./databases/openldap-smbk5pwd, Samba and Kerberos password sync for OpenLDAP

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.4.49, Package name: openldap-smbk5pwd-2.4.49, Maintainer: adam

This slapd overlay automatically perform Kerberos and Samba password
changes when a LDAP password extended operation is done, for instance
using ldappasswd.


Required to run:
[databases/openldap-client] [databases/openldap-server] [databases/db4] [security/heimdal] [security/openssl] [devel/libltdl]

Required to build:
[pkgtools/cwrappers]

Package options: bdb, dso, inet6

Master sites: (Expand)

SHA1: f0caeca122e6f90e6ac5cc8ba36fe9cec13826da
RMD160: c09ca490e1f815e2aea799b1edd340e904233ea0
Filesize: 5571.019 KB

Version history: (Expand)


CVS history: (Expand)


   2020-04-03 12:58:39 by Jonathan Perkin | Files touched by this commit (3)
Log message:
openldap-*: Remove mention of dso option, now default.
   2020-02-10 16:13:07 by Adam Ciarcinski | Files touched by this commit (9) | Package updated
Log message:
openldap: updated to 2.4.49

OpenLDAP 2.4.49:
	Added slapd-monitor database entry count for slapd-mdb
	Fixed client tools to not add controls on cancel/abandon
	Fixed client tools SyncInfo message to be LDIF compliant
	Fixed libldap to correctly free sb
	Fixed libldap descriptor leak if ldaps fails
	Fixed libldap remove unnecessary global mutex for GnuTLS
	Fixed slapd syntax evaluation of preferredDeliveryMethod
	Fixed slapd to relax domainScope control check
	Fixed slapd to have cleaner error handling during connection setup
	Fixed slapd data check when processing cancel exop
	Fixed slapd attribute description processing
	Fixed slapd-ldap to set oldctrls correctly
	Fixed slapd-mdb to honor unchecked limit with alias deref
	Fixed slapd-mdb missing final commit with slapindex
	Fixed slapd-mdb drop attr mappings added in an aborted txn
	Fixed slapd-mdb nosync FLAG configuration handling
	Fixed slapd-monitor global operation counter reporting
	Fixed slapo-ppolicy when used with slapauth
	Fixed slapo-ppolicy to add a missed normalised copy of pwdChangedTime
	Fixed slapo-syncprov fix sessionlog init
	Fixed slapo-unique loop termination
	Build Environment
		Fix mkdep to honor TMPDIR if set
		Remove ICU library detection
		Update config.guess and config.sub to support newer architectures
		Disable ITS8521 regression test as it is no longer valid
	Documentation
		admin24 - Fix inconsistent whitespace in replication section
		slapd-config(5)/slapd.conf(5) - Fix missing bold tag for keyword
		slapd-ldap(5) - Document "tls none" option
		slapo-ppolicy(5) - Correctly document pwdGraceAuthnLimit
   2020-01-18 22:51:16 by Jonathan Perkin | Files touched by this commit (1836)
Log message:
*: Recursive revision bump for openssl 1.1.1.
   2017-06-02 10:29:57 by Adam Ciarcinski | Files touched by this commit (14) | Package updated
Log message:
OpenLDAP 2.4.45 Release (2017/06/01)
	Added slapd support for OpenSSL 1.1.0 series (ITS-8353, ITS-8533, ITS-8634)
	Fixed libldap to fail ldap_result if the handle is already bad (ITS-8585)
	Fixed libldap to expose error if user specified CA doesn't exist (ITS-8529)
	Fixed libldap handling of Diffie-Hellman parameters (ITS-7506)
	Fixed libldap GnuTLS use after free (ITS-8385)
	Fixed libldap SASL initialization (ITS-8648)
	Fixed slapd bconfig rDN escape handling (ITS-8574)
	Fixed slapd segfault with invalid hostname (ITS-8631)
	Fixed slapd sasl SEGV rebind in same session (ITS-8568)
	Fixed slapd syncrepl filter handling (ITS-8413)
	Fixed slapd syncrepl infinite looping mods with delta-sync MMR (ITS-8432)
	Fixed slapd callback struct so older modules without writewait should function.
                    Custom modules may need to be updated for sc_writewait \ 
callback (ITS-8435)
	Fixed slapd-ldap/meta broken LDAP_TAILQ macro (ITS-8576)
	Fixed slapd-mdb so it passes ITS6794 regression test (ITS-6794)
	Fixed slapd-mdb double free with size zero paged result (ITS-8655)
	Fixed slapd-meta uninitialized diagnostic message (ITS-8442)
	Fixed slapo-accesslog to honor pauses during purge for cn=config update (ITS-8423)
	Fixed slapo-accesslog with multiple modifications to the same attribute (ITS-6545)
	Fixed slapo-relay to correctly initialize sc_writewait (ITS-8428)
	Fixed slapo-sssvlv double free (ITS-8592)
	Fixed slapo-unique with empty modifications (ITS-8266)
	Build Environment
		Added test065 for proxyauthz (ITS-8571)
		Fix test008 to be portable (ITS-8414)
		Fix test064 to wait for slapd to start (ITS-8644)
		Fix its4336 regression test (ITS-8534)
		Fix its4337 regression test (ITS-8535)
		Fix regression tests to execute on all backends (ITS-8539)
	Contrib
		Added slapo-autogroup(5) man page (ITS-8569)
		Added passwd missing conversion scripts for apr1 (ITS-6826)
		Fixed contrib modules where the writewait callback was not correctly \ 
initialized (ITS-8435)
		Fixed smbk5pwd to build with newer OpenSSL releases (ITS-8525)
	Documentation
		admin24 fixed tls_cipher_suite bindconf option (ITS-8099)
		admin24 fixed typo cn=config to be slapd.d (ITS-8449)
		admin24 fixed slapo-syncprov information to be curent (ITS-8253)
		admin24 fixed typo in access control docs (ITS-7341, ITS-8391)
		admin24 fixed minor typo in tuning guide (ITS-8499)
		admin24 fixed information about the limits option (ITS-7700)
		admin24 fixed missing options for syncrepl configuration (ITS-7700)
		admin24 fixed accesslog documentation to note it should not be replicated \ 
(ITS-8344)
		Fixed ldap.conf(5) missing information on SASL_NOCANON option (ITS-7177)
		Fixed ldapsearch(1) information on the V[V] flag behavior (ITS-7177, ITS-6339)
		Fixed slapd-config(5), slapd.conf(5) clarification on interval keyword for \ 
refreshAndPersist (ITS-8538)
		Fixed slapd-config(5), slapd.conf(5) clarify serverID requirements (ITS-8635)
		Fixed slapd-config(5), slapd.conf(5) clarification on loglevel settings (ITS-8123)
		Fixed slapo-ppolicy(5) to clearly note rootdn requirement (ITS-8565)
		Fixed slapo-memberof(5) to note it is not safe to use with replication (ITS-8613)
		Fixed slapo-syncprov(5) documentation to be current (ITS-8253)
		Fixed slapadd(8) manpage to note slapd-mdb (ITS-8215)
		Fixed various minor grammar issues in the man pages (ITS-8544)
		Fixed various typos (ITS-8587)
   2016-12-12 15:22:04 by Thomas Klausner | Files touched by this commit (30)
Log message:
Revert "Specify readline requirement on 30 packages"

Many of these definitely do not depend on readline.
So there must be a different underlying problem, and that
should be tracked down instead of papering over it.
   2016-12-04 04:51:17 by John Marino | Files touched by this commit (30)
Log message:
Specify readline requirement on 30 packages

Solves:
/usr/libexec/binutils225/elf/ld.gold: error: cannot find -lreadline

The missing specification is obvious on DragonFly because there's
no publically accessible version of readline in base.
   2016-10-30 06:04:10 by Emmanuel Dreyfus | Files touched by this commit (3)
Log message:
Use newer DES API so that smbk5pwd loads with newer OpenSSL

OpenSSL removed old DES API which used des_* functions.
https://github.com/openssl/openssl/comm … 349f3f316f

In order to link with libcrypto from recent OpenSSL releases, we need
to replace the older API des_* functions by the newer API DES_* functions.

Submitted upstream as ITS#8525
http://www.openldap.org/its/index.cgi/Incoming?id=8525
   2016-03-05 12:29:49 by Jonathan Perkin | Files touched by this commit (1813) | Package updated
Log message:
Bump PKGREVISION for security/openssl ABI bump.