updated 2 packages

openldap-2.6.3-1

openldap24-2.4.59-3

o/openldap/openldap-vl.spec

@@ -2,15 +2,14 @@
 %bcond_with sql
 
 %define build_compat32 %{?_with_compat32:1}%{!?_with_compat32:0}
-%define __perl_requires %{SOURCE11}
 
 %global check_password_version 1.1
 
 Summary: The configuration files, libraries and documentation for OpenLDAP.
 Summary(ja): OpenLDAP の設定ファイル，ライブラリ，ドキュメント.
 Name: openldap
-Version: 2.4.59
-Release: 2%{?_dist_release}%{?with_systemd:.systemd}
+Version: 2.6.3
+Release: 1%{?_dist_release}%{?with_systemd:.systemd}
 Group: system
 Vendor: Project Vine
 Distribution: Vine Linux
@@ -22,48 +21,29 @@ Source2: ldap.init
 Source4: slapd.ldif
 Source5: ldap.conf
 Source10: ldap.sysconfig
-Source11: filter-requires-openldap.sh
-Source12: ltb-project-openldap-ppolicy-check-password-%{check_password_version}.tar.gz
+Source11: https://github.com/ltb-project/openldap-ppolicy-check-password/archive/v%{check_password_version}/openldap-ppolicy-check-password-%{check_password_version}.tar.gz
 Source50: libexec-functions
 Source52: libexec-check-config.sh
-Source53: libexec-upgrade-db.sh
 Source101: slapd.service
 Source102: slapd.tmpfiles
 
-# Patches for 2.4
+# Patches for 2.6
 Patch0: openldap-manpages.patch
-Patch2: openldap-reentrant-gethostby.patch
+Patch1: openldap-reentrant-gethostby.patch
+
 Patch3: openldap-smbk5pwd-overlay.patch
-Patch5: openldap-ai-addrconfig.patch
-Patch17: openldap-allop-overlay.patch
+Patch4: openldap-ai-addrconfig.patch
+Patch5: openldap-allop-overlay.patch
 
 # fix back_perl problems with lt_dlopen()
 # might cause crashes because of symbol collisions
 # the proper fix is to link all perl modules against libperl
 # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327585
-Patch19: openldap-switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.patch
-# ldapi sasl fix pending upstream inclusion
-Patch24: openldap-openssl-manpage-defaultCA.patch
-
-# The below patches come from upstream master and are necessary for Channel Binding
-# (both tls-unique and tls-server-end-point) to work properly.
-# Additionally, for Samba to be able to implement Channel Binding, the PEERCERT option
-# is being included as well.
-Patch50: openldap-cbinding-Add-channel-binding-support.patch
-Patch51: openldap-cbinding-ITS-8573-allow-all-libldap-options-in-tools-o-option.patch
-Patch52: openldap-cbinding-ITS-8573-TLS-option-test-suite.patch
-Patch53: openldap-cbinding-ITS-8573-Add-missing-URI-variables-for-tests.patch
-Patch54: openldap-cbinding-auth-add-SASL-GSSAPI-tests.patch
-Patch55: openldap-cbinding-ITS-7398-add-LDAP_OPT_X_TLS_PEERCERT.patch
-Patch56: openldap-cbinding-Make-prototypes-available-where-needed.patch
-Patch57: openldap-cbinding-ITS-9189_1-rework-sasl-cbinding-support.patch
-Patch58: openldap-cbinding-ITS-9189_2-add-channel-bindings-tests.patch
-Patch59: openldap-cbinding-ITS-9189_3-initialize-ldo_sasl_cbinding-in-LDAP_LDO_SA.patch
-Patch60: openldap-cbinding-Fix-slaptest-in-test077.patch
-Patch61: openldap-cbinding-Convert-test077-to-LDIF-config.patch
-Patch62: openldap-cbinding-Update-keys-to-RSA-4096.patch
-Patch63: openldap-cbinding-ITS-9215-fix-for-glibc-again.patch
-Patch64: openldap-add-tls-sni-support-to-libldap.patch
+Patch6: openldap-switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.patch
+
+# System-wide default for CA certs
+Patch7: openldap-openssl-manpage-defaultCA.patch
+Patch8: openldap-add-export-symbols-LDAP_CONNECTIONLESS.patch
 
 # check-password module specific patches
 Patch90: check-password-makefile.patch
@@ -77,9 +57,10 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-root
 BuildRequires: autoconf, automake, libtool >= 2.2.6a
 BuildRequires: libxcrypt-devel, libnsl2-devel
 BuildRequires: cyrus-sasl-devel, openssl-devel, perl
-BuildRequires: libdb-devel, pam-devel, pkgconfig, tcp_wrappers
-BuildRequires: unixODBC-devel, bind-devel, libtool-ltdl-devel >= 2.2.6a
+BuildRequires: pam-devel, pkgconfig
+BuildRequires: unixODBC-devel, libtool-ltdl-devel >= 2.2.6a
 BuildRequires: krb5-devel
+BuildRequires: libevent-devel
 BuildRequires: groff
 %if %{with systemd}
 BuildRequires: systemd
@@ -233,36 +214,18 @@ customized LDAP clients.
 
 
 %prep
-%setup -q -c -a 0 -a 12
+%setup -q -c -a 0 -a 11
 
 pushd openldap-%{version}
 
-#AUTOMAKE=/bin/true autoreconf -fiv
-autoreconf -fiv ||:
-
 %patch0 -p1
-%patch2 -p1
+%patch1 -p1
 %patch3 -p1
+%patch4 -p1
 %patch5 -p1
-%patch17 -p1
-%patch19 -p1
-%patch24 -p1
-
-%patch50 -p1
-%patch51 -p1
-%patch52 -p1
-%patch53 -p1
-%patch54 -p1
-%patch55 -p1
-%patch56 -p1
-%patch57 -p1
-%patch58 -p1
-%patch59 -p1
-%patch60 -p1
-%patch61 -p1
-%patch62 -p1
-%patch63 -p1
-%patch64 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
 
 # security
 
@@ -284,20 +247,22 @@ done
 
 popd
 
-pushd ltb-project-openldap-ppolicy-check-password-%{check_password_version}
+pushd openldap-ppolicy-check-password-%{check_password_version}
 %patch90 -p1
 %patch91 -p1
 popd
 
 
 %build
-export CFLAGS="-fpie %{optflags} -Wl,-z,relro,-z,now,--as-needed -DLDAP_CONNECTIONLESS -DLDAP_USE_NON_BLOCKING_TLS"
-export LDFLAGS="-pie"
+# enable experimental support for LDAP over UDP (LDAP_CONNECTIONLESS)
+export CFLAGS="${CFLAGS} ${LDFLAGS} -Wl,--as-needed -DLDAP_CONNECTIONLESS"
+export LDFLAGS="-fPIE"
 
 pushd openldap-%{version}
 %configure \
 	--enable-debug \
 	--enable-dynamic \
+	--enable-versioning \
 	\
 	--enable-dynacl \
 	--enable-cleartext \
@@ -321,11 +286,14 @@ pushd openldap-%{version}
 %else
 	--disable-sql \
 %endif
+	--disable-wt \
 	\
 	--enable-overlays=mod \
 	\
 	--disable-static \
 	\
+	--enable-balancer=mod \
+	\
 	--with-cyrus-sasl \
 	--without-fetch \
 	--with-threads \
@@ -337,7 +305,7 @@ pushd openldap-%{version}
 make %{_smp_mflags}
 popd
 
-pushd ltb-project-openldap-ppolicy-check-password-%{check_password_version}
+pushd openldap-ppolicy-check-password-%{check_password_version}
 make LDAP_INC="-I../openldap-%{version}/include \
  -I../openldap-%{version}/servers/slapd \
  -I../openldap-%{version}/build-servers/include"
@@ -349,11 +317,11 @@ popd
 mkdir -p %{buildroot}%{_libdir}/
 
 pushd openldap-%{version}
-make install DESTDIR=%{buildroot} STRIP=""
+make install DESTDIR=%{buildroot} STRIP_OPTS=""
 popd
 
 # install check_password module
-pushd ltb-project-openldap-ppolicy-check-password-%{check_password_version}
+pushd openldap-ppolicy-check-password-%{check_password_version}
 mv check_password.so check_password.so.%{check_password_version}
 ln -s check_password.so.%{check_password_version} %{buildroot}%{_libdir}/openldap/check_password.so
 install -m 755 check_password.so.%{check_password_version} %{buildroot}%{_libdir}/openldap/
@@ -389,7 +357,6 @@ mkdir -p %{buildroot}%{_libexecdir}
 install -m 0755 -d %{buildroot}%{_libexecdir}/openldap
 install -m 0644 %SOURCE50 %{buildroot}%{_libexecdir}/openldap/functions
 install -m 0755 %SOURCE52 %{buildroot}%{_libexecdir}/openldap/check-config.sh
-install -m 0755 %SOURCE53 %{buildroot}%{_libexecdir}/openldap/upgrade-db.sh
 
 # remove build root from config files and manual pages
 perl -pi -e "s|%{buildroot}||g" %{buildroot}%{_sysconfdir}/openldap/*.conf
@@ -438,16 +405,11 @@ rm -f %{buildroot}%{_sysconfdir}/openldap/slapd.ldif
 
 # move doc files out of _sysconfdir
 mv %{buildroot}%{_sysconfdir}/openldap/schema/README README.schema
-mv %{buildroot}%{_sysconfdir}/openldap/DB_CONFIG.example %{buildroot}%{_datadir}/openldap-servers/DB_CONFIG.example
 chmod 0644 openldap-%{version}/servers/slapd/back-sql/rdbms_depend/timesten/*.sh
-chmod 0644 %{buildroot}%{_datadir}/openldap-servers/DB_CONFIG.example
 
 # remove files which we don't want packaged
 rm -f %{buildroot}%{_libdir}/*.la  # because we do not want files in %{_libdir}/openldap/ removed, yet
 
-rm -f %{buildroot}%{_localstatedir}/openldap-data/DB_CONFIG.example
-rmdir %{buildroot}%{_localstatedir}/openldap-data
-
 
 %clean 
 rm -rf $RPM_BUILD_ROOT
@@ -458,18 +420,6 @@ rm -rf $RPM_BUILD_ROOT
 getent group ldap &>/dev/null || groupadd -r -g 55 ldap
 getent passwd ldap &>/dev/null || \
 	useradd -r -g ldap -u 55 -d %{_sharedstatedir}/ldap -s /sbin/nologin -c "OpenLDAP server" ldap
-
-if [ $1 -eq 2 ]; then
-	# package upgrade
-
-	old_version=$(rpm -q --qf=%%{version} openldap-servers)
-	new_version=%{version}
-
-	if [ "$old_version" != "$new_version" ]; then
-		touch %{_sharedstatedir}/ldap/rpm_upgrade_openldap &>/dev/null
-	fi
-fi
-
 exit 0
 
 %post servers
@@ -492,39 +442,12 @@ if [[ ! -f %{_sysconfdir}/openldap/slapd.d/cn=config.ldif && \
 %endif
 fi
 
-start_slapd=0
-
-# upgrade the database
-if [ -f %{_sharedstatedir}/ldap/rpm_upgrade_openldap ]; then
-%if %{with systemd}
-    systemctl stop slapd.service
-    start_slapd=1
-%else
-    running=`/sbin/service ldap status >/dev/null; echo $?`
-    if [ $running -eq 0 ]; then
-		/sbin/service ldap stop > /dev/null 2>&1 || :
-		start_slapd=1
-	fi
-%endif
-
-	%{_libexecdir}/openldap/upgrade-db.sh &>/dev/null
-	rm -f %{_sharedstatedir}/ldap/rpm_upgrade_openldap
-fi
-
 # restart after upgrade
 if [ $1 -ge 1 ]; then
 %if %{with systemd}
-	if [ $start_slapd -eq 1 ]; then
-		systemctl start slapd.service &>/dev/null || :
-	else
-		systemctl condrestart slapd.service &>/dev/null || :
-	fi
+	systemctl condrestart slapd.service &>/dev/null || :
 %else
-	if [ $start_slapd -eq 1 ]; then
-		/sbin/service ldap start > /dev/null 2>&1 || :
-	else
-		/sbin/service ldap condrestart > /dev/null 2>&1 || :
-	fi
+	/sbin/service ldap condrestart > /dev/null 2>&1 || :
 %endif
 fi
 
@@ -554,53 +477,6 @@ if [ $1 -ge 1 ] ; then
 fi
 %endif
 
-%triggerin servers -- libdb
-# libdb upgrade (setup for %%triggerun)
-if [ $2 -eq 2 ]; then
-	# we are interested in minor version changes (both versions of libdb are installed at this moment)
-	if [ "$(rpm -q --qf="%%{version}\n" libdb | sed 's/\.[0-9]*$//' | sort -u | wc -l)" != "1" ]; then
-		touch %{_sharedstatedir}/ldap/rpm_upgrade_libdb
-	else
-		rm -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb
-	fi
-fi
-exit 0
-
-%triggerun servers -- libdb
-# libdb upgrade (finish %%triggerin)
-%if %{with systemd}
-if [ -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb ]; then
-	
-	if /bin/systemctl --quiet is-active slapd.service; then
-		/bin/systemctl stop slapd.service
-		start=1
-	else
-		start=0
-	fi
-
-	%{_libexecdir}/openldap/upgrade-db.sh &>/dev/null
-	rm -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb
-
-	[ $start -eq 1 ] && /bin/systemctl start slapd.service &>/dev/null
-fi
-%else
-running=`/sbin/service ldap status >/dev/null; echo $?`
-
-if [ -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb ]; then
-	if [ $running -eq 0 ]; then
-		/sbin/service ldap stop > /dev/null 2>&1 || :
-		start=1
-	else
-		start=0
-	fi
-
-	%{_libexecdir}/openldap/upgrade-db.sh &>/dev/null
-	rm -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb
-
-	[ $start -eq 1 ] && /sbin/service ldap condrestart > /dev/null 2>&1 || :
-fi
-%endif
-exit 0
 
 %files
 %defattr(-,root,root)
@@ -610,10 +486,9 @@ exit 0
 %dir %{_sysconfdir}/openldap/certs
 %config(noreplace) %{_sysconfdir}/openldap/ldap.conf
 %dir %{_libexecdir}/openldap/
-%{_libdir}/liblber-2.4*.so.*
-%{_libdir}/libldap-2.4*.so.*
-%{_libdir}/libldap_r-2.4*.so.*
-%{_libdir}/libslapi-2.4*.so.*
+%{_libdir}/liblber*.so.*
+%{_libdir}/libldap*.so.*
+%{_libdir}/libslapi*.so.*
 %{_mandir}/man5/ldif.5*
 %{_mandir}/man5/ldap.conf.5*
 
@@ -625,7 +500,7 @@ exit 0
 %doc openldap-%{version}/servers/slapd/back-perl/SampleLDAP.pm
 %doc openldap-%{version}/servers/slapd/back-perl/README.back_perl
 %doc openldap-%{version}/servers/slapd/back-perl/README.back_perl
-%doc ltb-project-openldap-ppolicy-check-password-%{check_password_version}/README.check_pwd
+%doc openldap-ppolicy-check-password-%{check_password_version}/README.check_pwd
 %doc README.schema
 %config(noreplace) %dir %attr(0750,ldap,ldap) %{_sysconfdir}/openldap/slapd.d
 %config(noreplace) %{_sysconfdir}/openldap/schema
@@ -641,15 +516,16 @@ exit 0
 %attr(0755,ldap,ldap) %dir /var/run/openldap
 %{_datadir}/openldap-servers/
 %{_libdir}/openldap/accesslog*
-%{_libdir}/openldap/auditlog*
 %{_libdir}/openldap/allop*
+%{_libdir}/openldap/auditlog*
+%{_libdir}/openldap/autoca*
+%{_libdir}/openldap/back_asyncmeta*
 %{_libdir}/openldap/back_dnssrv*
 %{_libdir}/openldap/back_ldap*
 %{_libdir}/openldap/back_meta*
 %{_libdir}/openldap/back_null*
 %{_libdir}/openldap/back_passwd*
 %{_libdir}/openldap/back_relay*
-%{_libdir}/openldap/back_shell*
 %{_libdir}/openldap/back_sock*
 %{_libdir}/openldap/back_perl*
 %{_libdir}/openldap/collect*
@@ -658,10 +534,14 @@ exit 0
 %{_libdir}/openldap/deref*
 %{_libdir}/openldap/dyngroup*
 %{_libdir}/openldap/dynlist*
+%{_libdir}/openldap/home*
+%{_libdir}/openldap/lloadd*
 %{_libdir}/openldap/memberof*
+%{_libdir}/openldap/otp*
 %{_libdir}/openldap/pcache*
 %{_libdir}/openldap/ppolicy*
 %{_libdir}/openldap/refint*
+%{_libdir}/openldap/remoteauth*
 %{_libdir}/openldap/retcode*
 %{_libdir}/openldap/rwm*
 %{_libdir}/openldap/seqmod*
@@ -674,11 +554,12 @@ exit 0
 %{_libdir}/openldap/check_password*
 %{_libexecdir}/openldap/functions
 %{_libexecdir}/openldap/check-config.sh
-%{_libexecdir}/openldap/upgrade-db.sh
 %{_sbindir}/sl*
 %{_mandir}/man8/*
+%{_mandir}/man5/lloadd.conf.5*
 %{_mandir}/man5/slapd*.5*
 %{_mandir}/man5/slapo-*.5*
+%{_mandir}/man5/slappw-argon2.5*
 # obsolete configuration
 %ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf
 
@@ -700,13 +581,15 @@ exit 0
 %doc openldap-%{version}/doc/drafts openldap-%{version}/doc/rfc
 %{_libdir}/lib*.so
 %{_includedir}/*
+%{_libdir}/pkgconfig/lber.pc
+%{_libdir}/pkgconfig/ldap.pc
 %{_mandir}/man3/*
 
 ## to build compat32 for x86_64 architecture support
 %if %{build_compat32}
 %files -n compat32-%{name}
 %defattr(-,root,root)
-%{_libdir}/libl*-2.4*.so.*
+%{_libdir}/libl*.so.*
 
 # %files -n compat32-%{name}-servers-sql
 # %defattr(-,root,root)
@@ -721,6 +604,9 @@ exit 0
 
 
 %changelog
+* Fri Nov 11 2022 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.6.3-1
+- new upstream release.
+
 * Sun Nov 21 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.59-2
 - rebuilt with perl-5.34.0.
 

o/openldap24/openldap24-vl.spec

@@ -0,0 +1,779 @@
+%bcond_with systemd
+%bcond_with sql
+
+%define build_compat32 %{?_with_compat32:1}%{!?_with_compat32:0}
+%define __perl_requires %{SOURCE11}
+
+%global check_password_version 1.1
+
+Summary: The configuration files, libraries and documentation for OpenLDAP.
+Summary(ja): OpenLDAP の設定ファイル，ライブラリ，ドキュメント.
+Name: openldap24
+Version: 2.4.59
+Release: 3%{?_dist_release}%{?with_systemd:.systemd}
+Group: system
+Vendor: Project Vine
+Distribution: Vine Linux
+
+License: OpenLDAP
+URL: https://www.openldap.org/
+Source0: https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-%{version}.tgz
+Source2: ldap.init
+Source4: slapd.ldif
+Source5: ldap.conf
+Source10: ldap.sysconfig
+Source11: filter-requires-openldap.sh
+Source12: ltb-project-openldap-ppolicy-check-password-%{check_password_version}.tar.gz
+Source50: libexec-functions
+Source52: libexec-check-config.sh
+Source53: libexec-upgrade-db.sh
+Source101: slapd.service
+Source102: slapd.tmpfiles
+
+# Patches for 2.4
+Patch0: openldap-manpages.patch
+Patch2: openldap-reentrant-gethostby.patch
+Patch3: openldap-smbk5pwd-overlay.patch
+Patch5: openldap-ai-addrconfig.patch
+Patch17: openldap-allop-overlay.patch
+
+# fix back_perl problems with lt_dlopen()
+# might cause crashes because of symbol collisions
+# the proper fix is to link all perl modules against libperl
+# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327585
+Patch19: openldap-switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.patch
+# ldapi sasl fix pending upstream inclusion
+Patch24: openldap-openssl-manpage-defaultCA.patch
+
+# The below patches come from upstream master and are necessary for Channel Binding
+# (both tls-unique and tls-server-end-point) to work properly.
+# Additionally, for Samba to be able to implement Channel Binding, the PEERCERT option
+# is being included as well.
+Patch50: openldap-cbinding-Add-channel-binding-support.patch
+Patch51: openldap-cbinding-ITS-8573-allow-all-libldap-options-in-tools-o-option.patch
+Patch52: openldap-cbinding-ITS-8573-TLS-option-test-suite.patch
+Patch53: openldap-cbinding-ITS-8573-Add-missing-URI-variables-for-tests.patch
+Patch54: openldap-cbinding-auth-add-SASL-GSSAPI-tests.patch
+Patch55: openldap-cbinding-ITS-7398-add-LDAP_OPT_X_TLS_PEERCERT.patch
+Patch56: openldap-cbinding-Make-prototypes-available-where-needed.patch
+Patch57: openldap-cbinding-ITS-9189_1-rework-sasl-cbinding-support.patch
+Patch58: openldap-cbinding-ITS-9189_2-add-channel-bindings-tests.patch
+Patch59: openldap-cbinding-ITS-9189_3-initialize-ldo_sasl_cbinding-in-LDAP_LDO_SA.patch
+Patch60: openldap-cbinding-Fix-slaptest-in-test077.patch
+Patch61: openldap-cbinding-Convert-test077-to-LDIF-config.patch
+Patch62: openldap-cbinding-Update-keys-to-RSA-4096.patch
+Patch63: openldap-cbinding-ITS-9215-fix-for-glibc-again.patch
+Patch64: openldap-add-tls-sni-support-to-libldap.patch
+
+# check-password module specific patches
+Patch90: check-password-makefile.patch
+Patch91: check-password.patch
+
+# Vine Patches
+
+# security fixes
+
+BuildRoot: %{_tmppath}/%{name}-%{version}-root
+BuildRequires: autoconf, automake, libtool >= 2.2.6a
+BuildRequires: libxcrypt-devel, libnsl2-devel
+BuildRequires: cyrus-sasl-devel, openssl-devel, perl
+BuildRequires: libdb-devel, pam-devel, pkgconfig
+BuildRequires: unixODBC-devel, bind-devel, libtool-ltdl-devel >= 2.2.6a
+BuildRequires: krb5-devel
+BuildRequires: groff
+%if %{with systemd}
+BuildRequires: systemd
+%endif
+#BuildConflicts: libicu-devel
+Obsoletes: openldap < 2.4.59-3
+Provides: openldap = %{version}-%{release}
+Requires: cyrus-sasl, mktemp
+
+%description
+OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
+Protocol) applications and development tools.  LDAP is a set of
+protocols for accessing directory services (usually phone book style
+information, but other information is possible) over the Internet,
+similar to the way DNS (Domain Name System) information is propagated
+over the Internet.  The openldap package contains configuration files,
+libraries and documentation for OpenLDAP.
+
+%description -l ja
+OpenLDAPはオープンソースなLDAP (Lightweight Directory Access Protocol)アプリケーションと開発ツール集です。LDAPはディレクトリサービス（電話帳の様な情報や他の情報）にInternelからアクセスするプロトコルであり、DNS(Domain Name System)情報に似た方式でInternetに伝えられます。opanldapパッケージはOpanLDAP用の設定ファイルやライブラリ、ドキュメントを含んでいます。
+
+
+## to build compat32 for x86_64 architecture support
+%package -n compat32-%{name}
+Summary: libraries for OpenLDAP.
+Group: system
+Obsoletes: compat32-openldap < 2.4.59-3
+Provides: compat32-openldap = %{version}-%{release}
+
+%description -n compat32-%{name}
+OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
+Protocol) applications and development tools.  LDAP is a set of
+protocols for accessing directory services (usually phone book style
+information, but other information is possible) over the Internet,
+similar to the way DNS (Domain Name System) information is propagated
+over the Internet.  The openldap package contains configuration files,
+libraries and documentation for OpenLDAP.
+
+
+%debug_package
+
+
+%prep
+%setup -q -c -a 0 -a 12
+pushd openldap-%{version}
+
+#AUTOMAKE=/bin/true autoreconf -fiv
+autoreconf -fiv ||:
+
+%patch0 -p1
+%patch2 -p1
+%patch3 -p1
+%patch5 -p1
+%patch17 -p1
+%patch19 -p1
+%patch24 -p1
+
+%patch50 -p1
+%patch51 -p1
+%patch52 -p1
+%patch53 -p1
+%patch54 -p1
+%patch55 -p1
+%patch56 -p1
+%patch57 -p1
+%patch58 -p1
+%patch59 -p1
+%patch60 -p1
+%patch61 -p1
+%patch62 -p1
+%patch63 -p1
+%patch64 -p1
+
+# security
+
+# build smbk5pwd with other overlays
+ln -s ../../../contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays
+mv contrib/slapd-modules/smbk5pwd/README contrib/slapd-modules/smbk5pwd/README.smbk5pwd
+# build allop with other overlays
+ln -s ../../../contrib/slapd-modules/allop/allop.c servers/slapd/overlays
+mv contrib/slapd-modules/allop/README contrib/slapd-modules/allop/README.allop
+mv contrib/slapd-modules/allop/slapo-allop.5 doc/man/man5/slapo-allop.5
+
+mv servers/slapd/back-perl/README{,.back_perl}
+
+# fix documentation encoding
+for filename in doc/drafts/draft-ietf-ldapext-acl-model-xx.txt; do
+	iconv -f iso-8859-1 -t utf-8 "$filename" > "$filename.utf8"
+	mv "$filename.utf8" "$filename"
+done
+
+popd
+
+pushd ltb-project-openldap-ppolicy-check-password-%{check_password_version}
+%patch90 -p1
+%patch91 -p1
+popd
+
+
+%build
+export CFLAGS="-fpie %{optflags} -Wl,-z,relro,-z,now,--as-needed -DLDAP_CONNECTIONLESS -DLDAP_USE_NON_BLOCKING_TLS"
+export LDFLAGS="-pie"
+
+pushd openldap-%{version}
+%configure \
+	--enable-debug \
+	--enable-dynamic \
+	\
+	--enable-slapd=no \
+	\
+	--disable-static \
+	\
+	--with-cyrus-sasl \
+	--without-fetch \
+	--with-threads \
+	--with-pic \
+	--with-gnu-ld \
+	\
+	--libexecdir=%{_libdir}
+
+make %{_smp_mflags}
+popd
+
+
+%install
+[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
+mkdir -p %{buildroot}%{_libdir}/
+
+pushd openldap-%{version}
+make install DESTDIR=%{buildroot} STRIP=""
+popd
+
+rm -rf %{buildroot}%{_sysconfdir}/openldap
+
+# tweak permissions on the libraries to make sure they're correct
+chmod 0755 %{buildroot}%{_libdir}/lib*.so*
+chmod 0644 %{buildroot}%{_libdir}/lib*.*a
+
+# remove files which we don't want packaged
+rm -f %{buildroot}%{_libdir}/*.la  # because we do not want files in %{_libdir}/openldap/ removed, yet
+
+
+%clean 
+rm -rf $RPM_BUILD_ROOT
+
+
+%files
+%defattr(-,root,root)
+%license openldap-%{version}/{COPYRIGHT,LICENSE}
+%doc openldap-%{version}/{ANNOUNCEMENT,CHANGES,README}
+%{_libdir}/liblber-2.4*.so.*
+%{_libdir}/libldap-2.4*.so.*
+%{_libdir}/libldap_r-2.4*.so.*
+%exclude %{_libdir}/*.so
+%exclude %{_bindir}
+%exclude %{_mandir}
+%exclude %{_includedir}
+
+## to build compat32 for x86_64 architecture support
+%if %{build_compat32}
+%files -n compat32-%{name}
+%defattr(-,root,root)
+%{_libdir}/libl*-2.4*.so.*
+%endif
+
+
+%changelog
+* Fri Nov 11 2022 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.59-3
+- transitional build.
+
+* Sun Nov 21 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.59-2
+- rebuilt with perl-5.34.0.
+
+* Tue Oct 05 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.59-1
+- new upstream release.
+- built with openssl-3.0.0.
+- imported Patch50-64 from rawhide.
+
+* Thu Jun 03 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.58-1
+- new upstream release.
+- dropped ldconfig scriptlets.
+- dropped Patch2000: fixed in upstream.
+
+* Thu Mar 04 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.57-2
+- imported Patch2000 from rawhide to fix CVE-2021-27212.
+
+* Sat Jan 30 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.57-1
+- new upstream release.
+
+* Sat Dec 12 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.56-1
+- new upstream release.
+
+* Sun Sep 13 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.53-1
+- new upstream release.
+- added systemd support (disabled as default).
+
+* Sat May 18 2019 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.46-3
+- rebuilt with perl-5.26.
+
+* Mon May 13 2019 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.46-2
+- added BR:libxcrypt-devel.
+- added BR:libnsl2-devel.
+- gdbm is no longer needed.
+
+* Fri Nov 02 2018 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.46-1
+- new upstream release.
+- rebuilt with openssl-1.1.1.
+- dropped too old MigrationTools.
+- dropped all patches and imported from rawhide.
+
+* Mon Mar 14 2016 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.4.44-1
+- new upstream release and built with openssl 1.0.2g
+- update patch0
+- drop patch1000,1001 (are included in new release)
+
+* Fri Mar 6 2015 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.40-2
+- added patch1000,1001 to fix CVE-2015-1545,1546.
+
+* Sat Feb 28 2015 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.40-1
+- new upstream release.
+
+* Fri Feb 27 2015 Ryoichi INAGAKI <ryo1@toki.waseda.jp> 2.4.23-6
+- add patch1146 for fix CVE-2013-4449
+
+* Tue Dec 16 2014 Ryoichi INAGAKI <ryo1@toki.waseda.jp> 2.4.23-5
+- added Patch700 to build with libdb 5.3.28
+
+* Thu Jan  9 2014 IWAI, Masaharu <iwaim.sub@gmail.com> 2.4.23-4
+- build with cyrus-sasl 2.1.26
+
+* Sun Dec  9 2012 IWAI, Masaharu <iwai@alib.jp> 2.4.23-3
+- SECURITY FIX, #2501
+ - patches from CentOS 6.3; openldap 2.4.23-26.el6_3.2
+  - CVE-2011-1024: add openldap-cve-ppolicy-forward-updates.patch (Patch1112)
+  - CVE-2011-1025: add openldap-cve-ndb-bind-rootdn.patch (Patch1113)
+  - CVE-2012-1164: add openldap-cve-relay-rwm-translucent.patch (Patch1141)
+  - CVE-2012-2668: add openldap-cve-nss-cipher-suite-ignored.patch (Patch1144)
+ - patch based CentOS 6.3; openldap 2.4.23-26.el6_3.2
+  - CVE-2012-2668: add openldap-cve-nss-default-cipher-suite-always-selected.patch (Patch1145)
+- fix document file path for servers sub package
+
+* Sat Apr  9 2011 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.4.23-2
+- added --with-odbc=unixodbc to configure
+
+* Wed Apr  6 2011 IWAI, Masaharu <iwai@alib.jp> 2.4.23-1
+- new upstream release
+- update MigrationTools 47
+
+* Wed Jan 12 2011 Yoji TOYODA <bsyamato@sea.plala.or.jp> - 2.4.21-5
+- change %%define __perl_requires instead of __find_requires
+
+* Tue Jan 11 2011 Yoji TOYODA <bsyamato@sea.plala.or.jp> - 2.4.21-4
+- rebuild with openssl-1.0.0c
+
+* Fri Feb 12 2010 MATSUBAYASHI Kohji <shaolin@vinelinux.org> - 2.4.21-3
+- rebuilt with gcc-4.4.3-3 on ppc
+
+* Fri Feb  5 2010 MATSUBAYASHI Kohji <shaolin@vinelinux.org> - 2.4.21-2
+- rebuilt with rpm-4.8.0-3 (on ppc)
+
+* Tue Feb 02 2010 Daisuke SUZUKI <daisuke@linux.or.jp> 2.4.21-1
+- new upstream release
+- rebuild with db4-4.8.0
+- use Requires(post/pre) instead of Prereq
+
+* Sun Dec 20 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.4.16-4
+- rebuild
+
+* Tue Nov  3 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.4.16-3
+- add BuildConflicts: libicu-devel
+
+* Mon Nov  2 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.4.16-2
+- add Patch1000 for fix CVE-2009-3767 (openssl null char)
+- add --with-gssapi into configure
+- drop --without-kerberos (it is old configure option)
+
+* Wed Aug 05 2009 NAKAMURA Kenta <kenta@vinelinux.org> 2.4.16-1
+- new upstream release
+
+* Sun Jul 05 2009 Munehiro Yamamoto <munepi@cg8.so-net.ne.jp> 2.4.11-6
+- dropped compat32-%%{name}-servers-sql
+
+* Sat Jul 04 2009 Munehiro Yamamoto <munepi@cg8.so-net.ne.jp> 2.4.11-5
+- added compat32 subpackages
+
+* Wed Apr 15 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 2.4.11-4
+- rebuild with libtool-2.2.6a
+
+* Sat Apr 04 2009 NAKAMURA Kenta <kenta@vinelinux.org> 2.4.11-3
+- use filter-requires-openldap.sh instead of find-requires
+
+* Wed Apr 01 2009 NAKAMURA Kenta <kenta@vinelinux.org> 2.4.11-2
+- reverted a scriptlet that dropped in 2.3.24-0vl4
+
+* Sun Mar 01 2009 NAKAMURA Kenta <kenta@vinelinux.org> 2.4.11-1
+- new upstream release
+- applied patches from fedora's package (openldap-2.4.12-1)
+
+* Sun Mar 30 2008 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.3.41-1vl5
+- updated to 2.3.41 (Patch10 and 11 were merged into upstream)
+
+* Fri May 18 2007 Daisuke SUZUKI <daisuke@linux.or.jp> 2.3.27-0vl5
+- rebuild with new openssl
+
+* Sat May 12 2007 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.3.27-0vl4
+- rebuilt with new toolchain/bdb 4.3
+
+* Tue Dec 26 2006 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.3.27-0vl3
+- rebuilt for VineSeed
+
+* Thu Dec 21 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.3.27-0vl2.3
+- add Vendor/Distribution tag
+
+* Wed Dec 13 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.3.27-0vl2.2
+- add patch11 for fix krbv4_ldap_auth issue
+
+* Fri Nov 24 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.3.27-0vl2.1
+- add patch10 for fix CVE-2006-5779
+
+* Sun Sep 03 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.27-0vl2
+- use filter-requires-openldap.sh instead of find-requires
+
+* Sun Aug 27 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.27-0vl1
+- new upstream release
+
+* Sat Aug 26 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.24-0vl4
+- restored rfc822-MailMember.schema
+- update config.patch
+- removed a scriptlet that save and restore the database
+
+* Sat Aug 19 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.24-0vl3
+- removed internal bdb
+- removed autoconf-2.13.1 and automake-1.4a
+
+* Tue Jul 11 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.24-0vl2
+- removed compat-openldap subpackage
+
+* Sun Jul 02 2006 Satoshi MACHINO <machino@vinelinux.org> 2.3.24-0vl1
+- New upstream release
+- merged to fedora's package(openldap-2.3.24-2)
+	-- build sql backend as a loadable module
+	-- move ucdata to the -servers subpackage where it belongs
+	-- add compat-openldap subpackage
+	-- update administrator guide
+	-- build a separate, static set of libraries for openldap-devel with the
+	   non-standard ntlm bind patch applied, for use by 
+	   the evolution-connector package (#125579), and installing them under
+	   %%{evolution_connector_prefix} (%{evolution_connector_prefix})
+	-- add libtool-ltdl-devel buildprereqs
+	-- Upgrade internal bdb to db-4.4.20.  For a clean upgrade, this will
+	   require that users slapcat their databases into a temp file, move
+	   /var/lib/ldap someplace safe, upgrade the openldap rpms, then
+	   slapadd the temp file.
+	-- fix ldap.init
+	-- add two upstream patches for db-4.4.20
+
+* Wed Nov  2 2005 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.1.30-0vl2
+- rebuild for VineSeed Plus
+- added Japanese summary
+
+* Sat Apr 17 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.30-0vl1
+- new upstream version (openldap-2.1.30)
+	-- Fixed slapd userdb checkpass bub (ITS#3048)
+	-- Fixed back-ldbm IDL delete bug (ITS#3048)
+	-- Fixed libldap schema parsing bug (ITS#2920, ITS#3065)
+	-- Fixed liblutil NS MTA MD5 passwd len bug (ITS#2899)
+	-- Removed lint (ITS#3086)
+	-- Documentation updated slapd.conf(5) manpage (ITS#2525)
+
+* Thu Apr 08 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.29-0vl2
+- fixed ldap.ini
+
+* Sun Mar 28 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.29-0vl1
+- new upstream version (openldap-2.1.29)
+
+* Wed Mar 24 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.28-0vl1
+- new upstream version (openldap-2.1.28)
+
+* Mon Mar 22 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.27-0vl1
+- new upstream version (openldap-2.1.27)
+
+* Sat Jan 24 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.26-0vl1
+- new upstream version (openldap-2.1.26)
+- don't use libtool in make
+
+* Sun Oct 26 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.23-0vl1
+- new upstream version (openldap-2.1.23)
+- updated migration tools to version 45 
+- used libtool
+
+* Sun Jul 20 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.22-0vl2
+- for VineSeedPlus
+- fixed BuildPreReq
+
+* Sat Jul 19 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.22-0vl1
+- for VinePlus
+- new upstream version (openldap-2.1.22)
+
+* Thu May 29 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.21-0vl1
+- new upstream version (openldap-2.1.21)
+
+* Tue May 20 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.20-0vl1
+- new upstream version
+
+* Thu May 15 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.19-1vl1
+- new upstream version
+- merged spec file to 2.1.19-1
+	-- switch to db with crypto
+	-- install the db utils for the bundled libdb as %%{_sbindir}/slapd_db_*
+	-- install slapcat/slapadd from 2.0.x for migration purposes
+
+* Mon Jan 27 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.12-0vl1
+- updated to openldap-2.1.12
+	-- dropped ldapfriendly
+
+* Fri Sep 06 2002 Satoshi MACHINO <machino@vinelinux.org> 2.1.4-0vl1
+- updated to openldap-2.1.4
+- updated guide.html
+
+* Fri Sep 06 2002 Satoshi MACHINO <machino@vinelinux.org> 2.1.3-4vl1
+- updated to openldap-2.1.3
+- added db-4.0.14
+- updated migration tools to version 44
+- merged openldap-2.1.3-4
+	-- updated patch0, patch1, patch3 and patch6 
+	-- dropped patch7 and patch10
+	-- enable the ldbm/berkeley backend as well
+	-- use an ldbm/berkeley database as the default
+	-- don't install slapadd-gdbm
+	-- allow ldapv2 binds by default
+	-- set TLS_CACERTFILE in the default ldap.conf file
+
+* Tue Jun 11 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.25-0vl1
+- updated to openldap-2.0.25
+
+* Mon Jun 10 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.24-0vl1
+- updated to openldap-2.0.24
+- updated migration tools to version 40
+- dropped autoconf source
+- dropped some patches
+
+* Sat Feb 16 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.23-0vl1
+- updated openldap-2.0.23
+
+* Wed Feb 06 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.22-0vl1
+- updated openldap-2.0.22
+
+* Mon Jan 21 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.21-0vl1
+- updated openldap-2.0.21
+
+* Wed Nov 07 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.18-0vl1
+- updated openldap-2.0.18
+
+* Sun Oct 14 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.17-0vl1
+- updated openldap-2.0.17
+- updated MigrationTools-38-instdir.patch
+- updated openldap-2.0.17-config.patch
+- removed openldap-2.0.3-krb5-1.1.patch
+
+* Sat Sep 22 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.14-1vl1
+- update to migration tools 39
+- removed patch libtool.patch and linkage.patch
+ 
+* Wed Sep 19 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.14-0vl0
+- updated openldap-2.0.14
+
+* Mon Jul 16 2001 MATSUBAYASHI 'Shaolin' Kohji <shaolin@vinelinux.org>
+- 2.0.11-0vl2
+- rebuilt with openssl-0.9.6b
+
+* Sun May 27 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.11-0vl1
+- updated
+
+* Thu Apr 12 2001 Akira TAGOH <tagoh@gnome.gr.jp> 2.0.7-14vl3
+- Fixed resolve libraries path.
+
+* Wed Apr 11 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.7-14vl2
+- added openldap-2.0.7-config-vine.patch
+- removed openldap-2.0.7-config.patch
+
+* Tue Apr 10 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.7-14vl1
+- merged Rawhide's OpenLDAP Package
+    back out pidfile patches, which interact weirdly with Linux threads
+    mark non-standard schema as such by moving them to a different directory
+    update to MigrationTools 36, adds netgroup support
+    fix thinko in that last patch
+    try to work around some buffering problems
+    gettextize the init script
+    move the RFCs to the base package (#21701)
+    add support for additional OPTIONS, SLAPD_OPTIONS, and SLURPD_OPTIONS in
+    a /etc/sysconfig/ldap file (#23549)
+    change automount object OID from 1.3.6.1.1.1.2.9 to 1.3.6.1.1.1.2.13,
+    per mail from the ldap-nis mailing list
+    force -fPIC so that shared libraries don't fall over
+    add Norbert Klasen's patch (via Del) to fix searches using ldaps URLs
+     (OpenLDAP ITS #889)
+    add "-h ldaps:///" to server init when TLS is enabled, in order to support
+    ldaps in addition to the regular STARTTLS (suggested by Del)
+    correct mismatched-dn-cn bug in migrate_automount.pl
+    update to the correct OIDs for automount and automountInformation
+    add notes on upgrading
+    
+* Sat Nov 25 2000 Satoshi MACHINO <machino@vinelinux.org> 2.0.7-1vl2
+- fixed VersionedDependencies to used _noVersionedDependencies 1 in .rpmmacros
+
+* Sat Nov 18 2000 MACHINO, satoshi <machino@vinelinux.org> 2.0.7-1vl1
+- build for Vine Linux
+- removed kerberos
+- fixed config dir
+- fixed _sysconfdir
+
+* Tue Nov  7 2000 Nalin Dahyabhai <nalin@redhat.com>
+- update to 2.0.7
+- drop chdir patch (went mainstream)
+
+* Thu Nov  2 2000 Nalin Dahyabhai <nalin@redhat.com>
+- change automount object classes from auxiliary to structural
+
+* Tue Oct 31 2000 Nalin Dahyabhai <nalin@redhat.com>
+- update to Migration Tools 27
+- change the sense of the last simple patch
+
+* Wed Oct 25 2000 Nalin Dahyabhai <nalin@redhat.com>
+- reorganize the patch list to separate MigrationTools and OpenLDAP patches
+- switch to Luke Howard's rfc822MailMember schema instead of the aliases.schema
+- configure slapd to run as the non-root user "ldap" (#19370)
+- chdir() before chroot() (we don't use chroot, though) (#19369)
+- disable saving of the pid file because the parent thread which saves it and
+  the child thread which listens have different pids
+
+* Wed Oct 11 2000 Nalin Dahyabhai <nalin@redhat.com>
+- add missing required attributes to conversion scripts to comply with schema
+- add schema for mail aliases, autofs, and kerberosSecurityObject rooted in
+  our own OID tree to define attributes and classes migration scripts expect
+- tweak automounter migration script
+
+* Mon Oct  9 2000 Nalin Dahyabhai <nalin@redhat.com>
+- try adding the suffix first when doing online migrations
+- force ldapadd to use simple authentication in migration scripts
+- add indexing of a few attributes to the default configuration
+- add commented-out section on using TLS to default configuration
+
+* Thu Oct  5 2000 Nalin Dahyabhai <nalin@redhat.com>
+- update to 2.0.6
+- add buildprereq on cyrus-sasl-devel, krb5-devel, openssl-devel
+- take the -s flag off of slapadd invocations in migration tools
+- add the cosine.schema to the default server config, needed by inetorgperson
+
+* Wed Oct  4 2000 Nalin Dahyabhai <nalin@redhat.com>
+- add the nis.schema and inetorgperson.schema to the default server config
+- make ldapadd a hard link to ldapmodify because they're identical binaries
+
+* Fri Sep 22 2000 Nalin Dahyabhai <nalin@redhat.com>
+- update to 2.0.4
+
+* Fri Sep 15 2000 Nalin Dahyabhai <nalin@redhat.com>
+- remove prereq on /etc/init.d (#17531)
+- update to 2.0.3
+- add saucer to the included clients
+
+* Wed Sep  6 2000 Nalin Dahyabhai <nalin@redhat.com>
+- update to 2.0.1
+
+* Fri Sep  1 2000 Nalin Dahyabhai <nalin@redhat.com>
+- update to 2.0.0
+- patch to build against MIT Kerberos 1.1 and later instead of 1.0.x
+
+* Tue Aug 22 2000 Nalin Dahyabhai <nalin@redhat.com>
+- remove that pesky default password
+- change "Copyright:" to "License:"
+
+* Sun Aug 13 2000 Nalin Dahyabhai <nalin@redhat.com>
+- adjust permissions in files lists
+- move libexecdir from %%{_prefix}/sbin to %%{_sbindir}
+
+* Fri Aug 11 2000 Nalin Dahyabhai <nalin@redhat.com>
+- add migrate_automount.pl to the migration scripts set
+
+* Tue Aug  8 2000 Nalin Dahyabhai <nalin@redhat.com>
+- build a semistatic slurpd with threads, everything else without
+- disable reverse lookups, per email on OpenLDAP mailing lists
+- make sure the execute bits are set on the shared libraries
+
+* Mon Jul 31 2000 Nalin Dahyabhai <nalin@redhat.com>
+- change logging facility used from local4 to daemon (#11047)
+
+* Thu Jul 27 2000 Nalin Dahyabhai <nalin@redhat.com>
+- split off clients and servers to shrink down the package and remove the
+  base package's dependency on Perl
+- make certain that the binaries have sane permissions
+
+* Mon Jul 17 2000 Nalin Dahyabhai <nalin@redhat.com>
+- move the init script back
+
+* Thu Jul 13 2000 Nalin Dahyabhai <nalin@redhat.com>
+- tweak the init script to only source /etc/sysconfig/network if it's found
+
+* Wed Jul 12 2000 Prospector <bugzilla@redhat.com>
+- automatic rebuild
+
+* Mon Jul 10 2000 Nalin Dahyabhai <nalin@redhat.com>
+- switch to gdbm; I'm getting off the db merry-go-round
+- tweak the init script some more
+- add instdir to @INC in migration scripts
+
+* Thu Jul  6 2000 Nalin Dahyabhai <nalin@redhat.com>
+- tweak init script to return error codes properly
+- change initscripts dependency to one on /etc/init.d
+
+* Tue Jul  4 2000 Nalin Dahyabhai <nalin@redhat.com>
+- prereq initscripts
+- make migration scripts use mktemp
+
+* Tue Jun 27 2000 Nalin Dahyabhai <nalin@redhat.com>
+- do condrestart in post and stop in preun
+- move init script to /etc/init.d
+
+* Fri Jun 16 2000 Nalin Dahyabhai <nalin@redhat.com>
+- update to 1.2.11
+- add condrestart logic to init script
+- munge migration scripts so that you don't have to be 
+  /usr/share/openldap/migration to run them
+- add code to create pid files in /var/run
+
+* Mon Jun  5 2000 Nalin Dahyabhai <nalin@redhat.com>
+- FHS tweaks
+- fix for compiling with libdb2
+
+* Thu May  4 2000 Bill Nottingham <notting@redhat.com>
+- minor tweak so it builds on ia64
+
+* Wed May  3 2000 Nalin Dahyabhai <nalin@redhat.com>
+- more minimalistic fix for bug #11111 after consultation with OpenLDAP team
+- backport replacement for the ldapuser patch
+
+* Tue May  2 2000 Nalin Dahyabhai <nalin@redhat.com>
+- fix segfaults from queries with commas in them in in.xfingerd (bug #11111)
+
+* Tue Apr 25 2000 Nalin Dahyabhai <nalin@redhat.com>
+- update to 1.2.10
+- add revamped version of patch from kos@bastard.net to allow execution as
+  any non-root user
+- remove test suite from %%build because of weirdness in the build system
+
+* Wed Apr 12 2000 Nalin Dahyabhai <nalin@redhat.com>
+- move the defaults for databases and whatnot to /var/lib/ldap (bug #10714)
+- fix some possible string-handling problems
+
+* Mon Feb 14 2000 Bill Nottingham <notting@redhat.com>
+- start earlier, stop later.
+
+* Thu Feb  3 2000 Nalin Dahyabhai <nalin@redhat.com>
+- auto rebuild in new environment (release 4)
+
+* Tue Feb  1 2000 Nalin Dahyabhai <nalin@redhat.com>
+- add -D_REENTRANT to make threaded stuff more stable, even though it looks
+  like the sources define it, too
+- mark *.ph files in migration tools as config files
+
+* Fri Jan 21 2000 Nalin Dahyabhai <nalin@redhat.com>
+- update to 1.2.9
+
+* Mon Sep 13 1999 Bill Nottingham <notting@redhat.com>
+- strip files
+
+* Sat Sep 11 1999 Bill Nottingham <notting@redhat.com>
+- update to 1.2.7
+- fix some bugs from bugzilla (#4885, #4887, #4888, #4967)
+- take include files out of base package
+
+* Fri Aug 27 1999 Jeff Johnson <jbj@redhat.com>
+- missing ;; in init script reload) (#4734).
+
+* Tue Aug 24 1999 Cristian Gafton <gafton@redhat.com>
+- move stuff from /usr/libexec to /usr/sbin
+- relocate config dirs to /etc/openldap
+
+* Mon Aug 16 1999 Bill Nottingham <notting@redhat.com>
+- initscript munging
+
+* Wed Aug 11 1999 Cristian Gafton <gafton@redhat.com>
+- add the migration tools to the package
+
+* Fri Aug 06 1999 Cristian Gafton <gafton@redhat.com>
+- upgrade to 1.2.6
+- add rc.d script
+- split -devel package
+
+* Sun Feb 07 1999 Preston Brown <pbrown@redhat.com>
+- upgrade to latest stable (1.1.4), it now uses configure macro.
+
+* Fri Jan 15 1999 Bill Nottingham <notting@redhat.com>
+- build on arm, glibc2.1
+
+* Wed Oct 28 1998 Preston Brown <pbrown@redhat.com>
+- initial cut.
+- patches for signal handling on the alpha