rpms/nss_ldap/devel nss_ldap-257-mozldap.patch,NONE,1.1
Nalin Somabhai Dahyabhai (nalin)
fedora-extras-commits at redhat.com
Wed Dec 5 15:56:07 UTC 2007
Author: nalin
Update of /cvs/pkgs/rpms/nss_ldap/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv11509
Added Files:
nss_ldap-257-mozldap.patch
Log Message:
- patch to allow compiling with mozldap
nss_ldap-257-mozldap.patch:
--- NEW FILE nss_ldap-257-mozldap.patch ---
Go back to using AC_TRY_COMPILE to detect <ldap_ssl.h>, which requires
that <ldap.h> be included before it.
Use the draft-specified value "0" instead of a preprocessor define which
mozldap doesn't provide (LDAP_OPT_SUCCESS).
Don't fail to compile if libldap doesn't provide ldap_create_control(),
just fail at run-time if we try to use it.
Only try to set non-portable options that the libldap which is being used
supports.
Don't depend on ldap_alloc_ber_with_options() being there; fall back to
either ber_alloc_t() or the deprecated der_alloc().
Learn about Mozilla LDAP 6.
Prefer </usr/include/nss.h> to <nss.h>, because <nss.h> can also be the
security toolkit used by Mozilla's LDAP SDK rather than libc's nsswitch
header, and if we've set the include path, we could be screwed.
Strip off any '/' which appears in our hostname before passing it to
ldap_init().
diff -up nss_ldap/configure.in nss_ldap/configure.in
--- nss_ldap/configure.in 2007-11-14 14:21:54.000000000 -0500
+++ nss_ldap/configure.in 2007-11-14 15:01:32.000000000 -0500
@@ -41,7 +41,7 @@ dnl
AC_ARG_ENABLE(configurable-krb5-ccname-env, [ --enable-configurable-krb5-ccname-env enable configurable Kerberos V credentials cache name (putenv method)], [AC_DEFINE(CONFIGURE_KRB5_CCNAME) AC_DEFINE(CONFIGURE_KRB5_CCNAME_ENV)])
AC_ARG_ENABLE(configurable-krb5-ccname-gssapi, [ --enable-configurable-krb5-ccname-gssapi enable configurable Kerberos V credentials cache name (gssapi method)], [AC_DEFINE(CONFIGURE_KRB5_CCNAME) AC_DEFINE(CONFIGURE_KRB5_CCNAME_GSSAPI)])
-AC_ARG_WITH(ldap-lib, [ --with-ldap-lib=type select ldap library [auto|netscape5|netscape4|netscape3|umich|openldap]])
+AC_ARG_WITH(ldap-lib, [ --with-ldap-lib=type select ldap library [auto|mozilla|netscape5|netscape4|netscape3|umich|openldap]])
AC_ARG_WITH(ldap-dir, [ --with-ldap-dir=DIR base directory of LDAP SDK])
AC_ARG_WITH(ldap-conf-file, [ --with-ldap-conf-file path to LDAP configuration file],
[ NSS_LDAP_PATH_CONF="$with_ldap_conf_file" ],
@@ -132,17 +132,18 @@ AC_SUBST(NSS_LDAP_LDFLAGS)
AC_CHECK_HEADERS(lber.h)
AC_CHECK_HEADERS(ldap.h, , AC_MSG_ERROR(could not locate <ldap.h>))
-AC_CHECK_HEADERS(ldap_ssl.h)
+dnl AC_CHECK_HEADERS(ldap_ssl.h)
-dnl AC_MSG_CHECKING(for ldap_ssl.h)
-dnl AC_TRY_COMPILE([#include <sys/types.h>
-dnl #include <ldap.h>
-dnl #include <ldap_ssl.h>], ,
-dnl [
-dnl AC_MSG_RESULT(yes),
-dnl AC_DEFINE(HAVE_LDAP_SSL_H, 1)
-dnl ],
-dnl AC_MSG_RESULT(no))
+AC_MSG_CHECKING(for ldap_ssl.h)
+AC_TRY_COMPILE([
+ #include <sys/types.h>
+ #include <ldap.h>
+ #include <ldap_ssl.h>],[],
+ [
+ AC_MSG_RESULT(yes)
+ AC_DEFINE(HAVE_LDAP_SSL_H,1,[Define if you have <ldap_ssl.h>.])
+ ],
+ AC_MSG_RESULT(no))
# For HP-UX and AIX we use private API, the headers for which
# are included locally. We need to do something to stop both
@@ -150,7 +151,8 @@ dnl AC_MSG_RESULT(no))
case "$target_os" in
aix*) AC_CHECK_HEADERS(irs.h usersec.h) ;;
hpux*) AC_CHECK_HEADERS(nsswitch.h) ;;
- *) AC_CHECK_HEADERS(nss.h)
+ *) AC_CHECK_HEADERS(/usr/include/nss.h)
+ AC_CHECK_HEADERS(nss.h)
AC_CHECK_HEADERS(nsswitch.h)
AC_CHECK_HEADERS(irs.h) ;;
esac
@@ -297,6 +299,9 @@ if test -z "$found_ldap_lib" -a \( $with
AC_CHECK_LIB(lber, main)
AC_CHECK_LIB(ldap, main, [LIBS="-lldap $LIBS" found_ldap_lib=yes],,$LIBS)
fi
+if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = mozilla \); then
+AC_CHECK_LIB(ldap60, main, LIBS="-lssldap60 -lprldap60 -lldap60 -lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4 $LIBS" found_ldap_lib=yes need_pthread=yes,, -lpthread)
+fi
if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = netscape5 \); then
AC_CHECK_LIB(ldap50, main, LIBS="-lldap50 -lssldap50 -lssl3 -lnss3 -lnspr4 -lprldap50 -lplc4 -lplds4 $LIBS" found_ldap_lib=yes need_pthread=yes,, -lpthread)
fi
@@ -331,6 +336,7 @@ AC_CHECK_FUNCS(ldap_init ldap_get_lderrn
AC_CHECK_FUNCS(ldap_ld_free ldap_explode_rdn ldap_set_option ldap_get_option)
AC_CHECK_FUNCS(ldap_sasl_interactive_bind_s ldap_initialize ldap_search_ext)
AC_CHECK_FUNCS(ldap_create_control ldap_create_page_control ldap_parse_page_control)
+AC_CHECK_FUNCS(ldap_alloc_ber_with_options ber_alloc_t der_alloc)
if test "$enable_ssl" \!= "no"; then
AC_CHECK_FUNCS(ldapssl_client_init ldap_start_tls_s ldap_pvt_tls_set_option ldap_start_tls)
fi
diff -up nss_ldap/ldap-nss.h nss_ldap/ldap-nss.h
--- nss_ldap/ldap-nss.h 2007-11-14 14:21:54.000000000 -0500
+++ nss_ldap/ldap-nss.h 2007-11-14 15:05:57.000000000 -0500
@@ -58,6 +58,8 @@
#include <nss_common.h>
#include <nss_dbdefs.h>
#include <nsswitch.h>
+#elif defined(HAVE__USR_INCLUDE_NSS_H)
+#include </usr/include/nss.h>
#elif defined(HAVE_NSS_H)
#include <nss.h>
#elif defined(HAVE_IRS_H)
diff -up nss_ldap/ldap-nss.c nss_ldap/ldap-nss.c
--- nss_ldap/ldap-nss.c 2007-11-14 14:21:54.000000000 -0500
+++ nss_ldap/ldap-nss.c 2007-11-14 14:21:54.000000000 -0500
@@ -1069,6 +1069,23 @@ do_init_session (LDAP ** ld, const char
defport = atoi (p + 1);
uri = uribuf;
}
+ else
+ {
+ size_t urilen = strlen(uri);
+
+ if (urilen >= sizeof (uribuf))
+ {
+ return NSS_UNAVAIL;
+ }
+
+ memcpy (uribuf, uri, urilen);
+ uribuf[urilen] = '\0';
+
+ if ((urilen > 0) && (uribuf[urilen - 1] == '/'))
+ uribuf[urilen - 1] = '\0';
+
+ uri = uribuf;
+ }
# ifdef HAVE_LDAP_INIT
*ld = ldap_init (uri, defport);
@@ -1537,7 +1554,7 @@ do_open (void)
if (ldap_get_option
(__session.ls_conn, LDAP_OPT_PROTOCOL_VERSION,
- &version) == LDAP_OPT_SUCCESS)
+ &version) == 0)
{
if (version < LDAP_VERSION3)
{
@@ -1697,6 +1714,7 @@ do_ssl_options (ldap_config_t * cfg)
}
#endif /* LDAP_OPT_X_TLS_RANDOM_FILE */
+#ifdef LDAP_OPT_X_TLS_CACERTFILE
if (cfg->ldc_tls_cacertfile != NULL)
{
/* ca cert file */
@@ -1709,7 +1727,9 @@ do_ssl_options (ldap_config_t * cfg)
return LDAP_OPERATIONS_ERROR;
}
}
+#endif
+#ifdef LDAP_OPT_X_TLS_CACERTDIR
if (cfg->ldc_tls_cacertdir != NULL)
{
/* ca cert directory */
@@ -1722,7 +1742,9 @@ do_ssl_options (ldap_config_t * cfg)
return LDAP_OPERATIONS_ERROR;
}
}
+#endif
+#ifdef LDAP_OPT_X_TLS_REQUIRE_CERT
/* require cert? */
if (cfg->ldc_tls_checkpeer > -1)
{
@@ -1735,7 +1757,9 @@ do_ssl_options (ldap_config_t * cfg)
return LDAP_OPERATIONS_ERROR;
}
}
+#endif
+#ifdef LDAP_OPT_X_TLS_CIPHER_SUITE
if (cfg->ldc_tls_ciphers != NULL)
{
/* set cipher suite, certificate and private key: */
@@ -1748,7 +1772,9 @@ do_ssl_options (ldap_config_t * cfg)
return LDAP_OPERATIONS_ERROR;
}
}
+#endif
+#ifdef LDAP_OPT_X_TLS_CERTFILE
if (cfg->ldc_tls_cert != NULL)
{
rc = ldap_set_option (NULL, LDAP_OPT_X_TLS_CERTFILE, cfg->ldc_tls_cert);
@@ -1759,7 +1785,9 @@ do_ssl_options (ldap_config_t * cfg)
return LDAP_OPERATIONS_ERROR;
}
}
+#endif
+#ifdef LDAP_OPT_X_TLS_CERTFILE
if (cfg->ldc_tls_key != NULL)
{
rc = ldap_set_option (NULL, LDAP_OPT_X_TLS_KEYFILE, cfg->ldc_tls_key);
@@ -1770,6 +1798,7 @@ do_ssl_options (ldap_config_t * cfg)
return LDAP_OPERATIONS_ERROR;
}
}
+#endif
debug ("<== do_ssl_options");
diff -up nss_ldap/pagectrl.c nss_ldap/pagectrl.c
--- nss_ldap/pagectrl.c 2007-08-03 00:51:09.000000000 -0400
+++ nss_ldap/pagectrl.c 2007-11-14 14:21:54.000000000 -0500
@@ -38,6 +38,17 @@ static char rcsId[] = "$Id: pagectrl.c,v
#define LDAP_CONTROL_PAGE_OID "1.2.840.113556.1.4.319"
#endif
+#ifndef HAVE_LDAP_CREATE_CONTROL
+#define ldap_create_control _nss_ldap_fail_to_create_control
+static int
+ldap_create_control(const char *oid, BerElement *value,
+ int iscritical, LDAPControl ** ctrlp)
+{
+ *ctrlp = NULL;
+ return LDAP_ENCODING_ERROR;
+}
+#endif
+
#ifndef HAVE_LDAP_CREATE_PAGE_CONTROL
/*---
ldap_create_page_control
@@ -78,9 +89,6 @@ static char rcsId[] = "$Id: pagectrl.c,v
---*/
-#ifndef HAVE_LDAP_CREATE_CONTROL
-#error LDAP client library does not support ldap_create_control()
-#else
int
ldap_create_page_control (LDAP * ld,
unsigned long pagesize,
@@ -97,10 +105,24 @@ ldap_create_page_control (LDAP * ld,
return (LDAP_PARAM_ERROR);
}
+#ifdef HAVE_LDAP_ALLOC_BER_WITH_OPTIONS
if ((ber = ldap_alloc_ber_with_options (ld)) == NULL)
{
return (LDAP_NO_MEMORY);
}
+#elif defined(HAVE_BER_ALLOC_T) && defined(LBER_USE_DER)
+ if ((ber = ber_alloc_t(LBER_USE_DER)) == NULL)
+ {
+ return (LDAP_NO_MEMORY);
+ }
+#elif defined(HAVE_DER_ALLOC)
+ if ((ber = der_alloc()) == NULL)
+ {
+ return (LDAP_NO_MEMORY);
+ }
+#else
+ return (LDAP_NO_MEMORY);
+#endif
tag = ber_printf (ber, "{i", pagesize);
if (tag == LBER_ERROR)
@@ -126,7 +148,6 @@ exit:
ber_free (ber, 1);
return (LDAP_ENCODING_ERROR);
}
-#endif /* HAVE_LDAP_CREATE_CONTROL */
#endif /* HAVE_LDAP_CREATE_PAGE_CONTROL */
#ifndef HAVE_LDAP_PARSE_PAGE_CONTROL
@@ -154,9 +175,6 @@ exit:
---*/
-#ifndef HAVE_LDAP_CREATE_CONTROL
-#error LDAP client library does not support ldap_create_control()
-#else
int
ldap_parse_page_control (LDAP * ld,
LDAPControl ** ctrls,
@@ -222,5 +240,4 @@ foundPageControl:
return (LDAP_SUCCESS);
}
-#endif /* HAVE_LDAP_CREATE_CONTROL */
#endif /* HAVE_LDAP_PARSE_PAGE_CONTROL */
More information about the fedora-extras-commits
mailing list