summaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-support/openldap
Commit message (Collapse)AuthorAgeFilesLines
* cve_check: convert CVE_CHECK_IGNORE to CVE_STATUSAndrej Valek2023-07-271-3/+0
| | | | | | | | | - Try to add convert and apply statuses for old CVEs - Drop some obsolete ignores, while they are not relevant for current version Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: Upgrade 2.5.12 -> 2.5.13Jiaqing Zhao2022-10-104-123/+1
| | | | | Signed-off-by: Jiaqing Zhao <jiaqing.zhao@linux.intel.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: Fix configure check for pthread_detachKhem Raj2022-09-072-0/+33
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: pass correct URANDOM_DEVICE to CPPFLAGSYi Zhao2022-06-301-1/+1
| | | | | | | | | | | | We encountered a runtime error with slappasswd: $ slappasswd -s foo Password generation failed for scheme {SSHA}: This is because the URANDOM_DEVICE is not passed to CPPFLAGS correctly, then the program can not open /dev/urandom. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: Remove unnecessary use-urandom.patchJiaqing Zhao2022-05-242-36/+0
| | | | | | | | | | use-urandom.patch sets URANDOM_DEVICE to /dev/urandom when cross compiling, but the same value is also defined in the recipe's compile flags. This patch removes that unnecessary patch and resolves the redefinition warning. Signed-off-by: Jiaqing Zhao <jiaqing.zhao@linux.intel.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: Upgrade 2.5.9 -> 2.5.12Jiaqing Zhao2022-05-041-3/+2
| | | | | | License-Update: Copyright year updated to 2022 Signed-off-by: Jiaqing Zhao <jiaqing.zhao@linux.intel.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: Remove libgcrypt dependencyJiaqing Zhao2022-05-042-17/+1
| | | | | | | Since OpenLDAP 2.5.0, it uses nettle instead of gcrypt. Signed-off-by: Jiaqing Zhao <jiaqing.zhao@linux.intel.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: correct slapd systemd service supportStefan Herbrechtsmeier2022-03-291-1/+2
| | | | | Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: Use renamed variable CVE_CHECK_IGNOREKhem Raj2022-02-241-1/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: add CVE-2015-3276 to allowlistMatsunaga-Shinji2022-02-241-0/+3
| | | | | | | CVE-2015-3276 has no target code. Signed-off-by: Matsunaga-Shinji <shin.matsunaga@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Fix DeprecationWarning about regexpsMartin Jansa2022-02-211-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | * fixes: meta-oe/meta-networking/recipes-support/strongswan/strongswan_5.9.4.bb:125: DeprecationWarning: invalid escape sequence \. meta-oe/meta-networking/recipes-support/strongswan/strongswan_5.9.4.bb:126: DeprecationWarning: invalid escape sequence \. meta-oe/meta-networking/recipes-support/strongswan/strongswan_5.9.4.bb:128: DeprecationWarning: invalid escape sequence \. meta-oe/meta-networking/recipes-support/strongswan/strongswan_5.9.4.bb:129: DeprecationWarning: invalid escape sequence \. meta-oe/meta-networking/recipes-support/strongswan/strongswan_5.9.4.bb:130: DeprecationWarning: invalid escape sequence \. meta-oe/meta-oe/recipes-graphics/ttf-fonts/ttf-mplus_027.bb:18: DeprecationWarning: invalid escape sequence \. meta-oe/meta-oe/recipes-multimedia/libcdio/libcdio-paranoia_10.2+2.0.1.bb:21: DeprecationWarning: invalid escape sequence \. meta-oe/meta-oe/recipes-multimedia/libcdio/libcdio_2.1.0.bb:28: DeprecationWarning: invalid escape sequence \. oe-core/meta/classes/package.bbclass:1342: DeprecationWarning: invalid escape sequence \. oe-core/meta/classes/package.bbclass:1343: DeprecationWarning: invalid escape sequence \- oe-core/meta/classes/package.bbclass:1343: DeprecationWarning: invalid escape sequence \. oe-core/meta/classes/package.bbclass:1344: DeprecationWarning: invalid escape sequence \. oe-core/meta/classes/package.bbclass:1345: DeprecationWarning: invalid escape sequence \. oe-core/meta/classes/package.bbclass:1348: DeprecationWarning: invalid escape sequence \. oe-core/meta/classes/package.bbclass:1350: DeprecationWarning: invalid escape sequence \. oe-core/meta/classes/package.bbclass:1353: DeprecationWarning: invalid escape sequence \. oe-core/meta/classes/package.bbclass:1355: DeprecationWarning: invalid escape sequence \. oe-core/meta/classes/package.bbclass:1358: DeprecationWarning: invalid escape sequence \. oe-core/meta/classes/package.bbclass:1360: DeprecationWarning: invalid escape sequence \. oe-core/meta/classes/package.bbclass:1365: DeprecationWarning: invalid escape sequence \. Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: Fix build with muslKhem Raj2022-02-072-0/+55
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: ignore the mkdir errors in MakefileYi Zhao2022-01-182-0/+34
| | | | | | | | | | | Ignore the mkdir errors to fix the parallel build failure: ../../build/shtool mkdir -p TOPDIR/tmp-glibc/work/cortexa15t2hf-neon-wrs-linux-gnueabi/openldap/2.5.9-r0/image/usr/lib mkdir: cannot create directory 'TOPDIR/tmp-glibc/work/cortexa15t2hf-neon-wrs-linux-gnueabi/openldap/2.5.9-r0/image/usr/lib': File exists make[1]: *** [Makefile:288: install-local] Error 1 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: fix strip issue with new patchYi Zhao2021-12-093-22/+39
| | | | | | | | | | | | | | | | The patch install-strip.patch tries to fix the [already-stripped] QA error with an outdated install-sh script which causes a parallel installation failure: ../../build/shtool mkdir -p TOPDIR/tmp-glibc/work/core2-32-wrs-linux/openldap/2.5.9-r0/image/usr/lib STRIPPROG="" ../../i686-wrs-linux-libtool --mode=install ../../contrib/ldapc++/install-sh -c -m 644 liblber.la TOPDIR/tmp-glibc/work/core2-32-wrs-linux/openldap/2.5.9-r0/image/usr/lib mkdir: cannot create directory 'TOPDIR/tmp-glibc/work/core2-32-wrs-linux/openldap/2.5.9-r0/image/usr/lib': File exists With the new version of openldap, we can fix the strip issue by unsetting STRIP_OPTS. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: upgrade 2.5.8 -> 2.5.9Yi Zhao2021-12-094-6/+6
| | | | | | | | OpenLDAP 2.5.9 Release (2021/10/25) Fixed slapo-accesslog to initialize minCSN on import of 2.4 databases (ITS#9720) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: fix parallel build failureYi Zhao2021-12-022-0/+33
| | | | | | | | | Add slapd-common.o as dependency for ldif-filter to fix the parallel build failure: ld: cannot find slapd-common.o: No such file or directory Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: upgrade 2.4.58 -> 2.5.8Salman Ahmed2021-11-237-156/+35
| | | | | | | | | | | - dropped retired backends (bdb, hdb, shell) - back-monitor is now built as part of slapd - added asyncmeta and wt backends - dropped patches for functionalities which don't exist anymore Signed-off-by: Salman Ahmed <salman.ahmed@weidmueller.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Convert to new override syntaxMartin Jansa2021-08-031-27/+27
| | | | | | | | | | This is the result of automated script (0.9.1) conversion: oe-core/scripts/contrib/convert-overrides.py . converting the metadata to use ":" as the override character instead of "_". Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* openldap: upgrade 2.4.57 -> 2.4.58Changqing Li2021-03-221-2/+2
| | | | | Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: Refresh patches to remove fuzzKhem Raj2021-02-226-23/+13
| | | | | | Fixes [patch-fuzz] QA errors Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: Fix build with autoconf 2.70+Khem Raj2021-02-081-1/+3
| | | | | | | New autoconf is stricter about aux files therefore bring them from libtool native as they can not go missing anymore Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: upgrade 2.4.56 -> 2.4.57zhengruoqin2021-01-221-3/+3
| | | | | | | -License-Update: Copyright year updated to 2021. Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: upgrade 2.4.51 -> 2.4.56zangrc2020-11-231-2/+2
| | | | | Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: upgrade 2.4.50 -> 2.4.51Zang Ruochen2020-08-211-2/+2
| | | | | Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: packaging fixesKonrad Weihmann2020-07-061-2/+2
| | | | | | | | | | | | | in FILES_${PN}-slurpd: - ${localstatedir}/volatile/run is already covered by FILES_${PN}-slapd - ${localstatedir}/run is already covered by FILES_${PN}-slapd in FILES_${PN}-dev: - ${libdir}/*.a is already covered by FILES_${PN}-staticdev remove the settings as they were without effect anyway Signed-off-by: Konrad Weihmann <kweihmann@outlook.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: upgrade 2.4.49 -> 2.4.50Wang Mingyu2020-05-211-2/+2
| | | | | Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: upgrade 2.4.48 -> 2.4.49Zang Ruochen2020-02-212-34/+3
| | | | | | | | | | -License-Update: Copyright year updated to 2020. -openldap/kill-icu.patch Removed since this is included in 2.4.49. Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: upgrade 2.4.47 -> 2.4.48Zang Ruochen2019-08-021-3/+3
| | | | | | | -License-Update: Copyright year updated to 2019. Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: add missing CVE tag to patchQi.Chen@windriver.com2019-04-061-0/+2
| | | | | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: upgrade 2.4.46 -> 2.4.47Changqing Li2019-02-222-17/+32
| | | | | Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: improve reproducibilityMingli Yu2019-01-231-1/+1
| | | | | | | | | Rework remove-user-host-pwd-from-version.patch to fix below buildpath warning: | WARNING: openldap-2.4.46-r0 do_package_qa: QA Issue: File /work/core2-64-wrs-linux/openldap/2.4.46-r0/packages-split/openldap-bin/usr/bin/ldappasswd in package contained reference to tmpdir [buildpaths] Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: Reproducibility: Remove user, hostname, pwd from version stringdouglas.royds2018-10-261-5/+22
| | | | | | | | | | This updated patch also sets the date and time strings to the SOURCE_DATE_EPOCH. The WHOWHERE string will now be set to simply "openldap" in the case that a SOURCE_DATE_EPOCH is set. Upstream-Status: Submitted [https://www.openldap.org/its/index.cgi/Incoming?id=8928] Signed-off-by: Douglas Royds <douglas.royds@taitradio.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: Reproducibility: Remove user, hostname, pwd from version stringdouglas.royds2018-10-092-0/+13
| | | | | | Upstream-Status: Pending Signed-off-by: Douglas Royds <douglas.royds@taitradio.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: upgrade 2.4.45 -> 2.4.46changqing.li@windriver.com2018-07-036-8/+13
| | | | | Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: fix QA WarningQi Hou2017-12-221-0/+1
| | | | | | | | | | | | | | | | | While building openldap, there was a warning, like below: WARNING: QA Issue: openldap: Files/directories were installed but not shipped in any package: /usr/libexec Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install. openldap: 1 installed and not shipped files. [installed-vs-shipped] This is because that after openldap all contents of /usr/libexec are split into subsets or moved into other directory and no one makes use of it. So, to fix this QA warning, delete /usr/libexec. Signed-off-by: Qi Hou <qi.hou@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openldap: fix native LDFLAGS build errorIoan-Adrian Ratiu2017-08-281-1/+1
| | | | | | | | | | | | | | LDFLAGS += "-pthread" adds the flag both for native and target builds, however the openldap-native build overwrites the variable inside native.bbclass causing "undefined reference to `pthread_getspecific'" and other linker errors. Change the append to happen after parsing by using the override syntax and thus make sure it executes after native.bbclass (bitbake -e reports pre-expansion value "${BUILD_LDFLAGS} -pthread"). Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* openldap: 2.4.44 -> 2.4.45Huang Qiyu2017-08-132-34/+3
| | | | | | | | | 1) Upgrade openldap from 2.4.44 to 2.4.45 2) Delete openldap-CVE-2017-9287.patch, since it is integrated upstream. 3) License checksum changed, since the copyright years were updated. Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* openldap: Fix CVE-2017-9287fan.xin2017-06-142-0/+31
| | | | | | | | | | | | | servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0. Patch reference: http://www.openldap.org/its/?findid=8655 Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* Make use of the new bb.utils.filter() functionPeter Kjellerstedt2017-03-071-1/+1
| | | | | Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* remove some more True options to getVar callsAndre McCurdy2017-02-131-1/+1
| | | | | | | | | | | getVar() now defaults to expanding by default, thus remove the True option from getVar() calls. Fix a small number of cases not addressed by the original patch: http://git.openembedded.org/meta-openembedded/commit/?id=efd3696e70a6603f1a45faa4a172433514f0a487 Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* remove True option to getVar callsJoshua Lock2016-12-021-1/+1
| | | | | | | | | getVar() now defaults to expanding by default, thus remove the True option from getVar() calls with a regex search and replace. Search made with the following regex: getVar ?\(( ?[^,()]*), True\) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
* openldap: Fix Build error due to missing -fPICKhem Raj2016-11-261-1/+1
| | | | | | | | | Fixes errors e.g. relocation R_AARCH64_ADR_PREL_PG_HI21 against external symbol `stderr@@GLIBC_2.17' can not be us ed when making a shared object; recompile with -fPIC Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openldap: use recommended backend mdbKai Kang2016-10-261-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | The mdb backend to slapd(8) is the recommended primary backend for a normal slapd database. Add PACKAGECONFIG 'mdb' to enable it and build mdb as SLAPD_STATIC_BACKENDS. This fixes the errors while starting slapd: $systemctl start slapd Job for slapd.service failed because the control process exited \ with error code. See "systemctl status slapd.service" and \ "journalctl -xe" for details. $ systemctl status slapd ... /etc/openldap/slapd.conf: line 53: <database> failed init (bdb) Unrecognized database type (bdb) slapd.service: Control process exited, code=exited status=1 ... Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* openldap: fix CVE-2015-3276Li Wang2016-09-192-0/+60
| | | | | | | | | | | | | | | | the patch comes from: https://bugzilla.redhat.com/show_bug.cgi?id=1238322 https://bugzilla.redhat.com/attachment.cgi?id=1055640 The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors. Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* openldap: 2.4.43 -> 2.4.44Wang Xin2016-09-051-3/+3
| | | | | | | | 1)Upgrade openldap from 2.4.43 to 2.4.44. 2)Modify LIC_FILES_CHKSUM, since the date in it has been changed, But the LICENSE has not been changed. Signed-off-by: Wang Xin <wangxin2015.fnst@cn.fujitsu.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* meta-oe: remove trailing spacesMartin Jansa2016-08-221-1/+1
| | | | Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* openldap: control ipv6 support via DISTRO_FEATURESRichard Tollerton2016-03-251-0/+2
| | | | | | | Explicitly disable ipv6 support if the distro does not include it. Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* openldap: enable native buildIoan-Adrian Ratiu2016-02-151-0/+2
| | | | | | | | This is required by the apr-util & apache2 recipes to enable ldap support without breaking the build (nothing provides -native) Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* openldap: improve packaging of OpenLDAP modulesBruno Vernay2016-02-011-1/+27
| | | | Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* openldap: upgrade to 2.4.43fan.xin2015-12-182-31/+2
| | | | | | | | | | | 1. Upgrade openldap from 2.4.42 to 2.4.43 2. Delete patch file openldap-fix-CVE-2015-6908.patch because the bug(ITS#8240) has been fixed in OpenLDAP 2.4.43 http://www.openldap.org/software/release/changes.html Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-07 14:24:24 +0000