summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'net-nds')
-rw-r--r--net-nds/389-admin/389-admin-1.1.31.ebuild171
-rw-r--r--net-nds/389-admin/Manifest1
-rw-r--r--net-nds/389-admin/files/1.1.11_rc1/0001-gentoo-apache-names.patch18
-rw-r--r--net-nds/389-admin/files/1.1.11_rc1/0003-find-mod_nss.m4.patch11
-rw-r--r--net-nds/389-admin/files/1.1.11_rc1/0004-rpath-fix.configure.ac.patch19
-rw-r--r--net-nds/389-admin/files/1.1.11_rc1/0010-gentoo_selinux_makefile.patch11
-rw-r--r--net-nds/389-admin/files/1.1.11_rc1/48_mod_admserv.conf3
-rw-r--r--net-nds/389-admin/files/1.1.11_rc1/48_mod_restartd.conf5
-rw-r--r--net-nds/389-admin/files/389-admin-cfgstuff-1.patch56
-rw-r--r--net-nds/389-admin/files/389-admin.confd73
-rw-r--r--net-nds/389-admin/files/389-admin.initd162
-rw-r--r--net-nds/389-admin/files/restart-ds-admin7
-rw-r--r--net-nds/389-admin/files/start-ds-admin7
-rw-r--r--net-nds/389-admin/files/stop-ds-admin7
-rw-r--r--net-nds/389-admin/metadata.xml12
-rw-r--r--net-nds/389-ds-base/389-ds-base-1.3.0.2-r1.ebuild165
-rw-r--r--net-nds/389-ds-base/Manifest1
-rw-r--r--net-nds/389-ds-base/files/389-ds-base-1.2.11-fix-mozldap.patch28
-rw-r--r--net-nds/389-ds-base/files/389-ds-snmp.initd45
-rw-r--r--net-nds/389-ds-base/files/389-ds.initd78
-rw-r--r--net-nds/389-ds-base/files/restart-dirsrv30
-rw-r--r--net-nds/389-ds-base/files/start-dirsrv14
-rw-r--r--net-nds/389-ds-base/metadata.xml22
-rw-r--r--net-nds/adtool/Manifest1
-rw-r--r--net-nds/adtool/adtool-1.3.3.ebuild34
-rw-r--r--net-nds/adtool/files/adtool-1.3.3-bfr-overflow.patch18
-rw-r--r--net-nds/adtool/metadata.xml10
-rw-r--r--net-nds/gosa-core/Manifest3
-rw-r--r--net-nds/gosa-core/files/gosa.include36
-rw-r--r--net-nds/gosa-core/gosa-core-2.6.10.ebuild106
-rw-r--r--net-nds/gosa-core/gosa-core-2.6.11.ebuild108
-rw-r--r--net-nds/gosa-core/gosa-core-2.6.12.ebuild108
-rw-r--r--net-nds/gosa-core/metadata.xml15
-rw-r--r--net-nds/gosa-plugin-mail/Manifest3
-rw-r--r--net-nds/gosa-plugin-mail/gosa-plugin-mail-2.6.10.ebuild50
-rw-r--r--net-nds/gosa-plugin-mail/gosa-plugin-mail-2.6.11.ebuild50
-rw-r--r--net-nds/gosa-plugin-mail/gosa-plugin-mail-2.6.12-r1.ebuild52
-rw-r--r--net-nds/gosa-plugin-mail/gosa-plugin-mail-2.6.12.ebuild53
-rw-r--r--net-nds/gosa-plugin-mail/metadata.xml11
-rw-r--r--net-nds/gosa-plugin-samba/Manifest3
-rw-r--r--net-nds/gosa-plugin-samba/gosa-plugin-samba-2.6.10.ebuild45
-rw-r--r--net-nds/gosa-plugin-samba/gosa-plugin-samba-2.6.11.ebuild45
-rw-r--r--net-nds/gosa-plugin-samba/gosa-plugin-samba-2.6.12-r1.ebuild48
-rw-r--r--net-nds/gosa-plugin-samba/gosa-plugin-samba-2.6.12.ebuild48
-rw-r--r--net-nds/gosa-plugin-samba/metadata.xml11
-rw-r--r--net-nds/gosa-plugin-systems/Manifest3
-rw-r--r--net-nds/gosa-plugin-systems/gosa-plugin-systems-2.6.10.ebuild44
-rw-r--r--net-nds/gosa-plugin-systems/gosa-plugin-systems-2.6.11.ebuild44
-rw-r--r--net-nds/gosa-plugin-systems/gosa-plugin-systems-2.6.12-r1.ebuild45
-rw-r--r--net-nds/gosa-plugin-systems/gosa-plugin-systems-2.6.12.ebuild45
-rw-r--r--net-nds/gosa-plugin-systems/metadata.xml11
-rw-r--r--net-nds/jxplorer/Manifest4
-rw-r--r--net-nds/jxplorer/files/3.2-com.ca.level.patch20
-rw-r--r--net-nds/jxplorer/files/3.3-disable-jxworkbench.patch12
-rw-r--r--net-nds/jxplorer/files/build.xml70
-rw-r--r--net-nds/jxplorer/files/jxplorer-3-pre26
-rw-r--r--net-nds/jxplorer/files/jxplorer-pre-r128
-rw-r--r--net-nds/jxplorer/jxplorer-3.2-r2.ebuild75
-rw-r--r--net-nds/jxplorer/jxplorer-3.2.ebuild65
-rw-r--r--net-nds/jxplorer/jxplorer-3.3.1.1.ebuild69
-rw-r--r--net-nds/jxplorer/jxplorer-3.3.1.ebuild69
-rw-r--r--net-nds/jxplorer/metadata.xml8
-rw-r--r--net-nds/lat/Manifest1
-rw-r--r--net-nds/lat/lat-1.2.3.ebuild60
-rw-r--r--net-nds/lat/metadata.xml13
-rw-r--r--net-nds/ldapvi/Manifest2
-rw-r--r--net-nds/ldapvi/files/ldapvi-1.7+glibc-2.10.patch39
-rw-r--r--net-nds/ldapvi/files/ldapvi-1.7-vim-encoding.patch13
-rw-r--r--net-nds/ldapvi/ldapvi-1.7-r1.ebuild40
-rw-r--r--net-nds/ldapvi/ldapvi-1.7_p20101214.ebuild47
-rw-r--r--net-nds/ldapvi/metadata.xml15
-rw-r--r--net-nds/led/Manifest1
-rw-r--r--net-nds/led/led-1.111.ebuild30
-rw-r--r--net-nds/led/metadata.xml11
-rw-r--r--net-nds/metadata.xml36
-rw-r--r--net-nds/nsscache/Manifest3
-rw-r--r--net-nds/nsscache/files/nsscache-0.8.3-starttls.patch53
-rw-r--r--net-nds/nsscache/files/nsscache.conf122
-rw-r--r--net-nds/nsscache/metadata.xml14
-rw-r--r--net-nds/nsscache/nsscache-0.21.14.ebuild47
-rw-r--r--net-nds/nsscache/nsscache-0.23.ebuild42
-rw-r--r--net-nds/nsscache/nsscache-0.8.8.ebuild39
-rw-r--r--net-nds/openldap/Manifest5
-rw-r--r--net-nds/openldap/files/DB_CONFIG.fast.example25
-rw-r--r--net-nds/openldap/files/openldap-2.2.14-perlthreadsfix.patch12
-rw-r--r--net-nds/openldap/files/openldap-2.2.6-ntlm.patch199
-rw-r--r--net-nds/openldap/files/openldap-2.3.21-ppolicy.patch13
-rw-r--r--net-nds/openldap/files/openldap-2.3.24-contrib-smbk5pwd.patch53
-rw-r--r--net-nds/openldap/files/openldap-2.3.34-slapd-conf64
-rw-r--r--net-nds/openldap/files/openldap-2.3.37-libldap_r.patch21
-rw-r--r--net-nds/openldap/files/openldap-2.3.43-fix-hang.patch19
-rw-r--r--net-nds/openldap/files/openldap-2.3.XY-gcc44.patch30
-rw-r--r--net-nds/openldap/files/openldap-2.4.11-libldap_r.patch11
-rw-r--r--net-nds/openldap/files/openldap-2.4.15-ppolicy.patch12
-rw-r--r--net-nds/openldap/files/openldap-2.4.17-fix-lmpasswd-gnutls-symbols.patch109
-rw-r--r--net-nds/openldap/files/openldap-2.4.17-gcc44.patch11
-rw-r--r--net-nds/openldap/files/openldap-2.4.28-fix-dash.patch26
-rw-r--r--net-nds/openldap/files/openldap-2.4.28-gnutls-gcrypt.patch11
-rw-r--r--net-nds/openldap/files/openldap-2.4.31-gcc47.patch16
-rw-r--r--net-nds/openldap/files/openldap-2.4.33-gnutls.patch60
-rw-r--r--net-nds/openldap/files/openldap-2.4.35-contrib-samba4.patch38
-rw-r--r--net-nds/openldap/files/openldap-2.4.35-contrib-smbk5pwd.patch48
-rw-r--r--net-nds/openldap/files/openldap-2.4.40-mdb-unbundle.patch136
-rw-r--r--net-nds/openldap/files/openldap-2.4.40-slapd-conf64
-rw-r--r--net-nds/openldap/files/openldap-2.4.6-evolution-ntlm.patch192
-rw-r--r--net-nds/openldap/files/slapd-confd14
-rw-r--r--net-nds/openldap/files/slapd-confd-2.4.28-r126
-rw-r--r--net-nds/openldap/files/slapd-initd30
-rw-r--r--net-nds/openldap/files/slapd-initd-2.4.28-r136
-rw-r--r--net-nds/openldap/files/slapd-initd-2.4.4051
-rw-r--r--net-nds/openldap/files/slapd-initd-2.4.40-r165
-rw-r--r--net-nds/openldap/files/slapd-initd-2.4.40-r265
-rw-r--r--net-nds/openldap/files/slapd-initd222
-rw-r--r--net-nds/openldap/files/slapd.service12
-rw-r--r--net-nds/openldap/files/slapd.service.conf12
-rw-r--r--net-nds/openldap/files/slapd.tmpfilesd2
-rw-r--r--net-nds/openldap/files/slurpd-initd22
-rw-r--r--net-nds/openldap/metadata.xml16
-rw-r--r--net-nds/openldap/openldap-2.3.43-r3.ebuild540
-rw-r--r--net-nds/openldap/openldap-2.3.43-r4.ebuild546
-rw-r--r--net-nds/openldap/openldap-2.4.38-r2.ebuild752
-rw-r--r--net-nds/openldap/openldap-2.4.39.ebuild751
-rw-r--r--net-nds/openldap/openldap-2.4.40-r2.ebuild812
-rw-r--r--net-nds/openldap/openldap-2.4.40-r4.ebuild812
-rw-r--r--net-nds/openldap/openldap-2.4.40.ebuild813
-rw-r--r--net-nds/phpldapadmin/Manifest1
-rw-r--r--net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-cmd-exploit.patch27
-rw-r--r--net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-functions-exploit.patch28
-rw-r--r--net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-magic-quotes.patch23
-rw-r--r--net-nds/phpldapadmin/files/phpldapadmin-1.2.2-base.patch34
-rw-r--r--net-nds/phpldapadmin/files/phpldapadmin-fix-php5.5-support.patch152
-rw-r--r--net-nds/phpldapadmin/files/postinstall2-en.txt4
-rw-r--r--net-nds/phpldapadmin/metadata.xml19
-rw-r--r--net-nds/phpldapadmin/phpldapadmin-1.2.3-r1.ebuild49
-rw-r--r--net-nds/phpldapadmin/phpldapadmin-1.2.3.ebuild45
-rw-r--r--net-nds/portmap/Manifest1
-rw-r--r--net-nds/portmap/files/portmap-6.0-tcpd.patch18
-rw-r--r--net-nds/portmap/files/portmap.confd5
-rw-r--r--net-nds/portmap/files/portmap.rc659
-rw-r--r--net-nds/portmap/metadata.xml6
-rw-r--r--net-nds/portmap/portmap-6.0.ebuild56
-rw-r--r--net-nds/portmap/portmap-9999.ebuild46
-rw-r--r--net-nds/rpcbind/Manifest4
-rw-r--r--net-nds/rpcbind/files/rpcbind-0.2.0-no-nss.patch34
-rw-r--r--net-nds/rpcbind/files/rpcbind-0.2.0-pkgconfig.patch65
-rwxr-xr-xnet-nds/rpcbind/files/rpcbind.confd4
-rwxr-xr-xnet-nds/rpcbind/files/rpcbind.initd22
-rw-r--r--net-nds/rpcbind/files/rpcbind.service13
-rw-r--r--net-nds/rpcbind/metadata.xml11
-rw-r--r--net-nds/rpcbind/rpcbind-0.2.0-r1.ebuild57
-rw-r--r--net-nds/rpcbind/rpcbind-0.2.1-r1.ebuild53
-rw-r--r--net-nds/rpcbind/rpcbind-0.2.2-r1.ebuild55
-rw-r--r--net-nds/rpcbind/rpcbind-0.2.3.ebuild55
-rw-r--r--net-nds/rpcbind/rpcbind-9999.ebuild55
-rw-r--r--net-nds/shelldap/Manifest2
-rw-r--r--net-nds/shelldap/metadata.xml21
-rw-r--r--net-nds/shelldap/shelldap-1.0.2.ebuild31
-rw-r--r--net-nds/shelldap/shelldap-1.3.0.ebuild41
-rw-r--r--net-nds/smbldap-tools/Manifest3
-rw-r--r--net-nds/smbldap-tools/files/smbldap-tools-0.9.10-smbldap-config-pod.patch37
-rw-r--r--net-nds/smbldap-tools/metadata.xml9
-rw-r--r--net-nds/smbldap-tools/smbldap-tools-0.9.10-r1.ebuild57
-rw-r--r--net-nds/smbldap-tools/smbldap-tools-0.9.10.ebuild53
-rw-r--r--net-nds/smbldap-tools/smbldap-tools-0.9.8.ebuild53
-rw-r--r--net-nds/smbldap-tools/smbldap-tools-0.9.9.ebuild53
-rw-r--r--net-nds/tac_plus/Manifest2
-rw-r--r--net-nds/tac_plus/files/tac_plus-4.0.4.19-deansification.patch11
-rw-r--r--net-nds/tac_plus/files/tac_plus-4.0.4.19-parallelmake.patch13
-rw-r--r--net-nds/tac_plus/files/tac_plus-4.0.4.27a-deansification.patch11
-rw-r--r--net-nds/tac_plus/files/tac_plus-4.0.4.27a-parallelmake.patch12
-rw-r--r--net-nds/tac_plus/files/tac_plus.conf12
-rw-r--r--net-nds/tac_plus/files/tac_plus.conf241
-rw-r--r--net-nds/tac_plus/files/tac_plus.confd8
-rw-r--r--net-nds/tac_plus/files/tac_plus.confd27
-rw-r--r--net-nds/tac_plus/files/tac_plus.init23
-rw-r--r--net-nds/tac_plus/files/tac_plus.init221
-rw-r--r--net-nds/tac_plus/metadata.xml13
-rw-r--r--net-nds/tac_plus/tac_plus-4.0.4.19-r3.ebuild56
-rw-r--r--net-nds/tac_plus/tac_plus-4.0.4.19-r4.ebuild59
-rw-r--r--net-nds/tac_plus/tac_plus-4.0.4.27a.ebuild60
-rw-r--r--net-nds/yp-tools/Manifest1
-rw-r--r--net-nds/yp-tools/files/domainname.service10
-rw-r--r--net-nds/yp-tools/files/domainname.service.conf3
-rw-r--r--net-nds/yp-tools/metadata.xml7
-rw-r--r--net-nds/yp-tools/yp-tools-2.12-r1.ebuild42
-rw-r--r--net-nds/ypbind/Manifest1
-rw-r--r--net-nds/ypbind/files/ypbind.confd-r14
-rw-r--r--net-nds/ypbind/files/ypbind.initd41
-rw-r--r--net-nds/ypbind/files/ypbind.service11
-rw-r--r--net-nds/ypbind/metadata.xml7
-rw-r--r--net-nds/ypbind/ypbind-1.37.2.ebuild65
-rw-r--r--net-nds/ypserv/Manifest1
-rw-r--r--net-nds/ypserv/files/rpc.yppasswdd-r122
-rw-r--r--net-nds/ypserv/files/rpc.yppasswdd.confd7
-rw-r--r--net-nds/ypserv/files/rpc.ypxfrd22
-rw-r--r--net-nds/ypserv/files/rpc.ypxfrd-2.2322
-rw-r--r--net-nds/ypserv/files/rpc.ypxfrd.confd3
-rwxr-xr-xnet-nds/ypserv/files/ypserv23
-rw-r--r--net-nds/ypserv/files/ypserv.confd4
-rw-r--r--net-nds/ypserv/metadata.xml7
-rw-r--r--net-nds/ypserv/ypserv-2.26.ebuild77
201 files changed, 11734 insertions, 0 deletions
diff --git a/net-nds/389-admin/389-admin-1.1.31.ebuild b/net-nds/389-admin/389-admin-1.1.31.ebuild
new file mode 100644
index 000000000000..4716caecd553
--- /dev/null
+++ b/net-nds/389-admin/389-admin-1.1.31.ebuild
@@ -0,0 +1,171 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+WANT_AUTOMAKE="1.9"
+
+MY_PV=${PV/_rc/.rc}
+MY_PV=${MY_PV/_a/.a}
+
+inherit eutils multilib autotools depend.apache
+
+DESCRIPTION="389 Directory Server (admin)"
+HOMEPAGE="http://port389.org/"
+SRC_URI="http://directory.fedoraproject.org/sources/${PN}-${MY_PV}.tar.bz2"
+
+LICENSE="GPL-2 Apache-2.0"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="debug ipv6 selinux"
+
+# TODO snmp agent init script
+
+COMMON_DEPEND=">=app-admin/389-admin-console-1.1.0
+ >=app-admin/389-ds-console-1.1.0
+ app-misc/mime-types
+ dev-libs/389-adminutil
+ dev-libs/cyrus-sasl
+ dev-libs/icu:=
+ dev-libs/nss[utils]
+ || ( <=dev-libs/nspr-4.8.3-r3[ipv6?] >=dev-libs/nspr-4.8.4 )
+ dev-libs/svrcore
+ net-analyzer/net-snmp[ipv6?]
+ net-nds/openldap
+ selinux? (
+ sys-apps/checkpolicy
+ sys-apps/policycoreutils
+ )
+ >=sys-libs/db-4.2.52
+ sys-libs/pam
+ sys-apps/tcp-wrappers[ipv6?]
+ www-apache/mod_nss
+ www-servers/apache:2[apache2_modules_actions,apache2_modules_alias,apache2_modules_auth_basic,apache2_modules_authz_default,apache2_modules_cgi,apache2_modules_mime_magic,apache2_modules_rewrite,apache2_modules_setenvif,suexec,threads]"
+RDEPEND="
+ ${COMMON_DEPEND}
+ www-client/lynx
+ selinux? ( sec-policy/selinux-base-policy )
+"
+DEPEND="sys-apps/sed ${COMMON_DEPEND}"
+
+S="${WORKDIR}/${PN}-${MY_PV}"
+
+need_apache2
+
+src_prepare() {
+ # as per 389 documentation, when 64bit, export USE_64
+ use amd64 && export USE_64=1
+
+ epatch "${FILESDIR}/1.1.11_rc1/0001-gentoo-apache-names.patch"
+ epatch "${FILESDIR}/1.1.11_rc1/0003-find-mod_nss.m4.patch"
+ epatch "${FILESDIR}/1.1.11_rc1/0004-rpath-fix.configure.ac.patch"
+ # Configuration fixes
+ epatch "${FILESDIR}/${PN}-cfgstuff-1.patch"
+
+ sed -e "s!SUBDIRS!# SUBDIRS!g" -i Makefile.am || die "sed failed"
+ # Setup default user/group, in this case it's dirsrv
+ sed -e "s!nobody!dirsrv!g" -i configure.ac || die "sed failed"
+
+ eautoreconf
+}
+
+src_configure() {
+ # stub autoconf triplet :(
+ local myconf=""
+ use debug && myconf="--enable-debug"
+ use selinux && myconf="${myconf} --with-selinux"
+
+ econf \
+ --enable-threading \
+ --disable-rpath \
+ --with-adminutil=/usr \
+ --with-apr-config \
+ --with-apxs=${APXS} \
+ --with-fhs \
+ --with-httpd=${APACHE_BIN} \
+ --with-openldap \
+ ${myconf} || die "econf failed"
+}
+
+src_install () {
+
+ emake DESTDIR="${D}" install || die "emake failed"
+ keepdir /var/log/dirsrv/admin-serv
+
+ # remove redhat style init script.
+ rm -rf "${D}"/etc/rc.d
+ rm -rf "${D}"/etc/default
+
+ # install gentoo style init script.
+ newinitd "${FILESDIR}"/${PN}.initd ${PN}
+ newconfd "${FILESDIR}"/${PN}.confd ${PN}
+
+ # remove redhat style wrapper scripts
+ # and install gentoo scripts.
+ rm -rf "${D}"/usr/sbin/*-ds-admin
+ dosbin "${FILESDIR}"/*-ds-admin || die "cannot install gentoo start/stop scripts"
+
+ # In this version build systems for modules is delete :(
+ # manually install modules, not using apache-modules eclass
+ # because use bindled library
+
+ # install mod_admserv
+ exeinto "${APACHE_MODULESDIR}"
+ doexe "${S}/.libs"/mod_admserv.so || die "internal ebuild error: mod_admserv not found"
+
+ insinto "${APACHE_MODULES_CONFDIR}"
+ newins "${FILESDIR}/1.1.11_rc1"/48_mod_admserv.conf 48_mod_admserv \
+ || die "internal ebuild error: 48_mod_admserv.conf not found"
+
+ # install mod_restard
+ exeinto "${APACHE_MODULESDIR}"
+ doexe "${S}/.libs"/mod_restartd.so || die "internal ebuild error: mod_restartd not found"
+
+ insinto "${APACHE_MODULES_CONFDIR}"
+ newins "${FILESDIR}/1.1.11_rc1"/48_mod_restartd.conf 48_mod_restartd \
+ || die "internal ebuild error: 48_mod_restard.conf not found"
+
+ if use selinux; then
+ local POLICY_TYPES="targeted"
+ cd "${S}"/selinux || die
+ cp /usr/share/selinux/${POLICY_TYPES}/include/Makefile . || die
+ make || die "selinux policy compile failed"
+ insinto /usr/share/selinux/${POLICY_TYPES}
+ doins -r "${S}/selinux/"*.pp
+ fi
+
+}
+
+pkg_postinst() {
+
+ # show setup information
+ elog "Once you configured www-servers/apache as written above,"
+ elog "you need to run (as root): /usr/sbin/setup-ds-admin.pl"
+ elog
+
+ # show security and sysctl info
+ elog "It is recommended to setup net.ipv4.tcp_keep_alive_time"
+ elog "in /etc/sysctl.conf (or via sysctl -w && sysctl -p) to a reasonable"
+ elog "value (in milliseconds) to avoid temporary server congestions"
+ elog "from lost client connections"
+ elog
+
+ # /etc/security/limits.conf settings
+ elog "It is also recommended to fine tune the maximum open files"
+ elog "settings inside /etc/security/limits.conf:"
+ elog "* soft nofile 2048"
+ elog "* hard nofile 4096"
+ elog
+
+ elog "To start 389 Directory Server Administration Interface at boot"
+ elog "please add 389-admin service to the default runlevel:"
+ elog
+ elog " rc-update add 389-admin default"
+ elog
+
+ elog "for 389 Directory Server Admin interface to work, you need"
+ elog "to setup a FQDN hostname and use it while running /usr/sbin/setup-ds-admin.pl"
+ elog
+
+}
diff --git a/net-nds/389-admin/Manifest b/net-nds/389-admin/Manifest
new file mode 100644
index 000000000000..195a76174c60
--- /dev/null
+++ b/net-nds/389-admin/Manifest
@@ -0,0 +1 @@
+DIST 389-admin-1.1.31.tar.bz2 647098 SHA256 79c8c0133f72be4915fec8a4f2490bc21480de5fae77070f2ce13b1d9f28872f SHA512 631cd286a817a9e862adc610464d1c1f7a7af8dbade4cc2d8535330f81591d65df4773b6dbce0256470002165640fe73b49c20ee5093f71e5121d2cfa15ca9c4 WHIRLPOOL bff158c3d2201d8723faf340e21e3fdbeaaa62bbefac033b1f5ac981bd17a2e83f0507908b3919af1911b519442da75a96164b73d4df6953227973feaaab047e
diff --git a/net-nds/389-admin/files/1.1.11_rc1/0001-gentoo-apache-names.patch b/net-nds/389-admin/files/1.1.11_rc1/0001-gentoo-apache-names.patch
new file mode 100644
index 000000000000..9f145d959894
--- /dev/null
+++ b/net-nds/389-admin/files/1.1.11_rc1/0001-gentoo-apache-names.patch
@@ -0,0 +1,18 @@
+diff -ur m4.orig/httpd.m4 m4/httpd.m4
+--- m4.orig/httpd.m4 2009-10-25 14:10:24.398721002 +0200
++++ m4/httpd.m4 2009-10-25 14:12:54.463219758 +0200
+@@ -58,12 +58,12 @@
+ *) APACHE22= ;;
+ esac
+
+-httpdconf=${httpd_root}/${httpd_conf_rel}
++httpdconf=/etc/apache2/httpd.conf
+
+ mimemagic=`grep MIMEMagicFile $httpdconf|grep -v \^# | awk '{print $2}'`
+ if test ! -f "$mimemagic" ; then
+ # assume relative to root
+- mimemagic=${httpd_root}/${mimemagic}
++ mimemagic=/etc/apache2/magic
+ fi
+
+ # check for mime.types file
diff --git a/net-nds/389-admin/files/1.1.11_rc1/0003-find-mod_nss.m4.patch b/net-nds/389-admin/files/1.1.11_rc1/0003-find-mod_nss.m4.patch
new file mode 100644
index 000000000000..5a15e1dbf606
--- /dev/null
+++ b/net-nds/389-admin/files/1.1.11_rc1/0003-find-mod_nss.m4.patch
@@ -0,0 +1,11 @@
+--- m4/mod_nss.m4.orig 2010-01-14 23:05:29.000000000 +0200
++++ m4/mod_nss.m4 2010-01-24 20:58:47.086937825 +0200
+@@ -52,7 +52,7 @@
+
+ # else, parse httpd.conf or httpconfdir/nss.conf
+ if test -z "$modnssbindir" ; then
+- nsspcache=`grep NSSPassPhraseHelper $httpdconf|awk '{print $2}'`
++ nsspcache=`grep -R NSSPassPhraseHelper /etc/apache2/* |awk '{print $2}'`
+ if test -z "$nsspcache" ; then
+ nsspcache=`grep NSSPassPhraseHelper $httpd_root/conf.d/* | awk '{print $2}'`
+ fi
diff --git a/net-nds/389-admin/files/1.1.11_rc1/0004-rpath-fix.configure.ac.patch b/net-nds/389-admin/files/1.1.11_rc1/0004-rpath-fix.configure.ac.patch
new file mode 100644
index 000000000000..d74c345363f1
--- /dev/null
+++ b/net-nds/389-admin/files/1.1.11_rc1/0004-rpath-fix.configure.ac.patch
@@ -0,0 +1,19 @@
+--- configure.ac.orig 2010-01-25 01:34:58.296824267 +0200
++++ configure.ac 2010-01-25 01:36:16.101825667 +0200
+@@ -433,13 +433,10 @@
+
+ if test "$enable_rpath" != "yes" ; then
+ AC_MSG_NOTICE([Fixing libtool to remove automatic rpath to $libdir . . .])
+- cp -p libtool libtool.orig
+- cp -p libtool libtool.tmp
++ cp -p ./libtool libtool.orig
++ cp -p ./libtool libtool.tmp
+ sed -e '/^runpath_var/ d' \
+- -e '/^hardcode_libdir_flag_spec/ d' \
+- libtool > libtool.tmp
+- cp -p libtool.tmp libtool
+- rm -f libtool.tmp
++ -e '/^hardcode_libdir_flag_spec/ d' -i ./libtool
+ fi
+
+ AC_CONFIG_FILES([Makefile])
diff --git a/net-nds/389-admin/files/1.1.11_rc1/0010-gentoo_selinux_makefile.patch b/net-nds/389-admin/files/1.1.11_rc1/0010-gentoo_selinux_makefile.patch
new file mode 100644
index 000000000000..f7856efce231
--- /dev/null
+++ b/net-nds/389-admin/files/1.1.11_rc1/0010-gentoo_selinux_makefile.patch
@@ -0,0 +1,11 @@
+--- m4.orig/selinux.m4 2010-03-11 23:18:19.697503404 +0200
++++ m4/selinux.m4 2010-03-11 23:19:04.653503112 +0200
+@@ -27,7 +27,7 @@
+ with_selinux=yes
+ AC_MSG_RESULT(yes)
+ AC_SUBST(with_selinux)
+- if test ! -f "/usr/share/selinux/devel/Makefile"; then
++ if test ! -f "/usr/share/selinux/targeted/include/Makefile"; then
+ AC_MSG_ERROR([SELinux development tools (selinux-policy) not found])
+ fi
+ ],
diff --git a/net-nds/389-admin/files/1.1.11_rc1/48_mod_admserv.conf b/net-nds/389-admin/files/1.1.11_rc1/48_mod_admserv.conf
new file mode 100644
index 000000000000..4a3f296f48e5
--- /dev/null
+++ b/net-nds/389-admin/files/1.1.11_rc1/48_mod_admserv.conf
@@ -0,0 +1,3 @@
+<IfDefine ADMSERV>
+ LoadModule mod_admserv modules/mod_admserv.so
+</IfDefine ADMSERV>
diff --git a/net-nds/389-admin/files/1.1.11_rc1/48_mod_restartd.conf b/net-nds/389-admin/files/1.1.11_rc1/48_mod_restartd.conf
new file mode 100644
index 000000000000..1d0d2f37825d
--- /dev/null
+++ b/net-nds/389-admin/files/1.1.11_rc1/48_mod_restartd.conf
@@ -0,0 +1,5 @@
+<IfDefine RESTARTD>
+ <IfModule !mod_restartd.c>
+ LoadModule restartd_module modules/mod_restartd.so
+ </IfModule>
+</IfDefine>
diff --git a/net-nds/389-admin/files/389-admin-cfgstuff-1.patch b/net-nds/389-admin/files/389-admin-cfgstuff-1.patch
new file mode 100644
index 000000000000..783f4772f7f1
--- /dev/null
+++ b/net-nds/389-admin/files/389-admin-cfgstuff-1.patch
@@ -0,0 +1,56 @@
+--- 389-admin-1.1.11.rc1.orig/admserv/cfgstuff/httpd-2.2.conf.in
++++ 389-admin-1.1.11.rc1/admserv/cfgstuff/httpd-2.2.conf.in
+@@ -143,7 +143,7 @@ LoadModule file_cache_module @moddir@/mo
+ LoadModule mem_cache_module @moddir@/mod_mem_cache.so
+ LoadModule cgi_module @moddir@/mod_cgi.so
+ LoadModule restartd_module @admmoddir@/mod_restartd.so
+-LoadModule nss_module @nssmoddir@/libmodnss.so
++LoadModule nss_module @moddir@/mod_nss.so
+ LoadModule admserv_module @admmoddir@/mod_admserv.so
+
+ ### Section 2: 'Main' server configuration
+@@ -389,15 +389,7 @@ ServerSignature On
+ # Alias.
+ #
+
+-<IfModule mod_cgid.c>
+-#
+-# Additional to mod_cgid.c settings, mod_cgid has Scriptsock <path>
+-# for setting UNIX socket for communicating with cgid.
+-#
+-Scriptsock @piddir@/admin-serv.cgisock
+-</IfModule>
+-
+-# and this one is for mod_restartd because mod_cgid will consume the other one
++# Setup mod_admserv socket handle
+ Scriptsock @piddir@/admin-serv.cgisock
+
+ #
+--- 389-admin-1.1.11.rc1.orig/admserv/cfgstuff/httpd.conf.in
++++ 389-admin-1.1.11.rc1/admserv/cfgstuff/httpd.conf.in
+@@ -142,7 +142,7 @@ LoadModule file_cache_module @moddir@/mo
+ LoadModule mem_cache_module @moddir@/mod_mem_cache.so
+ LoadModule cgi_module @moddir@/mod_cgi.so
+ LoadModule restartd_module @admmoddir@/mod_restartd.so
+-LoadModule nss_module @nssmoddir@/libmodnss.so
++LoadModule nss_module @moddir@/mod_nss.so
+ LoadModule admserv_module @admmoddir@/mod_admserv.so
+
+ ### Section 2: 'Main' server configuration
+@@ -388,15 +388,7 @@ ServerSignature On
+ # Alias.
+ #
+
+-<IfModule mod_cgid.c>
+-#
+-# Additional to mod_cgid.c settings, mod_cgid has Scriptsock <path>
+-# for setting UNIX socket for communicating with cgid.
+-#
+-Scriptsock @piddir@/admin-serv.cgisock
+-</IfModule>
+-
+-# and this one is for mod_restartd because mod_cgid will consume the other one
++# Setup mod_admserv socket handle
+ Scriptsock @piddir@/admin-serv.cgisock
+
+ #
diff --git a/net-nds/389-admin/files/389-admin.confd b/net-nds/389-admin/files/389-admin.confd
new file mode 100644
index 000000000000..8f134a4a2e76
--- /dev/null
+++ b/net-nds/389-admin/files/389-admin.confd
@@ -0,0 +1,73 @@
+# /etc/conf.d/389-admin: config file for /etc/init.d/389-admin
+
+# When you install a module it is easy to activate or deactivate the modules
+# and other features of apache using the APACHE2_OPTS line. Every module should
+# install a configuration in /etc/dirsrv/admin-serv. In that file will have an
+# <IfDefine NNN> directive where NNN is the option to enable that module.
+#
+# Here are the options available in the default configuration:
+#
+# AUTH_DIGEST Enables mod_auth_digest
+# AUTHNZ_LDAP Enables authentication through mod_ldap (available if USE=ldap)
+# CACHE Enables mod_cache
+# DAV Enables mod_dav
+# ERRORDOCS Enables default error documents for many languages.
+# INFO Enables mod_info, a useful module for debugging
+# LANGUAGE Enables content-negotiation based on language and charset.
+# LDAP Enables mod_ldap (available if USE=ldap)
+# MANUAL Enables /manual/ to be the apache manual (available if USE=docs)
+# MEM_CACHE Enables default configuration mod_mem_cache
+# PROXY Enables mod_proxy
+# SSL Enables SSL (available if USE=ssl)
+# SUEXEC Enables running CGI scripts (in USERDIR) through suexec.
+# USERDIR Enables /~username mapping to /home/username/public_html
+#
+#
+# The following two options provide the default virtual host for the HTTP and
+# HTTPS protocol. YOU NEED TO ENABLE AT LEAST ONE OF THEM, otherwise apache
+# will not listen for incomming connections on the approriate port.
+#
+# DEFAULT_VHOST Enables name-based virtual hosts, with the default
+# virtual host being in /var/www/localhost/htdocs
+# SSL_DEFAULT_VHOST Enables default vhost for SSL (you should enable this
+# when you enable SSL)
+#
+APACHE2_OPTS="-D DEFAULT_VHOST -D LANGUAGE -D INFO -D SUEXEC"
+
+# Extended options for advanced uses of Apache ONLY
+# You don't need to edit these unless you are doing crazy Apache stuff
+# As not having them set correctly, or feeding in an incorrect configuration
+# via them will result in Apache failing to start
+# YOU HAVE BEEN WARNED.
+
+# PID file
+#PIDFILE=/var/run/dirsrv/admin-serv.pid
+
+# timeout for startup/shutdown checks
+#TIMEOUT=10
+
+# ServerRoot setting
+#SERVERROOT=/usr/lib/apache2
+
+# Configuration file location
+# - If this does NOT start with a '/', then it is treated relative to
+# $SERVERROOT by Apache
+#CONFIGFILE=/etc/dirsrv/admin-serv/httpd.conf
+
+# Location to log startup errors to
+# They are normally dumped to your terminal.
+#STARTUPERRORLOG="/var/log/dirsrv/admin-serv/startuperror.log"
+
+# A command that outputs a formatted text version of the HTML at the URL
+# of the command line. Designed for lynx, however other programs may work.
+#LYNX="lynx -dump"
+
+# The URL to your server's mod_status status page.
+# Required for status and fullstatus
+#STATUSURL="http://localhost/server-status"
+
+# Method to use when reloading the server
+# Valid options are 'restart' and 'graceful'
+# See http://httpd.apache.org/docs/2.2/stopping.html for information on
+# what they do and how they differ.
+#RELOAD_TYPE="graceful"
diff --git a/net-nds/389-admin/files/389-admin.initd b/net-nds/389-admin/files/389-admin.initd
new file mode 100644
index 000000000000..9da3c50116b0
--- /dev/null
+++ b/net-nds/389-admin/files/389-admin.initd
@@ -0,0 +1,162 @@
+#!/sbin/runscript
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+opts="configdump configtest fullstatus graceful gracefulstop modules reload"
+
+depend() {
+ need net 389-ds
+ use mysql dns logger netmount postgresql
+ after sshd
+}
+
+configtest() {
+ ebegin "Checking Apache Configuration of 389 Directory Server Admin"
+ checkconfig
+ eend ${?}
+}
+
+checkconfd() {
+ PIDFILE="${PIDFILE:-/var/run/dirsrv/admin-serv.pid}"
+ TIMEOUT=${TIMEOUT:-10}
+
+ SERVERROOT="${SERVERROOT:-/usr/lib/apache2}"
+ if [ ! -d ${SERVERROOT} ]; then
+ eerror "SERVERROOT does not exist: ${SERVERROOT}"
+ return 1
+ fi
+
+ CONFIGFILE="${CONFIGFILE:-/etc/dirsrv/admin-serv/httpd.conf}"
+ [ "${CONFIGFILE#/}" = "${CONFIGFILE}" ] && CONFIGFILE="${SERVERROOT}/${CONFIGFILE}"
+ if [ ! -r "${CONFIGFILE}" ]; then
+ eerror "Unable to read configuration file: ${CONFIGFILE}"
+ return 1
+ fi
+
+ APACHE2_OPTS="${APACHE2_OPTS} -d ${SERVERROOT}"
+ APACHE2_OPTS="${APACHE2_OPTS} -f ${CONFIGFILE}"
+ [ -n "${STARTUPERRORLOG}" ] && APACHE2_OPTS="${APACHE2_OPTS} -E ${STARTUPERRORLOG}"
+
+ APACHE2="/usr/sbin/apache2"
+}
+
+checkconfig() {
+ checkconfd || return 1
+
+ ${APACHE2} ${APACHE2_OPTS} -t 1>/dev/null 2>&1
+ ret=${?}
+ if [ $ret -ne 0 ]; then
+ eerror "389 Directory Server Admin (Apache2) has detected a syntax error in your configuration files:"
+ ${APACHE2} ${APACHE2_OPTS} -t
+ fi
+
+ return $ret
+}
+
+start() {
+ checkconfig || return 1
+
+ [ -f /var/log/dirsrv/admin-serv/ssl_scache ] && rm /var/log/dirsrv/admin-serv/ssl_scache
+
+ ebegin "Starting 389 Directory Server Admin (apache2)"
+ ${APACHE2} ${APACHE2_OPTS} -k start
+ [ "${?}" != "0" ] && eend "${?}" && return 1
+
+ let i=0
+ while [ ! -e "${PIDFILE}" ] && [ $i -lt ${TIMEOUT} ]; do
+ sleep 1 && let i++
+ done
+
+ test $i -le ${TIMEOUT}
+ eend ${?}
+}
+
+stop() {
+ checkconfd || return 1
+
+ ebegin "Stopping 389 Directory Server Admin (apache2)"
+ ${APACHE2} ${APACHE2_OPTS} -k stop
+
+ let i=0
+ while pidof "${APACHE2}" >/dev/null && [ $i -lt ${TIMEOUT} ]; do
+ sleep 1 && let i++
+ done
+
+ test $i -le ${TIMEOUT}
+ eend ${?}
+}
+
+reload() {
+ RELOAD_TYPE="${RELOAD_TYPE:-graceful}"
+
+ checkconfig || return 1
+ service_started "${SVCNAME}" || return
+
+ if [ "${RELOAD_TYPE}" = "restart" ]; then
+ ebegin "Restarting 389 Directory Server Admin (apache2)"
+ ${APACHE2} ${APACHE2_OPTS} -k restart
+ eend ${?}
+ elif [ "${RELOAD_TYPE}" = "graceful" ]; then
+ ebegin "Gracefully restarting 389 Directory Server Admin (apache2)"
+ ${APACHE2} ${APACHE2_OPTS} -k graceful
+ eend ${?}
+ else
+ eerror "${RELOAD_TYPE} is not a valid RELOAD_TYPE. Please edit /etc/conf.d/dirsrv-admin"
+ fi
+}
+
+graceful() {
+ checkconfig || return 1
+ service_started "${SVCNAME}" || return
+ ebegin "Gracefully restarting 389 Directory Server Admin (apache2)"
+ ${APACHE2} ${APACHE2_OPTS} -k graceful
+ eend ${?}
+}
+
+gracefulstop() {
+ checkconfig || return 1
+
+ # zap!
+ if service_started "${SVCNAME}"; then
+ mark_service_stopped "${SVCNAME}"
+ fi
+
+ ebegin "Gracefully stopping 389 Directory Server Admin (apache2)"
+ ${APACHE2} ${APACHE2_OPTS} -k graceful-stop
+ eend ${?}
+}
+
+modules() {
+ checkconfig || return 1
+
+ ${APACHE2} ${APACHE2_OPTS} -M 2>&1
+}
+
+fullstatus() {
+ LYNX="${LYNX:-lynx -dump}"
+ STATUSURL="${STATUSURL:-http://localhost/server-status}"
+
+ if ! service_started "${SVCNAME}"; then
+ eerror "${SVCNAME} not started"
+ elif ! type -p ${LYNX} 2>&1 >/dev/null; then
+ eerror "lynx not found! you need to emerge www-client/lynx"
+ else
+ ${LYNX} ${STATUSURL}
+ fi
+}
+
+configdump() {
+ LYNX="${LYNX:-lynx -dump}"
+ INFOURL="${INFOURL:-http://localhost/server-info}"
+
+ checkconfd || return 1
+
+ if ! service_started "${SVCNAME}"; then
+ eerror "${SVCNAME} not started"
+ else
+ echo "${APACHE2} started with '${APACHE2_OPTS}'"
+ for i in config server list; do
+ ${LYNX} "${INFOURL}/?${i}" | sed '/Apache Server Information/d;/^[[:space:]]\+[_]\+$/Q'
+ done
+ fi
+}
diff --git a/net-nds/389-admin/files/restart-ds-admin b/net-nds/389-admin/files/restart-ds-admin
new file mode 100644
index 000000000000..1f0cb71769d2
--- /dev/null
+++ b/net-nds/389-admin/files/restart-ds-admin
@@ -0,0 +1,7 @@
+#!/bin/sh
+#
+# Copyright (c) 2007-2009, Mario Fetka <mario-fetka@gmx.at>
+#
+# Licensed under the GNU General Public License, v2
+
+rc-config restart 389-admin
diff --git a/net-nds/389-admin/files/start-ds-admin b/net-nds/389-admin/files/start-ds-admin
new file mode 100644
index 000000000000..1131e1d41880
--- /dev/null
+++ b/net-nds/389-admin/files/start-ds-admin
@@ -0,0 +1,7 @@
+#!/bin/sh
+#
+# Copyright (c) 2007-2009, Mario Fetka <mario-fetka@gmx.at>
+#
+# Licensed under the GNU General Public License, v2
+
+rc-config start 389-admin
diff --git a/net-nds/389-admin/files/stop-ds-admin b/net-nds/389-admin/files/stop-ds-admin
new file mode 100644
index 000000000000..31f841f5e932
--- /dev/null
+++ b/net-nds/389-admin/files/stop-ds-admin
@@ -0,0 +1,7 @@
+#!/bin/sh
+#
+# Copyright (c) 2007-2009, Mario Fetka <mario-fetka@gmx.at>
+#
+# Licensed under the GNU General Public License, v2
+
+rc-config stop 389-admin
diff --git a/net-nds/389-admin/metadata.xml b/net-nds/389-admin/metadata.xml
new file mode 100644
index 000000000000..2379d9d2267d
--- /dev/null
+++ b/net-nds/389-admin/metadata.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<maintainer>
+ <email>maintainer-needed@gentoo.org</email>
+</maintainer>
+<longdescription>
+389 Administration Server is an HTTP agent that provides management features
+for 389 Directory Server. It provides some management web apps that can
+be used through a web browser. It provides the authentication, access control,
+and CGI utilities used by the console.</longdescription>
+</pkgmetadata>
diff --git a/net-nds/389-ds-base/389-ds-base-1.3.0.2-r1.ebuild b/net-nds/389-ds-base/389-ds-base-1.3.0.2-r1.ebuild
new file mode 100644
index 000000000000..dcdc456a94b5
--- /dev/null
+++ b/net-nds/389-ds-base/389-ds-base-1.3.0.2-r1.ebuild
@@ -0,0 +1,165 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+WANT_AUTOMAKE="1.9"
+MY_P=${P/_alpha/.a}
+MY_P=${MY_P/_rc/.rc}
+
+inherit user eutils multilib flag-o-matic autotools
+
+DESCRIPTION="389 Directory Server (core librares and daemons )"
+HOMEPAGE="http://port389.org/"
+SRC_URI="http://directory.fedoraproject.org/sources/${MY_P}.tar.bz2"
+
+LICENSE="GPL-2-with-exceptions"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="autobind auto-dn-suffix debug doc +pam-passthru +dna +ldapi +bitwise +presence kerberos selinux"
+
+ALL_DEPEND="
+ !>=sys-libs/db-5.0
+ >=dev-libs/cyrus-sasl-2.1.19
+ >=dev-libs/icu-3.4:=
+ dev-libs/nss[utils]
+ dev-libs/nspr
+ dev-libs/svrcore
+ dev-libs/openssl:0=
+ dev-libs/libpcre:3
+ dev-perl/perl-mozldap
+ >=net-analyzer/net-snmp-5.1.2
+ net-nds/openldap
+ sys-apps/tcp-wrappers
+ >=sys-libs/db-4.5:=
+ sys-libs/pam
+ sys-libs/zlib
+ kerberos? ( >=app-crypt/mit-krb5-1.7-r100[openldap] )"
+
+DEPEND="${ALL_DEPEND}
+ virtual/pkgconfig
+ sys-devel/libtool
+ doc? ( app-doc/doxygen )
+ sys-apps/sed"
+RDEPEND="${ALL_DEPEND}
+ selinux? ( sec-policy/selinux-dirsrv )
+ virtual/perl-Time-Local
+ virtual/perl-MIME-Base64"
+
+S="${WORKDIR}/${MY_P}"
+
+pkg_setup() {
+ enewgroup dirsrv
+ enewuser dirsrv -1 -1 -1 dirsrv
+}
+
+src_prepare() {
+ # Fix compilation against mozldap
+ # epatch "${FILESDIR}/389-ds-base-1.2.11-fix-mozldap.patch"
+
+ # as per 389 documentation, when 64bit, export USE_64
+ use amd64 && export USE_64=1
+
+ sed -i -e 's/nobody/dirsrv/g' configure.ac || die "sed failed on configure.ac"
+ eautoreconf
+
+ # enable nsslapd-allow-unauthenticated-binds by default
+ sed -i '/^nsslapd-allow-unauthenticated-binds/ s/off/on/' "${S}"/ldap/ldif/template-dse.ldif.in || \
+ die "cannot tweak default setting: nsslapd-allow-unauthenticated-binds"
+
+ append-lfs-flags
+}
+
+src_configure() {
+ local myconf=""
+
+ use auto-dn-suffix && myconf="${myconf} --enable-auto-dn-suffix"
+
+ econf \
+ $(use_enable debug) \
+ $(use_enable pam-passthru) \
+ $(use_enable ldapi) \
+ $(use_enable autobind) \
+ $(use_enable dna) \
+ $(use_enable bitwise) \
+ $(use_enable presence) \
+ $(use_with kerberos) \
+ --enable-maintainer-mode \
+ --enable-autobind \
+ --with-fhs \
+ --with-openldap \
+ $myconf
+}
+
+src_install () {
+ # Use -j1 otherwise libacl-plugin.so could fail to install properly
+ emake -j1 DESTDIR="${D}" install
+
+ # install not installed header
+ insinto /usr/include/dirsrv
+ doins ldap/servers/slapd/slapi-plugin.h
+
+ # for build free-ipa require winsync-plugin
+ doins ldap/servers/plugins/replication/winsync-plugin.h
+ doins ldap/servers/plugins/replication/repl-session-plugin.h
+
+ # make sure perl scripts have a proper shebang
+ cd "${D}"/usr/share/dirsrv/script-templates/ || die
+
+ for i in $(find ./ -iname '*.pl') ;do
+ sed -i -e 's/#{{PERL-EXEC}}/#\!\/usr\/bin\/perl/' $i || die
+ done
+
+ # remove redhat style init script
+ rm -rf "${D}"/etc/rc.d || die
+ rm -rf "${D}"/etc/default || die
+
+ # and install gentoo style init script
+ newinitd "${FILESDIR}"/389-ds.initd 389-ds
+ newinitd "${FILESDIR}"/389-ds-snmp.initd 389-ds-snmp
+
+ # install Gentoo-specific start/stop scripts
+ rm -f "${D}"/usr/sbin/{re,}start-dirsrv || die "cannot remove 389 start/stop executables"
+ dosbin "${FILESDIR}"/{re,}start-dirsrv
+
+ # cope with libraries being in /usr/lib/dirsrv
+ dodir /etc/env.d
+ echo "LDPATH=/usr/$(get_libdir)/dirsrv" > "${D}"/etc/env.d/08dirsrv
+
+ # create the directory where our log file and database
+ dodir /var/lib/dirsrv
+ keepdir /var/lib/dirsrv
+ dodir /var/lock/dirsrv
+ keepdir /var/lock/dirsrv
+ # snmp agent, required directory
+ keepdir /var/agentx
+ dodir /var/agentx
+
+ if use doc; then
+ cd "${S}" || die
+ doxygen slapi.doxy || die "cannot run doxygen"
+ dohtml -r docs/html
+ fi
+}
+
+pkg_postinst() {
+ echo
+ elog "If you are planning to use 389-ds-snmp (ldap-agent),"
+ elog "make sure to properly configure: /etc/dirsrv/config/ldap-agent.conf"
+ elog "adding proper 'server' entries, and adding the lines below to"
+ elog " => /etc/snmp/snmpd.conf"
+ elog
+ elog "master agentx"
+ elog "agentXSocket /var/agentx/master"
+ elog
+ elog "To start 389 Directory Server (LDAP service) at boot:"
+ elog
+ elog " rc-update add 389-ds default"
+ elog
+ elog "If you are upgrading from previous 1.2.6 release candidates"
+ elog "please see:"
+ elog "http://directory.fedoraproject.org/wiki/Subtree_Rename#warning:_upgrade_from_389_v1.2.6_.28a.3F.2C_rc1_.7E_rc6.29_to_v1.2.6_rc6_or_newer"
+ echo
+
+}
diff --git a/net-nds/389-ds-base/Manifest b/net-nds/389-ds-base/Manifest
new file mode 100644
index 000000000000..13c1e88c2e2b
--- /dev/null
+++ b/net-nds/389-ds-base/Manifest
@@ -0,0 +1 @@
+DIST 389-ds-base-1.3.0.2.tar.bz2 3008002 SHA256 0482f8cddbb32dc44051d59efe085eb744295a32eac65fbcd0b1bfd807319755 SHA512 99d41e2df832eaf8d83ec32fd9e7ef1819d75640fae2c69e62f5d11998c29d780726cb5d97cec7a6ae410c440d5124ca8b9d0cb7091a437a57f2625b16fca29f WHIRLPOOL 8ad72341e15d05e6af0999808a1930f11c7589c211424f7dfa68c1d8d5cd18657086dbf9aa6c856dc84a3926b47ed46484b30e6f72819a22e26277a3c504c1e0
diff --git a/net-nds/389-ds-base/files/389-ds-base-1.2.11-fix-mozldap.patch b/net-nds/389-ds-base/files/389-ds-base-1.2.11-fix-mozldap.patch
new file mode 100644
index 000000000000..7c99085e3d3b
--- /dev/null
+++ b/net-nds/389-ds-base/files/389-ds-base-1.2.11-fix-mozldap.patch
@@ -0,0 +1,28 @@
+commit f5bd0ed47523b39aedb6bcc1f9c0754371159a77
+Author: Rich Megginson <rmeggins at redhat.com>
+Date: Fri Sep 14 09:20:18 2012 -0600
+
+ Ticket #461 - fix build problem with mozldap c sdk
+
+ https://fedorahosted.org/389/ticket/461
+ Reviewed by: rmeggins
+ Fixed by: cgrzemba
+ Branch: master
+ Fix Description: mozldap does not define LDAP_MOD_OP so define it
+ Platforms tested: RHEL6 x86_64
+ Flag Day: no
+ Doc impact: no
+
+diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c
+index bfd48b1..4736e82 100644
+--- a/ldap/servers/slapd/pw.c
++++ b/ldap/servers/slapd/pw.c
+@@ -61,6 +61,9 @@
+ #if defined( _WIN32 )
+ #undef LDAPDebug
+ #endif /* _WIN32 */
++#if defined( USE_MOZLDAP )
++#define LDAP_MOD_OP (0x0007)
++#endif /* USE_MOZLDAP */
+
+ #include "slap.h"
diff --git a/net-nds/389-ds-base/files/389-ds-snmp.initd b/net-nds/389-ds-base/files/389-ds-snmp.initd
new file mode 100644
index 000000000000..0e56f8b9cff8
--- /dev/null
+++ b/net-nds/389-ds-base/files/389-ds-snmp.initd
@@ -0,0 +1,45 @@
+#!/sbin/runscript
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+PIDFILE="/var/run/ldap-agent.pid"
+CONFIGFILE="/etc/dirsrv/config/ldap-agent.conf"
+
+# instance support in progress
+
+depend() {
+ need net
+ use logger snmpd
+}
+
+start() {
+ ebegin "Starting 389 Directory Server ldap-snmp agent"
+ start-stop-daemon --start --quiet -b \
+ --pidfile ${PIDFILE} --exec /usr/sbin/ldap-agent -- ${CONFIGFILE}
+ eend ${?}
+ if [ "${?}" != "0" ]; then
+ local entries=/etc/dirsrv/slapd-*
+ if [ -n "${entries}" ]; then
+ ewarn "Please make sure that ${CONFIGFILE} contains at least"
+ ewarn "one of the following entries:"
+ for entry in ${entries}; do
+ entry=$(basename ${entry})
+ ewarn "server ${entry}"
+ done
+ fi
+ fi
+}
+
+stop() {
+ ebegin "Stopping 389 Directory Server ldap-snmp agent"
+ start-stop-daemon --stop --quiet --pidfile ${PIDFILE}
+ eend ${?}
+
+}
+
+restart() {
+ svc_stop
+ sleep 2
+ svc_start
+}
diff --git a/net-nds/389-ds-base/files/389-ds.initd b/net-nds/389-ds-base/files/389-ds.initd
new file mode 100644
index 000000000000..5afe506086c9
--- /dev/null
+++ b/net-nds/389-ds-base/files/389-ds.initd
@@ -0,0 +1,78 @@
+#!/sbin/runscript
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+DIRSRV_EXEC="/usr/sbin/ns-slapd"
+PID_DIRECTORY="/var/run/dirsrv"
+DIRSRV_CONF_DIR="/etc/dirsrv"
+DS_INSTANCES=${DIRSRV_CONF_DIR}/slapd-*
+F389DS_INSTANCES=""
+
+depend() {
+ need net logger
+ use dns
+ provide dirsvr ldap
+}
+
+checkconfig() {
+ if [ -z "${DS_INSTANCES}" ]; then
+ eerror "389 Directory Server has not been configured."
+ eend 1
+ return 1
+ fi
+}
+
+start() {
+ checkconfig || return 1
+
+ for instance in ${DS_INSTANCES}; do
+ instance=$(basename ${instance})
+ # skip .removed instances, bug #338133
+ if [ "${instance%%.removed}" != "${instance}" ]; then
+ continue
+ fi
+ ebegin "Starting 389 Directory Server: instance ${instance}"
+ start-stop-daemon --start --quiet -m \
+ --pidfile ${PID_DIRECTORY}/${instance}.startpid \
+ --exec ${DIRSRV_EXEC} -- -D ${DIRSRV_CONF_DIR}/${instance} \
+ -i ${PID_DIRECTORY}/${instance}.pid \
+ -w ${PID_DIRECTORY}/${instance}.startpid
+ sts=${?}
+ eend ${sts}
+ if [ "${sts}" != "0" ]; then
+ return 1
+ fi
+ done
+}
+
+
+
+stop() {
+ checkconfig || return 1
+
+ for instance in ${DS_INSTANCES}; do
+ instance=$(basename ${instance})
+ ebegin "Stopping 389 Directory Server: instance ${instance}"
+ start-stop-daemon --stop --quiet \
+ --pidfile ${PID_DIRECTORY}/${instance}.pid \
+ --exec ${DIRSRV_EXEC}
+ eend ${?}
+ done
+}
+
+status() {
+ for instance in ${DS_INSTANCES}; do
+ instance=$(basename ${instance})
+ if [ -e ${PID_DIRECTORY}/${instance}.pid ]; then
+ pid=$(cat ${PID_DIRECTORY}/${instance}.pid)
+ if [ $(echo "$pid" | grep -c $pid) -ge 1 ]; then
+ einfo "389 Directory Server: instance ${instance} (pid $pid) running."
+ else
+ ewarn "389 Directory Server: instance ${instance} (pid $pid) NOT running."
+ fi
+ else
+ eerror "389 Directory Server: instance ${instance} is NOT running."
+ fi
+ done
+}
diff --git a/net-nds/389-ds-base/files/restart-dirsrv b/net-nds/389-ds-base/files/restart-dirsrv
new file mode 100644
index 000000000000..90654eca170a
--- /dev/null
+++ b/net-nds/389-ds-base/files/restart-dirsrv
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+# Script that restarts the ns-slapd server.
+# Exit status can be:
+# 0: Server restarted successfully
+# 1: Server could not be started
+# 2: Server started successfully (was not running)
+# 3: Server could not be stopped
+
+sleep_time=8
+/etc/init.d/389-ds status &> /dev/null
+running="${?}"
+
+rc-config stop 389-ds
+if [ "${?}" = "1" ]; then
+ sleep ${sleep_time}
+ exit 3
+fi
+rc-config start 389-ds
+if [ "${?}" = "1" ]; then
+ sleep ${sleep_time}
+ exit 1
+fi
+if [ "${running}" = "0" ]; then
+ sleep ${sleep_time}
+ exit 0
+else
+ sleep ${sleep_time}
+ exit 2
+fi
diff --git a/net-nds/389-ds-base/files/start-dirsrv b/net-nds/389-ds-base/files/start-dirsrv
new file mode 100644
index 000000000000..45c2a6c2c7d4
--- /dev/null
+++ b/net-nds/389-ds-base/files/start-dirsrv
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+# Script that starts the ns-slapd server.
+# Exit status can be:
+# 0: Server started successfully
+# 1: Server could not be started
+# 2: Server already running
+
+rc-config stop 389-ds
+rc-config start 389-ds
+rc="${?}"
+# give the daemon a chance to start
+sleep 8
+exit "${rc:-1}"
diff --git a/net-nds/389-ds-base/metadata.xml b/net-nds/389-ds-base/metadata.xml
new file mode 100644
index 000000000000..47330005454e
--- /dev/null
+++ b/net-nds/389-ds-base/metadata.xml
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<maintainer>
+ <email>maintainer-needed@gentoo.org</email>
+</maintainer>
+<longdescription>The enterprise-class Open Source LDAP server for Linux</longdescription>
+<use>
+ <flag name='pam-passthru'>Enable pam-passthru plugin - for simple and fast system services used in ldap</flag>
+ <flag name='dna'>Enable dna (distributed numeric assignment ) plugin - to
+ automatically assign unique uid numbers to new user entries as they are created.</flag>
+ <flag name='presence'>Enable presence plugin - non-stabdart syntax
+ validation</flag>
+ <flag name='bitwise'>Enable bitwise plugin - supported data in raw/bitwise
+ format</flag>
+ <flag name='autobind'>Enable auto bind over unix domain socket (LDAPI)
+ support</flag>
+ <flag name='auto-dn-suffix'>Enable auto bind with auto dn suffix over unix
+ domain socket (LDAPI) support</flag>
+ <flag name='ldapi'>Enable LDAP over unix domain socket (LDAPI) support</flag>
+</use>
+</pkgmetadata>
diff --git a/net-nds/adtool/Manifest b/net-nds/adtool/Manifest
new file mode 100644
index 000000000000..74f57e0cd866
--- /dev/null
+++ b/net-nds/adtool/Manifest
@@ -0,0 +1 @@
+DIST adtool-1.3.3.tar.gz 334767 SHA256 9658ed2a4869304a094b0dc73d994940271f7ff64e481093893bf25c95bc95ab SHA512 800a9fd19481b2c986991c27674e24b40bd6f4d58d7cbcf94532acb88f6c36de1f18d4165d6a2dcffd7d5baeac86aaf6f0ff1ef1b46d93ffc28b826b3d857251 WHIRLPOOL f5d36bf4cd62abfe2488b27b9cc08d439d199d3b9e81693c517334ef9937de362f235c9d0c1604bbcc08c54d223de24282ef508d7e615f47be3f3508e1ae1e59
diff --git a/net-nds/adtool/adtool-1.3.3.ebuild b/net-nds/adtool/adtool-1.3.3.ebuild
new file mode 100644
index 000000000000..39c805f9e9dc
--- /dev/null
+++ b/net-nds/adtool/adtool-1.3.3.ebuild
@@ -0,0 +1,34 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=4
+
+AUTOTOOLS_AUTORECONF=true
+
+inherit autotools-utils
+
+DESCRIPTION="Utility for Active Directory administration"
+HOMEPAGE="http://gp2x.org/adtool/"
+SRC_URI="http://gp2x.org/adtool/${P}.tar.gz"
+
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~amd64 ~ppc ~x86"
+IUSE="ssl"
+
+DEPEND="
+ net-nds/openldap
+ ssl? ( dev-libs/openssl )"
+RDEPEND="${DEPEND}"
+
+PATCHES=( "${FILESDIR}"/${P}-bfr-overflow.patch )
+
+src_prepare() {
+ # automake-1.13
+ mv configure.{in,ac} || die
+ sed \
+ -e '/libactive_directory.a/s:@top_srcdir@:@top_builddir@:' \
+ -i src/tools/Makefile.am || die
+ autotools-utils_src_prepare
+}
diff --git a/net-nds/adtool/files/adtool-1.3.3-bfr-overflow.patch b/net-nds/adtool/files/adtool-1.3.3-bfr-overflow.patch
new file mode 100644
index 000000000000..f4e7ef0be88b
--- /dev/null
+++ b/net-nds/adtool/files/adtool-1.3.3-bfr-overflow.patch
@@ -0,0 +1,18 @@
+ src/lib/active_directory.c | 4 ++--
+ 1 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/lib/active_directory.c b/src/lib/active_directory.c
+index 1eacf5f..d4e1ca6 100644
+--- a/src/lib/active_directory.c
++++ b/src/lib/active_directory.c
+@@ -172,8 +172,8 @@ char *dn2domain(char *dn) {
+ exp_dn=ldap_explode_dn(dn, 0);
+ for(i=0; exp_dn[i]!=NULL; i++) {
+ if(!strncasecmp("dc=", exp_dn[i], 3)) {
+- strncat(dc, exp_dn[i]+3, 1024);
+- strncat(dc, ".", 1024);
++ strncat(dc, exp_dn[i]+3, 1024 - 1);
++ strncat(dc, ".", 1024 - 1);
+ }
+ }
+ ldap_value_free(exp_dn);
diff --git a/net-nds/adtool/metadata.xml b/net-nds/adtool/metadata.xml
new file mode 100644
index 000000000000..25e348aacfc8
--- /dev/null
+++ b/net-nds/adtool/metadata.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer>
+ <email>maintainer-needed@gentoo.org</email>
+ </maintainer>
+ <longdescription>
+adtool is a unix command line utility for Active Directory administration, through ldap repository management.
+</longdescription>
+</pkgmetadata>
diff --git a/net-nds/gosa-core/Manifest b/net-nds/gosa-core/Manifest
new file mode 100644
index 000000000000..0159e7330155
--- /dev/null
+++ b/net-nds/gosa-core/Manifest
@@ -0,0 +1,3 @@
+DIST gosa-core-2.6.10.tar.bz2 2651987 SHA256 f372b753a675745b8d177f4cd497b625fd36a49deb84b053d51fe1c133933e5d
+DIST gosa-core-2.6.11.tar.bz2 2711910 SHA256 79e484da20524ec17b8da12a146f35e6c5784e7e9f75962c89657680d00ebc30
+DIST gosa-core-2.6.12.tar.bz2 2541062 SHA256 dd6cf2bdb32196e6ad68efa4d2400bf6a95b4a7fddf7c11888c60ea8888b8dc0
diff --git a/net-nds/gosa-core/files/gosa.include b/net-nds/gosa-core/files/gosa.include
new file mode 100644
index 000000000000..dcd3434964a4
--- /dev/null
+++ b/net-nds/gosa-core/files/gosa.include
@@ -0,0 +1,36 @@
+Alias /gosa /usr/share/gosa/html
+
+<Directory /usr/share/gosa/html>
+ Options None
+ AllowOverride None
+ Order deny,allow
+ Allow from all
+</Directory>
+
+<IfModule mod_php5.c>
+<Location /gosa>
+ php_admin_flag engine on
+ php_admin_flag register_globals off
+ php_admin_flag allow_call_time_pass_reference off
+ php_admin_flag expose_php off
+ php_admin_flag zend.ze1_compatibility_mode off
+ php_admin_flag register_long_arrays off
+ php_admin_flag magic_quotes_gpc on
+ php_admin_value upload_tmp_dir /var/spool/gosa/
+ php_admin_value session.cookie_lifetime 0
+ include /etc/gosa/gosa.secrets
+</Location>
+</IfModule>
+
+<IfModule mod_fcgid.c>
+ PHP_Fix_Pathinfo_Enable 1
+ <Location /gosa>
+ Options +ExecCGI
+ AddHandler fcgid-script .php
+ FCGIWrapper /var/www/php-fcgi/php-fcgi-starter .php
+ include /etc/gosa/gosa.secrets
+ </Location>
+</IfModule>
+
+
+# vim: ts=4 filetype=apache
diff --git a/net-nds/gosa-core/gosa-core-2.6.10.ebuild b/net-nds/gosa-core/gosa-core-2.6.10.ebuild
new file mode 100644
index 000000000000..e8c8de9005b7
--- /dev/null
+++ b/net-nds/gosa-core/gosa-core-2.6.10.ebuild
@@ -0,0 +1,106 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=3
+
+inherit eutils
+
+DESCRIPTION="LDAP administration frontend for user administration"
+HOMEPAGE="https://oss.gonicus.de/labs/gosa/wiki/WikiStart."
+SRC_URI="ftp://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ ftp://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2 "
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE=""
+
+DEPEND="dev-lang/php[iconv,imap,ldap,mysql,session,zip]
+ sys-devel/gettext"
+RDEPEND="${DEPEND}
+ virtual/httpd-php
+ dev-perl/Crypt-SmbHash
+ media-gfx/imagemagick"
+
+src_prepare() {
+ epatch \
+ "${S}/redhat/02_fix_class_mapping.patch" \
+ "${S}/redhat/03_fix_locale_location.patch" \
+ "${S}/redhat/04_fix_online_help_location.patch"
+ sed -i \
+ -e 's|../contrib|/usr/share/gosa/template|' \
+ include/functions.inc || die "sed failed"
+}
+
+src_install() {
+ insinto /usr/share/gosa
+ doins -r doc html ihtml include locale plugins setup
+
+ insinto /usr/share/gosa/template
+ doins contrib/gosa.conf
+
+ dosbin \
+ update-gosa \
+ bin/gosa-encrypt-passwords
+
+ dobin \
+ update-locale \
+ update-online-help \
+ update-pdf-help \
+ dh-make-gosa \
+ contrib/gosa
+
+ insinto /etc/gosa
+ doins \
+ contrib/shells \
+ contrib/encodings \
+ contrib/desktoprc
+ touch "${D}/etc/gosa/gosa.secrets"
+
+ doicon debian/*.xpm
+ domenu debian/gosa-desktop.desktop
+
+ doman *.1 contrib/*.1 contrib/*.5
+
+ dodoc contrib/openldap/slapd.conf
+ insinto /etc/openldap/schema/gosa
+ doins contrib/openldap/*.schema
+
+ insinto /etc/apache2/vhosts.d
+ doins "${FILESDIR}/gosa.include"
+
+ dodoc AUTHORS Changelog FAQ README README.safemode
+
+ keepdir /etc/gosa
+ keepdir /var/spool/gosa
+ keepdir /var/cache/gosa
+}
+
+pkg_prerm() {
+ ebegin "Flushing the class and locale cache"
+ rm -r "${EROOT}"var/cache/gosa/*
+ eend $?
+ ebegin "Clearing the spool directory"
+ rm -r "${EROOT}"var/spool/gosa/*
+ eend $?
+}
+
+pkg_postinst() {
+ ebegin "Generating class cache and locales"
+ "${EROOT}"usr/sbin/update-gosa
+ eend $?
+
+ elog "Please make sure that the web server you are going to use has"
+ elog "read-write access to ${EROOT}var/spool/gosa"
+
+ elog "For Apache there is the gosa.include file in ${EROOT}etc/apache/vhosts.d."
+ elog "You can either use it as a template for your configuration or directly"
+ elog "include it in your apache configuration."
+
+ elog "GOsa requires some objectclasses and attributes to be present in the"
+ elog "directory. A sample configuration for slapd.conf can be found here:"
+ elog " ${EROOR}usr/share/doc/${PF}/slapd.conf[.gz]"
+}
diff --git a/net-nds/gosa-core/gosa-core-2.6.11.ebuild b/net-nds/gosa-core/gosa-core-2.6.11.ebuild
new file mode 100644
index 000000000000..92a75b3283bb
--- /dev/null
+++ b/net-nds/gosa-core/gosa-core-2.6.11.ebuild
@@ -0,0 +1,108 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=3
+
+inherit eutils
+
+DESCRIPTION="LDAP administration frontend for user administration"
+HOMEPAGE="https://oss.gonicus.de/labs/gosa/wiki/WikiStart."
+SRC_URI="ftp://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ ftp://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2 "
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE="mail samba"
+
+DEPEND="dev-lang/php[iconv,imap,ldap,mysql,session,zip]
+ sys-devel/gettext"
+RDEPEND="${DEPEND}
+ virtual/httpd-php
+ dev-perl/Crypt-SmbHash
+ media-gfx/imagemagick"
+PDEPEND="mail? ( ~net-nds/gosa-plugin-mail-${PV} )
+ samba? ( ~net-nds/gosa-plugin-samba-${PV} )"
+
+src_prepare() {
+ epatch \
+ "${S}/redhat/02_fix_class_mapping.patch" \
+ "${S}/redhat/03_fix_locale_location.patch" \
+ "${S}/redhat/04_fix_online_help_location.patch"
+ sed -i \
+ -e 's|../contrib|/usr/share/gosa/template|' \
+ include/functions.inc || die "sed failed"
+}
+
+src_install() {
+ insinto /usr/share/gosa
+ doins -r doc html ihtml include locale plugins setup
+
+ insinto /usr/share/gosa/template
+ doins contrib/gosa.conf
+
+ dosbin \
+ update-gosa \
+ bin/gosa-encrypt-passwords
+
+ dobin \
+ update-locale \
+ update-online-help \
+ update-pdf-help \
+ dh-make-gosa \
+ contrib/gosa
+
+ insinto /etc/gosa
+ doins \
+ contrib/shells \
+ contrib/encodings \
+ contrib/desktoprc
+ touch "${D}/etc/gosa/gosa.secrets"
+
+ doicon debian/*.xpm
+ domenu debian/gosa-desktop.desktop
+
+ doman *.1 contrib/*.1 contrib/*.5
+
+ dodoc contrib/openldap/slapd.conf
+ insinto /etc/openldap/schema/gosa
+ doins contrib/openldap/*.schema
+
+ insinto /etc/apache2/vhosts.d
+ doins "${FILESDIR}/gosa.include"
+
+ dodoc AUTHORS Changelog FAQ README README.safemode
+
+ keepdir /etc/gosa
+ keepdir /var/spool/gosa
+ keepdir /var/cache/gosa
+}
+
+pkg_prerm() {
+ ebegin "Flushing the class and locale cache"
+ rm -r "${EROOT}"var/cache/gosa/*
+ eend $?
+ ebegin "Clearing the spool directory"
+ rm -r "${EROOT}"var/spool/gosa/*
+ eend $?
+}
+
+pkg_postinst() {
+ ebegin "Generating class cache and locales"
+ "${EROOT}"usr/sbin/update-gosa
+ eend $?
+
+ elog "Please make sure that the web server you are going to use has"
+ elog "read-write access to ${EROOT}var/spool/gosa"
+
+ elog "For Apache there is the gosa.include file in ${EROOT}etc/apache/vhosts.d."
+ elog "You can either use it as a template for your configuration or directly"
+ elog "include it in your apache configuration."
+
+ elog "GOsa requires some objectclasses and attributes to be present in the"
+ elog "directory. A sample configuration for slapd.conf can be found here:"
+ elog " ${EROOR}usr/share/doc/${PF}/slapd.conf[.gz]"
+}
diff --git a/net-nds/gosa-core/gosa-core-2.6.12.ebuild b/net-nds/gosa-core/gosa-core-2.6.12.ebuild
new file mode 100644
index 000000000000..b026517cd98b
--- /dev/null
+++ b/net-nds/gosa-core/gosa-core-2.6.12.ebuild
@@ -0,0 +1,108 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=4
+
+inherit eutils
+
+DESCRIPTION="LDAP administration frontend for user administration"
+HOMEPAGE="https://oss.gonicus.de/labs/gosa/wiki/WikiStart."
+SRC_URI="ftp://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ ftp://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2 "
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE="mail samba"
+
+DEPEND="dev-lang/php[iconv,imap,ldap,mysql,session,zip]
+ sys-devel/gettext"
+RDEPEND="${DEPEND}
+ virtual/httpd-php
+ dev-perl/Crypt-SmbHash
+ media-gfx/imagemagick"
+PDEPEND="mail? ( ~net-nds/gosa-plugin-mail-${PV} )
+ samba? ( ~net-nds/gosa-plugin-samba-${PV} )"
+
+src_prepare() {
+ epatch \
+ "${S}/redhat/02_fix_class_mapping.patch" \
+ "${S}/redhat/03_fix_locale_location.patch" \
+ "${S}/redhat/04_fix_online_help_location.patch"
+ sed -i \
+ -e 's|../contrib|/usr/share/gosa/template|' \
+ include/functions.inc || die "sed failed"
+}
+
+src_install() {
+ insinto /usr/share/gosa
+ doins -r doc html ihtml include locale plugins setup
+
+ insinto /usr/share/gosa/template
+ doins contrib/gosa.conf
+
+ dosbin \
+ update-gosa \
+ bin/gosa-encrypt-passwords
+
+ dobin \
+ update-locale \
+ update-online-help \
+ update-pdf-help \
+ dh-make-gosa \
+ contrib/gosa
+
+ insinto /etc/gosa
+ doins \
+ contrib/shells \
+ contrib/encodings \
+ contrib/desktoprc
+ touch "${D}/etc/gosa/gosa.secrets"
+
+ doicon debian/*.xpm
+ domenu debian/gosa-desktop.desktop
+
+ doman *.1 contrib/*.1 contrib/*.5
+
+ dodoc contrib/openldap/slapd.conf
+ insinto /etc/openldap/schema/gosa
+ doins contrib/openldap/*.schema
+
+ insinto /etc/apache2/vhosts.d
+ doins "${FILESDIR}/gosa.include"
+
+ dodoc AUTHORS Changelog FAQ README README.safemode
+
+ keepdir /etc/gosa
+ keepdir /var/spool/gosa
+ keepdir /var/cache/gosa
+}
+
+pkg_prerm() {
+ ebegin "Flushing the class and locale cache"
+ rm -r "${EROOT}"var/cache/gosa/*
+ eend $?
+ ebegin "Clearing the spool directory"
+ rm -r "${EROOT}"var/spool/gosa/*
+ eend $?
+}
+
+pkg_postinst() {
+ ebegin "Generating class cache and locales"
+ "${EROOT}"usr/sbin/update-gosa
+ eend $?
+
+ elog "Please make sure that the web server you are going to use has"
+ elog "read-write access to ${EROOT}var/spool/gosa"
+
+ elog "For Apache there is the gosa.include file in ${EROOT}etc/apache/vhosts.d."
+ elog "You can either use it as a template for your configuration or directly"
+ elog "include it in your apache configuration."
+
+ elog "GOsa requires some objectclasses and attributes to be present in the"
+ elog "directory. A sample configuration for slapd.conf can be found here:"
+ elog " ${EROOR}usr/share/doc/${PF}/slapd.conf[.gz]"
+}
diff --git a/net-nds/gosa-core/metadata.xml b/net-nds/gosa-core/metadata.xml
new file mode 100644
index 000000000000..11f7ed9ad722
--- /dev/null
+++ b/net-nds/gosa-core/metadata.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer>
+ <email>dev-zero@gentoo.org</email>
+ <name>Tiziano Müller</name>
+ </maintainer>
+ <use>
+ <flag name='mail'>Manage mail accounts and servers with gosa.</flag>
+ <flag name='samba'>Manage samba accounts with gosa.</flag>
+ </use>
+ <upstream>
+ <changelog>http://oss.gonicus.de/pub/gosa/Changelog</changelog>
+ </upstream>
+</pkgmetadata>
diff --git a/net-nds/gosa-plugin-mail/Manifest b/net-nds/gosa-plugin-mail/Manifest
new file mode 100644
index 000000000000..d930f1f16180
--- /dev/null
+++ b/net-nds/gosa-plugin-mail/Manifest
@@ -0,0 +1,3 @@
+DIST gosa-plugin-mail-2.6.10.tar.bz2 166019 RMD160 14bb6f3041e7b6dc33297ac4cef166f9450c390e SHA1 23b2ce17198d64f426226f50de8171700a6ba0b0 SHA256 6b65e6aa37bf8b1b9f136f54500c89061567fb62969de009c8b61e2e44480ecd
+DIST gosa-plugin-mail-2.6.11.tar.bz2 168876 RMD160 0ac5c0df7e62a39ec0c406b5378fd934c1f9bc68 SHA1 2d2f4058f933aff0002ddee909cc83337647b34e SHA256 40f476c02880a08268989f069eebadc7be8be932df00ec65166ba505113e0d75
+DIST gosa-plugins-mail-2.6.12.tar.bz2 169052 RMD160 65ca0c766aafe9f7cf917b134ea420e08cb4a548 SHA1 21f8013d67812d2a2677d27baa30c7229ada0f7c SHA256 526d431ed7f940c78de59e4b9b2bf2fb9e7ae9f3de585ff7f98ee5a4ce3f4a34
diff --git a/net-nds/gosa-plugin-mail/gosa-plugin-mail-2.6.10.ebuild b/net-nds/gosa-plugin-mail/gosa-plugin-mail-2.6.10.ebuild
new file mode 100644
index 000000000000..d1a6c6b817f6
--- /dev/null
+++ b/net-nds/gosa-plugin-mail/gosa-plugin-mail-2.6.10.ebuild
@@ -0,0 +1,50 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=3
+
+DESCRIPTION="GOsa plugin for Mail integration"
+HOMEPAGE="https://oss.gonicus.de/labs/gosa/wiki/WikiStart."
+SRC_URI="ftp://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ ftp://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2 "
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE=""
+
+DEPEND=""
+RDEPEND="~net-nds/gosa-core-${PV}
+ ~net-nds/gosa-plugin-systems-${PV}"
+
+GOSA_COMPONENT="${PN/gosa-plugin-}"
+
+src_install() {
+ insinto /etc/gosa
+ doins -r etc/*
+
+ insinto /usr/share/gosa/html/plugins/${GOSA_COMPONENT}/
+ doins -r html/*
+
+ insinto /usr/share/gosa/locale/plugins/${GOSA_COMPONENT}/
+ doins -r locale/*
+
+ insinto /usr/share/gosa/plugins
+ doins -r addons admin personal
+
+ insinto /usr/share/gosa/doc/plugins/${GOSA_COMPONENT}/
+ doins help/guide.xml
+
+ dodoc contrib/*
+ insinto /usr/share/doc/${PF}
+ doins -r contrib/sieve_vacation
+}
+
+pkg_postinst() {
+ ebegin "Updating class cache and locales"
+ "${EROOT}"usr/sbin/update-gosa
+ eend $?
+}
diff --git a/net-nds/gosa-plugin-mail/gosa-plugin-mail-2.6.11.ebuild b/net-nds/gosa-plugin-mail/gosa-plugin-mail-2.6.11.ebuild
new file mode 100644
index 000000000000..d1a6c6b817f6
--- /dev/null
+++ b/net-nds/gosa-plugin-mail/gosa-plugin-mail-2.6.11.ebuild
@@ -0,0 +1,50 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=3
+
+DESCRIPTION="GOsa plugin for Mail integration"
+HOMEPAGE="https://oss.gonicus.de/labs/gosa/wiki/WikiStart."
+SRC_URI="ftp://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ ftp://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2 "
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE=""
+
+DEPEND=""
+RDEPEND="~net-nds/gosa-core-${PV}
+ ~net-nds/gosa-plugin-systems-${PV}"
+
+GOSA_COMPONENT="${PN/gosa-plugin-}"
+
+src_install() {
+ insinto /etc/gosa
+ doins -r etc/*
+
+ insinto /usr/share/gosa/html/plugins/${GOSA_COMPONENT}/
+ doins -r html/*
+
+ insinto /usr/share/gosa/locale/plugins/${GOSA_COMPONENT}/
+ doins -r locale/*
+
+ insinto /usr/share/gosa/plugins
+ doins -r addons admin personal
+
+ insinto /usr/share/gosa/doc/plugins/${GOSA_COMPONENT}/
+ doins help/guide.xml
+
+ dodoc contrib/*
+ insinto /usr/share/doc/${PF}
+ doins -r contrib/sieve_vacation
+}
+
+pkg_postinst() {
+ ebegin "Updating class cache and locales"
+ "${EROOT}"usr/sbin/update-gosa
+ eend $?
+}
diff --git a/net-nds/gosa-plugin-mail/gosa-plugin-mail-2.6.12-r1.ebuild b/net-nds/gosa-plugin-mail/gosa-plugin-mail-2.6.12-r1.ebuild
new file mode 100644
index 000000000000..99d171794593
--- /dev/null
+++ b/net-nds/gosa-plugin-mail/gosa-plugin-mail-2.6.12-r1.ebuild
@@ -0,0 +1,52 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=4
+
+MY_P="${P/plugin/plugins}"
+
+DESCRIPTION="GOsa plugin for Mail integration"
+HOMEPAGE="https://oss.gonicus.de/labs/gosa/wiki/WikiStart."
+SRC_URI="ftp://oss.gonicus.de/pub/gosa/${MY_P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/${MY_P}.tar.bz2
+ ftp://oss.gonicus.de/pub/gosa/archive/${MY_P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/archive/${MY_P}.tar.bz2 "
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE=""
+
+DEPEND=""
+RDEPEND="~net-nds/gosa-core-${PV}
+ ~net-nds/gosa-plugin-systems-${PV}"
+
+S="${WORKDIR}/${MY_P}"
+GOSA_COMPONENT="${PN/gosa-plugin-}"
+
+src_install() {
+ insinto /etc/gosa
+ doins -r etc/*
+
+ insinto /usr/share/gosa/html/plugins/${GOSA_COMPONENT}/
+ doins -r html/*
+
+ insinto /usr/share/gosa/locale/plugins/${GOSA_COMPONENT}/
+ doins -r locale/*
+
+ insinto /usr/share/gosa/plugins
+ doins -r addons admin personal
+
+ insinto /usr/share/gosa/doc/plugins/${GOSA_COMPONENT}/
+ doins help/guide.xml
+
+ dodoc -r contrib/*
+ insinto /usr/share/doc/${PF}
+}
+
+pkg_postinst() {
+ ebegin "Updating class cache and locales"
+ "${EROOT}"usr/sbin/update-gosa
+ eend $?
+}
diff --git a/net-nds/gosa-plugin-mail/gosa-plugin-mail-2.6.12.ebuild b/net-nds/gosa-plugin-mail/gosa-plugin-mail-2.6.12.ebuild
new file mode 100644
index 000000000000..5e1a51907806
--- /dev/null
+++ b/net-nds/gosa-plugin-mail/gosa-plugin-mail-2.6.12.ebuild
@@ -0,0 +1,53 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=4
+
+MY_P="${P/plugin/plugins}"
+
+DESCRIPTION="GOsa plugin for Mail integration"
+HOMEPAGE="https://oss.gonicus.de/labs/gosa/wiki/WikiStart."
+SRC_URI="ftp://oss.gonicus.de/pub/gosa/${MY_P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/${MY_P}.tar.bz2
+ ftp://oss.gonicus.de/pub/gosa/archive/${MY_P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/archive/${MY_P}.tar.bz2 "
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE=""
+
+DEPEND=""
+RDEPEND="~net-nds/gosa-core-${PV}
+ ~net-nds/gosa-plugin-systems-${PV}"
+
+S="${WORKDIR}/${MY_P}"
+GOSA_COMPONENT="${PN/gosa-plugins-}"
+
+src_install() {
+ insinto /etc/gosa
+ doins -r etc/*
+
+ insinto /usr/share/gosa/html/plugins/${GOSA_COMPONENT}/
+ doins -r html/*
+
+ insinto /usr/share/gosa/locale/plugins/${GOSA_COMPONENT}/
+ doins -r locale/*
+
+ insinto /usr/share/gosa/plugins
+ doins -r addons admin personal
+
+ insinto /usr/share/gosa/doc/plugins/${GOSA_COMPONENT}/
+ doins help/guide.xml
+
+ dodoc contrib/*
+ insinto /usr/share/doc/${PF}
+ doins -r contrib/sieve_vacation
+}
+
+pkg_postinst() {
+ ebegin "Updating class cache and locales"
+ "${EROOT}"usr/sbin/update-gosa
+ eend $?
+}
diff --git a/net-nds/gosa-plugin-mail/metadata.xml b/net-nds/gosa-plugin-mail/metadata.xml
new file mode 100644
index 000000000000..a59694fc88cb
--- /dev/null
+++ b/net-nds/gosa-plugin-mail/metadata.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer>
+ <email>dev-zero@gentoo.org</email>
+ <name>Tiziano Müller</name>
+ </maintainer>
+ <upstream>
+ <changelog>http://oss.gonicus.de/pub/gosa/Changelog</changelog>
+ </upstream>
+</pkgmetadata>
diff --git a/net-nds/gosa-plugin-samba/Manifest b/net-nds/gosa-plugin-samba/Manifest
new file mode 100644
index 000000000000..2a97ff63a15d
--- /dev/null
+++ b/net-nds/gosa-plugin-samba/Manifest
@@ -0,0 +1,3 @@
+DIST gosa-plugin-samba-2.6.10.tar.bz2 51818 RMD160 373b1fc83f80d2a53633ebbdcd3dd3e27bcc8bf0 SHA1 810d72f9d57c15579b81127f8de1b2df30c291c6 SHA256 8067417110ce379fb6beee935adbc833796e8acab76776356b0db1f48dd592bc
+DIST gosa-plugin-samba-2.6.11.tar.bz2 51790 RMD160 d470f53df46a64407b4cce93f245819b711f507b SHA1 40f2c8edec78fa9ac082a17e56ddaae90826cb7f SHA256 8492b523255500da9ff0596f652735ec5ee49d2d37053d21fc91d83ad7da0c28
+DIST gosa-plugins-samba-2.6.12.tar.bz2 52284 RMD160 b00aa751f3252bf53b102da474cb641c896fef08 SHA1 d39c6db656bd772a070aa1803cc0494a851325ad SHA256 b3e01044e7a719ec6898bf29194f82373ca82d8c36602231e3e80b4b449fb034
diff --git a/net-nds/gosa-plugin-samba/gosa-plugin-samba-2.6.10.ebuild b/net-nds/gosa-plugin-samba/gosa-plugin-samba-2.6.10.ebuild
new file mode 100644
index 000000000000..c2b432712fb0
--- /dev/null
+++ b/net-nds/gosa-plugin-samba/gosa-plugin-samba-2.6.10.ebuild
@@ -0,0 +1,45 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=3
+
+DESCRIPTION="GOsa plugin for Samba integration"
+HOMEPAGE="https://oss.gonicus.de/labs/gosa/wiki/WikiStart."
+SRC_URI="ftp://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ ftp://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2 "
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE=""
+
+DEPEND=""
+RDEPEND="~net-nds/gosa-core-${PV}
+ ~net-nds/gosa-plugin-systems-${PV}"
+
+GOSA_COMPONENT="${PN/gosa-plugin-}"
+
+src_install() {
+ insinto /usr/share/gosa/html/plugins/${GOSA_COMPONENT}/
+ doins -r html/*
+
+ insinto /usr/share/gosa/locale/plugins/${GOSA_COMPONENT}/
+ doins -r locale/*
+
+ insinto /usr/share/gosa/plugins
+ doins -r admin personal
+
+ insinto /usr/share/gosa/doc/plugins/${GOSA_COMPONENT}/
+ doins -r help/*
+
+ dodoc contrib/*
+}
+
+pkg_postinst() {
+ ebegin "Updating class cache and locales"
+ "${EROOT}"usr/sbin/update-gosa
+ eend $?
+}
diff --git a/net-nds/gosa-plugin-samba/gosa-plugin-samba-2.6.11.ebuild b/net-nds/gosa-plugin-samba/gosa-plugin-samba-2.6.11.ebuild
new file mode 100644
index 000000000000..c2b432712fb0
--- /dev/null
+++ b/net-nds/gosa-plugin-samba/gosa-plugin-samba-2.6.11.ebuild
@@ -0,0 +1,45 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=3
+
+DESCRIPTION="GOsa plugin for Samba integration"
+HOMEPAGE="https://oss.gonicus.de/labs/gosa/wiki/WikiStart."
+SRC_URI="ftp://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ ftp://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2 "
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE=""
+
+DEPEND=""
+RDEPEND="~net-nds/gosa-core-${PV}
+ ~net-nds/gosa-plugin-systems-${PV}"
+
+GOSA_COMPONENT="${PN/gosa-plugin-}"
+
+src_install() {
+ insinto /usr/share/gosa/html/plugins/${GOSA_COMPONENT}/
+ doins -r html/*
+
+ insinto /usr/share/gosa/locale/plugins/${GOSA_COMPONENT}/
+ doins -r locale/*
+
+ insinto /usr/share/gosa/plugins
+ doins -r admin personal
+
+ insinto /usr/share/gosa/doc/plugins/${GOSA_COMPONENT}/
+ doins -r help/*
+
+ dodoc contrib/*
+}
+
+pkg_postinst() {
+ ebegin "Updating class cache and locales"
+ "${EROOT}"usr/sbin/update-gosa
+ eend $?
+}
diff --git a/net-nds/gosa-plugin-samba/gosa-plugin-samba-2.6.12-r1.ebuild b/net-nds/gosa-plugin-samba/gosa-plugin-samba-2.6.12-r1.ebuild
new file mode 100644
index 000000000000..454118465f8d
--- /dev/null
+++ b/net-nds/gosa-plugin-samba/gosa-plugin-samba-2.6.12-r1.ebuild
@@ -0,0 +1,48 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=4
+
+MY_P="${P/plugin/plugins}"
+
+DESCRIPTION="GOsa plugin for Samba integration"
+HOMEPAGE="https://oss.gonicus.de/labs/gosa/wiki/WikiStart."
+SRC_URI="ftp://oss.gonicus.de/pub/gosa/${MY_P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/${MY_P}.tar.bz2
+ ftp://oss.gonicus.de/pub/gosa/archive/${MY_P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/archive/${MY_P}.tar.bz2 "
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE=""
+
+DEPEND=""
+RDEPEND="~net-nds/gosa-core-${PV}
+ ~net-nds/gosa-plugin-systems-${PV}"
+
+S="${WORKDIR}/${MY_P}"
+GOSA_COMPONENT="${PN/gosa-plugin-}"
+
+src_install() {
+ insinto /usr/share/gosa/html/plugins/${GOSA_COMPONENT}/
+ doins -r html/*
+
+ insinto /usr/share/gosa/locale/plugins/${GOSA_COMPONENT}/
+ doins -r locale/*
+
+ insinto /usr/share/gosa/plugins
+ doins -r admin personal
+
+ insinto /usr/share/gosa/doc/plugins/${GOSA_COMPONENT}/
+ doins -r help/*
+
+ dodoc contrib/*
+}
+
+pkg_postinst() {
+ ebegin "Updating class cache and locales"
+ "${EROOT}"usr/sbin/update-gosa
+ eend $?
+}
diff --git a/net-nds/gosa-plugin-samba/gosa-plugin-samba-2.6.12.ebuild b/net-nds/gosa-plugin-samba/gosa-plugin-samba-2.6.12.ebuild
new file mode 100644
index 000000000000..4603d00072c8
--- /dev/null
+++ b/net-nds/gosa-plugin-samba/gosa-plugin-samba-2.6.12.ebuild
@@ -0,0 +1,48 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=4
+
+MY_P="${P/plugin/plugins}"
+
+DESCRIPTION="GOsa plugin for Samba integration"
+HOMEPAGE="https://oss.gonicus.de/labs/gosa/wiki/WikiStart."
+SRC_URI="ftp://oss.gonicus.de/pub/gosa/${MY_P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/${MY_P}.tar.bz2
+ ftp://oss.gonicus.de/pub/gosa/archive/${MY_P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/archive/${MY_P}.tar.bz2 "
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE=""
+
+DEPEND=""
+RDEPEND="~net-nds/gosa-core-${PV}
+ ~net-nds/gosa-plugin-systems-${PV}"
+
+S="${WORKDIR}/${MY_P}"
+GOSA_COMPONENT="${PN/gosa-plugins-}"
+
+src_install() {
+ insinto /usr/share/gosa/html/plugins/${GOSA_COMPONENT}/
+ doins -r html/*
+
+ insinto /usr/share/gosa/locale/plugins/${GOSA_COMPONENT}/
+ doins -r locale/*
+
+ insinto /usr/share/gosa/plugins
+ doins -r admin personal
+
+ insinto /usr/share/gosa/doc/plugins/${GOSA_COMPONENT}/
+ doins -r help/*
+
+ dodoc contrib/*
+}
+
+pkg_postinst() {
+ ebegin "Updating class cache and locales"
+ "${EROOT}"usr/sbin/update-gosa
+ eend $?
+}
diff --git a/net-nds/gosa-plugin-samba/metadata.xml b/net-nds/gosa-plugin-samba/metadata.xml
new file mode 100644
index 000000000000..a59694fc88cb
--- /dev/null
+++ b/net-nds/gosa-plugin-samba/metadata.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer>
+ <email>dev-zero@gentoo.org</email>
+ <name>Tiziano Müller</name>
+ </maintainer>
+ <upstream>
+ <changelog>http://oss.gonicus.de/pub/gosa/Changelog</changelog>
+ </upstream>
+</pkgmetadata>
diff --git a/net-nds/gosa-plugin-systems/Manifest b/net-nds/gosa-plugin-systems/Manifest
new file mode 100644
index 000000000000..6e01e4eab281
--- /dev/null
+++ b/net-nds/gosa-plugin-systems/Manifest
@@ -0,0 +1,3 @@
+DIST gosa-plugin-systems-2.6.10.tar.bz2 148131 RMD160 9a3da0b96e416575d0c4bdab68acaf05bfca986f SHA1 6b701e84d80ce4fa450f75d897ffcdae2af1422a SHA256 ab9aed6368dea0a38bdcadc00be63845435f9adb9f792ee96efacef73827b3cc
+DIST gosa-plugin-systems-2.6.11.tar.bz2 161374 RMD160 64fc7e6c6d823e971bed5dd620c1aefa69de5be5 SHA1 fa6f1cafda4acc311bf080c78124899f205461fc SHA256 7de94b2c00d417a6689119089e80d6ae3d564e11ac089ff6988c253ceaabd0eb
+DIST gosa-plugins-systems-2.6.12.tar.bz2 160384 RMD160 ceeef0943736273aa2bbb134a4cf70eda57e3a92 SHA1 3c7c4a112f07677477da379648bab60cf5850a3a SHA256 20e7251fb833497c23b5f5ed6f8e66e1e71fded44c9e362d29acc60d3c5c905b
diff --git a/net-nds/gosa-plugin-systems/gosa-plugin-systems-2.6.10.ebuild b/net-nds/gosa-plugin-systems/gosa-plugin-systems-2.6.10.ebuild
new file mode 100644
index 000000000000..b43fd3807183
--- /dev/null
+++ b/net-nds/gosa-plugin-systems/gosa-plugin-systems-2.6.10.ebuild
@@ -0,0 +1,44 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=3
+
+inherit eutils
+
+DESCRIPTION="GOsa plugin for common systems integration"
+HOMEPAGE="https://oss.gonicus.de/labs/gosa/wiki/WikiStart."
+SRC_URI="ftp://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ ftp://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2 "
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE=""
+
+DEPEND=""
+RDEPEND="~net-nds/gosa-core-${PV}"
+
+GOSA_COMPONENT="${PN/gosa-plugin-}"
+
+src_install() {
+ insinto /usr/share/gosa/html/plugins/${GOSA_COMPONENT}/
+ doins -r html/*
+
+ insinto /usr/share/gosa/locale/plugins/${GOSA_COMPONENT}/
+ doins -r locale/*
+
+ insinto /usr/share/gosa/plugins
+ doins -r admin
+
+ insinto /usr/share/gosa/doc/plugins/${GOSA_COMPONENT}/
+ doins -r help/*
+}
+
+pkg_postinst() {
+ ebegin "Updating class cache and locales"
+ "${EROOT}"usr/sbin/update-gosa
+ eend $?
+}
diff --git a/net-nds/gosa-plugin-systems/gosa-plugin-systems-2.6.11.ebuild b/net-nds/gosa-plugin-systems/gosa-plugin-systems-2.6.11.ebuild
new file mode 100644
index 000000000000..b43fd3807183
--- /dev/null
+++ b/net-nds/gosa-plugin-systems/gosa-plugin-systems-2.6.11.ebuild
@@ -0,0 +1,44 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=3
+
+inherit eutils
+
+DESCRIPTION="GOsa plugin for common systems integration"
+HOMEPAGE="https://oss.gonicus.de/labs/gosa/wiki/WikiStart."
+SRC_URI="ftp://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/${P}.tar.bz2
+ ftp://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/archive/${P}.tar.bz2 "
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE=""
+
+DEPEND=""
+RDEPEND="~net-nds/gosa-core-${PV}"
+
+GOSA_COMPONENT="${PN/gosa-plugin-}"
+
+src_install() {
+ insinto /usr/share/gosa/html/plugins/${GOSA_COMPONENT}/
+ doins -r html/*
+
+ insinto /usr/share/gosa/locale/plugins/${GOSA_COMPONENT}/
+ doins -r locale/*
+
+ insinto /usr/share/gosa/plugins
+ doins -r admin
+
+ insinto /usr/share/gosa/doc/plugins/${GOSA_COMPONENT}/
+ doins -r help/*
+}
+
+pkg_postinst() {
+ ebegin "Updating class cache and locales"
+ "${EROOT}"usr/sbin/update-gosa
+ eend $?
+}
diff --git a/net-nds/gosa-plugin-systems/gosa-plugin-systems-2.6.12-r1.ebuild b/net-nds/gosa-plugin-systems/gosa-plugin-systems-2.6.12-r1.ebuild
new file mode 100644
index 000000000000..ecab222041c3
--- /dev/null
+++ b/net-nds/gosa-plugin-systems/gosa-plugin-systems-2.6.12-r1.ebuild
@@ -0,0 +1,45 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=4
+
+MY_P="${P/plugin/plugins}"
+
+DESCRIPTION="GOsa plugin for common systems integration"
+HOMEPAGE="https://oss.gonicus.de/labs/gosa/wiki/WikiStart."
+SRC_URI="ftp://oss.gonicus.de/pub/gosa/${MY_P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/${MY_P}.tar.bz2
+ ftp://oss.gonicus.de/pub/gosa/archive/${MY_P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/archive/${MY_P}.tar.bz2 "
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE=""
+
+DEPEND=""
+RDEPEND="~net-nds/gosa-core-${PV}"
+
+S="${WORKDIR}/${MY_P}"
+GOSA_COMPONENT="${PN/gosa-plugin-}"
+
+src_install() {
+ insinto /usr/share/gosa/html/plugins/${GOSA_COMPONENT}/
+ doins -r html/*
+
+ insinto /usr/share/gosa/locale/plugins/${GOSA_COMPONENT}/
+ doins -r locale/*
+
+ insinto /usr/share/gosa/plugins
+ doins -r admin
+
+ insinto /usr/share/gosa/doc/plugins/${GOSA_COMPONENT}/
+ doins -r help/*
+}
+
+pkg_postinst() {
+ ebegin "Updating class cache and locales"
+ "${EROOT}"usr/sbin/update-gosa
+ eend $?
+}
diff --git a/net-nds/gosa-plugin-systems/gosa-plugin-systems-2.6.12.ebuild b/net-nds/gosa-plugin-systems/gosa-plugin-systems-2.6.12.ebuild
new file mode 100644
index 000000000000..1ae967841812
--- /dev/null
+++ b/net-nds/gosa-plugin-systems/gosa-plugin-systems-2.6.12.ebuild
@@ -0,0 +1,45 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=4
+
+MY_P="${P/plugin/plugins}"
+
+DESCRIPTION="GOsa plugin for common systems integration"
+HOMEPAGE="https://oss.gonicus.de/labs/gosa/wiki/WikiStart."
+SRC_URI="ftp://oss.gonicus.de/pub/gosa/${MY_P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/${MY_P}.tar.bz2
+ ftp://oss.gonicus.de/pub/gosa/archive/${MY_P}.tar.bz2
+ http://oss.gonicus.de/pub/gosa/archive/${MY_P}.tar.bz2 "
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE=""
+
+DEPEND=""
+RDEPEND="~net-nds/gosa-core-${PV}"
+
+S="${WORKDIR}/${MY_P}"
+GOSA_COMPONENT="${PN/gosa-plugins-}"
+
+src_install() {
+ insinto /usr/share/gosa/html/plugins/${GOSA_COMPONENT}/
+ doins -r html/*
+
+ insinto /usr/share/gosa/locale/plugins/${GOSA_COMPONENT}/
+ doins -r locale/*
+
+ insinto /usr/share/gosa/plugins
+ doins -r admin
+
+ insinto /usr/share/gosa/doc/plugins/${GOSA_COMPONENT}/
+ doins -r help/*
+}
+
+pkg_postinst() {
+ ebegin "Updating class cache and locales"
+ "${EROOT}"usr/sbin/update-gosa
+ eend $?
+}
diff --git a/net-nds/gosa-plugin-systems/metadata.xml b/net-nds/gosa-plugin-systems/metadata.xml
new file mode 100644
index 000000000000..a59694fc88cb
--- /dev/null
+++ b/net-nds/gosa-plugin-systems/metadata.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer>
+ <email>dev-zero@gentoo.org</email>
+ <name>Tiziano Müller</name>
+ </maintainer>
+ <upstream>
+ <changelog>http://oss.gonicus.de/pub/gosa/Changelog</changelog>
+ </upstream>
+</pkgmetadata>
diff --git a/net-nds/jxplorer/Manifest b/net-nds/jxplorer/Manifest
new file mode 100644
index 000000000000..2d87a81fb52b
--- /dev/null
+++ b/net-nds/jxplorer/Manifest
@@ -0,0 +1,4 @@
+DIST JXv3.2deploy.tar.bz2 1771812 SHA256 0e678aa5daa829517bf080c33137db7c6ed12dd5c49a3722d12717b57fe35535 SHA512 6bca884a731572c1d627ecb87a941d2f78d82f16d14e2d9694a4e4b5d165066a1a4ee86ceab192dd050ccb76a052cc3e31463131a6124669a98949c92b0c2643 WHIRLPOOL 4ceb991b27875d7919a9394165aba2af426be13ef116475d12e4bfb73278b59796c23f03f7685bf87ea3ce7d82bcde3629575c96f9e7fe9b10cbe8dcd365f48c
+DIST JXv3.2src.tar.bz2 459951 SHA256 63789857f19eb677f488e9a031c6bebb28726d2bb967893ab6df32dfb8862cc9 SHA512 ea879330a4efb3ccb2249311e58b1c50ff510e91ee26501ef9305b88bf096ca1b7d26f91b00a660dac97741c55134c1b36f964d73c74ac1417832b9286c1ba7c WHIRLPOOL 3696ca35a0d34690e73e5590235a3fe6e29d471b2ac0f9f8ec610dc9760f62e3fff2db48349266f0746ace7de98ed08f1d90bd9b10bd415109e356bad37ca5fb
+DIST jxplorer-3.3.1-project.zip 4500476 SHA256 6e2ac77722a6a03c285a96561f6557fdfb3cd21da764166d7d7aab56560be6aa SHA512 a40bfd8a4c868a1ced1e31d45298916b4371ae781521755d784e4c027781d298f066af5390918b42024022cff5d3f0ab6a79bc6b15a1ff0adcfc1e8b79a67ca9 WHIRLPOOL b55c544daad8ab58075fe0e4ec5eb32d971056e58e1b9492c13e49cee98054cc71da098c2113cd9b431a350602419e2afc58bbe0f3a9860d301e7d6c1889384b
+DIST jxplorer-3.3.1.1-project.zip 4566815 SHA256 193986f80fb475fef37e349d7a7ea792c1bab3412d0bbf222b163e2e867a082f SHA512 aa7c1c976f5987055abeb97aba865e9cdbc657d5baca199ff83c97ac5017c9d48869c8ee6346a7cf07b236b04059043256d0545c7b6cc37d97c81de2f9015d03 WHIRLPOOL c33e5ca2f639f17b91f82dd71e245f810b9c873a74595ce13af951b089815d39c9e9791d0f51a43b96c1c78ad911248fe9e943bf98bb6e5388d1e11b6b6a1b21
diff --git a/net-nds/jxplorer/files/3.2-com.ca.level.patch b/net-nds/jxplorer/files/3.2-com.ca.level.patch
new file mode 100644
index 000000000000..0f2fabeba208
--- /dev/null
+++ b/net-nds/jxplorer/files/3.2-com.ca.level.patch
@@ -0,0 +1,20 @@
+diff --git a/jxplorer/src/com/ca/directory/jxplorer/JXplorer.java b/jxplorer/src/com/ca/directory/jxplorer/JXplorer.java
+index a36110c..0b748f5 100644
+--- a/jxplorer/src/com/ca/directory/jxplorer/JXplorer.java
++++ b/jxplorer/src/com/ca/directory/jxplorer/JXplorer.java
+@@ -584,7 +584,7 @@ public class
+
+ setDefaultProperty(".level", "WARNING", "(java loggin variable) - allowable values are 'OFF', 'SEVERE', 'WARNING', 'INFO', 'FINE', 'FINER', 'FINEST' and 'ALL'");
+
+- setDefaultProperty("com.ca.level", "UNUSED", " (java loggin variable) partial logging is also available. Be warned that the Sun logging system is a very buggy partial reimplementation of log4j, and doesn't seem to do inheritance well.");
++ setDefaultProperty("com.ca.level", "WARNING", " (java loggin variable) partial logging is also available. Be warned that the Sun logging system is a very buggy partial reimplementation of log4j, and doesn't seem to do inheritance well.");
+
+
+ //setDefaultProperty("logging", "console");
+@@ -1986,4 +1986,4 @@ public class
+ {
+ return buttonRegister;
+ }
+-}
+\ No newline at end of file
++}
diff --git a/net-nds/jxplorer/files/3.3-disable-jxworkbench.patch b/net-nds/jxplorer/files/3.3-disable-jxworkbench.patch
new file mode 100644
index 000000000000..302b37c0061f
--- /dev/null
+++ b/net-nds/jxplorer/files/3.3-disable-jxworkbench.patch
@@ -0,0 +1,12 @@
+diff -Nru /tmp/jxplorer.orig/src/com/ca/directory/jxplorer/JXplorer.java src/com/ca/directory/jxplorer/JXplorer.java
+--- /tmp/jxplorer.orig/src/com/ca/directory/jxplorer/JXplorer.java 2012-07-31 14:53:59.869914047 +0300
++++ src/com/ca/directory/jxplorer/JXplorer.java 2012-07-31 14:54:47.836311029 +0300
+@@ -502,7 +502,7 @@
+
+ // look for JXWorkBenchBrowser 'add on' module...
+
+- boolean usingJXW = true;
++ boolean usingJXW = false;
+ if (usingJXW)
+ {
+ try
diff --git a/net-nds/jxplorer/files/build.xml b/net-nds/jxplorer/files/build.xml
new file mode 100644
index 000000000000..819f7ed311a0
--- /dev/null
+++ b/net-nds/jxplorer/files/build.xml
@@ -0,0 +1,70 @@
+<?xml version="1.0"?>
+
+<project name="jxplorer" default="jar">
+ <!-- some properties -->
+ <property name="src.dir" value="src" />
+ <property name="build.dir" value="build" />
+ <property name="docs.dir" value="docs" />
+ <property name="lib.dir" value="lib" />
+ <property name="dist.dir" value="dist" />
+ <property name="jarfile" value="${dist.dir}/jxplorer.jar" />
+ <property name="target.jdk" value="1.4" />
+
+ <path id="jxplorer.classpath">
+ <fileset dir="${lib.dir}">
+ <include name="**/*.jar" />
+ </fileset>
+ </path>
+
+ <!-- init -->
+ <target name="init">
+ <mkdir dir="${dist.dir}" />
+ <mkdir dir="${build.dir}" />
+ <mkdir dir="${docs.dir}" />
+ </target>
+
+ <!-- compile everything -->
+ <target name="compile" depends="init">
+ <mkdir dir="${build.dir}" />
+ <javac srcdir="${src.dir}"
+ destdir="${build.dir}"
+ source="${target.jdk}"
+ target="${target.jdk}"
+ classpathref="jxplorer.classpath"/>
+ </target>
+
+ <!-- build the jar file -->
+ <target name="jar" depends="compile">
+ <jar jarfile="${jarfile}" basedir="${build.dir}">
+ <manifest>
+ <attribute name="Main-Class" value="com.ca.directory.jxplorer.JXplorer" />
+ </manifest>
+ </jar>
+ </target>
+
+ <!-- generate javadocs -->
+ <target name="docs" depends="init">
+ <javadoc sourcepath="${src.dir}"
+ packagenames="com.*"
+ destdir="${docs.dir}"
+ author="true"
+ version="true"
+ use="true"
+ windowtitle="${ant.project.name} API" />
+ </target>
+
+ <!-- clean up -->
+ <target name="clean">
+ <delete dir="${build.dir}" />
+ <delete dir="${docs.dir}" />
+ <delete dir="${dist.dir}" />
+ </target>
+
+ <!-- zip the sources -->
+ <target name="sourcezip">
+ <zip destfile="$dist}/${ant.project.name}-src.zip">
+ <zipfileset dir="${src.dir}" />
+ </zip>
+ </target>
+
+</project>
diff --git a/net-nds/jxplorer/files/jxplorer-3-pre b/net-nds/jxplorer/files/jxplorer-3-pre
new file mode 100644
index 000000000000..5fe640c7328a
--- /dev/null
+++ b/net-nds/jxplorer/files/jxplorer-3-pre
@@ -0,0 +1,26 @@
+jxplorer_home=@GENTOO_PORTAGE_EPREFIX@/usr/share/jxplorer/
+
+home="${HOME}/.jxplorer"
+
+if [ ! -d "${home}" ]; then
+ mkdir -v "${home}"
+fi
+
+try_create() {
+ [[ ! -f "${1}" ]] && touch "${1}"
+}
+
+if [ -d ${HOME}/.jxplorer ]; then
+ for file in search_filters.txt bookmarks.txt quicksearch.txt ; do
+ try_create "${home}/${file}"
+ done
+ for file in security.default csvconfig.txt.default ; do
+ [[ ! -e "${home}/${file}" ]] && \
+ ln -vs "${jxplorer_home}/${file}" "${home}/${subdir}"
+ done
+ for subdir in htmldocs icons images templates plugins language ; do
+ [[ ! -e "${home}/${subdir}" ]] && \
+ ln -vs "${jxplorer_home}/${subdir}" "${home}/${subdir}"
+ done
+fi
+
diff --git a/net-nds/jxplorer/files/jxplorer-pre-r1 b/net-nds/jxplorer/files/jxplorer-pre-r1
new file mode 100644
index 000000000000..f96aad69f8bb
--- /dev/null
+++ b/net-nds/jxplorer/files/jxplorer-pre-r1
@@ -0,0 +1,28 @@
+jxplorer_home=@GENTOO_PORTAGE_EPREFIX@/usr/share/jxplorer/
+
+home="${HOME}/.jxplorer"
+
+if [ ! -d "${home}" ]; then
+ mkdir -v "${home}"
+ cp -v ${jxplorer_home}/connections.txt "${home}"
+fi
+
+try_create() {
+ [[ ! -f "${1}" ]] && touch "${1}"
+}
+
+if [ -d ${HOME}/.jxplorer ]; then
+ try_create "${home}/dxconfig.txt"
+ try_create "${home}/jxplorer.log"
+ if [ ! -f ${HOME}/.jxplorer/connections.txt ]; then
+ cp -v ${jxplorer_home}/connections.txt ${HOME}/.jxplorer
+ fi
+ for subdir in htmldocs icons images templates; do
+ [[ ! -e "${home}/${subdir}" ]] && \
+ ln -vs "${jxplorer_home}/${subdir}" "${home}/${subdir}"
+ done
+ if [ ! -e "${home}/security" ] ; then
+ cp -Rv "${jxplorer_home}/security" "${home}"
+ fi
+fi
+
diff --git a/net-nds/jxplorer/jxplorer-3.2-r2.ebuild b/net-nds/jxplorer/jxplorer-3.2-r2.ebuild
new file mode 100644
index 000000000000..44aa99c9c0b1
--- /dev/null
+++ b/net-nds/jxplorer/jxplorer-3.2-r2.ebuild
@@ -0,0 +1,75 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="4"
+JAVA_PKG_IUSE="doc source"
+
+inherit eutils java-pkg-2 java-ant-2 prefix
+
+DESCRIPTION="A fully functional ldap browser written in java"
+HOMEPAGE="http://jxplorer.org/"
+SRC_URI="mirror://sourceforge/${PN}/JXv${PV}src.tar.bz2
+ mirror://sourceforge/${PN}/JXv${PV}deploy.tar.bz2"
+LICENSE="CAOSL"
+IUSE=""
+SLOT="0"
+KEYWORDS="amd64 ppc x86 ~amd64-linux ~x86-linux"
+RDEPEND=">=virtual/jre-1.4
+ >=dev-java/javahelp-2.0.02_p46
+ >=dev-java/log4j-1.2.8
+ =dev-java/junit-3.8*"
+DEPEND=">=virtual/jdk-1.4
+ ${RDEPEND}"
+
+S=${WORKDIR}/${PN}
+
+src_prepare() {
+ epatch "${FILESDIR}/${PV}-com.ca.level.patch"
+}
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+
+ cp "${FILESDIR}/build.xml" ./build.xml || die
+
+ # Contains stuff for javahelp
+ mkdir dist
+ cp jars/help.jar dist || die
+
+ rm -v jars/*.jar || die
+ mkdir lib/ && cd lib/
+ java-pkg_jar-from javahelp
+ java-pkg_jar-from log4j
+ java-pkg_jar-from junit
+}
+
+EANT_DOC_TARGET="docs"
+EANT_FILTER_COMPILER="jikes"
+
+src_install() {
+ java-pkg_dojar dist/${PN}.jar dist/help.jar
+
+ dodir /usr/share/${PN}
+ for i in "icons images htmldocs language templates security connections.txt log4j.xml"
+ do
+ cp -r ${i} "${ED}/usr/share/${PN}" || die
+ done
+
+ dodoc RELEASE.TXT || die
+
+ # By default the config dir is ${HOME}/jxplorer
+ java-pkg_dolauncher ${PN} \
+ --main com.ca.directory.jxplorer.JXplorer \
+ --pwd '"${HOME}/.jxplorer"' \
+ --pkg_args console \
+ -pre "${FILESDIR}/${PN}-pre-r1"
+
+ eprefixify "${ED}/usr/bin/${PN}"
+
+ use source && java-pkg_dosrc src/com
+ use doc && java-pkg_dojavadoc docs
+
+ make_desktop_entry ${PN} JXplorer /usr/share/jxplorer/images/logo_32_trans.gif System
+}
diff --git a/net-nds/jxplorer/jxplorer-3.2.ebuild b/net-nds/jxplorer/jxplorer-3.2.ebuild
new file mode 100644
index 000000000000..40d7fc8a5c3a
--- /dev/null
+++ b/net-nds/jxplorer/jxplorer-3.2.ebuild
@@ -0,0 +1,65 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+JAVA_PKG_IUSE="doc source"
+
+inherit eutils java-pkg-2 java-ant-2
+
+DESCRIPTION="A fully functional ldap browser written in java"
+HOMEPAGE="http://jxplorer.org/"
+SRC_URI="mirror://sourceforge/${PN}/JXv${PV}src.tar.bz2
+ mirror://sourceforge/${PN}/JXv${PV}deploy.tar.bz2"
+LICENSE="CAOSL"
+SLOT="0"
+KEYWORDS="amd64 ppc x86"
+RDEPEND=">=virtual/jre-1.4
+ >=dev-java/javahelp-2.0.02_p46
+ >=dev-java/log4j-1.2.8
+ =dev-java/junit-3.8*"
+DEPEND=">=virtual/jdk-1.4
+ ${RDEPEND}"
+
+S=${WORKDIR}/${PN}
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+
+ cp "${FILESDIR}/build.xml" ./build.xml || die
+
+ # Contains stuff for javahelp
+ mkdir dist
+ cp jars/help.jar dist || die
+
+ rm -v jars/*.jar || die
+ mkdir lib/ && cd lib/
+ java-pkg_jar-from javahelp
+ java-pkg_jar-from log4j
+ java-pkg_jar-from junit
+}
+
+EANT_DOC_TARGET="docs"
+EANT_FILTER_COMPILER="jikes"
+
+src_install() {
+ java-pkg_dojar dist/${PN}.jar dist/help.jar
+
+ dodir /usr/share/${PN}
+ for i in "icons images htmldocs language templates security connections.txt log4j.xml"
+ do
+ cp -r ${i} "${D}/usr/share/${PN}" || die
+ done
+
+ dodoc RELEASE.TXT || die
+
+ # By default the config dir is ${HOME}/jxplorer
+ java-pkg_dolauncher ${PN} \
+ --main com.ca.directory.jxplorer.JXplorer \
+ --pwd '"${HOME}/.jxplorer"' \
+ --pkg_args console \
+ -pre "${FILESDIR}/${PN}-pre-r1"
+
+ use source && java-pkg_dosrc src/com
+ use doc && java-pkg_dojavadoc docs
+}
diff --git a/net-nds/jxplorer/jxplorer-3.3.1.1.ebuild b/net-nds/jxplorer/jxplorer-3.3.1.1.ebuild
new file mode 100644
index 000000000000..dd1099e71f09
--- /dev/null
+++ b/net-nds/jxplorer/jxplorer-3.3.1.1.ebuild
@@ -0,0 +1,69 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+JAVA_PKG_IUSE="doc source test"
+
+inherit java-pkg-2 java-ant-2 prefix virtualx
+
+DESCRIPTION="A fully functional ldap browser written in java"
+HOMEPAGE="http://jxplorer.org/"
+SRC_URI="mirror://sourceforge/${PN}/${PN}-${PV}-project.zip"
+LICENSE="CAOSL"
+
+IUSE=""
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~x86 ~amd64-linux ~x86-linux"
+
+RDEPEND=">=virtual/jre-1.5
+ >=dev-java/javahelp-2.0.02_p46:0"
+DEPEND=">=virtual/jdk-1.5
+ test? ( dev-java/junit:0 )
+ ${RDEPEND}"
+
+S="${WORKDIR}/${PN}"
+
+JAVA_ANT_REWRITE_CLASSPATH="yes"
+EANT_GENTOO_CLASSPATH="javahelp"
+EANT_TEST_ANT_TASKS="ant-junit"
+
+src_prepare() {
+ rm -v jars/*.jar || die
+ sed -i -e 's/<fileset dir="${jasper}.*//g' "${S}/build.xml" || die
+
+ epatch "${FILESDIR}"/3.3-disable-jxworkbench.patch
+
+ if use test ; then
+ EANT_GENTOO_CLASSPATH_EXTRA=$(java-pkg_getjars --build-only junit)
+ else
+ find . -iname '*Test*.java' -delete || die
+ fi
+}
+
+src_test(){
+ VIRTUALX_COMMAND="java-pkg-2_src_test" virtualmake
+}
+
+src_install() {
+ java-pkg_dojar jars/${PN}.jar
+
+ insinto /usr/share/${PN}
+ doins -r icons images htmldocs language templates plugins security.default csvconfig.txt.default
+
+ dodoc README*.TXT || die
+
+ # By default the config dir is ${HOME}/jxplorer
+ java-pkg_dolauncher ${PN} \
+ --main com.ca.directory.jxplorer.JXplorer \
+ --pwd '"${HOME}/.jxplorer"' \
+ -pre "${FILESDIR}/${PN}-3-pre"
+
+ eprefixify "${ED}/usr/bin/${PN}"
+
+ use source && java-pkg_dosrc src/com
+ use doc && java-pkg_dojavadoc docs/api
+
+ make_desktop_entry ${PN} JXplorer /usr/share/jxplorer/images/logo_32_trans.gif System
+}
diff --git a/net-nds/jxplorer/jxplorer-3.3.1.ebuild b/net-nds/jxplorer/jxplorer-3.3.1.ebuild
new file mode 100644
index 000000000000..7948b7b5d7cb
--- /dev/null
+++ b/net-nds/jxplorer/jxplorer-3.3.1.ebuild
@@ -0,0 +1,69 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+JAVA_PKG_IUSE="doc source test"
+
+inherit java-pkg-2 java-ant-2 prefix virtualx
+
+DESCRIPTION="A fully functional ldap browser written in java"
+HOMEPAGE="http://jxplorer.org/"
+SRC_URI="mirror://sourceforge/${PN}/${PN}-${PV}-project.zip"
+LICENSE="CAOSL"
+
+IUSE=""
+SLOT="0"
+KEYWORDS="amd64 ppc x86 ~amd64-linux ~x86-linux"
+
+RDEPEND=">=virtual/jre-1.5
+ >=dev-java/javahelp-2.0.02_p46:0"
+DEPEND=">=virtual/jdk-1.5
+ test? ( dev-java/junit:0 )
+ ${RDEPEND}"
+
+S="${WORKDIR}/${PN}"
+
+JAVA_ANT_REWRITE_CLASSPATH="yes"
+EANT_GENTOO_CLASSPATH="javahelp"
+EANT_TEST_ANT_TASKS="ant-junit"
+
+src_prepare() {
+ rm -v jars/*.jar || die
+ sed -i -e 's/<fileset dir="${jasper}.*//g' "${S}/build.xml" || die
+
+ epatch "${FILESDIR}"/3.3-disable-jxworkbench.patch
+
+ if use test ; then
+ EANT_GENTOO_CLASSPATH_EXTRA=$(java-pkg_getjars --build-only junit)
+ else
+ find . -iname '*Test*.java' -delete || die
+ fi
+}
+
+src_test(){
+ VIRTUALX_COMMAND="java-pkg-2_src_test" virtualmake
+}
+
+src_install() {
+ java-pkg_dojar jars/${PN}.jar
+
+ insinto /usr/share/${PN}
+ doins -r icons images htmldocs language templates plugins security.default csvconfig.txt.default
+
+ dodoc README*.TXT || die
+
+ # By default the config dir is ${HOME}/jxplorer
+ java-pkg_dolauncher ${PN} \
+ --main com.ca.directory.jxplorer.JXplorer \
+ --pwd '"${HOME}/.jxplorer"' \
+ -pre "${FILESDIR}/${PN}-3-pre"
+
+ eprefixify "${ED}/usr/bin/${PN}"
+
+ use source && java-pkg_dosrc src/com
+ use doc && java-pkg_dojavadoc docs/api
+
+ make_desktop_entry ${PN} JXplorer /usr/share/jxplorer/images/logo_32_trans.gif System
+}
diff --git a/net-nds/jxplorer/metadata.xml b/net-nds/jxplorer/metadata.xml
new file mode 100644
index 000000000000..a4dff8cda201
--- /dev/null
+++ b/net-nds/jxplorer/metadata.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <herd>java</herd>
+ <upstream>
+ <remote-id type="sourceforge">jxplorer</remote-id>
+ </upstream>
+</pkgmetadata>
diff --git a/net-nds/lat/Manifest b/net-nds/lat/Manifest
new file mode 100644
index 000000000000..4375794f515e
--- /dev/null
+++ b/net-nds/lat/Manifest
@@ -0,0 +1 @@
+DIST lat-1.2.3.tar.gz 463225 SHA256 8071bcacb3f5be5b10f7a154cf64f007670b67415f986e0794202643ab52e16e SHA512 48962a47d4cd7ec19662e9cf3fc9a3a0bdc368d9b8ff2916988d28fb7f3c53a0e016344cc7748e85da196dc7304f91a68a11d7da9758f5c5253cbf71bb9ffb25 WHIRLPOOL 22954d6d065a69e4f8a36b04dcb68a83ade75a4523da426f583208fa31f540242aa4602f46d536ba66b8ed3d375cb07f69c06ef9cbdaf74e39e5215e9fbf44af
diff --git a/net-nds/lat/lat-1.2.3.ebuild b/net-nds/lat/lat-1.2.3.ebuild
new file mode 100644
index 000000000000..dab1e151f896
--- /dev/null
+++ b/net-nds/lat/lat-1.2.3.ebuild
@@ -0,0 +1,60 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=4
+GCONF_DEBUG=no
+
+inherit gnome2 mono versionator
+
+KEYWORDS="amd64 x86"
+
+DESCRIPTION="LDAP Administration Tool, allows you to browse LDAP-based directories and add/edit/delete entries"
+HOMEPAGE="http://sourceforge.net/projects/ldap-at/"
+SRC_URI="mirror://sourceforge/ldap-at/${P}.tar.gz"
+LICENSE="GPL-2"
+IUSE="avahi"
+SLOT="0"
+
+RDEPEND="
+ >=dev-lang/mono-1.1.13
+ >=dev-dotnet/gtk-sharp-2.8
+ >=dev-dotnet/gnome-sharp-2.8
+ >=dev-dotnet/glade-sharp-2.8
+ >=dev-dotnet/gconf-sharp-2.8
+ gnome-base/libgnome-keyring
+ sys-apps/dbus
+ avahi? ( net-dns/avahi[mono] )
+"
+DEPEND="${RDEPEND}
+ app-text/scrollkeeper
+ virtual/pkgconfig"
+
+src_prepare() {
+ # Fix tests, bug #295889
+ echo lat/plugins/ActiveDirectoryCoreViews/dialogs.glade >> po/POTFILES.in
+ echo lat/plugins/JpegAttributeViewer/dialog.glade >> po/POTFILES.in
+ echo lat/plugins/PosixCoreViews/dialogs.glade >> po/POTFILES.in
+}
+
+src_configure() {
+ econf $(use_enable avahi)
+}
+
+src_compile() {
+ # bug #330203
+ emake -j1
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+ dodoc AUTHORS ChangeLog NEWS README TODO
+}
+
+pkg_postinst() {
+ gnome2_pkg_postinst
+ if use avahi ; then
+ ewarn "You've enabled avahi support."
+ ewarn "Make sure the avahi daemon is running before you try to start ${PN}"
+ fi
+}
diff --git a/net-nds/lat/metadata.xml b/net-nds/lat/metadata.xml
new file mode 100644
index 000000000000..d62644004bf9
--- /dev/null
+++ b/net-nds/lat/metadata.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer>
+ <email>maintainer-needed@gentoo.org</email>
+ </maintainer>
+ <longdescription>
+ LAT stands for LDAP Administration Tool. The tool allows you to browse LDAP-based directories and add/edit/delete entries contained within. It can store profiles for quick access to different servers. There are also different views available such as Users, Groups and Hosts which allow you to easily manage objects without having to deal with the intricacies of LDAP.
+ </longdescription>
+ <upstream>
+ <remote-id type="sourceforge">ldap-at</remote-id>
+ </upstream>
+</pkgmetadata>
diff --git a/net-nds/ldapvi/Manifest b/net-nds/ldapvi/Manifest
new file mode 100644
index 000000000000..5c10b3c1446a
--- /dev/null
+++ b/net-nds/ldapvi/Manifest
@@ -0,0 +1,2 @@
+DIST ldapvi-1.7.tar.gz 119503 SHA256 6f62e92d20ff2ac0d06125024a914b8622e5b8a0a0c2d390bf3e7990cbd2e153 SHA512 4b38cee0763aa33703afbd5e358a458b1468abf58e43ea885879b2117bc1c0bbc375d91c6a43467ec08035b8b3b7dd4b024f2937c37741c7a5513ea9192aed36 WHIRLPOOL 136b7c21e2438b294d9d7504827f76a18138caa1c71dad6858cf59c2399243da57886792934ebb3e559697490228e89da5a769aa84cd054b95abafbd179527b9
+DIST ldapvi-1.7_p20101214.tar.bz2 1490491 SHA256 a8b805bf29753dd7f758b8f564a40584e930a63549bc0e466db13c828f6be91b SHA512 2d2a744a36364793f406f37ecf6e546914d697457dec37b81544f4979f4c692756b2a1c3ea6fcbaba5e3238b2bf758ab3e0bd9a9a0794c4da734d65286bd5925 WHIRLPOOL 5cd89780b11306f7822f49357e799df8940a1e3417dd0252697dd1be87ce3e2956c344fd5a76169966e4ba35b11981c7c17c503201182c3ef08db84dddde7029
diff --git a/net-nds/ldapvi/files/ldapvi-1.7+glibc-2.10.patch b/net-nds/ldapvi/files/ldapvi-1.7+glibc-2.10.patch
new file mode 100644
index 000000000000..df2a20c71245
--- /dev/null
+++ b/net-nds/ldapvi/files/ldapvi-1.7+glibc-2.10.patch
@@ -0,0 +1,39 @@
+Index: ldapvi-1.7/common.h
+===================================================================
+--- ldapvi-1.7.orig/common.h
++++ ldapvi-1.7/common.h
+@@ -273,7 +273,7 @@ void pipeview_wait(int pid);
+ char *home_filename(char *name);
+ void read_ldapvi_history(void);
+ void write_ldapvi_history(void);
+-char *getline(char *prompt, char *value);
++char *ldapvi_getline(char *prompt, char *value);
+ char *get_password();
+ char *append(char *a, char *b);
+ void *xalloc(size_t size);
+Index: ldapvi-1.7/ldapvi.c
+===================================================================
+--- ldapvi-1.7.orig/ldapvi.c
++++ ldapvi-1.7/ldapvi.c
+@@ -470,7 +470,7 @@ change_mechanism(bind_options *bo)
+ bo->authmethod = LDAP_AUTH_SASL;
+ puts("Switching to SASL authentication.");
+ }
+- bo->sasl_mech = getline("SASL mechanism", bo->sasl_mech);
++ bo->sasl_mech = ldapvi_getline("SASL mechanism", bo->sasl_mech);
+ }
+
+ static int
+Index: ldapvi-1.7/misc.c
+===================================================================
+--- ldapvi-1.7.orig/misc.c
++++ ldapvi-1.7/misc.c
+@@ -315,7 +315,7 @@ write_ldapvi_history()
+ }
+
+ char *
+-getline(char *prompt, char *value)
++ldapvi_getline(char *prompt, char *value)
+ {
+ tdialog d;
+ init_dialog(&d, DIALOG_DEFAULT, prompt, value);
diff --git a/net-nds/ldapvi/files/ldapvi-1.7-vim-encoding.patch b/net-nds/ldapvi/files/ldapvi-1.7-vim-encoding.patch
new file mode 100644
index 000000000000..d9431bed2de1
--- /dev/null
+++ b/net-nds/ldapvi/files/ldapvi-1.7-vim-encoding.patch
@@ -0,0 +1,13 @@
+From https://bugzilla.redhat.com/show_bug.cgi?id=691958
+
+--- ldapvi-1.7/ldapvi.c
++++ ldapvi-1.7/ldapvi.c
+@@ -1414,7 +1414,7 @@ write_file_header(FILE *s, cmdline *cmdline)
+ int nlines = 0;
+
+ if (print_binary_mode == PRINT_UTF8 && !cmdline->ldif) {
+- fputs("# -*- coding: utf-8 -*- vim:encoding=utf-8:\n", s);
++ fputs("# -*- coding: utf-8 -*- \n", s);
+ nlines++;
+ }
+ if (cmdline->ldif) {
diff --git a/net-nds/ldapvi/ldapvi-1.7-r1.ebuild b/net-nds/ldapvi/ldapvi-1.7-r1.ebuild
new file mode 100644
index 000000000000..8f8ff77c6c8d
--- /dev/null
+++ b/net-nds/ldapvi/ldapvi-1.7-r1.ebuild
@@ -0,0 +1,40 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=2
+
+inherit eutils
+
+DESCRIPTION="Manage LDAP entries with a text editor"
+HOMEPAGE="http://www.lichteblau.com/ldapvi/"
+SRC_URI="http://www.lichteblau.com/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 hppa ppc ~sparc x86"
+IUSE="ssl"
+
+RDEPEND="sys-libs/ncurses
+ >=net-nds/openldap-2.2
+ dev-libs/popt
+ >=dev-libs/glib-2
+ sys-libs/readline
+ ssl? ( dev-libs/openssl )"
+DEPEND="${RDEPEND}
+ virtual/pkgconfig"
+
+src_prepare() {
+ epatch "${FILESDIR}/${P}+glibc-2.10.patch"
+ epatch "${FILESDIR}/${P}-vim-encoding.patch"
+}
+
+src_configure() {
+ econf $(use_with ssl libcrypto openssl) || die
+}
+
+src_install() {
+ dobin ldapvi || die
+ doman ldapvi.1 || die
+ dodoc NEWS manual/{bg.png,html.xsl,manual.{css,xml}} || die
+}
diff --git a/net-nds/ldapvi/ldapvi-1.7_p20101214.ebuild b/net-nds/ldapvi/ldapvi-1.7_p20101214.ebuild
new file mode 100644
index 000000000000..ad8fbdbfac03
--- /dev/null
+++ b/net-nds/ldapvi/ldapvi-1.7_p20101214.ebuild
@@ -0,0 +1,47 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit autotools
+
+DESCRIPTION="Manage LDAP entries with a text editor"
+HOMEPAGE="http://www.lichteblau.com/ldapvi/"
+SRC_URI="mirror://gentoo/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~hppa ~ppc ~sparc ~x86"
+IUSE="gnutls sasl"
+
+RDEPEND="
+ sys-libs/ncurses:5
+ net-nds/openldap
+ dev-libs/popt
+ dev-libs/glib:2
+ sys-libs/readline
+ gnutls? ( net-libs/gnutls )
+ !gnutls? ( dev-libs/openssl:0 )
+ sasl? ( dev-libs/cyrus-sasl:2 )"
+DEPEND="${RDEPEND}
+ virtual/pkgconfig"
+
+S=${WORKDIR}/${P}/${PN}
+
+src_prepare() {
+ #bug 459478
+ sed -e '/^AC_SEARCH_LIBS/s:curses ncurses:curses ncurses tinfo:' \
+ -i configure.in || die
+ eautoreconf
+}
+
+src_configure() {
+ econf --with-libcrypto=$(usex gnutls gnutls openssl)
+}
+
+src_install() {
+ dobin ldapvi
+ doman ldapvi.1
+ dodoc NEWS manual/{bg.png,html.xsl,manual.{css,xml}}
+}
diff --git a/net-nds/ldapvi/metadata.xml b/net-nds/ldapvi/metadata.xml
new file mode 100644
index 000000000000..49415441c778
--- /dev/null
+++ b/net-nds/ldapvi/metadata.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer>
+ <email>xmw@gentoo.org</email>
+ <name>Michael Weber</name>
+ </maintainer>
+ <longdescription lang="en">
+ Text based LDAP client which uses your standard editor for viewing and
+ changing entries.
+ </longdescription>
+<use>
+ <flag name="gnutls">Use net-libs/gnutls instead of dev-libs/openssl</flag>
+</use>
+</pkgmetadata>
diff --git a/net-nds/led/Manifest b/net-nds/led/Manifest
new file mode 100644
index 000000000000..6787fe8d2881
--- /dev/null
+++ b/net-nds/led/Manifest
@@ -0,0 +1 @@
+DIST led-1.111.tar.gz 30636 SHA256 95a8fabd2e77a047304a6a854723016ccdb34e677a9f6859b937533d6f158109 SHA512 e5078cbed72e406846f50be13fa2e475549b5e0f22eee8da19fca1bb097bc155ee38d289f3f1f89e47d4efae6d9d67eda8bec8a2dd9b90f52020dcd6ea2945e5 WHIRLPOOL b2398a7f72657c21bef65ef14a52e0469dfe7d4c5337c400346e16f853bb0e256ad540f3a8ad2b09e22c6be7e79f741ee106fc65396b2f24e5427d27ddf2e3fc
diff --git a/net-nds/led/led-1.111.ebuild b/net-nds/led/led-1.111.ebuild
new file mode 100644
index 000000000000..3d08a5774186
--- /dev/null
+++ b/net-nds/led/led-1.111.ebuild
@@ -0,0 +1,30 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+inherit eutils
+DESCRIPTION="led is a general purpose LDAP editor"
+HOMEPAGE="http://led.sourceforge.net/"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~x86 ~amd64 ~ppc"
+IUSE=""
+
+DEPEND=">=dev-lang/perl-5.6.1
+ dev-perl/perl-ldap
+ dev-perl/URI
+ virtual/perl-Digest-MD5
+ dev-perl/Authen-SASL"
+
+src_compile() {
+ # non-standard configure system!
+ perl Configure --prefix=/usr --generic --rfc2307 --shadow --iplanet
+ # parallel make bad
+ emake -j1
+}
+
+src_install() {
+ dobin ldapcat led
+ dodoc INSTALL README README.ldapcat TODO
+}
diff --git a/net-nds/led/metadata.xml b/net-nds/led/metadata.xml
new file mode 100644
index 000000000000..1a241e8060b3
--- /dev/null
+++ b/net-nds/led/metadata.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer>
+ <email>robbat2@gentoo.org</email>
+ <name>Robin H. Johnson</name>
+ </maintainer>
+ <upstream>
+ <remote-id type="sourceforge">led</remote-id>
+ </upstream>
+</pkgmetadata>
diff --git a/net-nds/metadata.xml b/net-nds/metadata.xml
new file mode 100644
index 000000000000..e5113d1ba1ac
--- /dev/null
+++ b/net-nds/metadata.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE catmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<catmetadata>
+ <longdescription lang="en">
+ The net-nds category contains NDS (NetWare Directory Services) software.
+ </longdescription>
+ <longdescription lang="de">
+ Die Kategorie net-nds enthält Software für die NetWare Directory Services (NDS).
+ </longdescription>
+ <longdescription lang="es">
+ La categoría net-nds contiene programas NDS (NetWare Directory
+ Services).
+ </longdescription>
+ <longdescription lang="ja">
+ net-ndsカテゴリーにはNetWare・ディレクトリ・サービスの
+ ソフトウェアが含まれています。
+ </longdescription>
+ <longdescription lang="nl">
+ De net-nds categorie bevat applicaties voor NDS (NetWare Directory Service).
+ </longdescription>
+ <longdescription lang="vi">
+ Nhóm net-nds chứa phần mềm NDS (NetWare Directory Services).
+ </longdescription>
+ <longdescription lang="it">
+ La categoria net-nds contiene programmi NDS (NetWare Directory
+ Services).
+ </longdescription>
+ <longdescription lang="pt">
+ A categoria net-nds contém programas de NDS (NetWare Directory
+ Services).
+ </longdescription>
+ <longdescription lang="pl">
+ Kategoria net-nds zawiera oprogramowanie NDS (NetWare Directory Services).
+ </longdescription>
+</catmetadata>
+
diff --git a/net-nds/nsscache/Manifest b/net-nds/nsscache/Manifest
new file mode 100644
index 000000000000..3069bb60036c
--- /dev/null
+++ b/net-nds/nsscache/Manifest
@@ -0,0 +1,3 @@
+DIST nsscache-0.21.14.tar.gz 87708 SHA256 170f89a45b580269d26f9a6d65edaad31290407ebe2234a825299486ad0d89bd SHA512 178aa7748a45d5ad514f57ae1b0ff64b26dd3fd82efbb164f3c3f9a977e07737313a34225afa9b00a15faf5685532030fe23abaf4ab20233187121697e29f463 WHIRLPOOL 2dd83a09bd49b4fd5cefedf043f0a8755a9a64bc2ba30657dc7e84eaf962496ae2bfe2c918659a80af47ed62fe6ab6870430b3ff89aeefe8e1f0d176b5655b95
+DIST nsscache-0.23.tar.gz 92603 SHA256 b33ea574cd6e9c4f5ce57b8fae9dd64a710ec89d3f382c879f0af8c6215d0d9e SHA512 2bce655f6e8b64eb258779f80620d4514729d221ce9ed9ca7f675c22faeca400478827f27befa9cdac5e95f33934609d84d520af71f756721e22aa0c7cef82d6 WHIRLPOOL 78d6e8abdc4d66df667d2c9e3ab4c6e1c065a224283c94ab44bd51209db373d896b7221923d1948e7cdc36dcfc752d9f98162c3ece95955578b9b7c0c5b28dd8
+DIST nsscache-0.8.8.tar.gz 74261 SHA256 3512848b3f37a3055812a5d2c500192df8a396cc39f55e63fdaffc67d1a748e2
diff --git a/net-nds/nsscache/files/nsscache-0.8.3-starttls.patch b/net-nds/nsscache/files/nsscache-0.8.3-starttls.patch
new file mode 100644
index 000000000000..2ca9c1feec9b
--- /dev/null
+++ b/net-nds/nsscache/files/nsscache-0.8.3-starttls.patch
@@ -0,0 +1,53 @@
+Some LDAP configurations require STARTTLS, like the Gentoo infrastructure one.
+Add a new configuration file to do it.
+
+Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
+
+diff -Nuar nsscache-0.8.3.orig/nss_cache/sources/ldapsource.py nsscache-0.8.3/nss_cache/sources/ldapsource.py
+--- nsscache-0.8.3.orig/nss_cache/sources/ldapsource.py 2008-09-08 18:31:58.000000000 -0700
++++ nsscache-0.8.3/nss_cache/sources/ldapsource.py 2009-05-24 16:50:59.579112740 -0700
+@@ -76,6 +76,8 @@
+ self.conn = rlo(uri=conf['uri'],
+ retry_max=conf['retry_max'],
+ retry_delay=conf['retry_delay'])
++ if conf['tls_starttls'] == 1:
++ self.conn.start_tls_s()
+ else:
+ self.conn = conn
+
+@@ -107,6 +109,8 @@
+ configuration['tls_cacertdir'] = self.TLS_CACERTDIR
+ if not 'tls_cacertfile' in configuration:
+ configuration['tls_cacertfile'] = self.TLS_CACERTFILE
++ if not 'tls_starttls' in configuration:
++ configuration['tls_starttls'] = 0
+
+ # Translate tls_require into appropriate constant, if necessary.
+ if configuration['tls_require_cert'] == 'never':
+@@ -120,6 +124,13 @@
+ elif configuration['tls_require_cert'] == 'try':
+ configuration['tls_require_cert'] = ldap.OPT_X_TLS_TRY
+
++ # Should we issue STARTTLS?
++ if configuration['tls_starttls'] in (1, '1', 'on', 'yes', 'true'):
++ configuration['tls_starttls'] = 1
++ #if not configuration['tls_starttls']:
++ else:
++ configuration['tls_starttls'] = 0
++
+ # Setting global ldap defaults.
+ ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT,
+ configuration['tls_require_cert'])
+diff -Nuar nsscache-0.8.3.orig/nsscache.conf nsscache-0.8.3/nsscache.conf
+--- nsscache-0.8.3.orig/nsscache.conf 2008-09-08 18:31:58.000000000 -0700
++++ nsscache-0.8.3/nsscache.conf 2009-05-24 16:51:25.468374563 -0700
+@@ -70,6 +70,9 @@
+ # Default filename for trusted CAs
+ #ldap_tls_cacertfile = '/usr/share/ssl/cert.pem'
+
++# Should we issue STARTTLS?
++# ldap_tls_starttls = 1
++
+
+ ##
+ # nssdb module defaults
diff --git a/net-nds/nsscache/files/nsscache.conf b/net-nds/nsscache/files/nsscache.conf
new file mode 100644
index 000000000000..c17f4a2df9c8
--- /dev/null
+++ b/net-nds/nsscache/files/nsscache.conf
@@ -0,0 +1,122 @@
+# Example /etc/nsscache.conf - configuration for nsscache
+#
+# nsscache loads a config file from the environment variable NSSCACHE_CONFIG
+#
+# By default this is /etc/nsscache.conf
+#
+# Commented values are overrideable defaults, uncommented values
+# require you to set them.
+
+[DEFAULT]
+
+# Default NSS data source module name
+source = ldap
+
+# Default NSS data cache module name
+cache = nssdb
+#cache = files
+
+# NSS maps to be cached
+maps = passwd, group, shadow, netgroup
+
+# Directory to store our update/modify timestamps
+timestamp_dir = /var/lib/nsscache
+
+# Lockfile to use for update/repair operations
+#lockfile = /var/run/nsscache
+
+# Defaults for specific modules; prefaced with "modulename_"
+
+##
+# ldap module defaults.
+#
+
+# LDAP URI to query for NSS data
+ldap_uri = ldaps://ldap
+
+# Base for LDAP searches
+ldap_base = ou=people,dc=example,dc=com
+
+# Default LDAP search filter for maps
+ldap_filter = (objectclass=posixAccount)
+
+# Default LDAP search scope
+#ldap_scope = one
+
+# Default LDAP BIND DN, empty string is an anonymous bind
+#ldap_bind_dn = ""
+
+# Default LDAP password, empty DN and empty password is used for
+# anonymous binds
+#ldap_bind_password = ""
+
+# Default timelimit for LDAP queries, in seconds.
+# The query will block for this number of seconds, or indefinitely if negative.
+#ldap_timelimit = -1
+
+# Default number of retry attempts
+#ldap_retry_max = 3
+
+# Default delay in between retry attempts
+#ldap_retry_delay = 5
+
+# Default setting for requiring tls certificates, one of:
+# never, hard, demand, allow, try
+#ldap_tls_require_cert = 'demand'
+
+# Default directoy for trusted CAs
+#ldap_tls_cacertdir = '/usr/share/ssl'
+
+# Default filename for trusted CAs
+#ldap_tls_cacertfile = '/usr/share/ssl/cert.pem'
+
+# Should we issue STARTTLS?
+# ldap_tls_starttls = 1
+
+##
+# nssdb module defaults
+
+# Directory to store nssdb databases. Current libnss_db code requires
+# the path below
+#nssdb_dir = /var/lib/misc
+
+# Path to `makedb', supplied by the nss_db module
+#nssdb_makedb = /usr/bin/makedb
+
+##
+# files module defaults
+
+# Directory to store the plain text files
+#files_dir = /etc
+
+# Suffix used on the files module database files
+files_cache_filename_suffix = cache
+
+###
+# Optional per-map sections, if present they will override the above
+# defaults. The examples below show you some common values to override
+#
+# [passwd]
+#
+# ldap_base = ou=people,dc=example,dc=com
+
+[group]
+
+ldap_base = ou=group,dc=example,dc=com
+ldap_filter = (objectclass=posixGroup)
+
+[shadow]
+
+ldap_filter = (objectclass=shadowAccount)
+
+[netgroup]
+
+ldap_base = ou=netgroup,dc=example,dc=com
+ldap_filter = (objectclass=nisNetgroup)
+files_cache_filename_suffix =
+
+[automount]
+
+ldap_base = ou=automounts,dc=example,dc=com
+files_cache_filename_suffix =
+cache = files
diff --git a/net-nds/nsscache/metadata.xml b/net-nds/nsscache/metadata.xml
new file mode 100644
index 000000000000..66627b6b4458
--- /dev/null
+++ b/net-nds/nsscache/metadata.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer>
+ <email>robbat2@gentoo.org</email>
+ </maintainer>
+ <use>
+ <flag name="nssdb">Depend on sys-libs/libnss_db to handle dbm files.</flag>
+ <flag name="nsscache">Depend on sys-auth/libnss-cache to handle flat files</flag>
+ </use>
+ <upstream>
+ <remote-id type="google-code">nsscache</remote-id>
+ </upstream>
+</pkgmetadata>
diff --git a/net-nds/nsscache/nsscache-0.21.14.ebuild b/net-nds/nsscache/nsscache-0.21.14.ebuild
new file mode 100644
index 000000000000..fc9f0f01058a
--- /dev/null
+++ b/net-nds/nsscache/nsscache-0.21.14.ebuild
@@ -0,0 +1,47 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=3
+
+PYTHON_DEPEND="2"
+SUPPORT_PYTHON_ABIS="1"
+RESTRICT_PYTHON_ABIS="3.* *-jython 2.7-pypy-*"
+PYTHON_USE_WITH="berkdb"
+PYTHON_USE_WITH_OPT="nssdb"
+
+inherit eutils python distutils
+
+DESCRIPTION="commandline tool to sync directory services to local cache"
+HOMEPAGE="http://code.google.com/p/nsscache/"
+SRC_URI="http://nsscache.googlecode.com/files/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="nssdb nsscache"
+
+DEPEND="dev-python/python-ldap
+ dev-python/pycurl"
+RDEPEND="${DEPEND}
+ nssdb? ( sys-libs/nss-db )
+ nsscache? ( >=sys-auth/libnss-cache-0.10 )"
+RESTRICT="test"
+
+src_prepare() {
+ distutils_src_prepare
+ epatch "${FILESDIR}"/${PN}-0.8.3-starttls.patch
+}
+
+src_install() {
+ distutils_src_install
+
+ # overwrite default with working config.
+ insinto /etc
+ doins "${FILESDIR}/nsscache.conf" || die
+
+ doman nsscache.1 nsscache.conf.5
+ dodoc THANKS nsscache.cron
+
+ keepdir /var/lib/nsscache
+}
diff --git a/net-nds/nsscache/nsscache-0.23.ebuild b/net-nds/nsscache/nsscache-0.23.ebuild
new file mode 100644
index 000000000000..0490d769e627
--- /dev/null
+++ b/net-nds/nsscache/nsscache-0.23.ebuild
@@ -0,0 +1,42 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+PYTHON_DEPEND="2"
+SUPPORT_PYTHON_ABIS="1"
+RESTRICT_PYTHON_ABIS="3.* *-jython 2.7-pypy-*"
+PYTHON_USE_WITH="berkdb"
+PYTHON_USE_WITH_OPT="nssdb"
+
+inherit eutils python distutils
+
+DESCRIPTION="commandline tool to sync directory services to local cache"
+HOMEPAGE="http://code.google.com/p/nsscache/"
+SRC_URI="http://nsscache.googlecode.com/files/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="nssdb nsscache"
+
+DEPEND="dev-python/python-ldap
+ dev-python/pycurl"
+RDEPEND="${DEPEND}
+ nssdb? ( sys-libs/nss-db )
+ nsscache? ( >=sys-auth/libnss-cache-0.10 )"
+RESTRICT="test"
+
+src_prepare() {
+ distutils_src_prepare
+}
+
+src_install() {
+ distutils_src_install
+
+ doman nsscache.1 nsscache.conf.5
+ dodoc THANKS nsscache.cron
+
+ keepdir /var/lib/nsscache
+}
diff --git a/net-nds/nsscache/nsscache-0.8.8.ebuild b/net-nds/nsscache/nsscache-0.8.8.ebuild
new file mode 100644
index 000000000000..0e9363073dfd
--- /dev/null
+++ b/net-nds/nsscache/nsscache-0.8.8.ebuild
@@ -0,0 +1,39 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=3
+
+PYTHON_DEPEND="2"
+SUPPORT_PYTHON_ABIS="1"
+RESTRICT_PYTHON_ABIS="3.* *-jython 2.7-pypy-*"
+
+inherit eutils python distutils
+
+DESCRIPTION="commandline tool to sync directory services to local cache"
+HOMEPAGE="http://code.google.com/p/nsscache/"
+SRC_URI="http://nsscache.googlecode.com/files/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="nssdb nsscache"
+
+DEPEND="dev-python/python-ldap"
+RDEPEND="${DEPEND}
+ nssdb? ( sys-libs/nss-db )
+ nsscache? ( sys-auth/libnss-cache )"
+
+src_prepare() {
+ distutils_src_prepare
+ epatch "${FILESDIR}"/${PN}-0.8.3-starttls.patch
+}
+
+src_install() {
+ distutils_src_install
+ insinto /etc
+ doins "${FILESDIR}/nsscache.conf" # overwrite default with working config.
+ doman nsscache.1 nsscache.conf.5
+ dodoc THANKS nsscache.cron
+ keepdir /var/lib/nsscache
+}
diff --git a/net-nds/openldap/Manifest b/net-nds/openldap/Manifest
new file mode 100644
index 000000000000..501255dd663b
--- /dev/null
+++ b/net-nds/openldap/Manifest
@@ -0,0 +1,5 @@
+DIST openldap-2.3.43.tgz 3803011 SHA256 d7d2dea05362c8ac7e11bb7bf1da4cdeb07225ba8dc16974bff9f51a9f3d37e1 SHA512 2b0ebb35adbeed34673e1a55cc7a89b348ddee7ad6ce7f915ca3745198cee992aba7281bf0d56197dcfd59665935d5d3764db0ba487975e4dbc2a2507d6ea7a6 WHIRLPOOL 7457112bbad83d75f7ad01230da97511a8d983a98f7e31357dbffd79a7ed7e53057af781002cae8c610d3ad7834dfeefbd7f223798d45aea8cd00b70f5ee0e39
+DIST openldap-2.4.38.tgz 5506085 SHA256 88209a3599ec5d9354fc09bbe29b99db1ffa1b612127c06bad0c5265d0b31fd1 SHA512 df7b6b2b84102ba996f84575396c7505ada851b5f09841fd821d34fd8d62580f85ecc655e2cd3965730b44d6919d64864f56b23791f38b411d142d345f250666 WHIRLPOOL bb6a19b353f9dcde07afe78052ce9d5db5a2aaa09236b69d22da0879e74c4de8587312bad66939702db30af779f7ee9720ad792b73d225f004a1a90d80a6fed1
+DIST openldap-2.4.39.tgz 5509060 SHA256 8267c87347103fef56b783b24877c0feda1063d3cb85d070e503d076584bf8a7 SHA512 7b5ef2a69f79f0901a06f8be4ab50afc3b3e98ab1ea74a421569443d32cb43d3cf773d3f028fb5fb39908c09ee172cb4770ecc5882754877a59d29bf8f8cc059 WHIRLPOOL 90ac4cff185855d569a8033a3e35a251d75e4a2805bcfa5ba5b3605ec88b2fc244b0e95aabd33c47c9846f29c95a17e1be43650442987f6abc043667e06f15cd
+DIST openldap-2.4.40.tgz 5641865 SHA256 d12611a5c25b6499293c2bb7b435dc2b174db73e83f5a8cb7e34f2ce5fa6dadb SHA512 c803c4a82878891d60414d64dcb54a7c3f08675106ba13f50cba06034a97b3eee1c238761dd5ddad97d8c3f6675d9bbbec176d0340eb4a3bcd808f940baabab5 WHIRLPOOL 82cb6033798ac69faf4a0d1f5d7716316f5fbfc67e0f3a013b5bae461a01e3029aa6fb7d510bc14eed4f40ef83632561a3fa39aebf2be2785e3d0e0038db048c
+DIST rfc2307bis.schema-20140524 12262 SHA256 6cd8154ad86be1d6bb88a79c303dc10a49bce4ce7d21bb417a951d6496df30b1 SHA512 83b89a1deeefc8566b97e7e865b9b6d04541099cbdf719e24538a7d27d61b6209e87ab9003a9f140bd9afd018ec569e71721e3a24090e1902c8b6659d2ba103e WHIRLPOOL 40cef24529fb4bfc1661d03088eccdb17d9056d696b2bf0e698fa248d03f508ba776784bf8abbaffb5f4c2c59b59b29525b4be2babc978fed681e5e3c88073de
diff --git a/net-nds/openldap/files/DB_CONFIG.fast.example b/net-nds/openldap/files/DB_CONFIG.fast.example
new file mode 100644
index 000000000000..8b52062c9c22
--- /dev/null
+++ b/net-nds/openldap/files/DB_CONFIG.fast.example
@@ -0,0 +1,25 @@
+# $OpenLDAP: pkg/ldap/servers/slapd/DB_CONFIG,v 1.1 2004/06/18 02:49:08 kurt Exp $
+# Example DB_CONFIG file for use with slapd(8) BDB/HDB databases.
+#
+# See Sleepycat Berkeley DB documentation
+# <http://www.sleepycat.com/docs/ref/env/db_config.html>
+# for detail description of DB_CONFIG syntax and semantics.
+#
+# Hints can also be found in the OpenLDAP Software FAQ
+# <http://www.openldap.org/faq/index.cgi?file=2>
+
+# one 0.25 GB cache
+set_cachesize 0 16777216 0
+
+# Data Directory
+#set_data_dir db
+
+# Transaction Log settings
+set_lg_regionmax 262144
+set_lg_bsize 524288
+#set_lg_dir logs
+
+# When using (and only when using) slapadd(8) or slapindex(8),
+# the following flags may be useful:
+#set_flags DB_TXN_NOSYNC
+#set_flags DB_TXN_NOT_DURABLE
diff --git a/net-nds/openldap/files/openldap-2.2.14-perlthreadsfix.patch b/net-nds/openldap/files/openldap-2.2.14-perlthreadsfix.patch
new file mode 100644
index 000000000000..ddb6672a5fa7
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.2.14-perlthreadsfix.patch
@@ -0,0 +1,12 @@
+diff -ur openldap-2.2.14.orig/servers/slapd/back-perl/Makefile.in openldap-2.2.14/servers/slapd/back-perl/Makefile.in
+--- openldap-2.2.14.orig/servers/slapd/back-perl/Makefile.in 2004-04-12 11:20:14.000000000 -0700
++++ openldap-2.2.14/servers/slapd/back-perl/Makefile.in 2004-06-20 18:43:41.000000000 -0700
+@@ -31,7 +31,7 @@
+
+ shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
+ NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
+-UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
++UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) `perl -MExtUtils::Embed -e ldopts`
+
+ LIBBASE = back_perl
+
diff --git a/net-nds/openldap/files/openldap-2.2.6-ntlm.patch b/net-nds/openldap/files/openldap-2.2.6-ntlm.patch
new file mode 100644
index 000000000000..1e52f99f1988
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.2.6-ntlm.patch
@@ -0,0 +1,199 @@
+(Note that this patch is not useful on its own... it just adds some
+hooks to work with the LDAP authentication process at a lower level
+than the API otherwise allows. The code that calls these hooks and
+actually drives the NTLM authentication process is in
+lib/e2k-global-catalog.c, and the code that actually implements the
+NTLM algorithms is in xntlm/.)
+
+This is a patch against OpenLDAP 2.2.6. Apply with -p0
+
+
+--- include/ldap.h.orig 2004-01-01 13:16:28.000000000 -0500
++++ include/ldap.h 2004-07-14 11:58:49.000000000 -0400
+@@ -1753,5 +1753,26 @@
+ LDAPControl **cctrls ));
+
+
++/*
++ * hacks for NTLM
++ */
++#define LDAP_AUTH_NTLM_REQUEST ((ber_tag_t) 0x8aU)
++#define LDAP_AUTH_NTLM_RESPONSE ((ber_tag_t) 0x8bU)
++LDAP_F( int )
++ldap_ntlm_bind LDAP_P((
++ LDAP *ld,
++ LDAP_CONST char *dn,
++ ber_tag_t tag,
++ struct berval *cred,
++ LDAPControl **sctrls,
++ LDAPControl **cctrls,
++ int *msgidp ));
++LDAP_F( int )
++ldap_parse_ntlm_bind_result LDAP_P((
++ LDAP *ld,
++ LDAPMessage *res,
++ struct berval *challenge));
++
++
+ LDAP_END_DECL
+ #endif /* _LDAP_H */
+--- libraries/libldap/Makefile.in.orig 2004-01-01 13:16:29.000000000 -0500
++++ libraries/libldap/Makefile.in 2004-07-14 13:37:23.000000000 -0400
+@@ -20,7 +20,7 @@
+ SRCS = bind.c open.c result.c error.c compare.c search.c \
+ controls.c messages.c references.c extended.c cyrus.c \
+ modify.c add.c modrdn.c delete.c abandon.c \
+- sasl.c sbind.c kbind.c unbind.c cancel.c \
++ sasl.c ntlm.c sbind.c kbind.c unbind.c cancel.c \
+ filter.c free.c sort.c passwd.c whoami.c \
+ getdn.c getentry.c getattr.c getvalues.c addentry.c \
+ request.c os-ip.c url.c sortctrl.c vlvctrl.c \
+@@ -29,7 +29,7 @@
+ OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \
+ controls.lo messages.lo references.lo extended.lo cyrus.lo \
+ modify.lo add.lo modrdn.lo delete.lo abandon.lo \
+- sasl.lo sbind.lo kbind.lo unbind.lo cancel.lo \
++ sasl.lo ntlm.lo sbind.lo kbind.lo unbind.lo cancel.lo \
+ filter.lo free.lo sort.lo passwd.lo whoami.lo \
+ getdn.lo getentry.lo getattr.lo getvalues.lo addentry.lo \
+ request.lo os-ip.lo url.lo sortctrl.lo vlvctrl.lo \
+--- /dev/null 2004-06-30 15:04:37.000000000 -0400
++++ libraries/libldap/ntlm.c 2004-07-14 13:44:18.000000000 -0400
+@@ -0,0 +1,137 @@
++/* $OpenLDAP: pkg/ldap/libraries/libldap/ntlm.c,v 1.1.4.10 2002/01/04 20:38:21 kurt Exp $ */
++/*
++ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
++ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
++ */
++
++/* Mostly copied from sasl.c */
++
++#include "portable.h"
++
++#include <stdlib.h>
++#include <stdio.h>
++
++#include <ac/socket.h>
++#include <ac/string.h>
++#include <ac/time.h>
++#include <ac/errno.h>
++
++#include "ldap-int.h"
++
++int
++ldap_ntlm_bind(
++ LDAP *ld,
++ LDAP_CONST char *dn,
++ ber_tag_t tag,
++ struct berval *cred,
++ LDAPControl **sctrls,
++ LDAPControl **cctrls,
++ int *msgidp )
++{
++ BerElement *ber;
++ int rc;
++ ber_int_t id;
++
++ Debug( LDAP_DEBUG_TRACE, "ldap_ntlm_bind\n", 0, 0, 0 );
++
++ assert( ld != NULL );
++ assert( LDAP_VALID( ld ) );
++ assert( msgidp != NULL );
++
++ if( msgidp == NULL ) {
++ ld->ld_errno = LDAP_PARAM_ERROR;
++ return ld->ld_errno;
++ }
++
++ /* create a message to send */
++ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
++ ld->ld_errno = LDAP_NO_MEMORY;
++ return ld->ld_errno;
++ }
++
++ assert( LBER_VALID( ber ) );
++
++ LDAP_NEXT_MSGID( ld, id );
++ rc = ber_printf( ber, "{it{istON}" /*}*/,
++ id, LDAP_REQ_BIND,
++ ld->ld_version, dn, tag,
++ cred );
++
++ /* Put Server Controls */
++ if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) {
++ ber_free( ber, 1 );
++ return ld->ld_errno;
++ }
++
++ if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) {
++ ld->ld_errno = LDAP_ENCODING_ERROR;
++ ber_free( ber, 1 );
++ return ld->ld_errno;
++ }
++
++ /* send the message */
++ *msgidp = ldap_send_initial_request( ld, LDAP_REQ_BIND, dn, ber, id );
++
++ if(*msgidp < 0)
++ return ld->ld_errno;
++
++ return LDAP_SUCCESS;
++}
++
++int
++ldap_parse_ntlm_bind_result(
++ LDAP *ld,
++ LDAPMessage *res,
++ struct berval *challenge)
++{
++ ber_int_t errcode;
++ ber_tag_t tag;
++ BerElement *ber;
++ ber_len_t len;
++
++ Debug( LDAP_DEBUG_TRACE, "ldap_parse_ntlm_bind_result\n", 0, 0, 0 );
++
++ assert( ld != NULL );
++ assert( LDAP_VALID( ld ) );
++ assert( res != NULL );
++
++ if ( ld == NULL || res == NULL ) {
++ return LDAP_PARAM_ERROR;
++ }
++
++ if( res->lm_msgtype != LDAP_RES_BIND ) {
++ ld->ld_errno = LDAP_PARAM_ERROR;
++ return ld->ld_errno;
++ }
++
++ if ( ld->ld_error ) {
++ LDAP_FREE( ld->ld_error );
++ ld->ld_error = NULL;
++ }
++ if ( ld->ld_matched ) {
++ LDAP_FREE( ld->ld_matched );
++ ld->ld_matched = NULL;
++ }
++
++ /* parse results */
++
++ ber = ber_dup( res->lm_ber );
++
++ if( ber == NULL ) {
++ ld->ld_errno = LDAP_NO_MEMORY;
++ return ld->ld_errno;
++ }
++
++ tag = ber_scanf( ber, "{ioa" /*}*/,
++ &errcode, challenge, &ld->ld_error );
++ ber_free( ber, 0 );
++
++ if( tag == LBER_ERROR ) {
++ ld->ld_errno = LDAP_DECODING_ERROR;
++ return ld->ld_errno;
++ }
++
++ ld->ld_errno = errcode;
++
++ return( ld->ld_errno );
++}
diff --git a/net-nds/openldap/files/openldap-2.3.21-ppolicy.patch b/net-nds/openldap/files/openldap-2.3.21-ppolicy.patch
new file mode 100644
index 000000000000..06bbee86f1c9
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.3.21-ppolicy.patch
@@ -0,0 +1,13 @@
+--- clients.orig/tools/common.c 2006-05-05 00:24:01.000000000 -0700
++++ clients/tools/common.c 2006-05-05 00:24:13.000000000 -0700
+@@ -904,8 +904,8 @@
+ tool_bind( LDAP *ld )
+ {
+ #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST
+- if ( ppolicy ) {
+ LDAPControl *ctrls[2], c;
++ if ( ppolicy ) {
+ c.ldctl_oid = LDAP_CONTROL_PASSWORDPOLICYREQUEST;
+ c.ldctl_value.bv_val = NULL;
+ c.ldctl_value.bv_len = 0;
+
diff --git a/net-nds/openldap/files/openldap-2.3.24-contrib-smbk5pwd.patch b/net-nds/openldap/files/openldap-2.3.24-contrib-smbk5pwd.patch
new file mode 100644
index 000000000000..091ff26a17b0
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.3.24-contrib-smbk5pwd.patch
@@ -0,0 +1,53 @@
+--- contrib/slapd-modules/smbk5pwd/Makefile.ORIG 2006-05-17 13:11:57.194660019 +0300
++++ contrib/slapd-modules/smbk5pwd/Makefile 2006-05-17 13:11:14.503082288 +0300
+@@ -9,29 +9,39 @@
+ # top-level directory of the distribution or, alternatively, at
+ # <http://www.OpenLDAP.org/license.html>.
+
++#libexecdir=/usr/lib/openldap
++moduledir=$(libexecdir)/openldap
+ LIBTOOL=../../../libtool
+-OPT=-g -O2
++#OPT=
+ CC=gcc
+
+ # Omit DO_KRB5 or DO_SAMBA if you don't want to support it.
+-DEFS=-DDO_KRB5 -DDO_SAMBA
++#DEFS=
+
+-HEIMDAL_INC=-I/usr/heimdal/include
++#KRB5_INC=
+ SSL_INC=
+ LDAP_INC=-I../../../include -I../../../servers/slapd
+-INCS=$(LDAP_INC) $(HEIMDAL_INC) $(SSL_INC)
++INCS=$(LDAP_INC) $(SSL_INC) $(KRB5_INC)
+
+-HEIMDAL_LIB=-L/usr/heimdal/lib -lkrb5 -lkadm5srv
++KRB5_LIB=-lkrb5 -lkadm5srv
+ SSL_LIB=-lcrypto
+-LDAP_LIB=-lldap_r -llber
+-LIBS=$(LDAP_LIB) $(HEIMDAL_LIB) $(SSL_LIB)
+-
++LDAP_LIB=-L../../../libraries/libldap_r -lldap_r -llber
++ifneq (DDO_KRB5,$(findstring DDO_KRB5,$(DEFS)))
++ LIBS=$(LDAP_LIB) $(SSL_LIB)
++else
++ LIBS=$(LDAP_LIB) $(KRB5_LIB) $(SSL_LIB)
++endif
++
+ all: smbk5pwd.la
+
+
+ smbk5pwd.lo: smbk5pwd.c
+- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $?
++ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(DEFS) $(INCS) -c $?
+
+ smbk5pwd.la: smbk5pwd.lo
+- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info 0:0:0 \
+- -rpath /usr/local/libexec/openldap -module -o $@ $? $(LIBS)
++ $(LIBTOOL) --mode=link $(CC) $(CFLAGS) -version-info 0:0:0 \
++ -rpath $(moduledir) -module -o $@ $? $(LIBS)
++
++install-mod:
++ $(LIBTOOL) --mode=install ../../../build/shtool install -c \
++ -m 755 smbk5pwd.la $(DESTDIR)$(moduledir)
diff --git a/net-nds/openldap/files/openldap-2.3.34-slapd-conf b/net-nds/openldap/files/openldap-2.3.34-slapd-conf
new file mode 100644
index 000000000000..ad767cfdeb7c
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.3.34-slapd-conf
@@ -0,0 +1,64 @@
+#
+# See slapd.conf(5) for details on configuration options.
+# This file should NOT be world readable.
+#
+include /etc/openldap/schema/core.schema
+
+# Define global ACLs to disable default read access.
+
+# Do not enable referrals until AFTER you have a working directory
+# service AND an understanding of referrals.
+#referral ldap://root.openldap.org
+
+pidfile /var/run/openldap/slapd.pid
+argsfile /var/run/openldap/slapd.args
+
+# Load dynamic backend modules:
+###INSERTDYNAMICMODULESHERE###
+
+# Sample security restrictions
+# Require integrity protection (prevent hijacking)
+# Require 112-bit (3DES or better) encryption for updates
+# Require 63-bit encryption for simple bind
+# security ssf=1 update_ssf=112 simple_bind=64
+
+# Sample access control policy:
+# Root DSE: allow anyone to read it
+# Subschema (sub)entry DSE: allow anyone to read it
+# Other DSEs:
+# Allow self write access
+# Allow authenticated users read access
+# Allow anonymous users to authenticate
+# Directives needed to implement policy:
+# access to dn.base="" by * read
+# access to dn.base="cn=Subschema" by * read
+# access to *
+# by self write
+# by users read
+# by anonymous auth
+#
+# if no access controls are present, the default policy
+# allows anyone and everyone to read anything but restricts
+# updates to rootdn. (e.g., "access to * by * read")
+#
+# rootdn can always read and write EVERYTHING!
+
+#######################################################################
+# BDB database definitions
+#######################################################################
+
+database hdb
+suffix "dc=my-domain,dc=com"
+# <kbyte> <min>
+checkpoint 32 30
+rootdn "cn=Manager,dc=my-domain,dc=com"
+# Cleartext passwords, especially for the rootdn, should
+# be avoid. See slappasswd(8) and slapd.conf(5) for details.
+# Use of strong authentication encouraged.
+rootpw secret
+# The database directory MUST exist prior to running slapd AND
+# should only be accessible by the slapd and slap tools.
+# Mode 700 recommended.
+directory /var/lib/openldap-data
+# Indices to maintain
+index objectClass eq
diff --git a/net-nds/openldap/files/openldap-2.3.37-libldap_r.patch b/net-nds/openldap/files/openldap-2.3.37-libldap_r.patch
new file mode 100644
index 000000000000..d015bda2abbe
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.3.37-libldap_r.patch
@@ -0,0 +1,21 @@
+--- libraries/libldap_r/Makefile.in.old 2007-01-02 22:43:50.000000000 +0100
++++ libraries/libldap_r/Makefile.in 2007-08-22 13:32:20.000000000 +0200
+@@ -56,7 +56,7 @@
+ XXLIBS = $(SECURITY_LIBS) $(LUTIL_LIBS)
+ XXXLIBS = $(LTHREAD_LIBS)
+ NT_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS)
+-UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS)
++UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) $(LTHREAD_LIBS)
+
+ .links : Makefile
+ @for i in $(XXSRCS); do \
+--- servers/slapd/slapi/Makefile.in.old 2007-01-02 22:44:10.000000000 +0100
++++ servers/slapd/slapi/Makefile.in 2007-08-22 14:58:51.000000000 +0200
+@@ -37,6 +37,7 @@
+ XLIBS = $(LIBRARY)
+ XXLIBS =
+ NT_LINK_LIBS = $(AC_LIBS)
++UNIX_LINK_LIBS = ../../../libraries/libldap_r/libldap_r.la $(LTHREAD_LIBS)
+
+ XINCPATH = -I$(srcdir)/.. -I$(srcdir)
+ XDEFS = $(MODULES_CPPFLAGS)
diff --git a/net-nds/openldap/files/openldap-2.3.43-fix-hang.patch b/net-nds/openldap/files/openldap-2.3.43-fix-hang.patch
new file mode 100644
index 000000000000..7e1f4457bd94
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.3.43-fix-hang.patch
@@ -0,0 +1,19 @@
+commit a3f40e5601c0c522f2bda418374fb415bdcbd75c
+Author: Quanah Gibson-Mount <quanah@openldap.org>
+Date: Thu Mar 24 02:25:49 2011 +0000
+
+ sl_busy is used as a boolean so just set it, don't increment it
+
+diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c
+index 2a7a48e..df6d096 100644
+--- a/servers/slapd/daemon.c
++++ b/servers/slapd/daemon.c
+@@ -2098,7 +2098,7 @@ slap_listener_activate(
+ Debug( LDAP_DEBUG_TRACE, "slap_listener_activate(%d): %s\n",
+ sl->sl_sd, sl->sl_busy ? "busy" : "", 0 );
+
+- sl->sl_busy++;
++ sl->sl_busy = 1;
+
+ rc = ldap_pvt_thread_pool_submit( &connection_pool,
+ slap_listener_thread, (void *) sl );
diff --git a/net-nds/openldap/files/openldap-2.3.XY-gcc44.patch b/net-nds/openldap/files/openldap-2.3.XY-gcc44.patch
new file mode 100644
index 000000000000..0213d81dc85c
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.3.XY-gcc44.patch
@@ -0,0 +1,30 @@
+--- include/ldap_pvt_thread.h 2009-04-03 08:51:30.000000000 -0400
++++ include/ldap_pvt_thread.h 2009-04-03 08:56:36.000000000 -0400
+@@ -57,12 +57,12 @@
+
+ #ifndef LDAP_PVT_THREAD_H_DONE
+ #define LDAP_PVT_THREAD_SET_STACK_SIZE
+-#ifndef LDAP_PVT_THREAD_STACK_SIZE
+- /* LARGE stack. Will be twice as large on 64 bit machine. */
+-#define LDAP_PVT_THREAD_STACK_SIZE ( 1 * 1024 * 1024 * sizeof(void *) )
+ /* May be explicitly defined to zero to disable it */
+-#elif LDAP_PVT_THREAD_STACK_SIZE == 0
++#if defined( LDAP_PVT_THREAD_STACK_SIZE ) && LDAP_PVT_THREAD_STACK_SIZE == 0
+ #undef LDAP_PVT_THREAD_SET_STACK_SIZE
++#elif !defined(LDAP_PVT_THREAD_STACK_SIZE)
++ /* LARGE stack. Will be twice as large on 64 bit machine. */
++#define LDAP_PVT_THREAD_STACK_SIZE ( 1 * 1024 * 1024 * sizeof(void *) )
+ #endif
+ #endif /* !LDAP_PVT_THREAD_H_DONE */
+
+--- libraries/libldap/os-ip.c 2009-04-03 08:51:30.000000000 -0400
++++ libraries/libldap/os-ip.c 2009-04-03 08:54:47.000000000 -0400
+@@ -652,7 +652,7 @@
+ char *herr;
+ #ifdef NI_MAXHOST
+ char hbuf[NI_MAXHOST];
+-#elif defined( MAXHOSTNAMELEN
++#elif defined( MAXHOSTNAMELEN )
+ char hbuf[MAXHOSTNAMELEN];
+ #else
+ char hbuf[256];
diff --git a/net-nds/openldap/files/openldap-2.4.11-libldap_r.patch b/net-nds/openldap/files/openldap-2.4.11-libldap_r.patch
new file mode 100644
index 000000000000..448249a3b583
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.4.11-libldap_r.patch
@@ -0,0 +1,11 @@
+diff -Nuar openldap-2.4.11.orig/servers/slapd/slapi/Makefile.in openldap-2.4.11/servers/slapd/slapi/Makefile.in
+--- openldap-2.4.11.orig/servers/slapd/slapi/Makefile.in 2008-02-11 15:26:49.000000000 -0800
++++ openldap-2.4.11/servers/slapd/slapi/Makefile.in 2008-10-14 02:10:18.402799262 -0700
+@@ -37,6 +37,7 @@
+ XLIBS = $(LIBRARY)
+ XXLIBS =
+ NT_LINK_LIBS = $(AC_LIBS)
++UNIX_LINK_LIBS = ../../../libraries/libldap_r/libldap_r.la $(LTHREAD_LIBS)
+
+ XINCPATH = -I$(srcdir)/.. -I$(srcdir)
+ XDEFS = $(MODULES_CPPFLAGS)
diff --git a/net-nds/openldap/files/openldap-2.4.15-ppolicy.patch b/net-nds/openldap/files/openldap-2.4.15-ppolicy.patch
new file mode 100644
index 000000000000..3195ee550f68
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.4.15-ppolicy.patch
@@ -0,0 +1,12 @@
+--- openldap-2.4.15/clients/tools/common.c.orig 2009-02-05 15:05:03.000000000 -0800
++++ openldap-2.4.15/clients/tools/common.c 2009-03-21 01:45:14.000000000 -0700
+@@ -1315,8 +1315,8 @@
+ int nsctrls = 0;
+
+ #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST
++ LDAPControl c;
+ if ( ppolicy ) {
+- LDAPControl c;
+ c.ldctl_oid = LDAP_CONTROL_PASSWORDPOLICYREQUEST;
+ c.ldctl_value.bv_val = NULL;
+ c.ldctl_value.bv_len = 0;
diff --git a/net-nds/openldap/files/openldap-2.4.17-fix-lmpasswd-gnutls-symbols.patch b/net-nds/openldap/files/openldap-2.4.17-fix-lmpasswd-gnutls-symbols.patch
new file mode 100644
index 000000000000..e5117468f809
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.4.17-fix-lmpasswd-gnutls-symbols.patch
@@ -0,0 +1,109 @@
+If GnuTLS is used, the lmpasswd module for USE=samba does not compile.
+Forward-port an old Debian patch that upstream never applied.
+
+Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
+Signed-off-by: Steffen Hau <steffen@hauihau.de>
+X-Gentoo-Bug: http://bugs.gentoo.org/show_bug.cgi?id=233633
+X-Upstream-Bug: http://www.openldap.org/its/index.cgi/Software%20Enhancements?id=4997
+X-Debian-Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=245341
+
+--- openldap-2.4.17.orig/libraries/liblutil/passwd.c 2009-07-27 18:59:19.635995474 -0700
++++ openldap-2.4.17/libraries/liblutil/passwd.c 2009-07-27 19:01:13.588069010 -0700
+@@ -51,6 +51,26 @@ typedef unsigned char des_data_block[8];
+ typedef PK11Context *des_context[1];
+ #define DES_ENCRYPT CKA_ENCRYPT
+
++#elif defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
++# include <gcrypt.h>
++static int gcrypt_init = 0;
++
++typedef const void* des_key;
++typedef unsigned char des_cblock[8];
++typedef des_cblock des_data_block;
++typedef int des_key_schedule; /* unused */
++typedef des_key_schedule des_context; /* unused */
++#define des_failed(encrypted) 0
++#define des_finish(key, schedule)
++
++#define des_set_key_unchecked( key, key_sched ) \
++ gcry_cipher_setkey( hd, key, 8 )
++
++#define des_ecb_encrypt( input, output, key_sched, enc ) \
++ gcry_cipher_encrypt( hd, *output, 8, *input, 8 )
++
++#define des_set_odd_parity( key ) do {} while(0)
++
+ #endif
+
+ #endif /* SLAPD_LMHASH */
+@@ -651,7 +671,7 @@ static int chk_md5(
+
+ #ifdef SLAPD_LMHASH
+
+-#if defined(HAVE_OPENSSL)
++#if defined(HAVE_OPENSSL) || defined(HAVE_GNUTLS_GNUTLS_H)
+
+ /*
+ * abstract away setting the parity.
+@@ -841,6 +861,19 @@ static int chk_lanman(
+ des_data_block StdText = "KGS!@#$%";
+ des_data_block PasswordHash1, PasswordHash2;
+ char PasswordHash[33], storedPasswordHash[33];
++
++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
++ gcry_cipher_hd_t hd;
++
++ if ( !gcrypt_init ) {
++ gcry_check_version( GCRYPT_VERSION );
++ gcrypt_init = 1;
++ }
++
++ schedule = schedule; /* unused - avoid warning */
++
++ gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 );
++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
+
+ for( i=0; i<cred->bv_len; i++) {
+ if(cred->bv_val[i] == '\0') {
+@@ -883,6 +916,10 @@ static int chk_lanman(
+ strncpy( storedPasswordHash, passwd->bv_val, 32 );
+ storedPasswordHash[32] = '\0';
+ ldap_pvt_str2lower( storedPasswordHash );
++
++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
++ gcry_cipher_close( hd );
++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
+
+ return memcmp( PasswordHash, storedPasswordHash, 32) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
+ }
+@@ -1138,6 +1175,19 @@ static int hash_lanman(
+ des_data_block PasswordHash1, PasswordHash2;
+ char PasswordHash[33];
+
++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
++ gcry_cipher_hd_t hd;
++
++ if ( !gcrypt_init ) {
++ gcry_check_version( GCRYPT_VERSION );
++ gcrypt_init = 1;
++ }
++
++ schedule = schedule; /* unused - avoid warning */
++
++ gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 );
++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
++
+ for( i=0; i<passwd->bv_len; i++) {
+ if(passwd->bv_val[i] == '\0') {
+ return LUTIL_PASSWD_ERR; /* NUL character in password */
+@@ -1168,6 +1218,10 @@ static int hash_lanman(
+
+ hash->bv_val = PasswordHash;
+ hash->bv_len = 32;
++
++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
++ gcry_cipher_close( hd );
++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
+
+ return pw_string( scheme, hash );
+ }
diff --git a/net-nds/openldap/files/openldap-2.4.17-gcc44.patch b/net-nds/openldap/files/openldap-2.4.17-gcc44.patch
new file mode 100644
index 000000000000..aa7fe7ac35f6
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.4.17-gcc44.patch
@@ -0,0 +1,11 @@
+diff -ur openldap-2.4.17.orig/contrib/ldapc++/src/SaslInteractionHandler.cpp openldap-2.4.17/contrib/ldapc++/src/SaslInteractionHandler.cpp
+--- openldap-2.4.17.orig/contrib/ldapc++/src/SaslInteractionHandler.cpp 2008-04-15 02:09:26.000000000 +0300
++++ openldap-2.4.17/contrib/ldapc++/src/SaslInteractionHandler.cpp 2009-08-10 13:21:24.000000000 +0300
+@@ -13,6 +13,7 @@
+ #include <termios.h>
+ #endif
+
++#include <stdio.h>
+ #include <string.h>
+ #include "SaslInteractionHandler.h"
+ #include "SaslInteraction.h"
diff --git a/net-nds/openldap/files/openldap-2.4.28-fix-dash.patch b/net-nds/openldap/files/openldap-2.4.28-fix-dash.patch
new file mode 100644
index 000000000000..d15c3d2231f4
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.4.28-fix-dash.patch
@@ -0,0 +1,26 @@
+Our libtool needs bash to work properly.
+Patch unbreaks build when /bin/sh points to dash:
+
+ Entering subdirectory liblber
+ /bin/sh ../../libtool --mode=compile x86_64-pc-linux-gnu-gcc -O0 -D_GNU_SOURCE -I../../include -I../../include -I/usr/include/db4.8 -DLDAP_CONNECTIONLESS -DLBER_LIBRARY -c assert.c
+ ../../build/mkversion -v "2.4.28" liblber.la > version.c
+ /bin/sh ../../libtool --mode=compile x86_64-pc-linux-gnu-gcc -O0 -D_GNU_SOURCE -I../../include -I../../include -I/usr/include/db4.8 -DLDAP_CONNECTIONLESS -DLBER_LIBRARY -c decode.c
+ eval: 1: base_compile+= x86_64-pc-linux-gnu-gcc: not found
+ eval: 1: base_compile+= -O0: not found
+ eval: 1: base_compile+= -D_GNU_SOURCE: not found
+ eval: 1: base_compile+= x86_64-pc-linux-gnu-gcc: not found
+ ...
+ make[2]: *** [decode.lo] Error 1
+diff --git a/build/top.mk b/build/top.mk
+index 6fea488..ea324e3 100644
+--- a/build/top.mk
++++ b/build/top.mk
+@@ -20,7 +20,7 @@ VERSION= @VERSION@
+ RELEASEDATE= @OPENLDAP_RELEASE_DATE@
+
+ @SET_MAKE@
+-SHELL = /bin/sh
++SHELL = @SHELL@
+
+ top_builddir = @top_builddir@
+
diff --git a/net-nds/openldap/files/openldap-2.4.28-gnutls-gcrypt.patch b/net-nds/openldap/files/openldap-2.4.28-gnutls-gcrypt.patch
new file mode 100644
index 000000000000..aeecb0f40132
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.4.28-gnutls-gcrypt.patch
@@ -0,0 +1,11 @@
+--- openldap-2.4.28/configure.in.orig 2012-02-11 22:40:36.004360795 +0000
++++ openldap-2.4.28/configure.in 2012-02-11 22:40:13.410986851 +0000
+@@ -1214,7 +1214,7 @@
+ ol_with_tls=gnutls
+ ol_link_tls=yes
+
+- TLS_LIBS="-lgnutls"
++ TLS_LIBS="-lgnutls -lgcrypt"
+
+ AC_DEFINE(HAVE_GNUTLS, 1,
+ [define if you have GNUtls])
diff --git a/net-nds/openldap/files/openldap-2.4.31-gcc47.patch b/net-nds/openldap/files/openldap-2.4.31-gcc47.patch
new file mode 100644
index 000000000000..5b6af4b29564
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.4.31-gcc47.patch
@@ -0,0 +1,16 @@
+Fix building with gcc-4.7
+
+https://bugs.gentoo.org/show_bug.cgi?id=420959
+http://www.openldap.org/its/index.cgi/Incoming?id=7304;page=16 #ITS 7304
+
+Patch written by Kacper Kowalik <xarthisius@gentoo.org>
+--- a/contrib/ldapc++/src/SaslInteractionHandler.cpp
++++ b/contrib/ldapc++/src/SaslInteractionHandler.cpp
+@@ -16,6 +16,7 @@
+
+ #include <stdio.h>
+ #include <string.h>
++#include <unistd.h>
+ #include "SaslInteractionHandler.h"
+ #include "SaslInteraction.h"
+ #include "debug.h"
diff --git a/net-nds/openldap/files/openldap-2.4.33-gnutls.patch b/net-nds/openldap/files/openldap-2.4.33-gnutls.patch
new file mode 100644
index 000000000000..2b07c85c04aa
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.4.33-gnutls.patch
@@ -0,0 +1,60 @@
+From 98de912932732f1441300eb64ca3070ff1469fcf Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <petr.pisar@atlas.cz>
+Date: Sun, 30 Dec 2012 21:11:06 +0100
+Subject: [PATCH] GnuTLS 3.0 removed gnutls_certificate_get_x509_cas()
+
+---
+ libraries/libldap/tls_g.c | 23 +++++++++++++++++++++++
+ 1 file changed, 23 insertions(+)
+
+diff --git a/libraries/libldap/tls_g.c b/libraries/libldap/tls_g.c
+index 40616f5..374514d 100644
+--- a/libraries/libldap/tls_g.c
++++ b/libraries/libldap/tls_g.c
+@@ -60,6 +60,12 @@
+ #undef HAVE_GCRYPT_RAND
+ #endif
+
++#if LIBGNUTLS_VERSION_NUMBER >= 0x030000
++#define HAVE_GNUTLS_CERTIFICATE_GET_ISSUER 1
++#else
++#undef HAVE_GNUTLS_CERTIFICATE_GET_ISSUER
++#endif
++
+ #ifndef HAVE_CIPHERSUITES
+ /* Versions prior to 2.2.0 didn't handle cipher suites, so we had to
+ * kludge them ourselves.
+@@ -368,6 +374,22 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
+ * then we have to build the cert chain.
+ */
+ if ( max == 1 && !gnutls_x509_crt_check_issuer( certs[0], certs[0] )) {
++#ifdef HAVE_GNUTLS_CERTIFICATE_GET_ISSUER
++ gnutls_x509_crt_t issuer;
++ unsigned int i;
++
++ for ( i = 1; i<VERIFY_DEPTH; i++ ) {
++ /* If no CA is known, we're done */
++ if ( gnutls_certificate_get_issuer( ctx->cred, certs[i-1],
++ &issuer, 0 ) )
++ break;
++ certs[i] = issuer;
++ max++;
++ /* If this CA is self-signed, we're done */
++ if ( gnutls_x509_crt_check_issuer( certs[i], certs[i] ))
++ break;
++ }
++#else
+ gnutls_x509_crt_t *cas;
+ unsigned int i, j, ncas;
+
+@@ -387,6 +409,7 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
+ if ( j == ncas )
+ break;
+ }
++#endif /* !defined HAVE_GNUTLS_CERTIFICATE_GET_ISSUER */
+ }
+ rc = gnutls_certificate_set_x509_key( ctx->cred, certs, max, key );
+ if ( rc ) return -1;
+--
+1.8.0.2
+
diff --git a/net-nds/openldap/files/openldap-2.4.35-contrib-samba4.patch b/net-nds/openldap/files/openldap-2.4.35-contrib-samba4.patch
new file mode 100644
index 000000000000..4312dc7c55ea
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.4.35-contrib-samba4.patch
@@ -0,0 +1,38 @@
+diff -Nuar openldap-2.4.35.orig/contrib/slapd-modules/samba4/Makefile openldap-2.4.35/contrib/slapd-modules/samba4/Makefile
+--- openldap-2.4.35.orig/contrib/slapd-modules/samba4/Makefile 2013-03-28 15:41:51.000000000 +0000
++++ openldap-2.4.35/contrib/slapd-modules/samba4/Makefile 2013-04-16 02:16:40.651868432 +0000
+@@ -20,7 +20,8 @@
+
+ LIBTOOL = $(LDAP_BUILD)/libtool
+ CC = gcc
+-OPT = -g -O2 -Wall
++#OPT = -g -O2 -Wall
++OPT = -Wall
+ DEFS = -DSLAPD_OVER_RDNVAL=SLAPD_MOD_DYNAMIC \
+ -DSLAPD_OVER_PGUID=SLAPD_MOD_DYNAMIC \
+ -DSLAPD_OVER_VERNUM=SLAPD_MOD_DYNAMIC
+@@ -41,20 +42,20 @@
+ .SUFFIXES: .c .o .lo
+
+ .c.lo:
+- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $<
++ $(LIBTOOL) --mode=compile $(CC) $(OPT) $(CFLAGS) $(DEFS) $(INCS) -c $<
+
+ all: $(PROGRAMS)
+
+ pguid.la: pguid.lo
+- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
++ $(LIBTOOL) --mode=link $(CC) $(OPT) $(CFLAGS) -version-info $(LTVER) \
+ -rpath $(moduledir) -module -o $@ $? $(LIBS)
+
+ rdnval.la: rdnval.lo
+- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
++ $(LIBTOOL) --mode=link $(CC) $(OPT) $(CFLAGS) -version-info $(LTVER) \
+ -rpath $(moduledir) -module -o $@ $? $(LIBS)
+
+ vernum.la: vernum.lo
+- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
++ $(LIBTOOL) --mode=link $(CC) $(OPT) $(CFLAGS) -version-info $(LTVER) \
+ -rpath $(moduledir) -module -o $@ $? $(LIBS)
+
+ clean:
diff --git a/net-nds/openldap/files/openldap-2.4.35-contrib-smbk5pwd.patch b/net-nds/openldap/files/openldap-2.4.35-contrib-smbk5pwd.patch
new file mode 100644
index 000000000000..4383802a0ead
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.4.35-contrib-smbk5pwd.patch
@@ -0,0 +1,48 @@
+diff -Nuar openldap-2.4.35.orig/contrib/slapd-modules/smbk5pwd/Makefile openldap-2.4.35/contrib/slapd-modules/smbk5pwd/Makefile
+--- openldap-2.4.35.orig/contrib/slapd-modules/smbk5pwd/Makefile 2013-03-28 15:41:51.000000000 +0000
++++ openldap-2.4.35/contrib/slapd-modules/smbk5pwd/Makefile 2013-04-16 02:13:38.939913119 +0000
+@@ -21,16 +21,23 @@
+ SSL_INC =
+ SSL_LIB = -lcrypto
+
+-HEIMDAL_INC = -I/usr/heimdal/include
+-HEIMDAL_LIB = -L/usr/heimdal/lib -lkrb5 -lkadm5srv
++#HEIMDAL_INC = -I/usr/heimdal/include
++#HEIMDAL_LIB = -L/usr/heimdal/lib -lkrb5 -lkadm5srv
++KRB5_INC = $(HEIMDAL_INC)
++KRB5_LIB = $(HEIMDAL_LIB) -lkrb5 -lkadm5srv
+
+ LIBTOOL = $(LDAP_BUILD)/libtool
+ CC = gcc
+-OPT = -g -O2 -Wall
++#OPT = -g -O2 -Wall
++OPT = -Wall
+ # Omit DO_KRB5, DO_SAMBA or DO_SHADOW if you don't want to support it.
+-DEFS = -DDO_KRB5 -DDO_SAMBA -DDO_SHADOW
+-INCS = $(LDAP_INC) $(HEIMDAL_INC) $(SSL_INC)
+-LIBS = $(LDAP_LIB) $(HEIMDAL_LIB) $(SSL_LIB)
++#DEFS = -DDO_KRB5 -DDO_SAMBA -DDO_SHADOW
++INCS = $(LDAP_INC) $(KRB5_INC) $(SSL_INC)
++ifneq (DDO_KRB5,$(findstring DDO_KRB5,$(DEFS)))
++ LIBS=$(LDAP_LIB) $(SSL_LIB)
++else
++ LIBS=$(LDAP_LIB) $(KRB5_LIB) $(SSL_LIB)
++endif
+
+ PROGRAMS = smbk5pwd.la
+ LTVER = 0:0:0
+@@ -46,12 +53,12 @@
+ .SUFFIXES: .c .o .lo
+
+ .c.lo:
+- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $<
++ $(LIBTOOL) --mode=compile $(CC) $(OPT) $(CFLAGS) $(DEFS) $(INCS) -c $<
+
+ all: $(PROGRAMS)
+
+ smbk5pwd.la: smbk5pwd.lo
+- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
++ $(LIBTOOL) --mode=link $(CC) $(OPT) $(CFLAGS) -version-info $(LTVER) \
+ -rpath $(moduledir) -module -o $@ $? $(LIBS)
+
+ clean:
diff --git a/net-nds/openldap/files/openldap-2.4.40-mdb-unbundle.patch b/net-nds/openldap/files/openldap-2.4.40-mdb-unbundle.patch
new file mode 100644
index 000000000000..9265a01701ab
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.4.40-mdb-unbundle.patch
@@ -0,0 +1,136 @@
+--- ./build/top.mk.orig 2014-10-24 14:34:59.260827298 +0200
++++ ./build/top.mk 2014-10-24 14:35:25.281168893 +0200
+@@ -160,6 +160,7 @@
+ LTHREAD_LIBS = @LTHREAD_LIBS@
+
+ BDB_LIBS = @BDB_LIBS@
++MDB_LIBS = @MDB_LIBS@
+ SLAPD_NDB_LIBS = @SLAPD_NDB_LIBS@
+
+ LDAP_LIBLBER_LA = $(LDAP_LIBDIR)/liblber/liblber.la
+--- ./build/openldap.m4.orig 2014-10-24 10:52:02.837221734 +0200
++++ ./build/openldap.m4 2014-10-24 11:31:02.748087966 +0200
+@@ -563,6 +563,38 @@
+ ], [ol_cv_bdb_compat=yes], [ol_cv_bdb_compat=no])])
+ ])
+
++dnl --------------------------------------------------------------------
++dnl Check for version compatility with back-mdb
++AC_DEFUN([OL_MDB_COMPAT],
++[AC_CACHE_CHECK([if LMDB version supported by MDB backends], [ol_cv_mdb_compat],[
++ AC_EGREP_CPP(__mdb_version_compat,[
++#include <lmdb.h>
++
++/* require 0.9.14 or later */
++#if MDB_VERSION_FULL >= 0x00000009000E
++ __mdb_version_compat
++#endif
++ ], [ol_cv_mdb_compat=yes], [ol_cv_mdb_compat=no])])
++])
++
++dnl
++dnl --------------------------------------------------------------------
++dnl Find any MDB
++AC_DEFUN([OL_MDB],
++[ol_cv_mdb=no
++AC_CHECK_HEADERS(lmdb.h)
++if test $ac_cv_header_lmdb_h = yes; then
++ OL_MDB_COMPAT
++
++ if test $ol_cv_mdb_compat != yes ; then
++ AC_MSG_ERROR([LMDB version incompatible with MDB backends])
++ fi
++
++ ol_cv_lib_mdb=-llmdb
++ ol_cv_mdb=yes
++fi
++])
++
+ dnl
+ dnl ====================================================================
+ dnl Check POSIX Thread version
+--- ./servers/slapd/back-mdb/Makefile.in.orig 2014-10-24 10:31:30.860931076 +0200
++++ ./servers/slapd/back-mdb/Makefile.in 2014-10-24 14:33:33.803705424 +0200
+@@ -25,11 +25,10 @@
+ extended.lo operational.lo \
+ attr.lo index.lo key.lo filterindex.lo \
+ dn2entry.lo dn2id.lo id2entry.lo idl.lo \
+- nextid.lo monitor.lo mdb.lo midl.lo
++ nextid.lo monitor.lo
+
+ LDAP_INCDIR= ../../../include
+ LDAP_LIBDIR= ../../../libraries
+-MDB_SUBDIR = $(srcdir)/$(LDAP_LIBDIR)/liblmdb
+
+ BUILD_OPT = "--enable-mdb"
+ BUILD_MOD = @BUILD_MDB@
+@@ -44,7 +43,7 @@
+
+ LIBBASE = back_mdb
+
+-XINCPATH = -I.. -I$(srcdir)/.. -I$(MDB_SUBDIR)
++XINCPATH = -I.. -I$(srcdir)/..
+ XDEFS = $(MODULES_CPPFLAGS)
+
+ all-local-lib: ../.backend
+@@ -52,11 +51,5 @@
+ ../.backend: lib$(LIBBASE).a
+ @touch $@
+
+-mdb.lo: $(MDB_SUBDIR)/mdb.c
+- $(LTCOMPILE_MOD) $(MDB_SUBDIR)/mdb.c
+-
+-midl.lo: $(MDB_SUBDIR)/midl.c
+- $(LTCOMPILE_MOD) $(MDB_SUBDIR)/midl.c
+-
+ veryclean-local-lib: FORCE
+ $(RM) $(XXHEADERS) $(XXSRCS) .links
+--- ./configure.in.orig 2014-10-24 10:46:53.289139847 +0200
++++ ./configure.in 2014-10-24 10:51:34.372846374 +0200
+@@ -519,6 +519,7 @@
+ dnl Initialize vars
+ LDAP_LIBS=
+ BDB_LIBS=
++MDB_LIBS=
+ SLAPD_NDB_LIBS=
+ SLAPD_NDB_INCS=
+ LTHREAD_LIBS=
+@@ -1905,6 +1906,30 @@
+ fi
+
+ dnl ----------------------------------------------------------------
++ol_link_mdb=no
++
++if test $ol_enable_mdb != no; then
++ OL_MDB
++
++ if test $ol_cv_mdb = no ; then
++ AC_MSG_ERROR(MDB: LMDB not available)
++ fi
++
++ AC_DEFINE(HAVE_MDB,1,
++ [define this if LMDB is available])
++
++ dnl $ol_cv_lib_mdb should be yes or -llmdb
++ dnl (it could be no, but that would be an error
++ if test $ol_cv_lib_mdb != yes ; then
++ MDB_LIBS="$MDB_LIBS $ol_cv_lib_mdb"
++ fi
++
++ SLAPD_LIBS="$SLAPD_LIBS \$(MDB_LIBS)"
++
++ ol_link_mdb=yes
++fi
++
++dnl ----------------------------------------------------------------
+
+ if test $ol_enable_dynamic = yes && test $enable_shared = yes ; then
+ BUILD_LIBS_DYNAMIC=shared
+@@ -3133,6 +3158,7 @@
+ AC_SUBST(LDAP_LIBS)
+ AC_SUBST(SLAPD_LIBS)
+ AC_SUBST(BDB_LIBS)
++AC_SUBST(MDB_LIBS)
+ AC_SUBST(SLAPD_NDB_LIBS)
+ AC_SUBST(SLAPD_NDB_INCS)
+ AC_SUBST(LTHREAD_LIBS)
diff --git a/net-nds/openldap/files/openldap-2.4.40-slapd-conf b/net-nds/openldap/files/openldap-2.4.40-slapd-conf
new file mode 100644
index 000000000000..8ecc732b9672
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.4.40-slapd-conf
@@ -0,0 +1,64 @@
+#
+# See slapd.conf(5) for details on configuration options.
+# This file should NOT be world readable.
+#
+include /etc/openldap/schema/core.schema
+
+# Define global ACLs to disable default read access.
+
+# Do not enable referrals until AFTER you have a working directory
+# service AND an understanding of referrals.
+#referral ldap://root.openldap.org
+
+pidfile /run/openldap/slapd.pid
+argsfile /run/openldap/slapd.args
+
+# Load dynamic backend modules:
+###INSERTDYNAMICMODULESHERE###
+
+# Sample security restrictions
+# Require integrity protection (prevent hijacking)
+# Require 112-bit (3DES or better) encryption for updates
+# Require 63-bit encryption for simple bind
+# security ssf=1 update_ssf=112 simple_bind=64
+
+# Sample access control policy:
+# Root DSE: allow anyone to read it
+# Subschema (sub)entry DSE: allow anyone to read it
+# Other DSEs:
+# Allow self write access
+# Allow authenticated users read access
+# Allow anonymous users to authenticate
+# Directives needed to implement policy:
+# access to dn.base="" by * read
+# access to dn.base="cn=Subschema" by * read
+# access to *
+# by self write
+# by users read
+# by anonymous auth
+#
+# if no access controls are present, the default policy
+# allows anyone and everyone to read anything but restricts
+# updates to rootdn. (e.g., "access to * by * read")
+#
+# rootdn can always read and write EVERYTHING!
+
+#######################################################################
+# BDB database definitions
+#######################################################################
+
+database hdb
+suffix "dc=my-domain,dc=com"
+# <kbyte> <min>
+checkpoint 32 30
+rootdn "cn=Manager,dc=my-domain,dc=com"
+# Cleartext passwords, especially for the rootdn, should
+# be avoid. See slappasswd(8) and slapd.conf(5) for details.
+# Use of strong authentication encouraged.
+rootpw secret
+# The database directory MUST exist prior to running slapd AND
+# should only be accessible by the slapd and slap tools.
+# Mode 700 recommended.
+directory /var/lib/openldap-data
+# Indices to maintain
+index objectClass eq
diff --git a/net-nds/openldap/files/openldap-2.4.6-evolution-ntlm.patch b/net-nds/openldap/files/openldap-2.4.6-evolution-ntlm.patch
new file mode 100644
index 000000000000..33ff29e0aed2
--- /dev/null
+++ b/net-nds/openldap/files/openldap-2.4.6-evolution-ntlm.patch
@@ -0,0 +1,192 @@
+diff -up evo-openldap-2.4.14/include/ldap.h.evolution-ntlm evo-openldap-2.4.14/include/ldap.h
+--- evo-openldap-2.4.14/include/ldap.h.evolution-ntlm 2009-01-27 00:29:53.000000000 +0100
++++ evo-openldap-2.4.14/include/ldap.h 2009-02-17 10:10:00.000000000 +0100
+@@ -2461,5 +2461,26 @@ ldap_parse_deref_control LDAP_P((
+ LDAPControl **ctrls,
+ LDAPDerefRes **drp ));
+
++/*
++ * hacks for NTLM
++ */
++#define LDAP_AUTH_NTLM_REQUEST ((ber_tag_t) 0x8aU)
++#define LDAP_AUTH_NTLM_RESPONSE ((ber_tag_t) 0x8bU)
++LDAP_F( int )
++ldap_ntlm_bind LDAP_P((
++ LDAP *ld,
++ LDAP_CONST char *dn,
++ ber_tag_t tag,
++ struct berval *cred,
++ LDAPControl **sctrls,
++ LDAPControl **cctrls,
++ int *msgidp ));
++LDAP_F( int )
++ldap_parse_ntlm_bind_result LDAP_P((
++ LDAP *ld,
++ LDAPMessage *res,
++ struct berval *challenge));
++
++
+ LDAP_END_DECL
+ #endif /* _LDAP_H */
+diff -up evo-openldap-2.4.14/libraries/libldap/Makefile.in.evolution-ntlm evo-openldap-2.4.14/libraries/libldap/Makefile.in
+--- evo-openldap-2.4.14/libraries/libldap/Makefile.in.evolution-ntlm 2009-01-27 00:29:53.000000000 +0100
++++ evo-openldap-2.4.14/libraries/libldap/Makefile.in 2009-02-17 10:10:00.000000000 +0100
+@@ -20,7 +20,7 @@ PROGRAMS = apitest dntest ftest ltest ur
+ SRCS = bind.c open.c result.c error.c compare.c search.c \
+ controls.c messages.c references.c extended.c cyrus.c \
+ modify.c add.c modrdn.c delete.c abandon.c \
+- sasl.c gssapi.c sbind.c unbind.c cancel.c \
++ sasl.c ntlm.c gssapi.c sbind.c unbind.c cancel.c \
+ filter.c free.c sort.c passwd.c whoami.c \
+ getdn.c getentry.c getattr.c getvalues.c addentry.c \
+ request.c os-ip.c url.c pagectrl.c sortctrl.c vlvctrl.c \
+@@ -33,7 +33,7 @@ SRCS = bind.c open.c result.c error.c co
+ OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \
+ controls.lo messages.lo references.lo extended.lo cyrus.lo \
+ modify.lo add.lo modrdn.lo delete.lo abandon.lo \
+- sasl.lo gssapi.lo sbind.lo unbind.lo cancel.lo \
++ sasl.lo ntlm.lo gssapi.lo sbind.lo unbind.lo cancel.lo \
+ filter.lo free.lo sort.lo passwd.lo whoami.lo \
+ getdn.lo getentry.lo getattr.lo getvalues.lo addentry.lo \
+ request.lo os-ip.lo url.lo pagectrl.lo sortctrl.lo vlvctrl.lo \
+diff -up /dev/null evo-openldap-2.4.14/libraries/libldap/ntlm.c
+--- /dev/null 2009-02-17 09:19:52.829004420 +0100
++++ evo-openldap-2.4.14/libraries/libldap/ntlm.c 2009-02-17 10:10:00.000000000 +0100
+@@ -0,0 +1,137 @@
++/* $OpenLDAP: pkg/ldap/libraries/libldap/ntlm.c,v 1.1.4.10 2002/01/04 20:38:21 kurt Exp $ */
++/*
++ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
++ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
++ */
++
++/* Mostly copied from sasl.c */
++
++#include "portable.h"
++
++#include <stdlib.h>
++#include <stdio.h>
++
++#include <ac/socket.h>
++#include <ac/string.h>
++#include <ac/time.h>
++#include <ac/errno.h>
++
++#include "ldap-int.h"
++
++int
++ldap_ntlm_bind(
++ LDAP *ld,
++ LDAP_CONST char *dn,
++ ber_tag_t tag,
++ struct berval *cred,
++ LDAPControl **sctrls,
++ LDAPControl **cctrls,
++ int *msgidp )
++{
++ BerElement *ber;
++ int rc;
++ ber_int_t id;
++
++ Debug( LDAP_DEBUG_TRACE, "ldap_ntlm_bind\n", 0, 0, 0 );
++
++ assert( ld != NULL );
++ assert( LDAP_VALID( ld ) );
++ assert( msgidp != NULL );
++
++ if( msgidp == NULL ) {
++ ld->ld_errno = LDAP_PARAM_ERROR;
++ return ld->ld_errno;
++ }
++
++ /* create a message to send */
++ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
++ ld->ld_errno = LDAP_NO_MEMORY;
++ return ld->ld_errno;
++ }
++
++ assert( LBER_VALID( ber ) );
++
++ LDAP_NEXT_MSGID( ld, id );
++ rc = ber_printf( ber, "{it{istON}" /*}*/,
++ id, LDAP_REQ_BIND,
++ ld->ld_version, dn, tag,
++ cred );
++
++ /* Put Server Controls */
++ if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) {
++ ber_free( ber, 1 );
++ return ld->ld_errno;
++ }
++
++ if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) {
++ ld->ld_errno = LDAP_ENCODING_ERROR;
++ ber_free( ber, 1 );
++ return ld->ld_errno;
++ }
++
++ /* send the message */
++ *msgidp = ldap_send_initial_request( ld, LDAP_REQ_BIND, dn, ber, id );
++
++ if(*msgidp < 0)
++ return ld->ld_errno;
++
++ return LDAP_SUCCESS;
++}
++
++int
++ldap_parse_ntlm_bind_result(
++ LDAP *ld,
++ LDAPMessage *res,
++ struct berval *challenge)
++{
++ ber_int_t errcode;
++ ber_tag_t tag;
++ BerElement *ber;
++ ber_len_t len;
++
++ Debug( LDAP_DEBUG_TRACE, "ldap_parse_ntlm_bind_result\n", 0, 0, 0 );
++
++ assert( ld != NULL );
++ assert( LDAP_VALID( ld ) );
++ assert( res != NULL );
++
++ if ( ld == NULL || res == NULL ) {
++ return LDAP_PARAM_ERROR;
++ }
++
++ if( res->lm_msgtype != LDAP_RES_BIND ) {
++ ld->ld_errno = LDAP_PARAM_ERROR;
++ return ld->ld_errno;
++ }
++
++ if ( ld->ld_error ) {
++ LDAP_FREE( ld->ld_error );
++ ld->ld_error = NULL;
++ }
++ if ( ld->ld_matched ) {
++ LDAP_FREE( ld->ld_matched );
++ ld->ld_matched = NULL;
++ }
++
++ /* parse results */
++
++ ber = ber_dup( res->lm_ber );
++
++ if( ber == NULL ) {
++ ld->ld_errno = LDAP_NO_MEMORY;
++ return ld->ld_errno;
++ }
++
++ tag = ber_scanf( ber, "{ioa" /*}*/,
++ &errcode, challenge, &ld->ld_error );
++ ber_free( ber, 0 );
++
++ if( tag == LBER_ERROR ) {
++ ld->ld_errno = LDAP_DECODING_ERROR;
++ return ld->ld_errno;
++ }
++
++ ld->ld_errno = errcode;
++
++ return( ld->ld_errno );
++}
diff --git a/net-nds/openldap/files/slapd-confd b/net-nds/openldap/files/slapd-confd
new file mode 100644
index 000000000000..28e9d23520b7
--- /dev/null
+++ b/net-nds/openldap/files/slapd-confd
@@ -0,0 +1,14 @@
+# conf.d file for openldap
+#
+# To enable both the standard unciphered server and the ssl encrypted
+# one uncomment this line or set any other server starting options
+# you may desire.
+#
+# OPTS="-h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'"
+# Uncomment the below to use the new slapd configuration for openldap 2.3
+#OPTS="-F /etc/openldap/slapd.d -h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'"
+#
+# If you change the above listen statement to bind on a specific IP for
+# listening, you should ensure that interface is up here (change eth0 as
+# needed).
+#rc_need="net.eth0"
diff --git a/net-nds/openldap/files/slapd-confd-2.4.28-r1 b/net-nds/openldap/files/slapd-confd-2.4.28-r1
new file mode 100644
index 000000000000..ef19899a3796
--- /dev/null
+++ b/net-nds/openldap/files/slapd-confd-2.4.28-r1
@@ -0,0 +1,26 @@
+# conf.d file for openldap
+#
+# To enable both the standard unciphered server and the ssl encrypted
+# one uncomment this line or set any other server starting options
+# you may desire.
+
+# If you have multiple slapd instances per #376699, this will provide a default config
+INSTANCE="openldap${SVCNAME#slapd}"
+
+# If you use the classical configuration file:
+OPTS_CONF="-f /etc/${INSTANCE}/slapd.conf"
+# Uncomment this instead to use the new slapd.d configuration directory for openldap 2.3
+#OPTS_CONF="-F /etc/${INSTANCE}/slapd.d"
+# (the OPTS_CONF variable is also passed to slaptest during startup)
+
+OPTS="${OPTS_CONF} -h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'"
+# Optional connectionless LDAP:
+#OPTS="${OPTS_CONF} -h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock cldap://'"
+
+# If you change the above listen statement to bind on a specific IP for
+# listening, you should ensure that interface is up here (change eth0 as
+# needed).
+#rc_need="net.eth0"
+
+# Specify the kerberos keytab file
+#KRB5_KTNAME=/etc/openldap/krb5-ldap.keytab
diff --git a/net-nds/openldap/files/slapd-initd b/net-nds/openldap/files/slapd-initd
new file mode 100644
index 000000000000..1e674802ebf8
--- /dev/null
+++ b/net-nds/openldap/files/slapd-initd
@@ -0,0 +1,30 @@
+#!/sbin/runscript
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+depend() {
+ need net.lo
+ before hald avahi-daemon
+}
+
+start() {
+ checkpath -q -d /var/run/openldap/ -o ldap:ldap
+ if ! checkconfig ; then
+ eerror "There is a problem with your slapd.conf!"
+ return 1
+ fi
+ ebegin "Starting ldap-server"
+ eval start-stop-daemon --start --pidfile /var/run/openldap/slapd.pid --exec /usr/lib/openldap/slapd -- -u ldap -g ldap "${OPTS}"
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping ldap-server"
+ start-stop-daemon --stop --signal 2 --quiet --pidfile /var/run/openldap/slapd.pid
+ eend $?
+}
+
+checkconfig() {
+ /usr/sbin/slaptest -u "$@" ${OPTS_CONF}
+}
diff --git a/net-nds/openldap/files/slapd-initd-2.4.28-r1 b/net-nds/openldap/files/slapd-initd-2.4.28-r1
new file mode 100644
index 000000000000..52d3e4b2f273
--- /dev/null
+++ b/net-nds/openldap/files/slapd-initd-2.4.28-r1
@@ -0,0 +1,36 @@
+#!/sbin/runscript
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+extra_commands="checkconfig"
+
+[ -z "$INSTANCE" ] && INSTANCE="openldap${SVCNAME#slapd}"
+
+depend() {
+ need net
+ before dbus hald avahi-daemon
+ provide ldap
+}
+
+start() {
+ checkpath -q -d /var/run/openldap/ -o ldap:ldap
+ if ! checkconfig -Q ; then
+ eerror "There is a problem with your slapd.conf!"
+ return 1
+ fi
+ ebegin "Starting ldap-server"
+ [ -n "$KRB5_KTNAME" ] && export KRB5_KTNAME
+ eval start-stop-daemon --start --pidfile /var/run/openldap/${SVCNAME}.pid --exec /usr/lib/openldap/slapd -- -u ldap -g ldap "${OPTS}"
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping ldap-server"
+ start-stop-daemon --stop --signal 2 --quiet --pidfile /var/run/openldap/${SVCNAME}.pid
+ eend $?
+}
+
+checkconfig() {
+ /usr/sbin/slaptest -u "$@" ${OPTS_CONF}
+}
diff --git a/net-nds/openldap/files/slapd-initd-2.4.40 b/net-nds/openldap/files/slapd-initd-2.4.40
new file mode 100644
index 000000000000..dc0e021e1817
--- /dev/null
+++ b/net-nds/openldap/files/slapd-initd-2.4.40
@@ -0,0 +1,51 @@
+#!/sbin/runscript
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+extra_commands="checkconfig"
+
+[ -z "$INSTANCE" ] && INSTANCE="openldap${SVCNAME#slapd}"
+PIDDIR=/run/openldap
+PIDFILE=$PIDDIR/$SVCNAME.pid
+
+depend() {
+ need net
+ before dbus hald avahi-daemon
+ provide ldap
+}
+
+start() {
+ checkpath -q -d ${PIDDIR} -o ldap:ldap
+ if ! checkconfig -Q ; then
+ eerror "There is a problem with your slapd.conf!"
+ return 1
+ fi
+ ebegin "Starting ldap-server"
+ [ -n "$KRB5_KTNAME" ] && export KRB5_KTNAME
+ eval start-stop-daemon --start --pidfile ${PIDFILE} --exec /usr/lib/openldap/slapd -- -u ldap -g ldap "${OPTS}"
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping ldap-server"
+ start-stop-daemon --stop --signal 2 --quiet --pidfile ${PIDFILE}
+ eend $?
+}
+
+checkconfig() {
+ # checks requested by bug #502948
+ for d in `awk '/^directory/{print $2}'`; do
+ if [ ! -d $d ]; then
+ eerror "Directory $d in config does not exist!"
+ return 1
+ fi
+ /usr/bin/find $d ! -name DB_CONFIG ! -user ldap -o ! -group ldap |grep -sq .
+ if [ $? -ne 0 ]; then
+ ewarn "You have files in $d not owned by the ldap user, you must ensure they are accessible to the slapd instance!"
+ fi
+ [ ! -e $d/DB_CONFIG ] && ewarn "$d/DB_CONFIG does not exist, slapd performance may be sub-optimal"
+ done
+ # now test the config fully
+ /usr/sbin/slaptest -u "$@" ${OPTS_CONF}
+}
diff --git a/net-nds/openldap/files/slapd-initd-2.4.40-r1 b/net-nds/openldap/files/slapd-initd-2.4.40-r1
new file mode 100644
index 000000000000..9a68fb7f80be
--- /dev/null
+++ b/net-nds/openldap/files/slapd-initd-2.4.40-r1
@@ -0,0 +1,65 @@
+#!/sbin/runscript
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+extra_commands="checkconfig"
+
+[ -z "$INSTANCE" ] && INSTANCE="openldap${SVCNAME#slapd}"
+PIDDIR=/run/openldap
+PIDFILE=$PIDDIR/$SVCNAME.pid
+
+depend() {
+ need net
+ before dbus hald avahi-daemon
+ provide ldap
+}
+
+start() {
+ checkpath -q -d ${PIDDIR} -o ldap:ldap
+ if ! checkconfig -Q ; then
+ eerror "There is a problem with your slapd.conf!"
+ return 1
+ fi
+ ebegin "Starting ldap-server"
+ [ -n "$KRB5_KTNAME" ] && export KRB5_KTNAME
+ eval start-stop-daemon --start --pidfile ${PIDFILE} --exec /usr/lib/openldap/slapd -- -u ldap -g ldap "${OPTS}"
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping ldap-server"
+ start-stop-daemon --stop --signal 2 --quiet --pidfile ${PIDFILE}
+ eend $?
+}
+
+checkconfig() {
+ # checks requested by bug #502948
+ # Step 1: extract the last valid config file or config dir
+ set -- $OPTS
+ while [ -n "$*" ]; do
+ opt=$1 ; shift
+ if [ "$opt" = "-f" -o "$opt" = "-F" ] ; then
+ CONF=$1
+ shift
+ fi
+ done
+ set --
+ # Fallback
+ CONF=${CONF-/etc/openldap/slapd.conf}
+ [ -d $CONF ] && CONF=${CONF}/*
+ DBDIRS=`eval awk '"/^(directory|olcDbDirectory:)/{print \$2}"' $CONF`
+ for d in $DBDIRS; do
+ if [ ! -d $d ]; then
+ eerror "Directory $d in config does not exist!"
+ return 1
+ fi
+ /usr/bin/find $d ! -name DB_CONFIG ! -user ldap -o ! -group ldap |grep -sq .
+ if [ $? -ne 0 ]; then
+ ewarn "You have files in $d not owned by the ldap user, you must ensure they are accessible to the slapd instance!"
+ fi
+ [ ! -e $d/DB_CONFIG ] && ewarn "$d/DB_CONFIG does not exist, slapd performance may be sub-optimal"
+ done
+ # now test the config fully
+ /usr/sbin/slaptest -u "$@" ${OPTS_CONF}
+}
diff --git a/net-nds/openldap/files/slapd-initd-2.4.40-r2 b/net-nds/openldap/files/slapd-initd-2.4.40-r2
new file mode 100644
index 000000000000..b38cc4fa3ab9
--- /dev/null
+++ b/net-nds/openldap/files/slapd-initd-2.4.40-r2
@@ -0,0 +1,65 @@
+#!/sbin/runscript
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+extra_commands="checkconfig"
+
+[ -z "$INSTANCE" ] && INSTANCE="openldap${SVCNAME#slapd}"
+PIDDIR=/run/openldap
+PIDFILE=$PIDDIR/$SVCNAME.pid
+
+depend() {
+ need net
+ before dbus hald avahi-daemon
+ provide ldap
+}
+
+start() {
+ checkpath -q -d ${PIDDIR} -o ldap:ldap
+ if ! checkconfig -Q ; then
+ eerror "There is a problem with your slapd.conf!"
+ return 1
+ fi
+ ebegin "Starting ldap-server"
+ [ -n "$KRB5_KTNAME" ] && export KRB5_KTNAME
+ eval start-stop-daemon --start --pidfile ${PIDFILE} --exec /usr/lib/openldap/slapd -- -u ldap -g ldap "${OPTS}"
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping ldap-server"
+ start-stop-daemon --stop --signal 2 --quiet --pidfile ${PIDFILE}
+ eend $?
+}
+
+checkconfig() {
+ # checks requested by bug #502948
+ # Step 1: extract the last valid config file or config dir
+ set -- $OPTS
+ while [ -n "$*" ]; do
+ opt=$1 ; shift
+ if [ "$opt" = "-f" -o "$opt" = "-F" ] ; then
+ CONF=$1
+ shift
+ fi
+ done
+ set --
+ # Fallback
+ CONF=${CONF-/etc/openldap/slapd.conf}
+ [ -d $CONF ] && CONF=${CONF}/*
+ DBDIRS=`eval awk '"/^(directory|olcDbDirectory:)/{print \\$2}"' $CONF`
+ for d in $DBDIRS; do
+ if [ ! -d $d ]; then
+ eerror "Directory $d in config does not exist!"
+ return 1
+ fi
+ /usr/bin/find $d ! -name DB_CONFIG ! -user ldap -o ! -group ldap |grep -sq .
+ if [ $? -ne 0 ]; then
+ ewarn "You have files in $d not owned by the ldap user, you must ensure they are accessible to the slapd instance!"
+ fi
+ [ ! -e $d/DB_CONFIG ] && ewarn "$d/DB_CONFIG does not exist, slapd performance may be sub-optimal"
+ done
+ # now test the config fully
+ /usr/sbin/slaptest -u "$@" ${OPTS_CONF}
+}
diff --git a/net-nds/openldap/files/slapd-initd2 b/net-nds/openldap/files/slapd-initd2
new file mode 100644
index 000000000000..743031281925
--- /dev/null
+++ b/net-nds/openldap/files/slapd-initd2
@@ -0,0 +1,22 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+depend() {
+ need net
+ before dbus hald avahi-daemon
+ provide ldap
+}
+
+start() {
+ ebegin "Starting ldap-server"
+ eval start-stop-daemon --start --pidfile /var/run/openldap/slapd.pid --exec /usr/lib/openldap/slapd -- -u ldap -g ldap "${OPTS}"
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping ldap-server"
+ start-stop-daemon --stop --signal 2 --quiet --pidfile /var/run/openldap/slapd.pid
+ eend $?
+}
diff --git a/net-nds/openldap/files/slapd.service b/net-nds/openldap/files/slapd.service
new file mode 100644
index 000000000000..3427b87e936e
--- /dev/null
+++ b/net-nds/openldap/files/slapd.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=OpenLDAP Server Daemon
+After=network.target
+
+[Service]
+Type=forking
+PIDFile=/run/openldap/slapd.pid
+ExecStartPre=/usr/sbin/slaptest -Q -u $SLAPD_OPTIONS
+ExecStart=/usr/lib/openldap/slapd -u ldap -h ${SLAPD_URLS} $SLAPD_OPTIONS
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-nds/openldap/files/slapd.service.conf b/net-nds/openldap/files/slapd.service.conf
new file mode 100644
index 000000000000..812ea68ed475
--- /dev/null
+++ b/net-nds/openldap/files/slapd.service.conf
@@ -0,0 +1,12 @@
+[Service]
+# Use the classical configuration file:
+#Environment="SLAPD_OPTIONS=-f /etc/openldap/slapd.conf"
+# Use the slapd configuration directory:
+#Environment="SLAPD_OPTIONS=-F /etc/openldap/slapd.d"
+
+Environment="SLAPD_URLS=ldaps:/// ldap:/// ldapi:///"
+# Other examples:
+#Environment="SLAPD_URLS=ldap://127.0.0.1/ ldap://10.0.0.1:1389/ cldap:///"
+
+# Specify the kerberos keytab file
+#Environment=KRB5_KTNAME=/etc/openldap/krb5-ldap.keytab
diff --git a/net-nds/openldap/files/slapd.tmpfilesd b/net-nds/openldap/files/slapd.tmpfilesd
new file mode 100644
index 000000000000..634cea1642a9
--- /dev/null
+++ b/net-nds/openldap/files/slapd.tmpfilesd
@@ -0,0 +1,2 @@
+# openldap runtime directory for slapd.arg and slapd.pid
+d /run/openldap 0755 ldap ldap -
diff --git a/net-nds/openldap/files/slurpd-initd b/net-nds/openldap/files/slurpd-initd
new file mode 100644
index 000000000000..1b315918d8af
--- /dev/null
+++ b/net-nds/openldap/files/slurpd-initd
@@ -0,0 +1,22 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+depend() {
+ need net
+}
+
+start() {
+ ebegin "Starting slurpd"
+ start-stop-daemon --start --quiet \
+ --exec /usr/lib/openldap/slurpd
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping slurpd"
+ start-stop-daemon --stop --quiet \
+ --exec /usr/lib/openldap/slurpd
+ eend $?
+}
diff --git a/net-nds/openldap/metadata.xml b/net-nds/openldap/metadata.xml
new file mode 100644
index 000000000000..cf1698e95ba0
--- /dev/null
+++ b/net-nds/openldap/metadata.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <herd>ldap</herd>
+ <maintainer>
+ <email>ldap-bugs@gentoo.org</email>
+ </maintainer>
+ <use>
+ <flag name='experimental'>Enable experimental backend options</flag>
+ <flag name='odbc'>Enable ODBC and SQL backend options</flag>
+ <flag name='overlays'>Enable contributed OpenLDAP overlays</flag>
+ <flag name='smbkrb5passwd'>Enable overlay for syncing ldap, unix and
+ lanman passwords</flag>
+ <flag name='minimal'>Build libraries &amp; userspace tools only. Does not install any server code.</flag>
+ </use>
+</pkgmetadata>
diff --git a/net-nds/openldap/openldap-2.3.43-r3.ebuild b/net-nds/openldap/openldap-2.3.43-r3.ebuild
new file mode 100644
index 000000000000..a7dc89bae5e1
--- /dev/null
+++ b/net-nds/openldap/openldap-2.3.43-r3.ebuild
@@ -0,0 +1,540 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="2"
+
+WANT_AUTOCONF="latest"
+WANT_AUTOMAKE="latest"
+AT_M4DIR="./build"
+inherit autotools db-use eutils flag-o-matic multilib ssl-cert toolchain-funcs versionator user
+
+DESCRIPTION="LDAP suite of application and development tools"
+HOMEPAGE="http://www.OpenLDAP.org/"
+SRC_URI="mirror://openldap/openldap-release/${P}.tgz"
+
+LICENSE="OPENLDAP GPL-2"
+SLOT="0"
+KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 sh sparc ~sparc-fbsd x86 ~x86-fbsd"
+IUSE="berkdb crypt debug gdbm ipv6 kerberos minimal odbc overlays perl samba sasl slp smbkrb5passwd ssl tcpd selinux"
+
+# note that the 'samba' USE flag pulling in OpenSSL is NOT an error. OpenLDAP
+# uses OpenSSL for LanMan/NTLM hashing (which is used in some enviroments, like
+# mine at work)!
+# Robin H. Johnson <robbat2@gentoo.org> March 8, 2004
+
+RDEPEND="sys-libs/ncurses
+ tcpd? ( sys-apps/tcp-wrappers )
+ ssl? ( dev-libs/openssl )
+ sasl? ( dev-libs/cyrus-sasl )
+ !minimal? (
+ odbc? ( dev-db/unixODBC )
+ slp? ( net-libs/openslp )
+ perl? ( || ( >=dev-lang/perl-5.16 <dev-lang/perl-5.16[-build] ) )
+ samba? ( dev-libs/openssl )
+ kerberos? ( virtual/krb5 )
+ berkdb? (
+ || ( sys-libs/db:4.5
+ sys-libs/db:4.4
+ sys-libs/db:4.3
+ >=sys-libs/db-4.2.52_p2-r1:4.2
+ )
+ )
+ !berkdb? (
+ gdbm? ( sys-libs/gdbm )
+ !gdbm? (
+ || ( sys-libs/db:4.5
+ sys-libs/db:4.4
+ sys-libs/db:4.3
+ >=sys-libs/db-4.2.52_p2-r1:4.2
+ )
+ )
+ )
+ smbkrb5passwd? (
+ dev-libs/openssl
+ app-crypt/heimdal
+ )
+ )
+ selinux? ( sec-policy/selinux-ldap )"
+DEPEND="${RDEPEND}"
+
+# for tracking versions
+OPENLDAP_VERSIONTAG=".version-tag"
+OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
+
+openldap_upgrade_howto() {
+ eerror
+ eerror "A (possible old) installation of OpenLDAP was detected,"
+ eerror "installation will not proceed for now."
+ eerror
+ eerror "As major version upgrades can corrupt your database,"
+ eerror "you need to dump your database and re-create it afterwards."
+ eerror ""
+ d="$(date -u +%s)"
+ l="/root/ldapdump.${d}"
+ i="${l}.raw"
+ eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
+ eerror " 2. slapcat -l ${i}"
+ eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
+ eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
+ eerror " 5. emerge --update \=net-nds/${PF}"
+ eerror " 6. etc-update, and ensure that you apply the changes"
+ eerror " 7. slapadd -l ${l}"
+ eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
+ eerror " 9. /etc/init.d/slapd start"
+ eerror "10. check that your data is intact."
+ eerror "11. set up the new replication system."
+ eerror
+ if [ "${FORCE_UPGRADE}" != "1" ]; then
+ die "You need to upgrade your database first"
+ else
+ eerror "You have the magical FORCE_UPGRADE=1 in place."
+ eerror "Don't say you weren't warned about data loss."
+ fi
+}
+
+openldap_find_versiontags() {
+ # scan for all datadirs
+ openldap_datadirs=""
+ if [ -f "${ROOT}"/etc/openldap/slapd.conf ]; then
+ openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${ROOT}/etc/openldap/slapd.conf)"
+ fi
+ openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
+
+ einfo
+ einfo "Scanning datadir(s) from slapd.conf and"
+ einfo "the default installdir for Versiontags"
+ einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
+ einfo
+
+ # scan datadirs if we have a version tag
+ openldap_found_tag=0
+ for each in ${openldap_datadirs}; do
+ CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
+ CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
+ if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
+ einfo "- Checking ${each}..."
+ if [ -r ${CURRENT_TAG} ] ; then
+ # yey, we have one :)
+ einfo " Found Versiontag in ${each}"
+ source ${CURRENT_TAG}
+ if [ "${OLDPF}" == "" ] ; then
+ eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
+ eerror "Please delete it"
+ eerror
+ die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
+ fi
+
+ OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
+
+ # are we on the same branch?
+ if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
+ ewarn " Versiontag doesn't match current major release!"
+ if [[ `ls -a ${CURRENT_TAGDIR} | wc -l` -gt 5 ]] ; then
+ eerror " Versiontag says other major and you (probably) have datafiles!"
+ echo
+ openldap_upgrade_howto
+ else
+ einfo " No real problem, seems there's no database."
+ fi
+ else
+ einfo " Versiontag is fine here :)"
+ fi
+ else
+ einfo " Non-tagged dir ${each}"
+ if [[ `ls -a ${each} | wc -l` > 5 ]] ; then
+ einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
+ echo
+
+ eerror
+ eerror "Your OpenLDAP Installation has a non tagged datadir that"
+ eerror "possibly contains a database at ${CURRENT_TAGDIR}"
+ eerror
+ eerror "Please export data if any entered and empty or remove"
+ eerror "the directory, installation has been stopped so you"
+ eerror "can take required action"
+ eerror
+ eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
+ eerror
+ die "Please move the datadir ${CURRENT_TAGDIR} away"
+ fi
+ fi
+ einfo
+ fi
+ done
+
+ echo
+ einfo
+ einfo "All datadirs are fine, proceeding with merge now..."
+ einfo
+
+}
+
+pkg_setup() {
+ if has_version "<=dev-lang/perl-5.8.8_rc1" && built_with_use dev-lang/perl minimal ; then
+ die "You must have a complete (USE='-minimal') Perl install to use the perl backend!"
+ fi
+
+ if use samba && ! use ssl ; then
+ eerror "LAN manager passwords need ssl flag set"
+ die "Please set ssl useflag"
+ fi
+
+ if use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
+ einfo
+ einfo "Skipping scan for previous datadirs as requested by minimal useflag"
+ einfo
+ else
+ openldap_find_versiontags
+ fi
+
+ enewgroup ldap 439
+ enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
+}
+
+src_prepare() {
+ # According to MDK, the link order needs to be changed so that
+ # on systems w/ MD5 passwords the system crypt library is used
+ # (the net result is that "passwd" can be used to change ldap passwords w/
+ # proper pam support)
+ sed -i -e 's/$(SECURITY_LIBS) $(LDIF_LIBS) $(LUTIL_LIBS)/$(LUTIL_LIBS) $(SECURITY_LIBS) $(LDIF_LIBS)/' \
+ "${S}"/servers/slapd/Makefile.in
+
+ # supersedes old fix for bug #31202
+ EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch
+
+ # ensure correct SLAPI path by default
+ sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "/var/run/openldap/slapd.sock",' \
+ "${S}"/include/ldap_defaults.h
+
+ EPATCH_OPTS="-p0 -d ${S}"
+
+ # ximian connector 1.4.7 ntlm patch
+ epatch "${FILESDIR}"/${PN}-2.2.6-ntlm.patch
+
+ # bug #132263
+ epatch "${FILESDIR}"/${PN}-2.3.21-ppolicy.patch
+
+ # bug #189817
+ epatch "${FILESDIR}"/${PN}-2.3.37-libldap_r.patch
+
+ # fix up stuff for newer autoconf that simulates autoconf-2.13, but doesn't
+ # do it perfectly.
+ cd "${S}"/build
+ ln -s shtool install
+ ln -s shtool install.sh
+ einfo "Making sure upstream build strip does not do stripping too early"
+ sed -i.orig \
+ -e '/^STRIP/s,-s,,g' \
+ top.mk || die "Failed to block stripping"
+
+ # bug #116045
+ # patch contrib modules
+ if ! use minimal ; then
+ cd "${S}"/contrib
+ epatch "${FILESDIR}"/${PN}-2.3.24-contrib-smbk5pwd.patch
+ fi
+ # Fix gcc-4.4 compat, bug 264761
+ epatch "${FILESDIR}/openldap-2.3.XY-gcc44.patch"
+}
+
+src_configure() {
+ local myconf
+
+ #Fix for glibc-2.8 and ucred. Bug 228457.
+ append-flags -D_GNU_SOURCE
+
+ # HDB is only available with BerkDB
+ myconf_berkdb='--enable-bdb --enable-ldbm-api=berkeley --enable-hdb=mod'
+ myconf_gdbm='--disable-bdb --enable-ldbm-api=gdbm --disable-hdb'
+
+ use debug && myconf="${myconf} --enable-debug" # there is no disable-debug
+
+ # enable slapd/slurpd servers if not doing a minimal build
+ if ! use minimal ; then
+ myconf="${myconf} --enable-slapd --enable-slurpd"
+ # base backend stuff
+ myconf="${myconf} --enable-ldbm"
+ if use berkdb ; then
+ einfo "Using Berkeley DB for local backend"
+ myconf="${myconf} ${myconf_berkdb}"
+ # We need to include the slotted db.h dir for FreeBSD
+ append-cppflags -I$(db_includedir 4.5 4.4 4.3 4.2 )
+ elif use gdbm ; then
+ einfo "Using GDBM for local backend"
+ myconf="${myconf} ${myconf_gdbm}"
+ else
+ ewarn "Neither gdbm or berkdb USE flags present, falling back to"
+ ewarn "Berkeley DB for local backend"
+ myconf="${myconf} ${myconf_berkdb}"
+ # We need to include the slotted db.h dir for FreeBSD
+ append-cppflags -I$(db_includedir 4.5 4.4 4.3 4.2 )
+ fi
+ # extra backend stuff
+ myconf="${myconf} --enable-passwd=mod --enable-phonetic=mod"
+ myconf="${myconf} --enable-dnssrv=mod --enable-ldap"
+ myconf="${myconf} --enable-meta=mod --enable-monitor=mod"
+ myconf="${myconf} --enable-null=mod --enable-shell=mod"
+ myconf="${myconf} --enable-relay=mod"
+ myconf="${myconf} $(use_enable perl perl mod)"
+ myconf="${myconf} $(use_enable odbc sql mod)"
+ # slapd options
+ myconf="${myconf} $(use_enable crypt) $(use_enable slp)"
+ myconf="${myconf} --enable-rewrite --enable-rlookups"
+ myconf="${myconf} --enable-aci --enable-modules"
+ myconf="${myconf} --enable-cleartext --enable-slapi"
+ myconf="${myconf} $(use_enable samba lmpasswd)"
+ # slapd overlay options
+ myconf="${myconf} --enable-dyngroup --enable-proxycache"
+ use overlays && myconf="${myconf} --enable-overlays=mod"
+ myconf="${myconf} --enable-syncprov"
+ else
+ myconf="${myconf} --disable-slapd --disable-slurpd"
+ myconf="${myconf} --disable-bdb --disable-ldbm"
+ myconf="${myconf} --disable-hdb --disable-monitor"
+ myconf="${myconf} --disable-slurpd --disable-overlays"
+ myconf="${myconf} --disable-relay"
+ fi
+
+ # basic functionality stuff
+ myconf="${myconf} --enable-syslog --enable-dynamic"
+ myconf="${myconf} --enable-local --enable-proctitle"
+
+ myconf="${myconf} $(use_enable ipv6)"
+ myconf="${myconf} $(use_with sasl cyrus-sasl) $(use_enable sasl spasswd)"
+ myconf="${myconf} $(use_enable tcpd wrappers) $(use_with ssl tls)"
+
+ if [ $(get_libdir) != "lib" ] ; then
+ append-ldflags -L/usr/$(get_libdir)
+ fi
+
+ STRIP=/bin/true \
+ econf \
+ --enable-static \
+ --enable-shared \
+ --libexecdir=/usr/$(get_libdir)/openldap \
+ ${myconf} || die "configure failed"
+}
+
+src_compile() {
+ emake depend || die "make depend failed"
+ emake || die "make failed"
+
+ # openldap/contrib
+ tc-export CC
+ if ! use minimal ; then
+ # dsaschema
+ einfo "Building contributed dsaschema"
+ cd "${S}"/contrib/slapd-modules/dsaschema
+ ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
+ -Wall -o libdsaschema-plugin.so dsaschema.c || \
+ die "failed to compile dsaschema module"
+ # kerberos passwd
+ if use kerberos ; then
+ einfo "Building contributed pw-kerberos"
+ cd "${S}"/contrib/slapd-modules/passwd/ && \
+ ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
+ $(krb5-config --cflags) \
+ -DHAVE_KRB5 -o pw-kerberos.so kerberos.c || \
+ die "failed to compile kerberos password module"
+ fi
+ # netscape mta-md5 password
+ einfo "Building contributed pw-netscape"
+ cd "${S}"/contrib/slapd-modules/passwd/ && \
+ ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
+ -o pw-netscape.so netscape.c || \
+ die "failed to compile netscape password module"
+ # smbk5pwd overlay
+ # Note: this modules builds, but may not work with
+ # Gentoo's MIT-Kerberos. It was designed for Heimdal
+ # Kerberos.
+ if use smbkrb5passwd ; then
+ einfo "Building contributed smbk5pwd"
+ local mydef
+ local mykrb5inc
+ mydef="-DDO_SAMBA -DDO_KRB5"
+ mykrb5inc="$(krb5-config --cflags)"
+ cd "${S}"/contrib/slapd-modules/smbk5pwd && \
+ libexecdir="/usr/$(get_libdir)/openldap" \
+ DEFS="${mydef}" KRB5_INC="${mykrb5inc}" emake || \
+ die "failed to compile smbk5pwd module"
+ fi
+ # addrdnvalues
+ einfo "Building contributed addrdnvalues"
+ cd "${S}"/contrib/slapi-plugins/addrdnvalues/ && \
+ ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
+ -o libaddrdnvalues-plugin.so addrdnvalues.c || \
+ die "failed to compile addrdnvalues plugin"
+ fi
+}
+
+src_test() {
+ einfo "Doing tests"
+ cd tests ; make tests || die "make tests failed"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "make install failed"
+
+ dodoc ANNOUNCEMENT CHANGES COPYRIGHT README "${FILESDIR}"/DB_CONFIG.fast.example
+ docinto rfc ; dodoc doc/rfc/*.txt
+
+ # openldap modules go here
+ # TODO: write some code to populate slapd.conf with moduleload statements
+ keepdir /usr/$(get_libdir)/openldap/openldap/
+
+ # make state directories
+ local dirlist="data"
+ if ! use minimal; then
+ dirlist="${dirlist} slurp ldbm"
+ fi
+ for x in ${dirlist}; do
+ keepdir /var/lib/openldap-${x}
+ fowners ldap:ldap /var/lib/openldap-${x}
+ fperms 0700 /var/lib/openldap-${x}
+ done
+
+ echo "OLDPF='${PF}'" > "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+ echo "# do NOT delete this. it is used" >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+ echo "# to track versions for upgrading." >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+
+ # manually remove /var/tmp references in .la
+ # because it is packaged with an ancient libtool
+ #for x in "${D}"/usr/$(get_libdir)/lib*.la; do
+ # sed -i -e "s:-L${S}[/]*libraries::" ${x}
+ #done
+
+ # change slapd.pid location in configuration file
+ keepdir /var/run/openldap
+ fowners ldap:ldap /var/run/openldap
+ fperms 0755 /var/run/openldap
+
+ if ! use minimal; then
+ # use our config
+ rm "${D}"etc/openldap/slapd.con*
+ insinto /etc/openldap
+ newins "${FILESDIR}"/${PN}-2.3.34-slapd-conf slapd.conf
+ configfile="${D}"etc/openldap/slapd.conf
+
+ # populate with built backends
+ ebegin "populate config with built backends"
+ for x in "${D}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
+ elog "Adding $(basename ${x})"
+ sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
+ done
+ sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
+ fowners root:ldap /etc/openldap/slapd.conf
+ fperms 0640 /etc/openldap/slapd.conf
+ cp "${configfile}" "${configfile}".default
+ eend
+
+ # install our own init scripts
+ newinitd "${FILESDIR}"/slapd-initd slapd
+ newinitd "${FILESDIR}"/slurpd-initd slurpd
+ newconfd "${FILESDIR}"/slapd-confd slapd
+
+ if [ $(get_libdir) != lib ]; then
+ sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i "${D}"etc/init.d/{slapd,slurpd}
+ fi
+
+ # install contributed modules
+ docinto /
+ if [ -e "${S}"/contrib/slapd-modules/dsaschema/libdsaschema-plugin.so ];
+ then
+ cd "${S}"/contrib/slapd-modules/dsaschema/
+ newdoc README README.contrib.dsaschema
+ exeinto /usr/$(get_libdir)/openldap/openldap
+ doexe libdsaschema-plugin.so || \
+ die "failed to install dsaschema module"
+ fi
+ if [ -e "${S}"/contrib/slapd-modules/passwd/pw-kerberos.so ]; then
+ cd "${S}"/contrib/slapd-modules/passwd/
+ newdoc README README.contrib.passwd
+ exeinto /usr/$(get_libdir)/openldap/openldap
+ doexe pw-kerberos.so || \
+ die "failed to install kerberos passwd module"
+ fi
+ if [ -e "${S}"/contrib/slapd-modules/passwd/pw-netscape.so ]; then
+ cd "${S}"/contrib/slapd-modules/passwd/
+ newdoc README README.contrib.passwd
+ exeinto /usr/$(get_libdir)/openldap/openldap
+ doexe "${S}"/contrib/slapd-modules/passwd/pw-netscape.so || \
+ die "failed to install Netscape MTA-MD5 passwd module"
+ fi
+ if [ -e "${S}"/contrib/slapd-modules/smbk5pwd/.libs/smbk5pwd.so ]; then
+ cd "${S}"/contrib/slapd-modules/smbk5pwd
+ newdoc README README.contrib.smbk5pwd
+ libexecdir="/usr/$(get_libdir)/openldap" \
+ emake DESTDIR="${D}" install-mod || \
+ die "failed to install smbk5pwd overlay module"
+ fi
+ if [ -e "${S}"/contrib/slapd-tools/statslog ]; then
+ cd "${S}"/contrib/slapd-tools
+ exeinto /usr/bin
+ newexe statslog ldapstatslog || \
+ die "failed to install ldapstatslog script"
+ fi
+ if [ -e "${S}"/contrib/slapi-plugins/addrdnvalues/libaddrdnvalues-plugin.so ];
+ then
+ cd "${S}"/contrib/slapi-plugins/addrdnvalues
+ newdoc README README.contrib.addrdnvalues
+ exeinto /usr/$(get_libdir)/openldap/openldap
+ doexe libaddrdnvalues-plugin.so || \
+ die "failed to install addrdnvalues plugin"
+ fi
+ fi
+}
+
+pkg_preinst() {
+ # keep old libs if any
+ LIBSUFFIXES=".so.2.0.130 -2.2.so.7"
+ for LIBSUFFIX in ${LIBSUFFIXES} ; do
+ for each in libldap libldap_r liblber ; do
+ preserve_old_lib "usr/$(get_libdir)/${each}${LIBSUFFIX}"
+ done
+ done
+}
+
+pkg_postinst() {
+ if ! use minimal ; then
+ # You cannot build SSL certificates during src_install that will make
+ # binary packages containing your SSL key, which is both a security risk
+ # and a misconfiguration if multiple machines use the same key and cert.
+ # Additionally, it overwrites
+ if use ssl; then
+ install_cert /etc/openldap/ssl/ldap
+ chown ldap:ldap "${ROOT}"etc/openldap/ssl/ldap.*
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "add 'TLS_REQCERT never' if you want to use them."
+ fi
+ # These lines force the permissions of various content to be correct
+ chown ldap:ldap "${ROOT}"var/run/openldap
+ chmod 0755 "${ROOT}"var/run/openldap
+ chown root:ldap "${ROOT}"etc/openldap/slapd.conf{,.default}
+ chmod 0640 "${ROOT}"etc/openldap/slapd.conf{,.default}
+ chown ldap:ldap "${ROOT}"var/lib/openldap-{data,ldbm,slurp}
+ fi
+
+ # Reference inclusion bug #77330
+ echo
+ elog
+ elog "Getting started using OpenLDAP? There is some documentation available:"
+ elog "Gentoo Guide to OpenLDAP Authentication"
+ elog "(http://www.gentoo.org/doc/en/ldap-howto.xml)"
+ elog
+
+ # note to bug #110412
+ echo
+ elog
+ elog "An example file for tuning BDB backends with openldap is"
+ elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
+ elog
+
+ LIBSUFFIXES=".so.2.0.130 -2.2.so.7"
+ for LIBSUFFIX in ${LIBSUFFIXES} ; do
+ for each in liblber libldap libldap_r ; do
+ preserve_old_lib_notify "usr/$(get_libdir)/${each}${LIBSUFFIX}"
+ done
+ done
+}
diff --git a/net-nds/openldap/openldap-2.3.43-r4.ebuild b/net-nds/openldap/openldap-2.3.43-r4.ebuild
new file mode 100644
index 000000000000..31e2590ca6e7
--- /dev/null
+++ b/net-nds/openldap/openldap-2.3.43-r4.ebuild
@@ -0,0 +1,546 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="2"
+
+WANT_AUTOCONF="latest"
+WANT_AUTOMAKE="latest"
+AT_M4DIR="./build"
+inherit autotools db-use eutils flag-o-matic multilib ssl-cert toolchain-funcs versionator user
+
+DESCRIPTION="LDAP suite of application and development tools"
+HOMEPAGE="http://www.OpenLDAP.org/"
+SRC_URI="mirror://openldap/openldap-release/${P}.tgz"
+
+LICENSE="OPENLDAP GPL-2"
+SLOT="0"
+KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 ~sh sparc x86 ~sparc-fbsd ~x86-fbsd"
+IUSE="berkdb crypt debug gdbm ipv6 kerberos minimal odbc overlays perl samba sasl slp smbkrb5passwd ssl tcpd selinux"
+
+# note that the 'samba' USE flag pulling in OpenSSL is NOT an error. OpenLDAP
+# uses OpenSSL for LanMan/NTLM hashing (which is used in some enviroments, like
+# mine at work)!
+# Robin H. Johnson <robbat2@gentoo.org> March 8, 2004
+
+RDEPEND="sys-libs/ncurses
+ tcpd? ( sys-apps/tcp-wrappers )
+ ssl? ( dev-libs/openssl )
+ sasl? ( dev-libs/cyrus-sasl )
+ !minimal? (
+ odbc? ( dev-db/unixODBC )
+ slp? ( net-libs/openslp )
+ perl? ( || ( >=dev-lang/perl-5.16 <dev-lang/perl-5.16[-build] ) )
+ samba? ( dev-libs/openssl )
+ kerberos? ( virtual/krb5 )
+ berkdb? (
+ || ( sys-libs/db:4.5
+ sys-libs/db:4.4
+ sys-libs/db:4.3
+ >=sys-libs/db-4.2.52_p2-r1:4.2
+ )
+ )
+ !berkdb? (
+ gdbm? ( sys-libs/gdbm )
+ !gdbm? (
+ || ( sys-libs/db:4.5
+ sys-libs/db:4.4
+ sys-libs/db:4.3
+ >=sys-libs/db-4.2.52_p2-r1:4.2
+ )
+ )
+ )
+ smbkrb5passwd? (
+ dev-libs/openssl
+ app-crypt/heimdal
+ )
+ )
+ selinux? ( sec-policy/selinux-ldap )"
+DEPEND="${RDEPEND}"
+
+# for tracking versions
+OPENLDAP_VERSIONTAG=".version-tag"
+OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
+
+openldap_upgrade_howto() {
+ eerror
+ eerror "A (possible old) installation of OpenLDAP was detected,"
+ eerror "installation will not proceed for now."
+ eerror
+ eerror "As major version upgrades can corrupt your database,"
+ eerror "you need to dump your database and re-create it afterwards."
+ eerror ""
+ d="$(date -u +%s)"
+ l="/root/ldapdump.${d}"
+ i="${l}.raw"
+ eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
+ eerror " 2. slapcat -l ${i}"
+ eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
+ eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
+ eerror " 5. emerge --update \=net-nds/${PF}"
+ eerror " 6. etc-update, and ensure that you apply the changes"
+ eerror " 7. slapadd -l ${l}"
+ eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
+ eerror " 9. /etc/init.d/slapd start"
+ eerror "10. check that your data is intact."
+ eerror "11. set up the new replication system."
+ eerror
+ if [ "${FORCE_UPGRADE}" != "1" ]; then
+ die "You need to upgrade your database first"
+ else
+ eerror "You have the magical FORCE_UPGRADE=1 in place."
+ eerror "Don't say you weren't warned about data loss."
+ fi
+}
+
+openldap_find_versiontags() {
+ # scan for all datadirs
+ openldap_datadirs=""
+ if [ -f "${ROOT}"/etc/openldap/slapd.conf ]; then
+ openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${ROOT}/etc/openldap/slapd.conf)"
+ fi
+ openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
+
+ einfo
+ einfo "Scanning datadir(s) from slapd.conf and"
+ einfo "the default installdir for Versiontags"
+ einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
+ einfo
+
+ # scan datadirs if we have a version tag
+ openldap_found_tag=0
+ for each in ${openldap_datadirs}; do
+ CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
+ CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
+ if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
+ einfo "- Checking ${each}..."
+ if [ -r ${CURRENT_TAG} ] ; then
+ # yey, we have one :)
+ einfo " Found Versiontag in ${each}"
+ source ${CURRENT_TAG}
+ if [ "${OLDPF}" == "" ] ; then
+ eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
+ eerror "Please delete it"
+ eerror
+ die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
+ fi
+
+ OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
+
+ # are we on the same branch?
+ if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
+ ewarn " Versiontag doesn't match current major release!"
+ if [[ `ls -a ${CURRENT_TAGDIR} | wc -l` -gt 5 ]] ; then
+ eerror " Versiontag says other major and you (probably) have datafiles!"
+ echo
+ openldap_upgrade_howto
+ else
+ einfo " No real problem, seems there's no database."
+ fi
+ else
+ einfo " Versiontag is fine here :)"
+ fi
+ else
+ einfo " Non-tagged dir ${each}"
+ if [[ `ls -a ${each} | wc -l` > 5 ]] ; then
+ einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
+ echo
+
+ eerror
+ eerror "Your OpenLDAP Installation has a non tagged datadir that"
+ eerror "possibly contains a database at ${CURRENT_TAGDIR}"
+ eerror
+ eerror "Please export data if any entered and empty or remove"
+ eerror "the directory, installation has been stopped so you"
+ eerror "can take required action"
+ eerror
+ eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
+ eerror
+ die "Please move the datadir ${CURRENT_TAGDIR} away"
+ fi
+ fi
+ einfo
+ fi
+ done
+
+ echo
+ einfo
+ einfo "All datadirs are fine, proceeding with merge now..."
+ einfo
+
+}
+
+pkg_setup() {
+ if has_version "<=dev-lang/perl-5.8.8_rc1" && built_with_use dev-lang/perl minimal ; then
+ die "You must have a complete (USE='-minimal') Perl install to use the perl backend!"
+ fi
+
+ if use samba && ! use ssl ; then
+ eerror "LAN manager passwords need ssl flag set"
+ die "Please set ssl useflag"
+ fi
+
+ if use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
+ einfo
+ einfo "Skipping scan for previous datadirs as requested by minimal useflag"
+ einfo
+ else
+ openldap_find_versiontags
+ fi
+
+ enewgroup ldap 439
+ enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
+}
+
+src_prepare() {
+ # According to MDK, the link order needs to be changed so that
+ # on systems w/ MD5 passwords the system crypt library is used
+ # (the net result is that "passwd" can be used to change ldap passwords w/
+ # proper pam support)
+ sed -i -e 's/$(SECURITY_LIBS) $(LDIF_LIBS) $(LUTIL_LIBS)/$(LUTIL_LIBS) $(SECURITY_LIBS) $(LDIF_LIBS)/' \
+ "${S}"/servers/slapd/Makefile.in
+
+ # supersedes old fix for bug #31202
+ EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch
+
+ # ensure correct SLAPI path by default
+ sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "/var/run/openldap/slapd.sock",' \
+ "${S}"/include/ldap_defaults.h
+
+ EPATCH_OPTS="-p0 -d ${S}"
+
+ # ximian connector 1.4.7 ntlm patch
+ epatch "${FILESDIR}"/${PN}-2.2.6-ntlm.patch
+
+ # bug #132263
+ epatch "${FILESDIR}"/${PN}-2.3.21-ppolicy.patch
+
+ # bug #189817
+ epatch "${FILESDIR}"/${PN}-2.3.37-libldap_r.patch
+
+ # fix up stuff for newer autoconf that simulates autoconf-2.13, but doesn't
+ # do it perfectly.
+ cd "${S}"/build
+ ln -s shtool install
+ ln -s shtool install.sh
+ einfo "Making sure upstream build strip does not do stripping too early"
+ sed -i.orig \
+ -e '/^STRIP/s,-s,,g' \
+ top.mk || die "Failed to block stripping"
+
+ # bug #116045
+ # patch contrib modules
+ if ! use minimal ; then
+ cd "${S}"/contrib
+ epatch "${FILESDIR}"/${PN}-2.3.24-contrib-smbk5pwd.patch
+ fi
+ # Fix gcc-4.4 compat, bug 264761
+ epatch "${FILESDIR}/openldap-2.3.XY-gcc44.patch"
+
+ # Backport random-hang fix from 2.4
+ # http://www.openldap.org/lists/openldap-technical/201208/msg00120.html
+ EPATCH_OPTS=""
+ cd "${S}"
+ epatch "${FILESDIR}/openldap-2.3.43-fix-hang.patch"
+}
+
+src_configure() {
+ local myconf
+
+ #Fix for glibc-2.8 and ucred. Bug 228457.
+ append-flags -D_GNU_SOURCE
+
+ # HDB is only available with BerkDB
+ myconf_berkdb='--enable-bdb --enable-ldbm-api=berkeley --enable-hdb=mod'
+ myconf_gdbm='--disable-bdb --enable-ldbm-api=gdbm --disable-hdb'
+
+ use debug && myconf="${myconf} --enable-debug" # there is no disable-debug
+
+ # enable slapd/slurpd servers if not doing a minimal build
+ if ! use minimal ; then
+ myconf="${myconf} --enable-slapd --enable-slurpd"
+ # base backend stuff
+ myconf="${myconf} --enable-ldbm"
+ if use berkdb ; then
+ einfo "Using Berkeley DB for local backend"
+ myconf="${myconf} ${myconf_berkdb}"
+ # We need to include the slotted db.h dir for FreeBSD
+ append-cppflags -I$(db_includedir 4.5 4.4 4.3 4.2 )
+ elif use gdbm ; then
+ einfo "Using GDBM for local backend"
+ myconf="${myconf} ${myconf_gdbm}"
+ else
+ ewarn "Neither gdbm or berkdb USE flags present, falling back to"
+ ewarn "Berkeley DB for local backend"
+ myconf="${myconf} ${myconf_berkdb}"
+ # We need to include the slotted db.h dir for FreeBSD
+ append-cppflags -I$(db_includedir 4.5 4.4 4.3 4.2 )
+ fi
+ # extra backend stuff
+ myconf="${myconf} --enable-passwd=mod --enable-phonetic=mod"
+ myconf="${myconf} --enable-dnssrv=mod --enable-ldap"
+ myconf="${myconf} --enable-meta=mod --enable-monitor=mod"
+ myconf="${myconf} --enable-null=mod --enable-shell=mod"
+ myconf="${myconf} --enable-relay=mod"
+ myconf="${myconf} $(use_enable perl perl mod)"
+ myconf="${myconf} $(use_enable odbc sql mod)"
+ # slapd options
+ myconf="${myconf} $(use_enable crypt) $(use_enable slp)"
+ myconf="${myconf} --enable-rewrite --enable-rlookups"
+ myconf="${myconf} --enable-aci --enable-modules"
+ myconf="${myconf} --enable-cleartext --enable-slapi"
+ myconf="${myconf} $(use_enable samba lmpasswd)"
+ # slapd overlay options
+ myconf="${myconf} --enable-dyngroup --enable-proxycache"
+ use overlays && myconf="${myconf} --enable-overlays=mod"
+ myconf="${myconf} --enable-syncprov"
+ else
+ myconf="${myconf} --disable-slapd --disable-slurpd"
+ myconf="${myconf} --disable-bdb --disable-ldbm"
+ myconf="${myconf} --disable-hdb --disable-monitor"
+ myconf="${myconf} --disable-slurpd --disable-overlays"
+ myconf="${myconf} --disable-relay"
+ fi
+
+ # basic functionality stuff
+ myconf="${myconf} --enable-syslog --enable-dynamic"
+ myconf="${myconf} --enable-local --enable-proctitle"
+
+ myconf="${myconf} $(use_enable ipv6)"
+ myconf="${myconf} $(use_with sasl cyrus-sasl) $(use_enable sasl spasswd)"
+ myconf="${myconf} $(use_enable tcpd wrappers) $(use_with ssl tls)"
+
+ if [ $(get_libdir) != "lib" ] ; then
+ append-ldflags -L/usr/$(get_libdir)
+ fi
+
+ STRIP=/bin/true \
+ econf \
+ --enable-static \
+ --enable-shared \
+ --libexecdir=/usr/$(get_libdir)/openldap \
+ ${myconf} || die "configure failed"
+}
+
+src_compile() {
+ emake depend || die "make depend failed"
+ emake || die "make failed"
+
+ # openldap/contrib
+ tc-export CC
+ if ! use minimal ; then
+ # dsaschema
+ einfo "Building contributed dsaschema"
+ cd "${S}"/contrib/slapd-modules/dsaschema
+ ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
+ -Wall -o libdsaschema-plugin.so dsaschema.c || \
+ die "failed to compile dsaschema module"
+ # kerberos passwd
+ if use kerberos ; then
+ einfo "Building contributed pw-kerberos"
+ cd "${S}"/contrib/slapd-modules/passwd/ && \
+ ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
+ $(krb5-config --cflags) \
+ -DHAVE_KRB5 -o pw-kerberos.so kerberos.c || \
+ die "failed to compile kerberos password module"
+ fi
+ # netscape mta-md5 password
+ einfo "Building contributed pw-netscape"
+ cd "${S}"/contrib/slapd-modules/passwd/ && \
+ ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
+ -o pw-netscape.so netscape.c || \
+ die "failed to compile netscape password module"
+ # smbk5pwd overlay
+ # Note: this modules builds, but may not work with
+ # Gentoo's MIT-Kerberos. It was designed for Heimdal
+ # Kerberos.
+ if use smbkrb5passwd ; then
+ einfo "Building contributed smbk5pwd"
+ local mydef
+ local mykrb5inc
+ mydef="-DDO_SAMBA -DDO_KRB5"
+ mykrb5inc="$(krb5-config --cflags)"
+ cd "${S}"/contrib/slapd-modules/smbk5pwd && \
+ libexecdir="/usr/$(get_libdir)/openldap" \
+ DEFS="${mydef}" KRB5_INC="${mykrb5inc}" emake || \
+ die "failed to compile smbk5pwd module"
+ fi
+ # addrdnvalues
+ einfo "Building contributed addrdnvalues"
+ cd "${S}"/contrib/slapi-plugins/addrdnvalues/ && \
+ ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
+ -o libaddrdnvalues-plugin.so addrdnvalues.c || \
+ die "failed to compile addrdnvalues plugin"
+ fi
+}
+
+src_test() {
+ einfo "Doing tests"
+ cd tests ; make tests || die "make tests failed"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "make install failed"
+
+ dodoc ANNOUNCEMENT CHANGES COPYRIGHT README "${FILESDIR}"/DB_CONFIG.fast.example
+ docinto rfc ; dodoc doc/rfc/*.txt
+
+ # openldap modules go here
+ # TODO: write some code to populate slapd.conf with moduleload statements
+ keepdir /usr/$(get_libdir)/openldap/openldap/
+
+ # make state directories
+ local dirlist="data"
+ if ! use minimal; then
+ dirlist="${dirlist} slurp ldbm"
+ fi
+ for x in ${dirlist}; do
+ keepdir /var/lib/openldap-${x}
+ fowners ldap:ldap /var/lib/openldap-${x}
+ fperms 0700 /var/lib/openldap-${x}
+ done
+
+ echo "OLDPF='${PF}'" > "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+ echo "# do NOT delete this. it is used" >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+ echo "# to track versions for upgrading." >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+
+ # manually remove /var/tmp references in .la
+ # because it is packaged with an ancient libtool
+ #for x in "${D}"/usr/$(get_libdir)/lib*.la; do
+ # sed -i -e "s:-L${S}[/]*libraries::" ${x}
+ #done
+
+ # change slapd.pid location in configuration file
+ keepdir /var/run/openldap
+ fowners ldap:ldap /var/run/openldap
+ fperms 0755 /var/run/openldap
+
+ if ! use minimal; then
+ # use our config
+ rm "${D}"etc/openldap/slapd.con*
+ insinto /etc/openldap
+ newins "${FILESDIR}"/${PN}-2.3.34-slapd-conf slapd.conf
+ configfile="${D}"etc/openldap/slapd.conf
+
+ # populate with built backends
+ ebegin "populate config with built backends"
+ for x in "${D}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
+ elog "Adding $(basename ${x})"
+ sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
+ done
+ sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
+ fowners root:ldap /etc/openldap/slapd.conf
+ fperms 0640 /etc/openldap/slapd.conf
+ cp "${configfile}" "${configfile}".default
+ eend
+
+ # install our own init scripts
+ newinitd "${FILESDIR}"/slapd-initd slapd
+ newinitd "${FILESDIR}"/slurpd-initd slurpd
+ newconfd "${FILESDIR}"/slapd-confd slapd
+
+ if [ $(get_libdir) != lib ]; then
+ sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i "${D}"etc/init.d/{slapd,slurpd}
+ fi
+
+ # install contributed modules
+ docinto /
+ if [ -e "${S}"/contrib/slapd-modules/dsaschema/libdsaschema-plugin.so ];
+ then
+ cd "${S}"/contrib/slapd-modules/dsaschema/
+ newdoc README README.contrib.dsaschema
+ exeinto /usr/$(get_libdir)/openldap/openldap
+ doexe libdsaschema-plugin.so || \
+ die "failed to install dsaschema module"
+ fi
+ if [ -e "${S}"/contrib/slapd-modules/passwd/pw-kerberos.so ]; then
+ cd "${S}"/contrib/slapd-modules/passwd/
+ newdoc README README.contrib.passwd
+ exeinto /usr/$(get_libdir)/openldap/openldap
+ doexe pw-kerberos.so || \
+ die "failed to install kerberos passwd module"
+ fi
+ if [ -e "${S}"/contrib/slapd-modules/passwd/pw-netscape.so ]; then
+ cd "${S}"/contrib/slapd-modules/passwd/
+ newdoc README README.contrib.passwd
+ exeinto /usr/$(get_libdir)/openldap/openldap
+ doexe "${S}"/contrib/slapd-modules/passwd/pw-netscape.so || \
+ die "failed to install Netscape MTA-MD5 passwd module"
+ fi
+ if [ -e "${S}"/contrib/slapd-modules/smbk5pwd/.libs/smbk5pwd.so ]; then
+ cd "${S}"/contrib/slapd-modules/smbk5pwd
+ newdoc README README.contrib.smbk5pwd
+ libexecdir="/usr/$(get_libdir)/openldap" \
+ emake DESTDIR="${D}" install-mod || \
+ die "failed to install smbk5pwd overlay module"
+ fi
+ if [ -e "${S}"/contrib/slapd-tools/statslog ]; then
+ cd "${S}"/contrib/slapd-tools
+ exeinto /usr/bin
+ newexe statslog ldapstatslog || \
+ die "failed to install ldapstatslog script"
+ fi
+ if [ -e "${S}"/contrib/slapi-plugins/addrdnvalues/libaddrdnvalues-plugin.so ];
+ then
+ cd "${S}"/contrib/slapi-plugins/addrdnvalues
+ newdoc README README.contrib.addrdnvalues
+ exeinto /usr/$(get_libdir)/openldap/openldap
+ doexe libaddrdnvalues-plugin.so || \
+ die "failed to install addrdnvalues plugin"
+ fi
+ fi
+}
+
+pkg_preinst() {
+ # keep old libs if any
+ LIBSUFFIXES=".so.2.0.130 -2.2.so.7"
+ for LIBSUFFIX in ${LIBSUFFIXES} ; do
+ for each in libldap libldap_r liblber ; do
+ preserve_old_lib "usr/$(get_libdir)/${each}${LIBSUFFIX}"
+ done
+ done
+}
+
+pkg_postinst() {
+ if ! use minimal ; then
+ # You cannot build SSL certificates during src_install that will make
+ # binary packages containing your SSL key, which is both a security risk
+ # and a misconfiguration if multiple machines use the same key and cert.
+ # Additionally, it overwrites
+ if use ssl; then
+ install_cert /etc/openldap/ssl/ldap
+ chown ldap:ldap "${ROOT}"etc/openldap/ssl/ldap.*
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "add 'TLS_REQCERT never' if you want to use them."
+ fi
+ # These lines force the permissions of various content to be correct
+ chown ldap:ldap "${ROOT}"var/run/openldap
+ chmod 0755 "${ROOT}"var/run/openldap
+ chown root:ldap "${ROOT}"etc/openldap/slapd.conf{,.default}
+ chmod 0640 "${ROOT}"etc/openldap/slapd.conf{,.default}
+ chown ldap:ldap "${ROOT}"var/lib/openldap-{data,ldbm,slurp}
+ fi
+
+ # Reference inclusion bug #77330
+ echo
+ elog
+ elog "Getting started using OpenLDAP? There is some documentation available:"
+ elog "Gentoo Guide to OpenLDAP Authentication"
+ elog "(http://www.gentoo.org/doc/en/ldap-howto.xml)"
+ elog
+
+ # note to bug #110412
+ echo
+ elog
+ elog "An example file for tuning BDB backends with openldap is"
+ elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
+ elog
+
+ LIBSUFFIXES=".so.2.0.130 -2.2.so.7"
+ for LIBSUFFIX in ${LIBSUFFIXES} ; do
+ for each in liblber libldap libldap_r ; do
+ preserve_old_lib_notify "usr/$(get_libdir)/${each}${LIBSUFFIX}"
+ done
+ done
+}
diff --git a/net-nds/openldap/openldap-2.4.38-r2.ebuild b/net-nds/openldap/openldap-2.4.38-r2.ebuild
new file mode 100644
index 000000000000..c19c010abc19
--- /dev/null
+++ b/net-nds/openldap/openldap-2.4.38-r2.ebuild
@@ -0,0 +1,752 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd
+
+BIS_PN=rfc2307bis.schema
+BIS_PV=20140524
+BIS_P="${BIS_PN}-${BIS_PV}"
+
+DESCRIPTION="LDAP suite of application and development tools"
+HOMEPAGE="http://www.OpenLDAP.org/"
+
+# mirrors are mostly not working, using canonical URI
+SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
+ mirror://gentoo/${BIS_P}"
+
+LICENSE="OPENLDAP GPL-2"
+SLOT="0"
+KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~x86-linux ~x86-solaris"
+
+IUSE_DAEMON="crypt icu samba slp tcpd experimental minimal"
+IUSE_BACKEND="+berkdb"
+IUSE_OVERLAY="overlays perl"
+IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 +syslog selinux"
+IUSE_CONTRIB="smbkrb5passwd kerberos"
+IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
+IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
+
+REQUIRED_USE="cxx? ( sasl )"
+
+# openssl is needed to generate lanman-passwords required by samba
+CDEPEND="icu? ( dev-libs/icu:= )
+ ssl? ( !gnutls? ( >=dev-libs/openssl-1.0.1h-r2[${MULTILIB_USEDEP}] )
+ gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}] >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) )
+ sasl? ( dev-libs/cyrus-sasl:= )
+ !minimal? (
+ sys-devel/libtool
+ tcpd? ( sys-apps/tcp-wrappers )
+ odbc? ( !iodbc? ( dev-db/unixODBC )
+ iodbc? ( dev-db/libiodbc ) )
+ slp? ( net-libs/openslp )
+ perl? ( dev-lang/perl[-build(-)] )
+ samba? ( dev-libs/openssl )
+ berkdb? ( sys-libs/db )
+ smbkrb5passwd? (
+ dev-libs/openssl
+ app-crypt/heimdal )
+ kerberos? ( virtual/krb5 )
+ cxx? ( dev-libs/cyrus-sasl:= )
+ )
+ abi_x86_32? (
+ !<=app-emulation/emul-linux-x86-baselibs-20140508-r3
+ !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
+ )"
+DEPEND="${CDEPEND}
+ sys-apps/groff"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-ldap )
+"
+
+# for tracking versions
+OPENLDAP_VERSIONTAG=".version-tag"
+OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
+
+MULTILIB_WRAPPED_HEADERS=(
+ # USE=cxx
+ /usr/include/LDAPAsynConnection.h
+ /usr/include/LDAPAttrType.h
+ /usr/include/LDAPAttribute.h
+ /usr/include/LDAPAttributeList.h
+ /usr/include/LDAPConnection.h
+ /usr/include/LDAPConstraints.h
+ /usr/include/LDAPControl.h
+ /usr/include/LDAPControlSet.h
+ /usr/include/LDAPEntry.h
+ /usr/include/LDAPEntryList.h
+ /usr/include/LDAPException.h
+ /usr/include/LDAPExtResult.h
+ /usr/include/LDAPMessage.h
+ /usr/include/LDAPMessageQueue.h
+ /usr/include/LDAPModList.h
+ /usr/include/LDAPModification.h
+ /usr/include/LDAPObjClass.h
+ /usr/include/LDAPRebind.h
+ /usr/include/LDAPRebindAuth.h
+ /usr/include/LDAPReferenceList.h
+ /usr/include/LDAPResult.h
+ /usr/include/LDAPSaslBindResult.h
+ /usr/include/LDAPSchema.h
+ /usr/include/LDAPSearchReference.h
+ /usr/include/LDAPSearchResult.h
+ /usr/include/LDAPSearchResults.h
+ /usr/include/LDAPUrl.h
+ /usr/include/LDAPUrlList.h
+ /usr/include/LdifReader.h
+ /usr/include/LdifWriter.h
+ /usr/include/SaslInteraction.h
+ /usr/include/SaslInteractionHandler.h
+ /usr/include/StringList.h
+ /usr/include/TlsOptions.h
+)
+
+openldap_filecount() {
+ local dir="$1"
+ find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
+}
+
+openldap_find_versiontags() {
+ # scan for all datadirs
+ openldap_datadirs=""
+ if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then
+ openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)"
+ fi
+ openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
+
+ einfo
+ einfo "Scanning datadir(s) from slapd.conf and"
+ einfo "the default installdir for Versiontags"
+ einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
+ einfo
+
+ # scan datadirs if we have a version tag
+ openldap_found_tag=0
+ have_files=0
+ for each in ${openldap_datadirs}; do
+ CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
+ CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
+ if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
+ einfo "- Checking ${each}..."
+ if [ -r ${CURRENT_TAG} ] ; then
+ # yey, we have one :)
+ einfo " Found Versiontag in ${each}"
+ source ${CURRENT_TAG}
+ if [ "${OLDPF}" == "" ] ; then
+ eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
+ eerror "Please delete it"
+ eerror
+ die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
+ fi
+
+ OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
+
+ [ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
+
+ # are we on the same branch?
+ if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
+ ewarn " Versiontag doesn't match current major release!"
+ if [[ "${have_files}" == "1" ]] ; then
+ eerror " Versiontag says other major and you (probably) have datafiles!"
+ echo
+ openldap_upgrade_howto
+ else
+ einfo " No real problem, seems there's no database."
+ fi
+ else
+ einfo " Versiontag is fine here :)"
+ fi
+ else
+ einfo " Non-tagged dir ${each}"
+ [ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
+ if [[ "${have_files}" == "1" ]] ; then
+ einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
+ echo
+
+ eerror
+ eerror "Your OpenLDAP Installation has a non tagged datadir that"
+ eerror "possibly contains a database at ${CURRENT_TAGDIR}"
+ eerror
+ eerror "Please export data if any entered and empty or remove"
+ eerror "the directory, installation has been stopped so you"
+ eerror "can take required action"
+ eerror
+ eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
+ eerror
+ openldap_upgrade_howto
+ die "Please move the datadir ${CURRENT_TAGDIR} away"
+ fi
+ fi
+ einfo
+ fi
+ done
+ [ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
+
+ # Now we must check for the major version of sys-libs/db linked against.
+ SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd
+ if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
+ OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
+ | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
+ NEWVER="$(use berkdb && db_findver sys-libs/db)"
+ local fail=0
+ if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
+ :
+ # Nothing wrong here.
+ elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
+ eerror " Your existing version of OpenLDAP was not built against"
+ eerror " any version of sys-libs/db, but the new one will build"
+ eerror " against ${NEWVER} and your database may be inaccessible."
+ echo
+ fail=1
+ elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
+ eerror " Your existing version of OpenLDAP was built against"
+ eerror " sys-libs/db:${OLDVER}, but the new one will not be"
+ eerror " built against any version and your database may be"
+ eerror " inaccessible."
+ echo
+ fail=1
+ elif [ "${OLDVER}" != "${NEWVER}" ]; then
+ eerror " Your existing version of OpenLDAP was built against"
+ eerror " sys-libs/db:${OLDVER}, but the new one will build against"
+ eerror " ${NEWVER} and your database would be inaccessible."
+ echo
+ fail=1
+ fi
+ [ "${fail}" == "1" ] && openldap_upgrade_howto
+ fi
+
+ echo
+ einfo
+ einfo "All datadirs are fine, proceeding with merge now..."
+ einfo
+}
+
+openldap_upgrade_howto() {
+ eerror
+ eerror "A (possible old) installation of OpenLDAP was detected,"
+ eerror "installation will not proceed for now."
+ eerror
+ eerror "As major version upgrades can corrupt your database,"
+ eerror "you need to dump your database and re-create it afterwards."
+ eerror
+ eerror "Additionally, rebuilding against different major versions of the"
+ eerror "sys-libs/db libraries will cause your database to be inaccessible."
+ eerror ""
+ d="$(date -u +%s)"
+ l="/root/ldapdump.${d}"
+ i="${l}.raw"
+ eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
+ eerror " 2. slapcat -l ${i}"
+ eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
+ eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
+ eerror " 5. emerge --update \=net-nds/${PF}"
+ eerror " 6. etc-update, and ensure that you apply the changes"
+ eerror " 7. slapadd -l ${l}"
+ eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
+ eerror " 9. /etc/init.d/slapd start"
+ eerror "10. check that your data is intact."
+ eerror "11. set up the new replication system."
+ eerror
+ if [ "${FORCE_UPGRADE}" != "1" ]; then
+ die "You need to upgrade your database first"
+ else
+ eerror "You have the magical FORCE_UPGRADE=1 in place."
+ eerror "Don't say you weren't warned about data loss."
+ fi
+}
+
+pkg_setup() {
+ if ! use sasl && use cxx ; then
+ die "To build the ldapc++ library you must emerge openldap with sasl support"
+ fi
+ # Bug #322787
+ if use minimal && ! has_version "net-nds/openldap" ; then
+ einfo "No datadir scan needed, openldap not installed"
+ elif use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
+ einfo "Skipping scan for previous datadirs as requested by minimal useflag"
+ else
+ openldap_find_versiontags
+ fi
+
+ enewgroup ldap 439
+ enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
+}
+
+src_prepare() {
+ # ensure correct SLAPI path by default
+ sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
+ "${S}"/include/ldap_defaults.h
+
+ epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
+
+ epatch \
+ "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
+ "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
+
+ # bug #116045 - still present in 2.4.28
+ epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
+ # bug #408077 - samba4
+ epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
+
+ # bug #189817
+ epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
+
+ # bug #233633
+ epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
+
+ # bug #281495
+ epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
+
+ # bug #294350
+ epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
+
+ # unbreak /bin/sh -> dash
+ epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
+
+ # bug #420959
+ epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
+
+ # bug #421463
+ epatch "${FILESDIR}"/${PN}-2.4.33-gnutls.patch
+
+ cd "${S}"/build || die
+ einfo "Making sure upstream build strip does not do stripping too early"
+ sed -i.orig \
+ -e '/^STRIP/s,-s,,g' \
+ top.mk || die "Failed to block stripping"
+
+ # wrong assumption that /bin/sh is /bin/bash
+ sed -i \
+ -e 's|/bin/sh|/bin/bash|g' \
+ "${S}"/tests/scripts/* || die "sed failed"
+
+ cd "${S}" || die
+ AT_NOEAUTOMAKE=yes eautoreconf
+}
+
+build_contrib_module() {
+ # <dir> <sources> <outputname>
+ cd "${S}/contrib/slapd-modules/$1" || die
+ einfo "Compiling contrib-module: $3"
+ # Make sure it's uppercase
+ local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -D${define_name}=SLAPD_MOD_DYNAMIC \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include -I../../../servers/slapd ${CFLAGS} \
+ -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
+ einfo "Linking contrib-module: $3"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o $3.la ${2%.c}.lo || die "linking $3 failed"
+}
+
+src_configure() {
+ #Fix for glibc-2.8 and ucred. Bug 228457.
+ append-flags -D_GNU_SOURCE
+
+ # Bug 408001
+ use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
+
+ # connectionless ldap per bug #342439
+ append-cppflags -DLDAP_CONNECTIONLESS
+
+ multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+ local myconf=()
+
+ use debug && myconf+=( $(use_enable debug) )
+
+ # ICU usage is not configurable
+ export ac_cv_header_unicode_utypes_h="$(multilib_is_native_abi && use icu && echo yes || echo no)"
+
+ if ! use minimal && multilib_is_native_abi; then
+ local CPPFLAGS=${CPPFLAGS}
+
+ # re-enable serverside overlay chains per bug #296567
+ # see ldap docs chaper 12.3.1 for details
+ myconf+=( --enable-ldap )
+
+ # backends
+ myconf+=( --enable-slapd )
+ if use berkdb ; then
+ einfo "Using Berkeley DB for local backend"
+ myconf+=( --enable-bdb --enable-hdb )
+ # We need to include the slotted db.h dir for FreeBSD
+ append-cppflags -I$(db_includedir)
+ else
+ ewarn
+ ewarn "Note: if you disable berkdb, you can only use remote-backends!"
+ ewarn
+ myconf+=( --disable-bdb --disable-hdb )
+ fi
+ for backend in dnssrv ldap meta monitor null passwd relay shell sock; do
+ myconf+=( --enable-${backend}=mod )
+ done
+
+ myconf+=( $(use_enable perl perl mod) )
+
+ myconf+=( $(use_enable odbc sql mod) )
+ if use odbc ; then
+ local odbc_lib="unixodbc"
+ if use iodbc ; then
+ odbc_lib="iodbc"
+ append-cppflags -I"${EPREFIX}"/usr/include/iodbc
+ fi
+ myconf+=( --with-odbc=${odbc_lib} )
+ fi
+
+ # slapd options
+ myconf+=(
+ $(use_enable crypt)
+ $(use_enable slp)
+ $(use_enable samba lmpasswd)
+ $(use_enable syslog)
+ )
+ if use experimental ; then
+ myconf+=(
+ --enable-dynacl
+ --enable-aci=mod
+ )
+ fi
+ for option in aci cleartext modules rewrite rlookups slapi; do
+ myconf+=( --enable-${option} )
+ done
+
+ # slapd overlay options
+ # Compile-in the syncprov, the others as module
+ myconf+=( --enable-syncprov=yes )
+ use overlays && myconf+=( --enable-overlays=mod )
+
+ else
+ myconf+=(
+ --disable-slapd
+ --disable-bdb
+ --disable-hdb
+ --disable-overlays
+ --disable-syslog
+ )
+ fi
+
+ # basic functionality stuff
+ myconf+=(
+ $(use_enable ipv6)
+ $(multilib_native_use_with sasl cyrus-sasl)
+ $(multilib_native_use_enable sasl spasswd)
+ $(use_enable tcpd wrappers)
+ )
+
+ local ssl_lib="no"
+ if use ssl || ( ! use minimal && use samba ) ; then
+ ssl_lib="openssl"
+ use gnutls && ssl_lib="gnutls"
+ fi
+
+ myconf+=( --with-tls=${ssl_lib} )
+
+ for basicflag in dynamic local proctitle shared static; do
+ myconf+=( --enable-${basicflag} )
+ done
+
+ tc-export AR CC CXX
+ ECONF_SOURCE=${S} \
+ STRIP=/bin/true \
+ econf \
+ --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
+ "${myconf[@]}"
+ emake depend
+}
+
+src_configure_cxx() {
+ # This needs the libraries built by the first build run.
+ # So we have to run it AFTER the main build, not just after the main
+ # configure.
+ local myconf_ldapcpp=(
+ --with-ldap-includes="${S}"/include
+ )
+
+ mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
+ cd "${BUILD_DIR}/contrib/ldapc++" || die
+
+ local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
+ append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
+ -L"${BUILD_DIR}"/libraries/libldap/.libs
+ append-cppflags -I"${BUILD_DIR}"/include
+ ECONF_SOURCE=${S}/contrib/ldapc++ \
+ econf "${myconf_ldapcpp[@]}" \
+ CC="${CC}" \
+ CXX="${CXX}"
+}
+
+multilib_src_compile() {
+ tc-export AR CC CXX
+ emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
+ local lt="${BUILD_DIR}/libtool"
+ export echo="echo"
+
+ if ! use minimal && multilib_is_native_abi ; then
+ if use cxx ; then
+ einfo "Building contrib library: ldapc++"
+ src_configure_cxx
+ cd "${BUILD_DIR}/contrib/ldapc++" || die
+ emake \
+ CC="${CC}" CXX="${CXX}"
+ fi
+
+ if use smbkrb5passwd ; then
+ einfo "Building contrib-module: smbk5pwd"
+ cd "${S}/contrib/slapd-modules/smbk5pwd" || die
+
+ emake \
+ DEFS="-DDO_SAMBA -DDO_KRB5 -DDO_SHADOW" \
+ KRB5_INC="$(krb5-config --cflags)" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
+ fi
+
+ if use overlays ; then
+ einfo "Building contrib-module: samba4"
+ cd "${S}/contrib/slapd-modules/samba4" || die
+
+ emake \
+ LDAP_BUILD="${BUILD_DIR}" \
+ CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
+ fi
+
+ if use kerberos ; then
+ cd "${S}/contrib/slapd-modules/passwd" || die
+ einfo "Compiling contrib-module: pw-kerberos"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ $(krb5-config --cflags) \
+ -DHAVE_KRB5 \
+ -o kerberos.lo \
+ -c kerberos.c || die "compiling pw-kerberos failed"
+ einfo "Linking contrib-module: pw-kerberos"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o pw-kerberos.la \
+ kerberos.lo || die "linking pw-kerberos failed"
+ fi
+ # We could build pw-radius if GNURadius would install radlib.h
+ cd "${S}/contrib/slapd-modules/passwd" || die
+ einfo "Compiling contrib-module: pw-netscape"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ -o netscape.lo \
+ -c netscape.c || die "compiling pw-netscape failed"
+ einfo "Linking contrib-module: pw-netscape"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o pw-netscape.la \
+ netscape.lo || die "linking pw-netscape failed"
+
+ build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
+ build_contrib_module "allop" "allop.c" "overlay-allop"
+ build_contrib_module "allowed" "allowed.c" "allowed"
+ build_contrib_module "autogroup" "autogroup.c" "autogroup"
+ build_contrib_module "denyop" "denyop.c" "denyop-overlay"
+ build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
+ # lastmod may not play well with other overlays
+ build_contrib_module "lastmod" "lastmod.c" "lastmod"
+ build_contrib_module "nops" "nops.c" "nops-overlay"
+ build_contrib_module "trace" "trace.c" "trace"
+ # build slapi-plugins
+ cd "${S}/contrib/slapi-plugins/addrdnvalues" || die
+ einfo "Building contrib-module: addrdnvalues plugin"
+ "${CC}" -shared \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ -fPIC \
+ ${LDFLAGS} \
+ -o libaddrdnvalues-plugin.so \
+ addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
+
+ fi
+}
+
+multilib_src_test() {
+ if multilib_is_native_abi; then
+ cd tests || die
+ make tests || die "make tests failed"
+ fi
+}
+
+multilib_src_install() {
+ local lt="${BUILD_DIR}/libtool"
+ emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
+
+ if ! use minimal && multilib_is_native_abi; then
+ # openldap modules go here
+ # TODO: write some code to populate slapd.conf with moduleload statements
+ keepdir /usr/$(get_libdir)/openldap/openldap/
+
+ # initial data storage dir
+ keepdir /var/lib/openldap-data
+ use prefix || fowners ldap:ldap /var/lib/openldap-data
+ fperms 0700 /var/lib/openldap-data
+
+ echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+ echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+ echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+
+ # use our config
+ rm "${ED}"etc/openldap/slapd.conf
+ insinto /etc/openldap
+ newins "${FILESDIR}"/${PN}-2.3.34-slapd-conf slapd.conf
+ configfile="${ED}"etc/openldap/slapd.conf
+
+ # populate with built backends
+ ebegin "populate config with built backends"
+ for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
+ elog "Adding $(basename ${x})"
+ sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
+ done
+ sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
+ use prefix || fowners root:ldap /etc/openldap/slapd.conf
+ fperms 0640 /etc/openldap/slapd.conf
+ cp "${configfile}" "${configfile}".default
+ eend
+
+ # install our own init scripts and systemd unit files
+ newinitd "${FILESDIR}"/slapd-initd-2.4.28-r1 slapd
+ newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
+ systemd_dounit "${FILESDIR}"/slapd.service
+ systemd_install_serviced "${FILESDIR}"/slapd.service.conf
+ systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
+
+ if [[ $(get_libdir) != lib ]]; then
+ sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \
+ "${ED}"/etc/init.d/slapd \
+ "${ED}"/usr/lib/systemd/system/slapd.service || die
+ fi
+ # If built without SLP, we don't need to be before avahi
+ use slp \
+ || sed -i \
+ -e '/before/{s/avahi-daemon//g}' \
+ "${ED}"etc/init.d/slapd
+
+ if use cxx ; then
+ einfo "Install the ldapc++ library"
+ cd "${BUILD_DIR}/contrib/ldapc++" || die
+ emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
+ cd "${S}"/contrib/ldapc++ || die
+ newdoc README ldapc++-README
+ fi
+
+ if use smbkrb5passwd ; then
+ einfo "Install the smbk5pwd module"
+ cd "${S}/contrib/slapd-modules/smbk5pwd" || die
+ emake DESTDIR="${D}" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
+ newdoc README smbk5pwd-README
+ fi
+
+ if use overlays ; then
+ einfo "Install the samba4 module"
+ cd "${S}/contrib/slapd-modules/samba4" || die
+ emake DESTDIR="${D}" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ libexecdir="/usr/$(get_libdir)/openldap" install
+ newdoc README samba4-README
+ fi
+
+ einfo "Installing contrib modules"
+ cd "${S}/contrib/slapd-modules" || die
+ for l in */*.la; do
+ "${lt}" --mode=install cp ${l} \
+ "${ED}"usr/$(get_libdir)/openldap/openldap || \
+ die "installing ${l} failed"
+ done
+
+ docinto contrib
+ newdoc addpartial/README addpartial-README
+ newdoc allop/README allop-README
+ doman allop/slapo-allop.5
+ newdoc autogroup/README autogroup-README
+ newdoc denyop/denyop.c denyop-denyop.c
+ newdoc dsaschema/README dsaschema-README
+ doman lastmod/slapo-lastmod.5
+ doman nops/slapo-nops.5
+ newdoc passwd/README passwd-README
+ cd "${S}/contrib/slapi-plugins" || die
+ insinto /usr/$(get_libdir)/openldap/openldap
+ doins */*.so
+ docinto contrib
+ newdoc addrdnvalues/README addrdnvalues-README
+
+ insinto /etc/openldap/schema
+ newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
+ fi
+}
+
+multilib_src_install_all() {
+ dodoc ANNOUNCEMENT CHANGES COPYRIGHT README "${FILESDIR}"/DB_CONFIG.fast.example
+ docinto rfc ; dodoc doc/rfc/*.txt
+}
+
+pkg_preinst() {
+ # keep old libs if any
+ preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
+}
+
+pkg_postinst() {
+ if ! use minimal ; then
+ # You cannot build SSL certificates during src_install that will make
+ # binary packages containing your SSL key, which is both a security risk
+ # and a misconfiguration if multiple machines use the same key and cert.
+ if use ssl; then
+ install_cert /etc/openldap/ssl/ldap
+ use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "add 'TLS_REQCERT never' if you want to use them."
+ fi
+
+ if use prefix; then
+ # Warn about prefix issues with slapd
+ eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
+ eerror "to start up, and requires that certain files directories be owned by"
+ eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
+ eerror "directories, you will have to manually fix this yourself."
+ fi
+
+ # These lines force the permissions of various content to be correct
+ use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
+ chmod 0755 "${EROOT}"var/run/openldap
+ use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
+ chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
+ use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
+ fi
+
+ elog "Getting started using OpenLDAP? There is some documentation available:"
+ elog "Gentoo Guide to OpenLDAP Authentication"
+ elog "(http://www.gentoo.org/doc/en/ldap-howto.xml)"
+ elog "---"
+ elog "An example file for tuning BDB backends with openldap is"
+ elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
+
+ preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
+}
diff --git a/net-nds/openldap/openldap-2.4.39.ebuild b/net-nds/openldap/openldap-2.4.39.ebuild
new file mode 100644
index 000000000000..7fa0a22a7868
--- /dev/null
+++ b/net-nds/openldap/openldap-2.4.39.ebuild
@@ -0,0 +1,751 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd
+
+BIS_PN=rfc2307bis.schema
+BIS_PV=20140524
+BIS_P="${BIS_PN}-${BIS_PV}"
+
+DESCRIPTION="LDAP suite of application and development tools"
+HOMEPAGE="http://www.OpenLDAP.org/"
+
+# mirrors are mostly not working, using canonical URI
+SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
+ mirror://gentoo/${BIS_P}"
+
+LICENSE="OPENLDAP GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~x86-linux ~x86-solaris"
+
+IUSE_DAEMON="crypt icu samba slp tcpd experimental minimal"
+IUSE_BACKEND="+berkdb"
+IUSE_OVERLAY="overlays perl"
+IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 +syslog selinux"
+IUSE_CONTRIB="smbkrb5passwd kerberos"
+IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
+IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
+
+REQUIRED_USE="cxx? ( sasl )"
+
+# openssl is needed to generate lanman-passwords required by samba
+CDEPEND="icu? ( dev-libs/icu:= )
+ ssl? ( !gnutls? ( >=dev-libs/openssl-1.0.1h-r2[${MULTILIB_USEDEP}] )
+ gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}] >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) )
+ sasl? ( dev-libs/cyrus-sasl:= )
+ !minimal? (
+ sys-devel/libtool
+ tcpd? ( sys-apps/tcp-wrappers )
+ odbc? ( !iodbc? ( dev-db/unixODBC )
+ iodbc? ( dev-db/libiodbc ) )
+ slp? ( net-libs/openslp )
+ perl? ( dev-lang/perl[-build(-)] )
+ samba? ( dev-libs/openssl )
+ berkdb? ( sys-libs/db )
+ smbkrb5passwd? (
+ dev-libs/openssl
+ app-crypt/heimdal )
+ kerberos? ( virtual/krb5 )
+ cxx? ( dev-libs/cyrus-sasl:= )
+ )
+ abi_x86_32? (
+ !<=app-emulation/emul-linux-x86-baselibs-20140508-r3
+ !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
+ )"
+DEPEND="${CDEPEND}
+ sys-apps/groff"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-ldap )
+"
+# for tracking versions
+OPENLDAP_VERSIONTAG=".version-tag"
+OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
+
+MULTILIB_WRAPPED_HEADERS=(
+ # USE=cxx
+ /usr/include/LDAPAsynConnection.h
+ /usr/include/LDAPAttrType.h
+ /usr/include/LDAPAttribute.h
+ /usr/include/LDAPAttributeList.h
+ /usr/include/LDAPConnection.h
+ /usr/include/LDAPConstraints.h
+ /usr/include/LDAPControl.h
+ /usr/include/LDAPControlSet.h
+ /usr/include/LDAPEntry.h
+ /usr/include/LDAPEntryList.h
+ /usr/include/LDAPException.h
+ /usr/include/LDAPExtResult.h
+ /usr/include/LDAPMessage.h
+ /usr/include/LDAPMessageQueue.h
+ /usr/include/LDAPModList.h
+ /usr/include/LDAPModification.h
+ /usr/include/LDAPObjClass.h
+ /usr/include/LDAPRebind.h
+ /usr/include/LDAPRebindAuth.h
+ /usr/include/LDAPReferenceList.h
+ /usr/include/LDAPResult.h
+ /usr/include/LDAPSaslBindResult.h
+ /usr/include/LDAPSchema.h
+ /usr/include/LDAPSearchReference.h
+ /usr/include/LDAPSearchResult.h
+ /usr/include/LDAPSearchResults.h
+ /usr/include/LDAPUrl.h
+ /usr/include/LDAPUrlList.h
+ /usr/include/LdifReader.h
+ /usr/include/LdifWriter.h
+ /usr/include/SaslInteraction.h
+ /usr/include/SaslInteractionHandler.h
+ /usr/include/StringList.h
+ /usr/include/TlsOptions.h
+)
+
+openldap_filecount() {
+ local dir="$1"
+ find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
+}
+
+openldap_find_versiontags() {
+ # scan for all datadirs
+ openldap_datadirs=""
+ if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then
+ openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)"
+ fi
+ openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
+
+ einfo
+ einfo "Scanning datadir(s) from slapd.conf and"
+ einfo "the default installdir for Versiontags"
+ einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
+ einfo
+
+ # scan datadirs if we have a version tag
+ openldap_found_tag=0
+ have_files=0
+ for each in ${openldap_datadirs}; do
+ CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
+ CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
+ if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
+ einfo "- Checking ${each}..."
+ if [ -r ${CURRENT_TAG} ] ; then
+ # yey, we have one :)
+ einfo " Found Versiontag in ${each}"
+ source ${CURRENT_TAG}
+ if [ "${OLDPF}" == "" ] ; then
+ eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
+ eerror "Please delete it"
+ eerror
+ die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
+ fi
+
+ OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
+
+ [ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
+
+ # are we on the same branch?
+ if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
+ ewarn " Versiontag doesn't match current major release!"
+ if [[ "${have_files}" == "1" ]] ; then
+ eerror " Versiontag says other major and you (probably) have datafiles!"
+ echo
+ openldap_upgrade_howto
+ else
+ einfo " No real problem, seems there's no database."
+ fi
+ else
+ einfo " Versiontag is fine here :)"
+ fi
+ else
+ einfo " Non-tagged dir ${each}"
+ [ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
+ if [[ "${have_files}" == "1" ]] ; then
+ einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
+ echo
+
+ eerror
+ eerror "Your OpenLDAP Installation has a non tagged datadir that"
+ eerror "possibly contains a database at ${CURRENT_TAGDIR}"
+ eerror
+ eerror "Please export data if any entered and empty or remove"
+ eerror "the directory, installation has been stopped so you"
+ eerror "can take required action"
+ eerror
+ eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
+ eerror
+ openldap_upgrade_howto
+ die "Please move the datadir ${CURRENT_TAGDIR} away"
+ fi
+ fi
+ einfo
+ fi
+ done
+ [ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
+
+ # Now we must check for the major version of sys-libs/db linked against.
+ SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd
+ if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
+ OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
+ | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
+ NEWVER="$(use berkdb && db_findver sys-libs/db)"
+ local fail=0
+ if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
+ :
+ # Nothing wrong here.
+ elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
+ eerror " Your existing version of OpenLDAP was not built against"
+ eerror " any version of sys-libs/db, but the new one will build"
+ eerror " against ${NEWVER} and your database may be inaccessible."
+ echo
+ fail=1
+ elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
+ eerror " Your existing version of OpenLDAP was built against"
+ eerror " sys-libs/db:${OLDVER}, but the new one will not be"
+ eerror " built against any version and your database may be"
+ eerror " inaccessible."
+ echo
+ fail=1
+ elif [ "${OLDVER}" != "${NEWVER}" ]; then
+ eerror " Your existing version of OpenLDAP was built against"
+ eerror " sys-libs/db:${OLDVER}, but the new one will build against"
+ eerror " ${NEWVER} and your database would be inaccessible."
+ echo
+ fail=1
+ fi
+ [ "${fail}" == "1" ] && openldap_upgrade_howto
+ fi
+
+ echo
+ einfo
+ einfo "All datadirs are fine, proceeding with merge now..."
+ einfo
+}
+
+openldap_upgrade_howto() {
+ eerror
+ eerror "A (possible old) installation of OpenLDAP was detected,"
+ eerror "installation will not proceed for now."
+ eerror
+ eerror "As major version upgrades can corrupt your database,"
+ eerror "you need to dump your database and re-create it afterwards."
+ eerror
+ eerror "Additionally, rebuilding against different major versions of the"
+ eerror "sys-libs/db libraries will cause your database to be inaccessible."
+ eerror ""
+ d="$(date -u +%s)"
+ l="/root/ldapdump.${d}"
+ i="${l}.raw"
+ eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
+ eerror " 2. slapcat -l ${i}"
+ eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
+ eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
+ eerror " 5. emerge --update \=net-nds/${PF}"
+ eerror " 6. etc-update, and ensure that you apply the changes"
+ eerror " 7. slapadd -l ${l}"
+ eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
+ eerror " 9. /etc/init.d/slapd start"
+ eerror "10. check that your data is intact."
+ eerror "11. set up the new replication system."
+ eerror
+ if [ "${FORCE_UPGRADE}" != "1" ]; then
+ die "You need to upgrade your database first"
+ else
+ eerror "You have the magical FORCE_UPGRADE=1 in place."
+ eerror "Don't say you weren't warned about data loss."
+ fi
+}
+
+pkg_setup() {
+ if ! use sasl && use cxx ; then
+ die "To build the ldapc++ library you must emerge openldap with sasl support"
+ fi
+ # Bug #322787
+ if use minimal && ! has_version "net-nds/openldap" ; then
+ einfo "No datadir scan needed, openldap not installed"
+ elif use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
+ einfo "Skipping scan for previous datadirs as requested by minimal useflag"
+ else
+ openldap_find_versiontags
+ fi
+
+ enewgroup ldap 439
+ enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
+}
+
+src_prepare() {
+ # ensure correct SLAPI path by default
+ sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
+ "${S}"/include/ldap_defaults.h
+
+ epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
+
+ epatch \
+ "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
+ "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
+
+ # bug #116045 - still present in 2.4.28
+ epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
+ # bug #408077 - samba4
+ epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
+
+ # bug #189817
+ epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
+
+ # bug #233633
+ epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
+
+ # bug #281495
+ epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
+
+ # bug #294350
+ epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
+
+ # unbreak /bin/sh -> dash
+ epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
+
+ # bug #420959
+ epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
+
+ # bug #421463
+ epatch "${FILESDIR}"/${PN}-2.4.33-gnutls.patch
+
+ cd "${S}"/build || die
+ einfo "Making sure upstream build strip does not do stripping too early"
+ sed -i.orig \
+ -e '/^STRIP/s,-s,,g' \
+ top.mk || die "Failed to block stripping"
+
+ # wrong assumption that /bin/sh is /bin/bash
+ sed -i \
+ -e 's|/bin/sh|/bin/bash|g' \
+ "${S}"/tests/scripts/* || die "sed failed"
+
+ cd "${S}" || die
+ AT_NOEAUTOMAKE=yes eautoreconf
+}
+
+build_contrib_module() {
+ # <dir> <sources> <outputname>
+ cd "${S}/contrib/slapd-modules/$1" || die
+ einfo "Compiling contrib-module: $3"
+ # Make sure it's uppercase
+ local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -D${define_name}=SLAPD_MOD_DYNAMIC \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include -I../../../servers/slapd ${CFLAGS} \
+ -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
+ einfo "Linking contrib-module: $3"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o $3.la ${2%.c}.lo || die "linking $3 failed"
+}
+
+src_configure() {
+ #Fix for glibc-2.8 and ucred. Bug 228457.
+ append-flags -D_GNU_SOURCE
+
+ # Bug 408001
+ use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
+
+ # connectionless ldap per bug #342439
+ append-cppflags -DLDAP_CONNECTIONLESS
+
+ multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+ local myconf=()
+
+ use debug && myconf+=( $(use_enable debug) )
+
+ # ICU usage is not configurable
+ export ac_cv_header_unicode_utypes_h="$(multilib_is_native_abi && use icu && echo yes || echo no)"
+
+ if ! use minimal && multilib_is_native_abi; then
+ local CPPFLAGS=${CPPFLAGS}
+
+ # re-enable serverside overlay chains per bug #296567
+ # see ldap docs chaper 12.3.1 for details
+ myconf+=( --enable-ldap )
+
+ # backends
+ myconf+=( --enable-slapd )
+ if use berkdb ; then
+ einfo "Using Berkeley DB for local backend"
+ myconf+=( --enable-bdb --enable-hdb )
+ # We need to include the slotted db.h dir for FreeBSD
+ append-cppflags -I$(db_includedir)
+ else
+ ewarn
+ ewarn "Note: if you disable berkdb, you can only use remote-backends!"
+ ewarn
+ myconf+=( --disable-bdb --disable-hdb )
+ fi
+ for backend in dnssrv ldap meta monitor null passwd relay shell sock; do
+ myconf+=( --enable-${backend}=mod )
+ done
+
+ myconf+=( $(use_enable perl perl mod) )
+
+ myconf+=( $(use_enable odbc sql mod) )
+ if use odbc ; then
+ local odbc_lib="unixodbc"
+ if use iodbc ; then
+ odbc_lib="iodbc"
+ append-cppflags -I"${EPREFIX}"/usr/include/iodbc
+ fi
+ myconf+=( --with-odbc=${odbc_lib} )
+ fi
+
+ # slapd options
+ myconf+=(
+ $(use_enable crypt)
+ $(use_enable slp)
+ $(use_enable samba lmpasswd)
+ $(use_enable syslog)
+ )
+ if use experimental ; then
+ myconf+=(
+ --enable-dynacl
+ --enable-aci=mod
+ )
+ fi
+ for option in aci cleartext modules rewrite rlookups slapi; do
+ myconf+=( --enable-${option} )
+ done
+
+ # slapd overlay options
+ # Compile-in the syncprov, the others as module
+ myconf+=( --enable-syncprov=yes )
+ use overlays && myconf+=( --enable-overlays=mod )
+
+ else
+ myconf+=(
+ --disable-slapd
+ --disable-bdb
+ --disable-hdb
+ --disable-overlays
+ --disable-syslog
+ )
+ fi
+
+ # basic functionality stuff
+ myconf+=(
+ $(use_enable ipv6)
+ $(multilib_native_use_with sasl cyrus-sasl)
+ $(multilib_native_use_enable sasl spasswd)
+ $(use_enable tcpd wrappers)
+ )
+
+ local ssl_lib="no"
+ if use ssl || ( ! use minimal && use samba ) ; then
+ ssl_lib="openssl"
+ use gnutls && ssl_lib="gnutls"
+ fi
+
+ myconf+=( --with-tls=${ssl_lib} )
+
+ for basicflag in dynamic local proctitle shared static; do
+ myconf+=( --enable-${basicflag} )
+ done
+
+ tc-export AR CC CXX
+ ECONF_SOURCE=${S} \
+ STRIP=/bin/true \
+ econf \
+ --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
+ "${myconf[@]}"
+ emake depend
+}
+
+src_configure_cxx() {
+ # This needs the libraries built by the first build run.
+ # So we have to run it AFTER the main build, not just after the main
+ # configure.
+ local myconf_ldapcpp=(
+ --with-ldap-includes="${S}"/include
+ )
+
+ mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
+ cd "${BUILD_DIR}/contrib/ldapc++" || die
+
+ local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
+ append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
+ -L"${BUILD_DIR}"/libraries/libldap/.libs
+ append-cppflags -I"${BUILD_DIR}"/include
+ ECONF_SOURCE=${S}/contrib/ldapc++ \
+ econf "${myconf_ldapcpp[@]}" \
+ CC="${CC}" \
+ CXX="${CXX}"
+}
+
+multilib_src_compile() {
+ tc-export AR CC CXX
+ emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
+ local lt="${BUILD_DIR}/libtool"
+ export echo="echo"
+
+ if ! use minimal && multilib_is_native_abi ; then
+ if use cxx ; then
+ einfo "Building contrib library: ldapc++"
+ src_configure_cxx
+ cd "${BUILD_DIR}/contrib/ldapc++" || die
+ emake \
+ CC="${CC}" CXX="${CXX}"
+ fi
+
+ if use smbkrb5passwd ; then
+ einfo "Building contrib-module: smbk5pwd"
+ cd "${S}/contrib/slapd-modules/smbk5pwd" || die
+
+ emake \
+ DEFS="-DDO_SAMBA -DDO_KRB5 -DDO_SHADOW" \
+ KRB5_INC="$(krb5-config --cflags)" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
+ fi
+
+ if use overlays ; then
+ einfo "Building contrib-module: samba4"
+ cd "${S}/contrib/slapd-modules/samba4" || die
+
+ emake \
+ LDAP_BUILD="${BUILD_DIR}" \
+ CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
+ fi
+
+ if use kerberos ; then
+ cd "${S}/contrib/slapd-modules/passwd" || die
+ einfo "Compiling contrib-module: pw-kerberos"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ $(krb5-config --cflags) \
+ -DHAVE_KRB5 \
+ -o kerberos.lo \
+ -c kerberos.c || die "compiling pw-kerberos failed"
+ einfo "Linking contrib-module: pw-kerberos"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o pw-kerberos.la \
+ kerberos.lo || die "linking pw-kerberos failed"
+ fi
+ # We could build pw-radius if GNURadius would install radlib.h
+ cd "${S}/contrib/slapd-modules/passwd" || die
+ einfo "Compiling contrib-module: pw-netscape"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ -o netscape.lo \
+ -c netscape.c || die "compiling pw-netscape failed"
+ einfo "Linking contrib-module: pw-netscape"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o pw-netscape.la \
+ netscape.lo || die "linking pw-netscape failed"
+
+ build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
+ build_contrib_module "allop" "allop.c" "overlay-allop"
+ build_contrib_module "allowed" "allowed.c" "allowed"
+ build_contrib_module "autogroup" "autogroup.c" "autogroup"
+ build_contrib_module "denyop" "denyop.c" "denyop-overlay"
+ build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
+ # lastmod may not play well with other overlays
+ build_contrib_module "lastmod" "lastmod.c" "lastmod"
+ build_contrib_module "nops" "nops.c" "nops-overlay"
+ build_contrib_module "trace" "trace.c" "trace"
+ # build slapi-plugins
+ cd "${S}/contrib/slapi-plugins/addrdnvalues" || die
+ einfo "Building contrib-module: addrdnvalues plugin"
+ "${CC}" -shared \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ -fPIC \
+ ${LDFLAGS} \
+ -o libaddrdnvalues-plugin.so \
+ addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
+
+ fi
+}
+
+multilib_src_test() {
+ if multilib_is_native_abi; then
+ cd tests || die
+ make tests || die "make tests failed"
+ fi
+}
+
+multilib_src_install() {
+ local lt="${BUILD_DIR}/libtool"
+ emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
+
+ if ! use minimal && multilib_is_native_abi; then
+ # openldap modules go here
+ # TODO: write some code to populate slapd.conf with moduleload statements
+ keepdir /usr/$(get_libdir)/openldap/openldap/
+
+ # initial data storage dir
+ keepdir /var/lib/openldap-data
+ use prefix || fowners ldap:ldap /var/lib/openldap-data
+ fperms 0700 /var/lib/openldap-data
+
+ echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+ echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+ echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+
+ # use our config
+ rm "${ED}"etc/openldap/slapd.conf
+ insinto /etc/openldap
+ newins "${FILESDIR}"/${PN}-2.3.34-slapd-conf slapd.conf
+ configfile="${ED}"etc/openldap/slapd.conf
+
+ # populate with built backends
+ ebegin "populate config with built backends"
+ for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
+ elog "Adding $(basename ${x})"
+ sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
+ done
+ sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
+ use prefix || fowners root:ldap /etc/openldap/slapd.conf
+ fperms 0640 /etc/openldap/slapd.conf
+ cp "${configfile}" "${configfile}".default
+ eend
+
+ # install our own init scripts and systemd unit files
+ newinitd "${FILESDIR}"/slapd-initd-2.4.28-r1 slapd
+ newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
+ systemd_dounit "${FILESDIR}"/slapd.service
+ systemd_install_serviced "${FILESDIR}"/slapd.service.conf
+ systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
+
+ if [[ $(get_libdir) != lib ]]; then
+ sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \
+ "${ED}"/etc/init.d/slapd \
+ "${ED}"/usr/lib/systemd/system/slapd.service || die
+ fi
+ # If built without SLP, we don't need to be before avahi
+ use slp \
+ || sed -i \
+ -e '/before/{s/avahi-daemon//g}' \
+ "${ED}"etc/init.d/slapd
+
+ if use cxx ; then
+ einfo "Install the ldapc++ library"
+ cd "${BUILD_DIR}/contrib/ldapc++" || die
+ emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
+ cd "${S}"/contrib/ldapc++ || die
+ newdoc README ldapc++-README
+ fi
+
+ if use smbkrb5passwd ; then
+ einfo "Install the smbk5pwd module"
+ cd "${S}/contrib/slapd-modules/smbk5pwd" || die
+ emake DESTDIR="${D}" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
+ newdoc README smbk5pwd-README
+ fi
+
+ if use overlays ; then
+ einfo "Install the samba4 module"
+ cd "${S}/contrib/slapd-modules/samba4" || die
+ emake DESTDIR="${D}" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ libexecdir="/usr/$(get_libdir)/openldap" install
+ newdoc README samba4-README
+ fi
+
+ einfo "Installing contrib modules"
+ cd "${S}/contrib/slapd-modules" || die
+ for l in */*.la; do
+ "${lt}" --mode=install cp ${l} \
+ "${ED}"usr/$(get_libdir)/openldap/openldap || \
+ die "installing ${l} failed"
+ done
+
+ docinto contrib
+ newdoc addpartial/README addpartial-README
+ newdoc allop/README allop-README
+ doman allop/slapo-allop.5
+ newdoc autogroup/README autogroup-README
+ newdoc denyop/denyop.c denyop-denyop.c
+ newdoc dsaschema/README dsaschema-README
+ doman lastmod/slapo-lastmod.5
+ doman nops/slapo-nops.5
+ newdoc passwd/README passwd-README
+ cd "${S}/contrib/slapi-plugins" || die
+ insinto /usr/$(get_libdir)/openldap/openldap
+ doins */*.so
+ docinto contrib
+ newdoc addrdnvalues/README addrdnvalues-README
+
+ insinto /etc/openldap/schema
+ newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
+ fi
+}
+
+multilib_src_install_all() {
+ dodoc ANNOUNCEMENT CHANGES COPYRIGHT README "${FILESDIR}"/DB_CONFIG.fast.example
+ docinto rfc ; dodoc doc/rfc/*.txt
+}
+
+pkg_preinst() {
+ # keep old libs if any
+ preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
+}
+
+pkg_postinst() {
+ if ! use minimal ; then
+ # You cannot build SSL certificates during src_install that will make
+ # binary packages containing your SSL key, which is both a security risk
+ # and a misconfiguration if multiple machines use the same key and cert.
+ if use ssl; then
+ install_cert /etc/openldap/ssl/ldap
+ use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "add 'TLS_REQCERT never' if you want to use them."
+ fi
+
+ if use prefix; then
+ # Warn about prefix issues with slapd
+ eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
+ eerror "to start up, and requires that certain files directories be owned by"
+ eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
+ eerror "directories, you will have to manually fix this yourself."
+ fi
+
+ # These lines force the permissions of various content to be correct
+ use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
+ chmod 0755 "${EROOT}"var/run/openldap
+ use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
+ chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
+ use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
+ fi
+
+ elog "Getting started using OpenLDAP? There is some documentation available:"
+ elog "Gentoo Guide to OpenLDAP Authentication"
+ elog "(http://www.gentoo.org/doc/en/ldap-howto.xml)"
+ elog "---"
+ elog "An example file for tuning BDB backends with openldap is"
+ elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
+
+ preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
+}
diff --git a/net-nds/openldap/openldap-2.4.40-r2.ebuild b/net-nds/openldap/openldap-2.4.40-r2.ebuild
new file mode 100644
index 000000000000..07e1a4ea6e3e
--- /dev/null
+++ b/net-nds/openldap/openldap-2.4.40-r2.ebuild
@@ -0,0 +1,812 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd
+
+BIS_PN=rfc2307bis.schema
+BIS_PV=20140524
+BIS_P="${BIS_PN}-${BIS_PV}"
+
+DESCRIPTION="LDAP suite of application and development tools"
+HOMEPAGE="http://www.OpenLDAP.org/"
+
+# mirrors are mostly not working, using canonical URI
+SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
+ mirror://gentoo/${BIS_P}"
+
+LICENSE="OPENLDAP GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~x86-linux ~x86-solaris"
+
+IUSE_DAEMON="crypt icu samba slp tcpd experimental minimal"
+IUSE_BACKEND="+berkdb"
+IUSE_OVERLAY="overlays perl"
+IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 +syslog selinux static-libs"
+IUSE_CONTRIB="smbkrb5passwd kerberos"
+IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
+IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
+
+REQUIRED_USE="cxx? ( sasl )"
+
+# always list newer first
+# Do not add any AGPL-3 BDB here!
+# See bug 525110, comment 15.
+BDB_SLOTS='5.3 5.1 4.8 4.7 4.6 4.5 4.4'
+BDB_PKGS=''
+for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done
+
+# openssl is needed to generate lanman-passwords required by samba
+CDEPEND="icu? ( dev-libs/icu:= )
+ ssl? ( !gnutls? ( >=dev-libs/openssl-1.0.1h-r2[${MULTILIB_USEDEP}] )
+ gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}] >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) )
+ sasl? ( dev-libs/cyrus-sasl:= )
+ !minimal? (
+ sys-devel/libtool
+ sys-libs/e2fsprogs-libs
+ >=dev-db/lmdb-0.9.14
+ tcpd? ( sys-apps/tcp-wrappers )
+ odbc? ( !iodbc? ( dev-db/unixODBC )
+ iodbc? ( dev-db/libiodbc ) )
+ slp? ( net-libs/openslp )
+ perl? ( dev-lang/perl[-build(-)] )
+ samba? ( dev-libs/openssl )
+ berkdb? (
+ <sys-libs/db-6.0:=
+ || ( ${BDB_PKGS} )
+ )
+ smbkrb5passwd? (
+ dev-libs/openssl
+ kerberos? ( app-crypt/heimdal )
+ )
+ kerberos? ( virtual/krb5 )
+ cxx? ( dev-libs/cyrus-sasl:= )
+ )
+ abi_x86_32? (
+ !<=app-emulation/emul-linux-x86-baselibs-20140508-r3
+ !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
+ )"
+DEPEND="${CDEPEND}
+ sys-apps/groff"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-ldap )
+"
+# for tracking versions
+OPENLDAP_VERSIONTAG=".version-tag"
+OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
+
+MULTILIB_WRAPPED_HEADERS=(
+ # USE=cxx
+ /usr/include/LDAPAsynConnection.h
+ /usr/include/LDAPAttrType.h
+ /usr/include/LDAPAttribute.h
+ /usr/include/LDAPAttributeList.h
+ /usr/include/LDAPConnection.h
+ /usr/include/LDAPConstraints.h
+ /usr/include/LDAPControl.h
+ /usr/include/LDAPControlSet.h
+ /usr/include/LDAPEntry.h
+ /usr/include/LDAPEntryList.h
+ /usr/include/LDAPException.h
+ /usr/include/LDAPExtResult.h
+ /usr/include/LDAPMessage.h
+ /usr/include/LDAPMessageQueue.h
+ /usr/include/LDAPModList.h
+ /usr/include/LDAPModification.h
+ /usr/include/LDAPObjClass.h
+ /usr/include/LDAPRebind.h
+ /usr/include/LDAPRebindAuth.h
+ /usr/include/LDAPReferenceList.h
+ /usr/include/LDAPResult.h
+ /usr/include/LDAPSaslBindResult.h
+ /usr/include/LDAPSchema.h
+ /usr/include/LDAPSearchReference.h
+ /usr/include/LDAPSearchResult.h
+ /usr/include/LDAPSearchResults.h
+ /usr/include/LDAPUrl.h
+ /usr/include/LDAPUrlList.h
+ /usr/include/LdifReader.h
+ /usr/include/LdifWriter.h
+ /usr/include/SaslInteraction.h
+ /usr/include/SaslInteractionHandler.h
+ /usr/include/StringList.h
+ /usr/include/TlsOptions.h
+)
+
+openldap_filecount() {
+ local dir="$1"
+ find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
+}
+
+openldap_find_versiontags() {
+ # scan for all datadirs
+ openldap_datadirs=""
+ if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then
+ openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)"
+ fi
+ openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
+
+ einfo
+ einfo "Scanning datadir(s) from slapd.conf and"
+ einfo "the default installdir for Versiontags"
+ einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
+ einfo
+
+ # scan datadirs if we have a version tag
+ openldap_found_tag=0
+ have_files=0
+ for each in ${openldap_datadirs}; do
+ CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
+ CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
+ if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
+ einfo "- Checking ${each}..."
+ if [ -r ${CURRENT_TAG} ] ; then
+ # yey, we have one :)
+ einfo " Found Versiontag in ${each}"
+ source ${CURRENT_TAG}
+ if [ "${OLDPF}" == "" ] ; then
+ eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
+ eerror "Please delete it"
+ eerror
+ die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
+ fi
+
+ OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
+
+ [ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
+
+ # are we on the same branch?
+ if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
+ ewarn " Versiontag doesn't match current major release!"
+ if [[ "${have_files}" == "1" ]] ; then
+ eerror " Versiontag says other major and you (probably) have datafiles!"
+ echo
+ openldap_upgrade_howto
+ else
+ einfo " No real problem, seems there's no database."
+ fi
+ else
+ einfo " Versiontag is fine here :)"
+ fi
+ else
+ einfo " Non-tagged dir ${each}"
+ [ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
+ if [[ "${have_files}" == "1" ]] ; then
+ einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
+ echo
+
+ eerror
+ eerror "Your OpenLDAP Installation has a non tagged datadir that"
+ eerror "possibly contains a database at ${CURRENT_TAGDIR}"
+ eerror
+ eerror "Please export data if any entered and empty or remove"
+ eerror "the directory, installation has been stopped so you"
+ eerror "can take required action"
+ eerror
+ eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
+ eerror
+ openldap_upgrade_howto
+ die "Please move the datadir ${CURRENT_TAGDIR} away"
+ fi
+ fi
+ einfo
+ fi
+ done
+ [ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
+
+ # Now we must check for the major version of sys-libs/db linked against.
+ SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd
+ if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
+ OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
+ | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
+ if use berkdb; then
+ # find which one would be used
+ for bdb_slot in $BDB_SLOTS ; do
+ NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")"
+ [[ -n "$NEWVER" ]] && break
+ done
+ fi
+ local fail=0
+ if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
+ :
+ # Nothing wrong here.
+ elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
+ eerror " Your existing version of OpenLDAP was not built against"
+ eerror " any version of sys-libs/db, but the new one will build"
+ eerror " against ${NEWVER} and your database may be inaccessible."
+ echo
+ fail=1
+ elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
+ eerror " Your existing version of OpenLDAP was built against"
+ eerror " sys-libs/db:${OLDVER}, but the new one will not be"
+ eerror " built against any version and your database may be"
+ eerror " inaccessible."
+ echo
+ fail=1
+ elif [ "${OLDVER}" != "${NEWVER}" ]; then
+ eerror " Your existing version of OpenLDAP was built against"
+ eerror " sys-libs/db:${OLDVER}, but the new one will build against"
+ eerror " ${NEWVER} and your database would be inaccessible."
+ echo
+ fail=1
+ fi
+ [ "${fail}" == "1" ] && openldap_upgrade_howto
+ fi
+
+ echo
+ einfo
+ einfo "All datadirs are fine, proceeding with merge now..."
+ einfo
+}
+
+openldap_upgrade_howto() {
+ eerror
+ eerror "A (possible old) installation of OpenLDAP was detected,"
+ eerror "installation will not proceed for now."
+ eerror
+ eerror "As major version upgrades can corrupt your database,"
+ eerror "you need to dump your database and re-create it afterwards."
+ eerror
+ eerror "Additionally, rebuilding against different major versions of the"
+ eerror "sys-libs/db libraries will cause your database to be inaccessible."
+ eerror ""
+ d="$(date -u +%s)"
+ l="/root/ldapdump.${d}"
+ i="${l}.raw"
+ eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
+ eerror " 2. slapcat -l ${i}"
+ eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
+ eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
+ eerror " 5. emerge --update \=net-nds/${PF}"
+ eerror " 6. etc-update, and ensure that you apply the changes"
+ eerror " 7. slapadd -l ${l}"
+ eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
+ eerror " 9. /etc/init.d/slapd start"
+ eerror "10. check that your data is intact."
+ eerror "11. set up the new replication system."
+ eerror
+ if [ "${FORCE_UPGRADE}" != "1" ]; then
+ die "You need to upgrade your database first"
+ else
+ eerror "You have the magical FORCE_UPGRADE=1 in place."
+ eerror "Don't say you weren't warned about data loss."
+ fi
+}
+
+pkg_setup() {
+ if ! use sasl && use cxx ; then
+ die "To build the ldapc++ library you must emerge openldap with sasl support"
+ fi
+ # Bug #322787
+ if use minimal && ! has_version "net-nds/openldap" ; then
+ einfo "No datadir scan needed, openldap not installed"
+ elif use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
+ einfo "Skipping scan for previous datadirs as requested by minimal useflag"
+ else
+ openldap_find_versiontags
+ fi
+
+ enewgroup ldap 439
+ enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
+}
+
+src_prepare() {
+ # ensure correct SLAPI path by default
+ sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
+ "${S}"/include/ldap_defaults.h
+
+ epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
+
+ epatch \
+ "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
+ "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
+
+ # bug #116045 - still present in 2.4.28
+ epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
+ # bug #408077 - samba4
+ epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
+
+ # bug #189817
+ epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
+
+ # bug #233633
+ epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
+
+ # bug #281495
+ epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
+
+ # bug #294350
+ epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
+
+ # unbreak /bin/sh -> dash
+ epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
+
+ # bug #420959
+ epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
+
+ # bug #421463
+ #epatch "${FILESDIR}"/${PN}-2.4.33-gnutls.patch # merged upstream
+
+ # unbundle lmdb
+ epatch "${FILESDIR}"/${P}-mdb-unbundle.patch
+ rm -rf "${S}"/libraries/liblmdb
+
+ cd "${S}"/build || die
+ einfo "Making sure upstream build strip does not do stripping too early"
+ sed -i.orig \
+ -e '/^STRIP/s,-s,,g' \
+ top.mk || die "Failed to block stripping"
+
+ # wrong assumption that /bin/sh is /bin/bash
+ sed -i \
+ -e 's|/bin/sh|/bin/bash|g' \
+ "${S}"/tests/scripts/* || die "sed failed"
+
+ cd "${S}" || die
+
+ AT_NOEAUTOMAKE=yes eautoreconf
+}
+
+build_contrib_module() {
+ # <dir> <sources> <outputname>
+ cd "${S}/contrib/slapd-modules/$1" || die
+ einfo "Compiling contrib-module: $3"
+ # Make sure it's uppercase
+ local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -D${define_name}=SLAPD_MOD_DYNAMIC \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include -I../../../servers/slapd ${CFLAGS} \
+ -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
+ einfo "Linking contrib-module: $3"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o $3.la ${2%.c}.lo || die "linking $3 failed"
+}
+
+src_configure() {
+ #Fix for glibc-2.8 and ucred. Bug 228457.
+ append-cppflags -D_GNU_SOURCE
+
+ # Bug 408001
+ use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
+
+ # connectionless ldap per bug #342439
+ append-cppflags -DLDAP_CONNECTIONLESS
+
+ multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+ local myconf=()
+
+ use debug && myconf+=( $(use_enable debug) )
+
+ # ICU usage is not configurable
+ export ac_cv_header_unicode_utypes_h="$(multilib_is_native_abi && use icu && echo yes || echo no)"
+
+ if ! use minimal && multilib_is_native_abi; then
+ local CPPFLAGS=${CPPFLAGS}
+
+ # re-enable serverside overlay chains per bug #296567
+ # see ldap docs chaper 12.3.1 for details
+ myconf+=( --enable-ldap )
+
+ # backends
+ myconf+=( --enable-slapd )
+ if use berkdb ; then
+ einfo "Using Berkeley DB for local backend"
+ myconf+=( --enable-bdb --enable-hdb )
+ DBINCLUDE=$(db_includedir $BDB_SLOTS)
+ einfo "Using $DBINCLUDE for sys-libs/db version"
+ # We need to include the slotted db.h dir for FreeBSD
+ append-cppflags -I${DBINCLUDE}
+ else
+ myconf+=( --disable-bdb --disable-hdb )
+ fi
+ for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
+ myconf+=( --enable-${backend}=mod )
+ done
+
+ myconf+=( $(use_enable perl perl mod) )
+
+ myconf+=( $(use_enable odbc sql mod) )
+ if use odbc ; then
+ local odbc_lib="unixodbc"
+ if use iodbc ; then
+ odbc_lib="iodbc"
+ append-cppflags -I"${EPREFIX}"/usr/include/iodbc
+ fi
+ myconf+=( --with-odbc=${odbc_lib} )
+ fi
+
+ # slapd options
+ myconf+=(
+ $(use_enable crypt)
+ $(use_enable slp)
+ $(use_enable samba lmpasswd)
+ $(use_enable syslog)
+ )
+ if use experimental ; then
+ myconf+=(
+ --enable-dynacl
+ --enable-aci=mod
+ )
+ fi
+ for option in aci cleartext modules rewrite rlookups slapi; do
+ myconf+=( --enable-${option} )
+ done
+
+ # slapd overlay options
+ # Compile-in the syncprov, the others as module
+ myconf+=( --enable-syncprov=yes )
+ use overlays && myconf+=( --enable-overlays=mod )
+
+ else
+ myconf+=(
+ --disable-backends
+ --disable-slapd
+ --disable-bdb
+ --disable-hdb
+ --disable-mdb
+ --disable-overlays
+ --disable-syslog
+ )
+ fi
+
+ # basic functionality stuff
+ myconf+=(
+ $(use_enable ipv6)
+ $(multilib_native_use_with sasl cyrus-sasl)
+ $(multilib_native_use_enable sasl spasswd)
+ $(use_enable tcpd wrappers)
+ )
+
+ local ssl_lib="no"
+ if use ssl || ( ! use minimal && use samba ) ; then
+ ssl_lib="openssl"
+ use gnutls && ssl_lib="gnutls"
+ fi
+
+ myconf+=( --with-tls=${ssl_lib} )
+
+ for basicflag in dynamic local proctitle shared; do
+ myconf+=( --enable-${basicflag} )
+ done
+
+ tc-export AR CC CXX
+ ECONF_SOURCE=${S} \
+ STRIP=/bin/true \
+ econf \
+ --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
+ $(use_enable static-libs static) \
+ "${myconf[@]}"
+ emake depend
+}
+
+src_configure_cxx() {
+ # This needs the libraries built by the first build run.
+ # So we have to run it AFTER the main build, not just after the main
+ # configure.
+ local myconf_ldapcpp=(
+ --with-ldap-includes="${S}"/include
+ )
+
+ mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
+ cd "${BUILD_DIR}/contrib/ldapc++" || die
+
+ local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
+ append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
+ -L"${BUILD_DIR}"/libraries/libldap/.libs
+ append-cppflags -I"${BUILD_DIR}"/include
+ ECONF_SOURCE=${S}/contrib/ldapc++ \
+ econf "${myconf_ldapcpp[@]}" \
+ CC="${CC}" \
+ CXX="${CXX}"
+}
+
+multilib_src_compile() {
+ tc-export AR CC CXX
+ emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
+ local lt="${BUILD_DIR}/libtool"
+ export echo="echo"
+
+ if ! use minimal && multilib_is_native_abi ; then
+ if use cxx ; then
+ einfo "Building contrib library: ldapc++"
+ src_configure_cxx
+ cd "${BUILD_DIR}/contrib/ldapc++" || die
+ emake \
+ CC="${CC}" CXX="${CXX}"
+ fi
+
+ if use smbkrb5passwd ; then
+ einfo "Building contrib-module: smbk5pwd"
+ cd "${S}/contrib/slapd-modules/smbk5pwd" || die
+
+ MY_DEFS="-DDO_SHADOW"
+ if use samba ; then
+ MY_DEFS="${MY_DEFS} -DDO_SAMBA"
+ MY_KRB5_INC=""
+ fi
+ if use kerberos ; then
+ MY_DEFS="${MY_DEFS} -DDO_KRB5"
+ MY_KRB5_INC="$(krb5-config --cflags)"
+ fi
+
+ emake \
+ DEFS="${MY_DEFS}" \
+ KRB5_INC="${MY_KRB5_INC}" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
+ fi
+
+ if use overlays ; then
+ einfo "Building contrib-module: samba4"
+ cd "${S}/contrib/slapd-modules/samba4" || die
+
+ emake \
+ LDAP_BUILD="${BUILD_DIR}" \
+ CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
+ fi
+
+ if use kerberos ; then
+ build_contrib_module "kinit" "kinit.c" "kinit"
+ cd "${S}/contrib/slapd-modules/passwd" || die
+ einfo "Compiling contrib-module: pw-kerberos"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ $(krb5-config --cflags) \
+ -DHAVE_KRB5 \
+ -o kerberos.lo \
+ -c kerberos.c || die "compiling pw-kerberos failed"
+ einfo "Linking contrib-module: pw-kerberos"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o pw-kerberos.la \
+ kerberos.lo || die "linking pw-kerberos failed"
+ fi
+ # We could build pw-radius if GNURadius would install radlib.h
+ cd "${S}/contrib/slapd-modules/passwd" || die
+ einfo "Compiling contrib-module: pw-netscape"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ -o netscape.lo \
+ -c netscape.c || die "compiling pw-netscape failed"
+ einfo "Linking contrib-module: pw-netscape"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o pw-netscape.la \
+ netscape.lo || die "linking pw-netscape failed"
+
+ #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
+ #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
+ build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
+ build_contrib_module "allop" "allop.c" "overlay-allop"
+ build_contrib_module "allowed" "allowed.c" "allowed"
+ build_contrib_module "autogroup" "autogroup.c" "autogroup"
+ build_contrib_module "cloak" "cloak.c" "cloak"
+ # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
+ build_contrib_module "denyop" "denyop.c" "denyop-overlay"
+ build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
+ build_contrib_module "dupent" "dupent.c" "dupent"
+ build_contrib_module "lastbind" "lastbind.c" "lastbind"
+ # lastmod may not play well with other overlays
+ build_contrib_module "lastmod" "lastmod.c" "lastmod"
+ build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
+ build_contrib_module "nops" "nops.c" "nops-overlay"
+ #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
+ build_contrib_module "trace" "trace.c" "trace"
+ # build slapi-plugins
+ cd "${S}/contrib/slapi-plugins/addrdnvalues" || die
+ einfo "Building contrib-module: addrdnvalues plugin"
+ "${CC}" -shared \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ -fPIC \
+ ${LDFLAGS} \
+ -o libaddrdnvalues-plugin.so \
+ addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
+
+ fi
+}
+
+multilib_src_test() {
+ if multilib_is_native_abi; then
+ cd tests || die
+ emake tests || die "make tests failed"
+ fi
+}
+
+multilib_src_install() {
+ local lt="${BUILD_DIR}/libtool"
+ emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
+ use static-libs || prune_libtool_files --all
+
+ if ! use minimal && multilib_is_native_abi; then
+ # openldap modules go here
+ # TODO: write some code to populate slapd.conf with moduleload statements
+ keepdir /usr/$(get_libdir)/openldap/openldap/
+
+ # initial data storage dir
+ keepdir /var/lib/openldap-data
+ use prefix || fowners ldap:ldap /var/lib/openldap-data
+ fperms 0700 /var/lib/openldap-data
+
+ echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+ echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+ echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+
+ # use our config
+ rm "${ED}"etc/openldap/slapd.conf
+ insinto /etc/openldap
+ newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
+ configfile="${ED}"etc/openldap/slapd.conf
+
+ # populate with built backends
+ ebegin "populate config with built backends"
+ for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
+ einfo "Adding $(basename ${x})"
+ sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
+ done
+ sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
+ use prefix || fowners root:ldap /etc/openldap/slapd.conf
+ fperms 0640 /etc/openldap/slapd.conf
+ cp "${configfile}" "${configfile}".default
+ eend
+
+ # install our own init scripts and systemd unit files
+ einfo "Install init scripts"
+ newinitd "${FILESDIR}"/slapd-initd-2.4.40-r1 slapd
+ newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
+ einfo "Install systemd service"
+ systemd_dounit "${FILESDIR}"/slapd.service
+ systemd_install_serviced "${FILESDIR}"/slapd.service.conf
+ systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
+
+ if [[ $(get_libdir) != lib ]]; then
+ sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \
+ "${ED}"/etc/init.d/slapd \
+ "${ED}"/usr/lib/systemd/system/slapd.service || die
+ fi
+ # If built without SLP, we don't need to be before avahi
+ use slp \
+ || sed -i \
+ -e '/before/{s/avahi-daemon//g}' \
+ "${ED}"etc/init.d/slapd
+
+ if use cxx ; then
+ einfo "Install the ldapc++ library"
+ cd "${BUILD_DIR}/contrib/ldapc++" || die
+ emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
+ cd "${S}"/contrib/ldapc++ || die
+ newdoc README ldapc++-README
+ fi
+
+ if use smbkrb5passwd ; then
+ einfo "Install the smbk5pwd module"
+ cd "${S}/contrib/slapd-modules/smbk5pwd" || die
+ emake DESTDIR="${D}" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
+ newdoc README smbk5pwd-README
+ fi
+
+ if use overlays ; then
+ einfo "Install the samba4 module"
+ cd "${S}/contrib/slapd-modules/samba4" || die
+ emake DESTDIR="${D}" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ libexecdir="/usr/$(get_libdir)/openldap" install
+ newdoc README samba4-README
+ fi
+
+ einfo "Installing contrib modules"
+ cd "${S}/contrib/slapd-modules" || die
+ for l in */*.la; do
+ "${lt}" --mode=install cp ${l} \
+ "${ED}"usr/$(get_libdir)/openldap/openldap || \
+ die "installing ${l} failed"
+ done
+
+ dodoc "${FILESDIR}"/DB_CONFIG.fast.example
+ docinto contrib
+ doman */*.5
+ #newdoc acl/README*
+ newdoc addpartial/README addpartial-README
+ newdoc allop/README allop-README
+ newdoc allowed/README allowed-README
+ newdoc autogroup/README autogroup-README
+ newdoc dsaschema/README dsaschema-README
+ newdoc passwd/README passwd-README
+ cd "${S}/contrib/slapi-plugins" || die
+ insinto /usr/$(get_libdir)/openldap/openldap
+ doins */*.so
+ docinto contrib
+ newdoc addrdnvalues/README addrdnvalues-README
+
+ insinto /etc/openldap/schema
+ newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
+
+ docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
+ docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
+ docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
+
+ dosbin "${S}"/contrib/slapd-tools/statslog
+ newdoc "${S}"/contrib/slapd-tools/README README.statslog
+ fi
+}
+
+multilib_src_install_all() {
+ dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
+ docinto rfc ; dodoc doc/rfc/*.txt
+}
+
+pkg_preinst() {
+ # keep old libs if any
+ preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
+ # bug 440470, only display the getting started help there was no openldap before,
+ # or we are going to a non-minimal build
+ ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
+ OPENLDAP_PRINT_MESSAGES=$((! $?))
+}
+
+pkg_postinst() {
+ if ! use minimal ; then
+ # You cannot build SSL certificates during src_install that will make
+ # binary packages containing your SSL key, which is both a security risk
+ # and a misconfiguration if multiple machines use the same key and cert.
+ if use ssl; then
+ install_cert /etc/openldap/ssl/ldap
+ use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "add 'TLS_REQCERT allow' if you want to use them."
+ fi
+
+ if use prefix; then
+ # Warn about prefix issues with slapd
+ eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
+ eerror "to start up, and requires that certain files directories be owned by"
+ eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
+ eerror "directories, you will have to manually fix this yourself."
+ fi
+
+ # These lines force the permissions of various content to be correct
+ use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
+ chmod 0755 "${EROOT}"var/run/openldap
+ use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
+ chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
+ use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
+ fi
+
+ if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
+ elog "Getting started using OpenLDAP? There is some documentation available:"
+ elog "Gentoo Guide to OpenLDAP Authentication"
+ elog "(http://www.gentoo.org/doc/en/ldap-howto.xml)"
+ elog "---"
+ elog "An example file for tuning BDB backends with openldap is"
+ elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
+ fi
+
+ preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
+}
diff --git a/net-nds/openldap/openldap-2.4.40-r4.ebuild b/net-nds/openldap/openldap-2.4.40-r4.ebuild
new file mode 100644
index 000000000000..6da074965ea3
--- /dev/null
+++ b/net-nds/openldap/openldap-2.4.40-r4.ebuild
@@ -0,0 +1,812 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd
+
+BIS_PN=rfc2307bis.schema
+BIS_PV=20140524
+BIS_P="${BIS_PN}-${BIS_PV}"
+
+DESCRIPTION="LDAP suite of application and development tools"
+HOMEPAGE="http://www.OpenLDAP.org/"
+
+# mirrors are mostly not working, using canonical URI
+SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
+ mirror://gentoo/${BIS_P}"
+
+LICENSE="OPENLDAP GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~x86-linux ~x86-solaris"
+
+IUSE_DAEMON="crypt icu samba slp tcpd experimental minimal"
+IUSE_BACKEND="+berkdb"
+IUSE_OVERLAY="overlays perl"
+IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 +syslog selinux static-libs"
+IUSE_CONTRIB="smbkrb5passwd kerberos"
+IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
+IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
+
+REQUIRED_USE="cxx? ( sasl )"
+
+# always list newer first
+# Do not add any AGPL-3 BDB here!
+# See bug 525110, comment 15.
+BDB_SLOTS='5.3 5.1 4.8 4.7 4.6 4.5 4.4'
+BDB_PKGS=''
+for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done
+
+# openssl is needed to generate lanman-passwords required by samba
+CDEPEND="icu? ( dev-libs/icu:= )
+ ssl? ( !gnutls? ( >=dev-libs/openssl-1.0.1h-r2[${MULTILIB_USEDEP}] )
+ gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}] >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) )
+ sasl? ( dev-libs/cyrus-sasl:= )
+ !minimal? (
+ sys-devel/libtool
+ sys-libs/e2fsprogs-libs
+ >=dev-db/lmdb-0.9.14
+ tcpd? ( sys-apps/tcp-wrappers )
+ odbc? ( !iodbc? ( dev-db/unixODBC )
+ iodbc? ( dev-db/libiodbc ) )
+ slp? ( net-libs/openslp )
+ perl? ( dev-lang/perl[-build(-)] )
+ samba? ( dev-libs/openssl )
+ berkdb? (
+ <sys-libs/db-6.0:=
+ || ( ${BDB_PKGS} )
+ )
+ smbkrb5passwd? (
+ dev-libs/openssl
+ kerberos? ( app-crypt/heimdal )
+ )
+ kerberos? ( virtual/krb5 )
+ cxx? ( dev-libs/cyrus-sasl:= )
+ )
+ abi_x86_32? (
+ !<=app-emulation/emul-linux-x86-baselibs-20140508-r3
+ !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
+ )"
+DEPEND="${CDEPEND}
+ sys-apps/groff"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-ldap )
+"
+# for tracking versions
+OPENLDAP_VERSIONTAG=".version-tag"
+OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
+
+MULTILIB_WRAPPED_HEADERS=(
+ # USE=cxx
+ /usr/include/LDAPAsynConnection.h
+ /usr/include/LDAPAttrType.h
+ /usr/include/LDAPAttribute.h
+ /usr/include/LDAPAttributeList.h
+ /usr/include/LDAPConnection.h
+ /usr/include/LDAPConstraints.h
+ /usr/include/LDAPControl.h
+ /usr/include/LDAPControlSet.h
+ /usr/include/LDAPEntry.h
+ /usr/include/LDAPEntryList.h
+ /usr/include/LDAPException.h
+ /usr/include/LDAPExtResult.h
+ /usr/include/LDAPMessage.h
+ /usr/include/LDAPMessageQueue.h
+ /usr/include/LDAPModList.h
+ /usr/include/LDAPModification.h
+ /usr/include/LDAPObjClass.h
+ /usr/include/LDAPRebind.h
+ /usr/include/LDAPRebindAuth.h
+ /usr/include/LDAPReferenceList.h
+ /usr/include/LDAPResult.h
+ /usr/include/LDAPSaslBindResult.h
+ /usr/include/LDAPSchema.h
+ /usr/include/LDAPSearchReference.h
+ /usr/include/LDAPSearchResult.h
+ /usr/include/LDAPSearchResults.h
+ /usr/include/LDAPUrl.h
+ /usr/include/LDAPUrlList.h
+ /usr/include/LdifReader.h
+ /usr/include/LdifWriter.h
+ /usr/include/SaslInteraction.h
+ /usr/include/SaslInteractionHandler.h
+ /usr/include/StringList.h
+ /usr/include/TlsOptions.h
+)
+
+openldap_filecount() {
+ local dir="$1"
+ find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
+}
+
+openldap_find_versiontags() {
+ # scan for all datadirs
+ openldap_datadirs=""
+ if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then
+ openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)"
+ fi
+ openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
+
+ einfo
+ einfo "Scanning datadir(s) from slapd.conf and"
+ einfo "the default installdir for Versiontags"
+ einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
+ einfo
+
+ # scan datadirs if we have a version tag
+ openldap_found_tag=0
+ have_files=0
+ for each in ${openldap_datadirs}; do
+ CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
+ CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
+ if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
+ einfo "- Checking ${each}..."
+ if [ -r ${CURRENT_TAG} ] ; then
+ # yey, we have one :)
+ einfo " Found Versiontag in ${each}"
+ source ${CURRENT_TAG}
+ if [ "${OLDPF}" == "" ] ; then
+ eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
+ eerror "Please delete it"
+ eerror
+ die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
+ fi
+
+ OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
+
+ [ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
+
+ # are we on the same branch?
+ if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
+ ewarn " Versiontag doesn't match current major release!"
+ if [[ "${have_files}" == "1" ]] ; then
+ eerror " Versiontag says other major and you (probably) have datafiles!"
+ echo
+ openldap_upgrade_howto
+ else
+ einfo " No real problem, seems there's no database."
+ fi
+ else
+ einfo " Versiontag is fine here :)"
+ fi
+ else
+ einfo " Non-tagged dir ${each}"
+ [ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
+ if [[ "${have_files}" == "1" ]] ; then
+ einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
+ echo
+
+ eerror
+ eerror "Your OpenLDAP Installation has a non tagged datadir that"
+ eerror "possibly contains a database at ${CURRENT_TAGDIR}"
+ eerror
+ eerror "Please export data if any entered and empty or remove"
+ eerror "the directory, installation has been stopped so you"
+ eerror "can take required action"
+ eerror
+ eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
+ eerror
+ openldap_upgrade_howto
+ die "Please move the datadir ${CURRENT_TAGDIR} away"
+ fi
+ fi
+ einfo
+ fi
+ done
+ [ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
+
+ # Now we must check for the major version of sys-libs/db linked against.
+ SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd
+ if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
+ OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
+ | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
+ if use berkdb; then
+ # find which one would be used
+ for bdb_slot in $BDB_SLOTS ; do
+ NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")"
+ [[ -n "$NEWVER" ]] && break
+ done
+ fi
+ local fail=0
+ if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
+ :
+ # Nothing wrong here.
+ elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
+ eerror " Your existing version of OpenLDAP was not built against"
+ eerror " any version of sys-libs/db, but the new one will build"
+ eerror " against ${NEWVER} and your database may be inaccessible."
+ echo
+ fail=1
+ elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
+ eerror " Your existing version of OpenLDAP was built against"
+ eerror " sys-libs/db:${OLDVER}, but the new one will not be"
+ eerror " built against any version and your database may be"
+ eerror " inaccessible."
+ echo
+ fail=1
+ elif [ "${OLDVER}" != "${NEWVER}" ]; then
+ eerror " Your existing version of OpenLDAP was built against"
+ eerror " sys-libs/db:${OLDVER}, but the new one will build against"
+ eerror " ${NEWVER} and your database would be inaccessible."
+ echo
+ fail=1
+ fi
+ [ "${fail}" == "1" ] && openldap_upgrade_howto
+ fi
+
+ echo
+ einfo
+ einfo "All datadirs are fine, proceeding with merge now..."
+ einfo
+}
+
+openldap_upgrade_howto() {
+ eerror
+ eerror "A (possible old) installation of OpenLDAP was detected,"
+ eerror "installation will not proceed for now."
+ eerror
+ eerror "As major version upgrades can corrupt your database,"
+ eerror "you need to dump your database and re-create it afterwards."
+ eerror
+ eerror "Additionally, rebuilding against different major versions of the"
+ eerror "sys-libs/db libraries will cause your database to be inaccessible."
+ eerror ""
+ d="$(date -u +%s)"
+ l="/root/ldapdump.${d}"
+ i="${l}.raw"
+ eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
+ eerror " 2. slapcat -l ${i}"
+ eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
+ eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
+ eerror " 5. emerge --update \=net-nds/${PF}"
+ eerror " 6. etc-update, and ensure that you apply the changes"
+ eerror " 7. slapadd -l ${l}"
+ eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
+ eerror " 9. /etc/init.d/slapd start"
+ eerror "10. check that your data is intact."
+ eerror "11. set up the new replication system."
+ eerror
+ if [ "${FORCE_UPGRADE}" != "1" ]; then
+ die "You need to upgrade your database first"
+ else
+ eerror "You have the magical FORCE_UPGRADE=1 in place."
+ eerror "Don't say you weren't warned about data loss."
+ fi
+}
+
+pkg_setup() {
+ if ! use sasl && use cxx ; then
+ die "To build the ldapc++ library you must emerge openldap with sasl support"
+ fi
+ # Bug #322787
+ if use minimal && ! has_version "net-nds/openldap" ; then
+ einfo "No datadir scan needed, openldap not installed"
+ elif use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
+ einfo "Skipping scan for previous datadirs as requested by minimal useflag"
+ else
+ openldap_find_versiontags
+ fi
+
+ enewgroup ldap 439
+ enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
+}
+
+src_prepare() {
+ # ensure correct SLAPI path by default
+ sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
+ "${S}"/include/ldap_defaults.h
+
+ epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
+
+ epatch \
+ "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
+ "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
+
+ # bug #116045 - still present in 2.4.28
+ epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
+ # bug #408077 - samba4
+ epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
+
+ # bug #189817
+ epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
+
+ # bug #233633
+ epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
+
+ # bug #281495
+ epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
+
+ # bug #294350
+ epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
+
+ # unbreak /bin/sh -> dash
+ epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
+
+ # bug #420959
+ epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
+
+ # bug #421463
+ #epatch "${FILESDIR}"/${PN}-2.4.33-gnutls.patch # merged upstream
+
+ # unbundle lmdb
+ epatch "${FILESDIR}"/${P}-mdb-unbundle.patch
+ rm -rf "${S}"/libraries/liblmdb
+
+ cd "${S}"/build || die
+ einfo "Making sure upstream build strip does not do stripping too early"
+ sed -i.orig \
+ -e '/^STRIP/s,-s,,g' \
+ top.mk || die "Failed to block stripping"
+
+ # wrong assumption that /bin/sh is /bin/bash
+ sed -i \
+ -e 's|/bin/sh|/bin/bash|g' \
+ "${S}"/tests/scripts/* || die "sed failed"
+
+ cd "${S}" || die
+
+ AT_NOEAUTOMAKE=yes eautoreconf
+}
+
+build_contrib_module() {
+ # <dir> <sources> <outputname>
+ cd "${S}/contrib/slapd-modules/$1" || die
+ einfo "Compiling contrib-module: $3"
+ # Make sure it's uppercase
+ local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -D${define_name}=SLAPD_MOD_DYNAMIC \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include -I../../../servers/slapd ${CFLAGS} \
+ -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
+ einfo "Linking contrib-module: $3"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o $3.la ${2%.c}.lo || die "linking $3 failed"
+}
+
+src_configure() {
+ #Fix for glibc-2.8 and ucred. Bug 228457.
+ append-cppflags -D_GNU_SOURCE
+
+ # Bug 408001
+ use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
+
+ # connectionless ldap per bug #342439
+ append-cppflags -DLDAP_CONNECTIONLESS
+
+ multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+ local myconf=()
+
+ use debug && myconf+=( $(use_enable debug) )
+
+ # ICU usage is not configurable
+ export ac_cv_header_unicode_utypes_h="$(multilib_is_native_abi && use icu && echo yes || echo no)"
+
+ if ! use minimal && multilib_is_native_abi; then
+ local CPPFLAGS=${CPPFLAGS}
+
+ # re-enable serverside overlay chains per bug #296567
+ # see ldap docs chaper 12.3.1 for details
+ myconf+=( --enable-ldap )
+
+ # backends
+ myconf+=( --enable-slapd )
+ if use berkdb ; then
+ einfo "Using Berkeley DB for local backend"
+ myconf+=( --enable-bdb --enable-hdb )
+ DBINCLUDE=$(db_includedir $BDB_SLOTS)
+ einfo "Using $DBINCLUDE for sys-libs/db version"
+ # We need to include the slotted db.h dir for FreeBSD
+ append-cppflags -I${DBINCLUDE}
+ else
+ myconf+=( --disable-bdb --disable-hdb )
+ fi
+ for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
+ myconf+=( --enable-${backend}=mod )
+ done
+
+ myconf+=( $(use_enable perl perl mod) )
+
+ myconf+=( $(use_enable odbc sql mod) )
+ if use odbc ; then
+ local odbc_lib="unixodbc"
+ if use iodbc ; then
+ odbc_lib="iodbc"
+ append-cppflags -I"${EPREFIX}"/usr/include/iodbc
+ fi
+ myconf+=( --with-odbc=${odbc_lib} )
+ fi
+
+ # slapd options
+ myconf+=(
+ $(use_enable crypt)
+ $(use_enable slp)
+ $(use_enable samba lmpasswd)
+ $(use_enable syslog)
+ )
+ if use experimental ; then
+ myconf+=(
+ --enable-dynacl
+ --enable-aci=mod
+ )
+ fi
+ for option in aci cleartext modules rewrite rlookups slapi; do
+ myconf+=( --enable-${option} )
+ done
+
+ # slapd overlay options
+ # Compile-in the syncprov, the others as module
+ myconf+=( --enable-syncprov=yes )
+ use overlays && myconf+=( --enable-overlays=mod )
+
+ else
+ myconf+=(
+ --disable-backends
+ --disable-slapd
+ --disable-bdb
+ --disable-hdb
+ --disable-mdb
+ --disable-overlays
+ --disable-syslog
+ )
+ fi
+
+ # basic functionality stuff
+ myconf+=(
+ $(use_enable ipv6)
+ $(multilib_native_use_with sasl cyrus-sasl)
+ $(multilib_native_use_enable sasl spasswd)
+ $(use_enable tcpd wrappers)
+ )
+
+ local ssl_lib="no"
+ if use ssl || ( ! use minimal && use samba ) ; then
+ ssl_lib="openssl"
+ use gnutls && ssl_lib="gnutls"
+ fi
+
+ myconf+=( --with-tls=${ssl_lib} )
+
+ for basicflag in dynamic local proctitle shared; do
+ myconf+=( --enable-${basicflag} )
+ done
+
+ tc-export AR CC CXX
+ ECONF_SOURCE=${S} \
+ STRIP=/bin/true \
+ econf \
+ --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
+ $(use_enable static-libs static) \
+ "${myconf[@]}"
+ emake depend
+}
+
+src_configure_cxx() {
+ # This needs the libraries built by the first build run.
+ # So we have to run it AFTER the main build, not just after the main
+ # configure.
+ local myconf_ldapcpp=(
+ --with-ldap-includes="${S}"/include
+ )
+
+ mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
+ cd "${BUILD_DIR}/contrib/ldapc++" || die
+
+ local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
+ append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
+ -L"${BUILD_DIR}"/libraries/libldap/.libs
+ append-cppflags -I"${BUILD_DIR}"/include
+ ECONF_SOURCE=${S}/contrib/ldapc++ \
+ econf "${myconf_ldapcpp[@]}" \
+ CC="${CC}" \
+ CXX="${CXX}"
+}
+
+multilib_src_compile() {
+ tc-export AR CC CXX
+ emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
+ local lt="${BUILD_DIR}/libtool"
+ export echo="echo"
+
+ if ! use minimal && multilib_is_native_abi ; then
+ if use cxx ; then
+ einfo "Building contrib library: ldapc++"
+ src_configure_cxx
+ cd "${BUILD_DIR}/contrib/ldapc++" || die
+ emake \
+ CC="${CC}" CXX="${CXX}"
+ fi
+
+ if use smbkrb5passwd ; then
+ einfo "Building contrib-module: smbk5pwd"
+ cd "${S}/contrib/slapd-modules/smbk5pwd" || die
+
+ MY_DEFS="-DDO_SHADOW"
+ if use samba ; then
+ MY_DEFS="${MY_DEFS} -DDO_SAMBA"
+ MY_KRB5_INC=""
+ fi
+ if use kerberos ; then
+ MY_DEFS="${MY_DEFS} -DDO_KRB5"
+ MY_KRB5_INC="$(krb5-config --cflags)"
+ fi
+
+ emake \
+ DEFS="${MY_DEFS}" \
+ KRB5_INC="${MY_KRB5_INC}" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
+ fi
+
+ if use overlays ; then
+ einfo "Building contrib-module: samba4"
+ cd "${S}/contrib/slapd-modules/samba4" || die
+
+ emake \
+ LDAP_BUILD="${BUILD_DIR}" \
+ CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
+ fi
+
+ if use kerberos ; then
+ build_contrib_module "kinit" "kinit.c" "kinit"
+ cd "${S}/contrib/slapd-modules/passwd" || die
+ einfo "Compiling contrib-module: pw-kerberos"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ $(krb5-config --cflags) \
+ -DHAVE_KRB5 \
+ -o kerberos.lo \
+ -c kerberos.c || die "compiling pw-kerberos failed"
+ einfo "Linking contrib-module: pw-kerberos"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o pw-kerberos.la \
+ kerberos.lo || die "linking pw-kerberos failed"
+ fi
+ # We could build pw-radius if GNURadius would install radlib.h
+ cd "${S}/contrib/slapd-modules/passwd" || die
+ einfo "Compiling contrib-module: pw-netscape"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ -o netscape.lo \
+ -c netscape.c || die "compiling pw-netscape failed"
+ einfo "Linking contrib-module: pw-netscape"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o pw-netscape.la \
+ netscape.lo || die "linking pw-netscape failed"
+
+ #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
+ #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
+ build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
+ build_contrib_module "allop" "allop.c" "overlay-allop"
+ build_contrib_module "allowed" "allowed.c" "allowed"
+ build_contrib_module "autogroup" "autogroup.c" "autogroup"
+ build_contrib_module "cloak" "cloak.c" "cloak"
+ # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
+ build_contrib_module "denyop" "denyop.c" "denyop-overlay"
+ build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
+ build_contrib_module "dupent" "dupent.c" "dupent"
+ build_contrib_module "lastbind" "lastbind.c" "lastbind"
+ # lastmod may not play well with other overlays
+ build_contrib_module "lastmod" "lastmod.c" "lastmod"
+ build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
+ build_contrib_module "nops" "nops.c" "nops-overlay"
+ #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
+ build_contrib_module "trace" "trace.c" "trace"
+ # build slapi-plugins
+ cd "${S}/contrib/slapi-plugins/addrdnvalues" || die
+ einfo "Building contrib-module: addrdnvalues plugin"
+ "${CC}" -shared \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ -fPIC \
+ ${LDFLAGS} \
+ -o libaddrdnvalues-plugin.so \
+ addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
+
+ fi
+}
+
+multilib_src_test() {
+ if multilib_is_native_abi; then
+ cd tests || die
+ emake tests || die "make tests failed"
+ fi
+}
+
+multilib_src_install() {
+ local lt="${BUILD_DIR}/libtool"
+ emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
+ use static-libs || prune_libtool_files --all
+
+ if ! use minimal && multilib_is_native_abi; then
+ # openldap modules go here
+ # TODO: write some code to populate slapd.conf with moduleload statements
+ keepdir /usr/$(get_libdir)/openldap/openldap/
+
+ # initial data storage dir
+ keepdir /var/lib/openldap-data
+ use prefix || fowners ldap:ldap /var/lib/openldap-data
+ fperms 0700 /var/lib/openldap-data
+
+ echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+ echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+ echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+
+ # use our config
+ rm "${ED}"etc/openldap/slapd.conf
+ insinto /etc/openldap
+ newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
+ configfile="${ED}"etc/openldap/slapd.conf
+
+ # populate with built backends
+ ebegin "populate config with built backends"
+ for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
+ einfo "Adding $(basename ${x})"
+ sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
+ done
+ sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
+ use prefix || fowners root:ldap /etc/openldap/slapd.conf
+ fperms 0640 /etc/openldap/slapd.conf
+ cp "${configfile}" "${configfile}".default
+ eend
+
+ # install our own init scripts and systemd unit files
+ einfo "Install init scripts"
+ newinitd "${FILESDIR}"/slapd-initd-2.4.40-r2 slapd
+ newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
+ einfo "Install systemd service"
+ systemd_dounit "${FILESDIR}"/slapd.service
+ systemd_install_serviced "${FILESDIR}"/slapd.service.conf
+ systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
+
+ if [[ $(get_libdir) != lib ]]; then
+ sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \
+ "${ED}"/etc/init.d/slapd \
+ "${ED}"/usr/lib/systemd/system/slapd.service || die
+ fi
+ # If built without SLP, we don't need to be before avahi
+ use slp \
+ || sed -i \
+ -e '/before/{s/avahi-daemon//g}' \
+ "${ED}"etc/init.d/slapd
+
+ if use cxx ; then
+ einfo "Install the ldapc++ library"
+ cd "${BUILD_DIR}/contrib/ldapc++" || die
+ emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
+ cd "${S}"/contrib/ldapc++ || die
+ newdoc README ldapc++-README
+ fi
+
+ if use smbkrb5passwd ; then
+ einfo "Install the smbk5pwd module"
+ cd "${S}/contrib/slapd-modules/smbk5pwd" || die
+ emake DESTDIR="${D}" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
+ newdoc README smbk5pwd-README
+ fi
+
+ if use overlays ; then
+ einfo "Install the samba4 module"
+ cd "${S}/contrib/slapd-modules/samba4" || die
+ emake DESTDIR="${D}" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ libexecdir="/usr/$(get_libdir)/openldap" install
+ newdoc README samba4-README
+ fi
+
+ einfo "Installing contrib modules"
+ cd "${S}/contrib/slapd-modules" || die
+ for l in */*.la; do
+ "${lt}" --mode=install cp ${l} \
+ "${ED}"usr/$(get_libdir)/openldap/openldap || \
+ die "installing ${l} failed"
+ done
+
+ dodoc "${FILESDIR}"/DB_CONFIG.fast.example
+ docinto contrib
+ doman */*.5
+ #newdoc acl/README*
+ newdoc addpartial/README addpartial-README
+ newdoc allop/README allop-README
+ newdoc allowed/README allowed-README
+ newdoc autogroup/README autogroup-README
+ newdoc dsaschema/README dsaschema-README
+ newdoc passwd/README passwd-README
+ cd "${S}/contrib/slapi-plugins" || die
+ insinto /usr/$(get_libdir)/openldap/openldap
+ doins */*.so
+ docinto contrib
+ newdoc addrdnvalues/README addrdnvalues-README
+
+ insinto /etc/openldap/schema
+ newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
+
+ docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
+ docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
+ docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
+
+ dosbin "${S}"/contrib/slapd-tools/statslog
+ newdoc "${S}"/contrib/slapd-tools/README README.statslog
+ fi
+}
+
+multilib_src_install_all() {
+ dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
+ docinto rfc ; dodoc doc/rfc/*.txt
+}
+
+pkg_preinst() {
+ # keep old libs if any
+ preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
+ # bug 440470, only display the getting started help there was no openldap before,
+ # or we are going to a non-minimal build
+ ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
+ OPENLDAP_PRINT_MESSAGES=$((! $?))
+}
+
+pkg_postinst() {
+ if ! use minimal ; then
+ # You cannot build SSL certificates during src_install that will make
+ # binary packages containing your SSL key, which is both a security risk
+ # and a misconfiguration if multiple machines use the same key and cert.
+ if use ssl; then
+ install_cert /etc/openldap/ssl/ldap
+ use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "add 'TLS_REQCERT allow' if you want to use them."
+ fi
+
+ if use prefix; then
+ # Warn about prefix issues with slapd
+ eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
+ eerror "to start up, and requires that certain files directories be owned by"
+ eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
+ eerror "directories, you will have to manually fix this yourself."
+ fi
+
+ # These lines force the permissions of various content to be correct
+ use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
+ chmod 0755 "${EROOT}"var/run/openldap
+ use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
+ chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
+ use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
+ fi
+
+ if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
+ elog "Getting started using OpenLDAP? There is some documentation available:"
+ elog "Gentoo Guide to OpenLDAP Authentication"
+ elog "(http://www.gentoo.org/doc/en/ldap-howto.xml)"
+ elog "---"
+ elog "An example file for tuning BDB backends with openldap is"
+ elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
+ fi
+
+ preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
+}
diff --git a/net-nds/openldap/openldap-2.4.40.ebuild b/net-nds/openldap/openldap-2.4.40.ebuild
new file mode 100644
index 000000000000..6b4c2f186cc7
--- /dev/null
+++ b/net-nds/openldap/openldap-2.4.40.ebuild
@@ -0,0 +1,813 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd
+
+BIS_PN=rfc2307bis.schema
+BIS_PV=20140524
+BIS_P="${BIS_PN}-${BIS_PV}"
+
+DESCRIPTION="LDAP suite of application and development tools"
+HOMEPAGE="http://www.OpenLDAP.org/"
+
+# mirrors are mostly not working, using canonical URI
+SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
+ mirror://gentoo/${BIS_P}"
+
+LICENSE="OPENLDAP GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~x86-linux ~x86-solaris"
+
+IUSE_DAEMON="crypt icu samba slp tcpd experimental minimal"
+IUSE_BACKEND="+berkdb"
+IUSE_OVERLAY="overlays perl"
+IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 +syslog selinux static-libs"
+IUSE_CONTRIB="smbkrb5passwd kerberos"
+IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
+IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
+
+REQUIRED_USE="cxx? ( sasl )"
+
+# openssl is needed to generate lanman-passwords required by samba
+CDEPEND="icu? ( dev-libs/icu:= )
+ ssl? ( !gnutls? ( >=dev-libs/openssl-1.0.1h-r2[${MULTILIB_USEDEP}] )
+ gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}] >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) )
+ sasl? ( dev-libs/cyrus-sasl:= )
+ !minimal? (
+ sys-devel/libtool
+ sys-libs/e2fsprogs-libs
+ tcpd? ( sys-apps/tcp-wrappers )
+ odbc? ( !iodbc? ( dev-db/unixODBC )
+ iodbc? ( dev-db/libiodbc ) )
+ slp? ( net-libs/openslp )
+ perl? ( dev-lang/perl[-build(-)] )
+ samba? ( dev-libs/openssl )
+ berkdb? ( sys-libs/db )
+ smbkrb5passwd? (
+ dev-libs/openssl
+ kerberos? ( app-crypt/heimdal )
+ )
+ kerberos? ( virtual/krb5 )
+ cxx? ( dev-libs/cyrus-sasl:= )
+ )
+ abi_x86_32? (
+ !<=app-emulation/emul-linux-x86-baselibs-20140508-r3
+ !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
+ )"
+DEPEND="${CDEPEND}
+ sys-apps/groff"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-ldap )
+"
+# for tracking versions
+OPENLDAP_VERSIONTAG=".version-tag"
+OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
+
+MULTILIB_WRAPPED_HEADERS=(
+ # USE=cxx
+ /usr/include/LDAPAsynConnection.h
+ /usr/include/LDAPAttrType.h
+ /usr/include/LDAPAttribute.h
+ /usr/include/LDAPAttributeList.h
+ /usr/include/LDAPConnection.h
+ /usr/include/LDAPConstraints.h
+ /usr/include/LDAPControl.h
+ /usr/include/LDAPControlSet.h
+ /usr/include/LDAPEntry.h
+ /usr/include/LDAPEntryList.h
+ /usr/include/LDAPException.h
+ /usr/include/LDAPExtResult.h
+ /usr/include/LDAPMessage.h
+ /usr/include/LDAPMessageQueue.h
+ /usr/include/LDAPModList.h
+ /usr/include/LDAPModification.h
+ /usr/include/LDAPObjClass.h
+ /usr/include/LDAPRebind.h
+ /usr/include/LDAPRebindAuth.h
+ /usr/include/LDAPReferenceList.h
+ /usr/include/LDAPResult.h
+ /usr/include/LDAPSaslBindResult.h
+ /usr/include/LDAPSchema.h
+ /usr/include/LDAPSearchReference.h
+ /usr/include/LDAPSearchResult.h
+ /usr/include/LDAPSearchResults.h
+ /usr/include/LDAPUrl.h
+ /usr/include/LDAPUrlList.h
+ /usr/include/LdifReader.h
+ /usr/include/LdifWriter.h
+ /usr/include/SaslInteraction.h
+ /usr/include/SaslInteractionHandler.h
+ /usr/include/StringList.h
+ /usr/include/TlsOptions.h
+
+ # USE=-minimal
+ /usr/include/lmdb.h
+)
+
+openldap_filecount() {
+ local dir="$1"
+ find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
+}
+
+openldap_find_versiontags() {
+ # scan for all datadirs
+ openldap_datadirs=""
+ if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then
+ openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)"
+ fi
+ openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
+
+ einfo
+ einfo "Scanning datadir(s) from slapd.conf and"
+ einfo "the default installdir for Versiontags"
+ einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
+ einfo
+
+ # scan datadirs if we have a version tag
+ openldap_found_tag=0
+ have_files=0
+ for each in ${openldap_datadirs}; do
+ CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
+ CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
+ if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
+ einfo "- Checking ${each}..."
+ if [ -r ${CURRENT_TAG} ] ; then
+ # yey, we have one :)
+ einfo " Found Versiontag in ${each}"
+ source ${CURRENT_TAG}
+ if [ "${OLDPF}" == "" ] ; then
+ eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
+ eerror "Please delete it"
+ eerror
+ die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
+ fi
+
+ OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
+
+ [ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
+
+ # are we on the same branch?
+ if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
+ ewarn " Versiontag doesn't match current major release!"
+ if [[ "${have_files}" == "1" ]] ; then
+ eerror " Versiontag says other major and you (probably) have datafiles!"
+ echo
+ openldap_upgrade_howto
+ else
+ einfo " No real problem, seems there's no database."
+ fi
+ else
+ einfo " Versiontag is fine here :)"
+ fi
+ else
+ einfo " Non-tagged dir ${each}"
+ [ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
+ if [[ "${have_files}" == "1" ]] ; then
+ einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
+ echo
+
+ eerror
+ eerror "Your OpenLDAP Installation has a non tagged datadir that"
+ eerror "possibly contains a database at ${CURRENT_TAGDIR}"
+ eerror
+ eerror "Please export data if any entered and empty or remove"
+ eerror "the directory, installation has been stopped so you"
+ eerror "can take required action"
+ eerror
+ eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
+ eerror
+ openldap_upgrade_howto
+ die "Please move the datadir ${CURRENT_TAGDIR} away"
+ fi
+ fi
+ einfo
+ fi
+ done
+ [ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
+
+ # Now we must check for the major version of sys-libs/db linked against.
+ SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd
+ if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
+ OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
+ | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
+ NEWVER="$(use berkdb && db_findver sys-libs/db)"
+ local fail=0
+ if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
+ :
+ # Nothing wrong here.
+ elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
+ eerror " Your existing version of OpenLDAP was not built against"
+ eerror " any version of sys-libs/db, but the new one will build"
+ eerror " against ${NEWVER} and your database may be inaccessible."
+ echo
+ fail=1
+ elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
+ eerror " Your existing version of OpenLDAP was built against"
+ eerror " sys-libs/db:${OLDVER}, but the new one will not be"
+ eerror " built against any version and your database may be"
+ eerror " inaccessible."
+ echo
+ fail=1
+ elif [ "${OLDVER}" != "${NEWVER}" ]; then
+ eerror " Your existing version of OpenLDAP was built against"
+ eerror " sys-libs/db:${OLDVER}, but the new one will build against"
+ eerror " ${NEWVER} and your database would be inaccessible."
+ echo
+ fail=1
+ fi
+ [ "${fail}" == "1" ] && openldap_upgrade_howto
+ fi
+
+ echo
+ einfo
+ einfo "All datadirs are fine, proceeding with merge now..."
+ einfo
+}
+
+openldap_upgrade_howto() {
+ eerror
+ eerror "A (possible old) installation of OpenLDAP was detected,"
+ eerror "installation will not proceed for now."
+ eerror
+ eerror "As major version upgrades can corrupt your database,"
+ eerror "you need to dump your database and re-create it afterwards."
+ eerror
+ eerror "Additionally, rebuilding against different major versions of the"
+ eerror "sys-libs/db libraries will cause your database to be inaccessible."
+ eerror ""
+ d="$(date -u +%s)"
+ l="/root/ldapdump.${d}"
+ i="${l}.raw"
+ eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
+ eerror " 2. slapcat -l ${i}"
+ eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
+ eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
+ eerror " 5. emerge --update \=net-nds/${PF}"
+ eerror " 6. etc-update, and ensure that you apply the changes"
+ eerror " 7. slapadd -l ${l}"
+ eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
+ eerror " 9. /etc/init.d/slapd start"
+ eerror "10. check that your data is intact."
+ eerror "11. set up the new replication system."
+ eerror
+ if [ "${FORCE_UPGRADE}" != "1" ]; then
+ die "You need to upgrade your database first"
+ else
+ eerror "You have the magical FORCE_UPGRADE=1 in place."
+ eerror "Don't say you weren't warned about data loss."
+ fi
+}
+
+pkg_setup() {
+ if ! use sasl && use cxx ; then
+ die "To build the ldapc++ library you must emerge openldap with sasl support"
+ fi
+ # Bug #322787
+ if use minimal && ! has_version "net-nds/openldap" ; then
+ einfo "No datadir scan needed, openldap not installed"
+ elif use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
+ einfo "Skipping scan for previous datadirs as requested by minimal useflag"
+ else
+ openldap_find_versiontags
+ fi
+
+ enewgroup ldap 439
+ enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
+}
+
+src_prepare() {
+ # ensure correct SLAPI path by default
+ sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
+ "${S}"/include/ldap_defaults.h
+
+ epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
+
+ epatch \
+ "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
+ "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
+
+ # bug #116045 - still present in 2.4.28
+ epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
+ # bug #408077 - samba4
+ epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
+
+ # bug #189817
+ epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
+
+ # bug #233633
+ epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
+
+ # bug #281495
+ epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
+
+ # bug #294350
+ epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
+
+ # unbreak /bin/sh -> dash
+ epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
+
+ # bug #420959
+ epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
+
+ # bug #421463
+ #epatch "${FILESDIR}"/${PN}-2.4.33-gnutls.patch # merged upstream
+
+ sed -i.orig \
+ -e '/IDOCS.*DESTDIR/s,/man/man1,/share/man/man1,g' \
+ -e '/ILIBS.*DESTDIR/s,/lib,/$(LIBDIR),g' \
+ "${S}"/libraries/liblmdb/Makefile \
+ || die "Failed to fix LMDB manpage install location"
+
+ cd "${S}"/build || die
+ einfo "Making sure upstream build strip does not do stripping too early"
+ sed -i.orig \
+ -e '/^STRIP/s,-s,,g' \
+ top.mk || die "Failed to block stripping"
+
+ # wrong assumption that /bin/sh is /bin/bash
+ sed -i \
+ -e 's|/bin/sh|/bin/bash|g' \
+ "${S}"/tests/scripts/* || die "sed failed"
+
+ cd "${S}" || die
+ AT_NOEAUTOMAKE=yes eautoreconf
+}
+
+build_contrib_module() {
+ # <dir> <sources> <outputname>
+ cd "${S}/contrib/slapd-modules/$1" || die
+ einfo "Compiling contrib-module: $3"
+ # Make sure it's uppercase
+ local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -D${define_name}=SLAPD_MOD_DYNAMIC \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include -I../../../servers/slapd ${CFLAGS} \
+ -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
+ einfo "Linking contrib-module: $3"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o $3.la ${2%.c}.lo || die "linking $3 failed"
+}
+
+src_configure() {
+ #Fix for glibc-2.8 and ucred. Bug 228457.
+ append-cppflags -D_GNU_SOURCE
+
+ # Bug 408001
+ use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
+
+ # connectionless ldap per bug #342439
+ append-cppflags -DLDAP_CONNECTIONLESS
+
+ multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+ local myconf=()
+
+ use debug && myconf+=( $(use_enable debug) )
+
+ # ICU usage is not configurable
+ export ac_cv_header_unicode_utypes_h="$(multilib_is_native_abi && use icu && echo yes || echo no)"
+
+ if ! use minimal && multilib_is_native_abi; then
+ local CPPFLAGS=${CPPFLAGS}
+
+ # re-enable serverside overlay chains per bug #296567
+ # see ldap docs chaper 12.3.1 for details
+ myconf+=( --enable-ldap )
+
+ # backends
+ myconf+=( --enable-slapd )
+ if use berkdb ; then
+ einfo "Using Berkeley DB for local backend"
+ myconf+=( --enable-bdb --enable-hdb )
+ # We need to include the slotted db.h dir for FreeBSD
+ append-cppflags -I$(db_includedir)
+ else
+ ewarn
+ ewarn "Note: if you disable berkdb, you can only use remote-backends!"
+ ewarn
+ myconf+=( --disable-bdb --disable-hdb )
+ fi
+ for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
+ myconf+=( --enable-${backend}=mod )
+ done
+
+ myconf+=( $(use_enable perl perl mod) )
+
+ myconf+=( $(use_enable odbc sql mod) )
+ if use odbc ; then
+ local odbc_lib="unixodbc"
+ if use iodbc ; then
+ odbc_lib="iodbc"
+ append-cppflags -I"${EPREFIX}"/usr/include/iodbc
+ fi
+ myconf+=( --with-odbc=${odbc_lib} )
+ fi
+
+ # slapd options
+ myconf+=(
+ $(use_enable crypt)
+ $(use_enable slp)
+ $(use_enable samba lmpasswd)
+ $(use_enable syslog)
+ )
+ if use experimental ; then
+ myconf+=(
+ --enable-dynacl
+ --enable-aci=mod
+ )
+ fi
+ for option in aci cleartext modules rewrite rlookups slapi; do
+ myconf+=( --enable-${option} )
+ done
+
+ # slapd overlay options
+ # Compile-in the syncprov, the others as module
+ myconf+=( --enable-syncprov=yes )
+ use overlays && myconf+=( --enable-overlays=mod )
+
+ else
+ myconf+=(
+ --disable-backends
+ --disable-slapd
+ --disable-bdb
+ --disable-hdb
+ --disable-mdb
+ --disable-overlays
+ --disable-syslog
+ )
+ fi
+
+ # basic functionality stuff
+ myconf+=(
+ $(use_enable ipv6)
+ $(multilib_native_use_with sasl cyrus-sasl)
+ $(multilib_native_use_enable sasl spasswd)
+ $(use_enable tcpd wrappers)
+ )
+
+ local ssl_lib="no"
+ if use ssl || ( ! use minimal && use samba ) ; then
+ ssl_lib="openssl"
+ use gnutls && ssl_lib="gnutls"
+ fi
+
+ myconf+=( --with-tls=${ssl_lib} )
+
+ for basicflag in dynamic local proctitle shared; do
+ myconf+=( --enable-${basicflag} )
+ done
+
+ tc-export AR CC CXX
+ ECONF_SOURCE=${S} \
+ STRIP=/bin/true \
+ econf \
+ --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
+ $(use_enable static-libs static) \
+ "${myconf[@]}"
+ emake depend
+}
+
+src_configure_cxx() {
+ # This needs the libraries built by the first build run.
+ # So we have to run it AFTER the main build, not just after the main
+ # configure.
+ local myconf_ldapcpp=(
+ --with-ldap-includes="${S}"/include
+ )
+
+ mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
+ cd "${BUILD_DIR}/contrib/ldapc++" || die
+
+ local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
+ append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
+ -L"${BUILD_DIR}"/libraries/libldap/.libs
+ append-cppflags -I"${BUILD_DIR}"/include
+ ECONF_SOURCE=${S}/contrib/ldapc++ \
+ econf "${myconf_ldapcpp[@]}" \
+ CC="${CC}" \
+ CXX="${CXX}"
+}
+
+multilib_src_compile() {
+ tc-export AR CC CXX
+ emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
+ local lt="${BUILD_DIR}/libtool"
+ export echo="echo"
+
+ if ! use minimal && multilib_is_native_abi ; then
+ if use cxx ; then
+ einfo "Building contrib library: ldapc++"
+ src_configure_cxx
+ cd "${BUILD_DIR}/contrib/ldapc++" || die
+ emake \
+ CC="${CC}" CXX="${CXX}"
+ fi
+
+ # LMDB tools
+ cp -ral "${S}"/libraries/liblmdb "${BUILD_DIR}"/libraries/liblmdb || die
+ cd "${BUILD_DIR}"/libraries/liblmdb || die
+ emake CC="${CC}" CXX="${CXX}" OPT="${CFLAGS}" prefix="${EPREFIX}/usr" DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash LIBDIR="$(get_libdir)"
+
+ if use smbkrb5passwd ; then
+ einfo "Building contrib-module: smbk5pwd"
+ cd "${S}/contrib/slapd-modules/smbk5pwd" || die
+
+ MY_DEFS="-DDO_SHADOW"
+ if use samba ; then
+ MY_DEFS="${MY_DEFS} -DDO_SAMBA"
+ MY_KRB5_INC=""
+ fi
+ if use kerberos ; then
+ MY_DEFS="${MY_DEFS} -DDO_KRB5"
+ MY_KRB5_INC="$(krb5-config --cflags)"
+ fi
+
+ emake \
+ DEFS="${MY_DEFS}" \
+ KRB5_INC="${MY_KRB5_INC}" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
+ fi
+
+ if use overlays ; then
+ einfo "Building contrib-module: samba4"
+ cd "${S}/contrib/slapd-modules/samba4" || die
+
+ emake \
+ LDAP_BUILD="${BUILD_DIR}" \
+ CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
+ fi
+
+ if use kerberos ; then
+ build_contrib_module "kinit" "kinit.c" "kinit"
+ cd "${S}/contrib/slapd-modules/passwd" || die
+ einfo "Compiling contrib-module: pw-kerberos"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ $(krb5-config --cflags) \
+ -DHAVE_KRB5 \
+ -o kerberos.lo \
+ -c kerberos.c || die "compiling pw-kerberos failed"
+ einfo "Linking contrib-module: pw-kerberos"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o pw-kerberos.la \
+ kerberos.lo || die "linking pw-kerberos failed"
+ fi
+ # We could build pw-radius if GNURadius would install radlib.h
+ cd "${S}/contrib/slapd-modules/passwd" || die
+ einfo "Compiling contrib-module: pw-netscape"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ -o netscape.lo \
+ -c netscape.c || die "compiling pw-netscape failed"
+ einfo "Linking contrib-module: pw-netscape"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o pw-netscape.la \
+ netscape.lo || die "linking pw-netscape failed"
+
+ #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
+ #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
+ build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
+ build_contrib_module "allop" "allop.c" "overlay-allop"
+ build_contrib_module "allowed" "allowed.c" "allowed"
+ build_contrib_module "autogroup" "autogroup.c" "autogroup"
+ build_contrib_module "cloak" "cloak.c" "cloak"
+ # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
+ build_contrib_module "denyop" "denyop.c" "denyop-overlay"
+ build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
+ build_contrib_module "dupent" "dupent.c" "dupent"
+ build_contrib_module "lastbind" "lastbind.c" "lastbind"
+ # lastmod may not play well with other overlays
+ build_contrib_module "lastmod" "lastmod.c" "lastmod"
+ build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
+ build_contrib_module "nops" "nops.c" "nops-overlay"
+ #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
+ build_contrib_module "trace" "trace.c" "trace"
+ # build slapi-plugins
+ cd "${S}/contrib/slapi-plugins/addrdnvalues" || die
+ einfo "Building contrib-module: addrdnvalues plugin"
+ "${CC}" -shared \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ -fPIC \
+ ${LDFLAGS} \
+ -o libaddrdnvalues-plugin.so \
+ addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
+
+ fi
+}
+
+multilib_src_test() {
+ if multilib_is_native_abi; then
+ cd tests || die
+ make tests || die "make tests failed"
+ fi
+}
+
+multilib_src_install() {
+ local lt="${BUILD_DIR}/libtool"
+ emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
+ use static-libs || prune_libtool_files --all
+
+ if ! use minimal && multilib_is_native_abi; then
+ # LMDB tools
+ cd "${BUILD_DIR}"/libraries/liblmdb || die
+ dodir /usr/include /usr/lib /usr/bin /usr/share/man/man1 # otherwise this will make them files :-(
+ emake CC="${CC}" CXX="${CXX}" OPT="${CFLAGS}" prefix="${EPREFIX}/usr" DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash LIBDIR="$(get_libdir)" install
+
+ # openldap modules go here
+ # TODO: write some code to populate slapd.conf with moduleload statements
+ keepdir /usr/$(get_libdir)/openldap/openldap/
+
+ # initial data storage dir
+ keepdir /var/lib/openldap-data
+ use prefix || fowners ldap:ldap /var/lib/openldap-data
+ fperms 0700 /var/lib/openldap-data
+
+ echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+ echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+ echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+
+ # use our config
+ rm "${ED}"etc/openldap/slapd.conf
+ insinto /etc/openldap
+ newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
+ configfile="${ED}"etc/openldap/slapd.conf
+
+ # populate with built backends
+ ebegin "populate config with built backends"
+ for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
+ einfo "Adding $(basename ${x})"
+ sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
+ done
+ sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
+ use prefix || fowners root:ldap /etc/openldap/slapd.conf
+ fperms 0640 /etc/openldap/slapd.conf
+ cp "${configfile}" "${configfile}".default
+ eend
+
+ # install our own init scripts and systemd unit files
+ einfo "Install init scripts"
+ newinitd "${FILESDIR}"/slapd-initd-2.4.40 slapd
+ newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
+ einfo "Install systemd service"
+ systemd_dounit "${FILESDIR}"/slapd.service
+ systemd_install_serviced "${FILESDIR}"/slapd.service.conf
+ systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
+
+ if [[ $(get_libdir) != lib ]]; then
+ sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \
+ "${ED}"/etc/init.d/slapd \
+ "${ED}"/usr/lib/systemd/system/slapd.service || die
+ fi
+ # If built without SLP, we don't need to be before avahi
+ use slp \
+ || sed -i \
+ -e '/before/{s/avahi-daemon//g}' \
+ "${ED}"etc/init.d/slapd
+
+ if use cxx ; then
+ einfo "Install the ldapc++ library"
+ cd "${BUILD_DIR}/contrib/ldapc++" || die
+ emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
+ cd "${S}"/contrib/ldapc++ || die
+ newdoc README ldapc++-README
+ fi
+
+ if use smbkrb5passwd ; then
+ einfo "Install the smbk5pwd module"
+ cd "${S}/contrib/slapd-modules/smbk5pwd" || die
+ emake DESTDIR="${D}" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
+ newdoc README smbk5pwd-README
+ fi
+
+ if use overlays ; then
+ einfo "Install the samba4 module"
+ cd "${S}/contrib/slapd-modules/samba4" || die
+ emake DESTDIR="${D}" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ libexecdir="/usr/$(get_libdir)/openldap" install
+ newdoc README samba4-README
+ fi
+
+ einfo "Installing contrib modules"
+ cd "${S}/contrib/slapd-modules" || die
+ for l in */*.la; do
+ "${lt}" --mode=install cp ${l} \
+ "${ED}"usr/$(get_libdir)/openldap/openldap || \
+ die "installing ${l} failed"
+ done
+
+ dodoc "${FILESDIR}"/DB_CONFIG.fast.example
+ docinto contrib
+ doman */*.5
+ #newdoc acl/README*
+ newdoc addpartial/README addpartial-README
+ newdoc allop/README allop-README
+ newdoc allowed/README allowed-README
+ newdoc autogroup/README autogroup-README
+ newdoc dsaschema/README dsaschema-README
+ newdoc passwd/README passwd-README
+ cd "${S}/contrib/slapi-plugins" || die
+ insinto /usr/$(get_libdir)/openldap/openldap
+ doins */*.so
+ docinto contrib
+ newdoc addrdnvalues/README addrdnvalues-README
+
+ insinto /etc/openldap/schema
+ newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
+
+ docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
+ docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
+ docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
+
+ docinto liblmdb ; dodoc "${S}"/libraries/liblmdb/{sample*txt,CHANGES,COPYRIGHT,LICENSE}
+ doman "${S}"/libraries/liblmdb/*.1
+
+ dosbin "${S}"/contrib/slapd-tools/statslog
+ newdoc "${S}"/contrib/slapd-tools/README README.statslog
+ fi
+}
+
+multilib_src_install_all() {
+ dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
+ docinto rfc ; dodoc doc/rfc/*.txt
+}
+
+pkg_preinst() {
+ # keep old libs if any
+ preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
+ # bug 440470, only display the getting started help there was no openldap before,
+ # or we are going to a non-minimal build
+ ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
+ OPENLDAP_PRINT_MESSAGES=$((! $?))
+}
+
+pkg_postinst() {
+ if ! use minimal ; then
+ # You cannot build SSL certificates during src_install that will make
+ # binary packages containing your SSL key, which is both a security risk
+ # and a misconfiguration if multiple machines use the same key and cert.
+ if use ssl; then
+ install_cert /etc/openldap/ssl/ldap
+ use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "add 'TLS_REQCERT allow' if you want to use them."
+ fi
+
+ if use prefix; then
+ # Warn about prefix issues with slapd
+ eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
+ eerror "to start up, and requires that certain files directories be owned by"
+ eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
+ eerror "directories, you will have to manually fix this yourself."
+ fi
+
+ # These lines force the permissions of various content to be correct
+ use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
+ chmod 0755 "${EROOT}"var/run/openldap
+ use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
+ chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
+ use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
+ fi
+
+ if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
+ elog "Getting started using OpenLDAP? There is some documentation available:"
+ elog "Gentoo Guide to OpenLDAP Authentication"
+ elog "(http://www.gentoo.org/doc/en/ldap-howto.xml)"
+ elog "---"
+ elog "An example file for tuning BDB backends with openldap is"
+ elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
+ fi
+
+ preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
+}
diff --git a/net-nds/phpldapadmin/Manifest b/net-nds/phpldapadmin/Manifest
new file mode 100644
index 000000000000..f64dcf6aec12
--- /dev/null
+++ b/net-nds/phpldapadmin/Manifest
@@ -0,0 +1 @@
+DIST phpldapadmin-1.2.3.tgz 1115707 SHA256 aecaf8c3ce77ba3899dd31ee5ee183555b2f9349eb8e196dcd33d8a3c485ed58 SHA512 58a57ca577586685ebd0d7fde7e299b8945d1693018c7803e19239b79f4b9d72a4d207d53c9f284268e32398108038efafcdb434e634619bfe87db3524d267b6 WHIRLPOOL 2d8cf7dc9e3b509ed6884efa280e554aa34703ca829f377304b99ded20ad144ff445cae3630e83dbfdcccc83799a85a3a2301903a4e298faf0884d3201ca0d21
diff --git a/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-cmd-exploit.patch b/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-cmd-exploit.patch
new file mode 100644
index 000000000000..b5ae92d0425c
--- /dev/null
+++ b/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-cmd-exploit.patch
@@ -0,0 +1,27 @@
+From 64668e882b8866fae0fa1b25375d1a2f3b4672e2 Mon Sep 17 00:00:00 2001
+From: Deon George <wurley@users.sf.net>
+Date: Wed, 27 Jul 2011 07:30:06 +1000
+Subject: [PATCH] Remove XSS vulnerabilty in debug code
+
+---
+ htdocs/cmd.php | 4 ----
+ 1 files changed, 0 insertions(+), 4 deletions(-)
+
+diff --git a/htdocs/cmd.php b/htdocs/cmd.php
+index 34f3848..0ddf004 100644
+--- a/htdocs/cmd.php
++++ b/htdocs/cmd.php
+@@ -19,10 +19,6 @@ $www['meth'] = get_request('meth','REQUEST');
+ ob_start();
+
+ switch ($www['cmd']) {
+- case '_debug':
+- debug_dump($_REQUEST,1);
+- break;
+-
+ default:
+ if (defined('HOOKSDIR') && file_exists(HOOKSDIR.$www['cmd'].'.php'))
+ $app['script_cmd'] = HOOKSDIR.$www['cmd'].'.php';
+--
+1.7.4.1
+
diff --git a/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-functions-exploit.patch b/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-functions-exploit.patch
new file mode 100644
index 000000000000..bc18b452ca02
--- /dev/null
+++ b/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-functions-exploit.patch
@@ -0,0 +1,28 @@
+From 76e6dad13ef77c5448b8dfed1a61e4acc7241165 Mon Sep 17 00:00:00 2001
+From: Deon George <wurley@users.sf.net>
+Date: Thu, 6 Oct 2011 09:03:20 +1100
+Subject: [PATCH] SF Bug #3417184 - PHP Code Injection Vulnerability
+
+---
+ lib/functions.php | 5 +++--
+ 1 files changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/lib/functions.php b/lib/functions.php
+index 19fde99..eb160dc 100644
+--- a/lib/functions.php
++++ b/lib/functions.php
+@@ -1003,8 +1003,9 @@ function masort(&$data,$sortby,$rev=0) {
+ if (defined('DEBUG_ENABLED') && DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS'))
+ debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs);
+
+- # if the array to sort is null or empty
+- if (! $data) return;
++ # if the array to sort is null or empty, or if we have some nasty chars
++ if (! preg_match('/^[a-zA-Z0-9_]+(\([a-zA-Z0-9_,]*\))?$/',$sortby) || ! $data)
++ return;
+
+ static $CACHE = array();
+
+--
+1.7.4.1
+
diff --git a/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-magic-quotes.patch b/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-magic-quotes.patch
new file mode 100644
index 000000000000..3a2f3a48223c
--- /dev/null
+++ b/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-magic-quotes.patch
@@ -0,0 +1,23 @@
+diff -urN phpldapadmin-1.2.1.1/lib/emuhash_functions.php phpldapadmin-1.2.1.1-new/lib/emuhash_functions.php
+--- phpldapadmin-1.2.1.1/lib/emuhash_functions.php 2011-05-11 09:40:18.000000000 +0000
++++ phpldapadmin-1.2.1.1-new/lib/emuhash_functions.php 2011-10-20 15:55:05.597714125 +0000
+@@ -59,8 +59,8 @@
+ global $emuhash_emu;
+
+ if (PHP_VERSION < 6) {
+- $current_magic_quotes = @get_magic_quotes_runtime();
+- @set_magic_quotes_runtime(0);
++ $current_magic_quotes = ini_get('magic_quotes_runtime');
++ ini_set('magic_quotes_runtime', 0);;
+ }
+
+ $tmpfile = tempnam($emuhash_emu['tmpdir'],'emuhash');
+@@ -78,7 +78,7 @@
+ unlink($tmpfile);
+
+ if (PHP_VERSION < 6)
+- @set_magic_quotes_runtime($current_magic_quotes);
++ ini_set('magic_quotes_runtime', $current_magic_quotes);
+
+ return $pass;
+ }
diff --git a/net-nds/phpldapadmin/files/phpldapadmin-1.2.2-base.patch b/net-nds/phpldapadmin/files/phpldapadmin-1.2.2-base.patch
new file mode 100644
index 000000000000..bff3c6268556
--- /dev/null
+++ b/net-nds/phpldapadmin/files/phpldapadmin-1.2.2-base.patch
@@ -0,0 +1,34 @@
+From 7dc8d57d6952fe681cb9e8818df7f103220457bd Mon Sep 17 00:00:00 2001
+From: Deon George <wurley@users.sf.net>
+Date: Tue, 24 Jan 2012 12:37:28 +1100
+Subject: [PATCH] SF Bug #3477910 - XSS vulnerability in query
+
+---
+ lib/QueryRender.php | 4 ++--
+ 1 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/lib/QueryRender.php b/lib/QueryRender.php
+index 291ec40..685f3ba 100644
+--- a/lib/QueryRender.php
++++ b/lib/QueryRender.php
+@@ -497,7 +497,7 @@ class QueryRender extends PageRender {
+ $this->getAjaxRef($base),
+ $this->getAjaxRef($base),
+ ($show == $this->getAjaxRef($base) ? '#F0F0F0' : '#E0E0E0'),
+- $base);
++ htmlspecialchars($base));
+ }
+ echo '</tr>';
+ echo '</table>';
+@@ -545,7 +545,7 @@ class QueryRender extends PageRender {
+ echo ' ]</small>';
+
+ echo '<br />';
+- printf('<small>%s: <b>%s</b></small>',_('Base DN'),$base);
++ printf('<small>%s: <b>%s</b></small>',_('Base DN'),htmlspecialchars($base));
+
+ echo '<br />';
+ printf('<small>%s: <b>%s</b></small>',_('Filter performed'),htmlspecialchars($this->template->resultsdata[$base]['filter']));
+--
+1.7.4.1
+
diff --git a/net-nds/phpldapadmin/files/phpldapadmin-fix-php5.5-support.patch b/net-nds/phpldapadmin/files/phpldapadmin-fix-php5.5-support.patch
new file mode 100644
index 000000000000..df6a7c163758
--- /dev/null
+++ b/net-nds/phpldapadmin/files/phpldapadmin-fix-php5.5-support.patch
@@ -0,0 +1,152 @@
+commit 7e53dab990748c546b79f0610c3a7a58431e9ebc
+Author: Michael Laccetti <michael@laccetti.com>
+Date: Thu Aug 29 09:13:56 2013 -0400
+
+ Fixed two issues to get phpLdapAdmin to work under PHP 5.5.x
+ 1) password_hash is an actual function, so renamed instances to password_hash_custom (HT: https://sourceforge.net/mailarchive/message.php?msg_id=31302386)
+ 2) Fixed the preg_replace to preg_replace_callback to use the /e/ functionality in the officially endorsed fashion
+
+diff --git a/lib/PageRender.php b/lib/PageRender.php
+index 7d86a54..eed5d5f 100644
+--- a/lib/PageRender.php
++++ b/lib/PageRender.php
+@@ -287,7 +287,7 @@ class PageRender extends Visitor {
+ break;
+
+ default:
+- $vals[$i] = password_hash($passwordvalue,$enc);
++ $vals[$i] = password_hash_custom($passwordvalue,$enc);
+ }
+
+ $vals = array_unique($vals);
+@@ -957,7 +957,7 @@ class PageRender extends Visitor {
+ if (trim($val))
+ $enc_type = get_enc_type($val);
+ else
+- $enc_type = $server->getValue('appearance','password_hash');
++ $enc_type = $server->getValue('appearance','password_hash_custom');
+
+ $obfuscate_password = obfuscate_password_display($enc_type);
+
+@@ -982,7 +982,7 @@ class PageRender extends Visitor {
+ if (trim($val))
+ $enc_type = get_enc_type($val);
+ else
+- $enc_type = $server->getValue('appearance','password_hash');
++ $enc_type = $server->getValue('appearance','password_hash_custom');
+
+ echo '<table cellspacing="0" cellpadding="0"><tr><td valign="top">';
+
+diff --git a/lib/ds_ldap.php b/lib/ds_ldap.php
+index c346660..7532539 100644
+--- a/lib/ds_ldap.php
++++ b/lib/ds_ldap.php
+@@ -1116,13 +1116,24 @@ class ldap extends DS {
+
+ if (is_array($dn)) {
+ $a = array();
+- foreach ($dn as $key => $rdn)
+- $a[$key] = preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$rdn);
++ foreach ($dn as $key => $rdn) {
++ $a[$key] = preg_replace_callback('/\\\([0-9A-Fa-f]{2})/',
++ function ($m) {
++ return ''.chr(hexdec('\\1')).'';
++ },
++ $rdn
++ );
++ }
+
+ return $a;
+
+ } else
+- return preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$dn);
++ return preg_replace_callback('/\\\([0-9A-Fa-f]{2})/',
++ function ($m) {
++ return ''.chr(hexdec('\\1')).'';
++ },
++ $dn
++ );
+ }
+
+ public function getRootDSE($method=null) {
+diff --git a/lib/ds_ldap_pla.php b/lib/ds_ldap_pla.php
+index 7ece393..6b0990e 100644
+--- a/lib/ds_ldap_pla.php
++++ b/lib/ds_ldap_pla.php
+@@ -16,7 +16,7 @@ class ldap_pla extends ldap {
+ function __construct($index) {
+ parent::__construct($index);
+
+- $this->default->appearance['password_hash'] = array(
++ $this->default->appearance['password_hash_custom'] = array(
+ 'desc'=>'Default HASH to use for passwords',
+ 'default'=>'md5');
+
+diff --git a/lib/functions.php b/lib/functions.php
+index 56d8bf3..5ac3caf 100644
+--- a/lib/functions.php
++++ b/lib/functions.php
+@@ -2127,7 +2127,7 @@ function password_types() {
+ * crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, sha512, or clear.
+ * @return string The hashed password.
+ */
+-function password_hash($password_clear,$enc_type) {
++function password_hash_custom($password_clear,$enc_type) {
+ if (DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS'))
+ debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs);
+
+@@ -2318,7 +2318,7 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword
+
+ # SHA crypted passwords
+ case 'sha':
+- if (strcasecmp(password_hash($plainpassword,'sha'),'{SHA}'.$cryptedpassword) == 0)
++ if (strcasecmp(password_hash_custom($plainpassword,'sha'),'{SHA}'.$cryptedpassword) == 0)
+ return true;
+ else
+ return false;
+@@ -2327,7 +2327,7 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword
+
+ # MD5 crypted passwords
+ case 'md5':
+- if( strcasecmp(password_hash($plainpassword,'md5'),'{MD5}'.$cryptedpassword) == 0)
++ if( strcasecmp(password_hash_custom($plainpassword,'md5'),'{MD5}'.$cryptedpassword) == 0)
+ return true;
+ else
+ return false;
+@@ -2392,7 +2392,7 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword
+
+ # SHA512 crypted passwords
+ case 'sha512':
+- if (strcasecmp(password_hash($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0)
++ if (strcasecmp(password_hash_custom($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0)
+ return true;
+ else
+ return false;
+@@ -2564,13 +2564,24 @@ function dn_unescape($dn) {
+ if (is_array($dn)) {
+ $a = array();
+
+- foreach ($dn as $key => $rdn)
+- $a[$key] = preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$rdn);
++ foreach ($dn as $key => $rdn) {
++ $a[$key] = preg_replace_callback('/\\\([0-9A-Fa-f]{2})/',
++ function ($m) {
++ return ''.chr(hexdec('\\1')).'';
++ },
++ $rdn
++ );
++ }
+
+ return $a;
+
+ } else {
+- return preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$dn);
++ return preg_replace_callback('/\\\([0-9A-Fa-f]{2})/',
++ function ($m) {
++ return ''.chr(hexdec('\\1')).'';
++ },
++ $dn
++ );
+ }
+ }
+
diff --git a/net-nds/phpldapadmin/files/postinstall2-en.txt b/net-nds/phpldapadmin/files/postinstall2-en.txt
new file mode 100644
index 000000000000..005ead72e8d3
--- /dev/null
+++ b/net-nds/phpldapadmin/files/postinstall2-en.txt
@@ -0,0 +1,4 @@
+phpLDAPadmin is installed. You will need to
+configure it by creating/editing the config file:
+
+${MY_INSTALLDIR}/config/config.php
diff --git a/net-nds/phpldapadmin/metadata.xml b/net-nds/phpldapadmin/metadata.xml
new file mode 100644
index 000000000000..45abd7cf939d
--- /dev/null
+++ b/net-nds/phpldapadmin/metadata.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <herd>web-apps</herd>
+ <maintainer>
+ <email>vostorga@gentoo.org</email>
+ <name>Víctor Ostorga</name>
+ </maintainer>
+ <maintainer>
+ <email>jmbsvicetto@gentoo.org</email>
+ <name>Jorge Manuel B. S. Vicetto</name>
+ </maintainer>
+ <longdescription>
+ phpLDAPadmin is a web-based tool for managing all aspects of your LDAP server.
+</longdescription>
+ <upstream>
+ <remote-id type="sourceforge">phpldapadmin</remote-id>
+ </upstream>
+</pkgmetadata>
diff --git a/net-nds/phpldapadmin/phpldapadmin-1.2.3-r1.ebuild b/net-nds/phpldapadmin/phpldapadmin-1.2.3-r1.ebuild
new file mode 100644
index 000000000000..6ce53f6e34f0
--- /dev/null
+++ b/net-nds/phpldapadmin/phpldapadmin-1.2.3-r1.ebuild
@@ -0,0 +1,49 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit webapp depend.php
+
+DESCRIPTION="phpLDAPadmin is a web-based tool for managing all aspects of your LDAP server"
+HOMEPAGE="http://phpldapadmin.sourceforge.net"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tgz"
+
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~ia64 ~ppc ~sparc ~x86"
+IUSE=""
+
+RDEPEND="dev-lang/php[hash,ldap,session,xml,nls]
+ || ( <dev-lang/php-5.3[pcre] >=dev-lang/php-5.3 )"
+
+need_httpd_cgi
+need_php_httpd
+
+src_prepare() {
+ mv config/config.php.example config/config.php
+ epatch "${FILESDIR}/${PN}-1.2.1.1-fix-magic-quotes.patch"
+ # http://phpldapadmin.git.sourceforge.net/git/gitweb.cgi?p=phpldapadmin/phpldapadmin;a=commit;h=7dc8d57d6952fe681cb9e8818df7f103220457bd
+
+ epatch "${FILESDIR}/${PN}-fix-php5.5-support.patch"
+ # http://sourceforge.net/u/nihilisticz/phpldapadmin/ci/7e53dab990748c546b79f0610c3a7a58431e9ebc/
+ # This patch has been requested to be merged, but there's no recent activity by upstream
+}
+
+src_install() {
+ webapp_src_preinst
+
+ dodoc INSTALL
+
+ # Restrict config file access - bug 280836
+ chown root:apache "config/config.php"
+ chmod 640 "config/config.php"
+
+ insinto "${MY_HTDOCSDIR}"
+ doins -r *
+
+ webapp_configfile "${MY_HTDOCSDIR}/config/config.php"
+ webapp_postinst_txt en "${FILESDIR}"/postinstall2-en.txt
+
+ webapp_src_install
+}
diff --git a/net-nds/phpldapadmin/phpldapadmin-1.2.3.ebuild b/net-nds/phpldapadmin/phpldapadmin-1.2.3.ebuild
new file mode 100644
index 000000000000..15be856e0de1
--- /dev/null
+++ b/net-nds/phpldapadmin/phpldapadmin-1.2.3.ebuild
@@ -0,0 +1,45 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit webapp depend.php
+
+DESCRIPTION="phpLDAPadmin is a web-based tool for managing all aspects of your LDAP server"
+HOMEPAGE="http://phpldapadmin.sourceforge.net"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tgz"
+
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~ia64 ~ppc ~sparc ~x86"
+IUSE=""
+
+RDEPEND="dev-lang/php[hash,ldap,session,xml,nls]
+ || ( <dev-lang/php-5.3[pcre] >=dev-lang/php-5.3 )"
+
+need_httpd_cgi
+need_php_httpd
+
+src_prepare() {
+ mv config/config.php.example config/config.php
+ epatch "${FILESDIR}/${PN}-1.2.1.1-fix-magic-quotes.patch"
+ # http://phpldapadmin.git.sourceforge.net/git/gitweb.cgi?p=phpldapadmin/phpldapadmin;a=commit;h=7dc8d57d6952fe681cb9e8818df7f103220457bd
+}
+
+src_install() {
+ webapp_src_preinst
+
+ dodoc INSTALL
+
+ # Restrict config file access - bug 280836
+ chown root:apache "config/config.php"
+ chmod 640 "config/config.php"
+
+ insinto "${MY_HTDOCSDIR}"
+ doins -r *
+
+ webapp_configfile "${MY_HTDOCSDIR}/config/config.php"
+ webapp_postinst_txt en "${FILESDIR}"/postinstall2-en.txt
+
+ webapp_src_install
+}
diff --git a/net-nds/portmap/Manifest b/net-nds/portmap/Manifest
new file mode 100644
index 000000000000..6e1531fd21f5
--- /dev/null
+++ b/net-nds/portmap/Manifest
@@ -0,0 +1 @@
+DIST portmap-6.0.tgz 22251 SHA256 02c820d39f3e6e729d1bea3287a2d8a6c684f1006fb9612f97dcad4a281d41de SHA512 cbcbcff34d7f8c82b8e89464467c313a170d3d1756ae47faab1e90bc01fac8c3b6ff8bc8c35bfe32d9e584aafa8248eb37841d1a54f70db6b54ab54ad7e23665 WHIRLPOOL c9fa81fb02e26fa677cab06f2eb02e365d7408e337514cac384e65f9774a37cde6fd0ef49335cb9af65f0be70a440d4bf63b650cb50f9d5064a43abffa7d517b
diff --git a/net-nds/portmap/files/portmap-6.0-tcpd.patch b/net-nds/portmap/files/portmap-6.0-tcpd.patch
new file mode 100644
index 000000000000..c6af8f8c80b4
--- /dev/null
+++ b/net-nds/portmap/files/portmap-6.0-tcpd.patch
@@ -0,0 +1,18 @@
+Enable compile without tcp-wrappers
+
+Patch by Timothy Redaelli <drizzt@gentoo.org>
+
+http://bugs.gentoo.org/178242
+
+--- portmap_6.0/pmap_check.c
++++ portmap_6.0/pmap_check.c
+@@ -44,7 +44,9 @@
+ #include <netinet/in.h>
+ #include <rpc/rpcent.h>
+ #endif
++#ifdef HOSTS_ACCESS
+ #include <tcpd.h>
++#endif
+ #include <arpa/inet.h>
+ #include <grp.h>
+
diff --git a/net-nds/portmap/files/portmap.confd b/net-nds/portmap/files/portmap.confd
new file mode 100644
index 000000000000..c2756c992b4a
--- /dev/null
+++ b/net-nds/portmap/files/portmap.confd
@@ -0,0 +1,5 @@
+# /etc/conf.d/portmap: config file for /etc/init.d/portmap
+
+# Options for `portmap`.
+# For a full list, just run `portmap -h`.
+#PORTMAP_OPTS="-l"
diff --git a/net-nds/portmap/files/portmap.rc6 b/net-nds/portmap/files/portmap.rc6
new file mode 100644
index 000000000000..628d82ab4848
--- /dev/null
+++ b/net-nds/portmap/files/portmap.rc6
@@ -0,0 +1,59 @@
+#!/sbin/runscript
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+depend() {
+ use net
+ before inetd
+ before xinetd
+}
+
+checkconfig() {
+ if [ -e /proc/config.gz ] ; then
+ if zcat /proc/config.gz | grep -s SUNRPC_REGISTER_V4=y ; then
+ eerror "portmap does not work with SUNRPC_REGISTER_V4=y;"
+ eerror "disable it or use the net-nds/rpcbind package."
+ return 1
+ fi
+ fi
+ return 0
+}
+
+start() {
+ checkconfig || return 1
+
+ ebegin "Starting portmap"
+ start-stop-daemon --start --quiet --exec /sbin/portmap -- ${PORTMAP_OPTS}
+ local ret=$?
+ eend ${ret}
+ # without, if a service depending on portmap is started too fast,
+ # connecting to portmap will fail -- azarah
+ sleep 1
+ return ${ret}
+}
+
+stop() {
+ ebegin "Stopping portmap"
+ start-stop-daemon --stop --quiet --exec /sbin/portmap
+ eend $?
+}
+
+restart() {
+ # Dump the portmapper's table before stopping
+ ebegin "Saving portmap table"
+ local pmap=$(pmap_dump)
+ eend $?
+
+ # Stop and restart portmapper
+ svc_stop
+ sleep 1
+ svc_start
+
+ # Reload the portmapper's table
+ if [ -n "${pmap}" ] ; then
+ ebegin "Reloading portmap table"
+ echo "${pmap}" | pmap_set
+ eend $?
+ fi
+}
diff --git a/net-nds/portmap/metadata.xml b/net-nds/portmap/metadata.xml
new file mode 100644
index 000000000000..e72c243d236f
--- /dev/null
+++ b/net-nds/portmap/metadata.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>base-system</herd>
+<herd>net-fs</herd>
+</pkgmetadata>
diff --git a/net-nds/portmap/portmap-6.0.ebuild b/net-nds/portmap/portmap-6.0.ebuild
new file mode 100644
index 000000000000..69e62d392ae6
--- /dev/null
+++ b/net-nds/portmap/portmap-6.0.ebuild
@@ -0,0 +1,56 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+inherit eutils toolchain-funcs user
+
+DESCRIPTION="daemon for implementing remote procedure calls between computer programs"
+HOMEPAGE="http://neil.brown.name/portmap/"
+SRC_URI="http://neil.brown.name/portmap/${P}.tgz"
+
+LICENSE="BSD GPL-2" # GPL-2 only for init script
+SLOT="0"
+KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 sh sparc x86"
+IUSE="selinux tcpd"
+
+DEPEND="
+ tcpd? ( >=sys-apps/tcp-wrappers-7.6-r7 )
+"
+
+RDEPEND="
+ selinux? ( sec-policy/selinux-portmap )
+"
+
+S=${WORKDIR}/${PN}_${PV}
+
+pkg_setup() {
+ enewgroup rpc 111
+ enewuser rpc 111 -1 /dev/null rpc
+}
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+ epatch "${FILESDIR}"/${P}-tcpd.patch #178242
+
+ # Once HPPA gets PIE's fixed, this can go away
+ use hppa && sed -e '/LDFLAGS/s/^/#/' -i "${S}/Makefile" #190458
+}
+
+src_compile() {
+ tc-export CC
+ emake NO_TCP_WRAPPER="$(use tcpd || echo NO)" || die
+}
+
+src_install() {
+ into /
+ dosbin portmap || die "portmap"
+ into /usr
+ dosbin pmap_dump pmap_set || die "pmap"
+
+ doman *.8
+ dodoc BLURBv5 CHANGES README*
+
+ newinitd "${FILESDIR}"/portmap.rc6 portmap
+ newconfd "${FILESDIR}"/portmap.confd portmap
+}
diff --git a/net-nds/portmap/portmap-9999.ebuild b/net-nds/portmap/portmap-9999.ebuild
new file mode 100644
index 000000000000..35a4ff588e79
--- /dev/null
+++ b/net-nds/portmap/portmap-9999.ebuild
@@ -0,0 +1,46 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EGIT_REPO_URI="git://neil.brown.name/portmap"
+inherit toolchain-funcs user git-2
+
+DESCRIPTION="Netkit - portmapper"
+HOMEPAGE="ftp://ftp.porcupine.org/pub/security/index.html"
+SRC_URI=""
+
+LICENSE="BSD GPL-2" # GPL-2 only for init script
+SLOT="0"
+KEYWORDS=""
+IUSE="selinux tcpd"
+
+DEPEND="
+ tcpd? ( >=sys-apps/tcp-wrappers-7.6-r7 )
+"
+
+RDEPEND="
+ selinux? ( sec-policy/selinux-portmap )
+"
+
+pkg_setup() {
+ enewgroup rpc 111
+ enewuser rpc 111 -1 /dev/null rpc
+}
+
+src_compile() {
+ tc-export CC
+ emake NO_TCP_WRAPPER="$(use tcpd || echo NO)" || die
+}
+
+src_install() {
+ into /
+ dosbin portmap || die "portmap"
+ into /usr
+ dosbin pmap_dump pmap_set || die "pmap"
+
+ doman *.8
+ dodoc BLURBv5 CHANGES README*
+
+ newinitd "${FILESDIR}"/portmap.rc6 portmap
+ newconfd "${FILESDIR}"/portmap.confd portmap
+}
diff --git a/net-nds/rpcbind/Manifest b/net-nds/rpcbind/Manifest
new file mode 100644
index 000000000000..598b6b82ba5c
--- /dev/null
+++ b/net-nds/rpcbind/Manifest
@@ -0,0 +1,4 @@
+DIST rpcbind-0.2.0.tar.bz2 271018 SHA256 c92f263e0353887f16379d7708ef1fb4c7eedcf20448bc1e4838f59497a00de3 SHA512 99e56c1877521c4df8288e88b88d9bb4d42c4e99d479fe61dc6e3f067f255dfc96ad894b2ddd425703b0d01ff1c9b362991507130dbd745a8088e6a2c7f29605 WHIRLPOOL 07e86090c6cab6761f1aa4f2f4d56cdc8f86475cb1bf8c0d0aa29bff9c9c3343ea289c147c96fce90d00da120521e34a7427b75fab7ecd6412a10af78bb72d0e
+DIST rpcbind-0.2.1.tar.bz2 110681 SHA256 da169ff877a5a07581fad50a9a808ac6e96f0c277a3df49a7ef005778428496e SHA512 5ec1e25c64ad3cd80fc2f14ced64a331afbe896fb3da54c812e3c4a78a69df181f607492762fe852732cc0ac9bd87ee118760b9e7fad2b3f028d581fecc93849 WHIRLPOOL 272996267eacd624493cc656ea02219e0dcf4b0f190c4a06c1fec8ce6fafab057e3d0432017483efd653b82e6d21aaff7179c9dcbeadb7430b955d6306260db8
+DIST rpcbind-0.2.2.tar.bz2 112793 SHA256 13dbc8c796dbe0ce8df873007bea0490c8460b56202d918c9eb6fa0358a08f29 SHA512 adcf5c3e6f6a3d995511ed5016ddc5065f7ca6d355097eb27de58415a705cbc45f96f3d0eb8e7db8a915ad3f25ce893e371c09cc03b24a48787485e5c035c054 WHIRLPOOL 3d2bab280f10d0af76bbf60c492b22e9077ea7c1efdba3df70975ec327da52cf756088e245d226bc521e378143491863d37d083458e0ffcf3df391b615047cf0
+DIST rpcbind-0.2.3.tar.bz2 121306 SHA256 9897823a9d820ea011d9ea02054d5ab99469b9ca5346265fee380713c8fed27b SHA512 b91cb4e0849213d344063ccf32d16c49819906b65e4d07c4aa7d3c8842bd83acb408d07aa285da902c389f3c9716f01678012b93a11863eb174a2577cd6ba1d6 WHIRLPOOL f8ff512974e6092faf786ef2f5fe23f404a48c28017809c22a3705cb3dfd22220dc3b230235de8a7b64bc46b21f38562ba18af23539bfff439f6e39d6d44cfb3
diff --git a/net-nds/rpcbind/files/rpcbind-0.2.0-no-nss.patch b/net-nds/rpcbind/files/rpcbind-0.2.0-no-nss.patch
new file mode 100644
index 000000000000..4e73b88de706
--- /dev/null
+++ b/net-nds/rpcbind/files/rpcbind-0.2.0-no-nss.patch
@@ -0,0 +1,34 @@
+From 112d0028cd2f4e0a3fafc83a4b2f1cb38bdbd6d4 Mon Sep 17 00:00:00 2001
+From: Mike Frysinger <vapier@gentoo.org>
+Date: Mon, 18 Feb 2013 17:00:13 -0500
+Subject: [PATCH] fix building one systems w/out nss.h
+
+The nss.h header is glibc-specific, so use the existing HAVE_NSS_H define
+to avoid including/using it when it is not available.
+
+URL: http://bugs.gentoo.org/458024
+Reported-by: Mark Reiche <porphyr@gmx.de>
+Signed-off-by: Mike Frysinger <vapier@gentoo.org>
+---
+ src/rpcbind.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/rpcbind.c b/src/rpcbind.c
+index 9a0504d..83dbe93 100644
+--- a/src/rpcbind.c
++++ b/src/rpcbind.c
+@@ -67,7 +67,11 @@
+ #include <pwd.h>
+ #include <string.h>
+ #include <errno.h>
++#ifdef HAVE_NSS_H
+ #include <nss.h>
++#else
++static inline void __nss_configure_lookup(const char *db, const char *s) {}
++#endif
+ #include "config.h"
+ #include "rpcbind.h"
+
+--
+1.8.1.2
+
diff --git a/net-nds/rpcbind/files/rpcbind-0.2.0-pkgconfig.patch b/net-nds/rpcbind/files/rpcbind-0.2.0-pkgconfig.patch
new file mode 100644
index 000000000000..e0339af92b7e
--- /dev/null
+++ b/net-nds/rpcbind/files/rpcbind-0.2.0-pkgconfig.patch
@@ -0,0 +1,65 @@
+From afd71b8fc0df036a884b3af14ddb875674a49a85 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Diego=20Elio=20Petten=F2?= <flameeyes@gmail.com>
+Date: Mon, 29 Nov 2010 16:28:38 -0500
+Subject: [PATCH] Use pkg-config to find libtirpc
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This allows to properly cross-compile rpcbind, as /usr/include/tirpc is
+no longer a valid path in that case.
+
+Signed-off-by: Diego Elio Petten <flameeyes@gmail.com>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ configure.in | 4 +++-
+ src/Makefile.am | 13 +++++++------
+ 2 files changed, 10 insertions(+), 7 deletions(-)
+
+diff --git a/configure.in b/configure.in
+index de1c730..7d43fd4 100644
+--- a/configure.in
++++ b/configure.in
+@@ -51,7 +51,9 @@ AC_CHECK_HEADERS([arpa/inet.h fcntl.h netdb.h \
+ unistd.h nss.h])
+
+ AC_CHECK_LIB([pthread], [pthread_create])
+-AC_CHECK_LIB([tirpc], [clnt_create])
++
++PKG_CHECK_MODULES([TIRPC], [libtirpc])
++
+ AC_ARG_ENABLE(libwrap,[ --enable-libwrap Enables host name checking],
+ [case "${enableval}" in
+ yes) libwarp=true
+diff --git a/src/Makefile.am b/src/Makefile.am
+index cc0a85b..a2f3e34 100644
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -1,4 +1,4 @@
+-INCLUDES = -I$(srcdir)/tirpc -DPORTMAP -DINET6 -DVERSION="\"$(VERSION)\"" \
++INCLUDES = $(TIRPC_CFLAGS) -DPORTMAP -DINET6 -DVERSION="\"$(VERSION)\"" \
+ -D_GNU_SOURCE -Wall -pipe
+ if DEBUG
+ INCLUDES += -DRPCBIND_DEBUG -DSVC_RUN_DEBUG -DDEBUG_RMTCALL
+@@ -23,12 +23,13 @@ rpcbind_SOURCES = check_bound.c rpcbind.c \
+ rpcbind.h
+
+ rpcinfo_SOURCES = rpcinfo.c
+-rpcinfo_LDFLAGS = -lpthread -ltirpc
+-rpcinfo_LDADD = $(LIB_TIRPC)
++rpcinfo_LDFLAGS = -lpthread
++rpcinfo_LDADD = $(TIRPC_LIBS)
+
+
+-rpcbind_LDFLAGS = -lpthread -ltirpc
+-rpcbind_LDADD = $(LIB_TIRPC)
+-AM_CPPFLAGS = -I/usr/include/tirpc -DCHECK_LOCAL -DPORTMAP \
++rpcbind_LDFLAGS = -lpthread
++rpcbind_CFLAGS = $(TIRPC_CFLAGS)
++rpcbind_LDADD = $(TIRPC_LIBS)
++AM_CPPFLAGS = -DCHECK_LOCAL -DPORTMAP \
+ -DFACILITY=LOG_MAIL -DSEVERITY=LOG_INFO
+
+--
+1.7.6
+
diff --git a/net-nds/rpcbind/files/rpcbind.confd b/net-nds/rpcbind/files/rpcbind.confd
new file mode 100755
index 000000000000..ddc09172d10d
--- /dev/null
+++ b/net-nds/rpcbind/files/rpcbind.confd
@@ -0,0 +1,4 @@
+# /etc/conf.d/rpcbind
+
+# Options for `rpcbind`.
+#RPCBIND_OPTS="-l"
diff --git a/net-nds/rpcbind/files/rpcbind.initd b/net-nds/rpcbind/files/rpcbind.initd
new file mode 100755
index 000000000000..b00bc197276c
--- /dev/null
+++ b/net-nds/rpcbind/files/rpcbind.initd
@@ -0,0 +1,22 @@
+#!/sbin/runscript
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+depend() {
+ use net
+ before inetd xinetd
+ provide portmap
+}
+
+start() {
+ ebegin "Starting rpcbind"
+ start-stop-daemon --start --quiet --exec /sbin/rpcbind -- ${RPCBIND_OPTS}
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping rpcbind"
+ start-stop-daemon --stop --quiet --exec /sbin/rpcbind
+ eend $?
+}
diff --git a/net-nds/rpcbind/files/rpcbind.service b/net-nds/rpcbind/files/rpcbind.service
new file mode 100644
index 000000000000..305ea9b10b71
--- /dev/null
+++ b/net-nds/rpcbind/files/rpcbind.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=RPC Bind
+After=network.target
+Wants=rpcbind.target
+Before=rpcbind.target
+
+[Service]
+Type=forking
+ExecStart=/sbin/rpcbind
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-nds/rpcbind/metadata.xml b/net-nds/rpcbind/metadata.xml
new file mode 100644
index 000000000000..1fa86f95fe71
--- /dev/null
+++ b/net-nds/rpcbind/metadata.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <herd>net-fs</herd>
+ <use>
+ <flag name="warmstarts">Enables rpcbind to cache configuration for warm restarts</flag>
+ </use>
+ <upstream>
+ <remote-id type="sourceforge">rpcbind</remote-id>
+ </upstream>
+</pkgmetadata>
diff --git a/net-nds/rpcbind/rpcbind-0.2.0-r1.ebuild b/net-nds/rpcbind/rpcbind-0.2.0-r1.ebuild
new file mode 100644
index 000000000000..31a32d5eb45e
--- /dev/null
+++ b/net-nds/rpcbind/rpcbind-0.2.0-r1.ebuild
@@ -0,0 +1,57 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="2"
+
+inherit autotools eutils systemd
+
+if [[ ${PV} == "9999" ]] ; then
+ EGIT_REPO_URI="git://git.infradead.org/~steved/rpcbind.git"
+ inherit autotools eutils git-2
+ SRC_URI=""
+ #KEYWORDS=""
+else
+ SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
+ KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~mips ppc ppc64 s390 sh sparc x86"
+fi
+
+DESCRIPTION="portmap replacement which supports RPC over various protocols"
+HOMEPAGE="http://sourceforge.net/projects/rpcbind/"
+
+LICENSE="BSD"
+SLOT="0"
+IUSE="selinux tcpd"
+
+CDEPEND="net-libs/libtirpc
+ tcpd? ( sys-apps/tcp-wrappers )"
+DEPEND="${CDEPEND}
+ virtual/pkgconfig"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-rpcbind )
+"
+src_prepare() {
+ if [[ ${PV} == "9999" ]] ; then
+ eautoreconf
+ else
+ sed -i 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:' configure.in || die #467018
+ epatch "${FILESDIR}"/${P}-pkgconfig.patch
+ epatch "${FILESDIR}"/${P}-no-nss.patch
+ eautoreconf
+ fi
+}
+
+src_configure() {
+ econf \
+ --bindir=/sbin \
+ $(use_enable tcpd libwrap)
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die
+ doman man/rpc{bind,info}.8
+ dodoc AUTHORS ChangeLog NEWS README
+ newinitd "${FILESDIR}"/rpcbind.initd rpcbind || die
+ newconfd "${FILESDIR}"/rpcbind.confd rpcbind || die
+ systemd_dounit "${FILESDIR}"/rpcbind.service
+}
diff --git a/net-nds/rpcbind/rpcbind-0.2.1-r1.ebuild b/net-nds/rpcbind/rpcbind-0.2.1-r1.ebuild
new file mode 100644
index 000000000000..7cd26dce7ad2
--- /dev/null
+++ b/net-nds/rpcbind/rpcbind-0.2.1-r1.ebuild
@@ -0,0 +1,53 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="4"
+
+inherit eutils systemd
+
+if [[ ${PV} == "9999" ]] ; then
+ EGIT_REPO_URI="git://git.infradead.org/~steved/rpcbind.git"
+ inherit autotools git-r3
+else
+ SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+fi
+
+DESCRIPTION="portmap replacement which supports RPC over various protocols"
+HOMEPAGE="http://sourceforge.net/projects/rpcbind/"
+
+LICENSE="BSD"
+SLOT="0"
+IUSE="debug selinux tcpd warmstarts"
+
+CDEPEND=">=net-libs/libtirpc-0.2.3
+ tcpd? ( sys-apps/tcp-wrappers )"
+DEPEND="${CDEPEND}
+ virtual/pkgconfig"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-rpcbind )
+"
+src_prepare() {
+ [[ ${PV} == "9999" ]] && eautoreconf
+ epatch_user
+}
+
+src_configure() {
+ econf \
+ --bindir="${EPREFIX}"/sbin \
+ --with-statedir="${EPREFIX}"/run/${PN} \
+ --with-rpcuser=root \
+ $(use_enable tcpd libwrap) \
+ $(use_enable debug) \
+ $(use_enable warmstarts)
+}
+
+src_install() {
+ default
+
+ newinitd "${FILESDIR}"/${PN}.initd ${PN}
+ newconfd "${FILESDIR}"/${PN}.confd ${PN}
+
+ systemd_dounit "${FILESDIR}"/${PN}.service
+}
diff --git a/net-nds/rpcbind/rpcbind-0.2.2-r1.ebuild b/net-nds/rpcbind/rpcbind-0.2.2-r1.ebuild
new file mode 100644
index 000000000000..8b55e11f7e68
--- /dev/null
+++ b/net-nds/rpcbind/rpcbind-0.2.2-r1.ebuild
@@ -0,0 +1,55 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit eutils systemd
+
+if [[ ${PV} == "9999" ]] ; then
+ EGIT_REPO_URI="git://git.infradead.org/~steved/rpcbind.git"
+ inherit autotools git-r3
+else
+ SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+fi
+
+DESCRIPTION="portmap replacement which supports RPC over various protocols"
+HOMEPAGE="http://sourceforge.net/projects/rpcbind/"
+
+LICENSE="BSD"
+SLOT="0"
+IUSE="debug selinux systemd tcpd warmstarts"
+
+CDEPEND=">=net-libs/libtirpc-0.2.3
+ systemd? ( sys-apps/systemd:= )
+ tcpd? ( sys-apps/tcp-wrappers )"
+DEPEND="${CDEPEND}
+ virtual/pkgconfig"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-rpcbind )
+"
+src_prepare() {
+ [[ ${PV} == "9999" ]] && eautoreconf
+ epatch_user
+}
+
+src_configure() {
+ econf \
+ --bindir="${EPREFIX}"/sbin \
+ --with-statedir="${EPREFIX}"/run/${PN} \
+ --with-rpcuser=root \
+ --with-systemdsystemunitdir=$(usex systemd "$(systemd_get_unitdir)" "no") \
+ $(use_enable tcpd libwrap) \
+ $(use_enable debug) \
+ $(use_enable warmstarts)
+}
+
+src_install() {
+ default
+
+ newinitd "${FILESDIR}"/${PN}.initd ${PN}
+ newconfd "${FILESDIR}"/${PN}.confd ${PN}
+
+ systemd_dounit "${FILESDIR}"/${PN}.service
+}
diff --git a/net-nds/rpcbind/rpcbind-0.2.3.ebuild b/net-nds/rpcbind/rpcbind-0.2.3.ebuild
new file mode 100644
index 000000000000..4a47c9a195ed
--- /dev/null
+++ b/net-nds/rpcbind/rpcbind-0.2.3.ebuild
@@ -0,0 +1,55 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit eutils systemd
+
+if [[ ${PV} == "9999" ]] ; then
+ EGIT_REPO_URI="git://linux-nfs.org/~steved/rpcbind.git"
+ inherit autotools git-r3
+else
+ SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+fi
+
+DESCRIPTION="portmap replacement which supports RPC over various protocols"
+HOMEPAGE="http://sourceforge.net/projects/rpcbind/"
+
+LICENSE="BSD"
+SLOT="0"
+IUSE="debug selinux systemd tcpd warmstarts"
+
+CDEPEND=">=net-libs/libtirpc-0.2.3
+ systemd? ( sys-apps/systemd:= )
+ tcpd? ( sys-apps/tcp-wrappers )"
+DEPEND="${CDEPEND}
+ virtual/pkgconfig"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-rpcbind )
+"
+src_prepare() {
+ [[ ${PV} == "9999" ]] && eautoreconf
+ epatch_user
+}
+
+src_configure() {
+ econf \
+ --bindir="${EPREFIX}"/sbin \
+ --with-statedir="${EPREFIX}"/run/${PN} \
+ --with-rpcuser=root \
+ --with-systemdsystemunitdir=$(usex systemd "$(systemd_get_unitdir)" "no") \
+ $(use_enable tcpd libwrap) \
+ $(use_enable debug) \
+ $(use_enable warmstarts)
+}
+
+src_install() {
+ default
+
+ newinitd "${FILESDIR}"/${PN}.initd ${PN}
+ newconfd "${FILESDIR}"/${PN}.confd ${PN}
+
+ systemd_dounit "${FILESDIR}"/${PN}.service
+}
diff --git a/net-nds/rpcbind/rpcbind-9999.ebuild b/net-nds/rpcbind/rpcbind-9999.ebuild
new file mode 100644
index 000000000000..4a47c9a195ed
--- /dev/null
+++ b/net-nds/rpcbind/rpcbind-9999.ebuild
@@ -0,0 +1,55 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit eutils systemd
+
+if [[ ${PV} == "9999" ]] ; then
+ EGIT_REPO_URI="git://linux-nfs.org/~steved/rpcbind.git"
+ inherit autotools git-r3
+else
+ SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+fi
+
+DESCRIPTION="portmap replacement which supports RPC over various protocols"
+HOMEPAGE="http://sourceforge.net/projects/rpcbind/"
+
+LICENSE="BSD"
+SLOT="0"
+IUSE="debug selinux systemd tcpd warmstarts"
+
+CDEPEND=">=net-libs/libtirpc-0.2.3
+ systemd? ( sys-apps/systemd:= )
+ tcpd? ( sys-apps/tcp-wrappers )"
+DEPEND="${CDEPEND}
+ virtual/pkgconfig"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-rpcbind )
+"
+src_prepare() {
+ [[ ${PV} == "9999" ]] && eautoreconf
+ epatch_user
+}
+
+src_configure() {
+ econf \
+ --bindir="${EPREFIX}"/sbin \
+ --with-statedir="${EPREFIX}"/run/${PN} \
+ --with-rpcuser=root \
+ --with-systemdsystemunitdir=$(usex systemd "$(systemd_get_unitdir)" "no") \
+ $(use_enable tcpd libwrap) \
+ $(use_enable debug) \
+ $(use_enable warmstarts)
+}
+
+src_install() {
+ default
+
+ newinitd "${FILESDIR}"/${PN}.initd ${PN}
+ newconfd "${FILESDIR}"/${PN}.confd ${PN}
+
+ systemd_dounit "${FILESDIR}"/${PN}.service
+}
diff --git a/net-nds/shelldap/Manifest b/net-nds/shelldap/Manifest
new file mode 100644
index 000000000000..b114ae12d29f
--- /dev/null
+++ b/net-nds/shelldap/Manifest
@@ -0,0 +1,2 @@
+DIST shelldap-1.0.2.tar.bz2 16205 SHA256 c02a22ba980a2f87a2f65caa6bbcb228cb38bf08e9e0d5d309a6b8118ad3cbe0 SHA512 aa199de5251eeeec1b20f77cbda1bc76b3c8203dcb5021250ebccb8d1c8fa9134b076eb38574636789e2828fb582b588f63fe819c05d6e051ae079e9a0a99acd WHIRLPOOL c0b615d06b84eeaa7b08242efe332afddbb174cfa8fa6cbd357ee0285c998a8960c1721aeb03098dcb5ae146ea814888aa16157097f639a96cfa34a37dbb8003
+DIST shelldap-1.3.0.tar.bz2 17624 SHA256 168d5902e5d3a4e843242c2de98c98edaa8755941a70a55410f416e0f6a1da46 SHA512 d20714d2c41206a8921eea5937e03432b1cc9cf5224f9cfd62dfc048ab987c6753e92d828f25687ee0d69737729e4df9d77580fd832edd93191753dff6c12ead WHIRLPOOL 7b2f592f1a1b222463a7acd9e2d8ef447f3c937d0b7fce97f5ce7a786bbf2d166dbdeb10b86a74504c320e00fda9eb3a8e09b8d789d2f80ad91cc5e27a9513de
diff --git a/net-nds/shelldap/metadata.xml b/net-nds/shelldap/metadata.xml
new file mode 100644
index 000000000000..bfad85b9c783
--- /dev/null
+++ b/net-nds/shelldap/metadata.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <herd>proxy-maintainers</herd>
+ <maintainer>
+ <email>azamat.hackimov@gmail.com</email>
+ <name>Azamat Hackimov</name>
+ <description>Maintainer. Assign bugs to him</description>
+ </maintainer>
+ <maintainer>
+ <email>pinkbyte@gentoo.org</email>
+ <name>Sergey Popov</name>
+ <description>Proxy maintainer. CC him on bugs</description>
+ </maintainer>
+ <longdescription lang="en">
+ A handy shell-like interface for browsing LDAP servers and editing their
+ content. It keeps command history, has sane autocompletes, credential caching,
+ site-wide and individual configs, and it's fun to say.
+ </longdescription>
+</pkgmetadata>
+
diff --git a/net-nds/shelldap/shelldap-1.0.2.ebuild b/net-nds/shelldap/shelldap-1.0.2.ebuild
new file mode 100644
index 000000000000..ab8b1b0302fb
--- /dev/null
+++ b/net-nds/shelldap/shelldap-1.0.2.ebuild
@@ -0,0 +1,31 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+DESCRIPTION="A handy shell-like interface for browsing LDAP servers and editing their content"
+HOMEPAGE="http://projects.martini.nu/shelldap/"
+SRC_URI="http://code.martini.nu/shelldap/archive/${PV}.tar.bz2 -> ${P}.tar.bz2"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+
+DEPEND=""
+RDEPEND="dev-perl/Algorithm-Diff
+ dev-perl/perl-ldap
+ dev-perl/TermReadKey
+ dev-perl/Term-ReadLine-Gnu
+ dev-perl/Term-Shell
+ dev-perl/YAML-Syck
+ virtual/perl-Digest-MD5"
+
+src_compile() {
+ pod2man --name "${PN}" < "${PN}" > "${PN}.1" || die 'creating manpage failed'
+}
+
+src_install() {
+ doman "${PN}.1"
+ dobin "${PN}"
+}
diff --git a/net-nds/shelldap/shelldap-1.3.0.ebuild b/net-nds/shelldap/shelldap-1.3.0.ebuild
new file mode 100644
index 000000000000..2ccbbf955b9f
--- /dev/null
+++ b/net-nds/shelldap/shelldap-1.3.0.ebuild
@@ -0,0 +1,41 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit eutils perl-app
+
+DESCRIPTION="A handy shell-like interface for browsing LDAP servers and editing their content"
+HOMEPAGE="http://projects.martini.nu/shelldap/"
+SRC_URI="http://code.martini.nu/shelldap/archive/v${PV}.tar.bz2 -> ${P}.tar.bz2"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+
+DEPEND=""
+RDEPEND="dev-perl/Algorithm-Diff
+ dev-perl/perl-ldap
+ dev-perl/TermReadKey
+ dev-perl/Term-ReadLine-Gnu
+ dev-perl/Term-Shell
+ dev-perl/YAML-Syck
+ virtual/perl-Digest-MD5"
+
+S="${WORKDIR}/${PN}-v${PV}"
+
+src_prepare() {
+ epatch_user
+}
+
+src_configure() { :; }
+
+src_compile() {
+ pod2man --name "${PN}" < "${PN}" > "${PN}.1" || die 'creating manpage failed'
+}
+
+src_install() {
+ doman "${PN}.1"
+ dobin "${PN}"
+}
diff --git a/net-nds/smbldap-tools/Manifest b/net-nds/smbldap-tools/Manifest
new file mode 100644
index 000000000000..63c07737d289
--- /dev/null
+++ b/net-nds/smbldap-tools/Manifest
@@ -0,0 +1,3 @@
+DIST smbldap-tools-0.9.10.tar.gz 336840 SHA256 c4efc62b86f4ef8f160852d779a711bf24f69069b3610f6d9a3718eda8de1aa6 SHA512 e1aef98d91ec722427b27f3aed25d8ef4cd4a6c845f98935e2f99075dea93275fc0335760d517398be8ca7898084bfee457ada0a718b66226e6ce3f38fdf2b2e WHIRLPOOL ef07eb53137a58a5483c6dcced769790b10b6d3fda8e45c263632ea4cea30825745f2040ad92fdaca823758f3f94debb1d7094e62d132594effaa3c5d7d7ba45
+DIST smbldap-tools-0.9.8.tar.gz 335484 SHA256 9860cc5f01ba96e66d6d51763ba7894a07d280a38e76247a812b153d2a9caa26
+DIST smbldap-tools-0.9.9.tar.gz 336212 SHA256 0c8599a851017e19733cd674a2188bfca5f2a4285cfd8ed5b04d8c682e3196b7 SHA512 c51eb2c03dc45aaadb4c3467c07ecab080891223e6e0bd5fff5c1b8ea6ca3d2839163b2014764c280e37df30b029417ecea8d93b3b6a5459f6fa068eea5d71a9 WHIRLPOOL 6a8c26fb4440d58b9099ecd9b3378976bdcd7399fb9f1797a9e38e67835e7295840bb9678960da21abfc121ef8261dd55e121e4cba585b6edba77cdef53f04a8
diff --git a/net-nds/smbldap-tools/files/smbldap-tools-0.9.10-smbldap-config-pod.patch b/net-nds/smbldap-tools/files/smbldap-tools-0.9.10-smbldap-config-pod.patch
new file mode 100644
index 000000000000..127bc353f47d
--- /dev/null
+++ b/net-nds/smbldap-tools/files/smbldap-tools-0.9.10-smbldap-config-pod.patch
@@ -0,0 +1,37 @@
+From 4e3337697aa91f41ca970927233f96dbfa0b2d5d Mon Sep 17 00:00:00 2001
+From: Paul Howarth <paul@city-fan.org>
+Date: Mon, 3 Aug 2015 19:18:18 +0200
+Subject: [PATCH] Support podlators >=2.5.0
+
+http://gna.org/support/?3013
+---
+ smbldap-config.pl | 16 ++++++++++++++++
+ 1 file changed, 16 insertions(+)
+
+diff --git a/smbldap-config.pl b/smbldap-config.pl
+index ecd9369..5660170 100644
+--- a/smbldap-config.pl
++++ b/smbldap-config.pl
+@@ -557,3 +557,19 @@ print " $smbldap_bind_conf done.\n";
+ $mode=0600;
+ chmod $mode,"$smbldap_bind_conf","$smbldap_bind_conf.old";
+
++__END__
++
++=head1 NAME
++
++smbldap-config - Configure the smbldap-tools
++
++=head1 SYNOPSIS
++
++smbldap-config
++
++=head1 DESCRIPTION
++
++An interactive script to configure the smbldap-tools to work with your
++existing LDAP server(s). Before running it, you should ensure that your
++samba controller is up and running, and that the domain SID is defined
++(you can check it by running 'net getlocalsid').
+--
+2.4.6
+
diff --git a/net-nds/smbldap-tools/metadata.xml b/net-nds/smbldap-tools/metadata.xml
new file mode 100644
index 000000000000..2ed0a54726f0
--- /dev/null
+++ b/net-nds/smbldap-tools/metadata.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>samba</herd>
+<longdescription>
+smbldap-tools is a Idealx contribution to samba database management through ldap
+backend.
+</longdescription>
+</pkgmetadata>
diff --git a/net-nds/smbldap-tools/smbldap-tools-0.9.10-r1.ebuild b/net-nds/smbldap-tools/smbldap-tools-0.9.10-r1.ebuild
new file mode 100644
index 000000000000..5f8acb05be96
--- /dev/null
+++ b/net-nds/smbldap-tools/smbldap-tools-0.9.10-r1.ebuild
@@ -0,0 +1,57 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=4
+
+inherit eutils
+
+DESCRIPTION="Samba LDAP management tools"
+HOMEPAGE="https://gna.org/projects/smbldap-tools/"
+SRC_URI="http://download.gna.org/smbldap-tools/sources/${PV}/${P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86"
+IUSE=""
+
+RDEPEND="
+ dev-perl/perl-ldap
+ dev-perl/Crypt-SmbHash
+ dev-perl/Digest-SHA1
+ dev-perl/Unicode-MapUTF8
+ dev-perl/IO-Socket-SSL
+ net-nds/openldap
+ net-fs/samba
+"
+DEPEND="${RDEPEND}"
+
+src_prepare() {
+ epatch "${FILESDIR}"/${P}-smbldap-config-pod.patch
+}
+
+src_install() {
+ default
+
+ newsbin smbldap-config.cmd smbldap-config
+ dosym smbldap-passwd /usr/sbin/smbldap-passwd.cmd
+
+ dodoc CONTRIBUTORS ChangeLog FILES INFRA INSTALL README TODO doc/*conf* doc/smbldap-tools*
+ dodoc -r doc/migration_scripts
+
+ sed -i 's/.CMD//g' smbldap-[gpu]*.8 || die
+ doman smbldap-[gpu]*.8
+
+ insinto /etc/smbldap-tools
+ doins smbldap.conf smbldap_bind.conf
+
+ elog "Remember to read INSTALL when updating."
+}
+
+pkg_postinst() {
+ elog "- A good howto is found on http://download.gna.org/smbldap-tools/docs/samba-ldap-howto/"
+ elog " and http://download.gna.org/smbldap-tools/docs/smbldap-tools/"
+ elog "- The configure script is installed as smbldap-configure.pl. Please run it to configure the tools."
+ elog "- Examples configuration files for Samba and slapd have been copied to ${EPREFIX}/usr/share/doc/${PF},"
+ elog " together with the migration-scripts."
+ elog "- Also remember to read INSTALL when updating."
+}
diff --git a/net-nds/smbldap-tools/smbldap-tools-0.9.10.ebuild b/net-nds/smbldap-tools/smbldap-tools-0.9.10.ebuild
new file mode 100644
index 000000000000..db99fbc63a64
--- /dev/null
+++ b/net-nds/smbldap-tools/smbldap-tools-0.9.10.ebuild
@@ -0,0 +1,53 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=4
+
+inherit eutils
+
+DESCRIPTION="Samba LDAP management tools"
+HOMEPAGE="https://gna.org/projects/smbldap-tools/"
+SRC_URI="http://download.gna.org/smbldap-tools/sources/${PV}/${P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86"
+IUSE=""
+
+RDEPEND="
+ dev-perl/perl-ldap
+ dev-perl/Crypt-SmbHash
+ dev-perl/Digest-SHA1
+ dev-perl/Unicode-MapUTF8
+ dev-perl/IO-Socket-SSL
+ net-nds/openldap
+ net-fs/samba
+"
+DEPEND="${RDEPEND}"
+
+src_install() {
+ default
+
+ newsbin smbldap-config.cmd smbldap-config
+ dosym smbldap-passwd /usr/sbin/smbldap-passwd.cmd
+
+ dodoc CONTRIBUTORS ChangeLog FILES INFRA INSTALL README TODO doc/*conf* doc/smbldap-tools*
+ dodoc -r doc/migration_scripts
+
+ sed -i 's/.CMD//g' smbldap-[gpu]*.8 || die
+ doman smbldap-[gpu]*.8
+
+ insinto /etc/smbldap-tools
+ doins smbldap.conf smbldap_bind.conf
+
+ elog "Remember to read INSTALL when updating."
+}
+
+pkg_postinst() {
+ elog "- A good howto is found on http://download.gna.org/smbldap-tools/docs/samba-ldap-howto/"
+ elog " and http://download.gna.org/smbldap-tools/docs/smbldap-tools/"
+ elog "- The configure script is installed as smbldap-configure.pl. Please run it to configure the tools."
+ elog "- Examples configuration files for Samba and slapd have been copied to ${EPREFIX}/usr/share/doc/${PF},"
+ elog " together with the migration-scripts."
+ elog "- Also remember to read INSTALL when updating."
+}
diff --git a/net-nds/smbldap-tools/smbldap-tools-0.9.8.ebuild b/net-nds/smbldap-tools/smbldap-tools-0.9.8.ebuild
new file mode 100644
index 000000000000..3908e94653a4
--- /dev/null
+++ b/net-nds/smbldap-tools/smbldap-tools-0.9.8.ebuild
@@ -0,0 +1,53 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=4
+
+inherit eutils
+
+DESCRIPTION="Samba LDAP management tools"
+HOMEPAGE="https://gna.org/projects/smbldap-tools/"
+SRC_URI="http://download.gna.org/smbldap-tools/sources/${PV}/${P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="alpha amd64 arm ~hppa ia64 ~mips ppc ppc64 s390 sparc x86"
+IUSE=""
+
+RDEPEND="
+ dev-perl/perl-ldap
+ dev-perl/Crypt-SmbHash
+ dev-perl/Digest-SHA1
+ dev-perl/Unicode-MapUTF8
+ dev-perl/IO-Socket-SSL
+ net-nds/openldap
+ net-fs/samba
+"
+DEPEND="${RDEPEND}"
+
+src_install() {
+ default
+
+ newsbin smbldap-config.cmd smbldap-config
+ dosym smbldap-passwd /usr/sbin/smbldap-passwd.cmd
+
+ dodoc CONTRIBUTORS ChangeLog FILES INFRA INSTALL README TODO doc/*conf* doc/smbldap-tools*
+ dodoc -r doc/migration_scripts
+
+ sed -i 's/.CMD//g' smbldap-[gpu]*.8 || die
+ doman smbldap-[gpu]*.8
+
+ insinto /etc/smbldap-tools
+ doins smbldap.conf smbldap_bind.conf
+
+ elog "Remember to read INSTALL when updating."
+}
+
+pkg_postinst() {
+ elog "- A good howto is found on http://download.gna.org/smbldap-tools/docs/samba-ldap-howto/"
+ elog " and http://download.gna.org/smbldap-tools/docs/smbldap-tools/"
+ elog "- The configure script is installed as smbldap-configure.pl. Please run it to configure the tools."
+ elog "- Examples configuration files for Samba and slapd have been copied to ${EPREFIX}/usr/share/doc/${PF},"
+ elog " together with the migration-scripts."
+ elog "- Also remember to read INSTALL when updating."
+}
diff --git a/net-nds/smbldap-tools/smbldap-tools-0.9.9.ebuild b/net-nds/smbldap-tools/smbldap-tools-0.9.9.ebuild
new file mode 100644
index 000000000000..1aca621efb96
--- /dev/null
+++ b/net-nds/smbldap-tools/smbldap-tools-0.9.9.ebuild
@@ -0,0 +1,53 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=4
+
+inherit eutils
+
+DESCRIPTION="Samba LDAP management tools"
+HOMEPAGE="https://gna.org/projects/smbldap-tools/"
+SRC_URI="http://download.gna.org/smbldap-tools/sources/${PV}/${P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86"
+IUSE=""
+
+RDEPEND="
+ dev-perl/perl-ldap
+ dev-perl/Crypt-SmbHash
+ dev-perl/Digest-SHA1
+ dev-perl/Unicode-MapUTF8
+ dev-perl/IO-Socket-SSL
+ net-nds/openldap
+ net-fs/samba
+"
+DEPEND="${RDEPEND}"
+
+src_install() {
+ default
+
+ newsbin smbldap-config.cmd smbldap-config
+ dosym smbldap-passwd /usr/sbin/smbldap-passwd.cmd
+
+ dodoc CONTRIBUTORS ChangeLog FILES INFRA INSTALL README TODO doc/*conf* doc/smbldap-tools*
+ dodoc -r doc/migration_scripts
+
+ sed -i 's/.CMD//g' smbldap-[gpu]*.8 || die
+ doman smbldap-[gpu]*.8
+
+ insinto /etc/smbldap-tools
+ doins smbldap.conf smbldap_bind.conf
+
+ elog "Remember to read INSTALL when updating."
+}
+
+pkg_postinst() {
+ elog "- A good howto is found on http://download.gna.org/smbldap-tools/docs/samba-ldap-howto/"
+ elog " and http://download.gna.org/smbldap-tools/docs/smbldap-tools/"
+ elog "- The configure script is installed as smbldap-configure.pl. Please run it to configure the tools."
+ elog "- Examples configuration files for Samba and slapd have been copied to ${EPREFIX}/usr/share/doc/${PF},"
+ elog " together with the migration-scripts."
+ elog "- Also remember to read INSTALL when updating."
+}
diff --git a/net-nds/tac_plus/Manifest b/net-nds/tac_plus/Manifest
new file mode 100644
index 000000000000..376bb7ce9211
--- /dev/null
+++ b/net-nds/tac_plus/Manifest
@@ -0,0 +1,2 @@
+DIST tacacs+-F4.0.4.19.tar.gz 500593 SHA256 582dcdb5723c844e50036b1ed9eaee53239e7791d0ac5e5c22fba8ac4790596b SHA512 8482b81514ba91397f613a0593be8bd3ca66d6f4d79ed67a881aa01b3da44cdcfedae59bda6fae9e99a4c006fe54cd8a6ebfd6bc37e998f6b0ae19bd0831c0da WHIRLPOOL 6b46091377de5a8c0c0df44c6403f73a8274c4e852642b2882907abf3dd0d1e644b6ba8009520c2cef1941aabbc2b23d64f7ce493af7afe7f08ad524b0f5b507
+DIST tacacs+-F4.0.4.27a.tar.gz 504395 SHA256 512e1c30389b102d4af25d7e9bc3bdcd9d39d70e5e7d8a98c8f785733df8d9a1 SHA512 2251a21f609d516b3ebc7d3d2d7d030ea1bb491e0fe5e08e7639d2d9bdb0ef9a1ab4d17f340e50e83771dc9a512c5dacc99716fd882ba3f6db2fafb0915e86bd WHIRLPOOL 482baab1e27ca040d9d417d660542ff89d3dcaa18a65822fccba790475687aee3e541f9aa7a8aefd916cb4ab086485021ef89afba556ff10da52e6286ebfac07
diff --git a/net-nds/tac_plus/files/tac_plus-4.0.4.19-deansification.patch b/net-nds/tac_plus/files/tac_plus-4.0.4.19-deansification.patch
new file mode 100644
index 000000000000..4dbc33707263
--- /dev/null
+++ b/net-nds/tac_plus/files/tac_plus-4.0.4.19-deansification.patch
@@ -0,0 +1,11 @@
+diff -uNr tacacs+-F4.0.4.19.ORIG/configure.in tacacs+-F4.0.4.19/configure.in
+--- tacacs+-F4.0.4.19.ORIG/configure.in 2013-02-28 21:26:31.724310410 +0000
++++ tacacs+-F4.0.4.19/configure.in 2013-02-28 21:26:41.936309960 +0000
+@@ -126,7 +126,6 @@
+
+ # compiler specifics
+ AC_PROG_CC
+-AM_C_PROTOTYPES
+ AC_PROG_CPP
+ AC_C_CONST
+ AC_C_INLINE
diff --git a/net-nds/tac_plus/files/tac_plus-4.0.4.19-parallelmake.patch b/net-nds/tac_plus/files/tac_plus-4.0.4.19-parallelmake.patch
new file mode 100644
index 000000000000..556f75806fbd
--- /dev/null
+++ b/net-nds/tac_plus/files/tac_plus-4.0.4.19-parallelmake.patch
@@ -0,0 +1,13 @@
+Index: tacacs+-F4.0.4.19/Makefile.am
+===================================================================
+--- tacacs+-F4.0.4.19.orig/Makefile.am
++++ tacacs+-F4.0.4.19/Makefile.am
+@@ -16,7 +16,7 @@ if TACSKEY
+ tac_plus_SOURCES += skey_fn.c
+ endif
+ tac_plus_LDFLAGS = -L$(top_srcdir)
+-tac_plus_LDADD = $(WRAPLIBS) -ltacacs
++tac_plus_LDADD = $(WRAPLIBS) libtacacs.la
+
+ lib_LTLIBRARIES = libtacacs.la
+ libtacacs_la_SOURCES = md4.c md5.c packet.c
diff --git a/net-nds/tac_plus/files/tac_plus-4.0.4.27a-deansification.patch b/net-nds/tac_plus/files/tac_plus-4.0.4.27a-deansification.patch
new file mode 100644
index 000000000000..ee1bcb231838
--- /dev/null
+++ b/net-nds/tac_plus/files/tac_plus-4.0.4.27a-deansification.patch
@@ -0,0 +1,11 @@
+diff -uNr tacacs+-F4.0.4.27a.ORIG/configure.in tacacs+-F4.0.4.27a/configure.in
+--- tacacs+-F4.0.4.27a.ORIG/configure.in 2015-03-25 11:13:06.976024203 +0000
++++ tacacs+-F4.0.4.27a/configure.in 2015-03-25 11:13:36.816025689 +0000
+@@ -126,7 +126,6 @@
+
+ # compiler specifics
+ AC_PROG_CC
+-AM_C_PROTOTYPES
+ AC_PROG_CPP
+ AC_C_CONST
+ AC_C_INLINE
diff --git a/net-nds/tac_plus/files/tac_plus-4.0.4.27a-parallelmake.patch b/net-nds/tac_plus/files/tac_plus-4.0.4.27a-parallelmake.patch
new file mode 100644
index 000000000000..c75a05b0cd12
--- /dev/null
+++ b/net-nds/tac_plus/files/tac_plus-4.0.4.27a-parallelmake.patch
@@ -0,0 +1,12 @@
+diff -uNr tacacs+-F4.0.4.27a.ORIG/Makefile.am tacacs+-F4.0.4.27a/Makefile.am
+--- tacacs+-F4.0.4.27a.ORIG/Makefile.am 2015-03-25 11:10:26.821016226 +0000
++++ tacacs+-F4.0.4.27a/Makefile.am 2015-03-25 11:11:04.954018126 +0000
+@@ -19,7 +19,7 @@
+ tac_plus_SOURCES += aceclnt_fn.c
+ endif
+ tac_plus_LDFLAGS = -L$(top_srcdir)
+-tac_plus_LDADD = $(WRAPLIBS) -ltacacs
++tac_plus_LDADD = $(WRAPLIBS) libtacacs.la
+
+ lib_LTLIBRARIES = libtacacs.la
+ libtacacs_la_SOURCES = fdes.c maxsess.c md4.c md5.c packet.c
diff --git a/net-nds/tac_plus/files/tac_plus.conf b/net-nds/tac_plus/files/tac_plus.conf
new file mode 100644
index 000000000000..83403e0bc1cc
--- /dev/null
+++ b/net-nds/tac_plus/files/tac_plus.conf
@@ -0,0 +1,12 @@
+# You must configure tac_plus before use. At a minimum, you need a server
+# key and a user block, such as below.
+#
+# Please see tac_plus.conf(5) for more information.
+
+#key = kEy4U
+
+#user = youruser {
+# login = des ndkKAzNoc37VA
+# enable = des ndkKAzNoc37VA
+#}
+
diff --git a/net-nds/tac_plus/files/tac_plus.conf2 b/net-nds/tac_plus/files/tac_plus.conf2
new file mode 100644
index 000000000000..617e34420281
--- /dev/null
+++ b/net-nds/tac_plus/files/tac_plus.conf2
@@ -0,0 +1,41 @@
+# You must configure tac_plus before use. At a minimum, you need a server
+# key and a user block, such as below.
+#
+# Please see tac_plus.conf(5) for more information.
+
+#key = kEy4U
+
+#user = youruser {
+# login = des ndkKAzNoc37VA
+# enable = des ndkKAzNoc37VA
+#}
+
+#user = youruser {
+# default service = permit
+# login = PAM
+# member = yourgroup
+#}
+
+# Cisco admins
+#group = ciscoadmins {
+# default service = permit
+# service = exec {
+# priv-lvl = 15
+# }
+#}
+
+
+# Cisco admins using an acl to allow specific devices
+#group = ciscoadmins {
+# default service = permit
+# acl = ciscodevices
+# service = exec {
+# priv-lvl = 15
+# }
+#}
+
+# Allows devices with specified IP address to talk to this TACACS+ server
+#acl = ciscodevices {
+# permit = 1.2.3.4$
+# deny = .*
+#}
diff --git a/net-nds/tac_plus/files/tac_plus.confd b/net-nds/tac_plus/files/tac_plus.confd
new file mode 100644
index 000000000000..95d293b370ef
--- /dev/null
+++ b/net-nds/tac_plus/files/tac_plus.confd
@@ -0,0 +1,8 @@
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+# Config file for /etc/init.d/tac_plus
+
+TAC_PLUS_OPTS="-d 248"
+
diff --git a/net-nds/tac_plus/files/tac_plus.confd2 b/net-nds/tac_plus/files/tac_plus.confd2
new file mode 100644
index 000000000000..9614bda7a605
--- /dev/null
+++ b/net-nds/tac_plus/files/tac_plus.confd2
@@ -0,0 +1,7 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+# Config file for /etc/init.d/tac_plus
+
+TAC_PLUS_OPTS=""
diff --git a/net-nds/tac_plus/files/tac_plus.init b/net-nds/tac_plus/files/tac_plus.init
new file mode 100644
index 000000000000..28de144b48f6
--- /dev/null
+++ b/net-nds/tac_plus/files/tac_plus.init
@@ -0,0 +1,23 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+opts="start stop restart"
+
+depend() {
+ need net
+}
+
+start() {
+ ebegin "Starting tac_plus"
+ start-stop-daemon --start --quiet --exec /usr/bin/tac_plus \
+ -- -C /etc/tac_plus/tac_plus.conf ${TAC_PLUS_OPTS}
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping tac_plus"
+ start-stop-daemon --stop --quiet --pidfile /var/run/tac_plus.pid
+ eend $?
+}
diff --git a/net-nds/tac_plus/files/tac_plus.init2 b/net-nds/tac_plus/files/tac_plus.init2
new file mode 100644
index 000000000000..59ea76d39831
--- /dev/null
+++ b/net-nds/tac_plus/files/tac_plus.init2
@@ -0,0 +1,21 @@
+#!/sbin/runscript
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+depend() {
+ need net
+}
+
+start() {
+ ebegin "Starting tac_plus"
+ start-stop-daemon --start --quiet --exec /usr/bin/tac_plus \
+ -- -C /etc/tac_plus/tac_plus.conf ${TAC_PLUS_OPTS}
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping tac_plus"
+ start-stop-daemon --stop --quiet --pidfile /var/run/tac_plus.pid
+ eend $?
+}
diff --git a/net-nds/tac_plus/metadata.xml b/net-nds/tac_plus/metadata.xml
new file mode 100644
index 000000000000..152c8267551a
--- /dev/null
+++ b/net-nds/tac_plus/metadata.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer>
+ <email>chainsaw@gentoo.org</email>
+ <name>Tony Vroon</name>
+ </maintainer>
+ <use>
+ <flag name='finger'>Adds support for checking user counts via fingering
+ the NAS</flag>
+ <flag name='maxsess'>Enforce a limit on maximum sessions per user</flag>
+ </use>
+</pkgmetadata>
diff --git a/net-nds/tac_plus/tac_plus-4.0.4.19-r3.ebuild b/net-nds/tac_plus/tac_plus-4.0.4.19-r3.ebuild
new file mode 100644
index 000000000000..0115b56cec7a
--- /dev/null
+++ b/net-nds/tac_plus/tac_plus-4.0.4.19-r3.ebuild
@@ -0,0 +1,56 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=4
+
+inherit autotools base libtool
+
+MY_P="tacacs+-F${PV}"
+S="${WORKDIR}/${MY_P}"
+
+DESCRIPTION="An updated version of Cisco's TACACS+ server"
+HOMEPAGE="http://www.shrubbery.net/tac_plus/"
+SRC_URI="ftp://ftp.shrubbery.net/pub/tac_plus/${MY_P}.tar.gz"
+
+LICENSE="HPND RSA GPL-2" # GPL-2 only for init script
+SLOT="0"
+KEYWORDS="amd64 ppc x86"
+IUSE="debug finger maxsess tcpd skey static-libs"
+
+DEPEND="skey? ( >=sys-auth/skey-1.1.5-r1 )
+ tcpd? ( sys-apps/tcp-wrappers )
+ sys-libs/pam"
+RDEPEND="${DEPEND}"
+
+PATCHES=( "${FILESDIR}/${P}-parallelmake.patch" )
+
+src_prepare() {
+ base_src_prepare
+ AT_M4DIR="." eautoreconf
+ elibtoolize
+}
+
+src_configure() {
+ econf \
+ $(use_with skey) \
+ $(use_with tcpd libwrap) \
+ $(use_enable debug) \
+ $(use_enable finger) \
+ $(use_enable maxsess) \
+ $(use_enable static-libs static) \
+ || die "econf failed"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "install failed"
+
+ use static-libs || find "${D}" -name '*.la' -delete || die "Unable to remove spurious libtool archive"
+ dodoc CHANGES FAQ
+
+ newinitd "${FILESDIR}/tac_plus.init2" tac_plus
+ newconfd "${FILESDIR}/tac_plus.confd2" tac_plus
+
+ insinto /etc/tac_plus
+ newins "${FILESDIR}/tac_plus.conf2" tac_plus.conf
+}
diff --git a/net-nds/tac_plus/tac_plus-4.0.4.19-r4.ebuild b/net-nds/tac_plus/tac_plus-4.0.4.19-r4.ebuild
new file mode 100644
index 000000000000..56631c180fbb
--- /dev/null
+++ b/net-nds/tac_plus/tac_plus-4.0.4.19-r4.ebuild
@@ -0,0 +1,59 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit autotools base libtool
+
+MY_P="tacacs+-F${PV}"
+S="${WORKDIR}/${MY_P}"
+
+DESCRIPTION="An updated version of Cisco's TACACS+ server"
+HOMEPAGE="http://www.shrubbery.net/tac_plus/"
+SRC_URI="ftp://ftp.shrubbery.net/pub/tac_plus/${MY_P}.tar.gz"
+
+LICENSE="HPND RSA GPL-2" # GPL-2 only for init script
+SLOT="0"
+KEYWORDS="amd64 ppc x86"
+IUSE="debug finger maxsess tcpd skey static-libs"
+
+DEPEND="skey? ( >=sys-auth/skey-1.1.5-r1 )
+ tcpd? ( sys-apps/tcp-wrappers )
+ sys-libs/pam"
+RDEPEND="${DEPEND}"
+
+PATCHES=(
+"${FILESDIR}/${P}-parallelmake.patch"
+"${FILESDIR}/${P}-deansification.patch"
+)
+
+src_prepare() {
+ base_src_prepare
+ AT_M4DIR="." eautoreconf
+ elibtoolize
+}
+
+src_configure() {
+ econf \
+ $(use_with skey) \
+ $(use_with tcpd libwrap) \
+ $(use_enable debug) \
+ $(use_enable finger) \
+ $(use_enable maxsess) \
+ $(use_enable static-libs static) \
+ || die "econf failed"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "install failed"
+
+ use static-libs || find "${D}" -name '*.la' -delete || die "Unable to remove spurious libtool archive"
+ dodoc CHANGES FAQ
+
+ newinitd "${FILESDIR}/tac_plus.init2" tac_plus
+ newconfd "${FILESDIR}/tac_plus.confd2" tac_plus
+
+ insinto /etc/tac_plus
+ newins "${FILESDIR}/tac_plus.conf2" tac_plus.conf
+}
diff --git a/net-nds/tac_plus/tac_plus-4.0.4.27a.ebuild b/net-nds/tac_plus/tac_plus-4.0.4.27a.ebuild
new file mode 100644
index 000000000000..7da767a65aa4
--- /dev/null
+++ b/net-nds/tac_plus/tac_plus-4.0.4.27a.ebuild
@@ -0,0 +1,60 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit autotools base libtool
+
+MY_P="tacacs+-F${PV}"
+S="${WORKDIR}/${MY_P}"
+
+DESCRIPTION="An updated version of Cisco's TACACS+ server"
+HOMEPAGE="http://www.shrubbery.net/tac_plus/"
+SRC_URI="ftp://ftp.shrubbery.net/pub/tac_plus/${MY_P}.tar.gz"
+
+LICENSE="HPND RSA GPL-2" # GPL-2 only for init script
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~x86"
+IUSE="debug finger maxsess tcpd skey static-libs"
+
+DEPEND="skey? ( >=sys-auth/skey-1.1.5-r1 )
+ tcpd? ( sys-apps/tcp-wrappers )
+ sys-libs/pam"
+RDEPEND="${DEPEND}"
+
+PATCHES=(
+ "${FILESDIR}/${P}-parallelmake.patch"
+ "${FILESDIR}/${P}-deansification.patch"
+)
+
+src_prepare() {
+ base_src_prepare
+ mv configure.in configure.ac || die "Unable to quiet autoconf deprecation warning"
+ AT_M4DIR="." eautoreconf
+ elibtoolize
+}
+
+src_configure() {
+ econf \
+ $(use_with skey) \
+ $(use_with tcpd libwrap) \
+ $(use_enable debug) \
+ $(use_enable finger) \
+ $(use_enable maxsess) \
+ $(use_enable static-libs static) \
+ || die "econf failed"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "install failed"
+
+ use static-libs || find "${D}" -name '*.la' -delete || die "Unable to remove spurious libtool archive"
+ dodoc CHANGES FAQ
+
+ newinitd "${FILESDIR}/tac_plus.init2" tac_plus
+ newconfd "${FILESDIR}/tac_plus.confd2" tac_plus
+
+ insinto /etc/tac_plus
+ newins "${FILESDIR}/tac_plus.conf2" tac_plus.conf
+}
diff --git a/net-nds/yp-tools/Manifest b/net-nds/yp-tools/Manifest
new file mode 100644
index 000000000000..3f60c045fc61
--- /dev/null
+++ b/net-nds/yp-tools/Manifest
@@ -0,0 +1 @@
+DIST yp-tools-2.12.tar.bz2 204228 SHA256 6ae8321666eea7837da343eea90ea30273fb74943ad111d5a4befd2afb252063 SHA512 0b62f63d65c7a53e715fb5749c4a7e71cf85e4006fa5e1ec39290e740301d5a8d321007461bb7a6b3bd1aaac283d8b028fa07814e77bd75e13dfd761f74c9218 WHIRLPOOL b4b89857024cc2aa42e6e9dabea25ea81da641d00fbeb3202cd53e81065384d9b1a685e8e0eed547622f4a0649d625cf3ea35217deef7c19536e120813d5b1c4
diff --git a/net-nds/yp-tools/files/domainname.service b/net-nds/yp-tools/files/domainname.service
new file mode 100644
index 000000000000..8f170adf794c
--- /dev/null
+++ b/net-nds/yp-tools/files/domainname.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=NIS Domainname
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/nisdomainname $NISDOMAINNAME
+RemainAfterExit=true
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-nds/yp-tools/files/domainname.service.conf b/net-nds/yp-tools/files/domainname.service.conf
new file mode 100644
index 000000000000..592de3b3d88a
--- /dev/null
+++ b/net-nds/yp-tools/files/domainname.service.conf
@@ -0,0 +1,3 @@
+# NIS domain to be set by domainname.service
+[Service]
+Environment="NISDOMAINNAME=local"
diff --git a/net-nds/yp-tools/metadata.xml b/net-nds/yp-tools/metadata.xml
new file mode 100644
index 000000000000..9dc32b25199d
--- /dev/null
+++ b/net-nds/yp-tools/metadata.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<maintainer>
+ <email>maintainer-needed@gentoo.org</email>
+</maintainer>
+</pkgmetadata>
diff --git a/net-nds/yp-tools/yp-tools-2.12-r1.ebuild b/net-nds/yp-tools/yp-tools-2.12-r1.ebuild
new file mode 100644
index 000000000000..54749e0ea232
--- /dev/null
+++ b/net-nds/yp-tools/yp-tools-2.12-r1.ebuild
@@ -0,0 +1,42 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit eutils systemd
+
+DESCRIPTION="Network Information Service tools"
+HOMEPAGE="http://www.linux-nis.org/nis/"
+SRC_URI="ftp://ftp.kernel.org/pub/linux/utils/net/NIS/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="alpha amd64 ~arm hppa ia64 ~mips ppc ppc64 sparc x86"
+IUSE="nls"
+
+src_configure() {
+ local myconf="--sysconfdir=/etc/yp"
+ if ! use nls
+ then
+ myconf="${myconf} --disable-nls"
+ mkdir intl
+ touch intl/libintl.h
+ export CPPFLAGS="${CPPFLAGS} -I${S}"
+
+ for i in lib/nicknames.c src/*.c
+ do
+ cp ${i} ${i}.orig
+ sed 's:<libintl.h>:<intl/libintl.h>:' \
+ ${i}.orig > ${i}
+ done
+ fi
+ econf ${myconf}
+}
+
+src_install() {
+ default
+ insinto /etc/yp ; doins etc/nicknames
+ systemd_dounit "${FILESDIR}/domainname.service"
+ systemd_install_serviced "${FILESDIR}"/domainname.service.conf
+}
diff --git a/net-nds/ypbind/Manifest b/net-nds/ypbind/Manifest
new file mode 100644
index 000000000000..76643dcc4901
--- /dev/null
+++ b/net-nds/ypbind/Manifest
@@ -0,0 +1 @@
+DIST ypbind-mt-1.37.2.tar.bz2 197280 SHA256 abe842b7943bcee4685a63fcd7e40954ac8b97fa94b4a470be9520a6ccde063d SHA512 b101a1144b6886ff02d4ac83705313e20dac998aa30239d8ae34a0413a8deb4e786bbe3b549368119408593ceb40a95170b345c119a23b8fdf2461746c70a7be WHIRLPOOL 74bae5da90187e8e99d514ce25309dfeecd4ea93768bc1810ba6fcaa07acc643991893779496cd8faedc022bc26e565770e24cf258061662c105b42b2c02be9b
diff --git a/net-nds/ypbind/files/ypbind.confd-r1 b/net-nds/ypbind/files/ypbind.confd-r1
new file mode 100644
index 000000000000..91cdc60c1030
--- /dev/null
+++ b/net-nds/ypbind/files/ypbind.confd-r1
@@ -0,0 +1,4 @@
+# Config file for /etc/init.d/ypbind
+
+# Set any command line options you want to pass to ypbind.
+YPBIND_OPTS=""
diff --git a/net-nds/ypbind/files/ypbind.initd b/net-nds/ypbind/files/ypbind.initd
new file mode 100644
index 000000000000..26d5d9a65b8b
--- /dev/null
+++ b/net-nds/ypbind/files/ypbind.initd
@@ -0,0 +1,41 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+depend() {
+ need net portmap
+ use ypserv domainname
+}
+
+start() {
+ ebegin "Starting ypbind"
+ if [ -n "${YPBIND_OPTS}" ]; then
+ YOPTS="-- ${YPBIND_OPTS}"
+ fi
+ start-stop-daemon --start --quiet --exec /usr/sbin/ypbind ${YOPTS}
+ local ret=$?
+ if [ $ret -eq 0 ] ; then
+ notfound=1
+ for i in 0 1 2 3 4 5 6 7 8 9
+ do
+ ypwhich >/dev/null 2>&1 && { notfound=0; break; }
+ sleep 1
+ done
+ if [ $notfound -eq 1 ] ; then
+ eend 1 "No NIS server found"
+ else
+ eend 0
+ fi
+ else
+ eend $ret
+ fi
+}
+
+stop() {
+ ebegin "Stopping ypbind"
+ start-stop-daemon --stop --quiet --exec /usr/sbin/ypbind
+ eend $?
+ # Remove binding files, if ypbind "forgets" it
+ rm -f /var/yp/binding/*
+}
diff --git a/net-nds/ypbind/files/ypbind.service b/net-nds/ypbind/files/ypbind.service
new file mode 100644
index 000000000000..a04ed71fe0d0
--- /dev/null
+++ b/net-nds/ypbind/files/ypbind.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=YP Bind
+Requires=rpcbind.service domainname.service
+After=rpcbind.service domainname.service network.target
+Before=systemd-user-sessions.service
+
+[Service]
+ExecStart=/usr/sbin/ypbind -foreground
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-nds/ypbind/metadata.xml b/net-nds/ypbind/metadata.xml
new file mode 100644
index 000000000000..ff62877c67ae
--- /dev/null
+++ b/net-nds/ypbind/metadata.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<maintainer>
+ <email>maintainer-needed@gentoo.org</email>
+</maintainer>
+</pkgmetadata>
diff --git a/net-nds/ypbind/ypbind-1.37.2.ebuild b/net-nds/ypbind/ypbind-1.37.2.ebuild
new file mode 100644
index 000000000000..0607e24d7182
--- /dev/null
+++ b/net-nds/ypbind/ypbind-1.37.2.ebuild
@@ -0,0 +1,65 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+inherit readme.gentoo systemd
+
+MY_P=${PN}-mt-${PV}
+S="${WORKDIR}/${MY_P}"
+
+DESCRIPTION="Multithreaded NIS bind service (ypbind-mt)"
+HOMEPAGE="http://www.linux-nis.org/nis/ypbind-mt/index.html"
+SRC_URI="http://www.linux-nis.org/download/ypbind-mt/${MY_P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="alpha amd64 ~arm hppa ia64 ~mips ppc ppc64 sparc x86"
+IUSE="debug dbus nls slp systemd"
+
+RDEPEND="
+ debug? ( dev-libs/dmalloc )
+ dbus? ( dev-libs/dbus-glib )
+ slp? ( net-libs/openslp )
+ systemd? (
+ net-nds/rpcbind
+ >=net-nds/yp-tools-2.12-r1
+ sys-apps/systemd )
+ !systemd? (
+ net-nds/yp-tools
+ || ( net-nds/portmap net-nds/rpcbind ) )
+"
+DEPEND="${RDEPEND}
+ nls? ( sys-devel/gettext )
+"
+
+DOC_CONTENTS="
+ If you are using dhcpcd, be sure to add the -Y option to
+ dhcpcd_eth0 (or eth1, etc.) to keep dhcpcd from clobbering
+ /etc/yp.conf.
+"
+
+src_prepare() {
+ ! use systemd && export ac_cv_header_systemd_sd_daemon_h=no
+}
+
+src_configure() {
+ econf \
+ $(use_enable nls) \
+ $(use_enable slp) \
+ $(use_with debug dmalloc) \
+ $(use_enable dbus dbus-nm)
+}
+
+src_install() {
+ default
+
+ insinto /etc
+ newins etc/yp.conf yp.conf.example
+
+ newconfd "${FILESDIR}/ypbind.confd-r1" ypbind
+ newinitd "${FILESDIR}/ypbind.initd" ypbind
+ use systemd && systemd_dounit "${FILESDIR}/ypbind.service"
+
+ readme.gentoo_create_doc
+}
diff --git a/net-nds/ypserv/Manifest b/net-nds/ypserv/Manifest
new file mode 100644
index 000000000000..56f0088fcbfe
--- /dev/null
+++ b/net-nds/ypserv/Manifest
@@ -0,0 +1 @@
+DIST ypserv-2.26.tar.bz2 196037 RMD160 dd2050a64324c3a362a51f4a9b0d330be26c944d SHA1 55757c2303559300dfde8d707f64b6df2b1f0652 SHA256 ba71e4fa9659ebc32325eacb3daa0803332e9ca17e0d0779730ba0e2ece298f8
diff --git a/net-nds/ypserv/files/rpc.yppasswdd-r1 b/net-nds/ypserv/files/rpc.yppasswdd-r1
new file mode 100644
index 000000000000..7e7c36a3b837
--- /dev/null
+++ b/net-nds/ypserv/files/rpc.yppasswdd-r1
@@ -0,0 +1,22 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+depend() {
+ need net portmap ypserv
+}
+
+start() {
+ ebegin "Starting rpc.yppasswdd"
+ YOPTS=""
+ if [ -n "${YPPASSWDD_OPTS}" ]; then YOPTS="-- ${YPPASSWDD_OPTS}"; fi
+ start-stop-daemon --start --quiet --exec /usr/sbin/rpc.yppasswdd ${YOPTS}
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping rpc.yppasswdd"
+ start-stop-daemon --stop --quiet --exec /usr/sbin/rpc.yppasswdd
+ eend $?
+}
diff --git a/net-nds/ypserv/files/rpc.yppasswdd.confd b/net-nds/ypserv/files/rpc.yppasswdd.confd
new file mode 100644
index 000000000000..0d6673630776
--- /dev/null
+++ b/net-nds/ypserv/files/rpc.yppasswdd.confd
@@ -0,0 +1,7 @@
+# -e chsh allows changing shell through ypchsh,
+# -e chfn allows changing GECOS ("finger") information through ypchfn,
+# -D <dir> allows specification of directory with yp/NIS sources
+# if other than /etc.
+#YPPASSWDD_OPTS="-e chsh -e chfn -D /var/yp/source"
+
+
diff --git a/net-nds/ypserv/files/rpc.ypxfrd b/net-nds/ypserv/files/rpc.ypxfrd
new file mode 100644
index 000000000000..573b010ea923
--- /dev/null
+++ b/net-nds/ypserv/files/rpc.ypxfrd
@@ -0,0 +1,22 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+depend() {
+ need net portmap ypserv
+}
+
+start() {
+ ebegin "Starting rpc.ypxfrd"
+ YOPTS=""
+ if [ -n "${YPXFRD_OPTS}" ]; then YOPTS="-- ${YPXFRD_OPTS}"; fi
+ start-stop-daemon --start --quiet --exec /usr/sbin/rpc.ypxfrd ${YOPTS}
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping rpc.ypxfrd"
+ start-stop-daemon --stop --quiet --exec /usr/sbin/rpc.ypxfrd
+ eend $?
+}
diff --git a/net-nds/ypserv/files/rpc.ypxfrd-2.23 b/net-nds/ypserv/files/rpc.ypxfrd-2.23
new file mode 100644
index 000000000000..ae1f92e1b3d4
--- /dev/null
+++ b/net-nds/ypserv/files/rpc.ypxfrd-2.23
@@ -0,0 +1,22 @@
+#!/sbin/runscript
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+depend() {
+ need net portmap ypserv
+}
+
+start() {
+ ebegin "Starting rpc.ypxfrd"
+ YOPTS=""
+ if [ -n "${YPXFRD_OPTS}" ]; then YOPTS="-- ${YPXFRD_OPTS}"; fi
+ start-stop-daemon --start --quiet --pidfile /var/run/ypxfrd.pid --exec /usr/sbin/rpc.ypxfrd ${YOPTS}
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping rpc.ypxfrd"
+ start-stop-daemon --stop --quiet --pidfile /var/run/ypxfrd.pid --exec /usr/sbin/rpc.ypxfrd
+ eend $?
+}
diff --git a/net-nds/ypserv/files/rpc.ypxfrd.confd b/net-nds/ypserv/files/rpc.ypxfrd.confd
new file mode 100644
index 000000000000..73cfc47e7154
--- /dev/null
+++ b/net-nds/ypserv/files/rpc.ypxfrd.confd
@@ -0,0 +1,3 @@
+# Command line options to pass to rpc.ypxfrd
+# eg: you can pass --port <number> to use a non-standard port
+YPXFRD_OPTS=""
diff --git a/net-nds/ypserv/files/ypserv b/net-nds/ypserv/files/ypserv
new file mode 100755
index 000000000000..a0dd95c6b217
--- /dev/null
+++ b/net-nds/ypserv/files/ypserv
@@ -0,0 +1,23 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+depend() {
+ need net portmap
+ use domainname
+}
+
+start() {
+ ebegin "Starting NIS Server"
+ YOPTS=""
+ if [ -n "${YPSERV_OPTS}" ]; then YOPTS="-- ${YPSERV_OPTS}"; fi
+ start-stop-daemon --start --quiet --exec /usr/sbin/ypserv ${YOPTS}
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping NIS Server"
+ start-stop-daemon --stop --quiet --exec /usr/sbin/ypserv
+ eend $?
+}
diff --git a/net-nds/ypserv/files/ypserv.confd b/net-nds/ypserv/files/ypserv.confd
new file mode 100644
index 000000000000..0ae9756dc81b
--- /dev/null
+++ b/net-nds/ypserv/files/ypserv.confd
@@ -0,0 +1,4 @@
+# Config file for /etc/init.d/ypserv
+
+# Command line options to pass to ypserv:
+YPSERV_OPTS=""
diff --git a/net-nds/ypserv/metadata.xml b/net-nds/ypserv/metadata.xml
new file mode 100644
index 000000000000..ff62877c67ae
--- /dev/null
+++ b/net-nds/ypserv/metadata.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<maintainer>
+ <email>maintainer-needed@gentoo.org</email>
+</maintainer>
+</pkgmetadata>
diff --git a/net-nds/ypserv/ypserv-2.26.ebuild b/net-nds/ypserv/ypserv-2.26.ebuild
new file mode 100644
index 000000000000..8eaa6422feb3
--- /dev/null
+++ b/net-nds/ypserv/ypserv-2.26.ebuild
@@ -0,0 +1,77 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="4"
+
+inherit autotools
+
+DESCRIPTION="Network Information Service server"
+HOMEPAGE="http://www.linux-nis.org/nis/"
+SRC_URI="mirror://kernel/linux/utils/net/NIS/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ppc ppc64 x86"
+IUSE="slp"
+
+DEPEND=">=sys-libs/gdbm-1.8.0
+ slp? ( net-libs/openslp )"
+RDEPEND="${DEPEND}
+ || ( net-nds/rpcbind net-nds/portmap )"
+
+src_prepare() {
+ # The configure script does not provide a command-line flag to control usage
+ # of slp. Use a brutal method in case we need to disable it.
+ if ! use slp; then
+ sed -i -e 's/USE_SLP=1/USE_SLP=0/g' configure.in || die
+ eautoreconf
+ fi
+}
+
+src_install() {
+ default
+ dodoc AUTHORS ChangeLog NEWS README THANKS TODO
+
+ insinto /etc
+ doins etc/ypserv.conf etc/netgroup etc/netmasks
+ insinto /var/yp
+ newins etc/securenets securenets.default
+
+ newconfd "${FILESDIR}/ypserv.confd" ypserv
+ newconfd "${FILESDIR}/rpc.yppasswdd.confd" rpc.yppasswdd
+ newconfd "${FILESDIR}/rpc.ypxfrd.confd" rpc.ypxfrd
+
+ newinitd "${FILESDIR}/ypserv" ypserv
+ newinitd "${FILESDIR}/rpc.yppasswdd-r1" rpc.yppasswdd
+ newinitd "${FILESDIR}/rpc.ypxfrd-2.23" rpc.ypxfrd
+
+ echo "CONFIG_PROTECT=\"/var/yp/Makefile\"" > "${T}"/10ypserv
+ doenvd "${T}"/10ypserv
+}
+
+pkg_preinst() {
+ # This ebuilds installs an env file which CONFIG_PROTECTs /var/yp/Makefile,
+ # but if the user is migrating from older ypserv, this won't take effect
+ # immediately. Keep the older setup with Makefile.dist file and ask the user
+ # to migrate.
+ if [ -f "${ROOT}/var/yp/Makefile.dist" ]; then
+ mv "${D}/var/yp/Makefile" "${D}/var/yp/Makefile.dist" \
+ || die "mv failed"
+ cp "${ROOT}/var/yp/Makefile" "${D}/var/yp/Makefile" \
+ || die "cp failed"
+ elog "Please remove ${ROOT}/var/yp/Makefile.dist after making sure that"
+ elog "${ROOT}/var/yp/Makefile looks fine to you. It is now"
+ elog "CONFIG_PROTECTed, so further changes should be managed with"
+ elog "usual config management tools like etc-update or dispatch-conf."
+ fi
+}
+
+pkg_postinst() {
+ einfo "To complete setup, you will need to edit /var/yp/securenets,"
+ einfo "/etc/conf.d/ypserv, /etc/ypserv.conf, /etc/conf.d/rpc.yppasswdd"
+ einfo "and possibly /var/yp/Makefile."
+
+ einfo "To start the services at boot, you need to enable ypserv and optionally"
+ einfo "the rpc.yppasswdd and/or rpc.ypxfrd services"
+}