./databases/openldap-client, Lightweight Directory Access Protocol libraries and client programs

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.4.48, Package name: openldap-client-2.4.48, Maintainer: adam

OpenLDAP is an open source implementation of the Lightweight Directory Access
Protocol. This package includes:

* libraries implementing the LDAP protocol
* utilities, tools, and sample clients


Required to build:
[pkgtools/cwrappers]

Package options: inet6

Master sites: (Expand)

SHA1: c1984e80f6db038b317bf931866adb38e5537dcd
RMD160: c91aa87634856d84386d2d8498b647ea2b1b7521
Filesize: 5571.175 KB

Version history: (Expand)


CVS history: (Expand)


   2019-08-03 08:46:52 by Adam Ciarcinski | Files touched by this commit (8) | Package updated
Log message:
openldap: updated to 2.4.48

OpenLDAP 2.4.48
	Added libldap OpenSSL Elliptic Curve support
	Added libldap Expose OpenLDAP specific interfaces via openldap.h
	Added slapd-monitor support for slapd-mdb
	Fixed liblber leaks
	Fixed liblber with partial flush
	Fixed libldap ASYNC TLS so it works
	Fixed libldap ASYNC connections with Solaris 10
	Fixed libldap with SASL_NOCANON=on and ldapi connections
	Fixed libldap to be able to unset syncrepl TLS options
	Fixed libldap race condition in ldap_int_initialize
	Fixed libldap return code in ldap_create_assertion_control_value
	Fixed libldap to correctly disable IPv6 when configured to do so
	Fixed libldap to correctly close TLS connection
	Fixed libldap_r handling of deprecated OpenSSL function
	Fixed liblunicode case correspondance
	Fixed slapd with an idletimeout of less than four seconds
	Fixed slapd config parser variable for Windows64
	Fixed slapd syncrepl fallback handling with delta-syncrepl
	Fixed slapd telephoneNumberNormalize, cert DN validation
	Fixed slapd syncrepl for relax with delta-syncrepl
	Fixed slapd to restrict rootDN proxyauthz to its own databases
	Fixed slapd to initialize SASL SSF per connection
	Fixed slapo-accesslog with SLAP_MOD_SOFT modifications
	Fixed slapd-ldap starttls connections timeout behavior
	Fixed slapd-ldap segfault when entry result doesn't match filter
	Fixed slapd-meta conversion from slapd.conf to cn=config
	Fixed slapd-meta assertion when network interface goes down
	Fixed slapd-mdb fix bitshift integer overflow
	Fixed slapd-mdb index cleanup with cn=config
	Fixed slapd-mdb to improve performance with alias deref
	Fixed slapo-accesslog possible assert with exops
	Fixed slapo-chain to correctly reject multiple chaining URIs
	Fixed slapo-chain conversion from slapd.conf to cn=config
	Fixed slapo-memberof conversion from slapd.conf to cn=config
	Fixed slapo-memberof for group name change to itself
	Fixed slapo-ppolicy behavior when pwdInHistory is changed
	Fixed slapo-rwm to not free original filter
	Fixed slapo-syncprov contextCSN generation
	Build Environment
		Fixed slapd to only link to BDB libraries with static build
		Fixed libldap implicit declaration with LDAP_CONNECTIONLESS
		Fixed libldap double inclusion of limits.h in cyrus.c
	Documentation
		General - Fixed minor typos
		admin24 - Miscellaneous updates promoting mdb and fixing examples
		slapd.access(5) - Note MDB is the primary backend
		slapd.backends(5) - Note MDB is the recommended backend
		slapd-ldap(5) - Document starttls parameter
	Contrib
		Added slapo-lastbind capability to forward authTimestamp updates
   2019-05-02 12:59:13 by Jonathan Perkin | Files touched by this commit (2)
Log message:
openldap-client: Fix FD_SETSIZE on SunOS 64-bit.

The OS default is 64k but OpenLDAP sets a hardcoded limit of 4k.  Bump
PKGREVISION.
   2018-12-20 18:54:09 by Adam Ciarcinski | Files touched by this commit (8) | Package updated
Log message:
openldap: updated to 2.4.47

OpenLDAP 2.4.47:
Added slapd-sock DN qualifier for subtrees to be processed
Added slapd-sock ability to send extended operations to external listeners
Fixed liblber to avoid incremental access to user-supplied bv in dupbv
Fixed libldap dn to domain parsing with bad input
Fixed slapd slapcat to correctly honor -g option
Fixed slapd to correctly handle NO_SUCH_OBJECT with dynamic groups
Fixed slapd to check status of rdnNormalize
Fixed slapd cn=config when modifying slapo-syncprov config
Fixed slapd sasl authz-policy "all" behavior
Fixed slapd sasl minor typo
Fixed slapd to correctly hide hidden DBs in the rootDSE
Fixed slapd domainScope control to match Microsoft specification
Fixed slapd-bdb/hdb/mdb to not convert certain IDLs to ranges
Fixed slapo-accesslog deadlock during cleanup
Fixed slapo-memberof cn=config modifications
Fixed slapo-ppolicy with multimaster replication
Fixed slapo-syncprov with NULL modlist
Build Environment
	Added slapd reproducible build support
	Fixed missing includes with OpenSSL 1.0.2
Contrib
	Fixed slapo-pbkdf2 hash generation
Documentation
	admin24 fixed minor typo
   2018-04-02 15:40:45 by Adam Ciarcinski | Files touched by this commit (5) | Package updated
Log message:
openldap: updated to 2.4.46

OpenLDAP 2.4.46 Release (2018/03/22)
	Fixed libldap connection delete callbacks when TLS fails to start
	Fixed libldap to not reuse tls_session if TLS hostname check fails
	Fixed libldap cross-compiling with OpenSSL 1.1
	Fixed libldap OpenSSL 1.1.1 compatibility with BIO_method
	Fixed libldap MozNSS CA certificate hash matching
	Fixed libldap MozNSS with PEM certs when also using an NSS cert db
	Fixed libldap MozNSS initialization
	Fixed libldap GnuTLS with GNUTLS_E_AGAIN
	Fixed libldap memory leak with cancel operations
	Fixed slapd Eventlog registry key creation on 64-bit Windows
	Fixed slapd to maintain SSF across SASL binds
	Fixed slapd syncrepl deadlock when updating cookie
	Fixed slapd syncrepl callback to always be last in the stack
	Fixed slapd telephoneNumberNormalize when the value is spaces and hyphens
	Fixed slapd CSN queue processing
	Fixed slapd-ldap TLS connection timeout with high latency connections
	Fixed slapd-ldap to ignore unknown schema when omit-unknown-schema is set
	Fixed slapd-mdb with an optimization for long lived read transactions
	Fixed slapd-meta assert when olcDbRewrite is modified
	Fixed slapd-sock with LDAP_MOD_INCREMENT operations
	Fixed slapo-accesslog cleanup to only occur on failed operations
	Fixed slapo-dds entryTTL to actually decrease as per RFC 2589
	Fixed slapo-syncprov memory leak with delete operations
	Fixed slapo-syncprov to not clear pending operation when checkpointing
	Fixed slapo-syncprov to correctly record contextCSN values in the accesslog
	Fixed slapo-syncprov not to log checkpoints to accesslog db
	Fixed slapo-syncprov to process changes from this SID on REFRESH
	Fixed slapo-syncprov session log parsing to not block other operations
	Build Environment
		Fixed Windows build with newer MINGW version
		Fixed compiler warnings and removed unused variables
	Contrib
		Fixed ldapc++ Control structure
	Documentation
		Delete stub manpage for back-ldbm
		Fixed ldap_bind(3) to mention the LDAP_SASL_SIMPLE mechanism
		Fixed ldap.conf(5) to note SASL_MECH/SASL_REALM are no longer user-only
		Fixed slapd-config(5) typo for olcTLSCipherSuite
		Fixed slapo-syncprov(5) indexing requirements
   2018-01-07 14:04:44 by Roland Illig | Files touched by this commit (583)
Log message:
Fix indentation in buildlink3.mk files.

The actual fix as been done by "pkglint -F */*/buildlink3.mk", and was
reviewed manually.

There are some .include lines that still are indented with zero spaces
although the surrounding .if is indented. This is existing practice.
   2017-06-02 10:29:57 by Adam Ciarcinski | Files touched by this commit (14) | Package updated
Log message:
OpenLDAP 2.4.45 Release (2017/06/01)
	Added slapd support for OpenSSL 1.1.0 series (ITS-8353, ITS-8533, ITS-8634)
	Fixed libldap to fail ldap_result if the handle is already bad (ITS-8585)
	Fixed libldap to expose error if user specified CA doesn't exist (ITS-8529)
	Fixed libldap handling of Diffie-Hellman parameters (ITS-7506)
	Fixed libldap GnuTLS use after free (ITS-8385)
	Fixed libldap SASL initialization (ITS-8648)
	Fixed slapd bconfig rDN escape handling (ITS-8574)
	Fixed slapd segfault with invalid hostname (ITS-8631)
	Fixed slapd sasl SEGV rebind in same session (ITS-8568)
	Fixed slapd syncrepl filter handling (ITS-8413)
	Fixed slapd syncrepl infinite looping mods with delta-sync MMR (ITS-8432)
	Fixed slapd callback struct so older modules without writewait should function.
                    Custom modules may need to be updated for sc_writewait \ 
callback (ITS-8435)
	Fixed slapd-ldap/meta broken LDAP_TAILQ macro (ITS-8576)
	Fixed slapd-mdb so it passes ITS6794 regression test (ITS-6794)
	Fixed slapd-mdb double free with size zero paged result (ITS-8655)
	Fixed slapd-meta uninitialized diagnostic message (ITS-8442)
	Fixed slapo-accesslog to honor pauses during purge for cn=config update (ITS-8423)
	Fixed slapo-accesslog with multiple modifications to the same attribute (ITS-6545)
	Fixed slapo-relay to correctly initialize sc_writewait (ITS-8428)
	Fixed slapo-sssvlv double free (ITS-8592)
	Fixed slapo-unique with empty modifications (ITS-8266)
	Build Environment
		Added test065 for proxyauthz (ITS-8571)
		Fix test008 to be portable (ITS-8414)
		Fix test064 to wait for slapd to start (ITS-8644)
		Fix its4336 regression test (ITS-8534)
		Fix its4337 regression test (ITS-8535)
		Fix regression tests to execute on all backends (ITS-8539)
	Contrib
		Added slapo-autogroup(5) man page (ITS-8569)
		Added passwd missing conversion scripts for apr1 (ITS-6826)
		Fixed contrib modules where the writewait callback was not correctly \ 
initialized (ITS-8435)
		Fixed smbk5pwd to build with newer OpenSSL releases (ITS-8525)
	Documentation
		admin24 fixed tls_cipher_suite bindconf option (ITS-8099)
		admin24 fixed typo cn=config to be slapd.d (ITS-8449)
		admin24 fixed slapo-syncprov information to be curent (ITS-8253)
		admin24 fixed typo in access control docs (ITS-7341, ITS-8391)
		admin24 fixed minor typo in tuning guide (ITS-8499)
		admin24 fixed information about the limits option (ITS-7700)
		admin24 fixed missing options for syncrepl configuration (ITS-7700)
		admin24 fixed accesslog documentation to note it should not be replicated \ 
(ITS-8344)
		Fixed ldap.conf(5) missing information on SASL_NOCANON option (ITS-7177)
		Fixed ldapsearch(1) information on the V[V] flag behavior (ITS-7177, ITS-6339)
		Fixed slapd-config(5), slapd.conf(5) clarification on interval keyword for \ 
refreshAndPersist (ITS-8538)
		Fixed slapd-config(5), slapd.conf(5) clarify serverID requirements (ITS-8635)
		Fixed slapd-config(5), slapd.conf(5) clarification on loglevel settings (ITS-8123)
		Fixed slapo-ppolicy(5) to clearly note rootdn requirement (ITS-8565)
		Fixed slapo-memberof(5) to note it is not safe to use with replication (ITS-8613)
		Fixed slapo-syncprov(5) documentation to be current (ITS-8253)
		Fixed slapadd(8) manpage to note slapd-mdb (ITS-8215)
		Fixed various minor grammar issues in the man pages (ITS-8544)
		Fixed various typos (ITS-8587)
   2016-12-13 11:38:06 by Havard Eidnes | Files touched by this commit (5) | Package updated
Log message:
Apply fix from https://bugzilla.redhat.com/show_bug.cgi?id=1238322
Incorrect multi-keyword mode cipherstring parsing.
Fixes CVE-2015-3276.
Submitted upstream as ITS#8543, it apparently wasn't already(!)
http://www.openldap.org/its/index.cgi/Incoming?id=8543

Bump PKGREVISION for both openldap, openldap-server and openldap-client
(to be on the safe side...)
   2016-03-05 12:29:49 by Jonathan Perkin | Files touched by this commit (1813) | Package updated
Log message:
Bump PKGREVISION for security/openssl ABI bump.