[Pkg-openldap-devel] [openldap] 01/02: Remove allow_ldap_v2 debconf setting

Ryan Tandy rtandy-guest at moszumanska.debian.org
Mon Mar 21 04:49:21 UTC 2016 

This is an automated email from the git hooks/post-receive script.

rtandy-guest pushed a commit to branch master
in repository openldap.

commit 07736e2bb5761d7f35209b65a3626be1055a3b31
Author: Ryan Tandy <ryan at nardis.ca>
Date:   Mon Mar 21 04:13:40 2016 +0000

    Remove allow_ldap_v2 debconf setting
    
    The question is medium priority, so already not shown by default on
    install or upgrade. LDAPv2 is historic (RFC 3494) and few users are
    likely to require it today.
---
 debian/changelog            |  1 +
 debian/slapd.conf           |  3 ---
 debian/slapd.config         | 14 +-------------
 debian/slapd.postinst       |  4 ----
 debian/slapd.scripts-common | 21 ---------------------
 debian/slapd.templates      |  9 ---------
 6 files changed, 2 insertions(+), 50 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 479f305..b994027 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -20,6 +20,7 @@ openldap (2.4.44+dfsg-1) UNRELEASED; urgency=medium
     somewhere else. Thanks to Dave Beach for the report.
   * Create the pidfile directory when starting slapd, but not when running the 
     init script in other modes.
+  * Remove support for enabling the obsolete LDAPv2 protocol via debconf.
 
  -- Ryan Tandy <ryan at nardis.ca>  Tue, 15 Mar 2016 03:45:08 +0000
 
diff --git a/debian/slapd.conf b/debian/slapd.conf
index 32bf657..260a190 100644
--- a/debian/slapd.conf
+++ b/debian/slapd.conf
@@ -4,9 +4,6 @@
 #######################################################################
 # Global Directives:
 
-# Features to permit
-#allow bind_v2
-
 # Schema and objectClass definitions
 include         /etc/ldap/schema/core.schema
 include         /etc/ldap/schema/cosine.schema
diff --git a/debian/slapd.config b/debian/slapd.config
index f011936..8225b77 100644
--- a/debian/slapd.config
+++ b/debian/slapd.config
@@ -98,15 +98,6 @@ query_initial_config() {
   done
 }
 
-configure_allow_v2_binds() {                        # {{{
-# Ask if the user would like their package to support LDAPv2..
-# This was the default in older versions but we want to ask
-# for new installs too in case the user needs it..
-
-    db_input medium slapd/allow_ldap_v2 || true
-}
-# }}}
-
 # ----- Configuration of LDIF dumping and reloading---------------------  {{{
 #
 # Dumping the database can have negative effects on the system we are
@@ -164,15 +155,12 @@ if is_initial_configuration "$@"; then
 	if ! want_manual_configuration; then
 		set_defaults_for_unseen_entries
 		query_initial_config
-		configure_allow_v2_binds
 	fi
 fi
 
-# Configure the dumping and v2 binds components if we are upgrading some older
-# version.
+# Configure the dumping component if we are upgrading some older version.
 if [ "$1" = configure ] && [ -n "$2" ]; then
 	configure_dumping
-	configure_allow_v2_binds
 	warn_about_selfwrite_acl
 fi
    
diff --git a/debian/slapd.postinst b/debian/slapd.postinst
index bdf37eb..85c87a0 100644
--- a/debian/slapd.postinst
+++ b/debian/slapd.postinst
@@ -17,7 +17,6 @@ postinst_initial_configuration() {					# {{{
 	else
 		crypt_admin_pass
 		create_new_configuration
-		configure_v2_protocol_support
 	fi
 }
 
@@ -52,9 +51,6 @@ olcAccess: {1}to dn.exact="" by * read\
 olcAccess: {2}to dn.base="cn=Subschema" by * read' "${SLAPD_CONF}/cn=config/olcDatabase={-1}frontend.ldif"
 	fi
 
-	# Enable LDAP protocol v2 support if needed.
-	configure_v2_protocol_support
-
 	# Update permissions of all database directories and /var/run/slapd
 	update_databases_permissions
 	update_permissions /var/run/slapd
diff --git a/debian/slapd.scripts-common b/debian/slapd.scripts-common
index f4a3a3c..4618ad2 100644
--- a/debian/slapd.scripts-common
+++ b/debian/slapd.scripts-common
@@ -561,27 +561,6 @@ EOF
 	echo "done." >&2
 }
 # }}}
-configure_v2_protocol_support() {					# {{{
-# Adds the "allow bind_v2" directive to the configuration if the user decided
-# he wants to have ldap v2 enabled.
-
-	local new_conf
-
-	db_get slapd/allow_ldap_v2
-	if [ "$RET" != "true" ]; then return 0; fi
-
-	echo -n "  Enabling LDAPv2 support... " >&2
-
-	# cn=config enabled, try to update the cn=config.ldif
-	if [ -d "$SLAPD_CONF" ]; then
-		if ! grep -q -E "^olcAllows:[[:space:]]+bind_v2" "${SLAPD_CONF}/cn=config.ldif"; then
-			echo "olcAllows: bind_v2" >> "${SLAPD_CONF}/cn=config.ldif"
-		fi
-		echo "done" >&2
-		return 0
-	fi
-}
-# }}}
 backup_config_once() {							# {{{
 # Create a backup of the current configuration files. 
 # Usage: backup_config_once
diff --git a/debian/slapd.templates b/debian/slapd.templates
index 4464983..c102144 100644
--- a/debian/slapd.templates
+++ b/debian/slapd.templates
@@ -94,15 +94,6 @@ Type: password
 Description: Generated admin password:
  Internal template, should never be displayed to users.
 
-Template: slapd/allow_ldap_v2
-Type: boolean
-Default: false
-_Description: Allow LDAPv2 protocol?
- The obsolete LDAPv2 protocol is disabled by default in slapd. Programs
- and users should upgrade to LDAPv3.  If you have old programs which
- can't use LDAPv3, you should select this option and 'allow bind_v2'
- will be added to your slapd.conf file.
-
 Template: slapd/upgrade_slapcat_failure
 Type: error
 #flag:translate!:5

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-openldap/openldap.git

More information about the Pkg-openldap-devel mailing list