Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 1 | SUMMARY = "OpenLDAP Directory Service" |
| 2 | DESCRIPTION = "OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol." |
| 3 | HOMEPAGE = "http://www.OpenLDAP.org/license.html" |
| 4 | # The OpenLDAP Public License - see the HOMEPAGE - defines |
| 5 | # the license. www.openldap.org claims this is Open Source |
| 6 | # (see http://www.openldap.org), the license appears to be |
| 7 | # basically BSD. opensource.org does not record this license |
| 8 | # at present (so it is apparently not OSI certified). |
| 9 | LICENSE = "OpenLDAP" |
| 10 | LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=5391b559d23a2237bdb21e7a62dae7c3 \ |
| 11 | file://LICENSE;md5=153d07ef052c4a37a8fac23bc6031972 \ |
| 12 | " |
| 13 | SECTION = "libs" |
| 14 | |
| 15 | LDAP_VER = "${@'.'.join(d.getVar('PV').split('.')[0:2])}" |
| 16 | |
| 17 | SRC_URI = "http://www.openldap.org/software/download/OpenLDAP/openldap-release/${BP}.tgz \ |
| 18 | file://openldap-m4-pthread.patch \ |
| 19 | file://openldap-2.4.28-gnutls-gcrypt.patch \ |
| 20 | file://use-urandom.patch \ |
| 21 | file://initscript \ |
| 22 | file://slapd.service \ |
| 23 | file://thread_stub.patch \ |
| 24 | file://openldap-CVE-2015-3276.patch \ |
| 25 | file://remove-user-host-pwd-from-version.patch \ |
| 26 | " |
| 27 | |
Andrew Geissler | 2ee498a | 2020-05-29 15:52:06 -0500 | [diff] [blame^] | 28 | SRC_URI[md5sum] = "f9ed44ef373abed04c9e4c8586260f9e" |
| 29 | SRC_URI[sha256sum] = "5cb57d958bf5c55a678c6a0f06821e0e5504d5a92e6a33240841fbca1db586b8" |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 30 | |
| 31 | DEPENDS = "util-linux groff-native" |
| 32 | |
| 33 | # The original top.mk used INSTALL, not INSTALL_STRIP_PROGRAM when |
| 34 | # installing .so and executables, this fails in cross compilation |
| 35 | # environments |
| 36 | SRC_URI += "file://install-strip.patch" |
| 37 | |
| 38 | inherit autotools-brokensep update-rc.d systemd |
| 39 | |
| 40 | # CV SETTINGS |
| 41 | # Required to work round AC_FUNC_MEMCMP which gets the wrong answer |
| 42 | # when cross compiling (should be in site?) |
| 43 | EXTRA_OECONF += "ac_cv_func_memcmp_working=yes" |
| 44 | |
| 45 | # CONFIG DEFINITIONS |
| 46 | # The following is necessary because it cannot be determined for a |
| 47 | # cross compile automagically. Select should yield fine on all OE |
| 48 | # systems... |
| 49 | EXTRA_OECONF += "--with-yielding-select=yes" |
| 50 | # Shared libraries are nice... |
| 51 | EXTRA_OECONF += "--enable-dynamic" |
| 52 | |
| 53 | PACKAGECONFIG ??= "gnutls modules \ |
| 54 | mdb ldap meta monitor null passwd shell proxycache dnssrv \ |
| 55 | ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \ |
| 56 | " |
| 57 | #--with-tls with TLS/SSL support auto|openssl|gnutls [auto] |
| 58 | PACKAGECONFIG[gnutls] = "--with-tls=gnutls,,gnutls libgcrypt" |
| 59 | PACKAGECONFIG[openssl] = "--with-tls=openssl,,openssl" |
| 60 | |
| 61 | PACKAGECONFIG[sasl] = "--with-cyrus-sasl,--without-cyrus-sasl,cyrus-sasl" |
| 62 | PACKAGECONFIG[modules] = "lt_cv_dlopen_self=yes --enable-modules,--disable-modules,libtool" |
| 63 | PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6" |
| 64 | |
| 65 | # SLAPD options |
| 66 | # |
| 67 | # UNIX crypt(3) passwd support: |
| 68 | EXTRA_OECONF += "--enable-crypt" |
| 69 | |
| 70 | # SLAPD BACKEND |
| 71 | # |
| 72 | # The backend must be set by the configuration. This controls the |
| 73 | # required database. |
| 74 | # |
| 75 | # Backends="bdb dnssrv hdb ldap mdb meta monitor ndb null passwd perl relay shell sock sql" |
| 76 | # |
| 77 | # Note that multiple backends can be built. The ldbm backend requires a |
| 78 | # build-time choice of database API. The bdb backend forces this to be |
| 79 | # DB4. To use the gdbm (or other) API the Berkely database module must |
| 80 | # be removed from the build. |
| 81 | md = "${libexecdir}/openldap" |
| 82 | # |
| 83 | #--enable-bdb enable Berkeley DB backend no|yes|mod yes |
| 84 | # The Berkely DB is the standard choice. This version of OpenLDAP requires |
| 85 | # the version 4 implementation or better. |
| 86 | PACKAGECONFIG[bdb] = "--enable-bdb=yes,--enable-bdb=no,db" |
| 87 | |
| 88 | #--enable-dnssrv enable dnssrv backend no|yes|mod no |
| 89 | PACKAGECONFIG[dnssrv] = "--enable-dnssrv=mod,--enable-dnssrv=no" |
| 90 | |
| 91 | #--enable-hdb enable Hierarchical DB backend no|yes|mod no |
| 92 | PACKAGECONFIG[hdb] = "--enable-hdb=yes,--enable-hdb=no,db" |
| 93 | |
| 94 | #--enable-ldap enable ldap backend no|yes|mod no |
| 95 | PACKAGECONFIG[ldap] = "--enable-ldap=mod,--enable-ldap=no," |
| 96 | |
| 97 | #--enable-mdb enable mdb database backend no|yes|mod [yes] |
| 98 | PACKAGECONFIG[mdb] = "--enable-mdb=yes,--enable-mdb=no," |
| 99 | |
| 100 | #--enable-meta enable metadirectory backend no|yes|mod no |
| 101 | PACKAGECONFIG[meta] = "--enable-meta=mod,--enable-meta=no," |
| 102 | |
| 103 | #--enable-monitor enable monitor backend no|yes|mod yes |
| 104 | PACKAGECONFIG[monitor] = "--enable-monitor=mod,--enable-monitor=no," |
| 105 | |
| 106 | #--enable-ndb enable MySQL NDB Cluster backend no|yes|mod [no] |
| 107 | PACKAGECONFIG[ndb] = "--enable-ndb=mod,--enable-ndb=no," |
| 108 | |
| 109 | #--enable-null enable null backend no|yes|mod no |
| 110 | PACKAGECONFIG[null] = "--enable-null=mod,--enable-null=no," |
| 111 | |
| 112 | #--enable-passwd enable passwd backend no|yes|mod no |
| 113 | PACKAGECONFIG[passwd] = "--enable-passwd=mod,--enable-passwd=no," |
| 114 | |
| 115 | #--enable-perl enable perl backend no|yes|mod no |
| 116 | # This requires a loadable perl dynamic library, if enabled without |
| 117 | # doing something appropriate (building perl?) the build will pick |
| 118 | # up the build machine perl - not good (inherit perlnative?) |
| 119 | PACKAGECONFIG[perl] = "--enable-perl=mod,--enable-perl=no,perl" |
| 120 | |
| 121 | #--enable-relay enable relay backend no|yes|mod [yes] |
| 122 | PACKAGECONFIG[relay] = "--enable-relay=mod,--enable-relay=no," |
| 123 | |
| 124 | #--enable-shell enable shell backend no|yes|mod no |
| 125 | # configure: WARNING: Use of --without-threads is recommended with back-shell |
| 126 | PACKAGECONFIG[shell] = "--enable-shell=mod --without-threads,--enable-shell=no," |
| 127 | |
| 128 | #--enable-sock enable sock backend no|yes|mod [no] |
| 129 | PACKAGECONFIG[sock] = "--enable-sock=mod,--enable-sock=no," |
| 130 | |
| 131 | #--enable-sql enable sql backend no|yes|mod no |
| 132 | # sql requires some sql backend which provides sql.h, sqlite* provides |
| 133 | # sqlite.h (which may be compatible but hasn't been tried.) |
| 134 | PACKAGECONFIG[sql] = "--enable-sql=mod,--enable-sql=no,sqlite3" |
| 135 | |
| 136 | #--enable-dyngroup Dynamic Group overlay no|yes|mod no |
| 137 | # This is a demo, Proxy Cache defines init_module which conflicts with the |
| 138 | # same symbol in dyngroup |
| 139 | PACKAGECONFIG[dyngroup] = "--enable-dyngroup=mod,--enable-dyngroup=no," |
| 140 | |
| 141 | #--enable-proxycache Proxy Cache overlay no|yes|mod no |
| 142 | PACKAGECONFIG[proxycache] = "--enable-proxycache=mod,--enable-proxycache=no," |
| 143 | FILES_${PN}-overlay-proxycache = "${md}/pcache-*.so.*" |
| 144 | PACKAGES += "${PN}-overlay-proxycache" |
| 145 | |
| 146 | # Append URANDOM_DEVICE='/dev/urandom' to CPPFLAGS: |
| 147 | # This allows tls to obtain random bits from /dev/urandom, by default |
| 148 | # it was disabled for cross-compiling. |
| 149 | CPPFLAGS_append = " -D_GNU_SOURCE -DURANDOM_DEVICE=\'/dev/urandom\' -fPIC" |
| 150 | |
| 151 | LDFLAGS_append = " -pthread" |
| 152 | |
| 153 | do_configure() { |
| 154 | cp ${STAGING_DATADIR_NATIVE}/libtool/build-aux/ltmain.sh ${S}/build |
| 155 | rm -f ${S}/libtool |
| 156 | aclocal |
| 157 | libtoolize --force --copy |
| 158 | gnu-configize |
| 159 | autoconf |
| 160 | oe_runconf |
| 161 | } |
| 162 | |
| 163 | LEAD_SONAME = "libldap-${LDAP_VER}.so.*" |
| 164 | |
| 165 | # The executables go in a separate package. This allows the |
| 166 | # installation of the libraries with no daemon support. |
| 167 | # Each module also has its own package - see above. |
| 168 | PACKAGES += "${PN}-slapd ${PN}-slurpd ${PN}-bin" |
| 169 | |
| 170 | # Package contents - shift most standard contents to -bin |
| 171 | FILES_${PN} = "${libdir}/lib*.so.* ${sysconfdir}/openldap/ldap.* ${localstatedir}/${BPN}/data" |
| 172 | FILES_${PN}-slapd = "${sysconfdir}/init.d ${libexecdir}/slapd ${sbindir} ${localstatedir}/run ${localstatedir}/volatile/run \ |
| 173 | ${sysconfdir}/openldap/slapd.* ${sysconfdir}/openldap/schema \ |
| 174 | ${sysconfdir}/openldap/DB_CONFIG.example ${systemd_unitdir}/system/*" |
| 175 | FILES_${PN}-slurpd = "${libexecdir}/slurpd ${localstatedir}/openldap-slurp ${localstatedir}/run ${localstatedir}/volatile/run" |
| 176 | FILES_${PN}-bin = "${bindir}" |
| 177 | FILES_${PN}-dev = "${includedir} ${libdir}/lib*.so ${libdir}/*.la ${libdir}/*.a ${libexecdir}/openldap/*.a ${libexecdir}/openldap/*.la ${libexecdir}/openldap/*.so" |
| 178 | FILES_${PN}-dbg += "${libexecdir}/openldap/.debug" |
| 179 | |
| 180 | do_install_append() { |
| 181 | install -d ${D}${sysconfdir}/init.d |
| 182 | cat ${WORKDIR}/initscript > ${D}${sysconfdir}/init.d/openldap |
| 183 | chmod 755 ${D}${sysconfdir}/init.d/openldap |
| 184 | # This is duplicated in /etc/openldap and is for slapd |
| 185 | rm -f ${D}${localstatedir}/openldap-data/DB_CONFIG.example |
| 186 | |
| 187 | # Installing slapd under ${sbin} is more FHS and LSB compliance |
| 188 | mv ${D}${libexecdir}/slapd ${D}/${sbindir}/slapd |
| 189 | rmdir --ignore-fail-on-non-empty ${D}${libexecdir} |
| 190 | SLAPTOOLS="slapadd slapcat slapdn slapindex slappasswd slaptest slapauth slapacl slapschema" |
| 191 | cd ${D}/${sbindir}/ |
| 192 | rm -f ${SLAPTOOLS} |
| 193 | for i in ${SLAPTOOLS}; do ln -sf slapd $i; done |
| 194 | |
| 195 | rmdir "${D}${localstatedir}/run" |
| 196 | rmdir --ignore-fail-on-non-empty "${D}${localstatedir}" |
| 197 | |
| 198 | install -d ${D}${systemd_unitdir}/system/ |
| 199 | install -m 0644 ${WORKDIR}/slapd.service ${D}${systemd_unitdir}/system/ |
| 200 | sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_unitdir}/system/*.service |
| 201 | |
| 202 | # Uses mdm as the database |
| 203 | # and localstatedir as data directory ... |
| 204 | sed -e 's/# modulepath/modulepath/' \ |
| 205 | -e 's/# moduleload\s*back_bdb.*/moduleload back_mdb/' \ |
| 206 | -e 's/database\s*bdb/database mdb/' \ |
| 207 | -e 's%^directory\s*.*%directory ${localstatedir}/${BPN}/data/%' \ |
| 208 | -i ${D}${sysconfdir}/openldap/slapd.conf |
| 209 | |
| 210 | mkdir -p ${D}${localstatedir}/${BPN}/data |
| 211 | |
| 212 | |
| 213 | } |
| 214 | |
| 215 | INITSCRIPT_PACKAGES = "${PN}-slapd" |
| 216 | INITSCRIPT_NAME_${PN}-slapd = "openldap" |
| 217 | INITSCRIPT_PARAMS_${PN}-slapd = "defaults" |
| 218 | SYSTEMD_SERVICE_${PN}-slapd = "hostapd.service" |
| 219 | SYSTEMD_AUTO_ENABLE_${PN}-slapd ?= "disable" |
| 220 | |
| 221 | |
| 222 | PACKAGES_DYNAMIC += "^${PN}-backends.* ^${PN}-backend-.*" |
| 223 | |
| 224 | # The modules require their .so to be dynamicaly loaded |
| 225 | INSANE_SKIP_${PN}-backend-dnssrv += "dev-so" |
| 226 | INSANE_SKIP_${PN}-backend-ldap += "dev-so" |
| 227 | INSANE_SKIP_${PN}-backend-meta += "dev-so" |
| 228 | INSANE_SKIP_${PN}-backend-mdb += "dev-so" |
| 229 | INSANE_SKIP_${PN}-backend-monitor += "dev-so" |
| 230 | INSANE_SKIP_${PN}-backend-null += "dev-so" |
| 231 | INSANE_SKIP_${PN}-backend-passwd += "dev-so" |
| 232 | INSANE_SKIP_${PN}-backend-shell += "dev-so" |
| 233 | |
| 234 | |
| 235 | python populate_packages_prepend () { |
| 236 | backend_dir = d.expand('${libexecdir}/openldap') |
| 237 | do_split_packages(d, backend_dir, 'back_([a-z]*)\.so$', 'openldap-backend-%s', 'OpenLDAP %s backend', prepend=True, extra_depends='', allow_links=True) |
| 238 | do_split_packages(d, backend_dir, 'back_([a-z]*)\-.*\.so\..*$', 'openldap-backend-%s', 'OpenLDAP %s backend', extra_depends='', allow_links=True) |
| 239 | |
| 240 | metapkg = "${PN}-backends" |
| 241 | d.setVar('ALLOW_EMPTY_' + metapkg, "1") |
| 242 | d.setVar('FILES_' + metapkg, "") |
| 243 | metapkg_rdepends = [] |
| 244 | packages = d.getVar('PACKAGES').split() |
| 245 | for pkg in packages[1:]: |
| 246 | if pkg.count("openldap-backend-") and not pkg in metapkg_rdepends and not pkg.count("-dev") and not pkg.count("-dbg") and not pkg.count("static") and not pkg.count("locale"): |
| 247 | metapkg_rdepends.append(pkg) |
| 248 | d.setVar('RDEPENDS_' + metapkg, ' '.join(metapkg_rdepends)) |
| 249 | d.setVar('DESCRIPTION_' + metapkg, 'OpenLDAP backends meta package') |
| 250 | packages.append(metapkg) |
| 251 | d.setVar('PACKAGES', ' '.join(packages)) |
| 252 | } |
| 253 | |
| 254 | BBCLASSEXTEND = "native" |