Date: Thu, 26 Jun 2003 18:49:44 -0500 (CDT) From: none <noone@siu.edu> To: FreeBSD-gnats-submit@FreeBSD.org Cc: jimd@siu.edu Subject: ports/53805: mod balsa2-2.0.11_1 for LDAPv3 default and user (source) installed OpenLDAP Message-ID: <200306262349.h5QNniOm015838@234-192.ip.ll.net> Resent-Message-ID: <200306270000.h5R00UnO071274@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 53805 >Category: ports >Synopsis: mod balsa2-2.0.11_1 for LDAPv3 default and user (source) installed OpenLDAP >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Jun 26 17:00:29 PDT 2003 >Closed-Date: >Last-Modified: >Originator: none >Release: FreeBSD 5.1-RELEASE i386 >Organization: >Environment: System: FreeBSD 234-192.ip.ll.net 5.1-RELEASE FreeBSD 5.1-RELEASE #0: Tue Jun 24 22:44:46 CDT 2003 x@freebsd2.localnet10:/usr/src/sys/i386/compile/XSYSTEM i386 >Description: Balsa2 uses OpenLDAP-2.0.x and will only talk to an LDAPv2 server. Also, this port (and others) do not allow for a user-installed (source) version of OpenLDAP which causes a plethora of problems as they will force the installation of another implementation of OpenLDAP (most likely over the top of the user installed version). The following changes have been implemented to "correct" the above: 1) Use Makefile test for "HAVE_OPENLDAP_V2" environment variable (most likely from /etc/make.conf) which indicates, by the user, that a V2 implmentation of OpenLDAP has already been installed in the system, and that another V2 installation from /usr/ports should be avoided 2) Where "HAVE_OPENLDAP_V2" is NOT set, then include the /usr/ports V2 of OpenLDAP in LIB_DEPENDS 3) add "HAVE_OPENLDAP_V2" is defined to the Makefile's CFLAGS variable list for use in libbalsa build 4) Modify libbalsa/address-book-ldap.c to initiate an LDAPv3 bind if HAVE_OPENLDAP_V2 has been defined by setting directory option to LDAPv3 (which is the default for OpenLDAP V2.1); otherwise, Balsa will attempt to bind to OpenLDAP using LDAPv2 which will fail and/or cause the LDAP configuration be backlevelled to allow for LDAPv2 in addition to LDAPv3 5) The code in libbalsa/address-book-ldap.c to set the directory option was moved outside of the following "enable_tls" subroutine as it needs to be run if TLS is required, and it will be if HAVE_OPENLDAP_V2 is defined (TLS requires LDAPv3, but LDAPv3 alone does not necessarily imply TLS) General comments: 1) it would be good if the "HAVE_OPENLDAP_V2" environment variable, or something like it, would become a convention used by all OpenLDAP dependent ports to avoid overlaying (source) OpenLDAP installations. 2) maintainers/source authors should feel free to rework the patches provided with better style 3) duplicate occurances of "ldap->base_dn = g_strdup(base_dn);" were removed from libbalsa/address-book-ldap.c Other Balsa2 changes that should be completed: 1) document that the VCARD and LDIF addressbook options require a previously created file (e.g., Balsa does NOT create a file in the File Name field of the Address Books Add popup) 2) document the fact that the LDAP addressbook is currently READ-ONLY 3) document the fact that the LDIF addressbook data may not be readily usable to create entries in an LDAP database (e.g., they will need changes to fit the schema of the target LDAP server); otherwise, they provide a good beginning for producing an LDIF file for LPAP "imports" >How-To-Repeat: >Fix: ============================================================================= *** Makefile.orig Thu Jun 26 09:39:28 2003 --- Makefile Thu Jun 26 18:14:10 2003 *************** *** 17,27 **** COMMENT= A mail reader for the GNOME 2 desktop BUILD_DEPENDS= ${LOCALBASE}/bin/ispell:${PORTSDIR}/textproc/ispell ! LIB_DEPENDS= ldap.2:${PORTSDIR}/net/openldap20 \ ! aspell.15:${PORTSDIR}/textproc/aspell \ pcre.0:${PORTSDIR}/devel/pcre \ esmtp.6:${PORTSDIR}/mail/libesmtp \ gdbm.3:${PORTSDIR}/databases/gdbm RUN_DEPENDS= ${LOCALBASE}/bin/ispell:${PORTSDIR}/textproc/ispell USE_BZIP2= yes --- 17,27 ---- COMMENT= A mail reader for the GNOME 2 desktop BUILD_DEPENDS= ${LOCALBASE}/bin/ispell:${PORTSDIR}/textproc/ispell ! LIB_DEPENDS= aspell.15:${PORTSDIR}/textproc/aspell \ pcre.0:${PORTSDIR}/devel/pcre \ esmtp.6:${PORTSDIR}/mail/libesmtp \ gdbm.3:${PORTSDIR}/databases/gdbm + RUN_DEPENDS= ${LOCALBASE}/bin/ispell:${PORTSDIR}/textproc/ispell USE_BZIP2= yes *************** *** 39,44 **** --- 39,51 ---- --with-ssl CONFIGURE_ENV= CPPFLAGS="-I${LOCALBASE}/include ${PTHREAD_CFLAGS}" \ LIBS="-L${LOCALBASE}/lib -liconv" + + .if !defined(HAVE_OPENLDAP_V2) + LIB_DEPENDS+= ldap.2:${PORTSDIR}/net/openldap20 + CFLAGS+= -DHAVE_OPENLDAP_V2 + .else + CFLAGS+= -DHAVE_OPENLDAP_V2 + .endif MAN1= balsa.1 ================================================================================ *** libbalsa/address-book-ldap.c.orig Fri May 9 12:18:58 2003 --- libbalsa/address-book-ldap.c Thu Jun 26 17:07:35 2003 *************** *** 181,188 **** ab->name = g_strdup(name); ldap->host = g_strdup(host); ldap->base_dn = g_strdup(base_dn); - ldap->base_dn = g_strdup(base_dn); - ldap->bind_dn = g_strdup(bind_dn); ldap->passwd = g_strdup(passwd); ldap->enable_tls = enable_tls; --- 181,186 ---- *************** *** 223,238 **** return FALSE; } if(ab->enable_tls) { #ifdef HAVE_LDAP_TLS - int version = LDAP_VERSION3; - if (ldap_set_option(ab->directory, LDAP_OPT_PROTOCOL_VERSION, &version) - != LDAP_OPT_SUCCESS) { - libbalsa_information - (LIBBALSA_INFORMATION_WARNING, - _("Couldn't set protocol version to LDAPv3.")); - } - /* turn TLS on */ result = ldap_start_tls_s(ab->directory, NULL, NULL); if(result != LDAP_SUCCESS) { --- 221,244 ---- return FALSE; } + /* add some check to determine whether LDAP server is LDAPv2 or LDAPv3 + and then ifdef-add the following code (moved from following "enable_tls" + subsection); if "enable_tls" is to be used, then the following code should + be 'activated' as TLS requires LDAPv3 anyhow, implying that the LDAP server + is LDAPv3 and recommended check should then be activated. + */ + #ifdef HAVE_OPENLDAP_V2 + int version = LDAP_VERSION3; + if (ldap_set_option(ab->directory, LDAP_OPT_PROTOCOL_VERSION, &version) + != LDAP_OPT_SUCCESS) { + libbalsa_information + (LIBBALSA_INFORMATION_WARNING, + _("Couldn't set protocol version to LDAPv3.")); + } + #endif /* HAVE_OPENLDAP_V2 */ + if(ab->enable_tls) { #ifdef HAVE_LDAP_TLS /* turn TLS on */ result = ldap_start_tls_s(ab->directory, NULL, NULL); if(result != LDAP_SUCCESS) { ================================================================================== >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200306262349.h5QNniOm015838>