net-nds/fedora-ds-base: deactivate devel bugfix

git-svn-id: https://svn.disconnected-by-peer.at/svn/linamh/trunk/linamh@489 6952d904-891a-0410-993b-d76249ca496b
2008-08-30 18:31:50 +00:00 · 2008-08-30 18:31:50 +00:00 · 07565104d1
parent 9083650599
commit 07565104d1
4 changed files with 308 additions and 2 deletions
--- a/net-nds/fedora-ds-base/ChangeLog
+++ b/net-nds/fedora-ds-base/ChangeLog
@ -2,6 +2,10 @@
 # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
 # $Header: $

+  30 Aug 2008; Mario Fetka <mario.fetka@gmail.com> +files/bug439829.patch,
+  fedora-ds-base-1.1.1-r1.ebuild:
+  deactivate devel bugfix
+
  20 Aug 2008; Mario Fetka <mario.fetka@gmail.com>
  -fedora-ds-base-1.1.0.ebuild, -fedora-ds-base-1.1.1.ebuild,
  fedora-ds-base-1.1.1-r1.ebuild:
--- a/net-nds/fedora-ds-base/Manifest
+++ b/net-nds/fedora-ds-base/Manifest
@ -1,7 +1,8 @@
+AUX bug439829.patch 9701 RMD160 265747b19535c44abd5e5b6f67871d525ba2f152 SHA1 c22008a29dfe59d20e61b16ad70d192be4948c6d SHA256 d3fc786de0e25636673c0e1b5f228e965f5d56b8073f2654b4bd45812600a7fa
 AUX dirsrv.confd 72 RMD160 d5478a77018aeb727ba72217d3e67af3dcd669c9 SHA1 006d238cd3fd31b9019a2a1e5bff250192b05a91 SHA256 62d68e8ab4b2b1342a3418e6b067a99345a2806ec1575f6d49cd6c0d1cbb17bc
 AUX dirsrv.initd 2422 RMD160 f90db40234c6177c2e7b23999786f775fb62fa6e SHA1 36c29829002f91aa9e43d20bfc22dab443791c75 SHA256 8cd646015bd5bd4ea5a50fc5781200b1f287bc48a3892af4e1aea0c3c904c859
 AUX fedora-ds-cvs.sh 346 RMD160 d9659f0aa8559c59865f42e16bc611a57a63d893 SHA1 8069aeee78a5fd614f19f3438c9f3dada700e944 SHA256 f2e453b1139b010ceae3dee2c0292e616a67ec55046e759b90c1104721ad412a
 DIST fedora-ds-base-1.1.1.tar.bz2 2590248 RMD160 824ac88f2e901e19a1ec96f5ba9b4d94fc8f39c3 SHA1 78639f5075015cc9663f8e69aacaf2a5aa938e57 SHA256 ffd4cbbd61eef96174784e5de0c01c34738826a6b10bda4fcff6d7369c1cd0b5
-EBUILD fedora-ds-base-1.1.1-r1.ebuild 1804 RMD160 ff74d331e3014526c88715417bc6330a8bbc97e6 SHA1 528fe54a7818ecdde113ae669a61ea0b9d586a0a SHA256 8d785fcea85e3cf3395906abaebecc8a663bf8bc9df6bdf9d47c6bf6769ce977
-MISC ChangeLog 1878 RMD160 0468b1ede1a8ea9c3e65d7c6af1573c0564b5ff3 SHA1 c4d8abefdb56910a9de978153d35cc697f9578b2 SHA256 26c64f64dc6bb670e81acda567f43b018e80271ebe50abb4939f22ab85bae77f
+EBUILD fedora-ds-base-1.1.1-r1.ebuild 1851 RMD160 0be248448f65ef9d57f91957d3b01407099332b4 SHA1 48f5b9eaf63143c10675f3031b764246fd51cd64 SHA256 67257aba20ba01e3896b970c46549670406c916eb5ee8308ca02b75abb9ef0ac
+MISC ChangeLog 2014 RMD160 19dd6b3f89bf8764149d57e3dbb21deca6e39a46 SHA1 654b852fe4ab4cba8d0ffccc3e69486a385529b9 SHA256 f71338a8857e2d9c003343d2a581ba0016335e585f51b94b98569bc4a62b69df
 MISC metadata.xml 170 RMD160 645927a396fdc21cdeb089fe42c5397332420ea6 SHA1 ac7f48a14fec325926f9ce1be8fbf1f311b4f2e4 SHA256 d797a2ec6f9dc516c9f9c1a758ee87ad3e8c43101b5dc76c2f872d5bd4639b42
--- a/net-nds/fedora-ds-base/fedora-ds-base-1.1.1-r1.ebuild
+++ b/net-nds/fedora-ds-base/fedora-ds-base-1.1.1-r1.ebuild
@ -31,6 +31,8 @@ DEPEND=">=dev-libs/nss-3.11.4

 src_unpack() {
 	unpack ${A}
+#	cd ${S}
+#	epatch ${FILESDIR}/bug439829.patch
 }

 src_compile() {
--- a/net-nds/fedora-ds-base/files/bug439829.patch
+++ b/net-nds/fedora-ds-base/files/bug439829.patch
@ -0,0 +1,299 @@
+Index: ldap/servers/slapd/detach.c
+===================================================================
+RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/detach.c,v
+retrieving revision 1.6
+diff -u -8 -r1.6 detach.c
+--- ldap/servers/slapd/detach.c	10 Nov 2006 23:45:40 -0000	1.6
+++ ldap/servers/slapd/detach.c	2 Apr 2008 23:32:27 -0000
+@@ -71,17 +71,18 @@
+ #include "slap.h"
+ #include "fe.h"
+ 
+ #if defined(USE_SYSCONF) || defined(LINUX)
+ #include <unistd.h>
+ #endif /* USE_SYSCONF */
+ 
+ void
+-detach()
+detach( int slapd_exemode, int importexport_encrypt,
+        int s_port, daemon_ports_t *ports_info )
+ {
+ #ifndef _WIN32
+ 	int		i, sd;
+ 	char *workingdir = 0;
+ 	char *errorlog = 0;
+ 	char *ptr = 0;
+ 	char errorbuf[BUFSIZ];
+ 	extern char *config_get_errorlog(void);
+@@ -103,16 +104,22 @@
+ 				break;
+ 
+ 			default:
+ 				_exit( 0 );
+ 			}
+ 			break;
+ 		}
+ 
+		/* call this right after the fork, but before closing stdin */
+		if (slapd_do_all_nss_ssl_init(slapd_exemode, importexport_encrypt,
+									  s_port, ports_info)) {
+			exit(1);
+		}
+
+ 		workingdir = config_get_workingdir();
+ 		if ( NULL == workingdir ) {
+ 			errorlog = config_get_errorlog();
+ 			if ( NULL == errorlog ) {
+ 				(void) chdir( "/" );
+ 			} else {
+ 				if ((ptr = strrchr(errorlog, '/')) ||
+ 					(ptr = strrchr(errorlog, '\\'))) {
+@@ -145,17 +152,22 @@
+ #else /* USE_SETSID */
+ 		if ( (sd = open( "/dev/tty", O_RDWR )) != -1 ) {
+ 			(void) ioctl( sd, TIOCNOTTY, NULL );
+ 			(void) close( sd );
+ 		}
+ #endif /* USE_SETSID */
+ 
+ 		g_set_detached(1);
+-	} 
+	} else { /* not detaching - call nss/ssl init */
+		if (slapd_do_all_nss_ssl_init(slapd_exemode, importexport_encrypt,
+									  s_port, ports_info)) {
+			exit(1);
+		}
+	}
+ 
+ 	(void) SIGNAL( SIGPIPE, SIG_IGN );
+ #endif /* _WIN32 */
+ }
+ 
+ 
+ #ifndef _WIN32
+ /*
+Index: ldap/servers/slapd/main.c
+===================================================================
+RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/main.c,v
+retrieving revision 1.22
+diff -u -8 -r1.22 main.c
+--- ldap/servers/slapd/main.c	18 Oct 2007 00:08:34 -0000	1.22
+++ ldap/servers/slapd/main.c	2 Apr 2008 23:32:28 -0000
+@@ -896,58 +896,24 @@
+ 	return_value = main_setuid(slapdFrontendConfig->localuser);
+ 	if (0 != return_value) {
+ 		LDAPDebug( LDAP_DEBUG_ANY, "Failed to change user and group identity to that of %s\n",
+ 				   slapdFrontendConfig->localuser, 0, 0 );
+ 		exit(1);
+ 	}
+ #endif
+ 
+-	/*
+-	 * Initialise NSS once for the whole slapd process, whether SSL
+-	 * is enabled or not. We use NSS for random number generation and
+-	 * other things even if we are not going to accept SSL connections.
+-	 * We also need NSS for attribute encryption/decryption on import and export.
+-	 */
+-	init_ssl = ( (slapd_exemode == SLAPD_EXEMODE_SLAPD) || importexport_encrypt) 
+-				&& config_get_security()
+-				&& (0 != s_port) && (s_port <= LDAP_PORT_MAX);
+-	/* As of DS 6.1, always do a full initialization so that other
+-	 * modules can assume NSS is available
+-	 */
+-	if ( slapd_nss_init((slapd_exemode == SLAPD_EXEMODE_SLAPD),
+-			(slapd_exemode != SLAPD_EXEMODE_REFERRAL) /* have config? */ )) {
+-		 LDAPDebug(LDAP_DEBUG_ANY,
+-					"ERROR: NSS Initialization Failed.\n", 0, 0, 0);
+-		 exit (1);
+-	}
+-
+-	if (slapd_exemode == SLAPD_EXEMODE_SLAPD) {
+-		client_auth_init();
+-	}
+-
+-	if ( init_ssl && ( 0 != slapd_ssl_init())) {
+-		LDAPDebug(LDAP_DEBUG_ANY,
+-					"ERROR: SSL Initialization Failed.\n", 0, 0, 0 );
+-		exit( 1 );
+-	}
+-
+-	if ((slapd_exemode == SLAPD_EXEMODE_SLAPD) ||
+-		(slapd_exemode == SLAPD_EXEMODE_REFERRAL)) {
+-		if ( init_ssl ) {
+-			PRFileDesc **sock;
+-			for (sock = ports_info.s_socket; sock && *sock; sock++) {
+-				if ( 0 != slapd_ssl_init2(sock, 0) ) {
+-					LDAPDebug(LDAP_DEBUG_ANY,
+-					  "ERROR: SSL Initialization phase 2 Failed.\n", 0, 0, 0 );
+-					exit( 1 );
+-				}
+-			}
+-		}
+-	}
+    /* Do NSS and/or SSL init for those modes other than listening modes */
+    if ((slapd_exemode != SLAPD_EXEMODE_REFERRAL) &&
+        (slapd_exemode != SLAPD_EXEMODE_SLAPD)) {
+        if (slapd_do_all_nss_ssl_init(slapd_exemode, importexport_encrypt,
+                                      s_port, &ports_info)) {
+            return 1;
+        }
+    }
+ 
+ 	/*
+ 	 * if we were called upon to do special database stuff, do it and be
+ 	 * done.
+ 	 */
+ 	switch ( slapd_exemode ) {
+ 	case SLAPD_EXEMODE_LDIF2DB:
+ 		return slapd_exemode_ldif2db();
+@@ -997,17 +963,18 @@
+ 
+ 	/*
+ 	 * Detach ourselves from the terminal (unless running in debug mode).
+ 	 * We must detach before we start any threads since detach forks() on
+ 	 * UNIX.
+ 	 * Have to detach after ssl_init - the user may be prompted for the PIN
+ 	 * on the terminal, so it must be open.
+ 	 */
+-	detach();
+	detach(slapd_exemode, importexport_encrypt,
+           s_port, &ports_info);
+ 
+   /*
+    * Now write our PID to the startup PID file.
+    * This is used by the start up script to determine our PID quickly
+    * after we fork, without needing to wait for the 'real' pid file to be
+    * written. That could take minutes. And the start script will wait
+    * that long looking for it. With this new 'early pid' file, it can avoid
+    * doing that, by detecting the pid and watching for the process exiting.
+@@ -2880,8 +2847,72 @@
+ 				"values with a + character, e.g., all of the following"
+ 				" have the same effect:\n"
+ 				"    -d connections+filters\n"
+ 				"    -d 8+32\n"
+ 				"    -d 40\n" );
+ }
+ #endif /* LDAP_DEBUG */
+ 
+/*
+  This function does all NSS and SSL related initialization
+  required during startup.  We use this function rather
+  than just call this code from main because we must perform
+  all of this initialization after the fork() but before
+  we detach from the controlling terminal.  This is because
+  the NSS softokn requires that NSS_Init is called after the
+  fork - this was always the case, but it is a hard error in
+  NSS 3.11.99 and later.  We also have to call NSS_Init before
+  doing the detach because NSS may prompt the user for the
+  token (h/w or softokn) password on stdin.  So we use this
+  function that we can call from detach() if running in 
+  regular slapd exemode or from main() if running in other
+  modes (or just not detaching).
+*/
+int
+slapd_do_all_nss_ssl_init(int slapd_exemode, int importexport_encrypt,
+                          int s_port, daemon_ports_t *ports_info)
+{
+	/*
+	 * Initialise NSS once for the whole slapd process, whether SSL
+	 * is enabled or not. We use NSS for random number generation and
+	 * other things even if we are not going to accept SSL connections.
+	 * We also need NSS for attribute encryption/decryption on import and export.
+	 */
+	int init_ssl = ( (slapd_exemode == SLAPD_EXEMODE_SLAPD) || importexport_encrypt) 
+        && config_get_security()
+        && (0 != s_port) && (s_port <= LDAP_PORT_MAX);
+	/* As of DS 6.1, always do a full initialization so that other
+	 * modules can assume NSS is available
+	 */
+	if ( slapd_nss_init((slapd_exemode == SLAPD_EXEMODE_SLAPD),
+                        (slapd_exemode != SLAPD_EXEMODE_REFERRAL) /* have config? */ )) {
+        LDAPDebug(LDAP_DEBUG_ANY,
+                  "ERROR: NSS Initialization Failed.\n", 0, 0, 0);
+        exit (1);
+	}
+
+	if (slapd_exemode == SLAPD_EXEMODE_SLAPD) {
+        client_auth_init();
+	}
+
+	if ( init_ssl && ( 0 != slapd_ssl_init())) {
+		LDAPDebug(LDAP_DEBUG_ANY,
+                  "ERROR: SSL Initialization Failed.\n", 0, 0, 0 );
+		exit( 1 );
+	}
+
+	if ((slapd_exemode == SLAPD_EXEMODE_SLAPD) ||
+		(slapd_exemode == SLAPD_EXEMODE_REFERRAL)) {
+		if ( init_ssl ) {
+			PRFileDesc **sock;
+			for (sock = ports_info->s_socket; sock && *sock; sock++) {
+				if ( 0 != slapd_ssl_init2(sock, 0) ) {
+					LDAPDebug(LDAP_DEBUG_ANY,
+                              "ERROR: SSL Initialization phase 2 Failed.\n", 0, 0, 0 );
+					exit( 1 );
+				}
+			}
+		}
+	}
+
+    return 0;
+}
+Index: ldap/servers/slapd/proto-slap.h
+===================================================================
+RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/proto-slap.h,v
+retrieving revision 1.31
+diff -u -8 -r1.31 proto-slap.h
+--- ldap/servers/slapd/proto-slap.h	18 Oct 2007 01:22:29 -0000	1.31
+++ ldap/servers/slapd/proto-slap.h	2 Apr 2008 23:32:28 -0000
+@@ -478,17 +478,18 @@
+  * delete.c
+  */
+ void do_delete( Slapi_PBlock *pb );
+ 
+ 
+ /*
+  * detach.c
+  */
+-void detach( void );
+void detach( int slapd_exemode, int importexport_encrypt,
+             int s_port, daemon_ports_t *ports_info );
+ #ifndef _WIN32
+ void close_all_files( void );
+ #endif
+ void raise_process_limits( void );
+ 
+ 
+ /*
+  * dn.c
+@@ -874,17 +875,16 @@
+ int slapd_sasl_ext_client_bind( LDAP* ld, int **msgid);
+ int slapd_nss_init(int init_ssl, int config_available);
+ int slapd_ssl_init();
+ int slapd_ssl_init2(PRFileDesc **fd, int startTLS);
+ int slapd_security_library_is_initialized();
+ int slapd_ssl_listener_is_initialized();
+ int sasl_io_cleanup(Connection *c);
+ 
+-
+ /*
+  * security_wrappers.c
+  */
+ int slapd_ssl_handshakeCallback(PRFileDesc *fd, void * callback, void * client_data);
+ int slapd_ssl_badCertHook(PRFileDesc *fd, void * callback, void * client_data);
+ CERTCertificate * slapd_ssl_peerCertificate(PRFileDesc *fd);
+ SECStatus slapd_ssl_getChannelInfo(PRFileDesc *fd, SSLChannelInfo *sinfo, PRUintn len);
+ SECStatus slapd_ssl_getCipherSuiteInfo(PRUint16 ciphersuite, SSLCipherSuiteInfo *cinfo, PRUintn len);
+@@ -1272,9 +1272,12 @@
+ #endif
+ 
+ /*
+  * main.c
+  */
+ #if ( defined( hpux ) || defined( irix ))
+ void signal2sigaction( int s, void *a );
+ #endif
+int slapd_do_all_nss_ssl_init(int slapd_exemode, int importexport_encrypt,
+                              int s_port, daemon_ports_t *ports_info);
+
+ #endif /* _PROTO_SLAP */