legacy package [release 2.4.58-2mamba;Tue Jun 15 2021]

README.md

@@ -1,2 +1,4 @@
 # openldap24
 
+OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.
+

openldap-2.2.15-conf

@@ -0,0 +1,89 @@
+# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 kurt Exp $
+#
+# See slapd.conf(5) for details on configuration options.
+# This file should NOT be world readable.
+#
+include		%SYSCONFDIR%/schema/core.schema
+include		%SYSCONFDIR%/schema/cosine.schema
+include		%SYSCONFDIR%/schema/inetorgperson.schema
+include		%SYSCONFDIR%/schema/corba.schema
+include		%SYSCONFDIR%/schema/java.schema
+include		%SYSCONFDIR%/schema/nis.schema
+include		%SYSCONFDIR%/schema/openldap.schema
+
+# Define global ACLs to disable default read access.
+
+# Do not enable referrals until AFTER you have a working directory
+# service AND an understanding of referrals.
+#referral	ldap://root.openldap.org
+
+pidfile		/run/ldap/slapd.pid
+argsfile	/run/ldap/slapd.args
+
+# Load dynamic backend modules:
+# modulepath	%MODULEDIR%
+# moduleload	back_bdb.la
+# moduleload	back_ldap.la
+# moduleload	back_ldbm.la
+# moduleload	back_passwd.la
+# moduleload	back_shell.la
+
+# Sample security restrictions
+#	Require integrity protection (prevent hijacking)
+#	Require 112-bit (3DES or better) encryption for updates
+#	Require 63-bit encryption for simple bind
+# security ssf=1 update_ssf=112 simple_bind=64
+
+# Sample access control policy:
+#	Root DSE: allow anyone to read it
+#	Subschema (sub)entry DSE: allow anyone to read it
+#	Other DSEs:
+#		Allow self write access
+#		Allow authenticated users read access
+#		Allow anonymous users to authenticate
+#	Directives needed to implement policy:
+# access to dn.base="" by * read
+# access to dn.base="cn=Subschema" by * read
+# access to *
+#	by self write
+#	by users read
+#	by anonymous auth
+#
+# if no access controls are present, the default policy is:
+#	Allow read by all
+#
+# rootdn can always write!
+
+#######################################################################
+# ldbm database definitions
+#######################################################################
+
+database	bdb
+suffix		"dc=my-domain,dc=com"
+rootdn		"cn=Manager,dc=my-domain,dc=com"
+# Cleartext passwords, especially for the rootdn, should
+# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
+# Use of strong authentication encouraged.
+rootpw		secret
+# The database directory MUST exist prior to running slapd AND 
+# should only be accessible by the slapd and slap tools.
+# Mode 700 recommended.
+directory	%LOCALSTATEDIR%/lib/ldap/openldap-data
+# Indices to maintain
+index	objectClass	eq
+#
+# Allow users to change own password
+# - Manager can change any password
+# - Any users who have valid username+password may login
+#
+access to attr=userPassword
+    by self write
+    by dn="cn=Manager,$DND" write
+    by * auth
+access to *
+    by dn="cn=Manager,$DND" write
+    by * read
+#
+# Hash password by default
+#
+password-hash {SSHA}

openldap-2.4.24-default_config.patch

@@ -0,0 +1,22 @@
+diff -Nru openldap-2.4.24.orig//servers/slapd/slapd.conf openldap-2.4.24/servers/slapd/slapd.conf
+--- openldap-2.4.24.orig//servers/slapd/slapd.conf	2007-02-13 21:22:22.000000000 +0100
++++ openldap-2.4.24/servers/slapd/slapd.conf	2011-03-09 20:38:55.822787816 +0100
+@@ -10,8 +10,8 @@
+ # service AND an understanding of referrals.
+ #referral	ldap://root.openldap.org
+ 
+-pidfile		%LOCALSTATEDIR%/run/slapd.pid
+-argsfile	%LOCALSTATEDIR%/run/slapd.args
++pidfile		%LOCALSTATEDIR%/run/openldap/slapd.pid
++argsfile	%LOCALSTATEDIR%/run/openldap/slapd.args
+ 
+ # Load dynamic backend modules:
+ # modulepath	%MODULEDIR%
+@@ -60,6 +60,6 @@
+ # The database directory MUST exist prior to running slapd AND 
+ # should only be accessible by the slapd and slap tools.
+ # Mode 700 recommended.
+-directory	%LOCALSTATEDIR%/openldap-data
++directory	%LOCALSTATEDIR%/lib/openldap-data
+ # Indices to maintain
+ index	objectClass	eq

openldap-2.4.43-liblmdb-installdirs.patch

@@ -0,0 +1,24 @@
+--- openldap-2.4.43/libraries/liblmdb/Makefile.orig	2016-01-01 21:06:16.297023647 +0100
++++ openldap-2.4.43/libraries/liblmdb/Makefile	2016-01-01 21:07:02.919683678 +0100
+@@ -28,7 +28,9 @@
+ SOLIBS	=
+ SONAME	= liblmdb.so.0
+ prefix	= /usr/local
+-mandir = $(prefix)/man
++libdir	= $(prefix)/lib
++datadir	= $(prefix)/share
++mandir = $(datadir)/man
+ 
+ ########################################################################
+ 
+@@ -45,8 +47,8 @@
+ 	mkdir -p $(DESTDIR)$(prefix)/include
+ 	mkdir -p $(DESTDIR)$(prefix)/man/man1
+ 	for f in $(IPROGS); do cp $$f $(DESTDIR)$(prefix)/bin; done
+-	for f in $(ILIBS); do cp $$f $(DESTDIR)$(prefix)/lib; done
+-	for f in $(IHDRS); do cp $$f $(DESTDIR)$(prefix)/include; done
++	for f in $(ILIBS); do cp $$f $(DESTDIR)$(libdir); done
++	for f in $(IHDRS); do cp $$f $(DESTDIR)$(prefix)/include; done
+ 	for f in $(IDOCS); do cp $$f $(DESTDIR)$(mandir)/man1; done
+ 
+ clean:

openldap-2.4.44-liblmdb-soname.patch

@@ -0,0 +1,28 @@
+--- openldap-2.4.44/libraries/liblmdb/Makefile.orig	2016-02-06 00:57:45.000000000 +0100
++++ openldap-2.4.44/libraries/liblmdb/Makefile	2016-06-18 14:03:44.434349219 +0200
+@@ -26,6 +26,7 @@
+ CFLAGS	= $(THREADS) $(OPT) $(W) $(XCFLAGS)
+ LDLIBS	=
+ SOLIBS	=
++SONAME	= liblmdb.so.0
+ prefix	= /usr/local
+ exec_prefix = $(prefix)
+ bindir = $(exec_prefix)/bin
+@@ -37,7 +38,7 @@
+ ########################################################################
+ 
+ IHDRS	= lmdb.h
+-ILIBS	= liblmdb.a liblmdb.so
++ILIBS	= liblmdb.a $(SONAME)
+ IPROGS	= mdb_stat mdb_copy mdb_dump mdb_load
+ IDOCS	= mdb_stat.1 mdb_copy.1 mdb_dump.1 mdb_load.1
+ PROGS	= $(IPROGS) mtest mtest2 mtest3 mtest4 mtest5
+@@ -63,7 +64,7 @@
+ liblmdb.a:	mdb.o midl.o
+ 	$(AR) rs $@ mdb.o midl.o
+ 
+-liblmdb.so:	mdb.lo midl.lo
++$(SONAME):	mdb.lo midl.lo
+ #	$(CC) $(LDFLAGS) -pthread -shared -Wl,-Bsymbolic -o $@ mdb.o midl.o $(SOLIBS)
+ 	$(CC) $(LDFLAGS) -pthread -shared -o $@ mdb.lo midl.lo $(SOLIBS)
+ 

openldap-2.4.6-evolution-ntlm.patch

@@ -0,0 +1,192 @@
+diff -up evo-openldap-2.4.14/include/ldap.h.evolution-ntlm evo-openldap-2.4.14/include/ldap.h
+--- evo-openldap-2.4.14/include/ldap.h.evolution-ntlm	2009-01-27 00:29:53.000000000 +0100
++++ evo-openldap-2.4.14/include/ldap.h	2009-02-17 10:10:00.000000000 +0100
+@@ -2461,5 +2461,26 @@ ldap_parse_deref_control LDAP_P((
+ 	LDAPControl	**ctrls,
+ 	LDAPDerefRes	**drp ));
+ 
++/*
++ * hacks for NTLM
++ */
++#define LDAP_AUTH_NTLM_REQUEST	((ber_tag_t) 0x8aU)
++#define LDAP_AUTH_NTLM_RESPONSE	((ber_tag_t) 0x8bU)
++LDAP_F( int )
++ldap_ntlm_bind LDAP_P((
++	LDAP		*ld,
++	LDAP_CONST char	*dn,
++	ber_tag_t	tag,
++	struct berval	*cred,
++	LDAPControl	**sctrls,
++	LDAPControl	**cctrls,
++	int		*msgidp ));
++LDAP_F( int )
++ldap_parse_ntlm_bind_result LDAP_P((
++	LDAP		*ld,
++	LDAPMessage	*res,
++	struct berval	*challenge));
++
++
+ LDAP_END_DECL
+ #endif /* _LDAP_H */
+diff -up evo-openldap-2.4.14/libraries/libldap/Makefile.in.evolution-ntlm evo-openldap-2.4.14/libraries/libldap/Makefile.in
+--- evo-openldap-2.4.14/libraries/libldap/Makefile.in.evolution-ntlm	2009-01-27 00:29:53.000000000 +0100
++++ evo-openldap-2.4.14/libraries/libldap/Makefile.in	2009-02-17 10:10:00.000000000 +0100
+@@ -20,7 +20,7 @@ PROGRAMS = apitest dntest ftest ltest ur
+ SRCS	= bind.c open.c result.c error.c compare.c search.c \
+ 	controls.c messages.c references.c extended.c cyrus.c \
+ 	modify.c add.c modrdn.c delete.c abandon.c \
+-	sasl.c gssapi.c sbind.c unbind.c cancel.c  \
++	sasl.c ntlm.c gssapi.c sbind.c unbind.c cancel.c  \
+ 	filter.c free.c sort.c passwd.c whoami.c \
+ 	getdn.c getentry.c getattr.c getvalues.c addentry.c \
+ 	request.c os-ip.c url.c pagectrl.c sortctrl.c vlvctrl.c \
+@@ -33,7 +33,7 @@ SRCS	= bind.c open.c result.c error.c co
+ OBJS	= bind.lo open.lo result.lo error.lo compare.lo search.lo \
+ 	controls.lo messages.lo references.lo extended.lo cyrus.lo \
+ 	modify.lo add.lo modrdn.lo delete.lo abandon.lo \
+-	sasl.lo gssapi.lo sbind.lo unbind.lo cancel.lo \
++	sasl.lo ntlm.lo gssapi.lo sbind.lo unbind.lo cancel.lo \
+ 	filter.lo free.lo sort.lo passwd.lo whoami.lo \
+ 	getdn.lo getentry.lo getattr.lo getvalues.lo addentry.lo \
+ 	request.lo os-ip.lo url.lo pagectrl.lo sortctrl.lo vlvctrl.lo \
+diff -up /dev/null evo-openldap-2.4.14/libraries/libldap/ntlm.c
+--- /dev/null	2009-02-17 09:19:52.829004420 +0100
++++ evo-openldap-2.4.14/libraries/libldap/ntlm.c	2009-02-17 10:10:00.000000000 +0100
+@@ -0,0 +1,137 @@
++/* $OpenLDAP: pkg/ldap/libraries/libldap/ntlm.c,v 1.1.4.10 2002/01/04 20:38:21 kurt Exp $ */
++/*
++ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
++ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
++ */
++
++/* Mostly copied from sasl.c */
++
++#include "portable.h"
++
++#include <stdlib.h>
++#include <stdio.h>
++
++#include <ac/socket.h>
++#include <ac/string.h>
++#include <ac/time.h>
++#include <ac/errno.h>
++
++#include "ldap-int.h"
++
++int
++ldap_ntlm_bind(
++	LDAP		*ld,
++	LDAP_CONST char	*dn,
++	ber_tag_t	tag,
++	struct berval	*cred,
++	LDAPControl	**sctrls,
++	LDAPControl	**cctrls,
++	int		*msgidp )
++{
++	BerElement	*ber;
++	int rc;
++	ber_int_t id;
++
++	Debug( LDAP_DEBUG_TRACE, "ldap_ntlm_bind\n", 0, 0, 0 );
++
++	assert( ld != NULL );
++	assert( LDAP_VALID( ld ) );
++	assert( msgidp != NULL );
++
++	if( msgidp == NULL ) {
++		ld->ld_errno = LDAP_PARAM_ERROR;
++		return ld->ld_errno;
++	}
++
++	/* create a message to send */
++	if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
++		ld->ld_errno = LDAP_NO_MEMORY;
++		return ld->ld_errno;
++	}
++
++	assert( LBER_VALID( ber ) );
++
++	LDAP_NEXT_MSGID( ld, id );
++	rc = ber_printf( ber, "{it{istON}" /*}*/,
++			 id, LDAP_REQ_BIND,
++			 ld->ld_version, dn, tag,
++			 cred );
++
++	/* Put Server Controls */
++	if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) {
++		ber_free( ber, 1 );
++		return ld->ld_errno;
++	}
++
++	if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) {
++		ld->ld_errno = LDAP_ENCODING_ERROR;
++		ber_free( ber, 1 );
++		return ld->ld_errno;
++	}
++
++	/* send the message */
++	*msgidp = ldap_send_initial_request( ld, LDAP_REQ_BIND, dn, ber, id );
++
++	if(*msgidp < 0)
++		return ld->ld_errno;
++
++	return LDAP_SUCCESS;
++}
++
++int
++ldap_parse_ntlm_bind_result(
++	LDAP		*ld,
++	LDAPMessage	*res,
++	struct berval	*challenge)
++{
++	ber_int_t	errcode;
++	ber_tag_t	tag;
++	BerElement	*ber;
++	ber_len_t	len;
++
++	Debug( LDAP_DEBUG_TRACE, "ldap_parse_ntlm_bind_result\n", 0, 0, 0 );
++
++	assert( ld != NULL );
++	assert( LDAP_VALID( ld ) );
++	assert( res != NULL );
++
++	if ( ld == NULL || res == NULL ) {
++		return LDAP_PARAM_ERROR;
++	}
++
++	if( res->lm_msgtype != LDAP_RES_BIND ) {
++		ld->ld_errno = LDAP_PARAM_ERROR;
++		return ld->ld_errno;
++	}
++
++	if ( ld->ld_error ) {
++		LDAP_FREE( ld->ld_error );
++		ld->ld_error = NULL;
++	}
++	if ( ld->ld_matched ) {
++		LDAP_FREE( ld->ld_matched );
++		ld->ld_matched = NULL;
++	}
++
++	/* parse results */
++
++	ber = ber_dup( res->lm_ber );
++
++	if( ber == NULL ) {
++		ld->ld_errno = LDAP_NO_MEMORY;
++		return ld->ld_errno;
++	}
++
++	tag = ber_scanf( ber, "{ioa" /*}*/,
++			 &errcode, challenge, &ld->ld_error );
++	ber_free( ber, 0 );
++
++	if( tag == LBER_ERROR ) {
++		ld->ld_errno = LDAP_DECODING_ERROR;
++		return ld->ld_errno;
++	}
++
++	ld->ld_errno = errcode;
++
++	return( ld->ld_errno );
++}

openldap-initscript

@@ -0,0 +1,83 @@
+#!/bin/bash
+#
+# ldap	This shell script takes care of starting and stopping ldap server (slapd).
+#
+# chkconfig: 2345 35 65
+# description: LDAP stands for Lightweight Directory Access Protocol, used \
+#              for implementing the industry standard directory services.
+# processname: slapd
+# config: /etc/openldap/slapd.conf
+# pidfile: /var/run/slapd.pid
+
+# source function library
+. /etc/init.d/functions
+
+[ -x /usr/bin/db_recover-51 ] && DB_RECOVER=db_recover-51 || DB_RECOVER=db_recover
+
+# source an auxiliary options file if we have one, and pick up OPTIONS,
+# SLAPD_OPTIONS, and SLURPD_OPTIONS
+[ -r /etc/sysconfig/ldap ] && . /etc/sysconfig/ldap
+
+slapd=/usr/sbin/slapd
+[ -x ${slapd} ] || exit 0
+
+RETVAL=0
+
+function start() {
+   # fix bdb errors
+   [ -e "/var/lib/ldap/openldap-data/__db.001" ] && \
+      $DB_RECOVER -h /var/lib/ldap/openldap-data
+   # start daemons
+   prog=`basename ${slapd}`
+   echo -n $"Starting $prog: "
+   if grep -q ^TLS /etc/openldap/slapd.conf; then
+      ${slapd} -u ldap -h "ldaps:/// ldap:///" $OPTIONS $SLAPD_OPTIONS
+   else
+      ${slapd} -u ldap $OPTIONS $SLAPD_OPTIONS
+   fi
+   evaluate_retval
+   echo
+   [ $RETVAL -eq 0 ] && touch /var/lock/subsys/ldap
+   return $RETVAL
+}
+
+function stop() {
+   # stop daemons
+   prog=`basename ${slapd}`
+   echo -n $"Stopping $prog: "
+   killproc ${slapd}
+   RETVAL=$?
+   echo
+   [ $RETVAL -eq 0 ] && 
+      rm -f /var/lock/subsys/ldap /var/run/ldap/slapd.args
+   return $RETVAL
+}
+
+# See how we were called.
+case "$1" in
+   start)
+      start
+   ;;
+   stop)
+      stop
+   ;;
+   status)
+      status ${slapd}
+   ;;
+   restart)
+      stop
+      start
+   ;;
+   condrestart)
+      if [ -f /var/lock/subsys/ldap ]; then
+         stop
+         start
+      fi
+   ;;
+   *)
+      echo $"Usage: $0 {start|stop|restart|status|condrestart}"
+      RETVAL=1
+esac
+
+exit $RETVAL
+

openldap-logrotate

@@ -0,0 +1,8 @@
+/var/log/ldap.log {
+    weekly
+    rotate 5
+    copytruncate
+    compress
+    notifempty
+    missingok
+}

openldap.service

@@ -0,0 +1,14 @@
+[Unit]
+Description=OpenLDAP Server Daemon
+After=syslog.target network.target
+
+[Service]
+Type=forking
+PIDFile=/run/openldap/slapd.pid
+Environment="SLAPD_URLS=ldap:/// ldapi:///" "SLAPD_OPTIONS="
+EnvironmentFile=/etc/sysconfig/ldap
+#ExecStartPre=/usr/libexec/slapd/check-config.sh
+ExecStart=/usr/sbin/slapd -u ldap -h ${SLAPD_URLS} $SLAPD_OPTIONS
+
+[Install]
+WantedBy=multi-user.target

openldap.tmpfiles

@@ -0,0 +1,2 @@
+# openldap runtime directory for slapd.arg and slapd.pid
+d /run/openldap 0755 ldap ldap -

openldap24.spec

@@ -0,0 +1,618 @@
+Name:          openldap24
+Version:       2.4.58
+Release:       2mamba
+Group:         System/Servers
+Summary:       An open source implementation of the Lightweight Directory Access Protocol
+Vendor:        openmamba
+Distribution:  openmamba
+Packager:      Silvan Calarco <silvan.calarco@mambasoft.it>
+URL:           https://www.openldap.org
+Source0:       ftp://ftp.openldap.org/pub/OpenLDAP/%{name}-release/openldap-%{version}.tgz
+Source1:       openldap-initscript
+Source2:       openldap-logrotate
+Source3:       openldap-2.2.15-conf
+Source4:       openldap.service
+Source5:       openldap.tmpfiles
+# patch from Novell developers (evolution-exchange-2.4.0/docs/openldap-ntlm.diff)
+Patch0:        openldap-2.4.6-evolution-ntlm.patch
+Patch2:        openldap-2.4.24-default_config.patch
+Patch3:        openldap-2.4.44-liblmdb-soname.patch
+Patch4:        openldap-2.4.43-liblmdb-installdirs.patch
+License:       OpenLDAP Public License
+## AUTOBUILDREQ-BEGIN
+BuildRequires: glibc-devel
+BuildRequires: libdb53-devel
+BuildRequires: libe2fs-devel
+BuildRequires: libkrb5-devel
+BuildRequires: libltdl-devel
+BuildRequires: libopenssl-devel
+BuildRequires: libsasl2-devel
+BuildRequires: libuuid-devel
+## AUTOBUILDREQ-END
+BuildRequires: libsasl-devel >= 2.1.26
+BuildRequires: libreadline-devel >= 4.3
+BuildRequires: systemd-devel
+Requires:      libopenldap = %{version}-%{release}
+
+%description
+OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.
+
+%package -n lib%{name}
+Summary:       OpenLDAP libraries
+Group:         System/Libraries
+# requires latest SASL libraries
+Requires:      libsasl >= 2.1.25
+
+%description -n lib%{name}
+OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.
+This package contains the OpenLDAP libraries.
+
+%package -n lib%{name}-devel
+Summary:       OpenLDAP development files
+Group:         Development/Libraries
+Requires:      lib%{name} = %{version}-%{release}
+
+%description -n lib%{name}-devel
+OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.
+This package contains static libraries and header files need for development.
+
+%package clients
+Summary:       OpenLDAP clients
+Group:         System/Libraries
+Requires:      lib%{name} = %{version}-%{release}
+
+%description clients
+OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.
+This package contains the OpenLDAP clients and related files.
+
+%package server
+Summary:       OpenLDAP server
+Group:         System/Libraries
+Requires:      lib%{name} = %{version}-%{release}
+
+%description server
+OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.
+This package contains the OpenLDAP server and related files.
+
+%package -n liblmdb
+Summary:       OpenLDAP lmdb library
+Group:         System/Libraries
+
+%description -n liblmdb
+OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.
+This package contains the lmdb library.
+
+%package -n liblmdb-tools
+Summary:       OpenLDAP lmdb library tools
+Group:         System/Tools
+Requires:      liblmdb = %{version}-%{release}
+
+%description -n liblmdb-tools
+OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.
+This package contains the lmdb library tools.
+
+%package -n liblmdb-devel
+Summary:       liblmdb development files
+Group:         Development/Libraries
+Requires:      liblmdb = %{version}-%{release}
+
+%description -n liblmdb-devel
+OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.
+This package contains static libraries and header files needed for development.
+
+%debug_package
+
+%prep
+%setup -q -n openldap-%{version}
+#-D -T
+#:<< _EOF
+#cp %{SOURCE3} servers/slapd/slapd.conf
+%patch0 -p1 -b .ntlm
+%patch2 -p1
+#%patch3 -p1
+#%patch4 -p1
+
+%build
+#:<< _EOF
+%configure \
+   --libexecdir=%{_sbindir} \
+   --localstatedir=%{_localstatedir} \
+   --with-cyrus-sasl \
+   --enable-slapd \
+   --enable-crypt \
+   --enable-lmpasswd \
+   --enable-spasswd \
+   --enable-passwd \
+   --enable-modules \
+   --enable-rewrite \
+   --enable-dynamic \
+   --enable-mdb
+
+#   --enable-rlookups \
+
+%make CC=%{_host}-gcc
+
+%make
+
+#-C libraries/liblmdb SOLIBS="-Wl,-soname,liblmdb.so.0"
+
+%install
+[ "%{buildroot}" != / ] && rm -rf "%{buildroot}"
+%makeinstall
+# Fix missing -x permission
+chmod +x %{buildroot}%{_libdir}/lib*.so.*
+
+install -d %{buildroot}/var/lib/openldap-data
+#install -d %{buildroot}/var/run/openldap/
+
+#install -D -m 755 %{SOURCE1} %{buildroot}%{_initrddir}/%{name}
+install -D -m 755 %{SOURCE2} %{buildroot}%{_sysconfdir}/logrotate.d/openldap
+install -D -m 644 %{SOURCE4} %{buildroot}%{_unitdir}/openldap.service
+install -D -m 644 %{SOURCE5} %{buildroot}%{_tmpfilesdir}/openldap.conf
+
+rm -f %{buildroot}%{_sysconfdir}/openldap/*.default
+rm -f %{buildroot}%{_sysconfdir}/openldap/schema/*.default
+
+# allow client requests without client certificate
+echo "TLS_REQCERT	allow" >> \
+   %{buildroot}%{_sysconfdir}/openldap/ldap.conf
+
+#ln -s liblber.so %{buildroot}%{_libdir}/liblber.so.2
+#ln -s libldap.so %{buildroot}%{_libdir}/libldap.so.2
+#ln -s libldap_r.so %{buildroot}%{_libdir}/libldap_r.so.2
+#chmod 755 %{buildroot}%{_libdir}/*.so.*
+
+cat > %{buildroot}/var/lib/openldap-data/DB_CONFIG << _EOF
+set_cachesize		0 150000000 1
+set_lg_regionmax	262144
+set_lg_bsize		2097152
+#set_lg_dir		/var/log/bdb
+set_flags		DB_LOG_AUTOREMOVE
+_EOF
+
+rm -f %{buildroot}/var/openldap-data/DB_CONFIG.example
+
+#% makeinstall -C libraries/liblmdb prefix=%{_prefix} libdir=%{_libdir}
+#ln -s liblmdb.so.0 %{buildroot}%{_libdir}/liblmdb.so
+
+%clean
+[ "%{buildroot}" != / ] && rm -rf "%{buildroot}"
+
+%post -n lib%{name} -p /sbin/ldconfig
+%postun -n lib%{name} -p /sbin/ldconfig
+
+%pre -n %{name}-server
+if [ $1 -eq 2 ]; then
+# upgrade
+    # make a backup of the existing tree
+    ldapadd -VV 2>&1 | grep "ldapmodify 2.1" >/dev/null
+    if [ $? -eq 0 ]; then
+       echo "Backing up current ldap tree"
+       [ -e /run/openldap/slapd.pid ] && service openldap stop
+       slapcat > /var/lib/ldap/openldap-data/ldap-backup.rpm_update
+    fi
+fi
+if [ $1 -eq 1 ]; then
+# new install
+    groupadd ldap 2>/dev/null || true
+    useradd -g ldap -c "LDAP user" -d /var/lib/ldap \
+       -s /bin/false ldap 2>/dev/null || true
+fi
+exit 0
+
+%post -n %{name}-server
+# new install
+if [ $1 -eq 1 ]; then
+    if [ -e /etc/sysconfig/hostname ]; then
+	   HOSTNAME=`cat /etc/sysconfig/hostname`
+	else
+       . %{_sysconfdir}/sysconfig/network
+	fi
+    ldap_hostname=${HOSTNAME/.*}
+    ldap_domain=${HOSTNAME/*.}
+    if [ "$ldap_hostname" ]; then
+       [ "$ldap_domain" ] || ldap_domain=local
+       suffix="dc=${ldap_hostname},dc=${ldap_domain}"
+       rootdn="cn=Manager,${suffix}"
+       sed -i "s|cn=Manager,dc=my-domain,dc=com|${rootdn}|
+               s|dc=my-domain,dc=com|${suffix}|" \
+          %{_sysconfdir}/openldap/slapd.conf
+    fi
+    chkconfig --add openldap
+	systemctl enable openldap.service -q
+fi
+if [ $1 -gt 1 ]; then
+# update
+    sed -i "s|/var/run/openldap|/run/openldap|" %{_sysconfdir}/openldap/slapd.conf
+    if [ -f /var/lib/ldap/openldap-data/ldap-backup.rpm_update ]; then
+    # update from previous LDAP version (rebuild database)
+       echo "Backing up current ldap bdb files into /var/lib/ldap/openldap-data/backup-2.1"
+       mkdir -p /var/lib/ldap/openldap-data/backup-2.1
+       mv /var/lib/ldap/openldap-data/*.bdb /var/lib/ldap/openldap-data/backup-2.1
+       mv /var/lib/ldap/openldap-data/log* /var/lib/ldap/openldap-data/backup-2.1
+       mv /var/lib/ldap/openldap-data/__db.* /var/lib/ldap/openldap-data/backup-2.1
+       echo "Restoring ldap information into new ldap server"
+       slapadd < /var/lib/ldap/openldap-data/ldap-backup.rpm_update
+       chown ldap.ldap /var/lib/ldap/openldap-data/*
+       mv /var/lib/ldap/openldap-data/ldap-backup.rpm_update /var/lib/ldap/openldap-data/backup-2.1
+    fi
+fi
+if [ $1 -ge 1 ]; then
+   systemctl daemon-reload -q
+fi
+exit 0
+
+%preun -n %{name}-server
+#erase
+if [ $1 -eq 0 ]; then
+   service openldap stop
+   chkconfig --del openldap
+   systemctl disable openldap.service -q
+   systemctl daemon-reload -q
+fi
+exit 0
+
+fi
+exit 0
+
+%postun -n %{name}-server
+#update
+if [ $1 -eq 1 ]; then
+    service openldap condrestart
+fi
+exit 0
+
+%files -n lib%{name}
+%defattr(-,root,root)
+%{_libdir}/liblber-*.so.*
+%{_libdir}/libldap-*.so.*
+%{_libdir}/libldap_r-*.so.*
+%doc COPYRIGHT LICENSE
+
+%files -n lib%{name}-devel
+%defattr(-,root,root)
+%{_includedir}/openldap.h
+%{_includedir}/lber.h
+%{_includedir}/lber_types.h
+%{_includedir}/ldap.h
+%{_includedir}/ldap_cdefs.h
+%{_includedir}/ldap_features.h
+%{_includedir}/ldap_schema.h
+%{_includedir}/ldap_utf8.h
+%{_includedir}/ldif.h
+%{_includedir}/slapi-plugin.h
+%{_libdir}/liblber.a
+%{_libdir}/liblber.la
+%{_libdir}/liblber.so
+%{_libdir}/libldap.a
+%{_libdir}/libldap.la
+%{_libdir}/libldap.so
+%{_libdir}/libldap_r.a
+%{_libdir}/libldap_r.la
+%{_libdir}/libldap_r.so
+%doc doc/devel/* doc/drafts/draft*.txt doc/rfc/rfc*.txt
+%doc ANNOUNCEMENT CHANGES README
+
+%files clients
+%defattr(-,root,root)
+%config(noreplace) %{_sysconfdir}/openldap/ldap.conf
+%{_bindir}/ldapexop
+%{_bindir}/ldapadd
+%{_bindir}/ldapdelete
+%{_bindir}/ldapmodify
+%{_bindir}/ldapmodrdn
+%{_bindir}/ldappasswd
+%{_bindir}/ldapsearch
+%{_bindir}/ldapurl
+#%{_bindir}/saucer
+#%{_bindir}/ud
+%{_mandir}/man1/*
+%{_mandir}/man5/*
+
+%files server
+%defattr(-,root,root)
+%dir %{_sysconfdir}/openldap
+%{_sysconfdir}/openldap/DB_CONFIG.example
+%{_sysconfdir}/openldap/slapd.ldif
+%config(noreplace) %attr(640,root,ldap) %{_sysconfdir}/openldap/slapd.conf
+%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/logrotate.d/openldap
+%dir %{_sysconfdir}/openldap/schema
+%{_sysconfdir}/openldap/schema/*
+#%{_initrddir}/openldap
+%{_bindir}/ldapcompare
+%{_bindir}/ldapwhoami
+%{_sbindir}/slapacl
+%{_sbindir}/slapadd
+%{_sbindir}/slapauth
+%{_sbindir}/slapcat
+%{_sbindir}/slapd
+%{_sbindir}/slapdn
+%{_sbindir}/slapindex
+%{_sbindir}/slappasswd
+%{_sbindir}/slapschema
+%{_sbindir}/slaptest
+#%{_sbindir}/slurpd
+%{_unitdir}/openldap.service
+%_tmpfilesdir/openldap.conf
+#%{_datadir}/openldap/ucdata/*
+%dir %attr(700,ldap,ldap) /var/lib/openldap-data
+#%dir %attr(700,ldap,ldap) /var/run/openldap
+%config(noreplace) /var/lib/openldap-data/DB_CONFIG
+%{_mandir}/man3/*
+%{_mandir}/man8/*
+
+%changelog
+* Tue Jun 15 2021 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.58-2mamba
+- legacy package
+
+* Wed Mar 17 2021 Automatic Build System <autodist@mambasoft.it> 2.4.58-1mamba
+- automatic version update by autodist
+
+* Tue Jan 19 2021 Automatic Build System <autodist@mambasoft.it> 2.4.57-1mamba
+- automatic version update by autodist
+
+* Wed Nov 11 2020 Automatic Build System <autodist@mambasoft.it> 2.4.56-1mamba
+- automatic version update by autodist
+
+* Tue Oct 27 2020 Automatic Build System <autodist@mambasoft.it> 2.4.55-1mamba
+- automatic version update by autodist
+
+* Tue Oct 13 2020 Automatic Build System <autodist@mambasoft.it> 2.4.54-1mamba
+- automatic version update by autodist
+
+* Tue Sep 08 2020 Automatic Build System <autodist@mambasoft.it> 2.4.53-1mamba
+- automatic version update by autodist
+
+* Sat Aug 29 2020 Automatic Build System <autodist@mambasoft.it> 2.4.52-1mamba
+- automatic version update by autodist
+
+* Wed Aug 12 2020 Automatic Build System <autodist@mambasoft.it> 2.4.51-1mamba
+- automatic version update by autodist
+
+* Wed Apr 29 2020 Automatic Build System <autodist@mambasoft.it> 2.4.50-1mamba
+- automatic version update by autodist
+
+* Fri Jan 31 2020 Automatic Build System <autodist@mambasoft.it> 2.4.49-1mamba
+- automatic version update by autodist
+
+* Fri Nov 22 2019 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.48-2mamba
+- added debug package
+
+* Thu Aug 01 2019 Automatic Build System <autodist@mambasoft.it> 2.4.48-1mamba
+- automatic version update by autodist
+
+* Thu May 02 2019 Automatic Build System <autodist@mambasoft.it> 2.4.47-1mamba
+- automatic version update by autodist
+
+* Sat Jun 18 2016 Automatic Build System <autodist@mambasoft.it> 2.4.44-1mamba
+- automatic version update by autodist
+
+* Sat Jan 02 2016 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.43-3mamba
+- fix soname of liblmdb.so.0
+
+* Fri Jan 01 2016 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.43-2mamba
+- build and provide liblmdb
+
+* Tue Dec 01 2015 Automatic Build System <autodist@mambasoft.it> 2.4.43-1mamba
+- automatic version update by autodist
+
+* Sun Aug 16 2015 Automatic Build System <autodist@mambasoft.it> 2.4.42-1mamba
+- automatic version update by autodist
+
+* Wed Jul 01 2015 Automatic Build System <autodist@mambasoft.it> 2.4.41-1mamba
+- automatic version update by autodist
+
+* Thu May 14 2015 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.40-2mamba
+- rebuilt with libsasl 2.1.26
+
+* Tue Sep 30 2014 Automatic Build System <autodist@mambasoft.it> 2.4.40-1mamba
+- automatic version update by autodist
+
+* Tue Jan 28 2014 Automatic Build System <autodist@mambasoft.it> 2.4.39-1mamba
+- automatic version update by autodist
+
+* Mon Nov 18 2013 Automatic Build System <autodist@mambasoft.it> 2.4.38-1mamba
+- automatic version update by autodist
+
+* Mon Oct 28 2013 Automatic Build System <autodist@mambasoft.it> 2.4.37-1mamba
+- automatic version update by autodist
+
+* Mon Aug 19 2013 Automatic Build System <autodist@mambasoft.it> 2.4.36-1mamba
+- automatic version update by autodist
+
+* Sat Apr 27 2013 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.35-3mamba
+- move pid to /run, remove timeout in service file, add tmpfiles.d file for /run/openldap
+
+* Fri Apr 12 2013 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.35-2mamba
+- added systemd service file
+
+* Mon Apr 01 2013 Automatic Build System <autodist@mambasoft.it> 2.4.35-1mamba
+- automatic version update by autodist
+
+* Thu Mar 07 2013 Automatic Build System <autodist@mambasoft.it> 2.4.34-1mamba
+- automatic version update by autodist
+
+* Wed Oct 10 2012 Automatic Build System <autodist@mambasoft.it> 2.4.33-1mamba
+- automatic version update by autodist
+
+* Wed Aug 01 2012 Automatic Build System <autodist@mambasoft.it> 2.4.32-1mamba
+- automatic version update by autodist
+
+* Wed May 02 2012 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.31-2mamba
+- rebuilt with libsasl 2.1.25
+
+* Tue Apr 24 2012 Automatic Build System <autodist@mambasoft.it> 2.4.31-1mamba
+- automatic version update by autodist
+
+* Mon Mar 12 2012 Automatic Build System <autodist@mambasoft.it> 2.4.30-1mamba
+- automatic version update by autodist
+
+* Mon Jul 25 2011 Automatic Build System <autodist@mambasoft.it> 2.4.26-1mamba
+- automatic version update by autodist
+
+* Sun Jun 19 2011 Automatic Build System <autodist@mambasoft.it> 2.4.25-1mamba
+- automatic update by autodist
+
+* Wed Mar 09 2011 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.24-1mamba
+- update to 2.4.24
+- remove slurpd support in initscript
+- restore upstream slapd.conf
+
+* Mon Jul 19 2010 Automatic Build System <autodist@mambasoft.it> 2.4.23-1mamba
+- automatic update to 2.4.23 by autodist
+
+* Tue Jun 29 2010 Automatic Build System <autodist@mambasoft.it> 2.4.22-2mamba
+- automatic rebuild by autodist
+
+* Mon Jun 21 2010 Automatic Build System <autodist@mambasoft.it> 2.4.22-1mamba
+- automatic update by autodist
+
+* Tue Feb 09 2010 Automatic Build System <autodist@mambasoft.it> 2.4.21-1mamba
+- automatic update by autodist
+
+* Fri Nov 06 2009 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.19-2mamba
+- rebuilt with evolution patch for ntlm support
+
+* Fri Oct 23 2009 Automatic Build System <autodist@mambasoft.it> 2.4.19-1mamba
+- automatic update by autodist
+
+* Thu Oct 01 2009 Automatic Build System <autodist@mambasoft.it> 2.4.18-1mamba
+- automatic update by autodist
+
+* Wed Jul 29 2009 Automatic Build System <autodist@mambasoft.it> 2.4.17-1mamba
+- automatic update by autodist
+
+* Sun Apr 12 2009 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.16-1mamba
+- automatic update to 2.4.16 by autodist
+
+* Mon Mar 02 2009 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.15-1mamba
+- automatic update by autodist
+
+* Tue Dec 30 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.13-1mamba
+- automatic update by autodist
+
+* Sun Sep 07 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.11-1mamba
+- automatic update to 2.4.11 by autodist
+
+* Tue Jun 17 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.10-1mamba
+- update to 2.4.10
+- libopenldap: removed strict requirement for libsasl with version
+
+* Fri Feb 15 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.7-2mamba
+- remove libopenldap dependency on initscripts
+
+* Mon Jan 21 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.7-1mamba
+- update to 2.4.7
+- /etc/ldap.conf moved from server to library package
+
+* Wed May 24 2006 Davide Madrisan <davide.madrisan@qilinux.it> 2.2.30-2qilnx
+- fixed a stack-based buffer overflow discovered by Secunia (qibug#175)
+
+* Wed Dec 21 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 2.2.30-1qilnx
+- update to version 2.2.30 by autospec
+
+* Mon Nov 07 2005 Stefano Cotta Ramusino <stefano.cotta@qilinux.it> 2.2.29-1qilnx
+- update to version 2.2.29 by autospec
+
+* Fri Sep 16 2005 Davide Madrisan <davide.madrisan@qilinux.it> 2.2.27-3qilnx
+- patch for NTLM support
+
+* Thu Sep 15 2005 Davide Madrisan <davide.madrisan@qilinux.it> 2.2.27-2qilnx
+- rebuilt to fix: libldap_r.so: undefined reference to `pthread_kill'
+
+* Wed Jun 15 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 2.2.27-1qilnx
+- update to version 2.2.27 by autospec
+
+* Tue Jan 11 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 2.2.20-1qilnx
+- update to version 2.2.20 by autospec
+
+* Thu Dec 09 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.2.19-3qilnx
+- don't start service on install
+- use <service> condrestart instead of restart on update
+
+* Mon Dec 06 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.2.19-2qilnx
+- test build for upgrade
+
+* Mon Dec 06 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.2.19-1qilnx
+- new version build
+
+* Thu Oct 28 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.2.18-2qilnx
+- added ldap update scripts for update from version 2.1 to 2.2 (=libdb4 to libdb42)
+
+* Thu Oct 28 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.2.18-1qilnx
+- new version build
+
+* Fri Jul 09 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.30-2qilnx
+- require user authentication to read passwords 
+
+* Thu Apr 22 2004 Davide Madrisan <davide.madrisan@qilinux.it> 2.1.30-1qilnx
+- new version rebuild
+
+* Mon Apr 05 2004 Davide Madrisan <davide.madrisan@qilinux.it> 2.1.29-1qilnx
+- new version rebuild
+
+* Sat Mar 20 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.27-1qilnx
+- new version build
+- logrotate added
+
+* Wed Feb 11 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.26-2qilnx
+- added initscript code to execute db_recover before ldap server
+
+* Tue Feb 03 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.26-1qilnx
+- new version rebuild
+- added initscript code to remove bdb cache files on service startup
+
+* Wed Jan 21 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.25-1qilnx
+- new version rebuild
+
+* Mon Nov 24 2003 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.23-3qilnx
+- changed default password scheme to SSHA (was cleartext)
+- removed initscript reload (not supported by slapd)
+
+* Fri Nov 21 2003 Davide Madrisan <davide.madrisan@qilinux.it> 2.1.23-2qilnx
+- added missing 'Requires'; specfile updates; added documentation and
+  OpenLDAP license files
+
+* Thu Nov 13 2003 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.23-1qilnx
+- new version rebuild
+- added compilation flags for features including sasl
+
+* Mon Sep 29 2003 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.22-4qilnx
+- added configure and make C_INCLUDE_PATH to support db4 includes
+- removed ldap log dir waiting for a way that doesn't use syslog but its own directory
+
+* Mon Sep 15 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.22-3qilnx
+- added support for crypt password
+
+* Fri Jul 25 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.22-2qilnx
+- modified ldap.conf and initscript to correctly support TLS connections
+
+* Thu Jul 24 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.22-1qilnx
+- first build for 2.1.22
+
+* Fri Jun 27 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.17-8qilnx
+- deactivated misc.schema from default configuration
+
+* Wed Jun 25 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.17-7qilnx
+- added "new-style" %%post and %%pre scripts
+
+* Wed Jun 11 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.17-6qilnx
+- fixed initscript chkconfig configuration
+
+* Fri Jun 06 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.17-5qilnx
+- added schema includes in slapd.conf
+- removed .orig config files
+
+* Tue May 27 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.17-4qilnx
+- added ldap user creation
+
+* Tue May 27 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.17-3qilnx
+- added configuration file patch to support pid dir and lib dir (logdir
+  doesn't work yet!)
+
+* Tue May 06 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.17-2qilnx
+- added build requirements
+- fixed sysconfdir location
+
+* Tue Apr 22 2003 Luca Tinelli <luca.tinelli@qinet.it>
+- first build