Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc / ddad1a1568cc6c729bcb317fae411152024437fa / . / import-layers / meta-openembedded / meta-oe / recipes-support / openldap / openldap_2.4.44.bb
blob: 05ffc5ce3b34c186bc787107406e6f694ac2c436 [file] [log] [blame]
Patrick Williamsb48b7b42016-08-17 15:04:38 -0500[diff] [blame]1# OpenLDAP, a license free (see http://www.OpenLDAP.org/license.html)
2#
3SUMMARY = "OpenLDAP Directory Service"
4DESCRIPTION = "OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol."
5HOMEPAGE = "http://www.OpenLDAP.org/license.html"
6# The OpenLDAP Public License - see the HOMEPAGE - defines
7# the license. www.openldap.org claims this is Open Source
8# (see http://www.openldap.org), the license appears to be
9# basically BSD. opensource.org does not record this license
10# at present (so it is apparently not OSI certified).
11LICENSE = "OpenLDAP"
Patrick Williamsddad1a12017-02-23 20:36:32 -0600[diff] [blame^]12LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=c933fba6d89fda89f58df1e086e3f2e7 \
Patrick Williamsb48b7b42016-08-17 15:04:38 -0500[diff] [blame]13 file://LICENSE;md5=153d07ef052c4a37a8fac23bc6031972 \
14"
15SECTION = "libs"
16
17LDAP_VER = "${@'.'.join(d.getVar('PV',1).split('.')[0:2])}"
18
19SRC_URI = "ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${BP}.tgz \
20 file://openldap-m4-pthread.patch \
21 file://kill-icu.patch \
22 file://openldap-2.4.28-gnutls-gcrypt.patch \
23 file://use-urandom.patch \
24 file://initscript \
25 file://slapd.service \
26 file://thread_stub.patch \
Patrick Williamsddad1a12017-02-23 20:36:32 -0600[diff] [blame^]27 file://openldap-CVE-2015-3276.patch \
Patrick Williamsb48b7b42016-08-17 15:04:38 -0500[diff] [blame]28"
29
Patrick Williamsddad1a12017-02-23 20:36:32 -0600[diff] [blame^]30SRC_URI[md5sum] = "693ac26de86231f8dcae2b4e9d768e51"
31SRC_URI[sha256sum] = "d7de6bf3c67009c95525dde3a0212cc110d0a70b92af2af8e3ee800e81b88400"
Patrick Williamsb48b7b42016-08-17 15:04:38 -0500[diff] [blame]32
33DEPENDS = "util-linux groff-native"
34
35# The original top.mk used INSTALL, not INSTALL_STRIP_PROGRAM when
36# installing .so and executables, this fails in cross compilation
37# environments
38SRC_URI += "file://install-strip.patch"
39
40inherit autotools-brokensep update-rc.d systemd
41
42# CV SETTINGS
43# Required to work round AC_FUNC_MEMCMP which gets the wrong answer
44# when cross compiling (should be in site?)
45EXTRA_OECONF += "ac_cv_func_memcmp_working=yes"
46
47# CONFIG DEFINITIONS
48# The following is necessary because it cannot be determined for a
49# cross compile automagically. Select should yield fine on all OE
50# systems...
51EXTRA_OECONF += "--with-yielding-select=yes"
52# Shared libraries are nice...
53EXTRA_OECONF += "--enable-dynamic"
54
55PACKAGECONFIG ??= "gnutls modules \
Patrick Williamsddad1a12017-02-23 20:36:32 -0600[diff] [blame^]56 mdb ldap meta monitor null passwd shell proxycache dnssrv \
Patrick Williamsb48b7b42016-08-17 15:04:38 -0500[diff] [blame]57 ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ipv6', '', d)} \
58"
59#--with-tls with TLS/SSL support auto|openssl|gnutls [auto]
60PACKAGECONFIG[gnutls] = "--with-tls=gnutls,,gnutls libgcrypt"
61PACKAGECONFIG[openssl] = "--with-tls=openssl,,openssl"
62
63PACKAGECONFIG[sasl] = "--with-cyrus-sasl,--without-cyrus-sasl,cyrus-sasl"
64PACKAGECONFIG[modules] = "lt_cv_dlopen_self=yes --enable-modules,--disable-modules,libtool"
65PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6"
66
67# SLAPD options
68#
69# UNIX crypt(3) passwd support:
70EXTRA_OECONF += "--enable-crypt"
71
72# SLAPD BACKEND
73#
74# The backend must be set by the configuration. This controls the
Patrick Williamsddad1a12017-02-23 20:36:32 -0600[diff] [blame^]75# required database.
Patrick Williamsb48b7b42016-08-17 15:04:38 -0500[diff] [blame]76#
77# Backends="bdb dnssrv hdb ldap mdb meta monitor ndb null passwd perl relay shell sock sql"
78#
79# Note that multiple backends can be built. The ldbm backend requires a
80# build-time choice of database API. The bdb backend forces this to be
81# DB4. To use the gdbm (or other) API the Berkely database module must
82# be removed from the build.
83md = "${libexecdir}/openldap"
84#
85#--enable-bdb enable Berkeley DB backend no|yes|mod yes
86# The Berkely DB is the standard choice. This version of OpenLDAP requires
87# the version 4 implementation or better.
88PACKAGECONFIG[bdb] = "--enable-bdb=yes,--enable-bdb=no,db"
89
90#--enable-dnssrv enable dnssrv backend no|yes|mod no
91PACKAGECONFIG[dnssrv] = "--enable-dnssrv=mod,--enable-dnssrv=no"
92
93#--enable-hdb enable Hierarchical DB backend no|yes|mod no
94PACKAGECONFIG[hdb] = "--enable-hdb=yes,--enable-hdb=no,db"
95
96#--enable-ldap enable ldap backend no|yes|mod no
97PACKAGECONFIG[ldap] = "--enable-ldap=mod,--enable-ldap=no,"
98
99#--enable-mdb enable mdb database backend no|yes|mod [yes]
Patrick Williamsddad1a12017-02-23 20:36:32 -0600[diff] [blame^]100PACKAGECONFIG[mdb] = "--enable-mdb=yes,--enable-mdb=no,"
Patrick Williamsb48b7b42016-08-17 15:04:38 -0500[diff] [blame]101
102#--enable-meta enable metadirectory backend no|yes|mod no
103PACKAGECONFIG[meta] = "--enable-meta=mod,--enable-meta=no,"
104
105#--enable-monitor enable monitor backend no|yes|mod yes
106PACKAGECONFIG[monitor] = "--enable-monitor=mod,--enable-monitor=no,"
107
108#--enable-ndb enable MySQL NDB Cluster backend no|yes|mod [no]
109PACKAGECONFIG[ndb] = "--enable-ndb=mod,--enable-ndb=no,"
110
111#--enable-null enable null backend no|yes|mod no
112PACKAGECONFIG[null] = "--enable-null=mod,--enable-null=no,"
113
114#--enable-passwd enable passwd backend no|yes|mod no
115PACKAGECONFIG[passwd] = "--enable-passwd=mod,--enable-passwd=no,"
116
117#--enable-perl enable perl backend no|yes|mod no
118# This requires a loadable perl dynamic library, if enabled without
119# doing something appropriate (building perl?) the build will pick
120# up the build machine perl - not good (inherit perlnative?)
121PACKAGECONFIG[perl] = "--enable-perl=mod,--enable-perl=no,perl"
122
123#--enable-relay enable relay backend no|yes|mod [yes]
124PACKAGECONFIG[relay] = "--enable-relay=mod,--enable-relay=no,"
125
126#--enable-shell enable shell backend no|yes|mod no
127# configure: WARNING: Use of --without-threads is recommended with back-shell
128PACKAGECONFIG[shell] = "--enable-shell=mod --without-threads,--enable-shell=no,"
129
130#--enable-sock enable sock backend no|yes|mod [no]
131PACKAGECONFIG[sock] = "--enable-sock=mod,--enable-sock=no,"
132
133#--enable-sql enable sql backend no|yes|mod no
134# sql requires some sql backend which provides sql.h, sqlite* provides
135# sqlite.h (which may be compatible but hasn't been tried.)
136PACKAGECONFIG[sql] = "--enable-sql=mod,--enable-sql=no,sqlite3"
137
138#--enable-dyngroup Dynamic Group overlay no|yes|mod no
139# This is a demo, Proxy Cache defines init_module which conflicts with the
140# same symbol in dyngroup
141PACKAGECONFIG[dyngroup] = "--enable-dyngroup=mod,--enable-dyngroup=no,"
142
143#--enable-proxycache Proxy Cache overlay no|yes|mod no
144PACKAGECONFIG[proxycache] = "--enable-proxycache=mod,--enable-proxycache=no,"
145FILES_${PN}-overlay-proxycache = "${md}/pcache-*.so.*"
146PACKAGES += "${PN}-overlay-proxycache"
147
148# Append URANDOM_DEVICE='/dev/urandom' to CPPFLAGS:
149# This allows tls to obtain random bits from /dev/urandom, by default
150# it was disabled for cross-compiling.
Patrick Williamsddad1a12017-02-23 20:36:32 -0600[diff] [blame^]151CPPFLAGS_append = " -D_GNU_SOURCE -DURANDOM_DEVICE=\'/dev/urandom\' -fPIC"
Patrick Williamsb48b7b42016-08-17 15:04:38 -0500[diff] [blame]152
153LDFLAGS += "-pthread"
154
155do_configure() {
156 cp ${STAGING_DATADIR_NATIVE}/libtool/build-aux/ltmain.sh ${S}/build
157 rm -f ${S}/libtool
158 aclocal
159 libtoolize --force --copy
160 gnu-configize
161 autoconf
162 oe_runconf
163}
164
165LEAD_SONAME = "libldap-${LDAP_VER}.so.*"
166
167# The executables go in a separate package. This allows the
168# installation of the libraries with no daemon support.
169# Each module also has its own package - see above.
170PACKAGES += "${PN}-slapd ${PN}-slurpd ${PN}-bin"
171
172# Package contents - shift most standard contents to -bin
173FILES_${PN} = "${libdir}/lib*.so.* ${sysconfdir}/openldap/ldap.* ${localstatedir}/${BPN}/data"
174FILES_${PN}-slapd = "${sysconfdir}/init.d ${libexecdir}/slapd ${sbindir} ${localstatedir}/run ${localstatedir}/volatile/run \
175 ${sysconfdir}/openldap/slapd.* ${sysconfdir}/openldap/schema \
176 ${sysconfdir}/openldap/DB_CONFIG.example ${systemd_unitdir}/system/*"
177FILES_${PN}-slurpd = "${libexecdir}/slurpd ${localstatedir}/openldap-slurp ${localstatedir}/run ${localstatedir}/volatile/run"
178FILES_${PN}-bin = "${bindir}"
179FILES_${PN}-dev = "${includedir} ${libdir}/lib*.so ${libdir}/*.la ${libdir}/*.a ${libexecdir}/openldap/*.a ${libexecdir}/openldap/*.la ${libexecdir}/openldap/*.so"
180FILES_${PN}-dbg += "${libexecdir}/openldap/.debug"
181
182do_install_append() {
183 install -d ${D}${sysconfdir}/init.d
184 cat ${WORKDIR}/initscript > ${D}${sysconfdir}/init.d/openldap
185 chmod 755 ${D}${sysconfdir}/init.d/openldap
186 # This is duplicated in /etc/openldap and is for slapd
187 rm -f ${D}${localstatedir}/openldap-data/DB_CONFIG.example
188
189 # Installing slapd under ${sbin} is more FHS and LSB compliance
190 mv ${D}${libexecdir}/slapd ${D}/${sbindir}/slapd
191 SLAPTOOLS="slapadd slapcat slapdn slapindex slappasswd slaptest slapauth slapacl slapschema"
192 cd ${D}/${sbindir}/
193 rm -f ${SLAPTOOLS}
194 for i in ${SLAPTOOLS}; do ln -sf slapd $i; done
195
196 rmdir "${D}${localstatedir}/run"
197 rmdir --ignore-fail-on-non-empty "${D}${localstatedir}"
198
199 install -d ${D}${systemd_unitdir}/system/
200 install -m 0644 ${WORKDIR}/slapd.service ${D}${systemd_unitdir}/system/
201 sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_unitdir}/system/*.service
202
203 # Uses mdm as the database
204 # and localstatedir as data directory ...
205 sed -e 's/# modulepath/modulepath/' \
206 -e 's/# moduleload\s*back_bdb.*/moduleload back_mdb/' \
207 -e 's/database\s*bdb/database mdb/' \
208 -e 's%^directory\s*.*%directory ${localstatedir}/${BPN}/data/%' \
209 -i ${D}${sysconfdir}/openldap/slapd.conf
210
211 mkdir -p ${D}${localstatedir}/${BPN}/data
212
213
214}
215
216INITSCRIPT_PACKAGES = "${PN}-slapd"
217INITSCRIPT_NAME_${PN}-slapd = "openldap"
218INITSCRIPT_PARAMS_${PN}-slapd = "defaults"
219SYSTEMD_SERVICE_${PN}-slapd = "hostapd.service"
220SYSTEMD_AUTO_ENABLE_${PN}-slapd ?= "disable"
221
222
223PACKAGES_DYNAMIC += "^${PN}-backends.* ^${PN}-backend-.*"
224
225# The modules require their .so to be dynamicaly loaded
226INSANE_SKIP_${PN}-backend-dnssrv += "dev-so"
227INSANE_SKIP_${PN}-backend-ldap += "dev-so"
228INSANE_SKIP_${PN}-backend-meta += "dev-so"
229INSANE_SKIP_${PN}-backend-mdb += "dev-so"
230INSANE_SKIP_${PN}-backend-monitor += "dev-so"
231INSANE_SKIP_${PN}-backend-null += "dev-so"
232INSANE_SKIP_${PN}-backend-passwd += "dev-so"
233INSANE_SKIP_${PN}-backend-shell += "dev-so"
234
235
236python populate_packages_prepend () {
237 backend_dir = d.expand('${libexecdir}/openldap')
238 do_split_packages(d, backend_dir, 'back_([a-z]*)\.so$', 'openldap-backend-%s', 'OpenLDAP %s backend', prepend=True, extra_depends='', allow_links=True)
239 do_split_packages(d, backend_dir, 'back_([a-z]*)\-.*\.so\..*$', 'openldap-backend-%s', 'OpenLDAP %s backend', extra_depends='', allow_links=True)
240
241 metapkg = "${PN}-backends"
242 d.setVar('ALLOW_EMPTY_' + metapkg, "1")
243 d.setVar('FILES_' + metapkg, "")
244 metapkg_rdepends = []
245 packages = d.getVar('PACKAGES', 1).split()
246 for pkg in packages[1:]:
247 if pkg.count("openldap-backend-") and not pkg in metapkg_rdepends and not pkg.count("-dev") and not pkg.count("-dbg") and not pkg.count("static") and not pkg.count("locale"):
248 metapkg_rdepends.append(pkg)
249 d.setVar('RDEPENDS_' + metapkg, ' '.join(metapkg_rdepends))
250 d.setVar('DESCRIPTION_' + metapkg, 'OpenLDAP backends meta package')
251 packages.append(metapkg)
252 d.setVar('PACKAGES', ' '.join(packages))
253}
254
255BBCLASSEXTEND = "native"