Tasks for OpenLDAP in Debian

John Scott jscott at posteo.net
Sat Dec 5 17:11:33 GMT 2020


Hi,

I saw the RFH bug #512360, but since it's kind of old I'd like to verify what 
still stands. I've been increasingly using ldap-utils and programming with the 
OpenLDAP API for use with my organization, but am less knowledgeable about the 
server-side like slapd. I've been making miscellaneous minor contributions to 
Debian for a while but will be adopting my first package (firmware-ath9k-htc 
libre wireless firmware) in the coming days. Things you sought help with are:

> Triage of TLS issues.  For licensing reasons, Debian builds OpenLDAP
> with GnuTLS instead of OpenSSL, which is unusual in the broader
> OpenLDAP community.
I see an alphabet soup of licenses is involved, although I don't see the GPL 
mentioned. Does the FTP masters' recent decision on the system libraries 
exception or the upcoming Apache v2-licensed OpenSSL change things? If it were 
permitted, would switching to OpenSSL be something worth pursuing?

> Work on slapd configuration and maintenance. Upstream is converting to
> cn=config (an LDIF configuration backend) and away from slapd.conf and
> the Debian packages should do likewise. This will require extensive
> testing during the squeeze release cycle.
I think I saw something about this in the 2.5 alpha release notes, so I take 
it it's still an issue. I don't know what cn=config is but I might could get 
creative making autopkgtests with other LDAP-enabled software (GnuPG 
particularly).

> Bug triage is a great place to start.
I love bug triaging 😀

I get the impression that the OpenLDAP package in Debian tries to follow 
upstream fairly closely. Do minor releases like 2.5 require a transition? I 
guess 2.4 was released in 2007, there may not be many to speak of.

I see the TODO to clean up the debian/ directory and build rules which is well 
out of my reach, so I don't plan to dwell too much on that. Let me know if 
there's anything else particularly important to be done before Bullseye.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part.
URL: <http://alioth-lists.debian.net/pipermail/pkg-openldap-devel/attachments/20201205/3df88358/attachment.sig>


More information about the Pkg-openldap-devel mailing list