# Maintainer: Natanael Copa # Contributor: Jakub Jirutka # # secfixes: # 2.4.44-r5: # - CVE-2017-9287 # pkgname=openldap pkgver=2.4.45 pkgrel=1 pkgdesc="LDAP Server" url="http://www.openldap.org/" arch="all" license="custom" depends="" pkgusers="ldap" pkggroups="ldap" depends_dev="libressl-dev cyrus-sasl-dev util-linux-dev" makedepends="$depends_dev db-dev groff unixodbc-dev libtool mosquitto-dev autoconf automake libtool" subpackages="$pkgname-dev $pkgname-doc libldap $pkgname-clients $pkgname-mqtt $pkgname-passwd-pbkdf2:passwd_pbkdf2" install="$pkgname.pre-install" source="ftp://ftp.$pkgname.org/pub/OpenLDAP/$pkgname-release/$pkgname-$pkgver.tgz openldap-2.4-ppolicy.patch openldap-2.4.11-libldap_r.patch bdb-enabled-by-default.patch openldap-mqtt-overlay.patch libressl.patch fix-manpages.patch slapd.initd slapd.confd " builddir="$srcdir/$pkgname-$pkgver" for _name in bdb hdb ldap meta monitor sql; do subpackages="$subpackages $pkgname-back-$_name:_backend" done prepare() { cd "$builddir" update_config_sub default_prepare sed -i '/^STRIP/s,-s,,g' build/top.mk libtoolize --force && aclocal && autoconf } build () { cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ --prefix=/usr \ --libexecdir=/usr/lib \ --sysconfdir=/etc \ --mandir=/usr/share/man \ --localstatedir=/var/lib/openldap \ --enable-slapd \ --enable-crypt \ --enable-modules \ --enable-dynamic \ --enable-bdb=mod \ --enable-hdb=mod \ --enable-dnssrv=mod \ --enable-ldap=mod \ --enable-meta=mod \ --enable-monitor=mod \ --enable-null=mod \ --enable-passwd=mod \ --enable-relay=mod \ --enable-shell=mod \ --enable-sock=mod \ --enable-sql=mod \ --enable-overlays=mod \ --with-tls=openssl \ --with-cyrus-sasl make # Build MQTT overlay. make prefix=/usr libexec=/usr/lib \ -C contrib/slapd-modules/mqtt # Build passwd pbkdf2. make prefix=/usr libexecdir=/usr/lib \ -C contrib/slapd-modules/passwd/pbkdf2 } package() { cd "$builddir" make DESTDIR="$pkgdir" install # Install MQTT overlay. make DESTDIR="$pkgdir" prefix=/usr libexec=/usr/lib \ -C contrib/slapd-modules/mqtt install # Install passwd pbkdf2. make DESTDIR="$pkgdir" prefix=/usr libexecdir=/usr/lib \ -C contrib/slapd-modules/passwd/pbkdf2 install cd "$pkgdir" # Fix tools symlinks to slapd. local path; for path in $(find usr/sbin/ -type l); do ln -sf slapd $path done # Move executable from lib to sbin. mv usr/lib/slapd usr/sbin/ sed -i -e 's:/var/lib/openldap/run:/var/run/openldap:g' \ -e 's:back_bdb.la:back_bdb.so:' \ -e 's:back_hdb.la:back_hdb.so:' \ -e 's:back_ldap.la:back_ldap.so:' \ etc/openldap/slapd.conf chgrp ldap etc/openldap/slapd.conf chmod g+r etc/openldap/slapd.conf install -d -m 700 -o ldap -g ldap \ var/lib/openldap \ var/lib/openldap/openldap-data install -D -m 755 "$srcdir"/slapd.initd etc/init.d/slapd install -D -m 644 "$srcdir"/slapd.confd etc/conf.d/slapd } libldap() { pkgdesc="OpenLDAP libraries" depends="" install="" _submv "usr/lib/*.so*" etc/openldap/ldap.conf } clients() { pkgdesc="LDAP client utilities" _submv usr/bin } mqtt() { pkgdesc="OpenLDAP MQTT overlay" depends="$pkgname" _submv "usr/lib/openldap/mqtt.*" } passwd_pbkdf2() { pkgdesc="PBKDF2 OpenLDAP support" depends="$pkgname" _submv "usr/lib/openldap/pw-pbkdf2.*" } _backend() { backend_name="${subpkgname#openldap-back-}" pkgdesc="OpenLDAP $backend_name backend" _submv "usr/lib/openldap/back_$backend_name*" } _submv() { local path; for path in "$@"; do mkdir -p "$subpkgdir"/${path%/*} mv "$pkgdir"/$path "$subpkgdir"/${path%/*}/ done } sha512sums="1c9fc84efed8998f107ce6e1c6be3f5466388241afdca0cb3847720c9def0bc263a2dbc15bf0f9112d1b4c391fd01e8531a4fb08c5532c30fb86924c08daedab openldap-2.4.45.tgz 5d34d49eabe7cb66cf8284cc3bd9730fa23df4932df68549e242d250ee50d40c434ae074ebc720d5fbcd9d16587c9333c5598d30a5f1177caa61461ab7771f38 openldap-2.4-ppolicy.patch 44d97efb25d4f39ab10cd5571db43f3bfa7c617a5bb087085ae16c0298aca899b55c8742a502121ba743a73e6d77cd2056bc96cee63d6d0862dabc8fb5574357 openldap-2.4.11-libldap_r.patch d94f791ff3d10f1fe244a6a071331d6dd5933ed859e1cf9465654e650ff7223eedad5f054ad77de2ad4dbbd0b4a2cfda970ad733baaa833183aee996216bdbf1 bdb-enabled-by-default.patch 9c7f41279e91ed995c91e9a8c543c797d9294a93cf260afdc03ab5777e45ed045a4d6a4d4d0180b5dc387dc04babca01d818fbfa8168309df44f4500d2a430a4 openldap-mqtt-overlay.patch cbfd573139e6b0c51d0f1f1337d74d5c07813509754758df240b09bc2ba559127f656580eef88f1db1c1322d7cb05042b1926e046e24c19889759647aee7aec6 libressl.patch 8c4244d316a05870dd1147b2ab7ddbcfd7626b5dce2f5a0e72f066dc635c2edb4f1ea3be88c6fec2d5ab016001be16bedef70f2ce0695c3cd96f69e1614ff177 fix-manpages.patch 1e49068503a0e6c467f981b6fad8ef157fbd36c41a8a65bad3d3e138a5fc56ea628e8daa5d8745d91e818ef2d6f2b4343c0f047aba0fb81f4fd789f947c9882c slapd.initd 8290769b63b3a5863622de2deb9269a0711ba5f4a225eb230d7c5097937b9d4e8cf5a998ee99232824e2335ae1b6e0114357b61c9611bc2460ebd195d12eabae slapd.confd"