Bug 587722 - OpenLDAP should be built with connectionless support (-DLDAP_CONNECTIONLESS).
Summary: OpenLDAP should be built with connectionless support (-DLDAP_CONNECTIONLESS).
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: openldap   
(Show other bugs)
Version: rawhide
Hardware: All Linux
low
medium
Target Milestone: ---
Assignee: Jan Zeleny
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: 578886
TreeView+ depends on / blocked
 
Reported: 2010-04-30 17:03 UTC by Scott Salley
Modified: 2010-10-31 21:33 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-05-28 12:38:09 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Patch against openldap.spec to add -DLDAP_CONNECTIONLESS to proper place. (844 bytes, patch)
2010-05-26 21:00 UTC, Scott Salley
no flags Details | Diff
Enable GSSAPI support in OpenLdap. (8.62 KB, text/plain)
2010-05-27 22:17 UTC, Scott Salley
no flags Details
Patches the spec file to use the gssapi patch in case my previous comment wasn't clear. (825 bytes, text/plain)
2010-05-27 22:18 UTC, Scott Salley
no flags Details

Description Scott Salley 2010-04-30 17:03:43 UTC
Description of problem:

OpenLDAP is not built with connectionless support (CFLAGS += -DLDAP_CONNECTIONLESS), which some software requires for interacting with Active Directory. I would like to add a package 'likewise-open' to Fedora 12, 13, rawhide; likewise-open provides Active Directory authentication and requires connectionless support.

Version-Release number of selected component (if applicable):

OpenLDAP in [Fedora 12, 13, rawhide] is built without connectionless support.

Additional info:

Comment 1 Jan Zeleny 2010-05-18 08:25:20 UTC
Ok, I finally got some time so here it is. I have testing scratch build - can you please test it that it has everything you need or something else is needed?

http://koji.fedoraproject.org/koji/taskinfo?taskID=2193579

Thanks

Comment 2 Scott Salley 2010-05-25 00:15:05 UTC
I'm checking out the build; sorry for the delay, this fell off my radar as the bug mail went into the SPAM folder.

Comment 3 Jan Zeleny 2010-05-25 06:22:52 UTC
No problem, just let me know if the build is ok.

Comment 4 Scott Salley 2010-05-26 21:00:05 UTC
Created attachment 417029 [details]
Patch against openldap.spec to add -DLDAP_CONNECTIONLESS to proper place.

The -DLDAP_CONNECTIONLESS was added to the database in openldap and not openldap itself. I rebuilt with this change and discoved:

This change alone is not enough (but is necessary) to unblock likewise-open as gssapi support in OpenLDAP has decayed. I've developed patches against OpenLDAP HEAD and will try to get patches pushed upstream.

Comment 5 Jan Zeleny 2010-05-27 07:09:56 UTC
Oh, sorry for that - that's what happens when I do faster than think. Anyway, here is corrected build:
http://koji.fedoraproject.org/koji/taskinfo?taskID=2212113

Please re-test once more. Once it is confirmed, I'll normal build instead of scratch.

Comment 6 Scott Salley 2010-05-27 22:17:50 UTC
Created attachment 417407 [details]
Enable GSSAPI support in OpenLdap.

The connectionless flag works and in combination with this patch, rebuilding the configure script and adding --with-gssapi unblocks likewise-open :-)

GSSAPI code is already in OpenLDAP, but setting up the header files and linker flags dropped out at some point. I'm going to try and get OpenLDAP to pick up this patch (along with a few others).

Comment 7 Scott Salley 2010-05-27 22:18:49 UTC
Created attachment 417408 [details]
Patches the spec file to use the gssapi patch in case my previous comment wasn't clear.

Comment 8 Jan Zeleny 2010-05-28 12:38:09 UTC
I'm sorry, but I'm not comfortable with this kind of patch in Fedora itself. Since our policy is to have strong cooperation with upstream, I want upstream approval on this one first. I looked both into mailing list archives and ITS, but I found no request for integration of your patch. Please try to convince upstream first. Once it is clear this (or any other derived) patch will be accepted by them, I will gladly accept it in Fedora, but until then I'm not in favor of this.

Also since the original purpose of this bug has been fulfilled, I'm closing this bug (the build of openldap with conectionless support is ready). Feel free to open another one for GSSAPI support, it should be tracked in separate bugzilla, so it doesn't get mixed up with this one.

Comment 9 Fedora Update System 2010-06-25 22:58:22 UTC
openldap-2.4.19-5.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/openldap-2.4.19-5.fc12

Comment 10 Fedora Update System 2010-07-20 17:37:53 UTC
openldap-2.4.19-6.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/openldap-2.4.19-6.fc12

Comment 11 Fedora Update System 2010-10-31 21:33:43 UTC
openldap-2.4.19-6.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.