[Pkg-sssd-devel] [Git][sssd-team/sssd][master] 2 commits: 0001-ad-fallback-to-ldap-if-cldap-is-not-available-in-lib.patch: Our libldap...

Timo Aaltonen (@tjaalton) gitlab at salsa.debian.org
Wed Sep 22 16:55:25 BST 2021 


Timo Aaltonen pushed to branch master at Debian SSSD packaging / sssd


Commits:
eca5bf35 by Timo Aaltonen at 2021-09-22T17:33:05+03:00
0001-ad-fallback-to-ldap-if-cldap-is-not-available-in-lib.patch: Our libldap is built without LDAP_CONNECTIONLESS, cope with that. (Closes: #994879)

- - - - -
b19b59bc by Timo Aaltonen at 2021-09-22T18:54:14+03:00
releasing package sssd version 2.5.2-3

- - - - -


3 changed files:

- debian/changelog
- + debian/patches/0001-ad-fallback-to-ldap-if-cldap-is-not-available-in-lib.patch
- debian/patches/series


Changes:

=====================================
debian/changelog
=====================================
@@ -1,11 +1,14 @@
-sssd (2.5.2-3) UNRELEASED; urgency=medium
+sssd (2.5.2-3) unstable; urgency=medium
 
   * rules: Explicitly set sssd-user as root.
   * install: Add sssd-pcsc.rules to -common.
   * postinst: Correct file/dir permissions and ownership when the daemon
     is run as root. (Closes: #994807)
+  * 0001-ad-fallback-to-ldap-if-cldap-is-not-available-in-lib.patch: Our
+    libldap is built without LDAP_CONNECTIONLESS, cope with that.
+    (Closes: #994879)
 
- -- Timo Aaltonen <tjaalton at debian.org>  Wed, 22 Sep 2021 09:23:33 +0300
+ -- Timo Aaltonen <tjaalton at debian.org>  Wed, 22 Sep 2021 18:54:07 +0300
 
 sssd (2.5.2-2) unstable; urgency=medium
 


=====================================
debian/patches/0001-ad-fallback-to-ldap-if-cldap-is-not-available-in-lib.patch
=====================================
@@ -0,0 +1,66 @@
+From dfb6594e3ce98c6bd543ceebf739eef70955950d Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina at redhat.com>
+Date: Wed, 11 Aug 2021 12:29:42 +0200
+Subject: [PATCH] ad: fallback to ldap if cldap is not available in libldap
+
+Some distributions do not have cldap support available in libldap. Now
+we fallback to ad ping over ldap conditionally during build time.
+
+Resolves: https://github.com/SSSD/sssd/issues/5720
+
+:fixes: AD ping is now sent over `ldap` if `cldap` support is not available
+  during build. This helps to build SSSD on distributions without `cldap`
+  support in `libldap`.
+
+Reviewed-by: Justin Stephenson <jstephen at redhat.com>
+---
+ src/external/ldap.m4             |  3 ++-
+ src/providers/ad/ad_cldap_ping.c | 11 +++++++++--
+ 2 files changed, 11 insertions(+), 3 deletions(-)
+
+diff --git a/src/external/ldap.m4 b/src/external/ldap.m4
+index cd13fde62..f42023cd4 100644
+--- a/src/external/ldap.m4
++++ b/src/external/ldap.m4
+@@ -67,7 +67,8 @@ LIBS="$LIBS $OPENLDAP_LIBS"
+ AC_CHECK_FUNCS([ldap_control_create ldap_init_fd \
+                 ldap_create_deref_control_value  \
+                 ldap_parse_derefresponse_control \
+-                ldap_derefresponse_free])
++                ldap_derefresponse_free \
++                ldap_is_ldapc_url])
+ AC_CHECK_MEMBERS([struct ldap_conncb.lc_arg],
+                  [AC_RUN_IFELSE(
+                    [AC_LANG_PROGRAM(
+diff --git a/src/providers/ad/ad_cldap_ping.c b/src/providers/ad/ad_cldap_ping.c
+index 7722af98a..889ad420c 100644
+--- a/src/providers/ad/ad_cldap_ping.c
++++ b/src/providers/ad/ad_cldap_ping.c
+@@ -36,6 +36,12 @@
+ #include "providers/ldap/sdap_async.h"
+ #include "db/sysdb.h"
+ 
++#ifdef HAVE_LDAP_IS_LDAPC_URL
++#define AD_PING_PROTOCOL "cldap"
++#else
++#define AD_PING_PROTOCOL "ldap"
++#endif
++
+ struct ad_cldap_ping_dc_state {
+     struct tevent_context *ev;
+     struct sdap_options *opts;
+@@ -76,8 +82,9 @@ static struct tevent_req *ad_cldap_ping_dc_send(TALLOC_CTX *mem_ctx,
+     state->ad_domain = ad_domain;
+ 
+     subreq = sdap_connect_host_send(state, ev, opts, be_res->resolv,
+-                                    be_res->family_order, host_db, "cldap",
+-                                    dc->host, dc->port, false);
++                                    be_res->family_order, host_db,
++                                    AD_PING_PROTOCOL, dc->host, dc->port,
++                                    false);
+     if (subreq == NULL) {
+         ret = ENOMEM;
+         goto done;
+-- 
+2.32.0
+


=====================================
debian/patches/series
=====================================
@@ -2,3 +2,4 @@ fix-whitespace-test.diff
 default-to-socket-activated-services.diff
 fix_newer_autoconf.patch
 0001-TOOLS-replace-system-with-execvp-to-avoid-execution-.patch
+0001-ad-fallback-to-ldap-if-cldap-is-not-available-in-lib.patch



View it on GitLab: https://salsa.debian.org/sssd-team/sssd/-/compare/6f09ad587bc37d3372f47e6b74762e1e6912902d...b19b59bcf89a9f1c36a07bbecaa838ca18918a5b

-- 
View it on GitLab: https://salsa.debian.org/sssd-team/sssd/-/compare/6f09ad587bc37d3372f47e6b74762e1e6912902d...b19b59bcf89a9f1c36a07bbecaa838ca18918a5b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-sssd-devel/attachments/20210922/c660e8f1/attachment-0001.htm>

More information about the Pkg-sssd-devel mailing list