Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 14 Oct 2022 17:35:23 +0000
From:      bugzilla-noreply@freebsd.org
To:        ports-bugs@FreeBSD.org
Subject:   [Bug 267056] net/openldap26-{server,client}: fix proper usage of FETCH/GSSAPI options
Message-ID:  <bug-267056-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D267056

            Bug ID: 267056
           Summary: net/openldap26-{server,client}: fix proper usage of
                    FETCH/GSSAPI options
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: michael.osipov@siemens.com

Created attachment 237304
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D237304&action=
=3Dedit
Git-formatted patch

* FETCH_DESC is not present with client
* FETCH applies to *both* client and server since both slapd and client too=
ls
use ldif_parse_line2() via libldap which can use libfetch
* GSSAPI is also required for the client as well since ldap*(1) commands ca=
n=20=20=20
   be used to connect and authenticate to directory servers like Active
Directory       and OpenLDAP with Kerberos via SASL GSSAPI mechanism

I use especially openldap26-client for Active Directory access through shel=
l,
msktutil and py-ldap as well.

Tested with default options on head and recent quarterly as well as these
options on in poudriere in and out.

In server these spots use functions which (ldif_fetch_url()/ldif_open_url())
which use libfetch:
=3D=3D=3D=3D=3D=3D=3D=3D
./servers/slapd/entry.c:                rc =3D ldif_parse_line2( s, type+i,
vals+i, &freev );
./servers/slapd/overlays/retcode.c:=20=20=20=20=20=20=20=20=20=20=20=20=20=
=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=
=20=20=20=20=20=20
if ( ldif_parse_line2( &c->argv[ i ][ STRLENOF( "unsolicited=3D" ) ],
=3D=3D=3D=3D=3D=3D=3D=3D

ldd dump for libfetch usage:
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
nobody@123-release-amd64-default-ldadw_base:/usr/ports/net/openldap26-clien=
t %
ldd /usr/local/bin/ldapsearch
/usr/local/bin/ldapsearch:
        libldap.so.2 =3D> /usr/local/lib/libldap.so.2 (0x800261000)
        liblber.so.2 =3D> /usr/local/lib/liblber.so.2 (0x8002c6000)
        libsasl2.so.3 =3D> /usr/local/lib/libsasl2.so.3 (0x8002d8000)
        libssl.so.111 =3D> /usr/lib/libssl.so.111 (0x8002f8000)
        libcrypto.so.111 =3D> /lib/libcrypto.so.111 (0x80039c000)
        libfetch.so.6 =3D> /usr/lib/libfetch.so.6 (0x80068e000)
        libthr.so.3 =3D> /lib/libthr.so.3 (0x8006a4000)
        libc.so.7 =3D> /lib/libc.so.7 (0x8006d1000)
        libdl.so.1 =3D> /usr/lib/libdl.so.1 (0x800ac9000)
nobody@123-release-amd64-default-ldadw_base:/usr/ports/net/openldap26-clien=
t %
ldd /usr/local/lib/libldap.so.2
/usr/local/lib/libldap.so.2:
        liblber.so.2 =3D> /usr/local/lib/liblber.so.2 (0x8006d8000)
        libfetch.so.6 =3D> /usr/lib/libfetch.so.6 (0x8006ea000)
        libsasl2.so.3 =3D> /usr/local/lib/libsasl2.so.3 (0x800700000)
        libssl.so.111 =3D> /usr/lib/libssl.so.111 (0x800720000)
        libcrypto.so.111 =3D> /lib/libcrypto.so.111 (0x800e00000)
        libthr.so.3 =3D> /lib/libthr.so.3 (0x8007c4000)
        libc.so.7 =3D> /lib/libc.so.7 (0x80024e000)
        libdl.so.1 =3D> /usr/lib/libdl.so.1 (0x8007f1000)

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
nobody@123-release-amd64-default-openldap_gssapi_fix:/usr/local/sbin % ldd
slapadd
slapadd:
        libldap.so.2 =3D> /usr/local/lib/libldap.so.2 (0x8003c8000)
        liblber.so.2 =3D> /usr/local/lib/liblber.so.2 (0x80042d000)
        libltdl.so.7 =3D> /usr/local/lib/libltdl.so.7 (0x80043f000)
        libsasl2.so.3 =3D> /usr/local/lib/libsasl2.so.3 (0x80044c000)
        libcrypt.so.5 =3D> /lib/libcrypt.so.5 (0x80046d000)
        libssl.so.111 =3D> /usr/lib/libssl.so.111 (0x80048e000)
        libcrypto.so.111 =3D> /lib/libcrypto.so.111 (0x800532000)
        libevent-2.1.so.7 =3D> /usr/local/lib/libevent-2.1.so.7 (0x80082400=
0)
        libfetch.so.6 =3D> /usr/lib/libfetch.so.6 (0x80087a000)
        libthr.so.3 =3D> /lib/libthr.so.3 (0x800890000)
        libc.so.7 =3D> /lib/libc.so.7 (0x8008bd000)
        libdl.so.1 =3D> /usr/lib/libdl.so.1 (0x800cb5000)
nobody@123-release-amd64-default-openldap_gssapi_fix:/usr/local/sbin % ldd
/usr/local/lib/libldap.so.2
/usr/local/lib/libldap.so.2:
        liblber.so.2 =3D> /usr/local/lib/liblber.so.2 (0x8006d2000)
        libsasl2.so.3 =3D> /usr/local/lib/libsasl2.so.3 (0x8006e4000)
        libssl.so.111 =3D> /usr/lib/libssl.so.111 (0x800705000)
        libcrypto.so.111 =3D> /lib/libcrypto.so.111 (0x800e00000)
        libthr.so.3 =3D> /lib/libthr.so.3 (0x8007a9000)
        libc.so.7 =3D> /lib/libc.so.7 (0x80024e000)
        libdl.so.1 =3D> /usr/lib/libdl.so.1 (0x8007d6000)
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

Willing to provide a PR for openldap25-* as well if this one gets merged.

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-267056-7788>