summaryrefslogtreecommitdiffstats
path: root/abs/core/openldap
diff options
context:
space:
mode:
authorJames Meyer <james.meyer@operamail.com>2013-02-19 21:10:18 (GMT)
committerJames Meyer <james.meyer@operamail.com>2013-02-19 21:10:18 (GMT)
commit2648e999d277eac5c3d331a3609bcc73fafbea71 (patch)
tree40951fb8e7fdbe28a0baa324ae615055203f1e2e /abs/core/openldap
parentc759b5e0c4aa6fc37412b4dee2cf9ad993fd376d (diff)
parent7e6f7ca174e1af67178dc5293a312a4a733eb095 (diff)
downloadlinhes_pkgbuild-2648e999d277eac5c3d331a3609bcc73fafbea71.zip
linhes_pkgbuild-2648e999d277eac5c3d331a3609bcc73fafbea71.tar.gz
linhes_pkgbuild-2648e999d277eac5c3d331a3609bcc73fafbea71.tar.bz2
Merge branch 'testing'
# By James Meyer (1091) and others # Via James Meyer (5) and others * testing: (1148 commits) LinHES-config: during install don't kill off lirc. This keeps the remote active all the way to the finish Change version numbers to 8.0 to match the release number. LinHES-conifg LinHES-system mythdb-initial runit-scripts supplemental-web LinHES-conifig: mv_install.py for the last partition don't go all the way to the end. Gotta leave room for gpt tables. xf86-video-ati: xorg ati driver. LinHES-config: timezip.py add syncing up of parental lvl passwords and starting level with MBE. LinHES-system: correct the logic for breaking out of the wmctrl loop. As written it would break out of the inner loop..but not the 60 iteration loop. e16_theme_settings: remove slide-in prop for new windows. For whatever reason this was preventing mplayer from being positioned correctly for appletrailers. LinHES-config, mythinstall: change case of hd_pvr and serial to all lower refs #902 zilog-firmware: firmware for TX support of the hdpvr and pvr-150 In general I can't recommend anybody using these transmitters but including the firmware just in case someone really wants to linhes-udev-rules: added hdprv_lirc rule. All of these lirc rules are limited to exactly one device. If more then one device is present then only the last device in init will get the symlink runit-scripts: fix logging for igdeamon, add support to remote init script so that the blaster is always the first device in the chain. added support specificly for hd_pvr LinHES-system: add lh_system_restore and lh_system_backup. These scripts are called from the mythmenu. refs #900 iguanair: rebuild with python 2.7 LinHES-system: msg_daemon.py fix init and nasty bug related to timeout. In a nutshell timeout wouldn't work unless a msg without a timeout was called first. linhes-udev-rules: add rules for mce,streamzap,serial lirc devices. mythinstall: recompile for matching libs mythtv: latest .25-fixes and change mythbackup/restore call lh_system_$op to replace mythbackup/mythrestore. mythbackup no longer works correctly with the new windowmanager linhes-scripts: myth2mp3, myth2x264, myth2xvid: use mythutil to get cutlist LinHES-config, supplimental-web: Fix proxy numbering for Ceton infiniTV linhes-system: add additional stuff to the system backup and also introduced an exclude file. The exclude/include files are locate in /home/mythtv/backup_config/ ...
Diffstat (limited to 'abs/core/openldap')
-rw-r--r--abs/core/openldap/PKGBUILD106
-rw-r--r--abs/core/openldap/mutex-end-of-struct-sigsegv.patch293
-rw-r--r--abs/core/openldap/ntlm.patch230
-rw-r--r--abs/core/openldap/openldap.install20
-rwxr-xr-xabs/core/openldap/slapd49
-rw-r--r--abs/core/openldap/slapd.default6
-rw-r--r--abs/core/openldap/slapd.service9
-rw-r--r--abs/core/openldap/slapd.tmpfiles1
8 files changed, 714 insertions, 0 deletions
diff --git a/abs/core/openldap/PKGBUILD b/abs/core/openldap/PKGBUILD
new file mode 100644
index 0000000..b7af129
--- /dev/null
+++ b/abs/core/openldap/PKGBUILD
@@ -0,0 +1,106 @@
+# $Id: PKGBUILD 162887 2012-07-02 18:03:02Z eric $
+# Maintainer:
+
+pkgbase=openldap
+pkgname=('libldap' 'openldap')
+pkgver=2.4.31
+pkgrel=4
+arch=('i686' 'x86_64')
+url="http://www.openldap.org/"
+license=('custom')
+makedepends=('libltdl' 'libsasl' 'e2fsprogs' 'util-linux')
+source=(ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${pkgbase}-${pkgver}.tgz
+ slapd slapd.default slapd.service slapd.tmpfiles
+ ntlm.patch
+ mutex-end-of-struct-sigsegv.patch)
+sha1sums=('8315a283fb3724abe6062e38d93bb69298d05765'
+ 'bd1ea19256d3d467f1f803e0f4046ef50f17628f'
+ 'd89b8a533045123f1ab46c9c430cf132d58a20a4'
+ 'a2cdab7e800a9f0c8b1e319a68598a12f4af27a4'
+ 'f86a82e35ebe15026980467c9dee4007e686b795'
+ 'e4afd9f1c810ef4c4cd8fe1101dfe5887f2b7eef'
+ '694269dad78c7a806649c2d7f57bb7e503df3af1')
+
+build() {
+ cd "${srcdir}"/${pkgbase}-${pkgver}
+ patch -Np1 -i "${srcdir}"/ntlm.patch
+ patch -Np1 -i "${srcdir}"/mutex-end-of-struct-sigsegv.patch
+
+ sed -i 's|-m 644 $(LIBRARY)|-m 755 $(LIBRARY)|' libraries/{liblber,libldap,libldap_r}/Makefile.in
+ sed -i 's|#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi"|#define LDAPI_SOCK LDAP_DIRSEP "run" LDAP_DIRSEP "openldap" LDAP_DIRSEP "ldapi"|' include/ldap_defaults.h
+ sed -i 's|%LOCALSTATEDIR%/run|/run/openldap|' servers/slapd/slapd.conf
+ sed -i 's|-$(MKDIR) $(DESTDIR)$(localstatedir)/run|-$(MKDIR) $(DESTDIR)/run/openldap|' servers/slapd/Makefile.in
+
+ LDFLAGS="$LDFLAGS -L\"${pkgdir}\"/libldap/usr/lib"
+ ./configure --prefix=/usr --mandir=/usr/share/man --libexecdir=/usr/lib \
+ --sysconfdir=/etc --localstatedir=/var/lib/openldap \
+ --enable-ipv6 --enable-syslog --enable-local \
+ --enable-bdb --enable-hdb \
+ --enable-crypt --enable-dynamic \
+ --with-threads --disable-wrappers \
+ --without-fetch \
+ --enable-spasswd --with-cyrus-sasl \
+ --enable-overlays=mod --enable-modules=yes
+ make
+}
+
+check() {
+ cd "${srcdir}"/${pkgbase}-${pkgver}
+ make test
+}
+
+package_libldap() {
+ pkgdesc="Lightweight Directory Access Protocol (LDAP) client libraries"
+ depends=('libsasl' 'e2fsprogs')
+ backup=('etc/openldap/ldap.conf')
+ options=('!libtool')
+
+ cd "${srcdir}"/${pkgbase}-${pkgver}
+ for dir in include libraries doc/man/man3 ; do
+ pushd ${dir}
+ make DESTDIR="${pkgdir}" install
+ popd
+ done
+ install -Dm644 doc/man/man5/ldap.conf.5.tmp "${pkgdir}"/usr/share/man/man5/ldap.conf.5
+
+# get rid of duplicate default conf files
+ rm "${pkgdir}"/etc/openldap/*.default
+
+ ln -sf liblber.so "${pkgdir}"/usr/lib/liblber.so.2
+ ln -sf libldap.so "${pkgdir}"/usr/lib/libldap.so.2
+
+ install -Dm644 LICENSE "${pkgdir}"/usr/share/licenses/${pkgname}/LICENSE
+}
+
+package_openldap() {
+ pkgdesc="Lightweight Directory Access Protocol (LDAP) client and server"
+ depends=("libldap>=${pkgver}" 'libltdl' 'util-linux')
+ backup=('etc/openldap/slapd.conf' 'etc/conf.d/slapd')
+ options=('!libtool' 'emptydirs')
+ install=openldap.install
+
+ cd "${srcdir}"/${pkgbase}-${pkgver}
+ for dir in clients servers doc/man/man{1,5,8} ; do
+ pushd ${dir}
+ make DESTDIR="${pkgdir}" install
+ popd
+ done
+ rm "${pkgdir}"/usr/share/man/man5/ldap.conf.5
+ rm -r "${pkgdir}"/run
+
+# get rid of duplicate default conf files
+ rm "${pkgdir}"/etc/openldap/*.default
+
+ ln -s ../lib/slapd "${pkgdir}"/usr/sbin/slapd
+
+ chown root:439 "${pkgdir}"/etc/openldap/{slapd.conf,DB_CONFIG.example}
+ chmod 640 "${pkgdir}"/etc/openldap/{slapd.conf,DB_CONFIG.example}
+
+ install -dm700 -o 439 -g 439 "${pkgdir}"/var/lib/openldap
+ install -dm700 -o 439 -g 439 "${pkgdir}"/etc/openldap/slapd.d
+ install -Dm755 "${srcdir}"/slapd "${pkgdir}"/etc/rc.d/slapd
+ install -Dm644 "${srcdir}"/slapd.default "${pkgdir}"/etc/conf.d/slapd
+ install -Dm644 "${srcdir}"/slapd.service "${pkgdir}"/usr/lib/systemd/system/slapd.service
+ install -Dm644 "${srcdir}"/slapd.tmpfiles "${pkgdir}"/usr/lib/tmpfiles.d/slapd.conf
+ install -Dm644 LICENSE "${pkgdir}"/usr/share/licenses/${pkgname}/LICENSE
+}
diff --git a/abs/core/openldap/mutex-end-of-struct-sigsegv.patch b/abs/core/openldap/mutex-end-of-struct-sigsegv.patch
new file mode 100644
index 0000000..e899638
--- /dev/null
+++ b/abs/core/openldap/mutex-end-of-struct-sigsegv.patch
@@ -0,0 +1,293 @@
+ libraries/libldap/init.c | 8 ++-
+ libraries/libldap/ldap-int.h | 198 ++++++++++++++++++++++--------------------
+ 2 files changed, 110 insertions(+), 96 deletions(-)
+
+diff --git a/libraries/libldap/init.c b/libraries/libldap/init.c
+index 39292d2..9d37e64 100644
+--- a/libraries/libldap/init.c
++++ b/libraries/libldap/init.c
+@@ -36,7 +36,13 @@
+ #include "lutil.h"
+
+ struct ldapoptions ldap_int_global_options =
+- { LDAP_UNINITIALIZED, LDAP_DEBUG_NONE LDAP_LDO_MUTEX_NULLARG };
++ { LDAP_UNINITIALIZED, LDAP_DEBUG_NONE
++ LDAP_LDO_NULLARG
++ LDAP_LDO_CONNECTIONLESS_NULLARG
++ LDAP_LDO_TLS_NULLARG
++ LDAP_LDO_SASL_NULLARG
++ LDAP_LDO_GSSAPI_NULLARG
++ LDAP_LDO_MUTEX_NULLARG };
+
+ #define ATTR_NONE 0
+ #define ATTR_BOOL 1
+diff --git a/libraries/libldap/ldap-int.h b/libraries/libldap/ldap-int.h
+index f8e6126..ac6c9e5 100644
+--- a/libraries/libldap/ldap-int.h
++++ b/libraries/libldap/ldap-int.h
+@@ -185,29 +185,59 @@ struct ldapoptions {
+ #define LDAP_TRASHED_SESSION 0xFF
+ int ldo_debug;
+
+-#ifdef LDAP_R_COMPILE
+- ldap_pvt_thread_mutex_t ldo_mutex;
+-#define LDAP_LDO_MUTEX_NULLARG , LDAP_PVT_MUTEX_NULL
+-#else
+-#define LDAP_LDO_MUTEX_NULLARG
+-#endif
++ ber_int_t ldo_version;
++ ber_int_t ldo_deref;
++ ber_int_t ldo_timelimit;
++ ber_int_t ldo_sizelimit;
++
++ /* per API call timeout */
++ struct timeval ldo_tm_api;
++ struct timeval ldo_tm_net;
++
++ LDAPURLDesc *ldo_defludp;
++ int ldo_defport;
++ char* ldo_defbase;
++ char* ldo_defbinddn; /* bind dn */
++
++ /*
++ * Per connection tcp-keepalive settings (Linux only,
++ * ignored where unsupported)
++ */
++ ber_int_t ldo_keepalive_idle;
++ ber_int_t ldo_keepalive_probes;
++ ber_int_t ldo_keepalive_interval;
++
++ int ldo_refhoplimit; /* limit on referral nesting */
++
++ /* LDAPv3 server and client controls */
++ LDAPControl **ldo_sctrls;
++ LDAPControl **ldo_cctrls;
++
++ /* LDAP rebind callback function */
++ LDAP_REBIND_PROC *ldo_rebind_proc;
++ void *ldo_rebind_params;
++ LDAP_NEXTREF_PROC *ldo_nextref_proc;
++ void *ldo_nextref_params;
++ LDAP_URLLIST_PROC *ldo_urllist_proc;
++ void *ldo_urllist_params;
++
++ /* LDAP connection callback stack */
++ ldaplist *ldo_conn_cbs;
++
++ LDAP_BOOLEANS ldo_booleans; /* boolean options */
++
++#define LDAP_LDO_NULLARG ,0,0,0,0 ,{0},{0} ,0,0,0,0, 0,0,0,0, 0,0, 0,0,0,0,0,0, 0, 0
+
+ #ifdef LDAP_CONNECTIONLESS
+ #define LDAP_IS_UDP(ld) ((ld)->ld_options.ldo_is_udp)
+ void* ldo_peer; /* struct sockaddr* */
+ char* ldo_cldapdn;
+ int ldo_is_udp;
++#define LDAP_LDO_CONNECTIONLESS_NULLARG ,0,0,0
++#else
++#define LDAP_LDO_CONNECTIONLESS_NULLARG
+ #endif
+
+- /* per API call timeout */
+- struct timeval ldo_tm_api;
+- struct timeval ldo_tm_net;
+-
+- ber_int_t ldo_version;
+- ber_int_t ldo_deref;
+- ber_int_t ldo_timelimit;
+- ber_int_t ldo_sizelimit;
+-
+ #ifdef HAVE_TLS
+ /* tls context */
+ void *ldo_tls_ctx;
+@@ -226,16 +256,12 @@ struct ldapoptions {
+ int ldo_tls_mode;
+ int ldo_tls_require_cert;
+ int ldo_tls_impl;
+-#ifdef HAVE_OPENSSL_CRL
+ int ldo_tls_crlcheck;
+-#endif
++#define LDAP_LDO_TLS_NULLARG ,0,0,0,{0,0,0,0,0,0,0,0,0},0,0,0,0
++#else
++#define LDAP_LDO_TLS_NULLARG
+ #endif
+
+- LDAPURLDesc *ldo_defludp;
+- int ldo_defport;
+- char* ldo_defbase;
+- char* ldo_defbinddn; /* bind dn */
+-
+ #ifdef HAVE_CYRUS_SASL
+ char* ldo_def_sasl_mech; /* SASL Mechanism(s) */
+ char* ldo_def_sasl_realm; /* SASL realm */
+@@ -244,6 +270,9 @@ struct ldapoptions {
+
+ /* SASL Security Properties */
+ struct sasl_security_properties ldo_sasl_secprops;
++#define LDAP_LDO_SASL_NULLARG ,0,0,0,0,{0}
++#else
++#define LDAP_LDO_SASL_NULLARG
+ #endif
+
+ #ifdef HAVE_GSSAPI
+@@ -253,34 +282,17 @@ struct ldapoptions {
+ #define LDAP_GSSAPI_OPT_DO_NOT_FREE_GSS_CONTEXT 0x0001
+ #define LDAP_GSSAPI_OPT_ALLOW_REMOTE_PRINCIPAL 0x0002
+ unsigned ldo_gssapi_options;
++#define LDAP_LDO_GSSAPI_NULLARG ,0,0
++#else
++#define LDAP_LDO_GSSAPI_NULLARG
+ #endif
+
+- /*
+- * Per connection tcp-keepalive settings (Linux only,
+- * ignored where unsupported)
+- */
+- ber_int_t ldo_keepalive_idle;
+- ber_int_t ldo_keepalive_probes;
+- ber_int_t ldo_keepalive_interval;
+-
+- int ldo_refhoplimit; /* limit on referral nesting */
+-
+- /* LDAPv3 server and client controls */
+- LDAPControl **ldo_sctrls;
+- LDAPControl **ldo_cctrls;
+-
+- /* LDAP rebind callback function */
+- LDAP_REBIND_PROC *ldo_rebind_proc;
+- void *ldo_rebind_params;
+- LDAP_NEXTREF_PROC *ldo_nextref_proc;
+- void *ldo_nextref_params;
+- LDAP_URLLIST_PROC *ldo_urllist_proc;
+- void *ldo_urllist_params;
+-
+- /* LDAP connection callback stack */
+- ldaplist *ldo_conn_cbs;
+-
+- LDAP_BOOLEANS ldo_booleans; /* boolean options */
++#ifdef LDAP_R_COMPILE
++ ldap_pvt_thread_mutex_t ldo_mutex;
++#define LDAP_LDO_MUTEX_NULLARG , LDAP_PVT_MUTEX_NULL
++#else
++#define LDAP_LDO_MUTEX_NULLARG
++#endif
+ };
+
+
+@@ -375,6 +387,46 @@ struct ldap_common {
+ Sockbuf *ldc_sb; /* socket descriptor & buffer */
+ #define ld_sb ldc->ldc_sb
+
++ unsigned short ldc_lberoptions;
++#define ld_lberoptions ldc->ldc_lberoptions
++
++ /* protected by msgid_mutex */
++ ber_len_t ldc_msgid;
++#define ld_msgid ldc->ldc_msgid
++
++ /* do not mess with these */
++ /* protected by req_mutex */
++ LDAPRequest *ldc_requests; /* list of outstanding requests */
++ /* protected by res_mutex */
++ LDAPMessage *ldc_responses; /* list of outstanding responses */
++#define ld_requests ldc->ldc_requests
++#define ld_responses ldc->ldc_responses
++
++ /* protected by abandon_mutex */
++ ber_len_t ldc_nabandoned;
++ ber_int_t *ldc_abandoned; /* array of abandoned requests */
++#define ld_nabandoned ldc->ldc_nabandoned
++#define ld_abandoned ldc->ldc_abandoned
++
++ /* unused by libldap */
++ LDAPCache *ldc_cache; /* non-null if cache is initialized */
++#define ld_cache ldc->ldc_cache
++
++ /* do not mess with the rest though */
++
++ /* protected by conn_mutex */
++ LDAPConn *ldc_defconn; /* default connection */
++#define ld_defconn ldc->ldc_defconn
++ LDAPConn *ldc_conns; /* list of server connections */
++#define ld_conns ldc->ldc_conns
++ void *ldc_selectinfo;/* platform specifics for select */
++#define ld_selectinfo ldc->ldc_selectinfo
++
++ /* ldap_common refcnt - free only if 0 */
++ /* protected by ldc_mutex */
++ unsigned int ldc_refcnt;
++#define ld_ldcrefcnt ldc->ldc_refcnt
++
+ /* protected by ldo_mutex */
+ struct ldapoptions ldc_options;
+ #define ld_options ldc->ldc_options
+@@ -403,66 +455,22 @@ struct ldap_common {
+ #define ld_urllist_params ld_options.ldo_urllist_params
+
+ #define ld_version ld_options.ldo_version
+-#ifdef LDAP_R_COMPILE
+-#define ld_ldopts_mutex ld_options.ldo_mutex
+-#endif
+-
+- unsigned short ldc_lberoptions;
+-#define ld_lberoptions ldc->ldc_lberoptions
+-
+- /* protected by msgid_mutex */
+- ber_len_t ldc_msgid;
+-#define ld_msgid ldc->ldc_msgid
+-
+- /* do not mess with these */
+- /* protected by req_mutex */
+- LDAPRequest *ldc_requests; /* list of outstanding requests */
+- /* protected by res_mutex */
+- LDAPMessage *ldc_responses; /* list of outstanding responses */
+-#define ld_requests ldc->ldc_requests
+-#define ld_responses ldc->ldc_responses
+
+ #ifdef LDAP_R_COMPILE
++ ldap_pvt_thread_mutex_t ldc_mutex;
+ ldap_pvt_thread_mutex_t ldc_msgid_mutex;
+ ldap_pvt_thread_mutex_t ldc_conn_mutex;
+ ldap_pvt_thread_mutex_t ldc_req_mutex;
+ ldap_pvt_thread_mutex_t ldc_res_mutex;
+ ldap_pvt_thread_mutex_t ldc_abandon_mutex;
++#define ld_ldopts_mutex ld_options.ldo_mutex
++#define ld_ldcmutex ldc->ldc_mutex
+ #define ld_msgid_mutex ldc->ldc_msgid_mutex
+ #define ld_conn_mutex ldc->ldc_conn_mutex
+ #define ld_req_mutex ldc->ldc_req_mutex
+ #define ld_res_mutex ldc->ldc_res_mutex
+ #define ld_abandon_mutex ldc->ldc_abandon_mutex
+ #endif
+-
+- /* protected by abandon_mutex */
+- ber_len_t ldc_nabandoned;
+- ber_int_t *ldc_abandoned; /* array of abandoned requests */
+-#define ld_nabandoned ldc->ldc_nabandoned
+-#define ld_abandoned ldc->ldc_abandoned
+-
+- /* unused by libldap */
+- LDAPCache *ldc_cache; /* non-null if cache is initialized */
+-#define ld_cache ldc->ldc_cache
+-
+- /* do not mess with the rest though */
+-
+- /* protected by conn_mutex */
+- LDAPConn *ldc_defconn; /* default connection */
+-#define ld_defconn ldc->ldc_defconn
+- LDAPConn *ldc_conns; /* list of server connections */
+-#define ld_conns ldc->ldc_conns
+- void *ldc_selectinfo;/* platform specifics for select */
+-#define ld_selectinfo ldc->ldc_selectinfo
+-
+- /* ldap_common refcnt - free only if 0 */
+-#ifdef LDAP_R_COMPILE
+- ldap_pvt_thread_mutex_t ldc_mutex;
+-#define ld_ldcmutex ldc->ldc_mutex
+-#endif
+- /* protected by ldc_mutex */
+- unsigned int ldc_refcnt;
+-#define ld_ldcrefcnt ldc->ldc_refcnt
+ };
+
+ struct ldap {
diff --git a/abs/core/openldap/ntlm.patch b/abs/core/openldap/ntlm.patch
new file mode 100644
index 0000000..6804b61
--- /dev/null
+++ b/abs/core/openldap/ntlm.patch
@@ -0,0 +1,230 @@
+Patch from evolution-exchange (2.10.3). The ldap_ntlm_bind function is
+actually called by evolution-data-server, checked at version 1.12.2.
+Without this patch, the Exchange addressbook integration uses simple binds
+with cleartext passwords.
+
+Russ checked with openldap-software for upstream's opinion on this patch
+on 2007-12-21. Upstream had never received it as a patch submission and
+given that it's apparently only for older Exchange servers that can't do
+SASL and DIGEST-MD5, it's not very appealing.
+
+Bug#457374 filed against evolution-data-server asking if this support is
+still required on 2007-12-21.
+
+Index: trunk/include/ldap.h
+===================================================================
+--- trunk.orig/include/ldap.h
++++ trunk/include/ldap.h
+@@ -2461,5 +2461,25 @@
+ LDAPControl **ctrls,
+ LDAPDerefRes **drp ));
+
++/*
++ * hacks for NTLM
++ */
++#define LDAP_AUTH_NTLM_REQUEST ((ber_tag_t) 0x8aU)
++#define LDAP_AUTH_NTLM_RESPONSE ((ber_tag_t) 0x8bU)
++LDAP_F( int )
++ldap_ntlm_bind LDAP_P((
++ LDAP *ld,
++ LDAP_CONST char *dn,
++ ber_tag_t tag,
++ struct berval *cred,
++ LDAPControl **sctrls,
++ LDAPControl **cctrls,
++ int *msgidp ));
++LDAP_F( int )
++ldap_parse_ntlm_bind_result LDAP_P((
++ LDAP *ld,
++ LDAPMessage *res,
++ struct berval *challenge));
++
+ LDAP_END_DECL
+ #endif /* _LDAP_H */
+Index: trunk/libraries/libldap/ntlm.c
+===================================================================
+--- /dev/null
++++ trunk/libraries/libldap/ntlm.c
+@@ -0,0 +1,138 @@
++/* $OpenLDAP: pkg/ldap/libraries/libldap/ntlm.c,v 1.1.4.10 2002/01/04 20:38:21 kurt Exp $ */
++/*
++ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
++ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
++ */
++
++/* Mostly copied from sasl.c */
++
++#include "portable.h"
++
++#include <stdlib.h>
++#include <stdio.h>
++
++#include <ac/socket.h>
++#include <ac/string.h>
++#include <ac/time.h>
++#include <ac/errno.h>
++
++#include "ldap-int.h"
++
++int
++ldap_ntlm_bind(
++ LDAP *ld,
++ LDAP_CONST char *dn,
++ ber_tag_t tag,
++ struct berval *cred,
++ LDAPControl **sctrls,
++ LDAPControl **cctrls,
++ int *msgidp )
++{
++ BerElement *ber;
++ int rc;
++ ber_int_t id;
++
++ Debug( LDAP_DEBUG_TRACE, "ldap_ntlm_bind\n", 0, 0, 0 );
++
++ assert( ld != NULL );
++ assert( LDAP_VALID( ld ) );
++ assert( msgidp != NULL );
++
++ if( msgidp == NULL ) {
++ ld->ld_errno = LDAP_PARAM_ERROR;
++ return ld->ld_errno;
++ }
++
++ /* create a message to send */
++ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
++ ld->ld_errno = LDAP_NO_MEMORY;
++ return ld->ld_errno;
++ }
++
++ assert( LBER_VALID( ber ) );
++
++ LDAP_NEXT_MSGID( ld, id );
++ rc = ber_printf( ber, "{it{istON}" /*}*/,
++ id, LDAP_REQ_BIND,
++ ld->ld_version, dn, tag,
++ cred );
++
++ /* Put Server Controls */
++ if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) {
++ ber_free( ber, 1 );
++ return ld->ld_errno;
++ }
++
++ if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) {
++ ld->ld_errno = LDAP_ENCODING_ERROR;
++ ber_free( ber, 1 );
++ return ld->ld_errno;
++ }
++
++ /* send the message */
++ *msgidp = ldap_send_initial_request( ld, LDAP_REQ_BIND, dn, ber, id );
++
++ if(*msgidp < 0)
++ return ld->ld_errno;
++
++ return LDAP_SUCCESS;
++}
++
++int
++ldap_parse_ntlm_bind_result(
++ LDAP *ld,
++ LDAPMessage *res,
++ struct berval *challenge)
++{
++ ber_int_t errcode;
++ ber_tag_t tag;
++ BerElement *ber;
++ ber_len_t len;
++
++ Debug( LDAP_DEBUG_TRACE, "ldap_parse_ntlm_bind_result\n", 0, 0, 0 );
++
++ assert( ld != NULL );
++ assert( LDAP_VALID( ld ) );
++ assert( res != NULL );
++
++ if ( ld == NULL || res == NULL ) {
++ return LDAP_PARAM_ERROR;
++ }
++
++ if( res->lm_msgtype != LDAP_RES_BIND ) {
++ ld->ld_errno = LDAP_PARAM_ERROR;
++ return ld->ld_errno;
++ }
++
++ if ( ld->ld_error ) {
++ LDAP_FREE( ld->ld_error );
++ ld->ld_error = NULL;
++ }
++ if ( ld->ld_matched ) {
++ LDAP_FREE( ld->ld_matched );
++ ld->ld_matched = NULL;
++ }
++
++ /* parse results */
++
++ ber = ber_dup( res->lm_ber );
++
++ if( ber == NULL ) {
++ ld->ld_errno = LDAP_NO_MEMORY;
++ return ld->ld_errno;
++ }
++
++ tag = ber_scanf( ber, "{ioa" /*}*/,
++ &errcode, challenge, &ld->ld_error );
++ ber_free( ber, 0 );
++
++ if( tag == LBER_ERROR ) {
++ ld->ld_errno = LDAP_DECODING_ERROR;
++ return ld->ld_errno;
++ }
++
++ ld->ld_errno = errcode;
++
++ return( ld->ld_errno );
++}
++
+Index: trunk/libraries/libldap/Makefile.in
+===================================================================
+--- trunk.orig/libraries/libldap/Makefile.in
++++ trunk/libraries/libldap/Makefile.in
+@@ -27,7 +27,7 @@
+ init.c options.c print.c string.c util-int.c schema.c \
+ charray.c os-local.c dnssrv.c utf-8.c utf-8-conv.c \
+ tls2.c tls_o.c tls_g.c tls_m.c \
+- turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c \
++ turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c ntlm.c \
+ assertion.c deref.c ldif.c fetch.c
+
+ OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \
+@@ -40,7 +40,7 @@
+ init.lo options.lo print.lo string.lo util-int.lo schema.lo \
+ charray.lo os-local.lo dnssrv.lo utf-8.lo utf-8-conv.lo \
+ tls2.lo tls_o.lo tls_g.lo tls_m.lo \
+- turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo \
++ turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo ntlm.lo \
+ assertion.lo deref.lo ldif.lo fetch.lo
+
+ LDAP_INCDIR= ../../include
+Index: trunk/libraries/libldap_r/Makefile.in
+===================================================================
+--- trunk.orig/libraries/libldap_r/Makefile.in
++++ trunk/libraries/libldap_r/Makefile.in
+@@ -29,7 +29,7 @@
+ init.c options.c print.c string.c util-int.c schema.c \
+ charray.c os-local.c dnssrv.c utf-8.c utf-8-conv.c \
+ tls2.c tls_o.c tls_g.c tls_m.c \
+- turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c \
++ turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c ntlm.c \
+ assertion.c deref.c ldif.c fetch.c
+ SRCS = threads.c rdwr.c rmutex.c tpool.c rq.c \
+ thr_posix.c thr_cthreads.c thr_thr.c thr_lwp.c thr_nt.c \
+@@ -47,7 +47,7 @@
+ init.lo options.lo print.lo string.lo util-int.lo schema.lo \
+ charray.lo os-local.lo dnssrv.lo utf-8.lo utf-8-conv.lo \
+ tls2.lo tls_o.lo tls_g.lo tls_m.lo \
+- turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo \
++ turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo ntlm.lo \
+ assertion.lo deref.lo ldif.lo fetch.lo
+
+ LDAP_INCDIR= ../../include
diff --git a/abs/core/openldap/openldap.install b/abs/core/openldap/openldap.install
new file mode 100644
index 0000000..cf3cb9f
--- /dev/null
+++ b/abs/core/openldap/openldap.install
@@ -0,0 +1,20 @@
+post_install(){
+ groupadd -g 439 ldap &>/dev/null
+ useradd -u 439 -g ldap -d /var/lib/openldap -s /bin/false ldap &>/dev/null
+ chown -R ldap:ldap var/lib/openldap &>/dev/null
+}
+
+post_upgrade(){
+ getent group ldap >/dev/null 2>&1 || groupadd -g 439 ldap &>/dev/null
+ getent passwd ldap >/dev/null 2>&1 || useradd -u 439 -g ldap -d /var/lib/openldap -s /bin/false ldap &>/dev/null
+ chown -R ldap:ldap var/lib/openldap &>/dev/null
+}
+
+post_remove(){
+ if getent passwd ldap >/dev/null 2>&1; then
+ userdel ldap
+ fi
+ if getent group ldap >/dev/null 2>&1; then
+ groupdel ldap
+ fi
+}
diff --git a/abs/core/openldap/slapd b/abs/core/openldap/slapd
new file mode 100755
index 0000000..4f212da
--- /dev/null
+++ b/abs/core/openldap/slapd
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+. /etc/rc.conf
+. /etc/rc.d/functions
+
+[ -f "/etc/conf.d/slapd" ] && . /etc/conf.d/slapd
+
+PID=`pidof -o %PPID /usr/sbin/slapd`
+case "$1" in
+ start)
+ stat_busy "Starting OpenLDAP"
+ [ ! -d /run/openldap ] && install -d -m755 -o ldap -g ldap /run/openldap
+ if [ -z "$PID" ]; then
+ if [ -z "$SLAPD_SERVICES" ]; then
+ /usr/sbin/slapd -u ldap -g ldap $SLAPD_OPTIONS
+ else
+ /usr/sbin/slapd -u ldap -g ldap -h "$SLAPD_SERVICES" $SLAPD_OPTIONS
+ fi
+ if [ $? -gt 0 ]; then
+ stat_fail
+ else
+ stat_done
+ fi
+ add_daemon slapd
+ else
+ stat_fail
+ fi
+ ;;
+ stop)
+ stat_busy "Stopping OpenLDAP"
+ [ ! -z "$PID" ] && kill $PID &> /dev/null
+ if [ $? -gt 0 ]; then
+ stat_fail
+ else
+ rm -f /run/openldap/slapd.pid
+ rm -f /run/openldap/slapd.args
+ rm_daemon slapd
+ stat_done
+ fi
+ ;;
+ restart)
+ $0 stop
+ sleep 3
+ $0 start
+ ;;
+ *)
+ echo "usage: $0 {start|stop|restart}"
+esac
+exit 0
diff --git a/abs/core/openldap/slapd.default b/abs/core/openldap/slapd.default
new file mode 100644
index 0000000..72ae2a6
--- /dev/null
+++ b/abs/core/openldap/slapd.default
@@ -0,0 +1,6 @@
+# slapd normally serves ldap only on all TCP-ports 389. slapd can also
+# service requests on TCP-port 636 (ldaps) and requests via unix
+# sockets.
+# Example usage:
+#SLAPD_SERVICES="ldap://127.0.0.1:389/ ldaps:/// ldapi:///"
+SLAPD_OPTIONS=""
diff --git a/abs/core/openldap/slapd.service b/abs/core/openldap/slapd.service
new file mode 100644
index 0000000..d8baa57
--- /dev/null
+++ b/abs/core/openldap/slapd.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=OpenLDAP server daemon
+
+[Service]
+Type=forking
+ExecStart=/usr/sbin/slapd
+
+[Install]
+WantedBy=multi-user.target
diff --git a/abs/core/openldap/slapd.tmpfiles b/abs/core/openldap/slapd.tmpfiles
new file mode 100644
index 0000000..5f63bd6
--- /dev/null
+++ b/abs/core/openldap/slapd.tmpfiles
@@ -0,0 +1 @@
+D /run/openldap 0750 ldap ldap -