[ipa/f14/master] bz 658832
Simo Sorce
simo at fedoraproject.org
Fri Jan 28 19:07:29 UTC 2011
commit 59997f734bab6be231a9ef1e51a67745760c1608
Author: Rich Megginson <rmeggins at redhat.com>
Date: Thu Jan 27 15:28:47 2011 -0700
bz 658832
...ldap-instead-of-mozldap-for-slapi-plugins.patch | 404 ++++++++++++++++++++
ipa.spec | 7 +-
2 files changed, 410 insertions(+), 1 deletions(-)
---
diff --git a/0001-Use-openldap-instead-of-mozldap-for-slapi-plugins.patch b/0001-Use-openldap-instead-of-mozldap-for-slapi-plugins.patch
new file mode 100644
index 0000000..25f3f76
--- /dev/null
+++ b/0001-Use-openldap-instead-of-mozldap-for-slapi-plugins.patch
@@ -0,0 +1,404 @@
+From 3014336e509ddd1f9c6c15dd173921547f5b04b4 Mon Sep 17 00:00:00 2001
+From: Rich Megginson <rmeggins at redhat.com>
+Date: Thu, 27 Jan 2011 12:05:42 -0700
+Subject: [PATCH] Use openldap instead of mozldap for slapi plugins
+
+Ported 37f48c0019c64f20bfc24b021442b643eaf86aab to ipa 1.2 - there were
+a few changes required.
+---
+ ipa-server/configure.ac | 25 ++++----------
+ ipa-server/ipa-slapi-plugins/dna/Makefile.am | 4 +-
+ ipa-server/ipa-slapi-plugins/dna/dna.c | 34 ++++++++++----------
+ .../ipa-slapi-plugins/ipa-memberof/Makefile.am | 4 +-
+ .../ipa-slapi-plugins/ipa-memberof/ipa-memberof.c | 3 +-
+ .../ipa-slapi-plugins/ipa-memberof/ipa-memberof.h | 2 +
+ .../ipa-slapi-plugins/ipa-pwd-extop/Makefile.am | 4 +-
+ .../ipa-pwd-extop/ipa_pwd_extop.c | 12 +++++--
+ .../ipa-slapi-plugins/ipa-winsync/Makefile.am | 2 +-
+ .../ipa-winsync/ipa-winsync-config.c | 2 +-
+ .../ipa-slapi-plugins/ipa-winsync/ipa-winsync.c | 6 ++-
+ 11 files changed, 49 insertions(+), 49 deletions(-)
+
+diff --git a/ipa-server/configure.ac b/ipa-server/configure.ac
+index 2bc9633..a1a9b00 100644
+--- a/ipa-server/configure.ac
++++ b/ipa-server/configure.ac
+@@ -117,23 +117,12 @@ AC_SUBST(KRB5_LIBS)
+ dnl ---------------------------------------------------------------------------
+ dnl - Check for Mozilla LDAP or OpenLDAP SDK
+ dnl ---------------------------------------------------------------------------
+-
+-AC_ARG_WITH(openldap, [ --with-openldap Use OpenLDAP])
+-
+-dnl The mozldap libraries are always needed because ipa-slapi-plugins/dna/
+-dnl will not build against OpenLDAP.
+-SAVE_CPPFLAGS=$CPPFLAGS
+-CPPFLAGS="-I/usr/include/nspr4 -I/usr/include/nss3"
+-AC_CHECK_HEADER(svrcore.h)
+-if test "x$ac_cv_header_svrcore_h" = "xno" ; then
+- AC_MSG_ERROR([Required svrcore header not available (svrcore-devel)])
+-fi
+-CPPFLAGS=$SAVE_CPPFLAGS
+-AC_CHECK_HEADER(mozldap/ldap.h)
+-if test "x$ac_cv_header_mozldap_ldap_h" = "xno" ; then
+- AC_MSG_ERROR([Required MOZLDAP header not available (mozldap-devel)])
+-fi
+-PKG_CHECK_MODULES(MOZLDAP, mozldap > 6)
++dnl default to using openldap
++with_openldap=yes
++AC_ARG_WITH([openldap],
++ [AS_HELP_STRING([--with-openldap],
++ [compile plugins with openldap instead of mozldap])],
++ [], [])
+
+ if test x$with_openldap = xyes; then
+ AC_CHECK_LIB(ldap, ldap_search, with_ldap=yes)
+@@ -166,7 +155,7 @@ if test x$with_openldap = xyes; then
+
+ AC_SUBST(LDAP_LIBS)
+
+- LDAP_CFLAGS="${LDAP_CFLAGS} -DWITH_OPENLDAP"
++ LDAP_CFLAGS="${LDAP_CFLAGS} -I/usr/include/nspr4 -I/usr/include/nss3 -DWITH_OPENLDAP -DUSE_OPENLDAP"
+ AC_SUBST(LDAP_CFLAGS)
+ else
+ LDAP_LIBS="${MOZLDAP_LIBS}"
+diff --git a/ipa-server/ipa-slapi-plugins/dna/Makefile.am b/ipa-server/ipa-slapi-plugins/dna/Makefile.am
+index 4a54b8d..8ac2e07 100644
+--- a/ipa-server/ipa-slapi-plugins/dna/Makefile.am
++++ b/ipa-server/ipa-slapi-plugins/dna/Makefile.am
+@@ -8,7 +8,7 @@ INCLUDES = \
+ -DLIBDIR=\""$(libdir)"\" \
+ -DLIBEXECDIR=\""$(libexecdir)"\" \
+ -DDATADIR=\""$(datadir)"\" \
+- $(MOZLDAP_CFLAGS) \
++ $(LDAP_CFLAGS) \
+ $(KRB5_CFLAGS) \
+ $(WARN_CFLAGS) \
+ $(NULL)
+@@ -25,7 +25,7 @@ libipa_dna_plugin_la_SOURCES = \
+ libipa_dna_plugin_la_LDFLAGS = -avoid-version
+
+ libipa_dna_plugin_la_LIBADD = \
+- $(MOZLDAP_LIBS) \
++ $(LDAP_LIBS) \
+ $(NULL)
+
+ appdir = $(IPA_DATA_DIR)
+diff --git a/ipa-server/ipa-slapi-plugins/dna/dna.c b/ipa-server/ipa-slapi-plugins/dna/dna.c
+index cb6a062..4eabd1d 100644
+--- a/ipa-server/ipa-slapi-plugins/dna/dna.c
++++ b/ipa-server/ipa-slapi-plugins/dna/dna.c
+@@ -533,7 +533,7 @@ static int parseConfigEntry(Slapi_Entry * e)
+ }
+
+ slapi_log_error(SLAPI_LOG_CONFIG, DNA_PLUGIN_SUBSYSTEM,
+- "----------> dn [%s]\n", entry->dn, 0, 0);
++ "----------> dn [%s]\n", entry->dn);
+
+ value = slapi_entry_attr_get_charptr(e, DNA_TYPE);
+ if (value) {
+@@ -542,7 +542,7 @@ static int parseConfigEntry(Slapi_Entry * e)
+ goto bail;
+
+ slapi_log_error(SLAPI_LOG_CONFIG, DNA_PLUGIN_SUBSYSTEM,
+- "----------> dnaType [%s]\n", entry->type, 0, 0);
++ "----------> dnaType [%s]\n", entry->type);
+
+ /* FIXME: check the attribute type, it must suport matching rules and be
+ * indexed, these are requirements and failure to meet them should result in
+@@ -556,8 +556,8 @@ static int parseConfigEntry(Slapi_Entry * e)
+ goto bail;
+
+ slapi_log_error(SLAPI_LOG_CONFIG, DNA_PLUGIN_SUBSYSTEM,
+- "----------> dnaNextValue [%d]\n", entry->nextval, 0,
+- 0);
++ "----------> dnaNextValue [%llu]\n", entry->nextval
++ );
+
+ value = slapi_entry_attr_get_charptr(e, DNA_PREFIX);
+ if (value && value[0]) {
+@@ -565,7 +565,7 @@ static int parseConfigEntry(Slapi_Entry * e)
+ }
+
+ slapi_log_error(SLAPI_LOG_CONFIG, DNA_PLUGIN_SUBSYSTEM,
+- "----------> dnaPrefix [%s]\n", entry->prefix, 0, 0);
++ "----------> dnaPrefix [%s]\n", entry->prefix);
+
+ value = slapi_entry_attr_get_charptr(e, DNA_INTERVAL);
+ if (value) {
+@@ -574,7 +574,7 @@ static int parseConfigEntry(Slapi_Entry * e)
+ goto bail;
+
+ slapi_log_error(SLAPI_LOG_CONFIG, DNA_PLUGIN_SUBSYSTEM,
+- "----------> dnaInterval [%s]\n", value, 0, 0);
++ "----------> dnaInterval [%s]\n", value);
+
+ slapi_ch_free_string(&value);
+
+@@ -584,8 +584,8 @@ static int parseConfigEntry(Slapi_Entry * e)
+ }
+
+ slapi_log_error(SLAPI_LOG_CONFIG, DNA_PLUGIN_SUBSYSTEM,
+- "----------> dnaMagicRegen [%s]\n", entry->generate,
+- 0, 0);
++ "----------> dnaMagicRegen [%s]\n", entry->generate
++ );
+
+ value = slapi_entry_attr_get_charptr(e, DNA_FILTER);
+ if (value) {
+@@ -595,7 +595,7 @@ static int parseConfigEntry(Slapi_Entry * e)
+ goto bail;
+
+ slapi_log_error(SLAPI_LOG_CONFIG, DNA_PLUGIN_SUBSYSTEM,
+- "----------> dnaFilter [%s]\n", value, 0, 0);
++ "----------> dnaFilter [%s]\n", value);
+
+ value = slapi_entry_attr_get_charptr(e, DNA_SCOPE);
+ if (value) {
+@@ -603,7 +603,7 @@ static int parseConfigEntry(Slapi_Entry * e)
+ }
+
+ slapi_log_error(SLAPI_LOG_CONFIG, DNA_PLUGIN_SUBSYSTEM,
+- "----------> dnaScope [%s]\n", entry->scope, 0, 0);
++ "----------> dnaScope [%s]\n", entry->scope);
+
+ /* optional, if not specified set -1 which is converted to the max unisgnee
+ * value */
+@@ -612,7 +612,7 @@ static int parseConfigEntry(Slapi_Entry * e)
+ entry->maxval = strtoul(value, 0, 0);
+
+ slapi_log_error(SLAPI_LOG_CONFIG, DNA_PLUGIN_SUBSYSTEM,
+- "----------> dnaMaxValue [%ld]\n", value, 0, 0);
++ "----------> dnaMaxValue [%s]\n", value);
+
+ slapi_ch_free_string(&value);
+ } else
+@@ -644,7 +644,7 @@ static int parseConfigEntry(Slapi_Entry * e)
+ slapi_log_error(SLAPI_LOG_CONFIG,
+ DNA_PLUGIN_SUBSYSTEM,
+ "store [%s] before [%s] \n", entry->scope,
+- config_entry->scope, 0);
++ config_entry->scope);
+ entry_added = 1;
+ break;
+ }
+@@ -656,8 +656,8 @@ static int parseConfigEntry(Slapi_Entry * e)
+ /* add to tail */
+ PR_INSERT_BEFORE(&(entry->list), list);
+ slapi_log_error(SLAPI_LOG_CONFIG, DNA_PLUGIN_SUBSYSTEM,
+- "store [%s] at tail\n", entry->scope, 0,
+- 0);
++ "store [%s] at tail\n", entry->scope
++ );
+ entry_added = 1;
+ break;
+ }
+@@ -666,14 +666,14 @@ static int parseConfigEntry(Slapi_Entry * e)
+ /* first entry */
+ PR_INSERT_LINK(&(entry->list), dna_global_config);
+ slapi_log_error(SLAPI_LOG_CONFIG, DNA_PLUGIN_SUBSYSTEM,
+- "store [%s] at head \n", entry->scope, 0, 0);
++ "store [%s] at head \n", entry->scope);
+ entry_added = 1;
+ }
+
+ bail:
+ if (0 == entry_added) {
+ slapi_log_error(SLAPI_LOG_CONFIG, DNA_PLUGIN_SUBSYSTEM,
+- "config entry [%s] skipped\n", entry->dn, 0, 0);
++ "config entry [%s] skipped\n", entry->dn);
+ freeConfigEntry(&entry);
+ }
+
+@@ -689,7 +689,7 @@ static void freeConfigEntry(struct configEntry ** entry)
+
+ if (e->dn) {
+ slapi_log_error(SLAPI_LOG_CONFIG, DNA_PLUGIN_SUBSYSTEM,
+- "freeing config entry [%s]\n", e->dn, 0, 0);
++ "freeing config entry [%s]\n", e->dn);
+ slapi_ch_free_string(&e->dn);
+ }
+
+diff --git a/ipa-server/ipa-slapi-plugins/ipa-memberof/Makefile.am b/ipa-server/ipa-slapi-plugins/ipa-memberof/Makefile.am
+index d0ac7f9..f87143a 100644
+--- a/ipa-server/ipa-slapi-plugins/ipa-memberof/Makefile.am
++++ b/ipa-server/ipa-slapi-plugins/ipa-memberof/Makefile.am
+@@ -8,7 +8,7 @@ INCLUDES = \
+ -DLIBDIR=\""$(libdir)"\" \
+ -DLIBEXECDIR=\""$(libexecdir)"\" \
+ -DDATADIR=\""$(datadir)"\" \
+- $(MOZLDAP_CFLAGS) \
++ $(LDAP_CFLAGS) \
+ $(KRB5_CFLAGS) \
+ $(WARN_CFLAGS) \
+ $(NULL)
+@@ -26,7 +26,7 @@ libipa_memberof_plugin_la_SOURCES = \
+ libipa_memberof_plugin_la_LDFLAGS = -avoid-version
+
+ libipa_memberof_plugin_la_LIBADD = \
+- $(MOZLDAP_LIBS) \
++ $(LDAP_LIBS) \
+ $(NULL)
+
+ appdir = $(IPA_DATA_DIR)
+diff --git a/ipa-server/ipa-slapi-plugins/ipa-memberof/ipa-memberof.c b/ipa-server/ipa-slapi-plugins/ipa-memberof/ipa-memberof.c
+index 3baf2f6..fd878ad 100644
+--- a/ipa-server/ipa-slapi-plugins/ipa-memberof/ipa-memberof.c
++++ b/ipa-server/ipa-slapi-plugins/ipa-memberof/ipa-memberof.c
+@@ -1156,7 +1156,8 @@ int memberof_modop_one_replace_r(Slapi_PBlock *pb, MemberOfConfig *config,
+ slapi_log_error( SLAPI_LOG_PLUGIN,
+ MEMBEROF_PLUGIN_SUBSYSTEM,
+ "memberof_modop_one_replace_r: not processing memberOf "
+- "operations on self entry: %s\n", this_dn_val);
++ "operations on self entry: %s\n",
++ slapi_value_get_string(this_dn_val));
+ goto bail;
+ }
+
+diff --git a/ipa-server/ipa-slapi-plugins/ipa-memberof/ipa-memberof.h b/ipa-server/ipa-slapi-plugins/ipa-memberof/ipa-memberof.h
+index 3e7b5cf..c5d5ca7 100644
+--- a/ipa-server/ipa-slapi-plugins/ipa-memberof/ipa-memberof.h
++++ b/ipa-server/ipa-slapi-plugins/ipa-memberof/ipa-memberof.h
+@@ -62,7 +62,9 @@
+ #define SLAPI_DSE_CALLBACK_ERROR (-1)
+ #define SLAPI_DSE_CALLBACK_DO_NOT_APPLY (0)
+ #define SLAPI_DSE_RETURNTEXT_SIZE 512
++#ifndef DSE_FLAG_PREOP
+ #define DSE_FLAG_PREOP 0x0002
++#endif
+ /*********** end secrets **********/
+ /*
+ * macros
+diff --git a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/Makefile.am b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/Makefile.am
+index 540646f..b9b7938 100644
+--- a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/Makefile.am
++++ b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/Makefile.am
+@@ -8,7 +8,7 @@ INCLUDES = \
+ -DLIBDIR=\""$(libdir)"\" \
+ -DLIBEXECDIR=\""$(libexecdir)"\" \
+ -DDATADIR=\""$(datadir)"\" \
+- $(MOZLDAP_CFLAGS) \
++ $(LDAP_CFLAGS) \
+ $(KRB5_CFLAGS) \
+ $(SSL_CFLAGS) \
+ $(WARN_CFLAGS) \
+@@ -28,7 +28,7 @@ libipa_pwd_extop_la_LDFLAGS = -avoid-version
+ libipa_pwd_extop_la_LIBADD = \
+ $(KRB5_LIBS) \
+ $(SSL_LIBS) \
+- $(MOZLDAP_LIBS) \
++ $(LDAP_LIBS) \
+ $(NULL)
+
+ appdir = $(IPA_DATA_DIR)
+diff --git a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
+index 24acc88..729fc87 100644
+--- a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
++++ b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
+@@ -62,6 +62,7 @@
+
+ #include <prio.h>
+ #include <ssl.h>
++#define LDAP_DEPRECATED 1
+ #include <dirsrv/slapi-plugin.h>
+ #define KRB5_PRIVATE 1
+ #include <krb5.h>
+@@ -122,6 +123,11 @@
+
+ #define KRB5P_SALT_SIZE 16
+
++
++#ifndef discard_const
++#define discard_const(x) (struct berval *)x
++#endif
++
+ void krb5int_c_free_keyblock_contents(krb5_context context, register krb5_keyblock *key);
+
+ static const char *ipapwd_def_encsalts[] = {
+@@ -440,7 +446,7 @@ static int ipapwd_get_cur_kvno(Slapi_Entry *target)
+ "Error retrieving berval from Slapi_Value\n");
+ goto next;
+ }
+- be = ber_init(cbval);
++ be = ber_init(discard_const(cbval));
+ if (!be) {
+ slapi_log_error(SLAPI_LOG_TRACE, "ipa_pwd_extop",
+ "ber_init() failed!\n");
+@@ -2760,8 +2766,8 @@ static struct ipapwd_krbcfg *ipapwd_getConfig(void)
+ goto free_and_error;
+ }
+
+- be = ber_init(bval);
+- if (!bval) {
++ be = ber_init(discard_const(bval));
++ if (!be) {
+ slapi_log_error(SLAPI_LOG_FATAL, "ipapwd_getConfig",
+ "ber_init() failed!\n");
+ goto free_and_error;
+diff --git a/ipa-server/ipa-slapi-plugins/ipa-winsync/Makefile.am b/ipa-server/ipa-slapi-plugins/ipa-winsync/Makefile.am
+index 94bc2dc..e47e3bf 100644
+--- a/ipa-server/ipa-slapi-plugins/ipa-winsync/Makefile.am
++++ b/ipa-server/ipa-slapi-plugins/ipa-winsync/Makefile.am
+@@ -8,7 +8,7 @@ INCLUDES = \
+ -DLIBDIR=\""$(libdir)"\" \
+ -DLIBEXECDIR=\""$(libexecdir)"\" \
+ -DDATADIR=\""$(datadir)"\" \
+- $(MOZLDAP_CFLAGS) \
++ $(LDAP_CFLAGS) \
+ $(WARN_CFLAGS) \
+ $(NULL)
+
+diff --git a/ipa-server/ipa-slapi-plugins/ipa-winsync/ipa-winsync-config.c b/ipa-server/ipa-slapi-plugins/ipa-winsync/ipa-winsync-config.c
+index 45efa6d..12e9b2e 100644
+--- a/ipa-server/ipa-slapi-plugins/ipa-winsync/ipa-winsync-config.c
++++ b/ipa-server/ipa-slapi-plugins/ipa-winsync/ipa-winsync-config.c
+@@ -60,6 +60,7 @@
+ #include "ipa-winsync.h"
+
+ #include <string.h>
++#include <plstr.h>
+
+ #define IPA_WINSYNC_CONFIG_FILTER "(objectclass=*)"
+
+@@ -546,7 +547,6 @@ ipa_winsync_apply_config (Slapi_PBlock *pb, Slapi_Entry* entryBefore,
+ PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE,
+ "Error: could not add value [%s] for attribute name "
+ "[%s] - ldap error [%d: %s]", val, attrsvals[ii],
+- attrsvals[ii], IPA_WINSYNC_NEW_USER_ATTRS_VALS,
+ rc, ldap_err2string(rc));
+ slapi_entry_free(theConfig.config_e);
+ theConfig.config_e = NULL;
+diff --git a/ipa-server/ipa-slapi-plugins/ipa-winsync/ipa-winsync.c b/ipa-server/ipa-slapi-plugins/ipa-winsync/ipa-winsync.c
+index 9ee8805..e63c920 100644
+--- a/ipa-server/ipa-slapi-plugins/ipa-winsync/ipa-winsync.c
++++ b/ipa-server/ipa-slapi-plugins/ipa-winsync/ipa-winsync.c
+@@ -49,7 +49,7 @@
+ * directory server, and allows IPA to modify the entry, adding
+ * objectclasses and attributes, and changing the DN.
+ */
+-
++#define LDAP_DEPRECATED 1
+ #ifdef WINSYNC_TEST_IPA
+ #include <slapi-plugin.h>
+ #include "winsync-plugin.h"
+@@ -59,6 +59,9 @@
+ #endif
+ #include "ipa-winsync.h"
+
++#include <plstr.h>
++#include <stdlib.h>
++
+ static char *ipa_winsync_plugin_name = IPA_WINSYNC_PLUGIN_NAME;
+
+ static void
+@@ -245,7 +248,6 @@ ipa_winsync_pre_ds_add_user_cb(void *cbdata, const Slapi_Entry *rawentry,
+ Slapi_Attr *attr = NULL;
+ Slapi_Attr *e_attr = NULL;
+ char *type = NULL;
+- IPA_WinSync_Config *global_ipaconfig = ipa_winsync_get_config();
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
+ "--> ipa_winsync_pre_ds_add_user_cb -- begin\n");
+--
+1.7.1
+
diff --git a/ipa.spec b/ipa.spec
index ec6daca..7f94cfa 100644
--- a/ipa.spec
+++ b/ipa.spec
@@ -6,7 +6,7 @@
Name: ipa
Version: 1.2.2
-Release: 5%{?dist}
+Release: 6%{?dist}
Summary: The Identity, Policy and Audit system
Group: System Environment/Base
@@ -18,6 +18,7 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Patch01: Fix-install-with-krb-1.7.patch
Patch02: ipa-schema.patch
Patch03: Use_path_env.patch
+Patch04: 0001-Use-openldap-instead-of-mozldap-for-slapi-plugins.patch
BuildRequires: fedora-ds-base-devel >= 1.1.3
BuildRequires: mozldap-devel
@@ -200,6 +201,7 @@ administering radius authentication settings in IPA.
%patch01 -p1 -b .stash-as-keytab
%patch02 -p1 -b .schema
%patch03 -p1 -b .env
+%patch04 -p1 -b .slapi
%build
export CFLAGS="$CFLAGS %{optflags}"
@@ -480,6 +482,9 @@ fi
%{_sbindir}/ipa-modradiusprofile
%changelog
+* Thu Jan 27 2011 Rich Megginson <rmeggins at redhat.com> - 1.2.2-6
+- use openldap with slapi plugins (BZ #658832)
+
* Wed Nov 17 2010 Rob Crittenden <rcritten at redhat.com> - 1.2.2-5
- Use PATH to env to find kerberos binaries instead of hardcoding
location (BZ #650725)
More information about the scm-commits
mailing list