./databases/openldap, Lightweight Directory Access Protocol meta-package

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.4.44nb1, Package name: openldap-2.4.44nb1, Maintainer: adam

OpenLDAP is an open source implementation of the Lightweight Directory Access
Protocol. This package includes:

* slapd - stand-alone LDAP daemon (server)
* libraries implementing the LDAP protocol
* utilities, tools, and sample clients
* administration guide


Required to run:
[databases/openldap-client] [databases/openldap-server] [databases/openldap-doc]

Version history: (Expand)


CVS history: (Expand)


   2016-03-05 12:29:49 by Jonathan Perkin | Files touched by this commit (1813) | Package updated
Log message:
Bump PKGREVISION for security/openssl ABI bump.
   2016-02-25 12:46:21 by Jonathan Perkin | Files touched by this commit (13)
Log message:
Use OPSYSVARS.
   2016-02-07 09:43:00 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
OpenLDAP 2.4.44 Release (2016/02/05)
Fixed slapd-bdb/hdb missing olcDbChecksum config attr (ITS-8337)
Fixed slapd-mdb behavior with long lived read transactions (ITS-8226)
Fixed slapd-mdb cleanup after failed transaction (ITS-8360)
Fixed slapd-sql missing id_query/olcSqlIdQuery (ITS-8329)
Fixed slapo-accesslog callback initialization (ITS-8351)
Fixed slapo-ppolicy pwdMaxRecordedFailure must never be zero (ITS-8327)
Fixed slapo-syncprov abandon processing (ITS-8354)
Fixed slapo-syncprov ctxcsn snapshot on refresh (ITS-8281, ITS-8365)
Documentation
	admin24 Stop linking to Berkeley DB downloads (ITS-8362)
	admin24 Update documentation for LMDB preference
   2015-12-02 18:04:57 by Adam Ciarcinski | Files touched by this commit (5) | Package updated
Log message:
OpenLDAP 2.4.43 Release (2015/11/30)
	Fixed liblber remove obsolete assert (ITS-8240, ITS-8301)
	Fixed libldap file URLs on windows (ITS-8273)
	Fixed libldap microsecond timer for windows (ITS-8295)
	Fixed slap tools minor one time memory leak (ITS-8082)
	Fixed slapd to avoid redundant processing of abandon ops (ITS-8232)
	Fixed slapd syncrepl segv when present list is NULL (ITS-8231, ITS-8042)
	Fixed slapd segfault with invalid SASL URI (ITS-8218)
	Fixed slapd configuration parser with unbalanced quotes (ITS-8233)
	Fixed slapd syncrepl check with config db on windows (ITS-8277)
	Fixed slapd with mod Increment and inherited attribute type (ITS-8289)
	Fixed slapd-ldap SEGV after failed retry (ITS-8173)
	Fixed slapd-ldap to skip client controls in ldap_back_entry_get (ITS-8244)
	Fixed slapd-null to have an option to return a search entry (ITS-8249)
	Fixed slapd-relay to correctly handle quoted options (ITS-8284)
	Fixed slapo-accesslog delta-sync MMR with interrupted refresh phase (ITS-8281)
	Fixed slapo-dds segfault when using slapo-memberof (ITS-8133)
	Fixed slapo-ppolicy to allow purging of stale pwdFailureTime attributes (ITS-8185)
	Fixed slapo-ppolicy to release entry on failure (ITS-7537)
	Fixed slapo-ppolicy to fall back to default policy if there is a parsing error \ 
(ITS-8234)
	Fixed slapo-syncprov with interrupted refresh phase (ITS-8281)
	Fixed slapo-refint with subtree renames (ITS-8220)
	Fixed slapo-rwm missing olcDropUnrequested attribute (ITS-7889)
	Fixed slapo-rwm parsing to avoid double-escaping rewrite rules (ITS-7964)
	Build Environment
		Fixed ldif-filter option parsing (ITS-8292)
		Fixed slapd-tester EOL handling in test output for windows (ITS-8280)
		Fixed slapd-tester executable suffix for windows (ITS-8216)
		Fixed test061 timing issues (ITS-8297)
	Contrib
		Added libnettle support to pw-pbkdf2 (ITS-8198)
		Fixed smbk5pwd compiler warnings with libnettle (ITS-8235)
		Fixed passwd symbol collisions with other crypto libraries (ITS-8294)
	Documentation
		Updated guide to reflect changes to how TLS is handled with syncrepl
   2015-11-03 02:56:36 by Alistair G. Crooks | Files touched by this commit (368)
Log message:
Add SHA512 digests for distfiles for databases category

Problems found with existing distfiles:
	distfiles/D6.data.ros.gz
	distfiles/cstore0.2.tar.gz
	distfiles/data4.tar.gz
	distfiles/sphinx-2.2.7-release.tar.gz
No changes made to the cstore or mariadb55-client distinfo files.

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-09-14 18:32:27 by Emmanuel Dreyfus | Files touched by this commit (4)
Log message:
Add support for ECDH, from upstream

After the recent logjam attack, longer DH parameter size have been advised.
Unfortunately, this comes with a high computational cost. ECDH is a good
alternative to acheive forward secrecy with lower CPU Loads.

This patch is a backport from upstream ECDH umplementation. ECDH is
enabled by speciying a curve name through the TLSECName directive.
Valid curve names can be obtaines by openssl ecparam -list_curves

Advised usage for a forward-secrecy only setup wiht only ECDH:
TLSCipherSuite EECDH:!RC4:!SHA:!MD5:!DES:!aNULL:!eNULL
TLSECName      prime256v1

If backward compatibility with older clients is required:
TLSCipherSuite EECDH:HIGH:!RC4:!SHA:!MD5:!DES:!aNULL:!eNULL
TLSECName      prime256v1

Backward compatible flavor with more forward secrecy, at
the expense of using costly DH. dh2048.pem is obtained using openssl
dhparam 2048 > /etc/openssl/certs/dh2048.pem
TLSCipherSuite EECDH:EDH:HIGH:!RC4:!SHA:!MD5:!DES:!aNULL:!eNULL
TLSDHParamFile /etc/openssl/certs/dh2048.pem
TLSECName      prime256v1
   2015-08-25 00:35:50 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
OpenLDAP 2.4.42 Release (2015/08/14)
	Fixed liblber address length for CLDAP (ITS 8158)
	Fixed libldap dnssrv potential overflow with port number (ITS 7027,ITS 8195)
	Fixed slapd cn=config when updating olcAttributeTypes (ITS 8199)
	Fixed slapd-mdb to correctly update search candidates for scoped searches (ITS 8203)
	Fixed slapo-ppolicy with redundant mod ops on glued trees (ITS 8184)
	Fixed slapo-rwm crash when deleting rewrite rules (ITS 8213)
	Build Environment
		Fixed libdb detection with gcc 5.x (ITS 8056)
   2015-08-10 14:47:51 by Emmanuel Dreyfus | Files touched by this commit (3)
Log message:
Use OpenSSL libcrypto instead of libdes on NetBSD

All recent NetBSD releases now have an OpenSSL recent enough so
that the DES symbols required by slapo-smbk5pwd can be found in
OpenSSL's libcrypto. We therefore do not need to link with -ldes
anymore, especialy since it now causes a build failure.