Red Hat Bugzilla – Bug 587722
OpenLDAP should be built with connectionless support (-DLDAP_CONNECTIONLESS).
Last modified: 2010-10-31 17:33:43 EDT
Description of problem:
OpenLDAP is not built with connectionless support (CFLAGS += -DLDAP_CONNECTIONLESS), which some software requires for interacting with Active Directory. I would like to add a package 'likewise-open' to Fedora 12, 13, rawhide; likewise-open provides Active Directory authentication and requires connectionless support.
Version-Release number of selected component (if applicable):
OpenLDAP in [Fedora 12, 13, rawhide] is built without connectionless support.
Ok, I finally got some time so here it is. I have testing scratch build - can you please test it that it has everything you need or something else is needed?
I'm checking out the build; sorry for the delay, this fell off my radar as the bug mail went into the SPAM folder.
No problem, just let me know if the build is ok.
Created attachment 417029 [details]
Patch against openldap.spec to add -DLDAP_CONNECTIONLESS to proper place.
The -DLDAP_CONNECTIONLESS was added to the database in openldap and not openldap itself. I rebuilt with this change and discoved:
This change alone is not enough (but is necessary) to unblock likewise-open as gssapi support in OpenLDAP has decayed. I've developed patches against OpenLDAP HEAD and will try to get patches pushed upstream.
Oh, sorry for that - that's what happens when I do faster than think. Anyway, here is corrected build:
Please re-test once more. Once it is confirmed, I'll normal build instead of scratch.
Created attachment 417407 [details]
Enable GSSAPI support in OpenLdap.
The connectionless flag works and in combination with this patch, rebuilding the configure script and adding --with-gssapi unblocks likewise-open :-)
GSSAPI code is already in OpenLDAP, but setting up the header files and linker flags dropped out at some point. I'm going to try and get OpenLDAP to pick up this patch (along with a few others).
Created attachment 417408 [details]
Patches the spec file to use the gssapi patch in case my previous comment wasn't clear.
I'm sorry, but I'm not comfortable with this kind of patch in Fedora itself. Since our policy is to have strong cooperation with upstream, I want upstream approval on this one first. I looked both into mailing list archives and ITS, but I found no request for integration of your patch. Please try to convince upstream first. Once it is clear this (or any other derived) patch will be accepted by them, I will gladly accept it in Fedora, but until then I'm not in favor of this.
Also since the original purpose of this bug has been fulfilled, I'm closing this bug (the build of openldap with conectionless support is ready). Feel free to open another one for GSSAPI support, it should be tracked in separate bugzilla, so it doesn't get mixed up with this one.
openldap-2.4.19-5.fc12 has been submitted as an update for Fedora 12.
openldap-2.4.19-6.fc12 has been submitted as an update for Fedora 12.
openldap-2.4.19-6.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.