Your message dated Tue, 12 Apr 2005 15:48:25 -0400
with message-id <[EMAIL PROTECTED]>
and subject line Bug#278875: fixed in openldap2 2.1.30-6
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 29 Oct 2004 22:50:09 +0000
>From [EMAIL PROTECTED] Fri Oct 29 15:50:09 2004
Return-path: <[EMAIL PROTECTED]>
Received: from outbound02.telus.net (priv-edtnes10.telusplanet.net)
[199.185.220.221]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CNfZR-0005Qn-00; Fri, 29 Oct 2004 15:50:09 -0700
Received: from tor.lat ([205.250.104.75]) by priv-edtnes10.telusplanet.net
(InterMail vM.6.01.03.03 201-2131-111-105-20040624) with ESMTP
id <[EMAIL PROTECTED]>
for <[EMAIL PROTECTED]>; Fri, 29 Oct 2004 16:49:23 -0600
Received: from [192.168.179.43] (fis.lat [192.168.179.43])
by tor.lat (Postfix) with ESMTP id 20E551958F2
for <[EMAIL PROTECTED]>; Fri, 29 Oct 2004 15:49:23 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v619)
To: [EMAIL PROTECTED]
Message-Id: <[EMAIL PROTECTED]>
Content-Type: multipart/mixed; boundary=Apple-Mail-16-523815387
From: [EMAIL PROTECTED]
Subject: --with-tls=openssl Broken When Both libgnutls*-dev & libssl-dev
Installed
Date: Fri, 29 Oct 2004 15:48:19 -0700
X-Mailer: Apple Mail (2.619)
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-5.2 required=4.0 tests=BAYES_00,FROM_ENDS_IN_NUMS,
HAS_PACKAGE,NO_REAL_NAME autolearn=no
version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
--Apple-Mail-16-523815387
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=US-ASCII;
format=flowed
Package: openldap2
Version: 2.1.30-3
Tags: patch
The GNUTLS patch prevents OpenLDAP from being built with OpenSSL when
both libgnutls*-dev & libssl-dev are installed. In this case, even when
--with-tls=openssl, OpenLDAP still builds with GNUTLS.
I think the problem is configure.in:
[...]
if test $ol_with_tls != no ; then
AC_CHECK_HEADERS(openssl/ssl.h ssl.h gnutls/gnutls.h)
if test $ac_cv_header_gnutls_gnutls_h = yes ; then
[...]
ol_with_tls=found
[...]
So even when $ol_with_tls = openssl, $ac_cv_header_gnutls_gnutls_h =
yes & GNUTLS is used: ol_with_tls=found.
The attached patch corrects this behavior. When both libgnutls*-dev &
libssl-dev are installed, --with-tls=openssl builds with OpenSSL,
--with-tls=gnutls builds with GNUTLS, & --with-tls=yes or
--with-tls=auto builds with GNUTLS ; )
I also confirmed that the patch doesn't affect how OpenLDAP is built
when only one of libgnutls*-dev or libssl-dev are installed.
Thanks for all your hard work on OpenLDAP!
Jack
--Apple-Mail-16-523815387
Content-Transfer-Encoding: 7bit
Content-Type: application/octet-stream;
x-unix-mode=0644;
name="patch"
Content-Disposition: attachment;
filename=patch
--- openldap2-2.1.30/configure.in 2004-10-29 14:17:12.000000000 -0700
+++ openldap2-2.1.30.fixed/configure.in 2004-10-29 14:14:33.000000000 -0700
@@ -1228,37 +1228,49 @@
dnl ----------------------------------------------------------------
dnl TLS/SSL
ol_link_tls=no
-if test $ol_with_tls != no ; then
- AC_CHECK_HEADERS(openssl/ssl.h ssl.h gnutls/gnutls.h)
+
+if test $ol_with_tls = yes \
+ -o $ol_with_tls = auto \
+ -o $ol_with_tls = gnutls ; then
+ AC_CHECK_HEADERS(gnutls/gnutls.h)
if test $ac_cv_header_gnutls_gnutls_h = yes ; then
- AC_CHECK_LIB(gnutls, gnutls_init,
- [
+ AC_CHECK_LIB(gnutls, gnutls_init, [
ol_with_tls=found
ol_link_tls=yes
TLS_LIBS="`libgnutls-config --libs`"
], [],
[-ltasn1 -lgcrypt])
+ fi
+fi
- elif test $ac_cv_header_openssl_ssl_h = yes \
+if test $ol_with_tls = yes \
+ -o $ol_with_tls = auto \
+ -o $ol_with_tls = ssleay \
+ -o $ol_with_tls = openssl ; then
+ AC_CHECK_HEADERS(openssl/ssl.h ssl.h)
+
+ if test $ac_cv_header_openssl_ssl_h = yes \
-o $ac_cv_header_ssl_h = yes ; then
- AC_CHECK_LIB(ssl, SSLeay_add_ssl_algorithms,
- [have_ssleay=yes
+ AC_CHECK_LIB(ssl, SSLeay_add_ssl_algorithms, [
+ have_ssleay=yes
need_rsaref=no],
[have_ssleay=no],
[-lcrypto])
if test $have_ssleay = no ; then
- AC_CHECK_LIB(ssl, SSL_library_init,
- [have_ssleay=yes
- need_rsaref=no], [have_ssleay=no],
+ AC_CHECK_LIB(ssl, SSL_library_init, [
+ have_ssleay=yes
+ need_rsaref=no],
+ [have_ssleay=no],
[-lcrypto])
fi
if test $have_ssleay = no ; then
- AC_CHECK_LIB(ssl, ssl3_accept,
- [have_ssleay=yes
- need_rsaref=yes], [have_ssleay=no],
+ AC_CHECK_LIB(ssl, ssl3_accept, [
+ have_ssleay=yes
+ need_rsaref=yes],
+ [have_ssleay=no],
[-lcrypto -lRSAglue -lrsaref])
fi
@@ -1266,12 +1278,12 @@
ol_with_tls=found
ol_link_tls=yes
- AC_DEFINE(HAVE_SSLEAY, 1,
- [define if you have SSLeay or OpenSSL])
+ AC_DEFINE(HAVE_SSLEAY, 1, [
+ define if you have SSLeay or OpenSSL])
if test $need_rsaref = yes; then
- AC_DEFINE(HAVE_RSAREF, 1,
- [define if you have RSAref])
+ AC_DEFINE(HAVE_RSAREF, 1, [
+ define if you have RSAref])
TLS_LIBS="-lssl -lcrypto -lRSAglue -lrsaref"
else
@@ -1279,20 +1291,14 @@
fi
fi
fi
-
-else
- AC_WARN([TLS data protection not supported!])
fi
if test $ol_link_tls = yes ; then
AC_DEFINE(HAVE_TLS, 1, [define if you have TLS])
-elif test $ol_with_tls = auto ; then
- AC_WARN([Could not locate TLS/SSL package])
- AC_WARN([TLS data protection not supported!])
-
elif test $ol_with_tls != no ; then
AC_ERROR([Could not locate TLS/SSL package])
+ AC_WARN([TLS data protection not supported!])
fi
dnl ----------------------------------------------------------------
--Apple-Mail-16-523815387--
---------------------------------------
Received: (at 278875-close) by bugs.debian.org; 12 Apr 2005 20:03:40 +0000
>From [EMAIL PROTECTED] Tue Apr 12 13:03:40 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DLRbn-00021n-00; Tue, 12 Apr 2005 13:03:39 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1DLRN3-00047W-00; Tue, 12 Apr 2005 15:48:25 -0400
From: Torsten Landschoff <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#278875: fixed in openldap2 2.1.30-6
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Tue, 12 Apr 2005 15:48:25 -0400
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 8
Source: openldap2
Source-Version: 2.1.30-6
We believe that the bug you reported is fixed in the latest version of
openldap2, which is due to be installed in the Debian FTP archive:
libldap2-dev_2.1.30-6_i386.deb
to pool/main/o/openldap2/libldap2-dev_2.1.30-6_i386.deb
libldap2_2.1.30-6_i386.deb
to pool/main/o/openldap2/libldap2_2.1.30-6_i386.deb
libslapd2-dev_2.1.30-6_all.deb
to pool/main/o/openldap2/libslapd2-dev_2.1.30-6_all.deb
openldap2_2.1.30-6.diff.gz
to pool/main/o/openldap2/openldap2_2.1.30-6.diff.gz
openldap2_2.1.30-6.dsc
to pool/main/o/openldap2/openldap2_2.1.30-6.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Torsten Landschoff <[EMAIL PROTECTED]> (supplier of updated openldap2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 12 Apr 2005 21:16:44 +0200
Source: openldap2
Binary: libslapd2-dev libldap2 libldap2-dev
Architecture: source all i386
Version: 2.1.30-6
Distribution: unstable
Urgency: low
Maintainer: Torsten Landschoff <[EMAIL PROTECTED]>
Changed-By: Torsten Landschoff <[EMAIL PROTECTED]>
Description:
libldap2 - OpenLDAP libraries
libldap2-dev - OpenLDAP development libraries
libslapd2-dev - OpenLDAP slapd back-end development headers
Closes: 238444 264443 264448 266688 266688 269758 276380 278875 283606 298270
304367
Changes:
openldap2 (2.1.30-6) unstable; urgency=low
.
* Update configure stuff using libtoolize, aclocal-1.4 and autoconf2.50
to update libtool for kfreebsd-gnu and friends (closes: #266688).
* Readd ntlm.c from the NTLM patch which got lost somewhere inbetween,
ouch. Forgot to svn add it...
* debian/move_files: Move the ucdata files into the slapd package (which
is no longer build) as libldap2 (where they used to be) does not use
them (closes: #298270).
* Apply patch from #278875 to allow building against OpenSSL if
requested by user (closes: #278875). Run autoconf to recreate configure.
* debian/check_config: Make check more robust for different autoconf
versions.
* debian/rules: Remove automatic invocation of autoheader and autoconf
as they failed here.
* debian/slapd.init: Add --oknodo to start-stop-daemon invocations to
make the script idempotent (bug #298741), patch by Bill Allombert.
* Retarget and upload to unstable to have slapd and ldap-utils provided
only by openldap2.2 sources (closes: #304367).
.
openldap2 (2.1.30-5) experimental; urgency=low
.
* BEWARE: Don't upload this before openldap2.2 is there!!
* debian/rules: Only build libldap2 and libldap2-dev for client
packages. The openldap2 source package will be superseded with
openldap2.2 which provides the server support.
.
openldap2 (2.1.30-4) unstable; urgency=low
.
* Roland Bauerschmidt <[EMAIL PROTECTED]>
+ Applied patch by Modestas Vainius <[EMAIL PROTECTED]> to fix a
memory leak in the GNUTLS compatibility wrapper. Closes: #264443.
+ Applied patch by Modestas Vainius <[EMAIL PROTECTED]> to
install executables without stripping them by using the "-s"
option. They will be stripped by dh_strip later, which is aware
of DEB_BUILD_OPTIONS. Closes: #264448.
+ Fix a segmentation fault when a non-existent TLS_CACERTDIR is
specified in ldap.conf. Thanks to Guido Guenther <[EMAIL PROTECTED]>
for the straight-forward patch. Closes: #269758.
* Torsten Landschoff <[EMAIL PROTECTED]>
+ debian/configure.options: Build back-ldap statically (closes: #238444).
+ libraries/libldap/Makefile.in: Link with thread libraries
(closes: #266688).
+ Refine the patch for the TLS_CACERTDIR problem to log an error
message if the directory can't be opened.
+ Fix the check if an existing database should be moved (closes: #276380).
+ debian/fix_ldif: Apply patch from Andreas Schuldei for better
schema checks et cetera.
+ Apply patch for NTLM support from
http://patches.ximian.com/download.cgi?object=openldap-ntlm.patch-4
(closes: #283606).
Files:
d5ad225f0fcb2697d7d84ac31525d290 951 net optional openldap2_2.1.30-6.dsc
a498882db55981e6e9dab9e89bb51ccd 454549 net optional openldap2_2.1.30-6.diff.gz
7ccd54daab07a06752bdf5551b4183df 240954 libs important
libldap2_2.1.30-6_i386.deb
e67e8a3dee8a3b0fb00d6f1b663d7805 327394 libdevel extra
libldap2-dev_2.1.30-6_i386.deb
3f1b25dc42b2065ed62832afcdc19d8d 72844 libdevel extra
libslapd2-dev_2.1.30-6_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFCXCTddQgHtVUb5EcRAlQMAJ9TV+doVMZaOmW9kek1K6FsGUx0gwCfQF2r
FPgd0UTKwfMDfJ7ZHamxWPk=
=WNcY
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
