
767ab2
%global check_password_version 1.1
767ab2
767ab2
Name: openldap
a3e6a8
Version: 2.4.44
d0f00d
Release: 15%{?dist}
767ab2
Summary: LDAP support libraries
767ab2
Group: System Environment/Daemons
767ab2
License: OpenLDAP
767ab2
URL: http://www.openldap.org/
767ab2
Source0: ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/openldap-%{version}.tgz
767ab2
Source1: slapd.service
767ab2
Source2: slapd.sysconfig
767ab2
Source3: slapd.tmpfiles
767ab2
Source4: slapd.ldif
767ab2
Source5: ldap.conf
767ab2
Source10: ltb-project-openldap-ppolicy-check-password-%{check_password_version}.tar.gz
767ab2
Source50: libexec-functions
767ab2
Source51: libexec-convert-config.sh
767ab2
Source52: libexec-check-config.sh
767ab2
Source53: libexec-upgrade-db.sh
767ab2
Source54: libexec-create-certdb.sh
767ab2
Source55: libexec-generate-server-cert.sh
edf356
Source56: libexec-update-ppolicy-schema.sh
767ab2
767ab2
# patches for 2.4
767ab2
Patch0: openldap-manpages.patch
95f81a
Patch1: openldap-ppolicy-loglevels.patch
767ab2
Patch2: openldap-sql-linking.patch
767ab2
Patch3: openldap-reentrant-gethostby.patch
767ab2
Patch4: openldap-smbk5pwd-overlay.patch
767ab2
Patch5: openldap-ldaprc-currentdir.patch
767ab2
Patch6: openldap-userconfig-setgid.patch
95f81a
Patch7: openldap-allop-overlay.patch
767ab2
Patch8: openldap-syncrepl-unset-tls-options.patch
767ab2
Patch9: openldap-man-sasl-nocanon.patch
767ab2
Patch10: openldap-ai-addrconfig.patch
767ab2
# fix back_perl problems with lt_dlopen()
767ab2
# might cause crashes because of symbol collisions
767ab2
# the proper fix is to link all perl modules against libperl
767ab2
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327585
767ab2
Patch19: openldap-switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.patch
767ab2
# ldapi sasl fix pending upstream inclusion
767ab2
Patch20: openldap-ldapi-sasl.patch
95f81a
# coverity - missin_unlock in servers/slapd/overlays/accesslog.c
95f81a
Patch21: openldap-missing-unlock-in-accesslog-overlay.patch
95f81a
Patch23: openldap-module-passwd-sha2.patch
93fdd1
# pending upstream inclusion, ITS #7744
93fdd1
Patch24: openldap-man-tls-reqcert.patch
edf356
Patch25: openldap-man-ldap-conf.patch
95f81a
Patch35: openldap-ITS8428-init-sc_writewait.patch
95f81a
Patch36: openldap-bdb_idl_fetch_key-correct-key-pointer.patch
a3e6a8
Patch37: openldap-ITS8655-fix-double-free-on-paged-search-with-pagesize-0.patch
a3e6a8
d198f9
# check-password module specific patches
d198f9
Patch90: check-password-makefile.patch
d198f9
Patch91: check-password.patch
95f81a
Patch92: check-password-loglevels.patch
767ab2
edf356
# MozNSS compatibility layer
edf356
Patch101: openldap-tlsmc.patch
767ab2
# Fedora specific patches
767ab2
Patch102: openldap-fedora-systemd.patch
767ab2
edf356
BuildRequires: cyrus-sasl-devel, nss-devel, openssl-devel, krb5-devel, tcp_wrappers-devel, unixODBC-devel
767ab2
BuildRequires: glibc-devel, libtool, libtool-ltdl-devel, groff, perl, perl-devel, perl(ExtUtils::Embed)
767ab2
Requires: nss-tools
d198f9
Requires(post): rpm, coreutils, findutils
767ab2
767ab2
%description
767ab2
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
767ab2
Protocol) applications and development tools. LDAP is a set of
767ab2
protocols for accessing directory services (usually phone book style
767ab2
information, but other information is possible) over the Internet,
767ab2
similar to the way DNS (Domain Name System) information is propagated
767ab2
over the Internet. The openldap package contains configuration files,
767ab2
libraries, and documentation for OpenLDAP.
767ab2
767ab2
%package devel
767ab2
Summary: LDAP development libraries and header files
767ab2
Group: Development/Libraries
767ab2
Requires: openldap%{?_isa} = %{version}-%{release}, cyrus-sasl-devel%{?_isa}
767ab2
767ab2
%description devel
767ab2
The openldap-devel package includes the development libraries and
767ab2
header files needed for compiling applications that use LDAP
767ab2
(Lightweight Directory Access Protocol) internals. LDAP is a set of
767ab2
protocols for enabling directory services over the Internet. Install
767ab2
this package only if you plan to develop or will need to compile
767ab2
customized LDAP clients.
767ab2
767ab2
%package servers
767ab2
Summary: LDAP server
767ab2
License: OpenLDAP
767ab2
Requires: openldap%{?_isa} = %{version}-%{release}, libdb-utils
767ab2
Requires(pre): shadow-utils
767ab2
Requires(post): systemd, systemd-sysv, chkconfig
767ab2
Requires(preun): systemd
767ab2
Requires(postun): systemd
767ab2
BuildRequires: libdb-devel
767ab2
BuildRequires: systemd-units
767ab2
BuildRequires: cracklib-devel
767ab2
Group: System Environment/Daemons
767ab2
# migrationtools (slapadd functionality):
767ab2
Provides: ldif2ldbm
767ab2
767ab2
%description servers
767ab2
OpenLDAP is an open-source suite of LDAP (Lightweight Directory Access
767ab2
Protocol) applications and development tools. LDAP is a set of
767ab2
protocols for accessing directory services (usually phone book style
767ab2
information, but other information is possible) over the Internet,
767ab2
similar to the way DNS (Domain Name System) information is propagated
767ab2
over the Internet. This package contains the slapd server and related files.
767ab2
767ab2
%package servers-sql
767ab2
Summary: SQL support module for OpenLDAP server
767ab2
Requires: openldap-servers%{?_isa} = %{version}-%{release}
767ab2
Group: System Environment/Daemons
767ab2
767ab2
%description servers-sql
767ab2
OpenLDAP is an open-source suite of LDAP (Lightweight Directory Access
767ab2
Protocol) applications and development tools. LDAP is a set of
767ab2
protocols for accessing directory services (usually phone book style
767ab2
information, but other information is possible) over the Internet,
767ab2
similar to the way DNS (Domain Name System) information is propagated
767ab2
over the Internet. This package contains a loadable module which the
767ab2
slapd server can use to read data from an RDBMS.
767ab2
767ab2
%package clients
767ab2
Summary: LDAP client utilities
767ab2
Requires: openldap%{?_isa} = %{version}-%{release}
767ab2
Group: Applications/Internet
767ab2
767ab2
%description clients
767ab2
OpenLDAP is an open-source suite of LDAP (Lightweight Directory Access
767ab2
Protocol) applications and development tools. LDAP is a set of
767ab2
protocols for accessing directory services (usually phone book style
767ab2
information, but other information is possible) over the Internet,
767ab2
similar to the way DNS (Domain Name System) information is propagated
767ab2
over the Internet. The openldap-clients package contains the client
767ab2
programs needed for accessing and modifying OpenLDAP directories.
767ab2
767ab2
%prep
767ab2
%setup -q -c -a 0 -a 10
767ab2
767ab2
pushd openldap-%{version}
767ab2
edf356
%patch101 -p1
767ab2
767ab2
# alternative include paths for Mozilla NSS
767ab2
ln -s %{_includedir}/nss3 include/nss
767ab2
ln -s %{_includedir}/nspr4 include/nspr
767ab2
767ab2
AUTOMAKE=%{_bindir}/true autoreconf -fi
767ab2
767ab2
%patch0 -p1
95f81a
%patch1 -p1
767ab2
%patch2 -p1
767ab2
%patch3 -p1
767ab2
%patch4 -p1
767ab2
%patch5 -p1
767ab2
%patch6 -p1
95f81a
%patch7 -p1
767ab2
%patch8 -p1
767ab2
%patch9 -p1
767ab2
%patch10 -p1
767ab2
%patch19 -p1
767ab2
%patch20 -p1
95f81a
%patch21 -p1
95f81a
%patch23 -p1
93fdd1
%patch24 -p1
edf356
%patch25 -p1
95f81a
%patch35 -p1
95f81a
%patch36 -p1
a3e6a8
%patch37 -p1
767ab2
767ab2
%patch102 -p1
767ab2
767ab2
# build smbk5pwd with other overlays
767ab2
ln -s ../../../contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays
767ab2
mv contrib/slapd-modules/smbk5pwd/README contrib/slapd-modules/smbk5pwd/README.smbk5pwd
95f81a
# build allop with other overlays
95f81a
ln -s ../../../contrib/slapd-modules/allop/allop.c servers/slapd/overlays
95f81a
mv contrib/slapd-modules/allop/README contrib/slapd-modules/allop/README.allop
95f81a
mv contrib/slapd-modules/allop/slapo-allop.5 doc/man/man5/slapo-allop.5
95f81a
# build sha2 with other overlays
95f81a
ln -s ../../../contrib/slapd-modules/passwd/sha2/{sha2.{c,h},slapd-sha2.c} \
95f81a
      servers/slapd/overlays
95f81a
ls servers/slapd/overlays
95f81a
mv contrib/slapd-modules/passwd/sha2/README{,.sha2}
767ab2
767ab2
mv servers/slapd/back-perl/README{,.back_perl}
767ab2
767ab2
# fix documentation encoding
767ab2
for filename in doc/drafts/draft-ietf-ldapext-acl-model-xx.txt; do
767ab2
	iconv -f iso-8859-1 -t utf-8 "$filename" > "$filename.utf8"
767ab2
	mv "$filename.utf8" "$filename"
767ab2
done
767ab2
767ab2
popd
767ab2
d198f9
pushd ltb-project-openldap-ppolicy-check-password-%{check_password_version}
d198f9
%patch90 -p1
d198f9
%patch91 -p1
95f81a
%patch92 -p1
d198f9
popd
d198f9
767ab2
%build
767ab2
6756b0
%ifarch s390 s390x
6756b0
  export CFLAGS="-fPIE"
6756b0
%else
6756b0
  export CFLAGS="-fpie"
6756b0
%endif
6756b0
export LDFLAGS="-pie"
767ab2
# avoid stray dependencies (linker flag --as-needed)
767ab2
# enable experimental support for LDAP over UDP (LDAP_CONNECTIONLESS)
d198f9
export CFLAGS="${CFLAGS} %{optflags} -Wl,-z,relro,-z,now,--as-needed -DLDAP_CONNECTIONLESS"
767ab2
767ab2
pushd openldap-%{version}
767ab2
%configure \
767ab2
	--enable-debug \
767ab2
	--enable-dynamic \
767ab2
	--enable-syslog \
767ab2
	--enable-proctitle \
767ab2
	--enable-ipv6 \
767ab2
	--enable-local \
767ab2
	\
767ab2
	--enable-slapd \
767ab2
	--enable-dynacl \
767ab2
	--enable-aci \
767ab2
	--enable-cleartext \
767ab2
	--enable-crypt \
767ab2
	--enable-lmpasswd \
767ab2
	--enable-spasswd \
767ab2
	--enable-modules \
767ab2
	--enable-rewrite \
767ab2
	--enable-rlookups \
767ab2
	--enable-slapi \
767ab2
	--disable-slp \
767ab2
	--enable-wrappers \
767ab2
	\
767ab2
	--enable-backends=mod \
767ab2
	--enable-bdb=yes \
767ab2
	--enable-hdb=yes \
6756b0
	--enable-mdb=yes \
767ab2
	--enable-monitor=yes \
767ab2
	--disable-ndb \
767ab2
	\
767ab2
	--enable-overlays=mod \
767ab2
	\
767ab2
	--disable-static \
767ab2
	--enable-shared \
767ab2
	\
edf356
	--enable-moznss-compatibility=yes \
edf356
	\
767ab2
	--with-cyrus-sasl \
767ab2
	--without-fetch \
767ab2
	--with-threads \
767ab2
	--with-pic \
767ab2
	--with-gnu-ld \
767ab2
	\
767ab2
	--libexecdir=%{_libdir}
767ab2
767ab2
make %{_smp_mflags}
a3e6a8
a3e6a8
# build mdb_* tools
a3e6a8
pushd libraries/liblmdb
a3e6a8
export XCFLAGS="$CFLAGS"
a3e6a8
make %{_smp_mflags}
a3e6a8
popd
767ab2
popd
767ab2
767ab2
pushd ltb-project-openldap-ppolicy-check-password-%{check_password_version}
767ab2
make LDAP_INC="-I../openldap-%{version}/include \
767ab2
 -I../openldap-%{version}/servers/slapd \
767ab2
 -I../openldap-%{version}/build-servers/include"
767ab2
popd
767ab2
767ab2
%install
767ab2
767ab2
mkdir -p %{buildroot}%{_libdir}/
767ab2
767ab2
pushd openldap-%{version}
767ab2
make install DESTDIR=%{buildroot} STRIP=""
a3e6a8
pushd libraries/liblmdb
a3e6a8
make install DESTDIR=%{buildroot}
a3e6a8
popd
767ab2
popd
767ab2
767ab2
# install check_password module
767ab2
pushd ltb-project-openldap-ppolicy-check-password-%{check_password_version}
d198f9
mv check_password.so check_password.so.%{check_password_version}
d198f9
ln -s check_password.so.%{check_password_version} %{buildroot}%{_libdir}/openldap/check_password.so
d198f9
install -m 755 check_password.so.%{check_password_version} %{buildroot}%{_libdir}/openldap/
767ab2
# install -m 644 README %{buildroot}%{_libdir}/openldap
767ab2
install -d -m 755 %{buildroot}%{_sysconfdir}/openldap
767ab2
cat > %{buildroot}%{_sysconfdir}/openldap/check_password.conf <
767ab2
# OpenLDAP pwdChecker library configuration
767ab2
767ab2
#useCracklib 1
767ab2
#minPoints 3
767ab2
#minUpper 0
767ab2
#minLower 0
767ab2
#minDigit 0
767ab2
#minPunct 0
767ab2
EOF
767ab2
mv README{,.check_pwd}
767ab2
popd
767ab2
767ab2
# setup directories for TLS certificates
767ab2
mkdir -p %{buildroot}%{_sysconfdir}/openldap/certs
767ab2
767ab2
# setup data and runtime directories
767ab2
mkdir -p %{buildroot}%{_sharedstatedir}
767ab2
mkdir -p %{buildroot}%{_localstatedir}
767ab2
install -m 0700 -d %{buildroot}%{_sharedstatedir}/ldap
767ab2
install -m 0755 -d %{buildroot}%{_localstatedir}/run/openldap
767ab2
767ab2
# setup autocreation of runtime directories on tmpfs
6756b0
mkdir -p %{buildroot}%{_tmpfilesdir}/
6756b0
install -m 0644 %SOURCE3 %{buildroot}%{_tmpfilesdir}/slapd.conf
767ab2
767ab2
# install default ldap.conf (customized)
767ab2
rm -f %{buildroot}%{_sysconfdir}/openldap/ldap.conf
767ab2
install -m 0644 %SOURCE5 %{buildroot}%{_sysconfdir}/openldap/ldap.conf
767ab2
767ab2
# setup maintainance scripts
767ab2
mkdir -p %{buildroot}%{_libexecdir}
767ab2
install -m 0755 -d %{buildroot}%{_libexecdir}/openldap
767ab2
install -m 0644 %SOURCE50 %{buildroot}%{_libexecdir}/openldap/functions
767ab2
install -m 0755 %SOURCE51 %{buildroot}%{_libexecdir}/openldap/convert-config.sh
767ab2
install -m 0755 %SOURCE52 %{buildroot}%{_libexecdir}/openldap/check-config.sh
767ab2
install -m 0755 %SOURCE53 %{buildroot}%{_libexecdir}/openldap/upgrade-db.sh
767ab2
install -m 0755 %SOURCE54 %{buildroot}%{_libexecdir}/openldap/create-certdb.sh
767ab2
install -m 0755 %SOURCE55 %{buildroot}%{_libexecdir}/openldap/generate-server-cert.sh
edf356
install -m 0755 %SOURCE56 %{buildroot}%{_libexecdir}/openldap/update-ppolicy-schema.sh
767ab2
a3e6a8
# install mdb_* tools
a3e6a8
mv %{buildroot}/usr/local/bin/mdb_{copy,dump,load,stat} %{buildroot}%{_libexecdir}/openldap/
a3e6a8
mkdir -p %{buildroot}%{_libexecdir}/openldap/man/man1
a3e6a8
mv %{buildroot}/usr/local/share/man/man1/mdb_{copy,dump,load,stat}.1 %{buildroot}%{_libexecdir}/openldap/man/man1/
a3e6a8
# we don't want the library itself nor header file
a3e6a8
rm -f %{buildroot}/usr/local/include/lmdb.h
a3e6a8
rm -f %{buildroot}/usr/local/lib/liblmdb.{a,so}
a3e6a8
767ab2
# remove build root from config files and manual pages
767ab2
perl -pi -e "s|%{buildroot}||g" %{buildroot}%{_sysconfdir}/openldap/*.conf
767ab2
perl -pi -e "s|%{buildroot}||g" %{buildroot}%{_mandir}/*/*.*
767ab2
767ab2
# we don't need the default files -- RPM handles changes
767ab2
rm -f %{buildroot}%{_sysconfdir}/openldap/*.default
767ab2
rm -f %{buildroot}%{_sysconfdir}/openldap/schema/*.default
767ab2
767ab2
# install an init script for the servers
767ab2
mkdir -p %{buildroot}%{_unitdir}
767ab2
install -m 0644 %SOURCE1 %{buildroot}%{_unitdir}/slapd.service
767ab2
767ab2
# install syconfig/ldap
767ab2
mkdir -p %{buildroot}%{_sysconfdir}/sysconfig
767ab2
install -m 644 %SOURCE2 %{buildroot}%{_sysconfdir}/sysconfig/slapd
767ab2
767ab2
# move slapd out of _libdir
767ab2
mv %{buildroot}%{_libdir}/slapd %{buildroot}%{_sbindir}/
767ab2
767ab2
# setup tools as symlinks to slapd
767ab2
rm -f %{buildroot}%{_sbindir}/slap{acl,add,auth,cat,dn,index,passwd,test,schema}
767ab2
rm -f %{buildroot}%{_libdir}/slap{acl,add,auth,cat,dn,index,passwd,test,schema}
767ab2
for X in acl add auth cat dn index passwd test schema; do ln -s slapd %{buildroot}%{_sbindir}/slap$X ; done
767ab2
767ab2
# tweak permissions on the libraries to make sure they're correct
767ab2
chmod 0755 %{buildroot}%{_libdir}/lib*.so*
767ab2
chmod 0644 %{buildroot}%{_libdir}/lib*.*a
767ab2
767ab2
# slapd.conf(5) is obsoleted since 2.3, see slapd-config(5)
767ab2
# new configuration will be generated in %%post
767ab2
mkdir -p %{buildroot}%{_datadir}
767ab2
install -m 0755 -d %{buildroot}%{_datadir}/openldap-servers
767ab2
install -m 0644 %SOURCE4 %{buildroot}%{_datadir}/openldap-servers/slapd.ldif
95f81a
install -m 0750 -d %{buildroot}%{_sysconfdir}/openldap/slapd.d
767ab2
rm -f %{buildroot}%{_sysconfdir}/openldap/slapd.conf
767ab2
rm -f %{buildroot}%{_sysconfdir}/openldap/slapd.ldif
767ab2
767ab2
# move doc files out of _sysconfdir
767ab2
mv %{buildroot}%{_sysconfdir}/openldap/schema/README README.schema
767ab2
mv %{buildroot}%{_sysconfdir}/openldap/DB_CONFIG.example %{buildroot}%{_datadir}/openldap-servers/DB_CONFIG.example
767ab2
chmod 0644 openldap-%{version}/servers/slapd/back-sql/rdbms_depend/timesten/*.sh
767ab2
chmod 0644 %{buildroot}%{_datadir}/openldap-servers/DB_CONFIG.example
767ab2
767ab2
# remove files which we don't want packaged
767ab2
rm -f %{buildroot}%{_libdir}/*.la
d198f9
mv %{buildroot}%{_libdir}/openldap/check_password.so{,.tmp}
767ab2
rm -f %{buildroot}%{_libdir}/openldap/*.so
d198f9
mv %{buildroot}%{_libdir}/openldap/check_password.so{.tmp,}
767ab2
767ab2
rm -f %{buildroot}%{_localstatedir}/openldap-data/DB_CONFIG.example
767ab2
rmdir %{buildroot}%{_localstatedir}/openldap-data
767ab2
767ab2
%post
767ab2
# create certificate database
767ab2
%{_libexecdir}/openldap/create-certdb.sh >&/dev/null || :
767ab2
d198f9
%postun
d198f9
#update only on package erase
d198f9
if [ $1 == 0 ]; then
d198f9
    /sbin/ldconfig
d198f9
fi
767ab2
767ab2
%pre servers
767ab2
767ab2
# create ldap user and group
767ab2
getent group ldap &>/dev/null || groupadd -r -g 55 ldap
767ab2
getent passwd ldap &>/dev/null || \
767ab2
	useradd -r -g ldap -u 55 -d %{_sharedstatedir}/ldap -s /sbin/nologin -c "OpenLDAP server" ldap
767ab2
767ab2
if [ $1 -eq 2 ]; then
767ab2
	# package upgrade
767ab2
767ab2
	old_version=$(rpm -q --qf=%%{version} openldap-servers)
767ab2
	new_version=%{version}
767ab2
767ab2
	if [ "$old_version" != "$new_version" ]; then
767ab2
		touch %{_sharedstatedir}/ldap/rpm_upgrade_openldap &>/dev/null
767ab2
	fi
767ab2
fi
767ab2
767ab2
exit 0
767ab2
767ab2
767ab2
%post servers
767ab2
d198f9
/sbin/ldconfig -n %{_libdir}/openldap
d198f9
767ab2
%systemd_post slapd.service
767ab2
767ab2
# generate sample TLS certificate for server (will not replace)
767ab2
%{_libexecdir}/openldap/generate-server-cert.sh -o &>/dev/null || :
767ab2
767ab2
# generate/upgrade configuration
767ab2
if [ ! -f %{_sysconfdir}/openldap/slapd.d/cn=config.ldif ]; then
767ab2
	if [ -f %{_sysconfdir}/openldap/slapd.conf ]; then
767ab2
		%{_libexecdir}/openldap/convert-config.sh &>/dev/null
767ab2
		mv %{_sysconfdir}/openldap/slapd.conf %{_sysconfdir}/openldap/slapd.conf.bak
767ab2
	else
767ab2
		%{_libexecdir}/openldap/convert-config.sh -f %{_datadir}/openldap-servers/slapd.ldif &>/dev/null
767ab2
	fi
767ab2
fi
767ab2
767ab2
start_slapd=0
767ab2
767ab2
# upgrade the database
767ab2
if [ -f %{_sharedstatedir}/ldap/rpm_upgrade_openldap ]; then
767ab2
	if %{systemctl_bin} --quiet is-active slapd.service; then
767ab2
		%{systemctl_bin} stop slapd.service
767ab2
		start_slapd=1
767ab2
	fi
767ab2
767ab2
	%{_libexecdir}/openldap/upgrade-db.sh &>/dev/null
767ab2
	rm -f %{_sharedstatedir}/ldap/rpm_upgrade_openldap
767ab2
fi
767ab2
edf356
# ensure ppolicy schema updated (bug #1487857)
edf356
if [ $1 -eq 2 ]; then
edf356
	if [ -f %{_sysconfdir}/openldap/slapd.d/cn=config.ldif ]; then
edf356
		%{_libexecdir}/openldap/update-ppolicy-schema.sh &>/dev/null
edf356
	fi
edf356
fi
edf356
767ab2
# conversion from /etc/sysconfig/ldap to /etc/sysconfig/slapd
767ab2
if [ $1 -eq 2 ]; then
767ab2
	# we expect that 'ldap' will be renamed to 'ldap.rpmsave' after removing the old package
edf356
	if [ -r %{_sysconfdir}/sysconfig/ldap ]; then
edf356
		source %{_sysconfdir}/sysconfig/ldap &>/dev/null
edf356
edf356
		new_urls=
edf356
		[ "$SLAPD_LDAP" != "no" ]   && new_urls="$new_urls ldap:///"
edf356
		[ "$SLAPD_LDAPI" != "no" ]  && new_urls="$new_urls ldapi:///"
edf356
		[ "$SLAPD_LDAPS" == "yes" ] && new_urls="$new_urls ldaps:///"
edf356
		[ -n "$SLAPD_URLS" ]        && new_urls="$new_urls $SLAPD_URLS"
edf356
edf356
		failure=0
edf356
		cp -f %{_sysconfdir}/sysconfig/slapd %{_sysconfdir}/sysconfig/slapd.rpmconvert
edf356
		sed -i '/^#\?SLAPD_URLS=/s@.*@SLAPD_URLS="'"$new_urls"'"@' %{_sysconfdir}/sysconfig/slapd.rpmconvert &>/dev/null || failure=1
edf356
		[ -n "$SLAPD_OPTIONS" ] && \
edf356
			sed -i '/^#\?SLAPD_OPTIONS=/s@.*$@SLAPD_OPTIONS="'"$SLAPD_OPTIONS"'"@' %{_sysconfdir}/sysconfig/slapd.rpmconvert &>/dev/null || failure=1
edf356
edf356
		if [ $failure -eq 0 ]; then
edf356
			mv -f %{_sysconfdir}/sysconfig/slapd.rpmconvert %{_sysconfdir}/sysconfig/slapd
edf356
		else
edf356
			rm -f %{_sysconfdir}/sysconfig/slapd.rpmconvert
edf356
		fi
767ab2
	fi
767ab2
fi
767ab2
767ab2
# restart after upgrade
767ab2
if [ $1 -ge 1 ]; then
767ab2
	if [ $start_slapd -eq 1 ]; then
767ab2
		%{systemctl_bin} start slapd.service &>/dev/null || :
767ab2
	else
767ab2
		%{systemctl_bin} condrestart slapd.service &>/dev/null || :
767ab2
	fi
767ab2
fi
767ab2
767ab2
exit 0
767ab2
767ab2
%preun servers
767ab2
767ab2
%systemd_preun slapd.service
767ab2
767ab2
767ab2
%postun servers
767ab2
d198f9
/sbin/ldconfig ${_libdir}/openldap
767ab2
%systemd_postun_with_restart slapd.service
767ab2
767ab2
767ab2
%triggerun servers -- openldap-servers < 2.4.26-6
767ab2
767ab2
# migration from SysV to systemd
767ab2
/usr/bin/systemd-sysv-convert --save slapd &>/dev/null || :
767ab2
/usr/sbin/chkconfig --del slapd &>/dev/null || :
767ab2
%{systemctl_bin} try-restart slapd.service &>/dev/null || :
767ab2
767ab2
767ab2
%triggerin servers -- libdb
767ab2
767ab2
# libdb upgrade (setup for %%triggerun)
767ab2
if [ $2 -eq 2 ]; then
767ab2
	# we are interested in minor version changes (both versions of libdb are installed at this moment)
767ab2
	if [ "$(rpm -q --qf="%%{version}\n" libdb | sed 's/\.[0-9]*$//' | sort -u | wc -l)" != "1" ]; then
767ab2
		touch %{_sharedstatedir}/ldap/rpm_upgrade_libdb
767ab2
	else
767ab2
		rm -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb
767ab2
	fi
767ab2
fi
767ab2
767ab2
exit 0
767ab2
767ab2
767ab2
%triggerun servers -- libdb
767ab2
767ab2
# libdb upgrade (finish %%triggerin)
767ab2
if [ -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb ]; then
767ab2
	if %{systemctl_bin} --quiet is-active slapd.service; then
767ab2
		%{systemctl_bin} stop slapd.service
767ab2
		start=1
767ab2
	else
767ab2
		start=0
767ab2
	fi
767ab2
767ab2
	%{_libexecdir}/openldap/upgrade-db.sh &>/dev/null
767ab2
	rm -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb
767ab2
767ab2
	[ $start -eq 1 ] && %{systemctl_bin} start slapd.service &>/dev/null
767ab2
fi
767ab2
767ab2
exit 0
767ab2
767ab2
767ab2
%files
767ab2
%doc openldap-%{version}/ANNOUNCEMENT
767ab2
%doc openldap-%{version}/CHANGES
767ab2
%doc openldap-%{version}/COPYRIGHT
767ab2
%doc openldap-%{version}/LICENSE
767ab2
%doc openldap-%{version}/README
767ab2
%dir %{_sysconfdir}/openldap
767ab2
%dir %{_sysconfdir}/openldap/certs
767ab2
%config(noreplace) %{_sysconfdir}/openldap/ldap.conf
767ab2
%dir %{_libexecdir}/openldap/
767ab2
%{_libexecdir}/openldap/create-certdb.sh
767ab2
%{_libdir}/liblber-2.4*.so.*
767ab2
%{_libdir}/libldap-2.4*.so.*
767ab2
%{_libdir}/libldap_r-2.4*.so.*
767ab2
%{_libdir}/libslapi-2.4*.so.*
767ab2
%{_mandir}/man5/ldif.5*
767ab2
%{_mandir}/man5/ldap.conf.5*
767ab2
767ab2
%files servers
767ab2
%doc openldap-%{version}/contrib/slapd-modules/smbk5pwd/README.smbk5pwd
767ab2
%doc openldap-%{version}/doc/guide/admin/*.html
767ab2
%doc openldap-%{version}/doc/guide/admin/*.png
767ab2
%doc openldap-%{version}/servers/slapd/back-perl/SampleLDAP.pm
767ab2
%doc openldap-%{version}/servers/slapd/back-perl/README.back_perl
767ab2
%doc openldap-%{version}/servers/slapd/back-perl/README.back_perl
767ab2
%doc ltb-project-openldap-ppolicy-check-password-%{check_password_version}/README.check_pwd
767ab2
%doc README.schema
767ab2
%config(noreplace) %dir %attr(0750,ldap,ldap) %{_sysconfdir}/openldap/slapd.d
767ab2
%config(noreplace) %{_sysconfdir}/openldap/schema
767ab2
%config(noreplace) %{_sysconfdir}/sysconfig/slapd
6756b0
%config(noreplace) %{_tmpfilesdir}/slapd.conf
767ab2
%config(noreplace) %{_sysconfdir}/openldap/check_password.conf
767ab2
%dir %attr(0700,ldap,ldap) %{_sharedstatedir}/ldap
767ab2
%dir %attr(-,ldap,ldap) %{_localstatedir}/run/openldap
767ab2
%{_unitdir}/slapd.service
767ab2
%{_datadir}/openldap-servers/
767ab2
%{_libdir}/openldap/accesslog*
767ab2
%{_libdir}/openldap/auditlog*
95f81a
%{_libdir}/openldap/allop*
767ab2
%{_libdir}/openldap/back_dnssrv*
767ab2
%{_libdir}/openldap/back_ldap*
767ab2
%{_libdir}/openldap/back_meta*
767ab2
%{_libdir}/openldap/back_null*
767ab2
%{_libdir}/openldap/back_passwd*
767ab2
%{_libdir}/openldap/back_relay*
767ab2
%{_libdir}/openldap/back_shell*
767ab2
%{_libdir}/openldap/back_sock*
767ab2
%{_libdir}/openldap/back_perl*
767ab2
%{_libdir}/openldap/collect*
767ab2
%{_libdir}/openldap/constraint*
767ab2
%{_libdir}/openldap/dds*
767ab2
%{_libdir}/openldap/deref*
767ab2
%{_libdir}/openldap/dyngroup*
767ab2
%{_libdir}/openldap/dynlist*
767ab2
%{_libdir}/openldap/memberof*
767ab2
%{_libdir}/openldap/pcache*
767ab2
%{_libdir}/openldap/ppolicy*
767ab2
%{_libdir}/openldap/refint*
767ab2
%{_libdir}/openldap/retcode*
767ab2
%{_libdir}/openldap/rwm*
767ab2
%{_libdir}/openldap/seqmod*
95f81a
%{_libdir}/openldap/pw-sha2*
767ab2
%{_libdir}/openldap/smbk5pwd*
767ab2
%{_libdir}/openldap/sssvlv*
767ab2
%{_libdir}/openldap/syncprov*
767ab2
%{_libdir}/openldap/translucent*
767ab2
%{_libdir}/openldap/unique*
767ab2
%{_libdir}/openldap/valsort*
767ab2
%{_libdir}/openldap/check_password*
767ab2
%{_libexecdir}/openldap/functions
767ab2
%{_libexecdir}/openldap/convert-config.sh
767ab2
%{_libexecdir}/openldap/check-config.sh
767ab2
%{_libexecdir}/openldap/upgrade-db.sh
767ab2
%{_libexecdir}/openldap/generate-server-cert.sh
edf356
%{_libexecdir}/openldap/update-ppolicy-schema.sh
a3e6a8
%{_libexecdir}/openldap/mdb_*
a3e6a8
%{_libexecdir}/openldap/man/man1/mdb_*
767ab2
%{_sbindir}/sl*
767ab2
%{_mandir}/man8/*
767ab2
%{_mandir}/man5/slapd*.5*
767ab2
%{_mandir}/man5/slapo-*.5*
767ab2
# obsolete configuration
767ab2
%ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf
767ab2
%ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf.bak
767ab2
767ab2
%files servers-sql
767ab2
%doc openldap-%{version}/servers/slapd/back-sql/docs/*
767ab2
%doc openldap-%{version}/servers/slapd/back-sql/rdbms_depend
767ab2
%{_libdir}/openldap/back_sql*
767ab2
767ab2
%files clients
767ab2
%{_bindir}/*
767ab2
%{_mandir}/man1/*
767ab2
767ab2
%files devel
767ab2
%doc openldap-%{version}/doc/drafts openldap-%{version}/doc/rfc
767ab2
%{_libdir}/lib*.so
767ab2
%{_includedir}/*
767ab2
%{_mandir}/man3/*
767ab2
767ab2
%changelog
d0f00d
* Tue Apr  3 2018 Matus Honek <mhonek@redhat.com> - 2.4.44-15
d0f00d
- Bump release to version 2.4.44-15
d0f00d
d0f00d
* Thu Mar 29 2018 Matus Honek <mhonek@redhat.com> - 2.4.44-14
d0f00d
- MozNSS Compat. Layer: Enforce fail when cannot extract CA certs (#1563080)
d0f00d
edf356
* Wed Jan 31 2018 Matus Honek <mhonek@redhat.com> - 2.4.44-13
edf356
- MozNSS Compat. Layer: fix recursive directory deletion (#1516409)
edf356
- MozNSS Compat. Layer: fix PIN disclaimer not always shown (#1516409)
edf356
- MozNSS Compat. Layer: fix incorrect parsing of CACertDir (#1533955)
edf356
edf356
* Thu Jan 11 2018 Matus Honek <mhonek@redhat.com> - 2.4.44-12
edf356
- MozNSS Compat. Layer: Ensure consistency of a PEM dir before usage (#1516409)
edf356
  + Warn just before use of a PIN about key file extraction
edf356
edf356
* Wed Jan 10 2018 Matus Honek <mhonek@redhat.com> - 2.4.44-11
edf356
- MozNSS Compat. Layer: Enable usage of NSS DB with PEM cert/key (#1525485)
edf356
  + Fix a possible invalid dereference (covscan)
edf356
edf356
* Tue Nov 28 2017 Matus Honek <mhonek@redhat.com> - 2.4.44-10
edf356
- Drop update-ppolicy-schema.sh scriptlet's output (#1487857)
edf356
- Fix issues in MozNSS compatibility layer (#1400578)
edf356
  + Force write file with fsync to avoid race conditions
edf356
  + Always filestamp both sql and dbm NSS DB variants to not rely on default DB type prefix
edf356
  + Allow missing cert and key which is a valid usecase
edf356
  + Create extraction folder only in /tmp to simplify selinux rules
edf356
  + Fix Covscan issues
edf356
edf356
* Fri Nov  3 2017 Matus Honek <mhonek@redhat.com> - 2.4.44-9
edf356
- Build with OpenSSL and MozNSS compatibility layer instead of MozNSS (#1400578)
edf356
edf356
* Thu Nov  2 2017 Matus Honek <mhonek@redhat.com> - 2.4.44-8
edf356
- fix: Upgrading to OpenLDAP >= 2.4.43 breaks server due to ppolicy changes (#1487857)
edf356
edf356
* Thu Nov  2 2017 Matus Honek <mhonek@redhat.com> - 2.4.44-7
edf356
- fix: Manpage incorrectly states ./ldaprc config file is used (#1498841)
edf356
edf356
* Thu Nov  2 2017 Matus Honek <mhonek@redhat.com> - 2.4.44-6
edf356
- fix: Upgrading openldap-servers does not restart slapd when rebasing (#1479309)
edf356
a3e6a8
* Tue Jun  6 2017 Matus Honek <mhonek@redhat.com> - 2.4.44-5
a3e6a8
- fix CVE-2017-9287 openldap: Double free vulnerability in servers/slapd/back-mdb/search.c (#1458210)
a3e6a8
a3e6a8
* Fri Mar 24 2017 Matus Honek <mhonek@redhat.com> - 2.4.44-4
a3e6a8
- NSS: Include some CHACHA20POLY1305 ciphers (#1432907)
a3e6a8
a3e6a8
* Wed Mar 15 2017 Matus Honek <mhonek@redhat.com> - 2.4.44-3
a3e6a8
- NSS: re-register NSS_Shutdown callback (#1405354)
a3e6a8
a3e6a8
* Wed Mar 15 2017 Matus Honek <mhonek@redhat.com> - 2.4.44-2
a3e6a8
- Include MDB tools in openldap-servers (#1428740)
a3e6a8
a3e6a8
* Wed Jan  4 2017 Matus Honek <mhonek@redhat.com> - 2.4.44-1
a3e6a8
- Rebase to openldap-2.4.44 (#1386365)
a3e6a8
95f81a
* Wed Aug 17 2016 Matus Honek <mhonek@redhat.com> - 2.4.40-13
95f81a
- fix: Bad log levels in check_password module
95f81a
- fix: We can't search expected entries from LDAP server
95f81a
- fix: OpenLDAP ciphersuite parsing doesn't match OpenSSL ciphers man page
95f81a
  + Add TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 to list of ciphers
95f81a
  + Add DH cipher string parsing option
95f81a
  + Correct handling kECDH ciphers with aRSA or aECDSA
95f81a
95f81a
* Fri Jul  1 2016 Matus Honek <mhonek@redhat.com> - 2.4.40-12
95f81a
- fix: slapd crash in do_search (#1316450)
95f81a
- fix: Setting olcTLSProtocolMin does not change supported protocols (#1249093)
95f81a
95f81a
* Mon May 30 2016 Matus Honek <mhonek@redhat.com> - 2.4.40-11
95f81a
- fix: correct inconsistent slapd.d directory permissions (#1255433)
95f81a
95f81a
* Mon May 30 2016 Matus Honek <mhonek@redhat.com> - 2.4.40-10
95f81a
- fix: slapd fails to start on boot (#1315958)
95f81a
- fix: id_query option is not available after rebasing openldap to 2.4.39 (#1311832)
95f81a
- Include sha2 module (#1292568)
95f81a
- Compile AllOp together with other overlays (#990893)
95f81a
- Missing mutex unlock in accesslog overlay (#1261003)
95f81a
- ITS#8337 fix missing olcDbChecksum config attr (#1292590)
95f81a
- ITS#8003 fix off-by-one in LDIF length (#1292619)
95f81a
76092a
* Mon Feb 22 2016 Matúš Honěk <mhonek@redhat.com> - 2.4.40-9
76092a
- fix: nslcd segfaults due to incorrect mutex initialization (#1294385)
76092a
d198f9
* Wed Sep 23 2015 Matúš Honěk <mhonek@redhat.com> - 2.4.40-8
d198f9
- NSS does not support string ordering (#1231522)
d198f9
- implement and correct order of parsing attributes (#1231522)
d198f9
- add multi_mask and multi_strength to correctly handle sets of attributes (#1231522)
d198f9
- add new cipher suites and correct AES-GCM attributes (#1245279)
d198f9
- correct DEFAULT ciphers handling to exclude eNULL cipher suites (#1245279)
d198f9
d198f9
* Mon Sep 14 2015 Matúš Honěk <mhonek@redhat.com> - 2.4.40-7
d198f9
- Merge two MozNSS cipher suite definition patches into one. (#1245279)
d198f9
- Use what NSS considers default for DEFAULT cipher string. (#1245279)
d198f9
- Remove unnecesary defaults from ciphers' definitions (#1245279)
d198f9
d198f9
* Tue Sep 01 2015 Matúš Honěk <mhonek@redhat.com> - 2.4.40-6
d198f9
- fix: OpenLDAP shared library destructor triggers memory leaks in NSPR (#1249977)
d198f9
d198f9
* Fri Jul 24 2015 Matúš Honěk <mhonek@redhat.com> - 2.4.40-5
d198f9
- enhancement: support TLS 1.1 and later (#1231522,#1160467)
d198f9
- fix: openldap ciphersuite parsing code handles masks incorrectly (#1231522)
d198f9
- fix the patch in commit da1b5c (fix: OpenLDAP crash in NSS shutdown handling) (#1231228)
d198f9
d198f9
* Mon Jun 29 2015 Matúš Honěk <mhonek@redhat.com> - 2.4.40-4
d198f9
- fix: rpm -V complains (#1230263) -- make the previous fix do what was intended
d198f9
d198f9
* Mon Jun 22 2015 Matúš Honěk <mhonek@redhat.com> - 2.4.40-3
d198f9
- fix: rpm -V complains (#1230263)
d198f9
d198f9
* Wed Jun  3 2015 Matúš Honěk <mhonek@redhat.com> - 2.4.40-2
d198f9
- fix: missing frontend database indexing (#1226600)
d198f9
d198f9
* Wed May 20 2015 Matúš Honěk <mhonek@redhat.com> - 2.4.40-1
d198f9
- new upstream release (#1147982)
d198f9
- fix: PIE and RELRO check (#1092562)
d198f9
- fix: slaptest doesn't convert perlModuleConfig lines (#1184585)
d198f9
- fix: OpenLDAP crash in NSS shutdown handling (#1158005)
d198f9
- fix: slapd.service may fail to start if binding to NIC ip (#1198781)
d198f9
- fix: deadlock during SSL_ForceHandshake when getting connection to replica (#1125152)
d198f9
- improve check_password (#1174723, #1196243)
d198f9
- provide an unversioned symlink to check_password.so.1.1 (#1174634)
d198f9
- add findutils to requires (#1209229)
5c2fcb
93fdd1
* Thu Dec  4 2014 Jan Synáček <jsynacek@redhat.com> - 2.4.39-6
93fdd1
- refix: slapd.ldif olcFrontend missing important/required objectclass (#1132094)
93fdd1
93fdd1
* Fri Nov 28 2014 Jan Synáček <jsynacek@redhat.com> - 2.4.39-5
93fdd1
- add documentation reference to service file (#1087288)
93fdd1
- fix: tls_reqcert try has bad behavior (#1027613)
93fdd1
93fdd1
* Tue Nov 25 2014 Jan Synáček <jsynacek@redhat.com> - 2.4.39-4
93fdd1
- support TLS 1.1 and later (#1160468)
93fdd1
- fix: /etc/openldap/certs directory is empty after installation (#1064251)
93fdd1
- fix: Typo in script to generate /usr/libexec/openldap/generate-server-cert.sh (#1087490)
93fdd1
- fix: remove correct tmp file when generating server cert (#1103101)
93fdd1
- fix: slapd.ldif olcFrontend missing important/required objectclass (#1132094)
93fdd1
6756b0
* Wed Feb 26 2014 Jan Synáček <jsynacek@redhat.com> - 2.4.39-3
6756b0
- move tmpfiles config to correct location (#1069513)
6756b0
6756b0
* Wed Feb  5 2014 Jan Synáček <jsynacek@redhat.com> - 2.4.39-2
6756b0
- CVE-2013-4449: segfault on certain queries with rwm overlay (#1061405)
6756b0
6756b0
* Thu Jan 30 2014 Jan Synáček <jsynacek@redhat.com> - 2.4.39-1
6756b0
- new upstream release (#1040324)
6756b0
6756b0
* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 2.4.35-12
6756b0
- Mass rebuild 2014-01-24
6756b0
6756b0
* Thu Jan 16 2014 Jan Synáček <jsynacek@redhat.com> - 2.4.35-11
6756b0
- fix: missing EOL at the end of default /etc/openldap/ldap.conf (#1053005)
6756b0
6756b0
* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 2.4.35-10
6756b0
- Mass rebuild 2013-12-27
6756b0
6756b0
* Tue Dec 17 2013 Jan Synáček <jsynacek@redhat.com> - 2.4.35-9
6756b0
- fix: more typos in manpages (#948562)
6756b0
6756b0
* Wed Nov 13 2013 Jan Synáček <jsynacek@redhat.com> - 2.4.35-8
6756b0
- fix: slaptest incorrectly handles 'include' directives containing a custom file (#1023415)
6756b0
767ab2
* Mon Oct 14 2013 Jan Synáček <jsynacek@redhat.com> - 2.4.35-7
767ab2
- fix: CLDAP is broken for IPv6 (#1007421)
767ab2
767ab2
* Wed Sep  4 2013 Jan Synáček <jsynacek@redhat.com> - 2.4.35-6
767ab2
- fix: typos in manpages (#948562)
767ab2
767ab2
* Fri Jun 14 2013 Jan Synáček <jsynacek@redhat.com> - 2.4.35-5
767ab2
- fix: using slaptest to convert slapd.conf to LDIF format ignores "loglevel 0"
767ab2
767ab2
* Thu May 09 2013 Jan Synáček <jsynacek@redhat.com> 2.4.35-4
767ab2
- do not needlessly run ldconfig after installing openldap-devel
767ab2
- fix: LDAPI with GSSAPI does not work if SASL_NOCANON=on (#960222)
767ab2
- fix: lt_dlopen() with back_perl (#960048)
767ab2
767ab2
* Tue Apr 09 2013 Jan Synáček <jsynacek@redhat.com> 2.4.35-3
767ab2
- fix: minor documentation fixes
767ab2
- set SASL_NOCANON to on by default (#949864)
767ab2
- remove trailing spaces
767ab2
767ab2
* Fri Apr 05 2013 Jan Synáček <jsynacek@redhat.com> 2.4.35-2
767ab2
- drop the evolution patch
767ab2
767ab2
* Tue Apr 02 2013 Jan Synáček <jsynacek@redhat.com> 2.4.35-1
767ab2
- new upstream release (#947235)
767ab2
- fix: slapd.service should ensure that network is up before starting (#946921)
767ab2
- fix: NSS related resource leak (#929357)
767ab2
767ab2
* Mon Mar 18 2013 Jan Synáček <jsynacek@redhat.com> 2.4.34-2
767ab2
- fix: syncrepl push DELETE operation does not recover (#920482)
767ab2
- run autoreconf every build, drop autoreconf patch (#926280)
767ab2
767ab2
* Mon Mar 11 2013 Jan Synáček <jsynacek@redhat.com> 2.4.34-1
767ab2
- enable perl backend (#820547)
767ab2
- package ppolicy-check-password (#829749)
767ab2
- add perl specific BuildRequires
767ab2
- fix bogus dates
767ab2
767ab2
* Wed Mar 06 2013 Jan Vcelak <jvcelak@fedoraproject.org> 2.4.34-1
767ab2
- new upstream release (#917603)
767ab2
- fix: slapcat segfaults if cn=config.ldif not present (#872784)
767ab2
- use systemd-rpm macros in spec file (#850247)
767ab2
767ab2
* Thu Jan 31 2013 Jan Synáček <jsynacek@redhat.com> 2.4.33-4
767ab2
- rebuild against new cyrus-sasl
767ab2
767ab2
* Wed Oct 31 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.33-3
767ab2
- fix update: libldap does not load PEM certificate if certdb is used as TLS_CACERTDIR (#857455)
767ab2
767ab2
* Fri Oct 12 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.33-2
767ab2
- fix: slapd with rwm overlay segfault following ldapmodify (#865685)
767ab2
767ab2
* Thu Oct 11 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.33-1
767ab2
- new upstream release:
767ab2
  + slapd: ACLs, syncrepl
767ab2
  + backends: locking and memory management in MDB
767ab2
  + manpages: slapo-refint
767ab2
- patch update: MozNSS certificate database in SQL format cannot be used (#860317)
767ab2
- fix: slapd.service should not use /tmp (#859019)
767ab2
767ab2
* Fri Sep 14 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.32-3
767ab2
- fix: some TLS ciphers cannot be enabled (#852338)
767ab2
- fix: connection hangs after fallback to second server when certificate hostname verification fails (#852476)
767ab2
- fix: not all certificates in OpenSSL compatible CA certificate directory format are loaded (#852786)
767ab2
- fix: MozNSS certificate database in SQL format cannot be used (#857373)
767ab2
- fix: libldap does not load PEM certificate if certdb is used as TLS_CACERTDIR (#857455)
767ab2
767ab2
* Mon Aug 20 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.32-2
767ab2
- enhancement: TLS, prefer private keys from authenticated slots
767ab2
- enhancement: TLS, allow certificate specification including token name
767ab2
- resolve TLS failures in replication in 389 Directory Server
767ab2
767ab2
* Wed Aug 01 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.32-1
767ab2
- new upstream release
767ab2
  + library: double free, SASL handling
767ab2
  + tools: read SASL_NOCANON from config file
767ab2
  + slapd: config index renumbering, duplicate error response
767ab2
  + backends: various fixes in mdb, bdb/hdb, ldap
767ab2
  + accesslog, syncprov: fix memory leaks in with replication
767ab2
  + sha2: portability, thread safety, support SSHA256,384,512
767ab2
  + documentation fixes
767ab2
767ab2
* Sat Jul 21 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.31-7
767ab2
- fix: slapd refuses to set up TLS with self-signed PEM certificate (#842022)
767ab2
767ab2
* Fri Jul 20 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.31-6
767ab2
- multilib fix: move libslapi from openldap-servers to openldap package
767ab2
767ab2
* Thu Jul 19 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.31-5
767ab2
- fix: querying for IPv6 DNS records when IPv6 is disabled on the host (#835013)
767ab2
- fix: smbk5pwd module computes invalid LM hashes (#841560)
767ab2
767ab2
* Wed Jul 18 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.31-4
767ab2
- modify the package build process
767ab2
  + fix autoconfig files to detect Mozilla NSS library using pkg-config
767ab2
  + remove compiler flags which are not needed currently
767ab2
  + build server, client and library together
767ab2
  + avoid stray dependencies by using --as-needed linker flag
767ab2
  + enable SLAPI interface in slapd
767ab2
767ab2
* Wed Jun 27 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.31-3
767ab2
- update fix: count constraint broken when using multiple modifications (#795766)
767ab2
- fix: invalid order of TLS shutdown operations (#808464)
767ab2
- fix: TLS error messages overwriting in tlsm_verify_cert() (#810462)
767ab2
- fix: reading pin from file can make all TLS connections hang (#829317)
767ab2
- CVE-2012-2668: cipher suite selection by name can be ignored (#825875)
767ab2
- fix: slapd fails to start on reboot (#829272)
767ab2
- fix: default cipher suite is always selected (#828790)
767ab2
- fix: less influence between individual TLS contexts:
767ab2
  - replication with TLS does not work (#795763)
767ab2
  - possibly others
767ab2
767ab2
* Fri May 18 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.31-2
767ab2
- fix: nss-tools package is required by the base package, not the server subpackage
767ab2
- fix: MozNSS CA certdir does not work together with PEM CA cert file (#819536)
767ab2
767ab2
* Tue Apr 24 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.31-1
767ab2
- new upstream release
767ab2
  + library: IPv6 url detection
767ab2
  + library: rebinding to failed connections
767ab2
  + server: various fixes in mdb backend
767ab2
  + server: various fixes in replication
767ab2
  + server: various fixes in overlays and minor backends
767ab2
  + documentation fixes
767ab2
- remove patches which were merged upstream
767ab2
767ab2
* Thu Apr 05 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.30-3
767ab2
- rebuild due to libdb rebase
767ab2
767ab2
* Mon Mar 26 2012 Jan Synáček <jsynacek@redhat.com> 2.4.30-2
767ab2
- fix: Re-binding to a failed connection can segfault (#784989)
767ab2
767ab2
* Thu Mar 01 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.30-1
767ab2
- new upstream release
767ab2
  + server: fixes in mdb backend
767ab2
  + server: fixes in manual pages
767ab2
  + server: fixes in syncprov, syncrepl, and pcache
767ab2
- removed patches which were merged upstream
767ab2
767ab2
* Wed Feb 22 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.29-4
767ab2
- fix: missing options in manual pages of client tools (#796232)
767ab2
- fix: SASL_NOCANON option missing in ldap.conf manual page (#732915)
767ab2
767ab2
* Tue Feb 21 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.29-3
767ab2
- fix: ldap_result does not succeed for sssd (#771484)
767ab2
- Jan Synáček <jsynacek@redhat.com>:
767ab2
  + fix: count constraint broken when using multiple modifications (#795766)
767ab2
767ab2
* Mon Feb 20 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.29-2
767ab2
- fix update: provide ldif2ldbm, not ldib2ldbm (#437104)
767ab2
- Jan Synáček <jsynacek@redhat.com>:
767ab2
  + unify systemctl binary paths throughout the specfile and make them usrmove compliant
767ab2
  + make path to chkconfig binary usrmove compliant
767ab2
767ab2
* Wed Feb 15 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.29-1
767ab2
- new upstream release
767ab2
  + MozNSS fixes
767ab2
  + connection handling fixes
767ab2
  + server: buxfixes in mdb backend
767ab2
  + server: buxfixes in overlays (syncrepl, meta, monitor, perl, sql, dds, rwm)
767ab2
- openldap-servers now provide ldib2ldbm (#437104)
767ab2
- certificates management improvements
767ab2
  + create empty Mozilla NSS certificate database during installation
767ab2
  + enable builtin Root CA in generated database (#789088)
767ab2
  + generate server certificate using Mozilla NSS tools instead of OpenSSL tools
767ab2
  + fix: correct path to check-config.sh in service file (Jan Synáček <jsynacek@redhat.com>)
767ab2
- temporarily disable certificates checking in check-config.sh script
767ab2
- fix: check-config.sh get stuck when executing command as a ldap user
767ab2
767ab2
* Tue Jan 31 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.28-3
767ab2
- fix: replication (syncrepl) with TLS causes segfault (#783431)
767ab2
- fix: slapd segfaults when PEM certificate is used and key is not set (#772890)
767ab2
767ab2
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.28-2
767ab2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
767ab2
767ab2
* Wed Nov 30 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.28-1
767ab2
- new upstream release
767ab2
  + server: support for delta-syncrepl in multi master replication
767ab2
  + server: add experimental backend - MDB
767ab2
  + server: dynamic configuration for passwd, perl, shell, sock, and sql backends
767ab2
  + server: support passwords in APR1
767ab2
  + library: support for Wahl (draft)
767ab2
  + a lot of bugfixes
767ab2
- remove patches which were merged upstream
767ab2
- compile backends as modules (except BDB, HDB, and monitor)
767ab2
- reload systemd daemon after installation
767ab2
767ab2
* Tue Nov 01 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.26-6
767ab2
- package cleanup:
767ab2
  + hardened build: switch from LDFLAGS to RPM macros
767ab2
  + remove old provides and obsoletes
767ab2
  + add new slapd maintainance scripts
767ab2
  + drop defattr macros, clean up permissions in specfile
767ab2
  + fix rpmlint warnings: macros in comments/changelog
767ab2
  + fix rpmlint warnings: non UTF-8 documentation
767ab2
  + rename environment file to be more consistent (ldap -> slapd)
767ab2
- replace sysv initscript with systemd service file (#
767ab2
- new format of environment file due to switch to systemd
767ab2
  (automatic conversion is performed)
767ab2
- patch OpenLDAP to skip empty command line arguments
767ab2
  (arguments expansion in systemd works different than in shell)
767ab2
- CVE-2011-4079: one-byte buffer overflow in slapd (#749324)
767ab2
767ab2
* Thu Oct 06 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.26-5
767ab2
- rebuild: openldap does not work after libdb rebase (#743824)
767ab2
- regression fix: openldap built without tcp_wrappers (#743213)
767ab2
767ab2
* Wed Sep 21 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.26-4
767ab2
- new feature update: honor priority/weight with ldap_domain2hostlist (#733078)
767ab2
767ab2
* Mon Sep 12 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.26-3
767ab2
- fix: SSL_ForceHandshake function is not thread safe (#701678)
767ab2
- fix: allow unsetting of tls_* syncrepl options (#734187)
767ab2
767ab2
* Wed Aug 24 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.26-2
767ab2
- security hardening: library needs partial RELRO support added (#733071)
767ab2
- fix: NSS_Init* functions are not thread safe (#731112)
767ab2
- fix: incorrect behavior of allow/try options of VerifyCert and TLS_REQCERT (#725819)
767ab2
- fix: memleak - free the return of tlsm_find_and_verify_cert_key (#725818)
767ab2
- fix: conversion of constraint overlay settings to cn=config is incorrect (#733067)
767ab2
- fix: DDS overlay tolerance parametr doesn't function and breakes default TTL (#733069)
767ab2
- manpage fix: errors in manual page slapo-unique (#733070)
767ab2
- fix: matching wildcard hostnames in certificate Subject field does not work (#733073)
767ab2
- new feature: honor priority/weight with ldap_domain2hostlist (#733078)
767ab2
- manpage fix: wrong ldap_sync_destroy() prototype in ldap_sync(3) manpage (#717722)
767ab2
767ab2
* Sun Aug 14 2011 Rex Dieter <rdieter@fedoraproject.org> - 2.4.26-1.1
767ab2
- Rebuilt for rpm (#728707)
767ab2
767ab2
* Wed Jul 20 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.26-1
767ab2
- rebase to new upstream release
767ab2
- fix: memleak in tlsm_auth_cert_handler (#717730)
767ab2
767ab2
* Mon Jun 27 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.25-1
767ab2
- rebase to new upstream release
767ab2
- change default database type from BDB to HDB
767ab2
- enable ldapi:/// interface by default
767ab2
- set cn=config management ACLs for root user, SASL external schema (#712495)
767ab2
- fix: server scriptlets require initscripts package (#716857)
767ab2
- fix: connection fails if TLS_CACERTDIR doesn't exist but TLS_REQCERT
767ab2
  is set to 'never' (#716854)
767ab2
- fix: segmentation fault caused by double-free in ldapexop (#699683)
767ab2
- fix: segmentation fault of client tool when input line in LDIF file
767ab2
  is splitted but indented incorrectly (#716855)
767ab2
- fix: segmentation fault of client tool when LDIF input file is not terminated
767ab2
  by a new line character (#716858)
767ab2
767ab2
* Fri Mar 18 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.24-2
767ab2
- new: system resource limiting for slapd using ulimit
767ab2
- fix update: openldap can't use TLS after a fork() (#636956)
767ab2
- fix: possible null pointer dereference in NSS implementation
767ab2
- fix: openldap-servers upgrade hangs or do not upgrade the database (#664433)
767ab2
767ab2
* Mon Feb 14 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.24-1
767ab2
- rebase to 2.4.24
767ab2
- BDB backend switch from DB4 to DB5
767ab2
767ab2
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.23-9
767ab2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
767ab2
767ab2
* Wed Feb 02 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.23-8
767ab2
- fix update: openldap can't use TLS after a fork() (#636956)
767ab2
767ab2
* Tue Jan 25 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.23-7
767ab2
- fix: openldap can't use TLS after a fork() (#636956)
767ab2
- fix: openldap-server upgrade gets stuck when the database is damaged (#664433)
767ab2
767ab2
* Thu Jan 20 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.23-6
767ab2
- fix: some server certificates refused with inadequate type error (#668899)
767ab2
- fix: default encryption strength dropped in switch to using NSS (#669446)
767ab2
- systemd compatibility: add configuration file (#656647, #668223)
767ab2
767ab2
* Thu Jan 06 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.23-5
767ab2
- initscript: slaptest with '-u' to skip database opening (#667768)
767ab2
- removed slurpd options from sysconfig/ldap
767ab2
- fix: verification of self issued certificates (#657984)
767ab2
767ab2
* Mon Nov 22 2010 Jan Vcelak <jvcelak@redhat.com> 2.4.23-4
767ab2
- Mozilla NSS - implement full non-blocking semantics
767ab2
  ldapsearch -Z hangs server if starttls fails (#652822)
767ab2
- updated list of all overlays in slapd.conf (#655899)
767ab2
- fix database upgrade process (#656257)
767ab2
767ab2
* Thu Nov 18 2010 Jan Vcelak <jvcelak@redhat.com> 2.4.23-3
767ab2
- add support for multiple prefixed Mozilla NSS database files in TLS_CACERTDIR
767ab2
- reject non-file keyfiles in TLS_CACERTDIR (#652315)
767ab2
- TLS_CACERTDIR precedence over TLS_CACERT (#652304)
767ab2
- accept only files in hash.0 format in TLS_CACERTDIR (#650288)
767ab2
- improve SSL/TLS trace messages (#652818)
767ab2
767ab2
* Mon Nov 01 2010 Jan Vcelak <jvcelak@redhat.com> 2.4.23-2
767ab2
- fix possible infinite loop when checking permissions of TLS files (#641946)
767ab2
- removed outdated autofs.schema (#643045)
767ab2
- removed outdated README.upgrade
767ab2
- removed relics of migrationtools
767ab2
767ab2
* Fri Aug 27 2010 Jan Vcelak <jvcelak@redhat.com> 2.4.23-1
767ab2
- rebase to 2.4.23
767ab2
- embeded db4 library removed
767ab2
- removed bogus links in "SEE ALSO" in several man-pages (#624616)
767ab2
767ab2
* Thu Jul 22 2010 Jan Vcelak <jvcelak@redhat.com> 2.4.22-7
767ab2
- Mozilla NSS - delay token auth until needed (#616552)
767ab2
- Mozilla NSS - support use of self signed CA certs as server certs (#614545)
767ab2
767ab2
* Tue Jul 20 2010 Jan Vcelak <jvcelak@redhat.com> - 2.4.22-6
767ab2
- CVE-2010-0211 openldap: modrdn processing uninitialized pointer free (#605448)
767ab2
- CVE-2010-0212 openldap: modrdn processing IA5StringNormalize NULL pointer dereference (#605452)
767ab2
- obsolete configuration file moved to /usr/share/openldap-servers (#612602)
767ab2
767ab2
* Thu Jul 01 2010 Jan Zeleny <jzeleny@redhat.com> - 2.4.22-5
767ab2
- another shot at previous fix
767ab2
767ab2
* Thu Jul 01 2010 Jan Zeleny <jzeleny@redhat.com> - 2.4.22-4
767ab2
- fixed issue with owner of /usr/lib/ldap/__db.* (#609523)
767ab2
767ab2
* Thu Jun  3 2010 Rich Megginson <rmeggins@redhat.com> - 2.4.22-3
767ab2
- added ldif.h to the public api in the devel package
767ab2
- added -lldif to the public api
767ab2
- added HAVE_MOZNSS and other flags to use Mozilla NSS for crypto
767ab2
767ab2
* Tue May 18 2010 Jan Zeleny <jzeleny@redhat.com> - 2.4.22-2
767ab2
- rebuild with connectionless support (#587722)
767ab2
- updated autofs schema (#584808)
767ab2
767ab2
* Tue May 04 2010 Jan Zeleny <jzeleny@redhat.com> - 2.4.22-1
767ab2
- rebased to 2.4.22 (mostly bugfixes, added back-ldif, back-null testing support)
767ab2
- due to some possible issues pointed out in last update testing phase, I'm
767ab2
  pulling back the last change (slapd can't be moved since it depends on /usr
767ab2
  possibly mounted from network)
767ab2
767ab2
* Fri Mar 19 2010 Jan Zeleny <jzeleny@redhat.com> - 2.4.21-6
767ab2
- moved slapd to start earlier during boot sequence
767ab2
767ab2
* Tue Mar 16 2010 Jan Zeleny <jzeleny@redhat.com> - 2.4.21-5
767ab2
- minor corrections of init script (#571235, #570057, #573804)
767ab2
767ab2
* Wed Feb 24 2010 Jan Zeleny <jzeleny@redhat.com> - 2.4.21-4
767ab2
- fixed SIGSEGV when deleting data using hdb (#562227)
767ab2
767ab2
* Mon Feb 01 2010 Jan Zeleny <jzeleny@redhat.com> - 2.4.21-3
767ab2
- fixed broken link /usr/sbin/slapschema (#559873)
767ab2
767ab2
* Tue Jan 19 2010 Jan Zeleny <jzeleny@redhat.com> - 2.4.21-2
767ab2
- removed some static libraries from openldap-devel (#556090)
767ab2
767ab2
* Mon Jan 11 2010 Jan Zeleny <jzeleny@redhat.com> - 2.4.21-1
767ab2
- rebased openldap to 2.4.21
767ab2
- rebased bdb to 4.8.26
767ab2
767ab2
* Mon Nov 23 2009 Jan Zeleny <jzeleny@redhat.com> - 2.4.19-3
767ab2
- minor corrections in init script
767ab2
767ab2
* Mon Nov 16 2009 Jan Zeleny <jzeleny@redhat.com> - 2.4.19-2
767ab2
- fixed tls connection accepting when TLSVerifyClient = allow
767ab2
- /etc/openldap/ldap.conf removed from files owned by openldap-servers
767ab2
- minor changes in spec file to supress warnings
767ab2
- some changes in init script, so it would be possible to use it when
767ab2
  using old configuration style
767ab2
767ab2
* Fri Nov 06 2009 Jan Zeleny <jzeleny@redhat.com> - 2.4.19-1
767ab2
- rebased openldap to 2.4.19
767ab2
- rebased bdb to 4.8.24
767ab2
767ab2
* Wed Oct 07 2009 Jan Zeleny <jzeleny@redhat.com> 2.4.18-4
767ab2
- updated smbk5pwd patch to be linked with libldap (#526500)
767ab2
- the last buffer overflow patch replaced with the one from upstream
767ab2
- added /etc/openldap/slapd.d and /etc/openldap/slapd.conf.bak
767ab2
  to files owned by openldap-servers
767ab2
767ab2
* Thu Sep 24 2009 Jan Zeleny <jzeleny@redhat.com> 2.4.18-3
767ab2
- cleanup of previous patch fixing buffer overflow
767ab2
767ab2
* Tue Sep 22 2009 Jan Zeleny <jzeleny@redhat.com> 2.4.18-2
767ab2
- changed configuration approach. Instead od slapd.conf slapd
767ab2
  is using slapd.d directory now
767ab2
- fix of some issues caused by renaming of init script
767ab2
- fix of buffer overflow issue in ldif.c pointed out by new glibc
767ab2
767ab2
* Fri Sep 18 2009 Jan Zeleny <jzeleny@redhat.com> 2.4.18-1
767ab2
- rebase of openldap to 2.4.18
767ab2
767ab2
* Wed Sep 16 2009 Jan Zeleny <jzeleny@redhat.com> 2.4.16-7
767ab2
- updated documentation (hashing the cacert dir)
767ab2
767ab2
* Wed Sep 16 2009 Jan Zeleny <jzeleny@redhat.com> 2.4.16-6
767ab2
- updated init script to be LSB-compliant (#523434)
767ab2
- init script renamed to slapd
767ab2
767ab2
* Thu Aug 27 2009 Tomas Mraz <tmraz@redhat.com> - 2.4.16-5
767ab2
- rebuilt with new openssl
767ab2
767ab2
* Tue Aug 25 2009 Jan Zeleny <jzeleny@redhat.com> 2.4.16-4
767ab2
- updated %%pre script to correctly install openldap group
767ab2
767ab2
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.16-2
767ab2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
767ab2
767ab2
* Wed Jul 01 2009 Jan Zeleny <jzeleny@redhat.com> 2.4.16-1
767ab2
- rebase of openldap to 2.4.16
767ab2
- fixed minor issue in spec file (output looking interactive
767ab2
  when installing servers)
767ab2
767ab2
* Tue Jun 09 2009 Jan Zeleny <jzeleny@redhat.com> 2.4.15-4
767ab2
- added $SLAPD_URLS variable to init script (#504504)
767ab2
767ab2
* Thu Apr 09 2009 Jan Zeleny <jzeleny@redhat.com> 2.4.15-3
767ab2
- extended previous patch (#481310) to remove options cfMP
767ab2
  from some client tools
767ab2
- correction of patch setugid (#494330)
767ab2
767ab2
* Thu Mar 26 2009 Jan Zeleny <jzeleny@redhat.com> 2.4.15-2
767ab2
- removed -f option from some client tools (#481310)
767ab2
767ab2
* Wed Feb 25 2009 Jan Safranek <jsafranek@redhat.com> 2.4.15-1
767ab2
- new upstream release
767ab2
767ab2
* Tue Feb 17 2009 Jan Safranek <jsafranek@redhat.com> 2.4.14-1
767ab2
- new upstream release
767ab2
- upgraded to db-4.7.25
767ab2
767ab2
* Sat Jan 17 2009 Tomas Mraz <tmraz@redhat.com> 2.4.12-3
767ab2
- rebuild with new openssl
767ab2
767ab2
* Mon Dec 15 2008 Caolán McNamara <caolanm@redhat.com> 2.4.12-2
767ab2
- rebuild for libltdl, i.e. copy config.sub|guess from new location
767ab2
767ab2
* Wed Oct 15 2008 Jan Safranek <jsafranek@redhat.com> 2.4.12-1
767ab2
- new upstream release
767ab2
767ab2
* Mon Oct 13 2008 Jan Safranek <jsafranek@redhat.com> 2.4.11-3
767ab2
- add SLAPD_SHUTDOWN_TIMEOUT to /etc/sysconfig/ldap, allowing admins
767ab2
  to set non-default slapd shutdown timeout
767ab2
- add checkpoint to default slapd.conf file (#458679)
767ab2
767ab2
* Mon Sep  1 2008 Jan Safranek <jsafranek@redhat.com> 2.4.11-2
767ab2
- provide ldif2ldbm functionality for migrationtools
767ab2
- rediff all patches to get rid of patch fuzz
767ab2
767ab2
* Mon Jul 21 2008 Jan Safranek <jsafranek@redhat.com> 2.4.11-1
767ab2
- new upstream release
767ab2
- apply official bdb-4.6.21 patches
767ab2
767ab2
* Wed Jul  2 2008 Jan Safranek <jsafranek@redhat.com> 2.4.10-2
767ab2
- fix CVE-2008-2952 (#453728)
767ab2
767ab2
* Thu Jun 12 2008 Jan Safranek <jsafranek@redhat.com> 2.4.10-1
767ab2
- new upstream release
767ab2
767ab2
* Wed May 28 2008 Jan Safranek <jsafranek@redhat.com> 2.4.9-5
767ab2
- use /sbin/nologin as shell of ldap user (#447919)
767ab2
767ab2
* Tue May 13 2008 Jan Safranek <jsafranek@redhat.com> 2.4.9-4
767ab2
- new upstream release
767ab2
- removed unnecessary MigrationTools patches
767ab2
767ab2
* Thu Apr 10 2008 Jan Safranek <jsafranek@redhat.com> 2.4.8-4
767ab2
- bdb upgraded to 4.6.21
767ab2
- reworked upgrade logic again to run db_upgrade when bdb version
767ab2
  changes
767ab2
767ab2
* Wed Mar  5 2008 Jan Safranek <jsafranek@redhat.com> 2.4.8-3
767ab2
- reworked the upgrade logic, slapcat/slapadd of the whole database
767ab2
  is needed only if minor version changes (2.3.x -> 2.4.y)
767ab2
- do not try to save database in LDIF format, if openldap-servers package
767ab2
  is  being removed (it's up to the admin to do so manually)
767ab2
767ab2
* Thu Feb 28 2008 Jan Safranek <jsafranek@redhat.com> 2.4.8-2
767ab2
- migration tools carved out to standalone package "migrationtools"
767ab2
  (#236697)
767ab2
767ab2
* Fri Feb 22 2008 Jan Safranek <jsafranek@redhat.com> 2.4.8-1
767ab2
- new upstream release
767ab2
767ab2
* Fri Feb  8 2008 Jan Safranek <jsafranek@redhat.com> 2.4.7-7
767ab2
- fix CVE-2008-0658 (#432014)
767ab2
767ab2
* Mon Jan 28 2008 Jan Safranek <jsafranek@redhat.com> 2.4.7-6
767ab2
- init script fixes
767ab2
767ab2
* Mon Jan 28 2008 Jan Safranek <jsafranek@redhat.com> 2.4.7-5
767ab2
- init script made LSB-compliant (#247012)
767ab2
767ab2
* Fri Jan 25 2008 Jan Safranek <jsafranek@redhat.com> 2.4.7-4
767ab2
- fixed rpmlint warnings and errors
767ab2
  - /etc/openldap/schema/README moved to /usr/share/doc/openldap
767ab2
767ab2
* Tue Jan 22 2008 Jan Safranek <jsafranek@redhat.com> 2.4.7-3
767ab2
- obsoleting compat-openldap properly again :)
767ab2
767ab2
* Tue Jan 22 2008 Jan Safranek <jsafranek@redhat.com> 2.4.7-2
767ab2
- obsoleting compat-openldap properly (#429591)
767ab2
767ab2
* Mon Jan 14 2008 Jan Safranek <jsafranek@redhat.com> 2.4.7-1
767ab2
- new upstream version (openldap-2.4.7)
767ab2
767ab2
* Mon Dec  3 2007 Jan Safranek <jsafranek@redhat.com> 2.4.6-1
767ab2
- new upstream version (openldap-2.4)
767ab2
- deprecating compat- package
767ab2
767ab2
* Mon Nov  5 2007 Jan Safranek <jsafranek@redhat.com> 2.3.39-1
767ab2
- new upstream release
767ab2
767ab2
* Tue Oct 23 2007 Jan Safranek <jsafranek@redhat.com> 2.3.38-4
767ab2
- fixed multilib issues - all platform independent files have the
767ab2
  same content now (#342791)
767ab2
767ab2
* Thu Oct  4 2007 Jan Safranek <jsafranek@redhat.com> 2.3.38-3
767ab2
- BDB downgraded back to 4.4.20 because 4.6.18 is not supported by
767ab2
  openldap (#314821)
767ab2
767ab2
* Mon Sep 17 2007 Jan Safranek <jsafranek@redhat.com> 2.3.38-2
767ab2
- skeleton /etc/sysconfig/ldap added
767ab2
- new SLAPD_LDAP option to turn off listening on ldap:/// (#292591)
767ab2
- fixed checking of SSL (#292611)
767ab2
- fixed upgrade with empty database
767ab2
767ab2
* Thu Sep  6 2007 Jan Safranek <jsafranek@redhat.com> 2.3.38-1
767ab2
- new upstream version
767ab2
- added images to the guide.html (#273581)
767ab2
767ab2
* Wed Aug 22 2007 Jan Safranek <jsafranek@redhat.com> 2.3.37-3
767ab2
- just rebuild
767ab2
767ab2
* Thu Aug  2 2007 Jan Safranek <jsafranek@redhat.com> 2.3.37-2
767ab2
- do not use specific automake and autoconf
767ab2
- do not distinguish between NPTL and non-NPTL platforms, we have NPTL
767ab2
  everywhere
767ab2
- db-4.6.18 integrated
767ab2
- updated openldap-servers License: field to reference BDB license
767ab2
767ab2
* Tue Jul 31 2007 Jan Safranek <jsafranek@redhat.com> 2.3.37-1
767ab2
- new upstream version
767ab2
767ab2
* Fri Jul 20 2007 Jan Safranek <jsafranek@redhat.com> 2.3.34-7
767ab2
- MigrationTools-47 integrated
767ab2
767ab2
* Wed Jul  4 2007 Jan Safranek <jsafranek@redhat.com> 2.3.34-6
767ab2
- fix compat-slapcat compilation. Now it can be found in
767ab2
  /usr/lib/compat-openldap/slapcat, because the tool checks argv[0]
767ab2
  (#246581)
767ab2
767ab2
* Fri Jun 29 2007 Jan Safranek <jsafranek@redhat.com> 2.3.34-5
767ab2
- smbk5pwd added (#220895)
767ab2
- correctly distribute modules between servers and servers-sql packages
767ab2
767ab2
* Mon Jun 25 2007 Jan Safranek <jsafranek@redhat.com> 2.3.34-4
767ab2
- Fix initscript return codes (#242667)
767ab2
- Provide overlays (as modules; #246036, #245896)
767ab2
- Add available modules to config file
767ab2
767ab2
* Tue May 22 2007 Jan Safranek <jsafranek@redhat.com> 2.3.34-3
767ab2
- do not create script in /tmp on startup (bz#188298)
767ab2
- add compat-slapcat to openldap-compat (bz#179378)
767ab2
- do not import ddp services with migrate_services.pl
767ab2
  (bz#201183)
767ab2
- sort the hosts by adders, preventing duplicities
767ab2
  in migrate*nis*.pl (bz#201540)
767ab2
- start slupd for each replicated database (bz#210155)
767ab2
- add ldconfig to devel post/postun (bz#240253)
767ab2
- include misc.schema in default slapd.conf (bz#147805)
767ab2
767ab2
* Mon Apr 23 2007 Jan Safranek <jsafranek@redhat.com> 2.3.34-2
767ab2
- slapadd during package update is now quiet (bz#224581)
767ab2
- use _localstatedir instead of var/ during build (bz#220970)
767ab2
- bind-libbind-devel removed from BuildRequires (bz#216851)
767ab2
- slaptest is now quiet during service ldap start, if
767ab2
  there is no error/warning (bz#143697)
767ab2
- libldap_r.so now links with pthread (bz#198226)
767ab2
- do not strip binaries to produce correct .debuginfo packages
767ab2
  (bz#152516)
767ab2
767ab2
* Mon Feb 19 2007 Jay Fenlason <fenlason<redhat.com> 2.3.34-1
767ab2
- New upstream release
767ab2
- Upgrade the scripts for migrating the database so that they might
767ab2
  actually work.
767ab2
- change bind-libbind-devel to bind-devel in BuildPreReq
767ab2
767ab2
* Mon Dec  4 2006 Thomas Woerner <twoerner@redhat.com> 2.3.30-1.1
767ab2
- tcp_wrappers has a new devel and libs sub package, therefore changing build
767ab2
  requirement for tcp_wrappers to tcp_wrappers-devel
767ab2
767ab2
* Wed Nov 15 2006 Jay Fenlason <fenlason@redhat.com> 2.3.30-1
767ab2
- New upstream version
767ab2
767ab2
* Wed Oct 25 2006 Jay Fenlason <fenlason@redhat.com> 2.3.28-1
767ab2
- New upstream version
767ab2
767ab2
* Sun Oct 01 2006 Jesse Keating <jkeating@redhat.com> - 2.3.27-4
767ab2
- rebuilt for unwind info generation, broken in gcc-4.1.1-21
767ab2
767ab2
* Mon Sep 18 2006 Jay Fenlason <fenlason@redhat.com> 2.3.27-3
767ab2
- Include --enable-multimaster to close
767ab2
  bz#185821: adding slapd_multimaster to the configure options
767ab2
- Upgade guide.html to the correct one for openladp-2.3.27, closing
767ab2
  bz#190383: openldap 2.3 packages contain the administrator's guide for 2.2
767ab2
- Remove the quotes from around the slaptestflags in ldap.init
767ab2
  This closes one part of
767ab2
  bz#204593: service ldap fails after having added entries to ldap
767ab2
- include __db.* in the list of files to check ownership of in
767ab2
  ldap.init, as suggested in
767ab2
  bz#199322: RFE: perform cleanup in ldap.init
767ab2
767ab2
* Fri Aug 25 2006 Jay Fenlason <fenlason@redhat.com> 2.3.27-2
767ab2
- New upstream release
767ab2
- Include the gethostbyname_r patch so that nss_ldap won't hang
767ab2
  on recursive attemts to ldap_initialize.
767ab2
767ab2
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 2.3.24-2.1
767ab2
- rebuild
767ab2
767ab2
* Wed Jun 7 2006 Jay Fenlason <fenlason@redhat.com> 2.3.24-2
767ab2
- New upstream version
767ab2
767ab2
* Thu Apr 27 2006 Jay Fenlason <fenlason@redhat.com> 2.3.21-2
767ab2
- Upgrade to 2.3.21
767ab2
- Add two upstream patches for db-4.4.20
767ab2
767ab2
* Mon Feb 13 2006 Jay Fenlason <fenlason@redhat.com> 2.3.19-4
767ab2
- Re-fix ldap.init
767ab2
767ab2
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 2.3.19-3.1
767ab2
- bump again for double-long bug on ppc(64)
767ab2
767ab2
* Thu Feb 9 2006 Jay Fenlason <fenlason@redhat.com> 2.3.19-3
767ab2
- Modify the ldap.init script to call runuser correctly.
767ab2
767ab2
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 2.3.19-2.1
767ab2
- rebuilt for new gcc4.1 snapshot and glibc changes
767ab2
767ab2
* Tue Jan 10 2006 Jay Fenlason <fenlason@redhat.com> 2.3.19-2
767ab2
- Upgrade to 2.3.19, which upstream now considers stable
767ab2
- Modify the -config.patch, ldap.init, and this spec file to put the
767ab2
  pid file and args file in an ldap-owned openldap subdirectory under
767ab2
  /var/run.
767ab2
- Move back_sql* out of _sbindir/openldap , which requires
767ab2
  hand-moving slapd and slurpd to _sbindir, and recreating symlinks
767ab2
  by hand.
767ab2
- Retire openldap-2.3.11-ads.patch, which went upstream.
767ab2
- Update the ldap.init script to run slaptest as the ldap user rather
767ab2
  than as root.  This solves
767ab2
  bz#150172 Startup failure after database problem
767ab2
- Add to the servers post and preun scriptlets so that on preun, the
767ab2
  database is slapcatted to /var/lib/ldap/upgrade.ldif and the
767ab2
  database files are saved to /var/lib/ldap/rpmorig.  On post, if
767ab2
  /var/lib/ldap/upgrade.ldif exists, it is slapadded.  This means that
767ab2
  on upgrades from 2.3.16-2 to higher versions, the database files may
767ab2
  be automatically upgraded.  Unfortunatly, because of the changes to
767ab2
  the preun scriptlet, users have to do the slapcat, etc by hand when
767ab2
  upgrading to 2.3.16-2.  Also note that the /var/lib/ldap/rpmorig
767ab2
  files need to be removed by hand because automatically removing your
767ab2
  emergency fallback files is a bad idea.
767ab2
- Upgrade internal bdb to db-4.4.20.  For a clean upgrade, this will
767ab2
  require that users slapcat their databases into a temp file, move
767ab2
  /var/lib/ldap someplace safe, upgrade the openldap rpms, then
767ab2
  slapadd the temp file.
767ab2
767ab2
767ab2
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
767ab2
- rebuilt
767ab2
767ab2
* Mon Nov 21 2005 Jay Fenlason <fenlason@redhat.com> 2.3.11-3
767ab2
- Remove Requires: cyrus-sasl and cyrus-sasl-md5 from openldap- and
767ab2
  compat-openldap- to close
767ab2
  bz#173313 Remove exlicit 'Requires: cyrus-sasl" + 'Requires: cyrus-sasl-md5'
767ab2
767ab2
* Thu Nov 10 2005 Jay Fenlason <fenlason@redhat.com> 2.3.11-2
767ab2
- Upgrade to 2.3.11, which upstream now considers stable.
767ab2
- Switch compat-openldap to 2.2.29
767ab2
- remove references to nss_ldap_build from the spec file
767ab2
- remove references to 2.0 and 2.1 from the spec file.
767ab2
- reorganize the build() function slightly in the spec file to limit the
767ab2
  number of redundant and conflicting options passedto configure.
767ab2
- Remove the attempt to hardlink ldapmodify and ldapadd together, since
767ab2
  the current make install make ldapadd a symlink to ldapmodify.
767ab2
- Include the -ads patches to allow SASL binds to an Active Directory
767ab2
  server to work.  Nalin <nalin@redhat.com> wrote the patch, based on my
767ab2
  broken first attempt.
767ab2
767ab2
* Thu Nov 10 2005 Tomas Mraz <tmraz@redhat.com> 2.2.29-3
767ab2
- rebuilt against new openssl
767ab2
767ab2
* Mon Oct 10 2005 Jay Fenlason <fenlason@redhat.com> 2.2.29-2
767ab2
- New upstream version.
767ab2
767ab2
* Thu Sep 29 2005 Jay Fenlason <fenlason@redhat.com> 2.2.28-2
767ab2
- Upgrade to nev upstream version.  This makes the 2.2.*-hop patch obsolete.
767ab2
767ab2
* Mon Aug 22 2005 Jay Fenlason <fenlason@redhat.com> 2.2.26-2
767ab2
- Move the slapd.pem file to /etc/pki/tls/certs
767ab2
  and edit the -config patch to match to close
767ab2
  bz#143393  Creates certificates + keys at an insecure/bad place
767ab2
- also use _sysconfdir instead of hard-coding /etc
767ab2
767ab2
* Thu Aug 11 2005 Jay Fenlason <fenlason@redhat.com>
767ab2
- Add the tls-fix-connection-test patch to close
767ab2
  bz#161991 openldap password disclosure issue
767ab2
- add the hop patches to prevent infinite looping when chasing referrals.
767ab2
  OpenLDAP ITS #3578
767ab2
767ab2
* Fri Aug  5 2005 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- fix typo in ldap.init (call $klist instead of klist, from Charles Lopes)
767ab2
767ab2
* Thu May 19 2005 Nalin Dahyabhai <nalin@redhat.com> 2.2.26-1
767ab2
- run slaptest with the -u flag if no id2entry db files are found, because
767ab2
  you can't check for read-write access to a non-existent database (#156787)
767ab2
- add _sysconfdir/openldap/cacerts, which authconfig sets as the
767ab2
  TLS_CACERTDIR path in /etc/openldap/ldap.conf now
767ab2
- use a temporary wrapper script to launch slapd, in case we have arguments
767ab2
  with embedded whitespace (#158111)
767ab2
767ab2
* Wed May  4 2005 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to 2.2.26 (stable 20050429)
767ab2
- enable the lmpasswd scheme
767ab2
- print a warning if slaptest fails, slaptest -u succeeds, and one of the
767ab2
  directories listed as the storage location for a given suffix in slapd.conf
767ab2
  contains a readable file named __db.001 (#118678)
767ab2
767ab2
* Tue Apr 26 2005 Nalin Dahyabhai <nalin@redhat.com> 2.2.25-1
767ab2
- update to 2.2.25 (release)
767ab2
767ab2
* Tue Apr 26 2005 Nalin Dahyabhai <nalin@redhat.com> 2.2.24-1
767ab2
- update to 2.2.24 (stable 20050318)
767ab2
- export KRB5_KTNAME in the init script, in case it was set in the sysconfig
767ab2
  file but not exported
767ab2
767ab2
* Tue Mar  1 2005 Nalin Dahyabhai <nalin@redhat.com> 2.2.23-4
767ab2
- prefer libresolv to libbind
767ab2
767ab2
* Tue Mar  1 2005 Nalin Dahyabhai <nalin@redhat.com> 2.2.23-3
767ab2
- add bind-libbind-devel and libtool-ltdl-devel buildprereqs
767ab2
767ab2
* Tue Mar  1 2005 Tomas Mraz <tmraz@redhat.com> 2.2.23-2
767ab2
- rebuild with openssl-0.9.7e
767ab2
767ab2
* Mon Jan 31 2005 Nalin Dahyabhai <nalin@redhat.com> 2.2.23-1
767ab2
- update to 2.2.23 (stable-20050125)
767ab2
- update notes on upgrading from earlier versions
767ab2
- drop slapcat variations for 2.0/2.1, which choke on 2.2's config files
767ab2
767ab2
* Tue Jan  4 2005 Nalin Dahyabhai <nalin@redhat.com> 2.2.20-1
767ab2
- update to 2.2.20 (stable-20050103)
767ab2
- warn about unreadable krb5 keytab files containing "ldap" keys
767ab2
- warn about unreadable TLS-related files
767ab2
- own a ref to subdirectories which we create under _libdir/tls
767ab2
767ab2
* Tue Nov  2 2004 Nalin Dahyabhai <nalin@redhat.com> 2.2.17-0
767ab2
- rebuild
767ab2
767ab2
* Thu Sep 30 2004 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to 2.2.17 (stable-20040923) (#135188)
767ab2
- move nptl libraries into arch-specific subdirectories on x86 boxes
767ab2
- require a newer glibc which can provide nptl libpthread on i486/i586
767ab2
767ab2
* Tue Aug 24 2004 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- move slapd startup to earlier in the boot sequence (#103160)
767ab2
- update to 2.2.15 (stable-20040822)
767ab2
- change version number on compat-openldap to include the non-compat version
767ab2
  from which it's compiled, otherwise would have to start 2.2.15 at release 3
767ab2
  so that it upgrades correctly
767ab2
767ab2
* Thu Aug 19 2004 Nalin Dahyabhai <nalin@redhat.com> 2.2.13-2
767ab2
- build a separate, static set of libraries for openldap-devel with the
767ab2
  non-standard ntlm bind patch applied, for use by the evolution-connector
767ab2
  package (#125579), and installing them under
767ab2
  evolution_connector_prefix)
767ab2
- provide openldap-evolution-devel = version-release in openldap-devel
767ab2
  so that evolution-connector's source package can require a version of
767ab2
  openldap-devel which provides what it wants
767ab2
767ab2
* Mon Jul 26 2004 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update administrator guide
767ab2
767ab2
* Wed Jun 16 2004 Nalin Dahyabhai <nalin@redhat.com> 2.2.13-1
767ab2
- add compat-openldap subpackage
767ab2
- default to bdb, as upstream does, gambling that we're only going to be
767ab2
  on systems with nptl now
767ab2
767ab2
* Tue Jun 15 2004 Nalin Dahyabhai <nalin@redhat.com> 2.2.13-0
767ab2
- preliminary 2.2.13 update
767ab2
- move ucdata to the -servers subpackage where it belongs
767ab2
767ab2
* Tue Jun 15 2004 Nalin Dahyabhai <nalin@redhat.com> 2.1.30-1
767ab2
- build experimental sql backend as a loadable module
767ab2
767ab2
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
767ab2
- rebuilt
767ab2
767ab2
* Tue May 18 2004 Nalin Dahyabhai <nalin@redhat.com> 2.1.30-0
767ab2
- update to 2.1.30
767ab2
767ab2
* Thu May 13 2004 Thomas Woerner <twoerner@redhat.com> 2.1.29-3
767ab2
- removed rpath
767ab2
- added pie patch: slapd and slurpd are now pie
767ab2
- requires libtool >= 1.5.6-2 (PIC libltdl.a)
767ab2
767ab2
* Fri Apr 16 2004 Nalin Dahyabhai <nalin@redhat.com> 2.1.29-2
767ab2
- move rfc documentation from main to -devel (#121025)
767ab2
767ab2
* Wed Apr 14 2004 Nalin Dahyabhai <nalin@redhat.com> 2.1.29-1
767ab2
- rebuild
767ab2
767ab2
* Tue Apr  6 2004 Nalin Dahyabhai <nalin@redhat.com> 2.1.29-0
767ab2
- update to 2.1.29 (stable 20040329)
767ab2
767ab2
* Mon Mar 29 2004 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- don't build servers with --with-kpasswd, that option hasn't been recognized
767ab2
  since 2.1.23
767ab2
767ab2
* Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com> 2.1.25-5.1
767ab2
- rebuilt
767ab2
767ab2
* Mon Feb 23 2004 Tim Waugh <twaugh@redhat.com> 2.1.25-5
767ab2
- Use ':' instead of '.' as separator for chown.
767ab2
767ab2
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
767ab2
- rebuilt
767ab2
767ab2
* Tue Feb 10 2004 Nalin Dahyabhai <nalin@redhat.com> 2.1.25-4
767ab2
- remove 'reload' from the init script -- it never worked as intended (#115310)
767ab2
767ab2
* Wed Feb  4 2004 Nalin Dahyabhai <nalin@redhat.com> 2.1.25-3
767ab2
- commit that last fix correctly this time
767ab2
767ab2
* Tue Feb  3 2004 Nalin Dahyabhai <nalin@redhat.com> 2.1.25-2
767ab2
- fix incorrect use of find when attempting to detect a common permissions
767ab2
  error in the init script (#114866)
767ab2
767ab2
* Fri Jan 16 2004 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- add bug fix patch for DB 4.2.52
767ab2
767ab2
* Thu Jan  8 2004 Nalin Dahyabhai <nalin@redhat.com> 2.1.25-1
767ab2
- change logging facility used from daemon to local4 (#112730, reversing #11047)
767ab2
  BEHAVIOR CHANGE - SHOULD BE MENTIONED IN THE RELEASE NOTES.
767ab2
767ab2
* Wed Jan  7 2004 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- incorporate fix for logic quasi-bug in slapd's SASL auxprop code (Dave Jones)
767ab2
767ab2
* Thu Dec 18 2003 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to 2.1.25, now marked STABLE
767ab2
767ab2
* Thu Dec 11 2003 Jeff Johnson <jbj@jbj.org> 2.1.22-9
767ab2
- update to db-4.2.52.
767ab2
767ab2
* Thu Oct 23 2003 Nalin Dahyabhai <nalin@redhat.com> 2.1.22-8
767ab2
- add another section to the ABI note for the TLS libdb so that it's marked as
767ab2
  not needing an executable stack (from Arjan Van de Ven)
767ab2
767ab2
* Thu Oct 16 2003 Nalin Dahyabhai <nalin@redhat.com> 2.1.22-7
767ab2
- force bundled libdb to not use O_DIRECT by making it forget that we have it
767ab2
767ab2
* Wed Oct 15 2003 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- build bundled libdb for slapd dynamically to make the package smaller,
767ab2
  among other things
767ab2
- on tls-capable arches, build libdb both with and without shared posix
767ab2
  mutexes, otherwise just without
767ab2
- disable posix mutexes unconditionally for db 4.0, which shouldn't need
767ab2
  them for the migration cases where it's used
767ab2
- update to MigrationTools 45
767ab2
767ab2
* Thu Sep 25 2003 Jeff Johnson <jbj@jbj.org> 2.1.22-6.1
767ab2
- upgrade db-4.1.25 to db-4.2.42.
767ab2
767ab2
* Fri Sep 12 2003 Nalin Dahyabhai <nalin@redhat.com> 2.1.22-6
767ab2
- drop rfc822-MailMember.schema, merged into upstream misc.schema at some point
767ab2
767ab2
* Wed Aug 27 2003 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- actually require newer libtool, as was intended back in 2.1.22-0, noted as
767ab2
  missed by Jim Richardson
767ab2
767ab2
* Fri Jul 25 2003 Nalin Dahyabhai <nalin@redhat.com> 2.1.22-5
767ab2
- enable rlookups, they don't cost anything unless also enabled in slapd's
767ab2
  configuration file
767ab2
767ab2
* Tue Jul 22 2003 Nalin Dahyabhai <nalin@redhat.com> 2.1.22-4
767ab2
- rebuild
767ab2
767ab2
* Thu Jul 17 2003 Nalin Dahyabhai <nalin@redhat.com> 2.1.22-3
767ab2
- rebuild
767ab2
767ab2
* Wed Jul 16 2003 Nalin Dahyabhai <nalin@redhat.com> 2.1.22-2
767ab2
- rebuild
767ab2
767ab2
* Tue Jul 15 2003 Nalin Dahyabhai <nalin@redhat.com> 2.1.22-1
767ab2
- build
767ab2
767ab2
* Mon Jul 14 2003 Nalin Dahyabhai <nalin@redhat.com> 2.1.22-0
767ab2
- 2.1.22 now badged stable
767ab2
- be more aggressive in what we index by default
767ab2
- use/require libtool 1.5
767ab2
767ab2
* Mon Jun 30 2003 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to 2.1.22
767ab2
767ab2
* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
767ab2
- rebuilt
767ab2
767ab2
* Tue Jun  3 2003 Nalin Dahyabhai <nalin@redhat.com> 2.1.21-1
767ab2
- update to 2.1.21
767ab2
- enable ldap, meta, monitor, null, rewrite in slapd
767ab2
767ab2
* Mon May 19 2003 Nalin Dahyabhai <nalin@redhat.com> 2.1.20-1
767ab2
- update to 2.1.20
767ab2
767ab2
* Thu May  8 2003 Nalin Dahyabhai <nalin@redhat.com> 2.1.19-1
767ab2
- update to 2.1.19
767ab2
767ab2
* Mon May  5 2003 Nalin Dahyabhai <nalin@redhat.com> 2.1.17-1
767ab2
- switch to db with crypto
767ab2
767ab2
* Fri May  2 2003 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- install the db utils for the bundled libdb as %%{_sbindir}/slapd_db_*
767ab2
- install slapcat/slapadd from 2.0.x for migration purposes
767ab2
767ab2
* Wed Apr 30 2003 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to 2.1.17
767ab2
- disable the shell backend, not expected to work well with threads
767ab2
- drop the kerberosSecurityObject schema, the krbName attribute it
767ab2
  contains is only used if slapd is built with v2 kbind support
767ab2
767ab2
* Mon Feb 10 2003 Nalin Dahyabhai <nalin@redhat.com> 2.0.27-8
767ab2
- back down to db 4.0.x, which 2.0.x can compile with in ldbm-over-db setups
767ab2
- tweak SuSE patch to fix a few copy-paste errors and a NULL dereference
767ab2
767ab2
* Wed Jan 22 2003 Tim Powers <timp@redhat.com>
767ab2
- rebuilt
767ab2
767ab2
* Tue Jan  7 2003 Nalin Dahyabhai <nalin@redhat.com> 2.0.27-6
767ab2
- rebuild
767ab2
767ab2
* Mon Dec 16 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.27-5
767ab2
- rebuild
767ab2
767ab2
* Fri Dec 13 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.27-4
767ab2
- check for setgid as well
767ab2
767ab2
* Thu Dec 12 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.27-3
767ab2
- rebuild
767ab2
767ab2
* Thu Dec 12 2002 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- incorporate fixes from SuSE's security audit, except for fixes to ITS 1963,
767ab2
  1936, 2007, 2009, which were included in 2.0.26.
767ab2
- add two more patches for db 4.1.24 from sleepycat's updates page
767ab2
- use openssl pkgconfig data, if any is available
767ab2
767ab2
* Mon Nov 11 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.27-2
767ab2
- add patches for db 4.1.24 from sleepycat's updates page
767ab2
767ab2
* Mon Nov  4 2002 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- add a sample TLSCACertificateFile directive to the default slapd.conf
767ab2
767ab2
* Tue Sep 24 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.27-1
767ab2
- update to 2.0.27
767ab2
767ab2
* Fri Sep 20 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.26-1
767ab2
- update to 2.0.26, db 4.1.24.NC
767ab2
767ab2
* Fri Sep 13 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.25-2
767ab2
- change LD_FLAGS to refer to /usr/kerberos/_libdir instead of
767ab2
  /usr/kerberos/lib, which might not be right on some arches
767ab2
767ab2
* Mon Aug 26 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.25-1
767ab2
- update to 2.0.25 "stable", ldbm-over-gdbm (putting off migration of LDBM
767ab2
  slapd databases until we move to 2.1.x)
767ab2
- use %%{_smp_mflags} when running make
767ab2
- update to MigrationTools 44
767ab2
- enable dynamic module support in slapd
767ab2
767ab2
* Thu May 16 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.23-5
767ab2
- rebuild in new environment
767ab2
767ab2
* Wed Feb 20 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.23-3
767ab2
- use the gdbm backend again
767ab2
767ab2
* Mon Feb 18 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.23-2
767ab2
- make slapd.conf read/write by root, read by ldap
767ab2
767ab2
* Sun Feb 17 2002 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- fix corner case in sendbuf fix
767ab2
- 2.0.23 now marked "stable"
767ab2
767ab2
* Tue Feb 12 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.23-1
767ab2
- update to 2.0.23
767ab2
767ab2
* Fri Feb  8 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.22-2
767ab2
- switch to an internalized Berkeley DB as the ldbm back-end  (NOTE: this breaks
767ab2
  access to existing on-disk directory data)
767ab2
- add slapcat/slapadd with gdbm for migration purposes
767ab2
- remove Kerberos dependency in client libs (the direct Kerberos dependency
767ab2
  is used by the server for checking {kerberos} passwords)
767ab2
767ab2
* Fri Feb  1 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.22-1
767ab2
- update to 2.0.22
767ab2
767ab2
* Sat Jan 26 2002 Florian La Roche <Florian.LaRoche@redhat.de> 2.0.21-5
767ab2
- prereq chkconfig for server subpackage
767ab2
767ab2
* Fri Jan 25 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.21-4
767ab2
- update migration tools to version 40
767ab2
767ab2
* Wed Jan 23 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.21-3
767ab2
- free ride through the build system
767ab2
767ab2
* Wed Jan 16 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.21-2
767ab2
- update to 2.0.21, now earmarked as STABLE
767ab2
767ab2
* Wed Jan 16 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.20-2
767ab2
- temporarily disable optimizations for ia64 arches
767ab2
- specify pthreads at configure-time instead of letting configure guess
767ab2
767ab2
* Mon Jan 14 2002 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- and one for Raw Hide
767ab2
767ab2
* Mon Jan 14 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.20-0.7
767ab2
- build for RHL 7/7.1
767ab2
767ab2
* Mon Jan 14 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.20-1
767ab2
- update to 2.0.20 (security errata)
767ab2
767ab2
* Thu Dec 20 2001 Nalin Dahyabhai <nalin@redhat.com> 2.0.19-1
767ab2
- update to 2.0.19
767ab2
767ab2
* Tue Nov  6 2001 Nalin Dahyabhai <nalin@redhat.com> 2.0.18-2
767ab2
- fix the commented-out replication example in slapd.conf
767ab2
767ab2
* Fri Oct 26 2001 Nalin Dahyabhai <nalin@redhat.com> 2.0.18-1
767ab2
- update to 2.0.18
767ab2
767ab2
* Mon Oct 15 2001 Nalin Dahyabhai <nalin@redhat.com> 2.0.17-1
767ab2
- update to 2.0.17
767ab2
767ab2
* Wed Oct 10 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- disable kbind support (deprecated, and I suspect unused)
767ab2
- configure with --with-kerberos=k5only instead of --with-kerberos=k5
767ab2
- build slapd with threads
767ab2
767ab2
* Thu Sep 27 2001 Nalin Dahyabhai <nalin@redhat.com> 2.0.15-2
767ab2
- rebuild, 2.0.15 is now designated stable
767ab2
767ab2
* Fri Sep 21 2001 Nalin Dahyabhai <nalin@redhat.com> 2.0.15-1
767ab2
- update to 2.0.15
767ab2
767ab2
* Mon Sep 10 2001 Nalin Dahyabhai <nalin@redhat.com> 2.0.14-1
767ab2
- update to 2.0.14
767ab2
767ab2
* Fri Aug 31 2001 Nalin Dahyabhai <nalin@redhat.com> 2.0.12-1
767ab2
- update to 2.0.12 to pull in fixes for setting of default TLS options, among
767ab2
  other things
767ab2
- update to migration tools 39
767ab2
- drop tls patch, which was fixed better in this release
767ab2
767ab2
* Tue Aug 21 2001 Nalin Dahyabhai <nalin@redhat.com> 2.0.11-13
767ab2
- install saucer correctly
767ab2
767ab2
* Thu Aug 16 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- try to fix ldap_set_options not being able to set global options related
767ab2
  to TLS correctly
767ab2
767ab2
* Thu Aug  9 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- don't attempt to create a cert at install-time, it's usually going
767ab2
  to get the wrong CN (#51352)
767ab2
767ab2
* Mon Aug  6 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- add a build-time requirement on pam-devel
767ab2
- add a build-time requirement on a sufficiently-new libtool to link
767ab2
  shared libraries to other shared libraries (which is needed in order
767ab2
  for prelinking to work)
767ab2
767ab2
* Fri Aug  3 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- require cyrus-sasl-md5 (support for DIGEST-MD5 is required for RFC
767ab2
  compliance) by name (follows from #43079, which split cyrus-sasl's
767ab2
  cram-md5 and digest-md5 modules out into cyrus-sasl-md5)
767ab2
767ab2
* Fri Jul 20 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- enable passwd back-end (noted by Alan Sparks and Sergio Kessler)
767ab2
767ab2
* Wed Jul 18 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- start to prep for errata release
767ab2
767ab2
* Fri Jul  6 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- link libldap with liblber
767ab2
767ab2
* Wed Jul  4 2001 Than Ngo <than@redhat.com> 2.0.11-6
767ab2
- add symlink liblber.so libldap.so and libldap_r.so in /usr/lib
767ab2
767ab2
* Tue Jul  3 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- move shared libraries to /lib
767ab2
- redo init script for better internationalization (#26154)
767ab2
- don't use ldaprc files in the current directory (#38402) (patch from
767ab2
  hps@intermeta.de)
767ab2
- add BuildPrereq on tcp wrappers since we configure with
767ab2
  --enable-wrappers (#43707)
767ab2
- don't overflow debug buffer in mail500 (#41751)
767ab2
- don't call krb5_free_creds instead of krb5_free_cred_contents any
767ab2
  more (#43159)
767ab2
767ab2
* Mon Jul  2 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- make config files noreplace (#42831)
767ab2
767ab2
* Tue Jun 26 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- actually change the default config to use the dummy cert
767ab2
- update to MigrationTools 38
767ab2
767ab2
* Mon Jun 25 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- build dummy certificate in %%post, use it in default config
767ab2
- configure-time shenanigans to help a confused configure script
767ab2
767ab2
* Wed Jun 20 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- tweak migrate_automount and friends so that they can be run from anywhere
767ab2
767ab2
* Thu May 24 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to 2.0.11
767ab2
767ab2
* Wed May 23 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to 2.0.10
767ab2
767ab2
* Mon May 21 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to 2.0.9
767ab2
767ab2
* Tue May 15 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to 2.0.8
767ab2
- drop patch which came from upstream
767ab2
767ab2
* Fri Mar  2 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- rebuild in new environment
767ab2
767ab2
* Thu Feb  8 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- back out pidfile patches, which interact weirdly with Linux threads
767ab2
- mark non-standard schema as such by moving them to a different directory
767ab2
767ab2
* Mon Feb  5 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to MigrationTools 36, adds netgroup support
767ab2
767ab2
* Mon Jan 29 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- fix thinko in that last patch
767ab2
767ab2
* Thu Jan 25 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- try to work around some buffering problems
767ab2
767ab2
* Tue Jan 23 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- gettextize the init script
767ab2
767ab2
* Thu Jan 18 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- gettextize the init script
767ab2
767ab2
* Fri Jan 12 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- move the RFCs to the base package (#21701)
767ab2
- update to MigrationTools 34
767ab2
767ab2
* Wed Jan 10 2001 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- add support for additional OPTIONS, SLAPD_OPTIONS, and SLURPD_OPTIONS in
767ab2
  a /etc/sysconfig/ldap file (#23549)
767ab2
767ab2
* Fri Dec 29 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- change automount object OID from 1.3.6.1.1.1.2.9 to 1.3.6.1.1.1.2.13,
767ab2
  per mail from the ldap-nis mailing list
767ab2
767ab2
* Tue Dec  5 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- force -fPIC so that shared libraries don't fall over
767ab2
767ab2
* Mon Dec  4 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- add Norbert Klasen's patch (via Del) to fix searches using ldaps URLs
767ab2
  (OpenLDAP ITS #889)
767ab2
- add "-h ldaps:///" to server init when TLS is enabled, in order to support
767ab2
  ldaps in addition to the regular STARTTLS (suggested by Del)
767ab2
767ab2
* Mon Nov 27 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- correct mismatched-dn-cn bug in migrate_automount.pl
767ab2
767ab2
* Mon Nov 20 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to the correct OIDs for automount and automountInformation
767ab2
- add notes on upgrading
767ab2
767ab2
* Tue Nov  7 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to 2.0.7
767ab2
- drop chdir patch (went mainstream)
767ab2
767ab2
* Thu Nov  2 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- change automount object classes from auxiliary to structural
767ab2
767ab2
* Tue Oct 31 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to Migration Tools 27
767ab2
- change the sense of the last simple patch
767ab2
767ab2
* Wed Oct 25 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- reorganize the patch list to separate MigrationTools and OpenLDAP patches
767ab2
- switch to Luke Howard's rfc822MailMember schema instead of the aliases.schema
767ab2
- configure slapd to run as the non-root user "ldap" (#19370)
767ab2
- chdir() before chroot() (we don't use chroot, though) (#19369)
767ab2
- disable saving of the pid file because the parent thread which saves it and
767ab2
  the child thread which listens have different pids
767ab2
767ab2
* Wed Oct 11 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- add missing required attributes to conversion scripts to comply with schema
767ab2
- add schema for mail aliases, autofs, and kerberosSecurityObject rooted in
767ab2
  our own OID tree to define attributes and classes migration scripts expect
767ab2
- tweak automounter migration script
767ab2
767ab2
* Mon Oct  9 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- try adding the suffix first when doing online migrations
767ab2
- force ldapadd to use simple authentication in migration scripts
767ab2
- add indexing of a few attributes to the default configuration
767ab2
- add commented-out section on using TLS to default configuration
767ab2
767ab2
* Thu Oct  5 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to 2.0.6
767ab2
- add buildprereq on cyrus-sasl-devel, krb5-devel, openssl-devel
767ab2
- take the -s flag off of slapadd invocations in migration tools
767ab2
- add the cosine.schema to the default server config, needed by inetorgperson
767ab2
767ab2
* Wed Oct  4 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- add the nis.schema and inetorgperson.schema to the default server config
767ab2
- make ldapadd a hard link to ldapmodify because they're identical binaries
767ab2
767ab2
* Fri Sep 22 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to 2.0.4
767ab2
767ab2
* Fri Sep 15 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- remove prereq on /etc/init.d (#17531)
767ab2
- update to 2.0.3
767ab2
- add saucer to the included clients
767ab2
767ab2
* Wed Sep  6 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to 2.0.1
767ab2
767ab2
* Fri Sep  1 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to 2.0.0
767ab2
- patch to build against MIT Kerberos 1.1 and later instead of 1.0.x
767ab2
767ab2
* Tue Aug 22 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- remove that pesky default password
767ab2
- change "Copyright:" to "License:"
767ab2
767ab2
* Sun Aug 13 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- adjust permissions in files lists
767ab2
- move libexecdir from %%{_prefix}/sbin to %%{_sbindir}
767ab2
767ab2
* Fri Aug 11 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- add migrate_automount.pl to the migration scripts set
767ab2
767ab2
* Tue Aug  8 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- build a semistatic slurpd with threads, everything else without
767ab2
- disable reverse lookups, per email on OpenLDAP mailing lists
767ab2
- make sure the execute bits are set on the shared libraries
767ab2
767ab2
* Mon Jul 31 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- change logging facility used from local4 to daemon (#11047)
767ab2
767ab2
* Thu Jul 27 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- split off clients and servers to shrink down the package and remove the
767ab2
  base package's dependency on Perl
767ab2
- make certain that the binaries have sane permissions
767ab2
767ab2
* Mon Jul 17 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- move the init script back
767ab2
767ab2
* Thu Jul 13 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- tweak the init script to only source /etc/sysconfig/network if it's found
767ab2
767ab2
* Wed Jul 12 2000 Prospector <bugzilla@redhat.com>
767ab2
- automatic rebuild
767ab2
767ab2
* Mon Jul 10 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- switch to gdbm; I'm getting off the db merry-go-round
767ab2
- tweak the init script some more
767ab2
- add instdir to @INC in migration scripts
767ab2
767ab2
* Thu Jul  6 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- tweak init script to return error codes properly
767ab2
- change initscripts dependency to one on /etc/init.d
767ab2
767ab2
* Tue Jul  4 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- prereq initscripts
767ab2
- make migration scripts use mktemp
767ab2
767ab2
* Tue Jun 27 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- do condrestart in post and stop in preun
767ab2
- move init script to /etc/init.d
767ab2
767ab2
* Fri Jun 16 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to 1.2.11
767ab2
- add condrestart logic to init script
767ab2
- munge migration scripts so that you don't have to be
767ab2
  /usr/share/openldap/migration to run them
767ab2
- add code to create pid files in /var/run
767ab2
767ab2
* Mon Jun  5 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- FHS tweaks
767ab2
- fix for compiling with libdb2
767ab2
767ab2
* Thu May  4 2000 Bill Nottingham <notting@redhat.com>
767ab2
- minor tweak so it builds on ia64
767ab2
767ab2
* Wed May  3 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- more minimalistic fix for bug #11111 after consultation with OpenLDAP team
767ab2
- backport replacement for the ldapuser patch
767ab2
767ab2
* Tue May  2 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- fix segfaults from queries with commas in them in in.xfingerd (bug #11111)
767ab2
767ab2
* Tue Apr 25 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to 1.2.10
767ab2
- add revamped version of patch from kos@bastard.net to allow execution as
767ab2
  any non-root user
767ab2
- remove test suite from %%build because of weirdness in the build system
767ab2
767ab2
* Wed Apr 12 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- move the defaults for databases and whatnot to /var/lib/ldap (bug #10714)
767ab2
- fix some possible string-handling problems
767ab2
767ab2
* Mon Feb 14 2000 Bill Nottingham <notting@redhat.com>
767ab2
- start earlier, stop later.
767ab2
767ab2
* Thu Feb  3 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- auto rebuild in new environment (release 4)
767ab2
767ab2
* Tue Feb  1 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- add -D_REENTRANT to make threaded stuff more stable, even though it looks
767ab2
  like the sources define it, too
767ab2
- mark *.ph files in migration tools as config files
767ab2
767ab2
* Fri Jan 21 2000 Nalin Dahyabhai <nalin@redhat.com>
767ab2
- update to 1.2.9
767ab2
767ab2
* Mon Sep 13 1999 Bill Nottingham <notting@redhat.com>
767ab2
- strip files
767ab2
767ab2
* Sat Sep 11 1999 Bill Nottingham <notting@redhat.com>
767ab2
- update to 1.2.7
767ab2
- fix some bugs from bugzilla (#4885, #4887, #4888, #4967)
767ab2
- take include files out of base package
767ab2
767ab2
* Fri Aug 27 1999 Jeff Johnson <jbj@redhat.com>
767ab2
- missing ;; in init script reload) (#4734).
767ab2
767ab2
* Tue Aug 24 1999 Cristian Gafton <gafton@redhat.com>
767ab2
- move stuff from /usr/libexec to /usr/sbin
767ab2
- relocate config dirs to /etc/openldap
767ab2
767ab2
* Mon Aug 16 1999 Bill Nottingham <notting@redhat.com>
767ab2
- initscript munging
767ab2
767ab2
* Wed Aug 11 1999 Cristian Gafton <gafton@redhat.com>
767ab2
- add the migration tools to the package
767ab2
767ab2
* Fri Aug 06 1999 Cristian Gafton <gafton@redhat.com>
767ab2
- upgrade to 1.2.6
767ab2
- add rc.d script
767ab2
- split -devel package
767ab2
767ab2
* Sun Feb 07 1999 Preston Brown <pbrown@redhat.com>
767ab2
- upgrade to latest stable (1.1.4), it now uses configure macro.
767ab2
767ab2
* Fri Jan 15 1999 Bill Nottingham <notting@redhat.com>
767ab2
- build on arm, glibc2.1
767ab2
767ab2
* Wed Oct 28 1998 Preston Brown <pbrown@redhat.com>
767ab2
- initial cut.
767ab2
- patches for signal handling on the alpha