A ports freeze means that commits will be few and far between and only by approval.

openldap23-server 2.3.43 net =35

Open source LDAP server implementation
Maintained by: delphij@FreeBSD.org
Port Added: 27 Mar 2005 04:20:41
Also Listed In: databases

---

---

OpenLDAP is a suite of Lightweight Directory Access Protocol (v3) servers,
clients, utilities and development tools.

This package includes the following major components:

 * slapd - a stand-alone LDAP directory server
 * slurpd - a stand-alone LDAP replication server
 * LDIF tools - data conversion tools for use with slapd

This is the latest stable release of OpenLDAP Software for general use.

WWW: http://www.OpenLDAP.org/

CVSWeb : Sources : Main Web Site : Distfiles Availability : PortsMon

---

Slave ports

net/openldap23-client

net/openldap23-sasl-client

---

Required To Build: devel/libtool15
Required Libraries: net/openldap23-client, databases/db44, devel/libltdl15

---

To install the port: cd /usr/ports/net/openldap23-server/ && make install clean
To add the package: pkg_add -r openldap23-server

---

Configuration Options

===> The following configuration options are available for openldap-server-2.3.43:
     SASL=off (default) "With (Cyrus) SASL2 support"
     PERL=off (default) "With Perl backend"
     SHELL=off (default) "With Shell backend (disables threading)"
     ODBC=off (default) "With SQL backend"
     SLP=off (default) "With SLPv2 (RFC 2608) support"
     SLAPI=off (default) "With Netscape SLAPI plugin API"
     TCP_WRAPPERS=on (default) "With tcp wrapper support"
     BDB=on (default) "With BerkeleyDB support"
     ACCESSLOG=off (default) "With In-Directory Access Logging overlay"
     AUDITLOG=off (default) "With Audit Logging overlay"
     DENYOP=off (default) "With Deny Operation overlay"
     DYNGROUP=off (default) "With Dynamic Group overlay"
     DYNLIST=off (default) "With Dynamic List overlay"
     LASTMOD=off (default) "With Last Modification overlay"
     PPOLICY=off (default) "With Password Policy overlay"
     PROXYCACHE=off (default) "With Proxy Cache overlay"
     REFINT=off (default) "With Referential Integrity overlay"
     RETCODE=off (default) "With Return Code testing overlay"
     RWM=off (default) "With Rewrite/Remap overlay"
     SYNCPROV=off (default) "With Syncrepl Provider overlay"
     TRANSLUCENT=off (default) "With Translucent Proxy overlay"
     UNIQUE=off (default) "With attribute Uniqueness overlay"
     VALSORT=off (default) "With Value Sorting overlay"
     ACI=off (default) "With per-object ACIs (experimental)"
     DYNAMIC_BACKENDS=on (default) "Build dynamic backends"
     SLURPD=on (default) "Build slurpd replication daemon"
===> Use 'make config' to modify these settings

---

Master Sites:

ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/

ftp://gd.tuwien.ac.at/infosys/network/OpenLDAP/openldap-release/

ftp://ftp.matrix.com.br/pub/openldap/openldap-release/

ftp://ftp.ucr.ac.cr/pub/Unix/openldap/openldap-release/

ftp://ftp.ntua.gr/mirror/OpenLDAP/openldap-release/

ftp://ftp.dti.ad.jp/pub/net/OpenLDAP/openldap-release/

ftp://ftp.u-aizu.ac.jp/pub/net/openldap/openldap-release/

ftp://ftp.holywar.net/pub/OpenLDAP/openldap-release/

ftp://ftp.nl.uu.net/pub/unix/db/openldap/openldap-release/

ftp://ftp.linux.pt/pub/mirrors/OpenLDAP/openldap-release/

ftp://ftp.rediris.es/mirror/OpenLDAP/openldap-release/

ftp://sunsite.cnlab-switch.ch/mirror/OpenLDAP/openldap-release/

ftp://ftp.plig.org/pub/OpenLDAP/openldap-release/

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/

• 2006-11-30

  Affects: users of net/openldap2[34]-server

  Author: delphij@FreeBSD.org

  Reason: 
    The default Berkeley DB version has been changed from
    4.3 to 4.4, as suggested by OpenLDAP developers.
  
    Suggested upgrade steps:
  
      - Stop OpenLDAP server (i.e. ${PREFIX}/etc/rc.d/slapd stop)
      - Backup the OpenLDAP database (typically, /var/db/openldap-data)
        with your favorite tool
      - Do a "slapcat > backup.ldif" to dump all data
      - portupgrade net/openldap23-server
      - Remove BDB files from your /var/db/openldap-data;  you will want
        to keep DB_CONFIG as-is.
      - Do a "slapadd < backup.ldif" to restore the data
  
    Alternatively, if you want to keep the current BDB version (4.3),
    please define WITH_BDB_VER=43 when building the server.
  
  



• 2006-05-26

  Affects: users of net/openldap23-server

  Author: delphij@FreeBSD.org

  Reason: 
    The setting of SHELL backend has been inverted to off by default,
    because of the side effect it can cause. A new option, SLURPD
    has been added to give the user decision on whether the
    replication should be built and installed. Please note that the
    replication daemon is disabled when threading is disabled (e.g.
    when using shell backend), no matter what the user option SLURPD
    is set to.
  
    You are advised to do a "make config" in the net/openldap23-server
    directory *before* upgrading.
  
  



• 2006-05-18

  Affects: users of net/openldap23-server

  Author: delphij@FreeBSD.org

  Reason: 
    The OpenLDAP 2.3.x series now automatically disables threading when
    shell backend is enabled, as suggested by the OpenLDAP developers.
    Users should be aware of the change and choose whether to enable
    the feature.
  
  

Update CONFIGURE_ARGS for how we pass CONFIGURE_TARGET to configure script.
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.

To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.

To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.

Changes to Mk/*:
 - Add runtime detection magic in bsd.port.mk

Update to 2.3.43

- Update to 2.3.42

Requested by:   delphij (maintainer)

Update to 2.3.41

Avoid confusion when SASL is enabled for server.

Update to 2.3.40.

Correct slapd_owner case matching.

PR:             ports/117229
Reported by:    Tetsuya Uemura <t_uemura at macome.co.jp>

Update to 2.3.39.

This release of OpenLDAP does not support Berkeley DB 4.6 yet.

Submitted by:   mm
PR:             ports/115712

 - Update to 2.3.38.
 - Adjust DATABASEDIR's permission to 700 upon slapd start.

- Remove the DESTDIR modifications from individual ports as we have a new,
  fully chrooted DESTDIR, which does not need such any more.

Sponsored by:   Google Summer of Code 2007
Approved by:    portmgr (pav)

Update to 2.3.37.

Update to 2.3.36

Do not build SASL by default for client package, thus avoids
a very annoying conflict when installing the client from package.

Use more concise expressions for splitting the user:group string.

Submitted by:   Ulrich Spoerlein <uspoerlein@gmail.com>
PR:             ports/111617

 - Update to 2.3.35
 - Unbreak for kernels without COMPAT_43TTY [1]

Note: the patch from [1] was accepted by OpenLDAP, but
not yet integrated into there RELENG_2_3 branch.

Submitted by:   Ed Schouten <ed fxq.nl> [1]
PR:             ports/110386 [1]

Use USE_LDCONFIG correctly upon successful server installation
in order to make backend shared objects to be recognized
correctly.

Requested by:   edwin
PR:             ports/110424

Add a couple of @cwd's in order to make @dirrmtry really
functional.

Noticed by:     Xin ZHAO <quakelee at cn.freebsd.org>

Update to 2.3.34

- Use newly added RC_SUBR_SUFFIX

Approved by:    delphij (maintainer)

Update to 2.3.33

Upate to 2.3.32

Update to 2.3.31, a bugfix release.  To quote the release changelog:

        Fixed libldap unchased referral leak (ITS#4545)
        Fixed libldap tls callback (ITS#4723)
        Fixed liblutil ldif file: URL parsing
        Fixed slapd syncrepl logging (ITS#4755)
        Fixed slapd group ACL caching when proxyAuthz'ing (ITS#4760)
        Fixed slapd "group" authz default member parsing (ITS#4761)
        Fixed slapd uninitialized sd_actives array (ITS#4765)
        Fixed slapd DN parsing in bindconf_parse (ITS#4766)
        Fixed slapd conditional in macro argument (ITS#4769)
        Fixed slapd send_search_reference should propagate errors
        Fixed slapd memleak on failed bind (ITS#4771)
        Fixed slapd schema preparation case to match RFCs (ITS#4764)
        Fixed slapd kbind buffer overflow condition (ITS#4775)

 o Respect PTHREAD_LIBS=ANY (like -lthr). [1]
 o Use Berkeley DB 4.4, as suggested by OpenLDAP developers.

Submitted by:   nork [1]

Update to 2.3.30.

Update to 2.3.29

- Unify the way to choose between ODBC flavors (WITH_IODBC / WITH_UNIXODBC).

PR:             ports/103293
Submitted by:   Ganael Laplanche <ganael.laplanche@martymac.com>
Approved by:    girgen (databases/postgresql-odbc), fjoe (databases/libodbc++),
                sergey@network-asp.biz
                (databases/mysql-connector-odbc, timeout),
                delphij@FreeBSD.org (net/openldap23-server),
                mat@FreeBSD.org (databases/p5-DBD-ODBC)

Update to 2.3.27, plus fix for perl backend [1].

Submitted by:   Xavier Beaudouin <kiwi oav net> [1]
                Joerg Pulz <Joerg Pulz frm2 tum de>
PR:             ports/102235 [1]
                ports/102294

Update to 2.3.26.

Submitted by:   Joerg Pulz <Joerg Pulz frm2 tum de>
PR:             ports/102204

Update to 2.3.25, a maintaince release which contains a lot of
bugfixes.

Switch to root's credential during pre-install stage.  This fixes
installation initialized by a unprivileged user.

Reported by:    Michal Bartkowiak <michal bartkowiak biz>

PlanetMirror appears to add a page which fetch(1) do not like, so remove it
for now.

Update to OpenLDAP 2.3.24 Release:
    Fixed slapd syncrepl timestamp bug (delta-sync/cascade) (ITS#4567)
    Fixed slapd-bdb/hdb non-root users adding suffix/root entries (ITS#4552)
    Re-fixed slapd-ldap improper free bug in exop (ITS#4550)
    Fixed slapd-ldif assert bug (ITS#4568)
    Fixed slapo-syncprov crash under glued database (ITS#4562)

According to the openldap configure script, by disabling
threading support the slurpd daemon would not be built.

 - New option: SLURPD to determine whether to build the
   replication daemon.  (enabled by default).  The
   replication functionality is not used by every user
   so it is desirable to give decision to the user.
 - When threading is disabled, reflect the fact that
   slurpd is not being built/installed. [1]  This would
   also override the user chosen SLURPD option.
 - Disable SHELL backend by default.

[1] Reported by: pointyhat via kris

Fix pkg-message for client.

Approved by:    sem (mentor, implicit)
Pointy hat to:  delphij

The pkg-install, pkg-deinstall and pkg-message files are suitable
only for -server port, so move them to appropriate place.

Approved by:    sem (mentor, implicit)

When the SASL option is selected, define WANT_OPENLDAP_SASL
accordingly to depend on the correct flavior of OpenLDAP
client library.

Reported by:    pointyhat via kris
Approved by:    sem (mentor, implicitly)

Updates, cleanups and improvements over the openldap23-* ports:

 - Make sure that PKGNAMESUFFIX and COMMENT are correctly set when
   building slave ports. [1]
 - Remove RCORDER feature which is now deprecated.
 - Move PORTREVISION related stuff to before bsd.port.pre.mk in
   order to get the revisions actually work.
 - Depend on CLIENT_ONLY and WITH_SASL to determine the package
   name suffix.
 - Make use of USE_OPENLDAP instead of rolling our own.
 - Use WITH_RC_SUBR correctly rather than just specifying "yes"
 - Depend on bsd.database.mk to determine the Berkeley DB name,
   which makes it possible to use versions available from the
   ports collection rather than making decision our own. [2]
 - Disable threading as suggested by openldap developers if
   BACK_SHELL is enabled.  Indicate the fact when showing options.
 - Update to 2.3.23

PR:             91902[1], 96752 [2]
Submitted by:   Gyorgy TEUBEL <tgyurci freemail hu> [1]
                Sunpoet Po-Chuan Hsieh <sunpoet sunpoet net> [2]
Approved by:    sem (mentor)

Other changes, blames and all bugs are mine.

Remove USE_REINPLACE from all categories starting with N

- Forced commit to note the last changes was:

PR:             ports/95916
Submitted by:   Joerg Pulz <Joerg.Pulz@frm2.tum.de>
Approved by:    delphij (maintainer)

- OPTIONS revision: resort, add new

Submitted by:   delphij (maintainer)

Forced commit to mention that previous commit was:

Approved by:    clive, sem

Correct a bug that makes inversed logic for SHELL backend.

PR:             ports/95689
Submitted by:   Dmitriy Kirhlarov <dkirhlarov oilspace com>

- A new maintainer

Submitted by:   delphij

- Update to 2.3.21 (a bugfix release)

PR:             ports/95570
Submitted by:   delphij

Reset vsevolod as maintainer due to unreponsiveness.  We hope to see him
back sometime.

Hat:            portmgr

- One more --with-ldbm -> --enable-ldbm forgotten on the last commit

Reminded by:    Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>

- Update to 2.3.20 (including a client library mutex leak fix,
  as described in ITS #4441) [1]
- Use --enable-ldbm-api, instead of --with-ldbm-api for configure script. [2]
- Make a note it's not an alpha anymore. [2]

PR:             ports/94728 [1], ports/93711 [2]
Submitted by:   delphij [1], Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua> [2]
Approved by:    maintainer timeout

Conversion to a single libtool environment.

Approved by:    portmgr (kris)

- Update to 2.3.19

PR:             91983
Submitted by:   delphij

Remove the FreeBSD KEYWORD from all rc.d scripts where it appears.
We have not checked for this KEYWORD for a long time now, so this
is a complete noop, and thus no PORTREVISION bump. Removing it at
this point is mostly for pedantic reasons, and partly to avoid
perpetuating this anachronism by copy and paste to future scripts.

SHA256ify

Approved by: krion@

Replace ugly "@unexec rmdir %D... 2>/dev/null || true" with @dirrmtry

Approved by:    krion@
PR:             ports/88711 (related)

Replace ugly "@unexec rmdir %D... 2>/dev/null || true" with @dirrmtry

Approved by:    krion@
PR:             ports/88711 (related)

Mass-conversion to the USE_AUTOTOOLS New World Order.  The code present
in bsd.autotools.mk essentially makes this a no-op given that all the
old variables set a USE_AUTOTOOLS_COMPAT variable, which is parsed in
exactly the same way as USE_AUTOTOOLS itself.

Moreover, USE_AUTOTOOLS has already been extensively tested by the GNOME
team -- all GNOME 2.12.x ports use it.

Preliminary documentation can be found at:
        http://people.FreeBSD.org/~ade/autotools.txt

which is in the process of being SGMLized before introduction into the
Porters Handbook.

Light blue touch-paper.  Run.

- Update to 2.3.11

Noticed by:     Michael Reifenberger

- Update to 2.3.10

Reported by:    edwin

Update to 2.3.9

Remove two dead mirrors of openldap.

Reminded by:    linimon

Update to 2.3.7 [1]
Add RWM overlay support [2]
Convert to OPTIONS
Remove openldap23-sasl-server as it is no longer required as separated port.

PR:             85709 [1], 84966 [2]
Submitted by:   Dmitry A Grigorovich <odip@bionet.nsc.ru> [1]
                Pawel Wieleba <P.Wieleba@iem.pw.edu.pl> [2]

Update my email address.

Approved by:    perky (mentor)

- Add knob for Syncprov overlay
- Portlint

PR:             ports/82752
Requested by:   Pawel Wieleba <P.Wieleba@iem.pw.edu.pl>
Submitted by:   Vsevolod Stakhov <vsevolod@highsecure.ru> (maintainer)

- Add knobs for Unique and Password Policy overlays

PR:             ports/82725
Submitted by:   Pawel Wieleba <P.Wieleba@iem.pw.edu.pl>
Approved by:    Vsevolod Stakhov <vsevolod@highsecure.ru> (maintainer)

Remove warning about alpha quality in package message.

PR:             82732
Submitted by:   Dmitry A Grigorovich <odip@bionet.nsc.ru>
Approved by:    Vsevolod Stakhov (maintainer)

- Update to 2.3.4

PR:             ports/82238
Submitted by:   maintainer

Fix the client's packing list.

Reported by:    pointyhat

- Update to 2.3.3beta [1]
- Quote BROKEN messages

PR:             ports/80982 [1]
Submitted by:   maintainer [1]

Fix leftover files noticed by the pointyhat run.
Learned something about the MLINKS command.

New ports: net/openldap23[-server, -client, -sasl-server, -sasl-server]

        There is development version of openldap named 2.3.2beta2.
        These ports are based on
http://people.freebsd.org/~eik/ports/openldap23.shar.
        The repocopy has been already made in ports/77170.

PR:             ports/80618
Submitted by:   Vsevolod Stakhov <vsevolod@highsecure.ru>

Remove repo-copies requested and performed 5 weeks ago but never
completed by the submitter.  They can be added back later if/when the
submitter is ready to proceed.

Approved by:    portmgr (self)

19 vulnerabilities affecting 36 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities