aboutsummaryrefslogblamecommitdiffstats
path: root/main/openldap/APKBUILD
blob: 9691997590664d30961b435b6e40248bad75ad97 (plain) (tree)
1
2
3
4
5
6
7
8
9
                                                   
                                               

           

                    


                    


                    


                   
                
             
        

                              
          
                

                
                                                       
                                                                         
                          
                                              
                                                                           
                                                
                                                 
                                                                          
                                                                                                 

                                       
                                   
                          
                     
                        
 

                   

                                                                                                                                

         
                



                                                               
                                                                
                                                   
    
 









                                                                       
           


                         
 

                                                 

 
         

                      



                                 
                                       



                                                   
                                
                                  
                                  
                                  
                                     
                                  
                                   
                                  






                                      
                                  
                                       
                                    

                                 
 
                             
                                           
                                             
 
                              
                                              
                                                      


           













                                                                

                                  





                                                             
                                  
 



                                                         

                                       
 


                                              
 

                                                                


           
                                    

                  
 
                                                     

 

                                       

                      

 

                                       


                                        
 
 

                                         




                                             






                                                                     






                                                                     






                                                     









                                                      




                                                           

 
                                                                                                                                                                 

                                                                                                                                                                 
                                                                                                                                                             
                                                                                                                                                    
                                                                                                                                               
                                                                                                                                                  
                                                                                                                                             

                                                                                                                                                       
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
#
# secfixes:
#   2.4.48-r1:
#   - CVE-2020-12243
#   2.4.48-r0:
#   - CVE-2019-13565
#   - CVE-2019-13057
#   2.4.46-r0:
#   - CVE-2017-14159
#   - CVE-2017-17740
#   2.4.44-r5:
#   - CVE-2017-9287
#
pkgname=openldap
pkgver=2.4.48
pkgrel=1
pkgdesc="LDAP Server"
url="http://www.openldap.org/"
arch="all"
license="custom"
pkgusers="ldap"
pkggroups="ldap"
depends_dev="openssl-dev cyrus-sasl-dev util-linux-dev"
makedepends="$depends_dev db-dev groff unixodbc-dev libtool mosquitto-dev
	autoconf automake"
subpackages="$pkgname-dev $pkgname-doc libldap
	$pkgname-clients $pkgname-mqtt $pkgname-passwd-pbkdf2:passwd_pbkdf2
	$pkgname-backend-all:_backend_all:noarch
	$pkgname-overlay-all:_overlay_all:noarch"
install="$pkgname.pre-install $pkgname.post-install $pkgname.post-upgrade"
source="https://www.openldap.org/software/download/OpenLDAP/$pkgname-release/$pkgname-$pkgver.tgz
	openldap-2.4-ppolicy.patch
	openldap-2.4.11-libldap_r.patch
	openldap-mqtt-overlay.patch
	fix-manpages.patch
	configs.patch
	cacheflush.patch

	slapd.initd
	slapd.confd

	CVE-2020-12243.patch::https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440.patch
	"

# SLAPD backends
_backends=""
for _name in bdb dnssrv hdb ldap mdb meta monitor null passwd \
	relay shell sql sock
do
	subpackages="$subpackages $pkgname-back-$_name:_backend"
	_backends="$_backends $pkgname-back-$_name"
done

# SLAPD overlays
_overlays=""
for _name in accesslog auditlog collect constraint dds deref dyngroup \
	dynlist memberof ppolicy proxycache refint retcode rwm seqmod \
	sssvlv syncprov translucent unique valsort
do
	subpackages="$subpackages $pkgname-overlay-$_name:_overlay"
	_overlays="$_overlays $pkgname-overlay-$_name"
done

prepare() {
	cd "$builddir"
	update_config_sub
	default_prepare

	sed -i '/^STRIP/s,-s,,g' build/top.mk
	libtoolize --force && aclocal && autoconf
}

build() {
	cd "$builddir"

	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--libexecdir=/usr/lib \
		--sysconfdir=/etc \
		--mandir=/usr/share/man \
		--localstatedir=/var/lib/openldap \
		--enable-slapd \
		--enable-crypt \
		--enable-modules \
		--enable-dynamic \
		--enable-bdb=mod \
		--enable-dnssrv=mod \
		--enable-hdb=mod \
		--enable-ldap=mod \
		--enable-mdb=mod \
		--enable-meta=mod \
		--enable-monitor=mod \
		--enable-null=mod \
		--enable-passwd=mod \
		--enable-relay=mod \
		--enable-shell=mod \
		--enable-sock=mod \
		--enable-sql=mod \
		--enable-overlays=mod \
		--with-tls=openssl \
		--with-cyrus-sasl
	make

	# Build MQTT overlay.
	make prefix=/usr libexec=/usr/lib \
		-C contrib/slapd-modules/mqtt

	# Build passwd pbkdf2.
	make prefix=/usr libexecdir=/usr/lib \
		-C contrib/slapd-modules/passwd/pbkdf2
}

package() {
	cd "$builddir"

	make DESTDIR="$pkgdir" install

	# Install MQTT overlay.
	make DESTDIR="$pkgdir" prefix=/usr libexec=/usr/lib \
		-C contrib/slapd-modules/mqtt install

	# Install passwd pbkdf2.
	make DESTDIR="$pkgdir" prefix=/usr libexecdir=/usr/lib \
		-C contrib/slapd-modules/passwd/pbkdf2 install

	cd "$pkgdir"

	rmdir var/lib/openldap/run

	# Fix tools symlinks to slapd.
	local path; for path in $(find usr/sbin/ -type l); do
		ln -sf slapd $path
	done

	# Move executable from lib to sbin.
	mv usr/lib/slapd usr/sbin/

	# Move *.default configs to docs.
	mkdir -p usr/share/doc/$pkgname
	mv etc/openldap/*.default usr/share/doc/$pkgname/

	chgrp ldap etc/openldap/slapd.*
	chmod g+r etc/openldap/slapd.*

	install -d -m 700 -o ldap -g ldap \
		var/lib/openldap \
		var/lib/openldap/openldap-data

	install -D -m 755 "$srcdir"/slapd.initd etc/init.d/slapd
	install -D -m 644 "$srcdir"/slapd.confd etc/conf.d/slapd
}

libldap() {
	pkgdesc="OpenLDAP libraries"
	depends=""
	install=""

	_submv "usr/lib/*.so*" etc/openldap/ldap.conf
}

clients() {
	pkgdesc="LDAP client utilities"

	_submv usr/bin
}

mqtt() {
	pkgdesc="OpenLDAP MQTT overlay"
	depends="$pkgname"

	_submv "usr/lib/openldap/mqtt.*"
}

passwd_pbkdf2() {
	pkgdesc="PBKDF2 OpenLDAP support"
	depends="$pkgname"

	_submv "usr/lib/openldap/pw-pbkdf2.*"
}

_backend_all() {
	pkgdesc="Virtual package that installs all OpenLDAP backends"
	depends="$_backends"

	mkdir -p "$subpkgdir"
}

_overlay_all() {
	pkgdesc="Virtual package that installs all OpenLDAP overlays"
	depends="$_overlays"

	mkdir -p "$subpkgdir"
}

_backend() {
	backend_name="${subpkgname#openldap-back-}"
	pkgdesc="OpenLDAP $backend_name backend"

	_submv "usr/lib/openldap/back_$backend_name*"
}

_overlay() {
	overlay_name="${subpkgname#openldap-overlay-}"
	pkgdesc="OpenLDAP $backend_name overlay"

	case "$overlay_name" in
		proxycache) overlay_name=pcache;;
	esac
	_submv "usr/lib/openldap/$overlay_name*"
}

_submv() {
	local path; for path in "$@"; do
		mkdir -p "$subpkgdir"/${path%/*}
		mv "$pkgdir"/$path "$subpkgdir"/${path%/*}/
	done
}

sha512sums="cf694a415be0bd55cc7f606099da2ed461748efd276561944cd29d7f5a8252a9be799d8778fac2d4fa9f382731eb4ca48c6b85630cb58a3b8249843561ae8feb  openldap-2.4.48.tgz
5d34d49eabe7cb66cf8284cc3bd9730fa23df4932df68549e242d250ee50d40c434ae074ebc720d5fbcd9d16587c9333c5598d30a5f1177caa61461ab7771f38  openldap-2.4-ppolicy.patch
44d97efb25d4f39ab10cd5571db43f3bfa7c617a5bb087085ae16c0298aca899b55c8742a502121ba743a73e6d77cd2056bc96cee63d6d0862dabc8fb5574357  openldap-2.4.11-libldap_r.patch
9c7f41279e91ed995c91e9a8c543c797d9294a93cf260afdc03ab5777e45ed045a4d6a4d4d0180b5dc387dc04babca01d818fbfa8168309df44f4500d2a430a4  openldap-mqtt-overlay.patch
8c4244d316a05870dd1147b2ab7ddbcfd7626b5dce2f5a0e72f066dc635c2edb4f1ea3be88c6fec2d5ab016001be16bedef70f2ce0695c3cd96f69e1614ff177  fix-manpages.patch
0d2e570ddcb7ace1221abad9fc1d3dd0d00d6948340df69879b449959a68feee6a0ad8e17ef9971b35986293e16fc9d8e88de81815fedd5ea6a952eb085406ca  configs.patch
60c1ec62003a33036de68402544e25a71715ed124a3139056a94ed1ba02fb8148ee510ab8f182a308105a2f744b9787e67112bcd8cd0d800cdb6f5409c4f63ff  cacheflush.patch
0c3606e4dad1b32f1c4b62f2bc1990a4c9f7ccd10c7b50e623309ba9df98064e68fc42a7242450f32fb6e5fa2203609d3d069871b5ae994cd4b227a078c93532  slapd.initd
64dc4c0aa0abe3d9f7d2aef25fe4c8e23c53df2421067947ac4d096c9e942b26356cb8577ebc41b52d88d0b0a03b2a3e435fe86242671f9b36555a5f82ee0e3a  slapd.confd
d4d8bec1c23c73e7126462bfe2e51cb603d1e83be4c64698ac167f221d515554b3b0e311f9789450b5c4c206c09cbdad1842b0b5b2364919967195da4ea6d833  CVE-2020-12243.patch"