openldap: Update to version 2.6.10

- Update from version 2.6.8 to 2.6.10
- No change to rootfile
- Changelog
    2.6.10
	Added slapd microsecond timestamp format for local logging (ITS#10140)
	Fixed libldap ldap_result behavior with LDAP_MSG_RECEIVED (ITS#10229)
	Fixed lloadd handling of starttls critical (ITS#10323)
	Fixed slapd syncrepl when used with slapo-rwm (ITS#10290)
	Fixed slapd regression with certain searches (ITS#10307)
	Fixed slapo-autoca olcAutoCAserverClass object (ITS#10288)
	Fixed slapo-pcache caching behaviors (ITS#10270)
	Minor Cleanup
		ITS#7080
		ITS#7249
		ITS#9934
		ITS#10020
		ITS#10168
		ITS#10226
		ITS#10279
		ITS#10299
		ITS#10302
		ITS#10309
		ITS#10312
		ITS#10320
		ITS#10325
		ITS#10327
		ITS#10328
		ITS#10331
		ITS#10336
    2.6.9
	Fixed libldap TLS connection timeout handling (ITS#8047)
	Fixed libldap GnuTLS incompatible pointer type (ITS#10253)
	Fixed libldap OpenSSL set_ciphersuite error handling (ITS#10223)
	Fixed libldap to check for OpenSSL EVP_Digest* failure (ITS#10224)
	Fixed slapd cn=config disallowed modification of cn=schema (ITS#10256)
	Fixed slapd syncrepl assert during refresh at shutdown (ITS#10232)
	Fixed slapd syncrepl retry state during refreshDone (ITS#10234)
	Fixed slapd-ldap use of multi-precision add for op counters (ITS#10237)
	Fixed slapd-mdb idl intersection (ITS#10233)
	Fixed slapd-wt idl intersection (ITS#10233)
	Fixed slapo-memberof to omit dynamic values (ITS#10230)
	Fixed slapo-nestgroup leak in nestgroup_memberFilter (ITS#10249)
	Fixed slapo-translucent regression with subordinate databases (ITS#10248)
	Fixed slapo-translucent regression when requesting attributes (ITS#10272)
	Fixed slappw-argon2 defaults to be more secure (ITS#9827)
	Minor Cleanup
		ITS#10155
		ITS#10218
		ITS#10219
		ITS#10227
		ITS#10231
		ITS#10235
		ITS#10263
		ITS#10264

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/lfs/openldap b/lfs/openldap
index ce92bd9501eb5c4a48235304f875457790d34c6c..fe7069a393988ba8e736732969e94b377bdfd456 100644 (file)
--- a/lfs/openldap
+++ b/lfs/openldap
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2024  IPFire Team  <info@ipfire.org>                     #
+# Copyright (C) 2007-2025  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 2.6.8
+VER        = 2.6.10
 
 THISAPP    = openldap-$(VER)
 DL_FILE    = $(THISAPP).tgz
@@ -42,7 +42,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 2aefdcaca12776c70084aff7b3e216126d8305ed7f9ba444b673ee671c5ac6129eb5fa9519e832acfb3e695b2e4e9474bcff36a3b6406000e2ef1f057863b4f5
+$(DL_FILE)_BLAKE2 = e3fce31795ed9eda3443b824c245951d655af0660f316d8b6e15264999a1ee3eaf7e4b7e901ad007361027ade9bcb7b102212d42939dc98d4229dc6983c381dc
 
 install : $(TARGET)
 
@@ -72,7 +72,7 @@ $(subst %,%_BLAKE2,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        @$(PREBUILD)
        @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
-       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openldap-2.6.8-consolidated-1.patch
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openldap-2.6.10-consolidated-1.patch
        cd $(DIR_APP) && autoconf
        cd $(DIR_APP) && ./configure \
                                --prefix=/usr \

diff --git a/src/patches/openldap-2.6.8-consolidated-1.patch b/src/patches/openldap-2.6.10-consolidated-1.patch
similarity index 62%
rename from src/patches/openldap-2.6.8-consolidated-1.patch
rename to src/patches/openldap-2.6.10-consolidated-1.patch
index 62dea26005858534fa2e8796bd40ddc0d6a14687..38f9037fea81b0e153a0c94879a0062212a7967a 100644 (file)
--- a/src/patches/openldap-2.6.8-consolidated-1.patch
+++ b/src/patches/openldap-2.6.10-consolidated-1.patch
@@ -8,11 +8,11 @@ Origin:                  Armin K. <krejzi at email dot com> and Debian.
                          ".orig" file creation, and change
                          %LOCALSTATEDIR%/run to /run because /var/run has
                          been deprecated.
-
-diff -Naurp openldap-2.6.2.orig/doc/man/man5/slapd.conf.5 openldap-2.6.2/doc/man/man5/slapd.conf.5
---- openldap-2.6.2.orig/doc/man/man5/slapd.conf.5      2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/doc/man/man5/slapd.conf.5   2022-05-05 12:05:53.309727745 +0200
-@@ -2122,7 +2122,7 @@ suffix    "dc=our\-domain,dc=com"
+ 
+diff -Naur openldap-2.6.10.orig/doc/man/man5/slapd.conf.5 openldap-2.6.10/doc/man/man5/slapd.conf.5
+--- openldap-2.6.10.orig/doc/man/man5/slapd.conf.5     2025-05-22 19:56:21.000000000 +0200
++++ openldap-2.6.10/doc/man/man5/slapd.conf.5  2025-05-24 08:34:23.764901721 +0200
+@@ -2123,7 +2123,7 @@
  # The database directory MUST exist prior to
  # running slapd AND should only be accessible
  # by the slapd/tools. Mode 0700 recommended.
@@ -21,10 +21,10 @@ diff -Naurp openldap-2.6.2.orig/doc/man/man5/slapd.conf.5 openldap-2.6.2/doc/man
  # Indices to maintain
  index     objectClass  eq
  index     cn,sn,mail   pres,eq,approx,sub
-diff -Naurp openldap-2.6.2.orig/doc/man/man5/slapd-config.5 openldap-2.6.2/doc/man/man5/slapd-config.5
---- openldap-2.6.2.orig/doc/man/man5/slapd-config.5    2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/doc/man/man5/slapd-config.5 2022-05-05 12:05:53.312727754 +0200
-@@ -2233,7 +2233,7 @@ olcSuffix: "dc=our\-domain,dc=com"
+diff -Naur openldap-2.6.10.orig/doc/man/man5/slapd-config.5 openldap-2.6.10/doc/man/man5/slapd-config.5
+--- openldap-2.6.10.orig/doc/man/man5/slapd-config.5   2025-05-22 19:56:21.000000000 +0200
++++ openldap-2.6.10/doc/man/man5/slapd-config.5        2025-05-24 08:34:23.765394800 +0200
+@@ -2248,7 +2248,7 @@
  # The database directory MUST exist prior to
  # running slapd AND should only be accessible
  # by the slapd/tools. Mode 0700 recommended.
@@ -33,10 +33,9 @@ diff -Naurp openldap-2.6.2.orig/doc/man/man5/slapd-config.5 openldap-2.6.2/doc/m
  # Indices to maintain
  olcDbIndex:     objectClass  eq
  olcDbIndex:     cn,sn,mail   pres,eq,approx,sub
-
-diff -Naurp openldap-2.6.2.orig/include/ldap_defaults.h openldap-2.6.2/include/ldap_defaults.h
---- openldap-2.6.2.orig/include/ldap_defaults.h        2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/include/ldap_defaults.h     2022-05-05 12:07:08.783961875 +0200
+diff -Naur openldap-2.6.10.orig/include/ldap_defaults.h openldap-2.6.10/include/ldap_defaults.h
+--- openldap-2.6.10.orig/include/ldap_defaults.h       2025-05-22 19:56:21.000000000 +0200
++++ openldap-2.6.10/include/ldap_defaults.h    2025-05-24 08:34:23.765728292 +0200
 @@ -40,7 +40,8 @@
  
  /* default ldapi:// socket */
@@ -57,10 +56,10 @@ diff -Naurp openldap-2.6.2.orig/include/ldap_defaults.h openldap-2.6.2/include/l
  #endif
  #define SLAPD_DEFAULT_DB_MODE         0600
        /* default max deref depth for aliases */
-diff -Naurp openldap-2.6.2.orig/libraries/liblber/Makefile.in openldap-2.6.2/libraries/liblber/Makefile.in
---- openldap-2.6.2.orig/libraries/liblber/Makefile.in  2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/libraries/liblber/Makefile.in       2022-05-05 12:05:53.313727757 +0200
-@@ -51,6 +51,6 @@ idtest:  $(XLIBS) idtest.o
+diff -Naur openldap-2.6.10.orig/libraries/liblber/Makefile.in openldap-2.6.10/libraries/liblber/Makefile.in
+--- openldap-2.6.10.orig/libraries/liblber/Makefile.in 2025-05-22 19:56:21.000000000 +0200
++++ openldap-2.6.10/libraries/liblber/Makefile.in      2025-05-24 08:34:23.765979302 +0200
+@@ -49,6 +49,6 @@
  
  install-local: FORCE
        -$(MKDIR) $(DESTDIR)$(libdir)
@@ -68,10 +67,10 @@ diff -Naurp openldap-2.6.2.orig/libraries/liblber/Makefile.in openldap-2.6.2/lib
 +      $(LTINSTALL) $(INSTALLFLAGS) -m 755 $(LIBRARY) $(DESTDIR)$(libdir)
        $(LTFINISH) $(DESTDIR)$(libdir)
  
-diff -Naurp openldap-2.6.2.orig/libraries/libldap/Makefile.in openldap-2.6.2/libraries/libldap/Makefile.in
---- openldap-2.6.2.orig/libraries/libldap/Makefile.in  2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/libraries/libldap/Makefile.in       2022-05-05 12:05:53.327727801 +0200
-@@ -82,7 +82,7 @@ CFFILES=ldap.conf
+diff -Naur openldap-2.6.10.orig/libraries/libldap/Makefile.in openldap-2.6.10/libraries/libldap/Makefile.in
+--- openldap-2.6.10.orig/libraries/libldap/Makefile.in 2025-05-22 19:56:21.000000000 +0200
++++ openldap-2.6.10/libraries/libldap/Makefile.in      2025-05-24 08:34:23.766163823 +0200
+@@ -80,7 +80,7 @@
  
  install-local: $(CFFILES) FORCE
        -$(MKDIR) $(DESTDIR)$(libdir)
@@ -80,10 +79,10 @@ diff -Naurp openldap-2.6.2.orig/libraries/libldap/Makefile.in openldap-2.6.2/lib
        $(LTFINISH) $(DESTDIR)$(libdir)
        -$(MKDIR) $(DESTDIR)$(sysconfdir)
        @for i in $(CFFILES); do \
-diff -Naurp openldap-2.6.2.orig/servers/slapd/Makefile.in openldap-2.6.2/servers/slapd/Makefile.in
---- openldap-2.6.2.orig/servers/slapd/Makefile.in      2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/servers/slapd/Makefile.in   2022-05-05 12:05:53.329727807 +0200
-@@ -374,9 +374,10 @@ install-local-srv: install-slapd install
+diff -Naur openldap-2.6.10.orig/servers/slapd/Makefile.in openldap-2.6.10/servers/slapd/Makefile.in
+--- openldap-2.6.10.orig/servers/slapd/Makefile.in     2025-05-22 19:56:21.000000000 +0200
++++ openldap-2.6.10/servers/slapd/Makefile.in  2025-05-24 08:34:23.766418813 +0200
+@@ -374,9 +374,10 @@
  
  install-slapd: FORCE
        -$(MKDIR) $(DESTDIR)$(libexecdir)
@@ -95,7 +94,7 @@ diff -Naurp openldap-2.6.2.orig/servers/slapd/Makefile.in openldap-2.6.2/servers
        @for i in $(SUBDIRS); do \
            if test -d $$i && test -f $$i/Makefile ; then \
                echo; echo "  cd $$i && $(MAKE) $(MFLAGS) install"; \
-@@ -452,9 +453,9 @@ install-conf: FORCE
+@@ -452,9 +453,9 @@
  
  install-db-config: FORCE
        @-$(MKDIR) $(DESTDIR)$(localstatedir) $(DESTDIR)$(sysconfdir)
@@ -107,7 +106,7 @@ diff -Naurp openldap-2.6.2.orig/servers/slapd/Makefile.in openldap-2.6.2/servers
        $(INSTALL) $(INSTALLFLAGS) -m 600 $(srcdir)/DB_CONFIG \
                $(DESTDIR)$(sysconfdir)/DB_CONFIG.example
  
-@@ -462,6 +463,6 @@ install-tools: FORCE
+@@ -462,6 +463,6 @@
        -$(MKDIR) $(DESTDIR)$(sbindir)
        for i in $(SLAPTOOLS); do \
                $(RM) $(DESTDIR)$(sbindir)/$$i$(EXEEXT); \
@@ -115,10 +114,10 @@ diff -Naurp openldap-2.6.2.orig/servers/slapd/Makefile.in openldap-2.6.2/servers
 +              $(LN_S) -f $(DESTDIR)$(sbindir)/slapd$(EXEEXT) $(DESTDIR)$(sbindir)/$$i$(EXEEXT); \
        done
  
-diff -Naurp openldap-2.6.2.orig/servers/slapd/slapd.conf openldap-2.6.2/servers/slapd/slapd.conf
---- openldap-2.6.2.orig/servers/slapd/slapd.conf       2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/servers/slapd/slapd.conf    2022-05-05 12:05:53.331727813 +0200
-@@ -10,8 +10,9 @@ include              %SYSCONFDIR%/schema/core.schema
+diff -Naur openldap-2.6.10.orig/servers/slapd/slapd.conf openldap-2.6.10/servers/slapd/slapd.conf
+--- openldap-2.6.10.orig/servers/slapd/slapd.conf      2025-05-22 19:56:21.000000000 +0200
++++ openldap-2.6.10/servers/slapd/slapd.conf   2025-05-24 08:34:23.769027944 +0200
+@@ -10,8 +10,9 @@
  # service AND an understanding of referrals.
  #referral     ldap://root.openldap.org
  
@@ -130,7 +129,7 @@ diff -Naurp openldap-2.6.2.orig/servers/slapd/slapd.conf openldap-2.6.2/servers/
  
  # Load dynamic backend modules:
  modulepath    %MODULEDIR%
-@@ -69,7 +70,7 @@ rootpw               secret
+@@ -69,7 +70,7 @@
  # The database directory MUST exist prior to running slapd AND 
  # should only be accessible by the slapd and slap tools.
  # Mode 700 recommended.
@@ -139,10 +138,10 @@ diff -Naurp openldap-2.6.2.orig/servers/slapd/slapd.conf openldap-2.6.2/servers/
  # Indices to maintain
  index objectClass     eq
  
-diff -Naurp openldap-2.6.2.orig/servers/slapd/slapd.ldif openldap-2.6.2/servers/slapd/slapd.ldif
---- openldap-2.6.2.orig/servers/slapd/slapd.ldif       2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/servers/slapd/slapd.ldif    2022-05-05 12:05:53.332727816 +0200
-@@ -9,8 +9,8 @@ cn: config
+diff -Naur openldap-2.6.10.orig/servers/slapd/slapd.ldif openldap-2.6.10/servers/slapd/slapd.ldif
+--- openldap-2.6.10.orig/servers/slapd/slapd.ldif      2025-05-22 19:56:21.000000000 +0200
++++ openldap-2.6.10/servers/slapd/slapd.ldif   2025-05-24 08:34:23.770185354 +0200
+@@ -9,8 +9,8 @@
  #
  # Define global ACLs to disable default read access.
  #
@@ -153,7 +152,7 @@ diff -Naurp openldap-2.6.2.orig/servers/slapd/slapd.ldif openldap-2.6.2/servers/
  #
  # Do not enable referrals until AFTER you have a working directory
  # service AND an understanding of referrals.
-@@ -88,7 +88,7 @@ olcRootPW: secret
+@@ -88,7 +88,7 @@
  # The database directory MUST exist prior to running slapd AND 
  # should only be accessible by the slapd and slap tools.
  # Mode 700 recommended.
@@ -162,10 +161,10 @@ diff -Naurp openldap-2.6.2.orig/servers/slapd/slapd.ldif openldap-2.6.2/servers/
  # Indices to maintain
  olcDbIndex: objectClass eq
  
-diff -Naurp openldap-2.6.2.orig/servers/slapd/slapi/Makefile.in openldap-2.6.2/servers/slapd/slapi/Makefile.in
---- openldap-2.6.2.orig/servers/slapd/slapi/Makefile.in        2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/servers/slapd/slapi/Makefile.in     2022-05-05 12:05:53.333727819 +0200
-@@ -46,6 +46,6 @@ BUILD_MOD = @BUILD_SLAPI@
+diff -Naur openldap-2.6.10.orig/servers/slapd/slapi/Makefile.in openldap-2.6.10/servers/slapd/slapi/Makefile.in
+--- openldap-2.6.10.orig/servers/slapd/slapi/Makefile.in       2025-05-22 19:56:21.000000000 +0200
++++ openldap-2.6.10/servers/slapd/slapi/Makefile.in    2025-05-24 08:34:23.773956854 +0200
+@@ -46,6 +46,6 @@
  install-local: FORCE
        if test "$(BUILD_MOD)" = "yes"; then \
                $(MKDIR) $(DESTDIR)$(libdir); \