openldap: upgrade 2.4.50 -> 2.4.51

Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 70860d99bf4e8036af1adccced8f9066f6dd50a6)
[Bug fix only update]
Signed-off-by: Armin Kuster <akuster808@gmail.com>

1 files changed, 254 insertions, 0 deletions

diff --git a/meta-oe/recipes-support/openldap/openldap_2.4.51.bb b/meta-oe/recipes-support/openldap/openldap_2.4.51.bb
new file mode 100644
index 0000000000..d2c5746080
--- /dev/null
+++ b/meta-oe/recipes-support/openldap/openldap_2.4.51.bb
@@ -0,0 +1,254 @@
+SUMMARY = "OpenLDAP Directory Service"
+DESCRIPTION = "OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol."
+HOMEPAGE = "http://www.OpenLDAP.org/license.html"
+# The OpenLDAP Public License - see the HOMEPAGE - defines
+# the license.  www.openldap.org claims this is Open Source
+# (see http://www.openldap.org), the license appears to be
+# basically BSD.  opensource.org does not record this license
+# at present (so it is apparently not OSI certified).
+LICENSE = "OpenLDAP"
+LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=5391b559d23a2237bdb21e7a62dae7c3 \
+                    file://LICENSE;md5=153d07ef052c4a37a8fac23bc6031972 \
+                    "
+SECTION = "libs"
+
+LDAP_VER = "${@'.'.join(d.getVar('PV').split('.')[0:2])}"
+
+SRC_URI = "http://www.openldap.org/software/download/OpenLDAP/openldap-release/${BP}.tgz \
+    file://openldap-m4-pthread.patch \
+    file://openldap-2.4.28-gnutls-gcrypt.patch \
+    file://use-urandom.patch \
+    file://initscript \
+    file://slapd.service \
+    file://thread_stub.patch \
+    file://openldap-CVE-2015-3276.patch \
+    file://remove-user-host-pwd-from-version.patch \
+"
+
+SRC_URI[md5sum] = "0d2025896cf1c17af7304ecc57ec9531"
+SRC_URI[sha256sum] = "f490775ea4c6506b7210ee55a102c8f4aacfe9d1c8eaa633c7316d33a714be62"
+
+DEPENDS = "util-linux groff-native"
+
+# The original top.mk used INSTALL, not INSTALL_STRIP_PROGRAM when
+# installing .so and executables, this fails in cross compilation
+# environments
+SRC_URI += "file://install-strip.patch"
+
+inherit autotools-brokensep update-rc.d systemd
+
+# CV SETTINGS
+# Required to work round AC_FUNC_MEMCMP which gets the wrong answer
+# when cross compiling (should be in site?)
+EXTRA_OECONF += "ac_cv_func_memcmp_working=yes"
+
+# CONFIG DEFINITIONS
+# The following is necessary because it cannot be determined for a
+# cross compile automagically.  Select should yield fine on all OE
+# systems...
+EXTRA_OECONF += "--with-yielding-select=yes"
+# Shared libraries are nice...
+EXTRA_OECONF += "--enable-dynamic"
+
+PACKAGECONFIG ??= "gnutls modules \
+                   mdb ldap meta monitor null passwd shell proxycache dnssrv \
+                   ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \
+"
+#--with-tls              with TLS/SSL support auto|openssl|gnutls [auto]
+PACKAGECONFIG[gnutls] = "--with-tls=gnutls,,gnutls libgcrypt"
+PACKAGECONFIG[openssl] = "--with-tls=openssl,,openssl"
+
+PACKAGECONFIG[sasl] = "--with-cyrus-sasl,--without-cyrus-sasl,cyrus-sasl"
+PACKAGECONFIG[modules] = "lt_cv_dlopen_self=yes --enable-modules,--disable-modules,libtool"
+PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6"
+
+# SLAPD options
+#
+# UNIX crypt(3) passwd support:
+EXTRA_OECONF += "--enable-crypt"
+
+# SLAPD BACKEND
+#
+# The backend must be set by the configuration.  This controls the
+# required database.
+#
+# Backends="bdb dnssrv hdb ldap mdb meta monitor ndb null passwd perl relay shell sock sql"
+#
+# Note that multiple backends can be built.  The ldbm backend requires a
+# build-time choice of database API.  The bdb backend forces this to be
+# DB4.  To use the gdbm (or other) API the Berkely database module must
+# be removed from the build.
+md = "${libexecdir}/openldap"
+#
+#--enable-bdb          enable Berkeley DB backend no|yes|mod yes
+# The Berkely DB is the standard choice.  This version of OpenLDAP requires
+# the version 4 implementation or better.
+PACKAGECONFIG[bdb] = "--enable-bdb=yes,--enable-bdb=no,db"
+
+#--enable-dnssrv       enable dnssrv backend no|yes|mod no
+PACKAGECONFIG[dnssrv] = "--enable-dnssrv=mod,--enable-dnssrv=no"
+
+#--enable-hdb          enable Hierarchical DB backend no|yes|mod no
+PACKAGECONFIG[hdb] = "--enable-hdb=yes,--enable-hdb=no,db"
+
+#--enable-ldap         enable ldap backend no|yes|mod no
+PACKAGECONFIG[ldap] = "--enable-ldap=mod,--enable-ldap=no,"
+
+#--enable-mdb          enable mdb database backend no|yes|mod [yes]
+PACKAGECONFIG[mdb] = "--enable-mdb=yes,--enable-mdb=no,"
+
+#--enable-meta         enable metadirectory backend no|yes|mod no
+PACKAGECONFIG[meta] = "--enable-meta=mod,--enable-meta=no,"
+
+#--enable-monitor      enable monitor backend no|yes|mod yes
+PACKAGECONFIG[monitor] = "--enable-monitor=mod,--enable-monitor=no,"
+
+#--enable-ndb          enable MySQL NDB Cluster backend no|yes|mod [no]
+PACKAGECONFIG[ndb] = "--enable-ndb=mod,--enable-ndb=no,"
+
+#--enable-null         enable null backend no|yes|mod no
+PACKAGECONFIG[null] = "--enable-null=mod,--enable-null=no,"
+
+#--enable-passwd       enable passwd backend no|yes|mod no
+PACKAGECONFIG[passwd] = "--enable-passwd=mod,--enable-passwd=no,"
+
+#--enable-perl         enable perl backend no|yes|mod no
+#  This requires a loadable perl dynamic library, if enabled without
+#  doing something appropriate (building perl?) the build will pick
+#  up the build machine perl - not good (inherit perlnative?)
+PACKAGECONFIG[perl] = "--enable-perl=mod,--enable-perl=no,perl"
+
+#--enable-relay        enable relay backend no|yes|mod [yes]
+PACKAGECONFIG[relay] = "--enable-relay=mod,--enable-relay=no,"
+
+#--enable-shell        enable shell backend no|yes|mod no
+# configure: WARNING: Use of --without-threads is recommended with back-shell
+PACKAGECONFIG[shell] = "--enable-shell=mod --without-threads,--enable-shell=no,"
+
+#--enable-sock         enable sock backend no|yes|mod [no]
+PACKAGECONFIG[sock] = "--enable-sock=mod,--enable-sock=no,"
+
+#--enable-sql          enable sql backend no|yes|mod no
+# sql requires some sql backend which provides sql.h, sqlite* provides
+# sqlite.h (which may be compatible but hasn't been tried.)
+PACKAGECONFIG[sql] = "--enable-sql=mod,--enable-sql=no,sqlite3"
+
+#--enable-dyngroup     Dynamic Group overlay no|yes|mod no
+#  This is a demo, Proxy Cache defines init_module which conflicts with the
+#  same symbol in dyngroup
+PACKAGECONFIG[dyngroup] = "--enable-dyngroup=mod,--enable-dyngroup=no,"
+
+#--enable-proxycache   Proxy Cache overlay no|yes|mod no
+PACKAGECONFIG[proxycache] = "--enable-proxycache=mod,--enable-proxycache=no,"
+FILES_${PN}-overlay-proxycache = "${md}/pcache-*.so.*"
+PACKAGES += "${PN}-overlay-proxycache"
+
+# Append URANDOM_DEVICE='/dev/urandom' to CPPFLAGS:
+# This allows tls to obtain random bits from /dev/urandom, by default
+# it was disabled for cross-compiling.
+CPPFLAGS_append = " -D_GNU_SOURCE -DURANDOM_DEVICE=\'/dev/urandom\' -fPIC"
+
+LDFLAGS_append = " -pthread"
+
+do_configure() {
+    cp ${STAGING_DATADIR_NATIVE}/libtool/build-aux/ltmain.sh ${S}/build
+    rm -f ${S}/libtool
+    aclocal
+    libtoolize --force --copy
+    gnu-configize
+    autoconf
+    oe_runconf
+}
+
+LEAD_SONAME = "libldap-${LDAP_VER}.so.*"
+
+# The executables go in a separate package.  This allows the
+# installation of the libraries with no daemon support.
+# Each module also has its own package - see above.
+PACKAGES += "${PN}-slapd ${PN}-slurpd ${PN}-bin"
+
+# Package contents - shift most standard contents to -bin
+FILES_${PN} = "${libdir}/lib*.so.* ${sysconfdir}/openldap/ldap.* ${localstatedir}/${BPN}/data"
+FILES_${PN}-slapd = "${sysconfdir}/init.d ${libexecdir}/slapd ${sbindir} ${localstatedir}/run ${localstatedir}/volatile/run \
+    ${sysconfdir}/openldap/slapd.* ${sysconfdir}/openldap/schema \
+    ${sysconfdir}/openldap/DB_CONFIG.example ${systemd_unitdir}/system/*"
+FILES_${PN}-slurpd = "${libexecdir}/slurpd ${localstatedir}/openldap-slurp"
+FILES_${PN}-bin = "${bindir}"
+FILES_${PN}-dev = "${includedir} ${libdir}/lib*.so ${libdir}/*.la ${libexecdir}/openldap/*.a ${libexecdir}/openldap/*.la ${libexecdir}/openldap/*.so"
+FILES_${PN}-dbg += "${libexecdir}/openldap/.debug"
+
+do_install_append() {
+    install -d ${D}${sysconfdir}/init.d
+    cat ${WORKDIR}/initscript > ${D}${sysconfdir}/init.d/openldap
+    chmod 755 ${D}${sysconfdir}/init.d/openldap
+    # This is duplicated in /etc/openldap and is for slapd
+    rm -f ${D}${localstatedir}/openldap-data/DB_CONFIG.example
+
+    # Installing slapd under ${sbin} is more FHS and LSB compliance
+    mv ${D}${libexecdir}/slapd ${D}/${sbindir}/slapd
+    rmdir --ignore-fail-on-non-empty ${D}${libexecdir}
+    SLAPTOOLS="slapadd slapcat slapdn slapindex slappasswd slaptest slapauth slapacl slapschema"
+    cd ${D}/${sbindir}/
+    rm -f ${SLAPTOOLS}
+    for i in ${SLAPTOOLS}; do ln -sf slapd $i; done
+
+    rmdir "${D}${localstatedir}/run"
+    rmdir --ignore-fail-on-non-empty "${D}${localstatedir}"
+
+    install -d ${D}${systemd_unitdir}/system/
+    install -m 0644 ${WORKDIR}/slapd.service ${D}${systemd_unitdir}/system/
+    sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_unitdir}/system/*.service
+
+    # Uses mdm as the database
+    #  and localstatedir as data directory ...
+    sed -e 's/# modulepath/modulepath/' \
+        -e 's/# moduleload\s*back_bdb.*/moduleload    back_mdb/' \
+        -e 's/database\s*bdb/database        mdb/' \
+        -e 's%^directory\s*.*%directory   ${localstatedir}/${BPN}/data/%' \
+        -i ${D}${sysconfdir}/openldap/slapd.conf
+
+    mkdir -p ${D}${localstatedir}/${BPN}/data
+
+
+}
+
+INITSCRIPT_PACKAGES = "${PN}-slapd"
+INITSCRIPT_NAME_${PN}-slapd = "openldap"
+INITSCRIPT_PARAMS_${PN}-slapd = "defaults"
+SYSTEMD_SERVICE_${PN}-slapd = "hostapd.service"
+SYSTEMD_AUTO_ENABLE_${PN}-slapd ?= "disable"
+
+
+PACKAGES_DYNAMIC += "^${PN}-backends.* ^${PN}-backend-.*"
+
+# The modules require their .so to be dynamicaly loaded
+INSANE_SKIP_${PN}-backend-dnssrv  += "dev-so"
+INSANE_SKIP_${PN}-backend-ldap    += "dev-so"
+INSANE_SKIP_${PN}-backend-meta    += "dev-so"
+INSANE_SKIP_${PN}-backend-mdb     += "dev-so"
+INSANE_SKIP_${PN}-backend-monitor += "dev-so"
+INSANE_SKIP_${PN}-backend-null    += "dev-so"
+INSANE_SKIP_${PN}-backend-passwd  += "dev-so"
+INSANE_SKIP_${PN}-backend-shell   += "dev-so"
+
+
+python populate_packages_prepend () {
+    backend_dir    = d.expand('${libexecdir}/openldap')
+    do_split_packages(d, backend_dir, 'back_([a-z]*)\.so$', 'openldap-backend-%s', 'OpenLDAP %s backend', prepend=True, extra_depends='', allow_links=True)
+    do_split_packages(d, backend_dir, 'back_([a-z]*)\-.*\.so\..*$', 'openldap-backend-%s', 'OpenLDAP %s backend', extra_depends='', allow_links=True)
+
+    metapkg = "${PN}-backends"
+    d.setVar('ALLOW_EMPTY_' + metapkg, "1")
+    d.setVar('FILES_' + metapkg, "")
+    metapkg_rdepends = []
+    packages = d.getVar('PACKAGES').split()
+    for pkg in packages[1:]:
+        if pkg.count("openldap-backend-") and not pkg in metapkg_rdepends and not pkg.count("-dev") and not pkg.count("-dbg") and not pkg.count("static") and not pkg.count("locale"):
+            metapkg_rdepends.append(pkg)
+    d.setVar('RDEPENDS_' + metapkg, ' '.join(metapkg_rdepends))
+    d.setVar('DESCRIPTION_' + metapkg, 'OpenLDAP backends meta package')
+    packages.append(metapkg)
+    d.setVar('PACKAGES', ' '.join(packages))
+}
+
+BBCLASSEXTEND = "native"