aboutsummaryrefslogtreecommitdiff
path: root/net/nss-pam-ldapd
diff options
context:
space:
mode:
authorChris Rees <crees@FreeBSD.org>2012-04-01 17:04:27 +0000
committerChris Rees <crees@FreeBSD.org>2012-04-01 17:04:27 +0000
commitd43ec355ddbc11640ceeea7bd05bdc72208086f5 (patch)
tree71f873f6e4dee39b0e9f1d5af359b23d29a71c65 /net/nss-pam-ldapd
parent46a770e8fc44234266f094c12dd53ab30e96b28a (diff)
downloadports-d43ec355ddbc11640ceeea7bd05bdc72208086f5.tar.gz
ports-d43ec355ddbc11640ceeea7bd05bdc72208086f5.zip
Notes
Diffstat (limited to 'net/nss-pam-ldapd')
-rw-r--r--net/nss-pam-ldapd/Makefile30
-rw-r--r--net/nss-pam-ldapd/distinfo4
-rw-r--r--net/nss-pam-ldapd/files/nslcd.in23
-rw-r--r--net/nss-pam-ldapd/files/patch-Makefile.in15
-rw-r--r--net/nss-pam-ldapd/files/patch-nslcd.conf13
-rw-r--r--net/nss-pam-ldapd/files/patch-nss__bsdnss.c237
-rw-r--r--net/nss-pam-ldapd/files/patch-nss__prototypes.h16
-rw-r--r--net/nss-pam-ldapd/files/patch-nss_ldap.map30
-rw-r--r--net/nss-pam-ldapd/files/patch-pam__makefile.in12
-rw-r--r--net/nss-pam-ldapd/files/patch-r162650
-rw-r--r--net/nss-pam-ldapd/files/patch-r163121
-rw-r--r--net/nss-pam-ldapd/files/rtld_nss__nslcd.c20
-rw-r--r--net/nss-pam-ldapd/pkg-plist2
13 files changed, 135 insertions, 338 deletions
diff --git a/net/nss-pam-ldapd/Makefile b/net/nss-pam-ldapd/Makefile
index 0d09887633f4..5c043166c329 100644
--- a/net/nss-pam-ldapd/Makefile
+++ b/net/nss-pam-ldapd/Makefile
@@ -6,13 +6,12 @@
#
PORTNAME= nss-pam-ldapd
-PORTVERSION= 0.7.13
-PORTREVISION= 2
+PORTVERSION= 0.8.6
CATEGORIES= net
MASTER_SITES= http://arthurdejong.org/nss-pam-ldapd/ \
http://static.ipfw.ru/files/
-MAINTAINER= melifaro@ipfw.ru
+MAINTAINER= rflynn@acsalaska.net
COMMENT= Advanced fork of nss_ldap
LICENSE= LGPL21 LGPL3
@@ -22,6 +21,8 @@ GNU_CONFIGURE= yes
USE_GMAKE= yes
USE_OPENLDAP= yes
USE_RC_SUBR= nslcd
+PAM_LDAP_SHMAJOR= 1
+NSS_LDAP_SHMAJOR= 1
NSLCD_PIDFILE?= /var/run/nslcd.pid
NSLCD_SOCKET?= /var/run/nslcd.ctl
@@ -32,11 +33,7 @@ OPTIONS= SASL "Enable SASL" off \
USERS= nslcd
GROUPS= nslcd
-.include <bsd.port.pre.mk>
-
-.if ${OSVERSION} < 800000
-EXTRA_PATCHES+= ${FILESDIR}/rtld_nss__nslcd.c
-.endif
+.include <bsd.port.options.mk>
CPPFLAGS+= -I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
@@ -44,7 +41,7 @@ LDFLAGS+= -L${LOCALBASE}/lib
CONFIGURE_ARGS+= --with-nslcd-pidfile=${NSLCD_PIDFILE} \
--with-nslcd-socket=${NSLCD_SOCKET} \
--with-ldap-lib=openldap --disable-kerberos \
- --with-nss-ldap-soname=nss_ldap.so.1
+ --with-nss-ldap-soname=nss_ldap.so.${NSS_LDAP_SHMAJOR}
CONFIG_FILE= "nslcd.conf"
CONFIGURE_ARGS+= --with-ldap-conf-file=${PREFIX}/etc/${CONFIG_FILE}
@@ -58,7 +55,9 @@ CONFIGURE_ARGS+= --disable-sasl
.endif
.if defined(WITH_PAM)
-CONFIGURE_ARGS+= --enable-pam
+CONFIGURE_ARGS+= --enable-pam \
+ --with-pam-seclib-dir=${PREFIX}/lib \
+ --with-pam-ldap-soname=pam_ldap.so.${PAM_LDAP_SHMAJOR}
MAN8+= pam_ldap.8
CONFLICTS+= pam_ldap-1.*
PLIST_SUB+= PAM=""
@@ -88,12 +87,19 @@ MAN8+= nslcd.8
post-extract:
@${REINPLACE_CMD} -e 's/\(INSTALL_\)\(.*\)) -D /\1\2) /' ${WRKSRC}/Makefile.in ${WRKSRC}/nss/Makefile.in
- @${REINPLACE_CMD} -e 's/shadow.$$(OBJEXT)/shadow.$$(OBJEXT) bsdnss.$$(OBJEXT)/;s/shadow\.c/shadow.c bsdnss.c/' ${WRKSRC}/nss/Makefile.in
post-configure:
${REINPLACE_CMD} -e 's/^\(CFLAGS.*\) \-O2 \(.*\)$$/\1 -O0 \2/' ${WRKSRC}/nss/Makefile
post-install:
+.if !defined(WITHOUT_NSS)
+ @cd ${PREFIX}/lib && ${LN} -fs nss_ldap.so.${NSS_LDAP_SHMAJOR} \
+ nss_ldap.so
+.endif
+.if !defined(WITHOUT_PAM)
+ @cd ${PREFIX}/lib && ${LN} -fs pam_ldap.so.${PAM_LDAP_SHMAJOR} \
+ pam_ldap.so
+.endif
@${ECHO_MSG}
@${ECHO_MSG} =====================================================================
@${ECHO_MSG}
@@ -108,4 +114,4 @@ post-install:
@${ECHO_MSG} =====================================================================
@${ECHO_MSG}
-.include <bsd.port.post.mk>
+.include <bsd.port.mk>
diff --git a/net/nss-pam-ldapd/distinfo b/net/nss-pam-ldapd/distinfo
index c1838bd0caa0..807723896258 100644
--- a/net/nss-pam-ldapd/distinfo
+++ b/net/nss-pam-ldapd/distinfo
@@ -1,2 +1,2 @@
-SHA256 (nss-pam-ldapd-0.7.13.tar.gz) = 1bdba144669ac3220162d59bafe5ba4f83404f520bc9ead58b179745c82b8d4a
-SIZE (nss-pam-ldapd-0.7.13.tar.gz) = 478944
+SHA256 (nss-pam-ldapd-0.8.6.tar.gz) = 549f58c83c18ce8017f546138414e831b255a6edc5dfd8ff141aef52d94f25df
+SIZE (nss-pam-ldapd-0.8.6.tar.gz) = 466292
diff --git a/net/nss-pam-ldapd/files/nslcd.in b/net/nss-pam-ldapd/files/nslcd.in
index ab316ef0dcbf..dffad8c63cf2 100644
--- a/net/nss-pam-ldapd/files/nslcd.in
+++ b/net/nss-pam-ldapd/files/nslcd.in
@@ -10,16 +10,32 @@
#
# nslcd_enable="YES"
#
-
-nslcd_enable=${nslcd_enable-"NO"}
+# Optional:
+# nslcd_debug="NO" - start nslcd in debugging mode (does not daemonize).
+#
. /etc/rc.subr
name=nslcd
rcvar=nslcd_enable
+load_rc_config ${name}
+
+: ${nslcd_enable="NO"}
+: ${nslcd_debug="NO"}
+
+command="%%PREFIX%%/sbin/${name}"
+pidfile="/var/run/${name}.pid"
+start_precmd="nslcd_prestart"
start_postcmd="nslcd_poststart"
+nslcd_prestart () {
+ if checkyesno nslcd_debug
+ then
+ command_args="-d"
+ fi
+}
+
nslcd_poststart () {
until $(%%PREFIX%%/sbin/${name} -c); do
echo " Waiting for nslcd to start"
@@ -27,8 +43,5 @@ nslcd_poststart () {
done
}
-command="%%PREFIX%%/sbin/${name}"
-pidfile="/var/run/${name}.pid"
-load_rc_config ${name}
run_rc_command "$1"
diff --git a/net/nss-pam-ldapd/files/patch-Makefile.in b/net/nss-pam-ldapd/files/patch-Makefile.in
index 2cb1ca59ac33..dfe7831c293f 100644
--- a/net/nss-pam-ldapd/files/patch-Makefile.in
+++ b/net/nss-pam-ldapd/files/patch-Makefile.in
@@ -1,18 +1,19 @@
---- Makefile.in.orig 2010-06-29 23:25:51.000000000 +0400
-+++ Makefile.in 2010-06-29 23:26:53.000000000 +0400
-@@ -759,13 +759,14 @@
+--- Makefile.in.orig 2012-03-02 12:50:47.000000000 -0900
++++ Makefile.in 2012-03-02 13:01:13.000000000 -0900
+@@ -774,6 +774,7 @@
# install a default configuration file if it is not already there
install-nslcd_conf:
-+ $(INSTALL_DATA) $(srcdir)/nslcd.conf $(DESTDIR)$(NSLCD_CONF_PATH).sample
++ $(INSTALL_DATA) $(srcdir)/nslcd.conf $(DESTDIR)/$(NSLCD_CONF_PATH).sample
@if [ -f $(DESTDIR)$(NSLCD_CONF_PATH) ]; then \
echo "$(DESTDIR)$(NSLCD_CONF_PATH) already exists, install will not overwrite"; \
else \
- $(INSTALL_DATA) $(srcdir)/nslcd.conf $(DESTDIR)$(NSLCD_CONF_PATH) || true; \
+@@ -781,7 +782,7 @@
+ $(INSTALL_DATA) $(srcdir)/nslcd.conf $(DESTDIR)$(NSLCD_CONF_PATH); \
fi
uninstall-nslcd_conf:
- -rm -f $(DESTDIR)$(NSLCD_CONF_PATH)
+ -rm -f $(DESTDIR)$(NSLCD_CONF_PATH).sample
- # target for easily creating a Debian package
- # the find is an ugly hack to fix a bug if being built on an nfs filesystem
+ # fix permissions before distributing
+ dist-hook:
diff --git a/net/nss-pam-ldapd/files/patch-nslcd.conf b/net/nss-pam-ldapd/files/patch-nslcd.conf
deleted file mode 100644
index 4c2a5b05b461..000000000000
--- a/net/nss-pam-ldapd/files/patch-nslcd.conf
+++ /dev/null
@@ -1,13 +0,0 @@
---- nslcd.conf.orig 2010-04-29 07:44:58.355014955 -0500
-+++ nslcd.conf 2010-04-29 07:45:10.741047860 -0500
-@@ -4,6 +4,10 @@
- # information in the directory.
- # See the manual page nslcd.conf(5) for more information.
-
-+# The underprivileged user and group used for running the daemon.
-+uid nslcd
-+gid nslcd
-+
- # The uri pointing to the LDAP server to use for name lookups.
- # Multiple entries may be specified. The address that is used
- # here should be resolvable without using LDAP (obviously).
diff --git a/net/nss-pam-ldapd/files/patch-nss__bsdnss.c b/net/nss-pam-ldapd/files/patch-nss__bsdnss.c
deleted file mode 100644
index ef5b920bdb72..000000000000
--- a/net/nss-pam-ldapd/files/patch-nss__bsdnss.c
+++ /dev/null
@@ -1,237 +0,0 @@
---- /dev/null 2011-01-14 20:44:13.000000000 +0000
-+++ nss/bsdnss.c 2011-01-14 20:33:39.000000000 +0000
-@@ -0,0 +1,234 @@
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <errno.h>
-+#include <sys/param.h>
-+#include <netinet/in.h>
-+#include <pwd.h>
-+#include <grp.h>
-+#include <nss.h>
-+#include <nsswitch.h>
-+#include <netdb.h>
-+
-+#define BUFFER_SIZE 1024
-+
-+extern enum nss_status _nss_ldap_getgrent_r(struct group *, char *, size_t,
-+ int *);
-+extern enum nss_status _nss_ldap_getgrnam_r(const char *, struct group *,
-+ char *, size_t, int *);
-+extern enum nss_status _nss_ldap_getgrgid_r(gid_t gid, struct group *, char *,
-+ size_t, int *);
-+extern enum nss_status _nss_ldap_setgrent(void);
-+extern enum nss_status _nss_ldap_endgrent(void);
-+
-+extern enum nss_status _nss_ldap_getpwent_r(struct passwd *, char *, size_t,
-+ int *);
-+extern enum nss_status _nss_ldap_getpwnam_r(const char *, struct passwd *,
-+ char *, size_t, int *);
-+extern enum nss_status _nss_ldap_getpwuid_r(gid_t gid, struct passwd *, char *,
-+ size_t, int *);
-+extern enum nss_status _nss_ldap_setpwent(void);
-+extern enum nss_status _nss_ldap_endpwent(void);
-+
-+extern enum nss_status _nss_ldap_gethostbyname_r (const char *name, struct hostent * result,
-+ char *buffer, size_t buflen, int *errnop,
-+ int *h_errnop);
-+
-+extern enum nss_status _nss_ldap_gethostbyname2_r (const char *name, int af, struct hostent * result,
-+ char *buffer, size_t buflen, int *errnop,
-+ int *h_errnop);
-+extern enum nss_status _nss_ldap_gethostbyaddr_r (struct in_addr * addr, int len, int type,
-+ struct hostent * result, char *buffer,
-+ size_t buflen, int *errnop, int *h_errnop);
-+extern enum nss_status _nss_ldap_initgroups_dyn(const char *, gid_t, long int *,
-+ long int *, gid_t **, long int, int *);
-+
-+NSS_METHOD_PROTOTYPE(__nss_compat_getgrnam_r);
-+NSS_METHOD_PROTOTYPE(__nss_compat_getgrgid_r);
-+NSS_METHOD_PROTOTYPE(__nss_compat_getgrent_r);
-+NSS_METHOD_PROTOTYPE(__nss_compat_setgrent);
-+NSS_METHOD_PROTOTYPE(__nss_compat_endgrent);
-+static NSS_METHOD_PROTOTYPE(__freebsd_getgroupmembership);
-+
-+NSS_METHOD_PROTOTYPE(__nss_compat_getpwnam_r);
-+NSS_METHOD_PROTOTYPE(__nss_compat_getpwuid_r);
-+NSS_METHOD_PROTOTYPE(__nss_compat_getpwent_r);
-+NSS_METHOD_PROTOTYPE(__nss_compat_setpwent);
-+NSS_METHOD_PROTOTYPE(__nss_compat_endpwent);
-+
-+NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyname);
-+NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyname2);
-+NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyaddr);
-+
-+static ns_mtab methods[] = {
-+{ NSDB_GROUP, "getgrnam_r", __nss_compat_getgrnam_r, _nss_ldap_getgrnam_r },
-+{ NSDB_GROUP, "getgrgid_r", __nss_compat_getgrgid_r, _nss_ldap_getgrgid_r },
-+{ NSDB_GROUP, "getgrent_r", __nss_compat_getgrent_r, _nss_ldap_getgrent_r },
-+{ NSDB_GROUP, "setgrent", __nss_compat_setgrent, _nss_ldap_setgrent },
-+{ NSDB_GROUP, "endgrent", __nss_compat_endgrent, _nss_ldap_endgrent },
-+{ NSDB_GROUP, "getgroupmembership", __freebsd_getgroupmembership, NULL },
-+
-+{ NSDB_PASSWD, "getpwnam_r", __nss_compat_getpwnam_r, _nss_ldap_getpwnam_r },
-+{ NSDB_PASSWD, "getpwuid_r", __nss_compat_getpwuid_r, _nss_ldap_getpwuid_r },
-+{ NSDB_PASSWD, "getpwent_r", __nss_compat_getpwent_r, _nss_ldap_getpwent_r },
-+{ NSDB_PASSWD, "setpwent", __nss_compat_setpwent, _nss_ldap_setpwent },
-+{ NSDB_PASSWD, "endpwent", __nss_compat_endpwent, _nss_ldap_endpwent },
-+
-+{ NSDB_HOSTS, "gethostbyname", __nss_compat_gethostbyname, _nss_ldap_gethostbyname_r },
-+{ NSDB_HOSTS, "gethostbyaddr", __nss_compat_gethostbyaddr, _nss_ldap_gethostbyaddr_r },
-+{ NSDB_HOSTS, "gethostbyname2", __nss_compat_gethostbyname2, _nss_ldap_gethostbyname2_r },
-+
-+{ NSDB_GROUP_COMPAT, "getgrnam_r", __nss_compat_getgrnam_r, _nss_ldap_getgrnam_r },
-+{ NSDB_GROUP_COMPAT, "getgrgid_r", __nss_compat_getgrgid_r, _nss_ldap_getgrgid_r },
-+{ NSDB_GROUP_COMPAT, "getgrent_r", __nss_compat_getgrent_r, _nss_ldap_getgrent_r },
-+{ NSDB_GROUP_COMPAT, "setgrent", __nss_compat_setgrent, _nss_ldap_setgrent },
-+{ NSDB_GROUP_COMPAT, "endgrent", __nss_compat_endgrent, _nss_ldap_endgrent },
-+
-+{ NSDB_PASSWD_COMPAT, "getpwnam_r", __nss_compat_getpwnam_r, _nss_ldap_getpwnam_r },
-+{ NSDB_PASSWD_COMPAT, "getpwuid_r", __nss_compat_getpwuid_r, _nss_ldap_getpwuid_r },
-+{ NSDB_PASSWD_COMPAT, "getpwent_r", __nss_compat_getpwent_r, _nss_ldap_getpwent_r },
-+{ NSDB_PASSWD_COMPAT, "setpwent", __nss_compat_setpwent, _nss_ldap_setpwent },
-+{ NSDB_PASSWD_COMPAT, "endpwent", __nss_compat_endpwent, _nss_ldap_endpwent },
-+
-+};
-+
-+
-+int __nss_compat_gethostbyname(void *retval, void *mdata, va_list ap)
-+{
-+ enum nss_status (*fn)(const char *, struct hostent *, char *, size_t, int *, int *);
-+ const char *name;
-+ struct hostent *result;
-+ char buffer[BUFFER_SIZE];
-+ int errnop;
-+ int h_errnop;
-+ int af;
-+ enum nss_status status;
-+ fn = mdata;
-+ name = va_arg(ap, const char*);
-+ af = va_arg(ap,int);
-+ result = va_arg(ap,struct hostent *);
-+ status = fn(name, result, buffer, sizeof(buffer), &errnop, &h_errnop);
-+ status = __nss_compat_result(status,errnop);
-+ h_errno = h_errnop;
-+ return (status);
-+}
-+
-+int __nss_compat_gethostbyname2(void *retval, void *mdata, va_list ap)
-+{
-+ enum nss_status (*fn)(const char *, struct hostent *, char *, size_t, int *, int *);
-+ const char *name;
-+ struct hostent *result;
-+ char buffer[BUFFER_SIZE];
-+ int errnop;
-+ int h_errnop;
-+ int af;
-+ enum nss_status status;
-+ fn = mdata;
-+ name = va_arg(ap, const char*);
-+ af = va_arg(ap,int);
-+ result = va_arg(ap,struct hostent *);
-+ status = fn(name, result, buffer, sizeof(buffer), &errnop, &h_errnop);
-+ status = __nss_compat_result(status,errnop);
-+ h_errno = h_errnop;
-+ return (status);
-+}
-+
-+int __nss_compat_gethostbyaddr(void *retval, void *mdata, va_list ap)
-+{
-+ struct in_addr *addr;
-+ int len;
-+ int type;
-+ struct hostent *result;
-+ char buffer[BUFFER_SIZE];
-+ int errnop;
-+ int h_errnop;
-+ enum nss_status (*fn)(struct in_addr *, int, int, struct hostent *, char *, size_t, int *, int *);
-+ enum nss_status status;
-+ fn = mdata;
-+ addr = va_arg(ap, struct in_addr*);
-+ len = va_arg(ap,int);
-+ type = va_arg(ap,int);
-+ result = va_arg(ap, struct hostent*);
-+ status = fn(addr, len, type, result, buffer, sizeof(buffer), &errnop, &h_errnop);
-+ status = __nss_compat_result(status,errnop);
-+ h_errno = h_errnop;
-+ return (status);
-+}
-+
-+static int
-+__gr_addgid(gid_t gid, gid_t *groups, int maxgrp, int *groupc)
-+{
-+ int ret, dupc;
-+
-+ /* skip duplicates */
-+ for (dupc = 0; dupc < MIN(maxgrp, *groupc); dupc++) {
-+ if (groups[dupc] == gid)
-+ return 1;
-+ }
-+
-+ ret = 1;
-+ if (*groupc < maxgrp) /* add this gid */
-+ groups[*groupc] = gid;
-+ else
-+ ret = 0;
-+ (*groupc)++;
-+ return ret;
-+}
-+
-+static int
-+__freebsd_getgroupmembership(void *retval, void *mdata, va_list ap)
-+{
-+
-+ int err;
-+ enum nss_status s;
-+ gid_t group;
-+ gid_t *tmpgroups;
-+ size_t bufsize;
-+ const char *user;
-+ gid_t *groups;
-+ gid_t agroup;
-+ int maxgrp, *grpcnt;
-+ int i, rv, ret_errno;
-+ long int lstart, lsize;
-+
-+
-+ user = va_arg(ap, const char *);
-+ group = va_arg(ap, gid_t);
-+ groups = va_arg(ap, gid_t *);
-+ maxgrp = va_arg(ap, int);
-+ grpcnt = va_arg(ap, int *);
-+
-+
-+ tmpgroups = malloc(maxgrp * sizeof(gid_t));
-+ if (tmpgroups == NULL) {
-+ printf("Tried to mallog %u * %u\n", maxgrp, sizeof(gid_t));
-+ return NS_TRYAGAIN;
-+ }
-+
-+ /* insert primary membership */
-+ __gr_addgid(group, groups, maxgrp, grpcnt);
-+
-+ lstart = 0;
-+ lsize = maxgrp;
-+ s = _nss_ldap_initgroups_dyn(user, group, &lstart, &lsize,
-+ &tmpgroups, 0, &err);
-+ if (s == NSS_STATUS_SUCCESS) {
-+ for (i = 0; i < lstart; i++)
-+ if (! __gr_addgid(tmpgroups[i], groups, maxgrp, grpcnt)) {
-+ ;;
-+ }
-+ s = NSS_STATUS_NOTFOUND;
-+ }
-+
-+ free(tmpgroups);
-+
-+ return __nss_compat_result(s, 0);
-+}
-+
-+ns_mtab *
-+nss_module_register(const char *source, unsigned int *mtabsize,
-+ nss_module_unregister_fn *unreg)
-+{
-+ *mtabsize = sizeof(methods)/sizeof(methods[0]);
-+ *unreg = NULL;
-+ return (methods);
-+}
diff --git a/net/nss-pam-ldapd/files/patch-nss__prototypes.h b/net/nss-pam-ldapd/files/patch-nss__prototypes.h
new file mode 100644
index 000000000000..b87d5af5e305
--- /dev/null
+++ b/net/nss-pam-ldapd/files/patch-nss__prototypes.h
@@ -0,0 +1,16 @@
+--- nss/prototypes.h.orig 2011-03-09 13:39:24.000000000 -0900
++++ nss/prototypes.h 2012-02-29 17:15:19.000000000 -0900
+@@ -125,11 +125,13 @@
+ nss_status_t _nss_ldap_getservent_r(struct servent *result,char *buffer,size_t buflen,int *errnop);
+ nss_status_t _nss_ldap_endservent(void);
+
++#ifdef HAVE_SHADOW_H
+ /* shadow - extended user information */
+ nss_status_t _nss_ldap_getspnam_r(const char *name,struct spwd *result,char *buffer,size_t buflen,int *errnop);
+ nss_status_t _nss_ldap_setspent(int stayopen);
+ nss_status_t _nss_ldap_getspent_r(struct spwd *result,char *buffer,size_t buflen,int *errnop);
+ nss_status_t _nss_ldap_endspent(void);
++#endif
+
+ #endif /* NSS_FLAVOUR_GLIBC */
+
diff --git a/net/nss-pam-ldapd/files/patch-nss_ldap.map b/net/nss-pam-ldapd/files/patch-nss_ldap.map
deleted file mode 100644
index ecc7e438270a..000000000000
--- a/net/nss-pam-ldapd/files/patch-nss_ldap.map
+++ /dev/null
@@ -1,30 +0,0 @@
---- ./nss/nss_ldap.map.orig 2010-09-24 07:07:18.000000000 +0000
-+++ ./nss/nss_ldap.map 2010-12-16 13:13:25.000000000 +0000
-@@ -81,6 +78,27 @@
- _nss_ldap_getspent_r;
- _nss_ldap_endspent;
-
-+ # compat 4 bsd
-+ __nss_compat_getgrnam_r;
-+ __nss_compat_getgrgid_r;
-+ __nss_compat_getgrent_r;
-+ __nss_compat_setgrent;
-+ __nss_compat_endgrent;
-+
-+ __nss_compat_getpwnam_r;
-+ __nss_compat_getpwuid_r;
-+ __nss_compat_getpwent_r;
-+ __nss_compat_setpwent;
-+ __nss_compat_endpwent;
-+
-+ __nss_compat_gethostbyname;
-+ __nss_compat_gethostbyname2;
-+ __nss_compat_gethostbyaddr;
-+
-+ # module init
-+ nss_module_register;
-+
-+
- # everything else should not be exported
- local:
- *;
diff --git a/net/nss-pam-ldapd/files/patch-pam__makefile.in b/net/nss-pam-ldapd/files/patch-pam__makefile.in
deleted file mode 100644
index 16a8d0b70cb6..000000000000
--- a/net/nss-pam-ldapd/files/patch-pam__makefile.in
+++ /dev/null
@@ -1,12 +0,0 @@
---- pam/Makefile.in.orig 2009-12-20 20:47:00.000000000 +0300
-+++ pam/Makefile.in 2009-12-20 20:48:30.000000000 +0300
-@@ -470,7 +470,8 @@
-
- # install pam_ldap.so
- install-pam_ldap_so: pam_ldap.so
-- $(INSTALL_PROGRAM) -D pam_ldap.so $(DESTDIR)$(libdir)/security/pam_ldap.so
-+ $(INSTALL_PROGRAM) pam_ldap.so $(DESTDIR)$(libdir)/pam_ldap.so.1
-+ ln -sfh $(DESTDIR)$(libdir)/pam_ldap.so.1 $(DESTDIR)$(libdir)/pam_ldap.so
- uninstall-pam_ldap_so:
- -rm -f $(DESTDIR)$(libdir)/security/pam_ldap.so
-
diff --git a/net/nss-pam-ldapd/files/patch-r1626 b/net/nss-pam-ldapd/files/patch-r1626
new file mode 100644
index 000000000000..5fb07bf9ae40
--- /dev/null
+++ b/net/nss-pam-ldapd/files/patch-r1626
@@ -0,0 +1,50 @@
+Modified: compat/ldap_compat.h
+==============================================================================
+--- compat/ldap_compat.h Wed Feb 29 22:44:31 2012 (r1625)
++++ compat/ldap_compat.h Mon Mar 5 22:53:54 2012 (r1626)
+@@ -62,4 +62,12 @@
+ #define LDAP_SASL_QUIET 2U
+ #endif /* not LDAP_SASL_QUIET */
+
++/* on some systems LDAP_OPT_DIAGNOSTIC_MESSAGE isn't there but
++ LDAP_OPT_ERROR_STRING is */
++#ifndef LDAP_OPT_DIAGNOSTIC_MESSAGE
++#ifdef LDAP_OPT_ERROR_STRING
++#define LDAP_OPT_DIAGNOSTIC_MESSAGE LDAP_OPT_ERROR_STRING
++#endif /* LDAP_OPT_ERROR_STRING */
++#endif /* not LDAP_OPT_DIAGNOSTIC_MESSAGE */
++
+ #endif /* COMPAT__LDAP_COMPAT_H */
+
+Modified: nslcd/myldap.c
+==============================================================================
+--- nslcd/myldap.c Wed Feb 29 22:44:31 2012 (r1625)
++++ nslcd/myldap.c Mon Mar 5 22:53:54 2012 (r1626)
+@@ -378,6 +378,7 @@
+ static int do_bind(LDAP *ld,const char *binddn,const char *bindpw,const char *uri)
+ {
+ int rc;
++ char *msg=NULL;
+ #ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
+ #ifndef HAVE_SASL_INTERACT_T
+ struct berval cred;
+@@ -392,9 +393,16 @@
+ rc=ldap_start_tls_s(ld,NULL,NULL);
+ if (rc!=LDAP_SUCCESS)
+ {
+- log_log(LOG_WARNING,"ldap_start_tls_s() failed: %s%s%s (uri=\"%s\")",
+- ldap_err2string(rc),(errno==0)?"":": ",
+- (errno==0)?"":strerror(errno),uri);
++#ifdef LDAP_OPT_DIAGNOSTIC_MESSAGE
++ ldap_get_option(ld,LDAP_OPT_DIAGNOSTIC_MESSAGE,&msg);
++#endif /* LDAP_OPT_DIAGNOSTIC_MESSAGE */
++ log_log(LOG_WARNING,"ldap_start_tls_s() failed: %s%s%s%s%s (uri=\"%s\")",
++ ldap_err2string(rc),
++ (msg==NULL)?"":": ",(msg==NULL)?"":msg,
++ (errno==0)?"":": ",(errno==0)?"":strerror(errno),
++ uri);
++ if (msg)
++ ldap_memfree(msg);
+ return rc;
+ }
+ }
diff --git a/net/nss-pam-ldapd/files/patch-r1631 b/net/nss-pam-ldapd/files/patch-r1631
new file mode 100644
index 000000000000..c2013feabae9
--- /dev/null
+++ b/net/nss-pam-ldapd/files/patch-r1631
@@ -0,0 +1,21 @@
+Modified: nslcd/common.h
+==============================================================================
+--- nslcd/common.h Sat Mar 10 21:31:58 2012 (r1630)
++++ nslcd/common.h Sat Mar 10 21:41:37 2012 (r1631)
+@@ -3,7 +3,7 @@
+ This file is part of the nss-pam-ldapd library.
+
+ Copyright (C) 2006 West Consulting
+- Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Arthur de Jong
++ Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012 Arthur de Jong
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+@@ -25,6 +25,7 @@
+ #define NSLCD__COMMON_H 1
+
+ #include <errno.h>
++#include <limits.h>
+
+ #include "nslcd.h"
+ #include "common/nslcd-prot.h"
diff --git a/net/nss-pam-ldapd/files/rtld_nss__nslcd.c b/net/nss-pam-ldapd/files/rtld_nss__nslcd.c
index d2864f3776ef..e69de29bb2d1 100644
--- a/net/nss-pam-ldapd/files/rtld_nss__nslcd.c
+++ b/net/nss-pam-ldapd/files/rtld_nss__nslcd.c
@@ -1,20 +0,0 @@
---- nslcd/nslcd.c.orig 2011-01-09 13:45:07.000000000 +0300
-+++ nslcd/nslcd.c 2011-01-09 13:45:55.000000000 +0300
-@@ -574,7 +574,7 @@
- char *error;
- int *enable_flag;
- /* try to load the NSS module */
-- handle=dlopen(NSS_LDAP_SONAME,RTLD_LAZY|RTLD_NODELETE);
-+ handle=dlopen(NSS_LDAP_SONAME,RTLD_LAZY);
- if (handle==NULL)
- {
- log_log(LOG_WARNING,"Warning: LDAP NSS module not loaded: %s",dlerror());
-@@ -593,7 +593,7 @@
- if (__nss_configure_lookup("hosts","files dns"))
- log_log(LOG_ERR,"unable to override hosts lookup method: %s",strerror(errno));
- #endif /* HAVE___NSS_CONFIGURE_LOOKUP */
-- dlclose(handle);
-+ /* Do not dlclose() to keep reference count > 0 instead of RTLD_NODELETE */
- return;
- }
- /* disable nss_ldap */
diff --git a/net/nss-pam-ldapd/pkg-plist b/net/nss-pam-ldapd/pkg-plist
index e04dbe7e7bfe..e15654a3fca0 100644
--- a/net/nss-pam-ldapd/pkg-plist
+++ b/net/nss-pam-ldapd/pkg-plist
@@ -1,6 +1,8 @@
@unexec if cmp -s %D/etc/%%CONFIG%%.sample %D/etc/%%CONFIG%%; then rm -f %D/etc/%%CONFIG%%; fi
etc/%%CONFIG%%.sample
+%%NSS%%lib/nss_ldap.so
%%NSS%%lib/nss_ldap.so.1
%%NSLCD%%sbin/nslcd
%%PAM%%lib/pam_ldap.so
%%PAM%%lib/pam_ldap.so.1
+@exec if [ ! -f %D/etc/%%CONFIG%% ]; then cp -p %D/etc/%%CONFIG%%.sample %D/etc/%%CONFIG%%; fi