aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--net/openldap20-server/Makefile67
-rw-r--r--net/openldap20-server/distinfo2
-rw-r--r--net/openldap20-server/files/patch-servers::slapd::back-ldbm::idl.c106
-rw-r--r--net/openldap20-server/files/patch-servers::slapd::daemon.c33
-rw-r--r--net/openldap20-server/pkg-deinstall33
-rw-r--r--net/openldap20-server/pkg-install10
-rw-r--r--net/openldap20-server/pkg-message.client4
-rw-r--r--net/openldap20-server/pkg-plist38
-rw-r--r--net/openldap21-server/Makefile68
-rw-r--r--net/openldap21-server/distinfo4
-rw-r--r--net/openldap21-server/files/patch-servers::slapd::back-bdb::id2entry.c22
-rw-r--r--net/openldap21-server/pkg-deinstall33
-rw-r--r--net/openldap21-server/pkg-install10
-rw-r--r--net/openldap21-server/pkg-message2
-rw-r--r--net/openldap21-server/pkg-message.client4
-rw-r--r--net/openldap21-server/pkg-plist35
-rw-r--r--net/openldap22-server/Makefile69
-rw-r--r--net/openldap22-server/distinfo4
-rw-r--r--net/openldap22-server/files/patch-libraries::liblunicode::ucstr.c11
-rw-r--r--net/openldap22-server/files/patch-libraries::liblutil::passwd.c14
-rw-r--r--net/openldap22-server/files/patch-servers::slapd::back-perl302
-rw-r--r--net/openldap22-server/files/patch-servers::slapd::backend.c19
-rw-r--r--net/openldap22-server/files/patch-servers::slapd::config.c51
-rw-r--r--net/openldap22-server/files/patch-servers::slapd::daemon.c32
-rw-r--r--net/openldap22-server/files/patch-servers::slapd::proto-slap.h20
-rw-r--r--net/openldap22-server/files/patch-servers::slapd::slap.h40
-rw-r--r--net/openldap22-server/files/patch-servers::slapd::syncrepl.c1310
-rw-r--r--net/openldap22-server/files/patch-tests::scripts::test017-syncreplication-refresh71
-rw-r--r--net/openldap22-server/files/patch-tests::scripts::test018-syncreplication-persist71
-rw-r--r--net/openldap22-server/files/patch-tests::scripts::test020-syncreplication-cascading220
-rw-r--r--net/openldap22-server/pkg-deinstall33
-rw-r--r--net/openldap22-server/pkg-install10
-rw-r--r--net/openldap22-server/pkg-message2
-rw-r--r--net/openldap22-server/pkg-message.client4
-rw-r--r--net/openldap22-server/pkg-plist37
-rw-r--r--net/openldap23-server/Makefile69
-rw-r--r--net/openldap23-server/distinfo4
-rw-r--r--net/openldap23-server/files/patch-libraries::liblunicode::ucstr.c11
-rw-r--r--net/openldap23-server/files/patch-libraries::liblutil::passwd.c14
-rw-r--r--net/openldap23-server/files/patch-servers::slapd::back-perl302
-rw-r--r--net/openldap23-server/files/patch-servers::slapd::backend.c19
-rw-r--r--net/openldap23-server/files/patch-servers::slapd::config.c51
-rw-r--r--net/openldap23-server/files/patch-servers::slapd::daemon.c32
-rw-r--r--net/openldap23-server/files/patch-servers::slapd::proto-slap.h20
-rw-r--r--net/openldap23-server/files/patch-servers::slapd::slap.h40
-rw-r--r--net/openldap23-server/files/patch-servers::slapd::syncrepl.c1310
-rw-r--r--net/openldap23-server/files/patch-tests::scripts::test017-syncreplication-refresh71
-rw-r--r--net/openldap23-server/files/patch-tests::scripts::test018-syncreplication-persist71
-rw-r--r--net/openldap23-server/files/patch-tests::scripts::test020-syncreplication-cascading220
-rw-r--r--net/openldap23-server/pkg-deinstall33
-rw-r--r--net/openldap23-server/pkg-install10
-rw-r--r--net/openldap23-server/pkg-message2
-rw-r--r--net/openldap23-server/pkg-message.client4
-rw-r--r--net/openldap23-server/pkg-plist37
-rw-r--r--net/openldap24-server/Makefile69
-rw-r--r--net/openldap24-server/distinfo4
-rw-r--r--net/openldap24-server/files/patch-libraries::liblunicode::ucstr.c11
-rw-r--r--net/openldap24-server/files/patch-libraries::liblutil::passwd.c14
-rw-r--r--net/openldap24-server/files/patch-servers::slapd::back-perl302
-rw-r--r--net/openldap24-server/files/patch-servers::slapd::backend.c19
-rw-r--r--net/openldap24-server/files/patch-servers::slapd::config.c51
-rw-r--r--net/openldap24-server/files/patch-servers::slapd::daemon.c32
-rw-r--r--net/openldap24-server/files/patch-servers::slapd::proto-slap.h20
-rw-r--r--net/openldap24-server/files/patch-servers::slapd::slap.h40
-rw-r--r--net/openldap24-server/files/patch-servers::slapd::syncrepl.c1310
-rw-r--r--net/openldap24-server/files/patch-tests::scripts::test017-syncreplication-refresh71
-rw-r--r--net/openldap24-server/files/patch-tests::scripts::test018-syncreplication-persist71
-rw-r--r--net/openldap24-server/files/patch-tests::scripts::test020-syncreplication-cascading220
-rw-r--r--net/openldap24-server/pkg-deinstall33
-rw-r--r--net/openldap24-server/pkg-install10
-rw-r--r--net/openldap24-server/pkg-message2
-rw-r--r--net/openldap24-server/pkg-message.client4
-rw-r--r--net/openldap24-server/pkg-plist37
73 files changed, 6056 insertions, 1375 deletions
diff --git a/net/openldap20-server/Makefile b/net/openldap20-server/Makefile
index a46b1620b09b..1479fb732d87 100644
--- a/net/openldap20-server/Makefile
+++ b/net/openldap20-server/Makefile
@@ -6,7 +6,7 @@
#
PORTNAME= openldap
-PORTVERSION= ${OPENLDAP_VERSION}
+PORTVERSION= 2.0.27
PORTREVISION= ${OPENLDAP_PORTVERSION}
CATEGORIES= net databases
MASTER_SITES= ftp://ftp.OpenLDAP.org/pub/OpenLDAP/%SUBDIR%/ \
@@ -31,11 +31,8 @@ EXTRACT_SUFX= .tgz
MAINTAINER= eik@FreeBSD.org
COMMENT?= Open source LDAP server implementation
-OPENLDAP_VERSION= 2.0.27
-
LATEST_LINK= ${PKGNAMEPREFIX}openldap20${PKGNAMESUFFIX}
-CONFLICTS= openldap12-* \
- ${PKGNAMEPREFIX}${PORTNAME}-client-2.[1-9].*
+CONFLICTS= ${PKGNAMEPREFIX}${PORTNAME}-client-2.[1-9].*
WANT_OPENLDAP_VER?= 20
.if ${WANT_OPENLDAP_VER} != 20
@@ -47,26 +44,35 @@ OPENLDAP_PORTVERSION= 0
OPENLDAP_PKGNAMESUFFIX?=-client
OPENLDAP_PKGFILESUFX?= .client
+.if !defined(NOPORTDOCS)
+PORTDOCS= drafts rfc
+.endif
+
.if defined(USE_OPENLDAP)
.error You have `USE_OPENLDAP' defined either in your environment or in make(1) arguments.
.endif
.else
-OPENLDAP_PORTVERSION= 2
+OPENLDAP_PORTVERSION= 3
OPENLDAP_PKGNAMESUFFIX?=-server
OPENLDAP_PKGFILESUFX?=
-USE_OPENLDAP= yes
+RUN_DEPENDS= ${LOCALBASE}/lib/libldap.so.2:${PORTSDIR}/net/openldap20-client
CONFLICTS+= ${PKGNAMEPREFIX}${PORTNAME}-server-2.[1-9].*
.endif
-#USE_OPENSSL= yes
+USE_OPENSSL= yes
USE_REINPLACE= yes
USE_LIBTOOL_VER= 13
DESCR= ${PKGDIR}/pkg-descr${OPENLDAP_PKGFILESUFX}
-PLIST= ${WRKDIR}/pkg-plist
+PLIST= ${PKGDIR}/pkg-plist${OPENLDAP_PKGFILESUFX}
PKGINSTALL= ${WRKDIR}/pkg-install
PKGMESSAGE= ${WRKDIR}/pkg-message
+PKGDEINSTALL= ${WRKDIR}/pkg-deinstall
+
+SCHEMATA= corba core cosine \
+ inetorgperson java krb5-kdc \
+ misc nis openldap
LDAP_RUN_DIR?= ${DESTDIR}/var/run/openldap
LOCALSTATEDIR?= ${DESTDIR}/var/db
@@ -79,7 +85,8 @@ PLIST_SUB+= LDAP_RUN_DIR=${LDAP_RUN_DIR} \
SED_SCRIPT= -e 's,%%PREFIX%%,${PREFIX},g' \
-e 's,%%LDAP_RUN_DIR%%,${LDAP_RUN_DIR},g' \
- -e 's,%%DATABASEDIR%%,${DATABASEDIR},g'
+ -e 's,%%DATABASEDIR%%,${DATABASEDIR},g' \
+ -e 's,%%SLURPDIR%%,${SLURPDIR},g'
CONFIGURE_ARGS= --with-threads \
--with-tls=openssl \
@@ -155,8 +162,7 @@ CONFIGURE_ARGS+= --enable-wrappers
# end of client/server specific configuration
.endif
-# math.h uses _REENTRANT and stdio.h uses _THREAD_SAFE, so define both.
-CPPFLAGS+= -D_REENTRANT ${PTHREAD_CFLAGS} \
+CPPFLAGS+= ${PTHREAD_CFLAGS} \
-I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
@@ -218,9 +224,9 @@ post-build:
.for script in slapd slurpd
@${SED} ${SED_SCRIPT} ${FILESDIR}/${script}.sh >${WRKDIR}/${script}.sh
.endfor
-.for text in pkg-install pkg-message
- @if [ -f ${MASTERDIR}/${text}${OPENLDAP_PKGFILESUFX} ]; then \
- ${SED} ${SED_SCRIPT} ${MASTERDIR}/${text}${OPENLDAP_PKGFILESUFX} \
+.for text in pkg-install pkg-message pkg-deinstall
+ @if [ -f ${PKGDIR}/${text}${OPENLDAP_PKGFILESUFX} ]; then \
+ ${SED} ${SED_SCRIPT} ${PKGDIR}/${text}${OPENLDAP_PKGFILESUFX} \
>${WRKDIR}/${text}; \
fi
.endfor
@@ -232,18 +238,6 @@ test: build
.endif
pre-install:
- @${CP} ${MASTERDIR}/pkg-plist${OPENLDAP_PKGFILESUFX} ${PLIST}
-.if defined(CLIENT_ONLY)
-.if !defined(NOPORTDOCS)
- @for dir in rfc drafts; do \
- ${FIND} ${WRKSRC}/doc/$${dir} -maxdepth 1 -type f \
- | ${SED} -e "s,^${WRKSRC}/doc/,%%DOCSDIR%%/," \
- >>${PLIST}; \
- ${ECHO_CMD} "@dirrm %%DOCSDIR%%/$${dir}" >>${PLIST}; \
- done
- @${ECHO_CMD} "@dirrm %%DOCSDIR%%" >>${PLIST}
-.endif
-.endif
@if [ -f ${PKGINSTALL} ]; then \
${SETENV} "PKG_PREFIX=${PREFIX}" ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL; \
fi
@@ -252,15 +246,28 @@ post-install:
.if defined(CLIENT_ONLY)
.if !defined(NOPORTDOCS)
@${MKDIR} ${DOCSDIR}
- @for dir in rfc drafts; do \
+ @for dir in drafts rfc; do \
${MKDIR} ${DOCSDIR}/$${dir}; \
- ${FIND} ${WRKSRC}/doc/$${dir} -maxdepth 1 -type f \
- -exec ${INSTALL_DATA} {} ${DOCSDIR}/$${dir} \; ; \
+ ${INSTALL_DATA} ${WRKSRC}/doc/$${dir}/* ${DOCSDIR}/$${dir}; \
done
.endif
.else
+ @for schema in ${SCHEMATA}; do \
+ ${ECHO_CMD} "@unexec if cmp -s %D/etc/openldap/schema/$${schema}.schema" \
+ "%D/etc/openldap/schema/$${schema}.schema.default; then" \
+ "rm -f %D/etc/openldap/schema/$${schema}.schema; fi" >>${TMPPLIST}; \
+ ${ECHO_CMD} "etc/openldap/schema/$${schema}.schema.default" >>${TMPPLIST}; \
+ ${ECHO_CMD} "@exec [ -f %B/$${schema}.schema ] || cp %B/%f %B/$${schema}.schema" >>${TMPPLIST}; \
+ done
+ @${ECHO_CMD} "@unexec rmdir %D/etc/openldap/schema 2>/dev/null || true" >>${TMPPLIST}
+ @${ECHO_CMD} "@unexec rmdir %D/etc/openldap 2>/dev/null || true" >>${TMPPLIST}
+# currently the only way to participate in rcorder(8)
+ @if [ "${RC_DIR}" != "${PREFIX}" ]; then \
+ ${ECHO_CMD} "@cwd ${RC_DIR}" >>${TMPPLIST}; \
+ fi
.for script in slapd slurpd
@${INSTALL_SCRIPT} ${WRKDIR}/${script}.sh ${RC_DIR}/${script}${RC_SUFX}
+ @${ECHO_CMD} "${script}${RC_SUFX}" >>${TMPPLIST}
.endfor
@${MKDIR} ${LDAP_RUN_DIR}
.endif
diff --git a/net/openldap20-server/distinfo b/net/openldap20-server/distinfo
index 39837c58d76a..a501cdd409f6 100644
--- a/net/openldap20-server/distinfo
+++ b/net/openldap20-server/distinfo
@@ -1 +1,3 @@
MD5 (openldap-2.0.27.tgz) = a1e6508c471dd47205a3492cf57110a6
+SHA1 (openldap-2.0.27.tgz) = 6867890ed0a0a07d022290fa4b3429de50e1d0f3
+SIZE (openldap-2.0.27.tgz) = 1305050
diff --git a/net/openldap20-server/files/patch-servers::slapd::back-ldbm::idl.c b/net/openldap20-server/files/patch-servers::slapd::back-ldbm::idl.c
new file mode 100644
index 000000000000..b41a8d9c95fb
--- /dev/null
+++ b/net/openldap20-server/files/patch-servers::slapd::back-ldbm::idl.c
@@ -0,0 +1,106 @@
+#
+# ITS#2348: Index corruption and crash in back-ldbm
+#
+--- servers/slapd/back-ldbm/idl.c.orig Fri Aug 23 20:09:40 2002
++++ servers/slapd/back-ldbm/idl.c Wed Mar 12 12:42:29 2003
+@@ -478,9 +478,9 @@
+ */
+
+ /* select the block to try inserting into *//* XXX linear search XXX */
+- for ( i = 0; !ID_BLOCK_NOID(idl, i) && id > ID_BLOCK_ID(idl, i); i++ )
++ for ( i = 0; !ID_BLOCK_NOID(idl, i) && id >= ID_BLOCK_ID(idl, i); i++ )
+ ; /* NULL */
+-
++
+ if ( i != 0 ) {
+ i--;
+ first = 0;
+@@ -488,6 +488,11 @@
+ first = 1;
+ }
+
++ /* At this point the following condition must be true:
++ * ID_BLOCK_ID(idl, i) <= id && id < ID_BLOCK_ID(idl, i+1)
++ * except when i is the first or the last block.
++ */
++
+ /* get the block */
+ cont_alloc( &k2, &key );
+ cont_id( &k2, ID_BLOCK_ID(idl, i) );
+@@ -533,15 +538,16 @@
+
+ /* is there a next block? */
+ if ( !first && !ID_BLOCK_NOID(idl, i + 1) ) {
++ Datum k3;
+ /* read it in */
+- cont_alloc( &k2, &key );
+- cont_id( &k2, ID_BLOCK_ID(idl, i + 1) );
+- if ( (tmp2 = idl_fetch_one( be, db, k2 )) == NULL ) {
++ cont_alloc( &k3, &key );
++ cont_id( &k3, ID_BLOCK_ID(idl, i + 1) );
++ if ( (tmp2 = idl_fetch_one( be, db, k3 )) == NULL ) {
+ Debug( LDAP_DEBUG_ANY,
+ "idl_insert_key: idl_fetch_one returned NULL\n",
+ 0, 0, 0 );
+ /* split the original block */
+- cont_free( &k2 );
++ cont_free( &k3 );
+ goto split;
+ }
+
+@@ -552,9 +558,6 @@
+ */
+ if (id < ID_BLOCK_ID(tmp, ID_BLOCK_NIDS(tmp) - 1)) {
+ ID id2 = ID_BLOCK_ID(tmp, ID_BLOCK_NIDS(tmp) - 1);
+- Datum k3;
+-
+- ldbm_datum_init( k3 );
+
+ --ID_BLOCK_NIDS(tmp);
+ /* This must succeed since we just popped one
+@@ -562,16 +565,11 @@
+ */
+ rc = idl_insert( &tmp, id, db->dbc_maxids );
+
+- k3.dptr = ch_malloc(k2.dsize);
+- k3.dsize = k2.dsize;
+- AC_MEMCPY(k3.dptr, k2.dptr, k3.dsize);
+- if ( (rc = idl_store( be, db, k3, tmp )) != 0 ) {
++ if ( (rc = idl_store( be, db, k2, tmp )) != 0 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "idl_insert_key: idl_store returned %d\n", rc, 0, 0 );
+ }
+
+- free( k3.dptr );
+-
+ id = id2;
+ /* This new id will necessarily be inserted
+ * as the first id of the next block by the
+@@ -583,7 +581,7 @@
+ db->dbc_maxids )) ) {
+ case 1: /* id inserted first in block */
+ rc = idl_change_first( be, db, key, idl,
+- i + 1, k2, tmp2 );
++ i + 1, k3, tmp2 );
+ /* FALL */
+
+ case 2: /* id already there - how? */
+@@ -598,8 +596,10 @@
+ id, 0, 0 );
+ }
+
++ cont_free( &k3 );
+ idl_free( tmp );
+ idl_free( tmp2 );
++ cont_free( &k2 );
+ idl_free( idl );
+ return( 0 );
+
+@@ -607,6 +607,7 @@
+ break;
+ }
+
++ cont_free( &k3 );
+ idl_free( tmp2 );
+ }
+
diff --git a/net/openldap20-server/files/patch-servers::slapd::daemon.c b/net/openldap20-server/files/patch-servers::slapd::daemon.c
index 75fced252e07..efa32eaf6c79 100644
--- a/net/openldap20-server/files/patch-servers::slapd::daemon.c
+++ b/net/openldap20-server/files/patch-servers::slapd::daemon.c
@@ -1,28 +1,21 @@
---- servers/slapd/daemon.c.orig Thu Apr 24 07:51:08 2003
-+++ servers/slapd/daemon.c Thu Apr 24 07:52:05 2003
-@@ -863,6 +863,7 @@
-
- char *dnsname = NULL;
- char *peeraddr;
-+ char peeraddr6[INET6_ADDRSTRLEN];
- #ifdef LDAP_PF_LOCAL
- char peername[MAXPATHLEN + sizeof("PATH=")];
- #elif defined(LDAP_PF_INET6)
-@@ -995,12 +996,12 @@
- peeraddr != NULL ? peeraddr : "unknown",
+#
+# ITS#1918: slapd panics with real ipv6 addresses
+#
+--- servers/slapd/daemon.c.orig Tue Sep 23 17:21:54 2003
++++ servers/slapd/daemon.c Tue Sep 23 17:25:02 2003
+@@ -996,10 +996,12 @@
(unsigned) ntohs( from.sa_in6_addr.sin6_port ) );
} else {
-- char addr[INET6_ADDRSTRLEN];
-- sprintf( peername, "IP=%s %d",
+ char addr[INET6_ADDRSTRLEN];
++
++ peeraddr = (char *) inet_ntop( AF_INET6,
++ &from.sa_in6_addr.sin6_addr,
++ addr, sizeof addr );
+ sprintf( peername, "IP=%s %d",
- inet_ntop( AF_INET6,
- &from.sa_in6_addr.sin6_addr,
- addr, sizeof addr) ? addr : "unknown",
-+ const char *addr = inet_ntop( AF_INET6,
-+ &from.sa_in6_addr.sin6_addr,
-+ peeraddr6, sizeof peeraddr6);
-+ sprintf( peername, "IP=%s %d", addr ? addr : "unknown",
++ peeraddr != NULL ? peeraddr : "unknown",
(unsigned) ntohs( from.sa_in6_addr.sin6_port ) );
-+ if (addr) peeraddr = addr;
}
break;
- # endif /* LDAP_PF_INET6 */
diff --git a/net/openldap20-server/pkg-deinstall b/net/openldap20-server/pkg-deinstall
new file mode 100644
index 000000000000..2a5ec1ef8f65
--- /dev/null
+++ b/net/openldap20-server/pkg-deinstall
@@ -0,0 +1,33 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+ECHO_CMD=echo
+
+case $2 in
+POST-DEINSTALL)
+ ${ECHO_CMD}
+ ${ECHO_CMD} "The OpenLDAP server package has been deleted."
+ ${ECHO_CMD} "If you're *not* upgrading and won't be using"
+ ${ECHO_CMD} "it any longer, you may want to issue the"
+ ${ECHO_CMD} "following commands:"
+ ${ECHO_CMD}
+ if [ -d %%DATABASEDIR%% ]; then
+ ${ECHO_CMD} "- to delete the OpenLDAP database permanently (losing all data):"
+ ${ECHO_CMD} " rm -Rf %%DATABASEDIR%%"
+ ${ECHO_CMD}
+ fi
+ if [ -d %%SLURPDIR%% ]; then
+ ${ECHO_CMD} "- to remove the OpenLDAP replication directory:"
+ ${ECHO_CMD} " rm -Rf %%SLURPDIR%%"
+ ${ECHO_CMD}
+ fi
+ ${ECHO_CMD} "- to remove the OpenLDAP user:"
+ ${ECHO_CMD} " pw userdel ldap"
+ ${ECHO_CMD}
+ ${ECHO_CMD} "If you are upgrading, don't forget to restart"
+ ${ECHO_CMD} "slapd and slurpd."
+ ${ECHO_CMD}
+ ;;
+esac
diff --git a/net/openldap20-server/pkg-install b/net/openldap20-server/pkg-install
index 47b2ea825164..ee0a9e8588bd 100644
--- a/net/openldap20-server/pkg-install
+++ b/net/openldap20-server/pkg-install
@@ -13,9 +13,9 @@ FTPUSERS=/etc/ftpusers
case $2 in
PRE-INSTALL)
if ! ${PW} usershow -n ldap >/dev/null 2>&1; then
+ ${ECHO_CMD}
if ! ${PW} groupshow -n ldap >/dev/null 2>&1; then
if ! ${PW} groupadd -n ldap -g 389; then
- ${ECHO_CMD}
${ECHO_CMD} "*** Failed to add a group ldap with id 389."
${ECHO_CMD}
${ECHO_CMD} "Please add the ldap user manually with"
@@ -24,12 +24,10 @@ PRE-INSTALL)
${ECHO_CMD} "and retry installing this package."
exit 1
fi
+ ${ECHO_CMD} "===> Group 'ldap' created."
fi
- if ${PW} useradd -n ldap -u 389 -g ldap -c 'OpenLDAP Server' \
+ if ! ${PW} useradd -n ldap -u 389 -g ldap -c 'OpenLDAP Server' \
-d /nonexistent -s /sbin/nologin -h -; then
- ${GREP} -qs '^ldap$' ${FTPUSERS} || ${ECHO_CMD} ldap >> ${FTPUSERS}
- else
- ${ECHO_CMD}
${ECHO_CMD} "*** Failed to add an user ldap with id 389."
${ECHO_CMD}
${ECHO_CMD} "Please add the ldap user manually with"
@@ -38,6 +36,8 @@ PRE-INSTALL)
${ECHO_CMD} "and retry installing this package."
exit 1
fi
+ ${GREP} -qs '^ldap$' ${FTPUSERS} || ${ECHO_CMD} ldap >> ${FTPUSERS}
+ ${ECHO_CMD} "===> Account 'ldap' created."
fi
;;
esac
diff --git a/net/openldap20-server/pkg-message.client b/net/openldap20-server/pkg-message.client
index ef3234fa4b86..92ef70d0f99b 100644
--- a/net/openldap20-server/pkg-message.client
+++ b/net/openldap20-server/pkg-message.client
@@ -6,4 +6,8 @@ Edit
%%PREFIX%%/etc/openldap/ldap.conf
to change the system-wide client defaults.
+Try `man ldap.conf' and visit the OpenLDAP FAQ-O-Matic at
+ http://www.OpenLDAP.org/faq/index.cgi?file=3
+for more information.
+
************************************************************
diff --git a/net/openldap20-server/pkg-plist b/net/openldap20-server/pkg-plist
index 0a4d061c8e97..e7a7ae71f58b 100644
--- a/net/openldap20-server/pkg-plist
+++ b/net/openldap20-server/pkg-plist
@@ -1,38 +1,9 @@
@comment $FreeBSD$
-@unexec %%RC_DIR%%/slapd%%RC_SUFX%% stop 2>/dev/null || true
-@unexec %%RC_DIR%%/slurpd%%RC_SUFX%% stop 2>/dev/null || true
-@unexec if cmp -s %D/etc/openldap/schema/corba.schema %D/etc/openldap/schema/corba.schema.default; then rm -f %D/etc/openldap/schema/corba.schema; fi
-etc/openldap/schema/corba.schema.default
-@exec [ -f %B/corba.schema ] || cp %B/%f %B/corba.schema
-@unexec if cmp -s %D/etc/openldap/schema/core.schema %D/etc/openldap/schema/core.schema.default; then rm -f %D/etc/openldap/schema/core.schema; fi
-etc/openldap/schema/core.schema.default
-@exec [ -f %B/core.schema ] || cp %B/%f %B/core.schema
-@unexec if cmp -s %D/etc/openldap/schema/cosine.schema %D/etc/openldap/schema/cosine.schema.default; then rm -f %D/etc/openldap/schema/cosine.schema; fi
-etc/openldap/schema/cosine.schema.default
-@exec [ -f %B/cosine.schema ] || cp %B/%f %B/cosine.schema
-@unexec if cmp -s %D/etc/openldap/schema/inetorgperson.schema %D/etc/openldap/schema/inetorgperson.schema.default; then rm -f %D/etc/openldap/schema/inetorgperson.schema; fi
-etc/openldap/schema/inetorgperson.schema.default
-@exec [ -f %B/inetorgperson.schema ] || cp %B/%f %B/inetorgperson.schema
-@unexec if cmp -s %D/etc/openldap/schema/java.schema %D/etc/openldap/schema/java.schema.default; then rm -f %D/etc/openldap/schema/java.schema; fi
-etc/openldap/schema/java.schema.default
-@exec [ -f %B/java.schema ] || cp %B/%f %B/java.schema
-@unexec if cmp -s %D/etc/openldap/schema/krb5-kdc.schema %D/etc/openldap/schema/krb5-kdc.schema.default; then rm -f %D/etc/openldap/schema/krb5-kdc.schema; fi
-etc/openldap/schema/krb5-kdc.schema.default
-@exec [ -f %B/krb5-kdc.schema ] || cp %B/%f %B/krb5-kdc.schema
-@unexec if cmp -s %D/etc/openldap/schema/misc.schema %D/etc/openldap/schema/misc.schema.default; then rm -f %D/etc/openldap/schema/misc.schema; fi
-etc/openldap/schema/misc.schema.default
-@exec [ -f %B/misc.schema ] || cp %B/%f %B/misc.schema
-@unexec if cmp -s %D/etc/openldap/schema/nis.schema %D/etc/openldap/schema/nis.schema.default; then rm -f %D/etc/openldap/schema/nis.schema; fi
-etc/openldap/schema/nis.schema.default
-@exec [ -f %B/nis.schema ] || cp %B/%f %B/nis.schema
-@unexec if cmp -s %D/etc/openldap/schema/openldap.schema %D/etc/openldap/schema/openldap.schema.default; then rm -f %D/etc/openldap/schema/openldap.schema; fi
-etc/openldap/schema/openldap.schema.default
-@exec [ -f %B/openldap.schema ] || cp %B/%f %B/openldap.schema
+@unexec %%RC_DIR%%/slapd%%RC_SUFX%% stop 2>&1 >/dev/null || true
+@unexec %%RC_DIR%%/slurpd%%RC_SUFX%% stop 2>&1 >/dev/null || true
@unexec if cmp -s %D/etc/openldap/slapd.conf %D/etc/openldap/slapd.conf.default; then rm -f %D/etc/openldap/slapd.conf; fi
etc/openldap/slapd.conf.default
@exec [ -f %B/slapd.conf ] || cp %B/%f %B/slapd.conf
-@unexec rmdir %D/etc/openldap/schema 2>/dev/null || true
-@unexec rmdir %D/etc/openldap 2>/dev/null || true
libexec/slapd
libexec/slurpd
sbin/slapadd
@@ -42,9 +13,6 @@ sbin/slappasswd
@exec mkdir -p %%LDAP_RUN_DIR%%
@exec mkdir -p %%DATABASEDIR%%
@exec mkdir -p %%SLURPDIR%%
-@unexec rmdir %%LDAP_RUN_DIR%%
+@unexec rmdir %%LDAP_RUN_DIR%% 2>/dev/null || true
@unexec rmdir %%DATABASEDIR%% 2>/dev/null || true
@unexec rmdir %%SLURPDIR%% 2>/dev/null || true
-@cwd %%RC_DIR%%
-slapd%%RC_SUFX%%
-slurpd%%RC_SUFX%%
diff --git a/net/openldap21-server/Makefile b/net/openldap21-server/Makefile
index 401f96d655d2..75e97c172d3b 100644
--- a/net/openldap21-server/Makefile
+++ b/net/openldap21-server/Makefile
@@ -6,7 +6,7 @@
#
PORTNAME= openldap
-PORTVERSION= ${OPENLDAP_VERSION}
+PORTVERSION= 2.1.23
PORTREVISION= ${OPENLDAP_PORTVERSION}
CATEGORIES= net databases
MASTER_SITES= ftp://ftp.OpenLDAP.org/pub/OpenLDAP/%SUBDIR%/ \
@@ -31,11 +31,8 @@ EXTRACT_SUFX= .tgz
MAINTAINER= eik@FreeBSD.org
COMMENT?= Open source LDAP server implementation
-OPENLDAP_VERSION= 2.1.22
-
LATEST_LINK= ${PKGNAMEPREFIX}openldap21${PKGNAMESUFFIX}
-CONFLICTS= openldap12-* \
- ${PKGNAMEPREFIX}${PORTNAME}-client-2.[02-9].*
+CONFLICTS= ${PKGNAMEPREFIX}${PORTNAME}-client-2.[02-9].*
WANT_OPENLDAP_VER?= 21
.if ${WANT_OPENLDAP_VER} != 21
@@ -47,26 +44,35 @@ OPENLDAP_PORTVERSION= 0
OPENLDAP_PKGNAMESUFFIX?=-client
OPENLDAP_PKGFILESUFX?= .client
+.if !defined(NOPORTDOCS)
+PORTDOCS= drafts rfc
+.endif
+
.if defined(USE_OPENLDAP)
.error You have `USE_OPENLDAP' defined either in your environment or in make(1) arguments.
.endif
.else
-OPENLDAP_PORTVERSION= 2
+OPENLDAP_PORTVERSION= 0
OPENLDAP_PKGNAMESUFFIX?=-server
OPENLDAP_PKGFILESUFX?=
-USE_OPENLDAP= yes
+RUN_DEPENDS= ${LOCALBASE}/lib/libldap.so.2:${PORTSDIR}/net/openldap21-client
CONFLICTS+= ${PKGNAMEPREFIX}${PORTNAME}-server-2.[02-9].*
.endif
-#USE_OPENSSL= yes
+USE_OPENSSL= yes
USE_REINPLACE= yes
USE_LIBTOOL_VER= 14
DESCR= ${PKGDIR}/pkg-descr${OPENLDAP_PKGFILESUFX}
-PLIST= ${WRKDIR}/pkg-plist
+PLIST= ${PKGDIR}/pkg-plist${OPENLDAP_PKGFILESUFX}
PKGINSTALL= ${WRKDIR}/pkg-install
PKGMESSAGE= ${WRKDIR}/pkg-message
+PKGDEINSTALL= ${WRKDIR}/pkg-deinstall
+
+SCHEMATA= corba core cosine \
+ inetorgperson java \
+ misc nis openldap
LDAP_RUN_DIR?= ${DESTDIR}/var/run/openldap
LOCALSTATEDIR?= ${DESTDIR}/var/db
@@ -79,7 +85,8 @@ PLIST_SUB+= LDAP_RUN_DIR=${LDAP_RUN_DIR} \
SED_SCRIPT= -e 's,%%PREFIX%%,${PREFIX},g' \
-e 's,%%LDAP_RUN_DIR%%,${LDAP_RUN_DIR},g' \
- -e 's,%%DATABASEDIR%%,${DATABASEDIR},g'
+ -e 's,%%DATABASEDIR%%,${DATABASEDIR},g' \
+ -e 's,%%SLURPDIR%%,${SLURPDIR},g'
CONFIGURE_ARGS= --with-threads \
--with-tls=openssl \
@@ -167,8 +174,7 @@ CONFIGURE_ARGS+= --enable-wrappers
# end of client/server specific configuration
.endif
-# math.h uses _REENTRANT and stdio.h uses _THREAD_SAFE, so define both.
-CPPFLAGS+= -D_REENTRANT ${PTHREAD_CFLAGS} \
+CPPFLAGS+= ${PTHREAD_CFLAGS} \
-I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
@@ -231,9 +237,9 @@ post-build:
.for script in slapd slurpd
@${SED} ${SED_SCRIPT} ${FILESDIR}/${script}.sh >${WRKDIR}/${script}.sh
.endfor
-.for text in pkg-install pkg-message
- @if [ -f ${MASTERDIR}/${text}${OPENLDAP_PKGFILESUFX} ]; then \
- ${SED} ${SED_SCRIPT} ${MASTERDIR}/${text}${OPENLDAP_PKGFILESUFX} \
+.for text in pkg-install pkg-message pkg-deinstall
+ @if [ -f ${PKGDIR}/${text}${OPENLDAP_PKGFILESUFX} ]; then \
+ ${SED} ${SED_SCRIPT} ${PKGDIR}/${text}${OPENLDAP_PKGFILESUFX} \
>${WRKDIR}/${text}; \
fi
.endfor
@@ -245,18 +251,6 @@ test: build
.endif
pre-install:
- @${CP} ${MASTERDIR}/pkg-plist${OPENLDAP_PKGFILESUFX} ${PLIST}
-.if defined(CLIENT_ONLY)
-.if !defined(NOPORTDOCS)
- @for dir in rfc drafts; do \
- ${FIND} ${WRKSRC}/doc/$${dir} -maxdepth 1 -type f \
- | ${SED} -e "s,^${WRKSRC}/doc/,%%DOCSDIR%%/," \
- >>${PLIST}; \
- ${ECHO_CMD} "@dirrm %%DOCSDIR%%/$${dir}" >>${PLIST}; \
- done
- @${ECHO_CMD} "@dirrm %%DOCSDIR%%" >>${PLIST}
-.endif
-.endif
@if [ -f ${PKGINSTALL} ]; then \
${SETENV} "PKG_PREFIX=${PREFIX}" ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL; \
fi
@@ -265,15 +259,29 @@ post-install:
.if defined(CLIENT_ONLY)
.if !defined(NOPORTDOCS)
@${MKDIR} ${DOCSDIR}
- @for dir in rfc drafts; do \
+ @for dir in drafts rfc; do \
${MKDIR} ${DOCSDIR}/$${dir}; \
- ${FIND} ${WRKSRC}/doc/$${dir} -maxdepth 1 -type f \
- -exec ${INSTALL_DATA} {} ${DOCSDIR}/$${dir} \; ; \
+ ${INSTALL_DATA} ${WRKSRC}/doc/$${dir}/* ${DOCSDIR}/$${dir}; \
done
+ @${ECHO_CMD} "@dirrm ${DOCSDIR:S,^${PREFIX}/,,}" >>${TMPPLIST}
.endif
.else
+ @for schema in ${SCHEMATA}; do \
+ ${ECHO_CMD} "@unexec if cmp -s %D/etc/openldap/schema/$${schema}.schema" \
+ "%D/etc/openldap/schema/$${schema}.schema.default; then" \
+ "rm -f %D/etc/openldap/schema/$${schema}.schema; fi" >>${TMPPLIST}; \
+ ${ECHO_CMD} "etc/openldap/schema/$${schema}.schema.default" >>${TMPPLIST}; \
+ ${ECHO_CMD} "@exec [ -f %B/$${schema}.schema ] || cp %B/%f %B/$${schema}.schema" >>${TMPPLIST}; \
+ done
+ @${ECHO_CMD} "@unexec rmdir %D/etc/openldap/schema 2>/dev/null || true" >>${TMPPLIST}
+ @${ECHO_CMD} "@unexec rmdir %D/etc/openldap 2>/dev/null || true" >>${TMPPLIST}
+# currently the only way to participate in rcorder(8)
+ @if [ "${RC_DIR}" != "${PREFIX}" ]; then \
+ ${ECHO_CMD} "@cwd ${RC_DIR}" >>${TMPPLIST}; \
+ fi
.for script in slapd slurpd
@${INSTALL_SCRIPT} ${WRKDIR}/${script}.sh ${RC_DIR}/${script}${RC_SUFX}
+ @${ECHO_CMD} "${script}${RC_SUFX}" >>${TMPPLIST}
.endfor
@${MKDIR} ${LDAP_RUN_DIR}
.endif
diff --git a/net/openldap21-server/distinfo b/net/openldap21-server/distinfo
index b28ce95a8cde..63d9185b4893 100644
--- a/net/openldap21-server/distinfo
+++ b/net/openldap21-server/distinfo
@@ -1 +1,3 @@
-MD5 (openldap-2.1.22.tgz) = 391512053eded93e73ffa0d377ce272a
+MD5 (openldap-2.1.23.tgz) = a25b5806f8fe031e248f99ca7fe6df2c
+SHA1 (openldap-2.1.23.tgz) = 6e9feb29cfe6026ec9cc6d5a3e971118545cb388
+SIZE (openldap-2.1.23.tgz) = 2035411
diff --git a/net/openldap21-server/files/patch-servers::slapd::back-bdb::id2entry.c b/net/openldap21-server/files/patch-servers::slapd::back-bdb::id2entry.c
deleted file mode 100644
index 92c0224f511a..000000000000
--- a/net/openldap21-server/files/patch-servers::slapd::back-bdb::id2entry.c
+++ /dev/null
@@ -1,22 +0,0 @@
-#
-# ITS#2672: eternal loop in back-bdb/id2entry.c
-#
---- servers/slapd/back-bdb/id2entry.c 2003/03/24 03:54:12 1.24.2.9
-+++ servers/slapd/back-bdb/id2entry.c 2003/08/09 16:14:04 1.24.2.10
-@@ -125,6 +125,8 @@
- }
-
- if ( rc == 0 ) {
-+ int add_loop_cnt = 0;
-+
- #ifdef BDB_HIER
- bdb_fix_dn(be, id, *e);
- #endif
-@@ -132,7 +134,6 @@
- &bdb->bi_cache, *e, rw, locker, lock);
- while ( ret == 1 || ret == -1 ) {
- Entry *ee;
-- int add_loop_cnt = 0;
- if ( (*e)->e_private != NULL ) {
- free ((*e)->e_private);
- }
diff --git a/net/openldap21-server/pkg-deinstall b/net/openldap21-server/pkg-deinstall
new file mode 100644
index 000000000000..2a5ec1ef8f65
--- /dev/null
+++ b/net/openldap21-server/pkg-deinstall
@@ -0,0 +1,33 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+ECHO_CMD=echo
+
+case $2 in
+POST-DEINSTALL)
+ ${ECHO_CMD}
+ ${ECHO_CMD} "The OpenLDAP server package has been deleted."
+ ${ECHO_CMD} "If you're *not* upgrading and won't be using"
+ ${ECHO_CMD} "it any longer, you may want to issue the"
+ ${ECHO_CMD} "following commands:"
+ ${ECHO_CMD}
+ if [ -d %%DATABASEDIR%% ]; then
+ ${ECHO_CMD} "- to delete the OpenLDAP database permanently (losing all data):"
+ ${ECHO_CMD} " rm -Rf %%DATABASEDIR%%"
+ ${ECHO_CMD}
+ fi
+ if [ -d %%SLURPDIR%% ]; then
+ ${ECHO_CMD} "- to remove the OpenLDAP replication directory:"
+ ${ECHO_CMD} " rm -Rf %%SLURPDIR%%"
+ ${ECHO_CMD}
+ fi
+ ${ECHO_CMD} "- to remove the OpenLDAP user:"
+ ${ECHO_CMD} " pw userdel ldap"
+ ${ECHO_CMD}
+ ${ECHO_CMD} "If you are upgrading, don't forget to restart"
+ ${ECHO_CMD} "slapd and slurpd."
+ ${ECHO_CMD}
+ ;;
+esac
diff --git a/net/openldap21-server/pkg-install b/net/openldap21-server/pkg-install
index 47b2ea825164..ee0a9e8588bd 100644
--- a/net/openldap21-server/pkg-install
+++ b/net/openldap21-server/pkg-install
@@ -13,9 +13,9 @@ FTPUSERS=/etc/ftpusers
case $2 in
PRE-INSTALL)
if ! ${PW} usershow -n ldap >/dev/null 2>&1; then
+ ${ECHO_CMD}
if ! ${PW} groupshow -n ldap >/dev/null 2>&1; then
if ! ${PW} groupadd -n ldap -g 389; then
- ${ECHO_CMD}
${ECHO_CMD} "*** Failed to add a group ldap with id 389."
${ECHO_CMD}
${ECHO_CMD} "Please add the ldap user manually with"
@@ -24,12 +24,10 @@ PRE-INSTALL)
${ECHO_CMD} "and retry installing this package."
exit 1
fi
+ ${ECHO_CMD} "===> Group 'ldap' created."
fi
- if ${PW} useradd -n ldap -u 389 -g ldap -c 'OpenLDAP Server' \
+ if ! ${PW} useradd -n ldap -u 389 -g ldap -c 'OpenLDAP Server' \
-d /nonexistent -s /sbin/nologin -h -; then
- ${GREP} -qs '^ldap$' ${FTPUSERS} || ${ECHO_CMD} ldap >> ${FTPUSERS}
- else
- ${ECHO_CMD}
${ECHO_CMD} "*** Failed to add an user ldap with id 389."
${ECHO_CMD}
${ECHO_CMD} "Please add the ldap user manually with"
@@ -38,6 +36,8 @@ PRE-INSTALL)
${ECHO_CMD} "and retry installing this package."
exit 1
fi
+ ${GREP} -qs '^ldap$' ${FTPUSERS} || ${ECHO_CMD} ldap >> ${FTPUSERS}
+ ${ECHO_CMD} "===> Account 'ldap' created."
fi
;;
esac
diff --git a/net/openldap21-server/pkg-message b/net/openldap21-server/pkg-message
index 737d02348bdb..ebb4024ab072 100644
--- a/net/openldap21-server/pkg-message
+++ b/net/openldap21-server/pkg-message
@@ -14,7 +14,7 @@ Then start the server with
or reboot.
Try `man slapd' and the online manual at
- http://www.OpenLDAP.org/doc/admin20/
+ http://www.OpenLDAP.org/doc/admin21/
for more information.
NOTE: Some variable names have been changed to conform with rc.subr(8)
diff --git a/net/openldap21-server/pkg-message.client b/net/openldap21-server/pkg-message.client
index ef3234fa4b86..92ef70d0f99b 100644
--- a/net/openldap21-server/pkg-message.client
+++ b/net/openldap21-server/pkg-message.client
@@ -6,4 +6,8 @@ Edit
%%PREFIX%%/etc/openldap/ldap.conf
to change the system-wide client defaults.
+Try `man ldap.conf' and visit the OpenLDAP FAQ-O-Matic at
+ http://www.OpenLDAP.org/faq/index.cgi?file=3
+for more information.
+
************************************************************
diff --git a/net/openldap21-server/pkg-plist b/net/openldap21-server/pkg-plist
index f6bfa4f3c820..e64d6608a94c 100644
--- a/net/openldap21-server/pkg-plist
+++ b/net/openldap21-server/pkg-plist
@@ -1,36 +1,10 @@
@comment $FreeBSD$
-@unexec %%RC_DIR%%/slapd%%RC_SUFX%% stop 2>/dev/null || true
-@unexec %%RC_DIR%%/slurpd%%RC_SUFX%% stop 2>/dev/null || true
+@unexec %%RC_DIR%%/slapd%%RC_SUFX%% stop 2>&1 >/dev/null || true
+@unexec %%RC_DIR%%/slurpd%%RC_SUFX%% stop 2>&1 >/dev/null || true
etc/openldap/schema/README
-@unexec if cmp -s %D/etc/openldap/schema/corba.schema %D/etc/openldap/schema/corba.schema.default; then rm -f %D/etc/openldap/schema/corba.schema; fi
-etc/openldap/schema/corba.schema.default
-@exec [ -f %B/corba.schema ] || cp %B/%f %B/corba.schema
-@unexec if cmp -s %D/etc/openldap/schema/core.schema %D/etc/openldap/schema/core.schema.default; then rm -f %D/etc/openldap/schema/core.schema; fi
-etc/openldap/schema/core.schema.default
-@exec [ -f %B/core.schema ] || cp %B/%f %B/core.schema
-@unexec if cmp -s %D/etc/openldap/schema/cosine.schema %D/etc/openldap/schema/cosine.schema.default; then rm -f %D/etc/openldap/schema/cosine.schema; fi
-etc/openldap/schema/cosine.schema.default
-@exec [ -f %B/cosine.schema ] || cp %B/%f %B/cosine.schema
-@unexec if cmp -s %D/etc/openldap/schema/inetorgperson.schema %D/etc/openldap/schema/inetorgperson.schema.default; then rm -f %D/etc/openldap/schema/inetorgperson.schema; fi
-etc/openldap/schema/inetorgperson.schema.default
-@exec [ -f %B/inetorgperson.schema ] || cp %B/%f %B/inetorgperson.schema
-@unexec if cmp -s %D/etc/openldap/schema/java.schema %D/etc/openldap/schema/java.schema.default; then rm -f %D/etc/openldap/schema/java.schema; fi
-etc/openldap/schema/java.schema.default
-@exec [ -f %B/java.schema ] || cp %B/%f %B/java.schema
-@unexec if cmp -s %D/etc/openldap/schema/misc.schema %D/etc/openldap/schema/misc.schema.default; then rm -f %D/etc/openldap/schema/misc.schema; fi
-etc/openldap/schema/misc.schema.default
-@exec [ -f %B/misc.schema ] || cp %B/%f %B/misc.schema
-@unexec if cmp -s %D/etc/openldap/schema/nis.schema %D/etc/openldap/schema/nis.schema.default; then rm -f %D/etc/openldap/schema/nis.schema; fi
-etc/openldap/schema/nis.schema.default
-@exec [ -f %B/nis.schema ] || cp %B/%f %B/nis.schema
-@unexec if cmp -s %D/etc/openldap/schema/openldap.schema %D/etc/openldap/schema/openldap.schema.default; then rm -f %D/etc/openldap/schema/openldap.schema; fi
-etc/openldap/schema/openldap.schema.default
-@exec [ -f %B/openldap.schema ] || cp %B/%f %B/openldap.schema
@unexec if cmp -s %D/etc/openldap/slapd.conf %D/etc/openldap/slapd.conf.default; then rm -f %D/etc/openldap/slapd.conf; fi
etc/openldap/slapd.conf.default
@exec [ -f %B/slapd.conf ] || cp %B/%f %B/slapd.conf
-@unexec rmdir %D/etc/openldap/schema 2>/dev/null || true
-@unexec rmdir %D/etc/openldap 2>/dev/null || true
libexec/slapd
libexec/slurpd
sbin/slapadd
@@ -40,9 +14,6 @@ sbin/slappasswd
@exec mkdir -p %%LDAP_RUN_DIR%%
@exec mkdir -p %%DATABASEDIR%%
@exec mkdir -p %%SLURPDIR%%
-@unexec rmdir %%LDAP_RUN_DIR%%
+@unexec rmdir %%LDAP_RUN_DIR%% 2>/dev/null || true
@unexec rmdir %%DATABASEDIR%% 2>/dev/null || true
@unexec rmdir %%SLURPDIR%% 2>/dev/null || true
-@cwd %%RC_DIR%%
-slapd%%RC_SUFX%%
-slurpd%%RC_SUFX%%
diff --git a/net/openldap22-server/Makefile b/net/openldap22-server/Makefile
index cac16f92b2a6..91c7ef445ee1 100644
--- a/net/openldap22-server/Makefile
+++ b/net/openldap22-server/Makefile
@@ -6,7 +6,7 @@
#
PORTNAME= openldap
-PORTVERSION= ${OPENLDAP_VERSION}.a
+PORTVERSION= 2.2.2.b
PORTREVISION= ${OPENLDAP_PORTVERSION}
CATEGORIES= net databases
MASTER_SITES= ftp://ftp.OpenLDAP.org/pub/OpenLDAP/%SUBDIR%/ \
@@ -26,17 +26,14 @@ MASTER_SITES= ftp://ftp.OpenLDAP.org/pub/OpenLDAP/%SUBDIR%/ \
ftp://ftp.plig.org/pub/OpenLDAP/%SUBDIR%/
MASTER_SITE_SUBDIR= openldap-test
PKGNAMESUFFIX= ${OPENLDAP_PKGNAMESUFFIX}
-DISTNAME= openldap-${OPENLDAP_VERSION}alpha
+DISTNAME= ${PORTNAME}-${PORTVERSION:S/.b/beta/}
EXTRACT_SUFX= .tgz
MAINTAINER= eik@FreeBSD.org
COMMENT?= Open source LDAP server implementation
-OPENLDAP_VERSION= 2.2.0
-
LATEST_LINK= ${PKGNAMEPREFIX}openldap22${PKGNAMESUFFIX}
-CONFLICTS= openldap12-* \
- ${PKGNAMEPREFIX}${PORTNAME}-client-2.[013-9].*
+CONFLICTS= ${PKGNAMEPREFIX}${PORTNAME}-client-2.[013-9].*
WANT_OPENLDAP_VER?= 22
.if ${WANT_OPENLDAP_VER} != 22
@@ -48,26 +45,35 @@ OPENLDAP_PORTVERSION= 0
OPENLDAP_PKGNAMESUFFIX?=-client
OPENLDAP_PKGFILESUFX?= .client
+.if !defined(NOPORTDOCS)
+PORTDOCS= drafts rfc
+.endif
+
.if defined(USE_OPENLDAP)
.error You have `USE_OPENLDAP' defined either in your environment or in make(1) arguments.
.endif
.else
-OPENLDAP_PORTVERSION= 2
+OPENLDAP_PORTVERSION= 0
OPENLDAP_PKGNAMESUFFIX?=-server
OPENLDAP_PKGFILESUFX?=
-USE_OPENLDAP= yes
+RUN_DEPENDS= ${LOCALBASE}/lib/libldap.so.2:${PORTSDIR}/net/openldap22-client
CONFLICTS+= ${PKGNAMEPREFIX}${PORTNAME}-server-2.[013-9].*
.endif
-#USE_OPENSSL= yes
+USE_OPENSSL= yes
USE_REINPLACE= yes
USE_LIBTOOL_VER= 14
DESCR= ${PKGDIR}/pkg-descr${OPENLDAP_PKGFILESUFX}
-PLIST= ${WRKDIR}/pkg-plist
+PLIST= ${PKGDIR}/pkg-plist${OPENLDAP_PKGFILESUFX}
PKGINSTALL= ${WRKDIR}/pkg-install
PKGMESSAGE= ${WRKDIR}/pkg-message
+PKGDEINSTALL= ${WRKDIR}/pkg-deinstall
+
+SCHEMATA= corba core cosine \
+ dyngroup inetorgperson java \
+ misc nis openldap
LDAP_RUN_DIR?= ${DESTDIR}/var/run/openldap
LOCALSTATEDIR?= ${DESTDIR}/var/db
@@ -80,7 +86,8 @@ PLIST_SUB+= LDAP_RUN_DIR=${LDAP_RUN_DIR} \
SED_SCRIPT= -e 's,%%PREFIX%%,${PREFIX},g' \
-e 's,%%LDAP_RUN_DIR%%,${LDAP_RUN_DIR},g' \
- -e 's,%%DATABASEDIR%%,${DATABASEDIR},g'
+ -e 's,%%DATABASEDIR%%,${DATABASEDIR},g' \
+ -e 's,%%SLURPDIR%%,${SLURPDIR},g'
CONFIGURE_ARGS= --with-threads \
--with-tls=openssl \
@@ -177,8 +184,7 @@ CONFIGURE_ARGS+= --enable-wrappers
# end of client/server specific configuration
.endif
-# math.h uses _REENTRANT and stdio.h uses _THREAD_SAFE, so define both.
-CPPFLAGS+= -D_REENTRANT ${PTHREAD_CFLAGS} \
+CPPFLAGS+= ${PTHREAD_CFLAGS} \
-I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
@@ -242,9 +248,9 @@ post-build:
.for script in slapd slurpd
@${SED} ${SED_SCRIPT} ${FILESDIR}/${script}.sh >${WRKDIR}/${script}.sh
.endfor
-.for text in pkg-install pkg-message
- @if [ -f ${MASTERDIR}/${text}${OPENLDAP_PKGFILESUFX} ]; then \
- ${SED} ${SED_SCRIPT} ${MASTERDIR}/${text}${OPENLDAP_PKGFILESUFX} \
+.for text in pkg-install pkg-message pkg-deinstall
+ @if [ -f ${PKGDIR}/${text}${OPENLDAP_PKGFILESUFX} ]; then \
+ ${SED} ${SED_SCRIPT} ${PKGDIR}/${text}${OPENLDAP_PKGFILESUFX} \
>${WRKDIR}/${text}; \
fi
.endfor
@@ -256,18 +262,6 @@ test: build
.endif
pre-install:
- @${CP} ${MASTERDIR}/pkg-plist${OPENLDAP_PKGFILESUFX} ${PLIST}
-.if defined(CLIENT_ONLY)
-.if !defined(NOPORTDOCS)
- @for dir in rfc drafts; do \
- ${FIND} ${WRKSRC}/doc/$${dir} -maxdepth 1 -type f \
- | ${SED} -e "s,^${WRKSRC}/doc/,%%DOCSDIR%%/," \
- >>${PLIST}; \
- ${ECHO_CMD} "@dirrm %%DOCSDIR%%/$${dir}" >>${PLIST}; \
- done
- @${ECHO_CMD} "@dirrm %%DOCSDIR%%" >>${PLIST}
-.endif
-.endif
@if [ -f ${PKGINSTALL} ]; then \
${SETENV} "PKG_PREFIX=${PREFIX}" ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL; \
fi
@@ -276,15 +270,28 @@ post-install:
.if defined(CLIENT_ONLY)
.if !defined(NOPORTDOCS)
@${MKDIR} ${DOCSDIR}
- @for dir in rfc drafts; do \
+ @for dir in drafts rfc; do \
${MKDIR} ${DOCSDIR}/$${dir}; \
- ${FIND} ${WRKSRC}/doc/$${dir} -maxdepth 1 -type f \
- -exec ${INSTALL_DATA} {} ${DOCSDIR}/$${dir} \; ; \
+ ${INSTALL_DATA} ${WRKSRC}/doc/$${dir}/* ${DOCSDIR}/$${dir}; \
done
.endif
.else
+ @for schema in ${SCHEMATA}; do \
+ ${ECHO_CMD} "@unexec if cmp -s %D/etc/openldap/schema/$${schema}.schema" \
+ "%D/etc/openldap/schema/$${schema}.schema.default; then" \
+ "rm -f %D/etc/openldap/schema/$${schema}.schema; fi" >>${TMPPLIST}; \
+ ${ECHO_CMD} "etc/openldap/schema/$${schema}.schema.default" >>${TMPPLIST}; \
+ ${ECHO_CMD} "@exec [ -f %B/$${schema}.schema ] || cp %B/%f %B/$${schema}.schema" >>${TMPPLIST}; \
+ done
+ @${ECHO_CMD} "@unexec rmdir %D/etc/openldap/schema 2>/dev/null || true" >>${TMPPLIST}
+ @${ECHO_CMD} "@unexec rmdir %D/etc/openldap 2>/dev/null || true" >>${TMPPLIST}
+# currently the only way to participate in rcorder(8)
+ @if [ "${RC_DIR}" != "${PREFIX}" ]; then \
+ ${ECHO_CMD} "@cwd ${RC_DIR}" >>${TMPPLIST}; \
+ fi
.for script in slapd slurpd
@${INSTALL_SCRIPT} ${WRKDIR}/${script}.sh ${RC_DIR}/${script}${RC_SUFX}
+ @${ECHO_CMD} "${script}${RC_SUFX}" >>${TMPPLIST}
.endfor
@${MKDIR} ${LDAP_RUN_DIR}
.endif
diff --git a/net/openldap22-server/distinfo b/net/openldap22-server/distinfo
index eef25e637b2e..f719bfa9ac22 100644
--- a/net/openldap22-server/distinfo
+++ b/net/openldap22-server/distinfo
@@ -1 +1,3 @@
-MD5 (openldap-2.2.0alpha.tgz) = 72fe342067b717a37b9697898dacfa0a
+MD5 (openldap-2.2.2beta.tgz) = c5e58d6d518692e0de4841a6433a5956
+SHA1 (openldap-2.2.2beta.tgz) = 08b0f15c32f2b7ada33c2d0bf52ba135ae7a4637
+SIZE (openldap-2.2.2beta.tgz) = 2473910
diff --git a/net/openldap22-server/files/patch-libraries::liblunicode::ucstr.c b/net/openldap22-server/files/patch-libraries::liblunicode::ucstr.c
deleted file mode 100644
index b8044b524697..000000000000
--- a/net/openldap22-server/files/patch-libraries::liblunicode::ucstr.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- libraries/liblunicode/ucstr.c.orig Fri Apr 11 03:57:10 2003
-+++ libraries/liblunicode/ucstr.c Sun Jul 6 02:50:32 2003
-@@ -10,7 +10,7 @@
- #include <ac/string.h>
- #include <ac/stdlib.h>
-
--#include <lber.h>
-+#include <lber_pvt.h>
-
- #include <ldap_utf8.h>
- #include <ldap_pvt_uc.h>
diff --git a/net/openldap22-server/files/patch-libraries::liblutil::passwd.c b/net/openldap22-server/files/patch-libraries::liblutil::passwd.c
deleted file mode 100644
index 32de74e9ee11..000000000000
--- a/net/openldap22-server/files/patch-libraries::liblutil::passwd.c
+++ /dev/null
@@ -1,14 +0,0 @@
-#
-# ITS#2562: add missing arg to hash_lanman
-#
---- libraries/liblutil/passwd.c.orig Fri May 2 13:29:29 2003
-+++ libraries/liblutil/passwd.c Sun Jun 22 03:08:18 2003
-@@ -632,7 +632,7 @@
- {
- struct berval *hash;
-
-- hash = hash_lanman( scheme, cred );
-+ hash = hash_lanman( scheme, cred, text );
- return memcmp( &hash->bv_val[scheme->bv_len], passwd->bv_val, 32);
- }
- #endif /* SLAPD_LMHASH */
diff --git a/net/openldap22-server/files/patch-servers::slapd::back-perl b/net/openldap22-server/files/patch-servers::slapd::back-perl
deleted file mode 100644
index c6d024df3ed0..000000000000
--- a/net/openldap22-server/files/patch-servers::slapd::back-perl
+++ /dev/null
@@ -1,302 +0,0 @@
-diff -Nur servers/slapd/back-perl/add.c.orig servers/slapd/back-perl/add.c
---- servers/slapd/back-perl/add.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/add.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/bind.c.orig servers/slapd/back-perl/bind.c
---- servers/slapd/back-perl/bind.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/bind.c Thu Jun 5 11:44:06 2003
-@@ -13,18 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--/* init.c - initialize Perl backend */
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/close.c.orig servers/slapd/back-perl/close.c
---- servers/slapd/back-perl/close.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/close.c Thu Jun 5 11:44:06 2003
-@@ -13,18 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--/* init.c - initialize shell backend */
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/compare.c.orig servers/slapd/back-perl/compare.c
---- servers/slapd/back-perl/compare.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/compare.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "lutil.h"
- #include "perl_back.h"
-diff -Nur servers/slapd/back-perl/config.c.orig servers/slapd/back-perl/config.c
---- servers/slapd/back-perl/config.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/config.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/delete.c.orig servers/slapd/back-perl/delete.c
---- servers/slapd/back-perl/delete.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/delete.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/init.c.orig servers/slapd/back-perl/init.c
---- servers/slapd/back-perl/init.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/init.c Thu Jun 12 22:25:21 2003
-@@ -13,18 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
-- /* init.c - initialize shell backend */
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-@@ -37,7 +38,7 @@
-
- #ifdef SLAPD_PERL_DYNAMIC
-
--int back_perl_LTX_init_module(int argc, char *argv[])
-+int init_module(int argc, char *argv[])
- {
- BackendInfo bi;
-
-diff -Nur servers/slapd/back-perl/modify.c.orig servers/slapd/back-perl/modify.c
---- servers/slapd/back-perl/modify.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/modify.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/modrdn.c.orig servers/slapd/back-perl/modrdn.c
---- servers/slapd/back-perl/modrdn.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/modrdn.c Thu Jun 5 11:44:06 2003
-@@ -26,17 +26,19 @@
- *
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/search.c.orig servers/slapd/back-perl/search.c
---- servers/slapd/back-perl/search.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/search.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
diff --git a/net/openldap22-server/files/patch-servers::slapd::backend.c b/net/openldap22-server/files/patch-servers::slapd::backend.c
new file mode 100644
index 000000000000..663f1248838d
--- /dev/null
+++ b/net/openldap22-server/files/patch-servers::slapd::backend.c
@@ -0,0 +1,19 @@
+--- servers/slapd/backend.c Mon Oct 6 16:57:29 2003
++++ servers/slapd/backend.c Sun Oct 19 15:33:56 2003
+@@ -244,8 +244,6 @@
+ int i;
+ int rc = 0;
+
+- init_syncrepl();
+-
+ if( ! ( nBackendDB > 0 ) ) {
+ /* no databases */
+ #ifdef NEW_LOGGING
+@@ -377,6 +375,7 @@
+ if ( backendDB[i].syncinfo != NULL ) {
+ syncinfo_t *si = ( syncinfo_t * ) backendDB[i].syncinfo;
+ si->be = &backendDB[i];
++ init_syncrepl(si);
+ ldap_pvt_thread_mutex_lock( &syncrepl_rq.rq_mutex );
+ ldap_pvt_runqueue_insert( &syncrepl_rq, si->interval,
+ do_syncrepl, (void *) backendDB[i].syncinfo );
diff --git a/net/openldap22-server/files/patch-servers::slapd::config.c b/net/openldap22-server/files/patch-servers::slapd::config.c
new file mode 100644
index 000000000000..c33e1e964316
--- /dev/null
+++ b/net/openldap22-server/files/patch-servers::slapd::config.c
@@ -0,0 +1,51 @@
+--- servers/slapd/config.c Mon Oct 13 03:57:02 2003
++++ servers/slapd/config.c Sun Oct 19 15:33:56 2003
+@@ -2782,9 +2782,9 @@
+ ber_dupbv( &si->updatedn, &be->be_rootndn );
+ si->bindmethod = LDAP_AUTH_SIMPLE;
+ si->schemachecking = 0;
+- si->filterstr = "(objectclass=*)";
++ ber_str2bv( "(objectclass=*)", sizeof("(objectclass=*)")-1, 0, &si->filterstr );
+ if ( be->be_suffix && be->be_suffix[0].bv_val )
+- si->base = ch_strdup( be->be_suffix[0].bv_val );
++ ber_dupbv( &si->base, &be->be_nsuffix[0] );
+ si->scope = LDAP_SCOPE_SUBTREE;
+ si->attrsonly = 0;
+ si->attrs = (char **) ch_calloc( 1, sizeof( char * ));
+@@ -2914,14 +2914,11 @@
+ }
+ } else if ( !strncasecmp( cargv[ i ],
+ UPDATEDNSTR, sizeof( UPDATEDNSTR ) - 1 ) ) {
+- char *str;
+ struct berval updatedn = {0, NULL};
+ val = cargv[ i ] + sizeof( UPDATEDNSTR );
+- str = ch_strdup( val );
+- ber_str2bv( str, strlen(str), 1, &updatedn );
++ ber_str2bv( val, 0, 0, &updatedn );
++ ch_free( si->updatedn.bv_val );
+ dnNormalize( 0, NULL, NULL, &updatedn, &si->updatedn, NULL );
+- ch_free( str );
+- ch_free( updatedn.bv_val );
+ } else if ( !strncasecmp( cargv[ i ], BINDMETHSTR,
+ sizeof( BINDMETHSTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( BINDMETHSTR );
+@@ -2987,11 +2984,17 @@
+ } else if ( !strncasecmp( cargv[ i ],
+ FILTERSTR, sizeof( FILTERSTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( FILTERSTR );
+- si->filterstr = ch_strdup( val );
++ ber_str2bv( val, 0, 1, &si->filterstr );
+ } else if ( !strncasecmp( cargv[ i ],
+ SEARCHBASESTR, sizeof( SEARCHBASESTR ) - 1 ) ) {
++ struct berval bv;
+ val = cargv[ i ] + sizeof( SEARCHBASESTR );
+- si->base = ch_strdup( val );
++ ch_free( si->base.bv_val );
++ ber_str2bv( val, 0, 0, &bv );
++ if ( dnNormalize( 0, NULL, NULL, &bv, &si->base, NULL )) {
++ fprintf( stderr, "Invalid base DN \"%s\"\n", val );
++ return 1;
++ }
+ } else if ( !strncasecmp( cargv[ i ],
+ SCOPESTR, sizeof( SCOPESTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( SCOPESTR );
diff --git a/net/openldap22-server/files/patch-servers::slapd::daemon.c b/net/openldap22-server/files/patch-servers::slapd::daemon.c
new file mode 100644
index 000000000000..09e9b11f9704
--- /dev/null
+++ b/net/openldap22-server/files/patch-servers::slapd::daemon.c
@@ -0,0 +1,32 @@
+--- servers/slapd/daemon.c Mon Oct 13 03:57:02 2003
++++ servers/slapd/daemon.c Sun Oct 19 15:33:56 2003
+@@ -1357,8 +1357,8 @@
+ ldap_pvt_thread_mutex_unlock( &syncrepl_rq.rq_mutex );
+ ldap_pvt_thread_pool_submit( &connection_pool,
+ rtask->routine, (void *) rtask );
++ ldap_pvt_thread_mutex_lock( &syncrepl_rq.rq_mutex );
+ }
+- ldap_pvt_thread_mutex_lock( &syncrepl_rq.rq_mutex );
+ rtask = ldap_pvt_runqueue_next_sched( &syncrepl_rq, &cat );
+ }
+ ldap_pvt_thread_mutex_unlock( &syncrepl_rq.rq_mutex );
+@@ -2077,18 +2077,10 @@
+ * SIGBREAK is generated when a user logs out.
+ */
+
+-#if 0
+ #if HAVE_NT_SERVICE_MANAGER && SIGBREAK
+ if (is_NT_Service && sig == SIGBREAK)
+-#ifdef NEW_LOGGING
+- LDAP_LOG( CONNECTION, CRIT,
+- "slap_sig_shutdown: SIGBREAK ignored.\n", 0, 0, 0 );
+-#else
+- Debug(LDAP_DEBUG_TRACE, "slap_sig_shutdown: SIGBREAK ignored.\n",
+- 0, 0, 0);
+-#endif
++ ;
+ else
+-#endif
+ #endif
+ #ifdef SIGHUP
+ if (sig == SIGHUP && global_gentlehup && slapd_gentle_shutdown == 0)
diff --git a/net/openldap22-server/files/patch-servers::slapd::proto-slap.h b/net/openldap22-server/files/patch-servers::slapd::proto-slap.h
new file mode 100644
index 000000000000..ebcf93bccc24
--- /dev/null
+++ b/net/openldap22-server/files/patch-servers::slapd::proto-slap.h
@@ -0,0 +1,20 @@
+--- servers/slapd/proto-slap.h Mon Oct 13 03:57:02 2003
++++ servers/slapd/proto-slap.h Sun Oct 19 15:33:56 2003
+@@ -1175,16 +1175,10 @@
+ * syncrepl.c
+ */
+
+-LDAP_SLAPD_V( const struct berval ) slap_syncrepl_bvc;
+-LDAP_SLAPD_V( const struct berval ) slap_syncrepl_cn_bvc;
+-
+ LDAP_SLAPD_V (struct runqueue_s) syncrepl_rq;
+
+-LDAP_SLAPD_F (void) init_syncrepl LDAP_P(());
++LDAP_SLAPD_F (void) init_syncrepl LDAP_P((syncinfo_t *));
+ LDAP_SLAPD_F (void*) do_syncrepl LDAP_P((void *, void *));
+-LDAP_SLAPD_F (int) ldap_sync_search LDAP_P((
+- syncinfo_t *, LDAP *, LDAPControl **,
+- LDAPControl **, int *));
+ LDAP_SLAPD_F (Entry*) syncrepl_message_to_entry LDAP_P((
+ syncinfo_t *, LDAP *, Operation *, LDAPMessage *,
+ Modifications **, int*, struct berval *, struct berval * ));
diff --git a/net/openldap22-server/files/patch-servers::slapd::slap.h b/net/openldap22-server/files/patch-servers::slapd::slap.h
new file mode 100644
index 000000000000..a50dc46db29a
--- /dev/null
+++ b/net/openldap22-server/files/patch-servers::slapd::slap.h
@@ -0,0 +1,40 @@
+--- servers/slapd/slap.h Mon Oct 6 16:57:29 2003
++++ servers/slapd/slap.h Sun Oct 19 15:33:56 2003
+@@ -451,11 +451,18 @@
+ */
+ #define SLAP_MR_VALUE_OF_ASSERTION_SYNTAX 0x0001U
+ #define SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX 0x0002U
++#define SLAP_MR_VALUE_OF_SYNTAX 0x0003U
+
+ #define SLAP_MR_IS_VALUE_OF_ATTRIBUTE_SYNTAX( usage ) \
+ ((usage) & SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX )
+ #define SLAP_MR_IS_VALUE_OF_ASSERTION_SYNTAX( usage ) \
+ ((usage) & SLAP_MR_VALUE_OF_ASSERTION_SYNTAX )
++#ifdef LDAP_DEBUG
++#define SLAP_MR_IS_VALUE_OF_SYNTAX( usage ) \
++ ((usage) & SLAP_MR_VALUE_OF_SYNTAX)
++#else
++#define SLAP_MR_IS_VALUE_OF_SYNTAX( usage ) (1)
++#endif
+
+ /* either or both the asserted value or attribute value
+ * may be provided in normalized form
+@@ -1311,8 +1318,8 @@
+ char *srvtab;
+ int schemachecking;
+ Filter *filter;
+- char *filterstr;
+- char *base;
++ struct berval filterstr;
++ struct berval base;
+ int scope;
+ int attrsonly;
+ char **attrs;
+@@ -1980,7 +1987,6 @@
+
+ ValuesReturnFilter *o_vrFilter; /* ValuesReturnFilter */
+
+- syncinfo_t* o_si;
+ int o_nocaching;
+
+ #ifdef LDAP_SLAPI
diff --git a/net/openldap22-server/files/patch-servers::slapd::syncrepl.c b/net/openldap22-server/files/patch-servers::slapd::syncrepl.c
new file mode 100644
index 000000000000..950f459f1937
--- /dev/null
+++ b/net/openldap22-server/files/patch-servers::slapd::syncrepl.c
@@ -0,0 +1,1310 @@
+--- servers/slapd/syncrepl.c Mon Oct 13 03:57:03 2003
++++ servers/slapd/syncrepl.c Sun Oct 19 15:33:56 2003
+@@ -19,6 +19,12 @@
+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
+ * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ */
++/* Modified by Howard Chu
++ *
++ * Copyright (c) 2003 by Howard Chu, Symas Corporation
++ *
++ * Modifications provided under the terms of the OpenLDAP public license.
++ */
+
+ #include "portable.h"
+
+@@ -26,7 +32,6 @@
+
+ #include <ac/string.h>
+ #include <ac/socket.h>
+-#include <db.h>
+
+ #include "ldap_pvt.h"
+ #include "lutil.h"
+@@ -35,106 +40,142 @@
+
+ #include "ldap_rq.h"
+
+-static const struct berval slap_syncrepl_bvc = BER_BVC("syncreplxxx");
+-static const struct berval slap_syncrepl_cn_bvc = BER_BVC("cn=syncreplxxx");
++#ifdef LDAP_SLAPI
++#include "slapi.h"
++#endif
++
++#define SYNCREPL_STR "syncreplxxx"
++#define CN_STR "cn="
++
++static const struct berval slap_syncrepl_bvc = BER_BVC(SYNCREPL_STR);
++static const struct berval slap_syncrepl_cn_bvc = BER_BVC(CN_STR SYNCREPL_STR);
+
+ static void
+-syncrepl_del_nonpresent( LDAP *, Operation * );
++syncrepl_del_nonpresent( LDAP *, Operation *, syncinfo_t * );
+
+ /* callback functions */
+-static int cookie_callback( struct slap_op *, struct slap_rep * );
+ static int dn_callback( struct slap_op *, struct slap_rep * );
+ static int nonpresent_callback( struct slap_op *, struct slap_rep * );
+ static int null_callback( struct slap_op *, struct slap_rep * );
+-static int contextcsn_callback( Operation*, SlapReply* );
+
+-static AttributeDescription **sync_descs;
++static AttributeDescription *sync_descs[4];
+
+ struct runqueue_s syncrepl_rq;
+
+ void
+-init_syncrepl()
++init_syncrepl(syncinfo_t *si)
+ {
+- sync_descs = ch_malloc( 4 * sizeof( AttributeDescription * ));
+- sync_descs[0] = slap_schema.si_ad_objectClass;
+- sync_descs[1] = slap_schema.si_ad_structuralObjectClass;
+- sync_descs[2] = slap_schema.si_ad_entryCSN;
+- sync_descs[3] = NULL;
++ int i, j, k, n;
++ char **tmp;
++
++ if ( !sync_descs[0] ) {
++ sync_descs[0] = slap_schema.si_ad_objectClass;
++ sync_descs[1] = slap_schema.si_ad_structuralObjectClass;
++ sync_descs[2] = slap_schema.si_ad_entryCSN;
++ sync_descs[3] = NULL;
++ }
++
++ for ( n = 0; si->attrs[ n ] != NULL; n++ ) ;
++
++ if ( n ) {
++ /* Delete Attributes */
++ for ( i = 0; sync_descs[i] != NULL; i++ ) {
++ for ( j = 0; si->attrs[j] != NULL; j++ ) {
++ if ( !strcmp( si->attrs[j], sync_descs[i]->ad_cname.bv_val )) {
++ ch_free( si->attrs[j] );
++ for ( k = j; si->attrs[k] != NULL; k++ ) {
++ si->attrs[k] = si->attrs[k+1];
++ }
++ }
++ }
++ }
++ for ( n = 0; si->attrs[ n ] != NULL; n++ );
++ tmp = ( char ** ) ch_realloc( si->attrs, ( n + 4 ) * sizeof( char * ));
++ if ( tmp == NULL ) {
++#ifdef NEW_LOGGING
++ LDAP_LOG( OPERATION, ERR, "out of memory\n", 0,0,0 );
++#else
++ Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 );
++#endif
++ }
++ } else {
++ tmp = ( char ** ) ch_realloc( si->attrs, 5 * sizeof( char * ));
++ if ( tmp == NULL ) {
++#ifdef NEW_LOGGING
++ LDAP_LOG( OPERATION, ERR, "out of memory\n", 0,0,0 );
++#else
++ Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 );
++#endif
++ }
++ tmp[ n++ ] = ch_strdup( "*" );
++ }
++
++ si->attrs = tmp;
++
++ /* Add Attributes */
++
++ for ( i = 0; sync_descs[ i ] != NULL; i++ ) {
++ si->attrs[ n++ ] = ch_strdup ( sync_descs[i]->ad_cname.bv_val );
++ si->attrs[ n ] = NULL;
++ }
+ }
+
+-int
++static int
+ ldap_sync_search(
+ syncinfo_t *si,
+ LDAP *ld,
+- LDAPControl **sctrls,
+- LDAPControl **cctrls,
++ void *ctx,
+ int *msgidp )
+ {
+- BerElement *ber;
+- int timelimit;
+- ber_int_t id;
+-
+- int rc;
+- BerElement *sync_ber = NULL;
+- struct berval *sync_bvalp = NULL;
+- LDAPControl c[2];
+- LDAPControl **ctrls;
+- int err;
++ BerElementBuffer berbuf;
++ BerElement *ber = (BerElement *)&berbuf;
++ LDAPControl c[2], *ctrls[3];
+ struct timeval timeout;
++ int rc;
+
+- /* setup LDAP SYNC control */
+- sync_ber = ber_alloc_t( LBER_USE_DER );
+- ber_set_option( sync_ber, LBER_OPT_BER_MEMCTX, NULL );
+-
+- if ( si->syncCookie ) {
+- ber_printf( sync_ber, "{eO}", abs(si->type), si->syncCookie );
+- } else {
+- ber_printf( sync_ber, "{e}", abs(si->type) );
+- }
+-
+- if ( ber_flatten( sync_ber, &sync_bvalp ) == LBER_ERROR ) {
+- ber_free( sync_ber, 1 );
+- return LBER_ERROR;
+- }
+- ber_free( sync_ber, 1 );
+-
+- ctrls = (LDAPControl**) sl_calloc( 3, sizeof(LDAPControl*), NULL );
+-
+- c[0].ldctl_oid = LDAP_CONTROL_SYNC;
+- c[0].ldctl_value = (*sync_bvalp);
+- c[0].ldctl_iscritical = si->type < 0;
+- ctrls[0] = &c[0];
+-
+- if ( si->authzId ) {
+- c[1].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
+- c[1].ldctl_value.bv_val = si->authzId;
+- c[1].ldctl_value.bv_len = strlen( si->authzId );
+- c[1].ldctl_iscritical = 1;
+- ctrls[1] = &c[1];
+- } else {
+- ctrls[1] = NULL;
+- }
+-
+- ctrls[2] = NULL;
++ /* setup LDAP SYNC control */
++ ber_init2( ber, NULL, LBER_USE_DER );
++ ber_set_option( ber, LBER_OPT_BER_MEMCTX, &ctx );
+
+- err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, ctrls );
++ if ( si->syncCookie ) {
++ ber_printf( ber, "{eO}", abs(si->type), si->syncCookie );
++ } else {
++ ber_printf( ber, "{e}", abs(si->type) );
++ }
++
++ if ( (rc = ber_flatten2( ber, &c[0].ldctl_value, 0 )) == LBER_ERROR ) {
++ ber_free_buf( ber );
++ return rc;
++ }
+
+- ber_bvfree( sync_bvalp );
+- ch_free( ctrls );
++ c[0].ldctl_oid = LDAP_CONTROL_SYNC;
++ c[0].ldctl_iscritical = si->type < 0;
++ ctrls[0] = &c[0];
+
+- if ( err != LDAP_OPT_SUCCESS )
+- fprintf( stderr, "Could not set controls : %d\n", err );
++ if ( si->authzId ) {
++ c[1].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
++ ber_str2bv( si->authzId, 0, 0, &c[1].ldctl_value );
++ c[1].ldctl_iscritical = 1;
++ ctrls[1] = &c[1];
++ ctrls[2] = NULL;
++ } else {
++ ctrls[1] = NULL;
++ }
+
+ timeout.tv_sec = si->tlimit > 0 ? si->tlimit : 1;
++ timeout.tv_usec = 0;
+
+- rc = ldap_search_ext( ld, si->base, si->scope, si->filterstr,
+- si->attrs, si->attrsonly, sctrls, cctrls,
++ rc = ldap_search_ext( ld, si->base.bv_val, si->scope, si->filterstr.bv_val,
++ si->attrs, si->attrsonly, ctrls, NULL,
+ si->tlimit < 0 ? NULL : &timeout,
+ si->slimit, msgidp );
++ ber_free_buf( ber );
+
+ return rc;
+ }
+
++static const Listener dummy_list = { {0, ""}, {0, ""} };
++
+ void *
+ do_syncrepl(
+ void *ctx,
+@@ -142,18 +183,11 @@
+ {
+ struct re_s* rtask = arg;
+ syncinfo_t *si = ( syncinfo_t * ) rtask->arg;
+- Backend *be = si->be;
+-
+- SlapReply rs = {REP_RESULT};
++ Backend *be;
+
+- LDAPControl c[2];
+- LDAPControl **sctrls = NULL;
+ LDAPControl **rctrls = NULL;
+ LDAPControl *rctrlp = NULL;
+- BerElement *sync_ber = NULL;
+- struct berval *sync_bvalp = NULL;
+
+- BerElement *ctrl_ber = NULL;
+ BerElement *res_ber = NULL;
+
+ LDAP *ld = NULL;
+@@ -162,10 +196,6 @@
+
+ ber_int_t msgid;
+
+- int nresponses, nreferences, nextended, npartial;
+- int nresponses_psearch;
+-
+- int cancel_msgid = -1;
+ char *retoid = NULL;
+ struct berval *retdata = NULL;
+
+@@ -182,31 +212,20 @@
+ ber_len_t len;
+ int syncinfo_arrived = 0;
+
+- char **tmp = NULL;
+- AttributeDescription** descs = NULL;
+-
+- Connection conn;
++ Connection conn = {0};
+ Operation op = {0};
+ slap_callback cb;
+
+ void *memctx = NULL;
+ ber_len_t memsiz;
+
+- int i, j, k, n;
+ int rc_efree;
+
+- struct berval base_bv = { 0, NULL };
+- struct berval pbase = { 0, NULL };
+- struct berval nbase = { 0, NULL };
+- struct berval psubrdn = { 0, NULL };
+- struct berval nsubrdn = { 0, NULL };
+ struct berval psub = { 0, NULL };
+- struct berval nsub = { 0, NULL };
+ Modifications *modlist = NULL;
+- Modifications *ml, *mlnext;
+- char *def_filter_str = NULL;
+
+- struct berval slap_syncrepl_bv = BER_BVNULL;
++ char syncrepl_cbuf[sizeof(CN_STR SYNCREPL_STR)];
++ struct berval syncrepl_cn_bv = {sizeof(syncrepl_cbuf)-1, syncrepl_cbuf};
+
+ const char *text;
+ int match;
+@@ -224,7 +243,7 @@
+ return NULL;
+
+ if ( abs(si->type) != LDAP_SYNC_REFRESH_ONLY &&
+- abs(si->type) != LDAP_SYNC_REFRESH_AND_PERSIST ) {
++ abs(si->type) != LDAP_SYNC_REFRESH_AND_PERSIST ) {
+ return NULL;
+ }
+
+@@ -235,14 +254,15 @@
+ rc = ldap_initialize( &ld, si->provideruri );
+ if ( rc != LDAP_SUCCESS ) {
+ #ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR, "do_syncrepl: "
+- "ldap_initialize failed (%s)\n",
++ LDAP_LOG( OPERATION, ERR,
++ "do_syncrepl: ldap_initialize failed (%s)\n",
+ si->provideruri, 0, 0 );
+ #else
+- Debug( LDAP_DEBUG_ANY, "do_syncrepl: "
+- "ldap_initialize failed (%s)\n",
++ Debug( LDAP_DEBUG_ANY,
++ "do_syncrepl: ldap_initialize failed (%s)\n",
+ si->provideruri, 0, 0 );
+ #endif
++ return NULL;
+ }
+
+ op.o_protocol = LDAP_VERSION3;
+@@ -293,10 +313,10 @@
+
+ defaults = lutil_sasl_defaults( ld,
+ si->saslmech,
+- si->realm,
+- si->authcId,
+- si->passwd,
+- si->authzId );
++ si->realm,
++ si->authcId,
++ si->passwd,
++ si->authzId );
+
+ rc = ldap_sasl_interactive_bind_s( ld,
+ si->binddn,
+@@ -306,6 +326,8 @@
+ lutil_sasl_interact,
+ defaults );
+
++ lutil_sasl_freedefs( defaults );
++
+ /* FIXME : different error behaviors according to
+ 1) return code
+ 2) on err policy : exit, retry, backoff ...
+@@ -343,6 +365,16 @@
+ /* set thread context in syncinfo */
+ si->ctx = ctx;
+
++ be = si->be;
++
++ si->conn = &conn;
++ conn.c_connid = -1;
++ conn.c_send_ldap_result = slap_send_ldap_result;
++ conn.c_send_search_entry = slap_send_search_entry;
++ conn.c_send_search_reference = slap_send_search_reference;
++ conn.c_listener = (Listener *)&dummy_list;
++ conn.c_peer_name = slap_empty_bv;
++
+ /* set memory context */
+ #define SLAB_SIZE 1048576
+ memsiz = SLAB_SIZE;
+@@ -350,119 +382,44 @@
+ op.o_tmpmemctx = memctx;
+ op.o_tmpmfuncs = &sl_mfuncs;
+
+- op.o_si = si;
+- op.o_tag = LDAP_REQ_SEARCH;
+ op.o_dn = si->updatedn;
+ op.o_ndn = si->updatedn;
+ op.o_callback = &cb;
+ op.o_time = slap_get_time();
+- op.o_managedsait = 1;
+ op.o_threadctx = si->ctx;
++ op.o_managedsait = 1;
+ op.o_bd = be;
+ op.o_conn = &conn;
+ op.o_connid = op.o_conn->c_connid;
+- op.ors_scope = LDAP_SCOPE_BASE;
+- op.ors_deref = LDAP_DEREF_NEVER;
+- op.ors_slimit = 0;
+- op.ors_tlimit = 0;
+- op.ors_attrsonly = 0;
+- op.ors_attrs = NULL;
+- op.ors_filter = str2filter_x( &op, def_filter_str = "(objectClass=*)" );
+- ber_str2bv( def_filter_str, 0, 0, &op.ors_filterstr );
+-
+- si->conn = &conn;
+- conn.c_send_ldap_result = slap_send_ldap_result;
+- conn.c_send_search_entry = slap_send_search_entry;
+- conn.c_send_search_reference = slap_send_search_reference;
++#if defined( LDAP_SLAPI )
++ op.o_pb = slapi_pblock_new();
++ slapi_x_create_object_extensions( SLAPI_X_EXT_OPERATION, &op );
++#endif /* defined( LDAP_SLAPI ) */
+
+ /* get syncrepl cookie of shadow replica from subentry */
+- ber_str2bv( si->base, 0, 0, &base_bv );
+- dnPrettyNormal( 0, &base_bv, &pbase, &nbase, op.o_tmpmemctx );
+-
+- ber_dupbv( &slap_syncrepl_bv, (struct berval *) &slap_syncrepl_bvc );
+- slap_syncrepl_bv.bv_len = snprintf( slap_syncrepl_bv.bv_val,
+- slap_syncrepl_bvc.bv_len,
+- "syncrepl%d", si->id );
+- build_new_dn( &op.o_req_dn, &pbase, &slap_syncrepl_bv, op.o_tmpmemctx );
+- build_new_dn( &op.o_req_ndn, &nbase, &slap_syncrepl_bv, op.o_tmpmemctx );
+
+- /* set callback function */
+- cb.sc_response = cookie_callback;
+- cb.sc_private = si;
++ snprintf(syncrepl_cbuf, sizeof(syncrepl_cbuf), CN_STR "syncrepl%d",
++ si->id );
++ build_new_dn( &op.o_req_ndn, &si->base, &syncrepl_cn_bv, op.o_tmpmemctx );
++ op.o_req_dn = op.o_req_ndn;
+
+- /* search subentry to retrieve cookie */
+ si->syncCookie = NULL;
+- be->be_search( &op, &rs );
+-
+- if ( op.o_req_dn.bv_val )
+- ch_free( op.o_req_dn.bv_val );
+- if ( op.o_req_ndn.bv_val )
+- ch_free( op.o_req_ndn.bv_val );
+- if ( op.ors_filter )
+- filter_free( op.ors_filter );
+- if ( op.ors_filterstr.bv_val )
+- ch_free( op.ors_filterstr.bv_val );
+- if ( slap_syncrepl_bv.bv_val )
+- ch_free( slap_syncrepl_bv.bv_val );
+- if ( pbase.bv_val )
+- ch_free( pbase.bv_val );
+- if ( nbase.bv_val )
+- ch_free( nbase.bv_val );
++ backend_attribute( &op, NULL, &op.o_req_ndn,
++ slap_schema.si_ad_syncreplCookie, &si->syncCookie );
+
+ ber_dupbv( &syncCookie_req, si->syncCookie );
+
+ psub = be->be_nsuffix[0];
+
+- for ( n = 0; si->attrs[ n ] != NULL; n++ ) ;
+-
+- if ( n != 0 ) {
+- /* Delete Attributes */
+- descs = sync_descs;
+- for ( i = 0; descs[i] != NULL; i++ ) {
+- for ( j = 0; si->attrs[j] != NULL; j++ ) {
+- if ( !strcmp( si->attrs[j], descs[i]->ad_cname.bv_val )) {
+- ch_free( si->attrs[j] );
+- for ( k = j; si->attrs[k] != NULL; k++ ) {
+- si->attrs[k] = si->attrs[k+1];
+- }
+- }
+- }
+- }
+- for ( n = 0; si->attrs[ n ] != NULL; n++ );
+- tmp = ( char ** ) ch_realloc( si->attrs, ( n + 4 ) * sizeof( char * ));
+- if ( tmp == NULL ) {
+-#ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR, "out of memory\n", 0,0,0 );
+-#else
+- Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 );
+-#endif
+- }
+- } else {
+- tmp = ( char ** ) ch_realloc( si->attrs, 5 * sizeof( char * ));
+- if ( tmp == NULL ) {
++ rc = ldap_sync_search( si, ld, memctx, &msgid );
++ if( rc != LDAP_SUCCESS ) {
+ #ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR, "out of memory\n", 0,0,0 );
++ LDAP_LOG ( OPERATION, ERR, "do_syncrepl: "
++ "ldap_search_ext: %s (%d)\n", ldap_err2string( rc ), rc, 0 );
+ #else
+- Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 );
++ Debug( LDAP_DEBUG_ANY, "do_syncrepl: "
++ "ldap_search_ext: %s (%d)\n", ldap_err2string( rc ), rc, 0 );
+ #endif
+- }
+- tmp[ n++ ] = ch_strdup( "*" );
+- }
+-
+- descs = sync_descs;
+- si->attrs = tmp;
+-
+- /* Add Attributes */
+-
+- for ( i = 0; descs[ i ] != NULL; i++ ) {
+- si->attrs[ n++ ] = ch_strdup ( descs[i]->ad_cname.bv_val );
+- si->attrs[ n ] = NULL;
+- }
+-
+- rc = ldap_sync_search( si, ld, NULL, NULL, &msgid );
+- if( rc != LDAP_SUCCESS ) {
+- fprintf( stderr, "syncrepl: ldap_search_ext: %s (%d)\n",
+- ldap_err2string( rc ), rc );
+ return NULL;
+ }
+
+@@ -473,7 +430,6 @@
+ }
+
+ while (( rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ONE, tout_p, &res )) >= 0 ) {
+-
+ if ( rc == 0 ) {
+ if ( slapd_abrupt_shutdown ) {
+ break;
+@@ -483,8 +439,8 @@
+ }
+
+ for ( msg = ldap_first_message( ld, res );
+- msg != NULL;
+- msg = ldap_next_message( ld, msg ) )
++ msg != NULL;
++ msg = ldap_next_message( ld, msg ) )
+ {
+ syncCookie.bv_len = 0; syncCookie.bv_val = NULL;
+ switch( ldap_msgtype( msg ) ) {
+@@ -517,17 +473,18 @@
+ case LDAP_RES_SEARCH_RESULT:
+ ldap_parse_result( ld, msg, &err, NULL, NULL, NULL, &rctrls, 0 );
+ if ( rctrls ) {
++ BerElementBuffer berbuf;
++ BerElement *ctrl_ber;
+ rctrlp = *rctrls;
+- ctrl_ber = ber_alloc_t( LBER_USE_DER );
+- ber_set_option( ctrl_ber, LBER_OPT_BER_MEMCTX, &op.o_tmpmemctx );
+- ber_write( ctrl_ber, rctrlp->ldctl_value.bv_val, rctrlp->ldctl_value.bv_len, 0 );
+- ber_reset( ctrl_ber, 1 );
++ ctrl_ber = (BerElement *)&berbuf;
++ ber_init2( ctrl_ber, &rctrlp->ldctl_value, LBER_USE_DER );
+
+ ber_scanf( ctrl_ber, "{" /*"}"*/);
+ if ( ber_peek_tag( ctrl_ber, &len )
+ == LDAP_SYNC_TAG_COOKIE ) {
+ ber_scanf( ctrl_ber, "o", &syncCookie );
+ }
++ ldap_controls_free( rctrls );
+ }
+ value_match( &match, slap_schema.si_ad_entryCSN,
+ slap_schema.si_ad_entryCSN->ad_type->sat_ordering,
+@@ -541,8 +498,6 @@
+ if ( syncCookie.bv_len && match < 0) {
+ syncrepl_updateCookie( si, ld, &op, &psub, &syncCookie );
+ }
+- if ( ctrl_ber )
+- ber_free( ctrl_ber, 1 );
+ goto done;
+ } else {
+ /* FIXME : different error behaviors according to
+@@ -553,10 +508,8 @@
+ syncrepl_updateCookie( si, ld, &op, &psub, &syncCookie);
+ }
+ if ( si->sync_mode == LDAP_SYNC_STATE_MODE && match < 0 ) {
+- syncrepl_del_nonpresent( ld, &op );
++ syncrepl_del_nonpresent( ld, &op, si );
+ }
+- if ( ctrl_ber )
+- ber_free( ctrl_ber, 1 );
+ goto done;
+ }
+ break;
+@@ -595,7 +548,7 @@
+
+ if ( syncstate == LDAP_SYNC_STATE_MODE_DONE ) {
+ if ( match < 0 ) {
+- syncrepl_del_nonpresent( ld, &op );
++ syncrepl_del_nonpresent( ld, &op, si );
+ }
+ si->sync_mode = LDAP_SYNC_LOG_MODE;
+ } else if ( syncstate == LDAP_SYNC_LOG_MODE_DONE ) {
+@@ -643,10 +596,14 @@
+ break;
+
+ }
+- if ( syncCookie.bv_val )
++ if ( syncCookie.bv_val ) {
+ ch_free( syncCookie.bv_val );
+- if ( syncUUID.bv_val )
++ syncCookie.bv_val = NULL;
++ }
++ if ( syncUUID.bv_val ) {
+ ch_free( syncUUID.bv_val );
++ syncUUID.bv_val = NULL;
++ }
+ }
+ ldap_msgfree( res );
+ }
+@@ -668,6 +625,11 @@
+ }
+
+ done:
++#if defined( LDAP_SLAPI )
++ if ( op.o_pb ) slapi_pblock_destroy( op.o_pb );
++ slapi_x_free_object_extensions( SLAPI_X_EXT_OPERATION, &op );
++#endif /* defined( LDAP_SLAPI ) */
++
+ if ( syncCookie.bv_val )
+ ch_free( syncCookie.bv_val );
+ if ( syncCookie_req.bv_val )
+@@ -704,37 +666,22 @@
+ struct berval *syncCookie
+ )
+ {
+- Entry *e;
++ Entry *e = NULL;
+ BerElement *ber = NULL;
+- BerElement *tmpber;
+- struct berval bv = {0, NULL};
+ Modifications tmp;
+ Modifications *mod;
+ Modifications **modtail = modlist;
+- Backend *be = op->o_bd;
+
+ const char *text;
+ char txtbuf[SLAP_TEXT_BUFLEN];
+ size_t textlen = sizeof txtbuf;
+
+- struct berval **bvals = NULL;
+- char *dn;
+- struct berval bdn = {0, NULL};
+- Attribute *attr;
+- struct berval empty_bv = { 0, NULL };
++ struct berval bdn = {0, NULL}, dn, ndn;
+ int rc;
+- char *a;
+
+ ber_len_t len;
+ LDAPControl* rctrlp;
+ LDAPControl** rctrls = NULL;
+- BerElement* ctrl_ber;
+-
+- ber_tag_t tag;
+-
+- Modifications *ml = NULL;
+- AttributeDescription** descs;
+- int i;
+
+ *modlist = NULL;
+
+@@ -751,61 +698,7 @@
+
+ op->o_tag = LDAP_REQ_ADD;
+
+- rc = ldap_get_dn_ber( ld, msg, &ber, &bdn );
+-
+- if ( rc != LDAP_SUCCESS ) {
+-#ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR,
+- "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 );
+-#else
+- Debug( LDAP_DEBUG_ANY,
+- "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 );
+-#endif
+- return NULL;
+- }
+-
+- e = ( Entry * ) ch_calloc( 1, sizeof( Entry ));
+- dnPrettyNormal( NULL, &bdn, &e->e_name, &e->e_nname, NULL );
+-
+- e->e_attrs = NULL;
+-
+- while ( ber_remaining( ber ) ) {
+- tag = ber_scanf( ber, "{mW}", &tmp.sml_type, &tmp.sml_values );
+-
+- if ( tag == LBER_ERROR ) break;
+- if ( tmp.sml_type.bv_val == NULL ) break;
+-
+- mod = (Modifications *) ch_malloc( sizeof( Modifications ));
+-
+- mod->sml_op = LDAP_MOD_REPLACE;
+- mod->sml_next = NULL;
+- mod->sml_desc = NULL;
+- mod->sml_type = tmp.sml_type;
+- mod->sml_bvalues = tmp.sml_bvalues;
+- mod->sml_nvalues = NULL;
+-
+- *modtail = mod;
+- modtail = &mod->sml_next;
+- }
+-
+- if ( ber_scanf( ber, "}") == LBER_ERROR ) {
+-#ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR,
+- "syncrepl_message_to_entry: ber_scanf failed\n", 0, 0, 0 );
+-#else
+- Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: ber_scanf failed\n",
+- 0, 0, 0 );
+-#endif
+- return NULL;
+- }
+-
+- ber_free( ber, 0 );
+- tmpber = ldap_get_message_ber( msg );
+- ber = ber_dup( tmpber );
+-
+- ber_scanf( ber, "{xx" );
+-
+- rc = ldap_pvt_get_controls( ber, &rctrls );
++ rc = ldap_get_entry_controls( ld, msg, &rctrls );
+ if ( rc != LDAP_SUCCESS ) {
+ #ifdef NEW_LOGGING
+ LDAP_LOG( OPERATION, ERR,
+@@ -818,16 +711,16 @@
+ }
+
+ if ( rctrls ) {
++ BerElementBuffer berbuf;
++ BerElement *ctrl_ber;
++
+ rctrlp = *rctrls;
+- ctrl_ber = ber_alloc_t( LBER_USE_DER );
+- ber_set_option( ctrl_ber, LBER_OPT_BER_MEMCTX, &op->o_tmpmemctx );
+- ber_write( ctrl_ber, rctrlp->ldctl_value.bv_val, rctrlp->ldctl_value.bv_len, 0 );
+- ber_reset( ctrl_ber, 1 );
++ ctrl_ber = (BerElement *)&berbuf;
++ ber_init2( ctrl_ber, &rctrlp->ldctl_value, LBER_USE_DER );
+ ber_scanf( ctrl_ber, "{eo", syncstate, syncUUID );
+ if ( ber_peek_tag( ctrl_ber, &len ) == LDAP_SYNC_TAG_COOKIE ) {
+ ber_scanf( ctrl_ber, "o}", syncCookie );
+ }
+- ber_free( ctrl_ber, 1 );
+ ldap_controls_free( rctrls );
+ } else {
+ #ifdef NEW_LOGGING
+@@ -839,8 +732,48 @@
+ #endif
+ }
+
++ rc = ldap_get_dn_ber( ld, msg, &ber, &bdn );
++
++ if ( rc != LDAP_SUCCESS ) {
++#ifdef NEW_LOGGING
++ LDAP_LOG( OPERATION, ERR,
++ "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 );
++#else
++ Debug( LDAP_DEBUG_ANY,
++ "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 );
++#endif
++ return NULL;
++ }
++
++ dnPrettyNormal( NULL, &bdn, &dn, &ndn, op->o_tmpmemctx );
++ ber_dupbv( &op->o_req_dn, &dn );
++ ber_dupbv( &op->o_req_ndn, &ndn );
++ sl_free( ndn.bv_val, op->o_tmpmemctx );
++ sl_free( dn.bv_val, op->o_tmpmemctx );
++
+ if ( *syncstate == LDAP_SYNC_PRESENT || *syncstate == LDAP_SYNC_DELETE ) {
+- goto done;
++ return NULL;
++ }
++
++ e = ( Entry * ) ch_calloc( 1, sizeof( Entry ) );
++ e->e_name = op->o_req_dn;
++ e->e_nname = op->o_req_ndn;
++
++ while ( ber_remaining( ber ) ) {
++ if ( (ber_scanf( ber, "{mW}", &tmp.sml_type, &tmp.sml_values ) ==
++ LBER_ERROR ) || ( tmp.sml_type.bv_val == NULL )) break;
++
++ mod = (Modifications *) ch_malloc( sizeof( Modifications ));
++
++ mod->sml_op = LDAP_MOD_REPLACE;
++ mod->sml_next = NULL;
++ mod->sml_desc = NULL;
++ mod->sml_type = tmp.sml_type;
++ mod->sml_bvalues = tmp.sml_bvalues;
++ mod->sml_nvalues = NULL;
++
++ *modtail = mod;
++ modtail = &mod->sml_next;
+ }
+
+ if ( *modlist == NULL ) {
+@@ -853,21 +786,6 @@
+ #endif
+ }
+
+- ml = *modlist;
+- while ( ml != NULL ) {
+- AttributeDescription *ad = NULL;
+- rc = slap_bv2ad( &ml->sml_type, &ml->sml_desc, &text );
+-
+- if( rc != LDAP_SUCCESS ) {
+- e = NULL;
+- goto done;
+- }
+-
+- ad = ml->sml_desc;
+- ml->sml_desc = NULL;
+- ml = ml->sml_next;
+- }
+-
+ rc = slap_mods_check( *modlist, 1, &text, txtbuf, textlen, NULL );
+
+ if ( rc != LDAP_SUCCESS ) {
+@@ -878,7 +796,7 @@
+ Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: mods check (%s)\n",
+ text, 0, 0 );
+ #endif
+- return NULL;
++ goto done;
+ }
+
+ rc = slap_mods2entry( *modlist, &e, 1, 1, &text, txtbuf, textlen);
+@@ -893,8 +811,11 @@
+ }
+
+ done:
+-
+ ber_free ( ber, 0 );
++ if ( rc != LDAP_SUCCESS ) {
++ entry_free( e );
++ e = NULL;
++ }
+
+ return e;
+ }
+@@ -924,20 +845,11 @@
+ {
+ Backend *be = op->o_bd;
+ slap_callback cb;
+- struct berval csn_bv = {0, NULL};
+ struct berval *syncuuid_bv = NULL;
+- char csnbuf[ LDAP_LUTIL_CSNSTR_BUFSIZE ];
+
+ SlapReply rs = {REP_RESULT};
+ int rc = LDAP_SUCCESS;
+
+- struct berval base_bv = {0, NULL};
+-
+- char *filterstr;
+- Filter *filter;
+-
+- Attribute *a;
+-
+ if ( refresh &&
+ ( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_ADD )) {
+ syncuuid_bv = ber_dupbv( NULL, syncUUID );
+@@ -953,24 +865,21 @@
+ }
+ }
+
+- filterstr = (char *) sl_malloc( strlen("entryUUID=") + syncUUID->bv_len + 1,
++ op->ors_filterstr.bv_len = strlen("entryUUID=") + syncUUID->bv_len;
++ op->ors_filterstr.bv_val = (char *) sl_malloc( op->ors_filterstr.bv_len + 1,
+ op->o_tmpmemctx );
+- strcpy( filterstr, "entryUUID=" );
+- strcat( filterstr, syncUUID->bv_val );
++ strcpy( op->ors_filterstr.bv_val, "entryUUID=" );
++ strcat( op->ors_filterstr.bv_val, syncUUID->bv_val );
+
+ si->e = e;
+ si->syncUUID_ndn = NULL;
+
+- filter = str2filter( filterstr );
+- ber_str2bv( filterstr, strlen(filterstr), 1, &op->ors_filterstr );
+- ch_free( filterstr );
+- op->ors_filter = filter;
++ op->ors_filter = str2filter_x( op, op->ors_filterstr.bv_val );
+ op->ors_scope = LDAP_SCOPE_SUBTREE;
+
+ /* get syncrepl cookie of shadow replica from subentry */
+- ber_str2bv( si->base, strlen(si->base), 1, &base_bv );
+- dnPrettyNormal( 0, &base_bv, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx );
+- ch_free( base_bv.bv_val );
++ op->o_req_dn = si->base;
++ op->o_req_ndn = si->base;
+
+ /* set callback function */
+ op->o_callback = &cb;
+@@ -981,14 +890,10 @@
+
+ rc = be->be_search( op, &rs );
+
+- if ( op->o_req_dn.bv_val )
+- ch_free( op->o_req_dn.bv_val );
+- if ( op->o_req_ndn.bv_val )
+- ch_free( op->o_req_ndn.bv_val );
+ if ( op->ors_filter )
+- filter_free( op->ors_filter );
++ filter_free_x( op, op->ors_filter );
+ if ( op->ors_filterstr.bv_val )
+- ch_free( op->ors_filterstr.bv_val );
++ sl_free( op->ors_filterstr.bv_val, op->o_tmpmemctx );
+
+ cb.sc_response = null_callback;
+ cb.sc_private = si;
+@@ -1086,7 +991,7 @@
+ rc = be->be_delete( op, &rs );
+ }
+ /* Already deleted otherwise */
+- return 1;
++ return 0;
+
+ default :
+ #ifdef NEW_LOGGING
+@@ -1103,23 +1008,17 @@
+ static void
+ syncrepl_del_nonpresent(
+ LDAP *ld,
+- Operation *op
++ Operation *op,
++ syncinfo_t *si
+ )
+ {
+ Backend* be = op->o_bd;
+- syncinfo_t *si = op->o_si;
+ slap_callback cb;
+- struct berval base_bv = {0, NULL};
+- Filter *filter;
+ SlapReply rs = {REP_RESULT};
+- struct berval filterstr_bv = {0, NULL};
+ struct nonpresent_entry *np_list, *np_prev;
+
+- ber_str2bv( si->base, strlen(si->base), 1, &base_bv );
+- dnPrettyNormal(0, &base_bv, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx );
+- ch_free( base_bv.bv_val );
+-
+- filter = str2filter( si->filterstr );
++ op->o_req_dn = si->base;
++ op->o_req_ndn = si->base;
+
+ cb.sc_response = nonpresent_callback;
+ cb.sc_private = si;
+@@ -1132,21 +1031,15 @@
+ op->ors_tlimit = 0;
+ op->ors_attrsonly = 0;
+ op->ors_attrs = NULL;
+- op->ors_filter = filter;
+- ber_str2bv( si->filterstr, strlen( si->filterstr ), 1, &op->ors_filterstr );
++ op->ors_filter = str2filter_x( op, si->filterstr.bv_val );
++ op->ors_filterstr = si->filterstr;
+
+ op->o_nocaching = 1;
+ be->be_search( op, &rs );
+ op->o_nocaching = 0;
+
+- if ( op->o_req_dn.bv_val )
+- ch_free( op->o_req_dn.bv_val );
+- if ( op->o_req_ndn.bv_val )
+- ch_free( op->o_req_ndn.bv_val );
+ if ( op->ors_filter )
+- filter_free( op->ors_filter );
+- if ( op->ors_filterstr.bv_val )
+- ch_free( op->ors_filterstr.bv_val );
++ filter_free_x( op, op->ors_filter );
+
+ if ( !LDAP_LIST_EMPTY( &si->nonpresentlist ) ) {
+ np_list = LDAP_LIST_FIRST( &si->nonpresentlist );
+@@ -1173,6 +1066,11 @@
+ }
+
+
++static struct berval gcbva[] = {
++ BER_BVC("top"),
++ BER_BVC("glue")
++};
++
+ void
+ syncrepl_add_glue(
+ syncinfo_t *si,
+@@ -1186,72 +1084,72 @@
+ )
+ {
+ Backend *be = op->o_bd;
+- struct berval uuid_bv = {0, NULL};
+ slap_callback cb;
+ Attribute *a;
+ int rc;
+- char uuidbuf[ LDAP_LUTIL_UUIDSTR_BUFSIZE ];
+- int levels = 0;
+- int i, j, k;
++ int suffrdns;
++ int i;
+ struct berval dn = {0, NULL};
+- struct berval pdn = {0, NULL};
+ struct berval ndn = {0, NULL};
+- struct berval rdn = {0, NULL};
+ Entry *glue;
+ SlapReply rs = {REP_RESULT};
+- Connection *conn = op->o_conn;
+- char* ptr;
++ char *ptr, *comma;
+
+ op->o_tag = LDAP_REQ_ADD;
+ op->o_callback = &cb;
+ cb.sc_response = null_callback;
+ cb.sc_private = si;
+
+- ber_dupbv( &dn, &e->e_nname );
+- ber_dupbv( &pdn, &e->e_nname );
++ dn = e->e_name;
++ ndn = e->e_nname;
+
+- ptr = dn.bv_val;
+- while ( !be_issuffix ( be, &pdn )) {
+- dnParent( &dn, &pdn );
+- dn.bv_val = pdn.bv_val;
+- dn.bv_len = pdn.bv_len;
+- levels++;
+- }
+- ch_free( ptr );
+-
+- for ( i = 0; i <= levels; i++ ) {
+- glue = (Entry*) ch_calloc( 1, sizeof(Entry) );
+- ber_dupbv( &dn, &e->e_nname );
+- j = levels - i;
+-
+- ptr = dn.bv_val;
+- for ( k = 0; k < j; k++ ) {
+- dnParent( &dn, &pdn );
+- dn.bv_val = pdn.bv_val;
+- dn.bv_len = pdn.bv_len;
++ /* count RDNs in suffix */
++ if ( be->be_nsuffix[0].bv_len ) {
++ for (i=0, ptr=be->be_nsuffix[0].bv_val; ptr; ptr=strchr( ptr, ',' )) {
++ ptr++;
++ i++;
+ }
++ suffrdns = i;
++ } else {
++ /* suffix is "" */
++ suffrdns = 0;
++ }
+
+- dnPrettyNormal( 0, &dn, &pdn, &ndn, op->o_tmpmemctx );
+- ber_dupbv( &glue->e_name, &pdn );
++ /* Start with BE suffix */
++ for ( i = 0, ptr = NULL; i < suffrdns; i++ ) {
++ comma = strrchr(dn.bv_val, ',');
++ if ( ptr ) *ptr = ',';
++ if ( comma ) *comma = '\0';
++ ptr = comma;
++ }
++ if ( ptr ) {
++ *ptr++ = ',';
++ dn.bv_len -= ptr - dn.bv_val;
++ dn.bv_val = ptr;
++ }
++ /* the normalizedDNs are always the same length, no counting
++ * required.
++ */
++ if ( ndn.bv_len > be->be_nsuffix[0].bv_len ) {
++ ndn.bv_val += ndn.bv_len - be->be_nsuffix[0].bv_len;
++ ndn.bv_len = be->be_nsuffix[0].bv_len;
++ }
++
++ while ( ndn.bv_val > e->e_nname.bv_val ) {
++ glue = (Entry *) ch_calloc( 1, sizeof(Entry) );
++ ber_dupbv( &glue->e_name, &dn );
+ ber_dupbv( &glue->e_nname, &ndn );
+- ch_free( ptr );
+- ch_free( pdn.bv_val );
+- ch_free( ndn.bv_val );
+
+ a = ch_calloc( 1, sizeof( Attribute ));
+ a->a_desc = slap_schema.si_ad_objectClass;
+
+ a->a_vals = ch_calloc( 3, sizeof( struct berval ));
+- ber_str2bv( "top", strlen("top"), 1, &a->a_vals[0] );
+- ber_str2bv( "glue", strlen("glue"), 1, &a->a_vals[1] );
++ ber_dupbv( &a->a_vals[0], &gcbva[0] );
++ ber_dupbv( &a->a_vals[1], &gcbva[1] );
+ a->a_vals[2].bv_len = 0;
+ a->a_vals[2].bv_val = NULL;
+
+- a->a_nvals = ch_calloc( 3, sizeof( struct berval ));
+- ber_str2bv( "top", strlen("top"), 1, &a->a_nvals[0] );
+- ber_str2bv( "glue", strlen("glue"), 1, &a->a_nvals[1] );
+- a->a_nvals[2].bv_len = 0;
+- a->a_nvals[2].bv_val = NULL;
++ a->a_nvals = a->a_vals;
+
+ a->a_next = glue->e_attrs;
+ glue->e_attrs = a;
+@@ -1260,42 +1158,45 @@
+ a->a_desc = slap_schema.si_ad_structuralObjectClass;
+
+ a->a_vals = ch_calloc( 2, sizeof( struct berval ));
+- ber_str2bv( "glue", strlen("glue"), 1, &a->a_vals[0] );
++ ber_dupbv( &a->a_vals[0], &gcbva[1] );
+ a->a_vals[1].bv_len = 0;
+ a->a_vals[1].bv_val = NULL;
+
+- a->a_nvals = ch_calloc( 2, sizeof( struct berval ));
+- ber_str2bv( "glue", strlen("glue"), 1, &a->a_nvals[0] );
+- a->a_nvals[1].bv_len = 0;
+- a->a_nvals[1].bv_val = NULL;
++ a->a_nvals = a->a_vals;
+
+ a->a_next = glue->e_attrs;
+ glue->e_attrs = a;
+
+- if ( !strcmp( e->e_nname.bv_val, glue->e_nname.bv_val )) {
+- op->o_req_dn = e->e_name;
+- op->o_req_ndn = e->e_nname;
+- op->ora_e = e;
+- rc = be->be_add ( op, &rs );
+- if ( rc == LDAP_SUCCESS )
+- be_entry_release_w( op, e );
+- else
+- entry_free( e );
+- entry_free( glue );
++ op->o_req_dn = glue->e_name;
++ op->o_req_ndn = glue->e_nname;
++ op->ora_e = glue;
++ rc = be->be_add ( op, &rs );
++ if ( rc == LDAP_SUCCESS ) {
++ be_entry_release_w( op, glue );
+ } else {
+- op->o_req_dn = glue->e_name;
+- op->o_req_ndn = glue->e_nname;
+- op->ora_e = glue;
+- rc = be->be_add ( op, &rs );
+- if ( rc == LDAP_SUCCESS ) {
+- be_entry_release_w( op, glue );
+- } else {
+- /* incl. ALREADY EXIST */
+- entry_free( glue );
+- }
++ /* incl. ALREADY EXIST */
++ entry_free( glue );
+ }
++
++ /* Move to next child */
++ for (ptr = dn.bv_val-2; ptr > e->e_name.bv_val && *ptr != ','; ptr--);
++ if ( ptr == e->e_name.bv_val ) break;
++ dn.bv_val = ++ptr;
++ dn.bv_len = e->e_name.bv_len - (ptr-e->e_name.bv_val);
++ for (ptr = ndn.bv_val-2; ptr > e->e_nname.bv_val && *ptr != ','; ptr--);
++ ndn.bv_val = ++ptr;
++ ndn.bv_len = e->e_nname.bv_len - (ptr-e->e_nname.bv_val);
+ }
+
++ op->o_req_dn = e->e_name;
++ op->o_req_ndn = e->e_nname;
++ op->ora_e = e;
++ rc = be->be_add ( op, &rs );
++ if ( rc == LDAP_SUCCESS )
++ be_entry_release_w( op, e );
++ else
++ entry_free( e );
++
+ return;
+ }
+
+@@ -1317,7 +1218,7 @@
+ };
+
+ static struct berval scbva[] = {
+- BER_BVC("subentry"),
++ BER_BVNULL,
+ BER_BVNULL
+ };
+
+@@ -1344,6 +1245,7 @@
+ Entry* e = NULL;
+ int rc;
+
++ char syncrepl_cbuf[sizeof(CN_STR SYNCREPL_STR)];
+ struct berval slap_syncrepl_dn_bv = BER_BVNULL;
+ struct berval slap_syncrepl_cn_bv = BER_BVNULL;
+
+@@ -1375,6 +1277,7 @@
+ *modtail = mod;
+ modtail = &mod->sml_next;
+
++ if ( scbva[0].bv_val ) ch_free( scbva[0].bv_val );
+ ber_dupbv( &scbva[0], si->syncCookie );
+ mod = (Modifications *) ch_calloc( 1, sizeof( Modifications ));
+ mod->sml_op = LDAP_MOD_REPLACE;
+@@ -1392,26 +1295,13 @@
+ *modtail = mod;
+ modtail = &mod->sml_next;
+
+-#if 0
+- rc = slap_mods_check( modlist, 1, &text, txtbuf, textlen, NULL );
+-
+- if ( rc != LDAP_SUCCESS ) {
+-#ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR,
+- "syncrepl_updateCookie: mods check (%s)\n", text, 0, 0 );
+-#else
+- Debug( LDAP_DEBUG_ANY, "syncrepl_updateCookie: mods check (%s)\n",
+- text, 0, 0 );
+-#endif
+- }
+-#endif
++ mlnext = mod;
+
+ op->o_tag = LDAP_REQ_ADD;
+ rc = slap_mods_opattrs( op, modlist, modtail,
+ &text,txtbuf, textlen );
+
+- for ( ml = modlist; ml != NULL; ml = mlnext ) {
+- mlnext = ml->sml_next;
++ for ( ml = modlist; ml != NULL; ml = ml->sml_next ) {
+ ml->sml_op = LDAP_MOD_REPLACE;
+ }
+
+@@ -1427,18 +1317,17 @@
+
+ e = ( Entry * ) ch_calloc( 1, sizeof( Entry ));
+
+- ber_dupbv( &slap_syncrepl_cn_bv, (struct berval *) &slap_syncrepl_cn_bvc );
++ slap_syncrepl_cn_bv.bv_val = syncrepl_cbuf;
+ slap_syncrepl_cn_bv.bv_len = snprintf( slap_syncrepl_cn_bv.bv_val,
+ slap_syncrepl_cn_bvc.bv_len,
+ "cn=syncrepl%d", si->id );
+
+- build_new_dn( &slap_syncrepl_dn_bv, pdn, &slap_syncrepl_cn_bv, NULL );
+- dnPrettyNormal( NULL, &slap_syncrepl_dn_bv, &e->e_name, &e->e_nname, NULL );
++ build_new_dn( &slap_syncrepl_dn_bv, pdn, &slap_syncrepl_cn_bv, op->o_tmpmemctx );
++ ber_dupbv( &e->e_name, &slap_syncrepl_dn_bv );
++ ber_dupbv( &e->e_nname, &slap_syncrepl_dn_bv );
+
+- if ( slap_syncrepl_cn_bv.bv_val )
+- ch_free( slap_syncrepl_cn_bv.bv_val );
+ if ( slap_syncrepl_dn_bv.bv_val )
+- ch_free( slap_syncrepl_dn_bv.bv_val );
++ sl_free( slap_syncrepl_dn_bv.bv_val, op->o_tmpmemctx );
+
+ e->e_attrs = NULL;
+
+@@ -1519,10 +1408,21 @@
+
+ done :
+
+- if ( cnbva[0].bv_val )
++ if ( cnbva[0].bv_val ) {
+ ch_free( cnbva[0].bv_val );
++ cnbva[0].bv_val = NULL;
++ }
++ if ( scbva[0].bv_val ) {
++ ch_free( scbva[0].bv_val );
++ scbva[0].bv_val = NULL;
++ }
++
++ if ( mlnext->sml_next ) {
++ slap_mods_free( mlnext->sml_next );
++ mlnext->sml_next = NULL;
++ }
+
+- for ( ; ml != NULL; ml = mlnext ) {
++ for (ml = modlist ; ml != NULL; ml = mlnext ) {
+ mlnext = ml->sml_next;
+ free( ml );
+ }
+@@ -1543,27 +1443,6 @@
+ }
+
+ static int
+-cookie_callback(
+- Operation* op,
+- SlapReply* rs
+-)
+-{
+- syncinfo_t *si = op->o_callback->sc_private;
+- Attribute *a;
+-
+- if ( rs->sr_type != REP_SEARCH ) return LDAP_SUCCESS;
+-
+- a = attr_find( rs->sr_entry->e_attrs, slap_schema.si_ad_syncreplCookie );
+-
+- if ( a == NULL ) {
+- si->syncCookie = NULL;
+- } else {
+- si->syncCookie = ber_dupbv( NULL, &a->a_vals[0] );
+- }
+- return LDAP_SUCCESS;
+-}
+-
+-static int
+ dn_callback(
+ Operation* op,
+ SlapReply* rs
+@@ -1602,8 +1481,6 @@
+ Attribute *a;
+ int count = 0;
+ struct berval* present_uuid = NULL;
+- slap_callback cb;
+- SlapReply rs_cb = {REP_RESULT};
+ struct nonpresent_entry *np_entry;
+
+ if ( rs->sr_type == REP_RESULT ) {
+@@ -1643,8 +1520,6 @@
+ SlapReply* rs
+ )
+ {
+- syncinfo_t *si = op->o_callback->sc_private;
+-
+ if ( rs->sr_err != LDAP_SUCCESS &&
+ rs->sr_err != LDAP_REFERRAL &&
+ rs->sr_err != LDAP_ALREADY_EXISTS &&
+@@ -1671,7 +1546,6 @@
+ )
+ {
+ Entry* e;
+- int rc;
+
+ struct berval bv;
+
diff --git a/net/openldap22-server/files/patch-tests::scripts::test017-syncreplication-refresh b/net/openldap22-server/files/patch-tests::scripts::test017-syncreplication-refresh
new file mode 100644
index 000000000000..c354e00a7fb6
--- /dev/null
+++ b/net/openldap22-server/files/patch-tests::scripts::test017-syncreplication-refresh
@@ -0,0 +1,71 @@
+--- tests/scripts/test017-syncreplication-refresh Mon Oct 6 16:57:32 2003
++++ tests/scripts/test017-syncreplication-refresh Sun Oct 19 15:33:58 2003
+@@ -44,9 +44,6 @@
+ fi
+ BACKEND=$SAVE
+
+-echo "Waiting 5 seconds to wait for master to start..."
+-sleep 5
+-
+ echo "Using ldapsearch to check that master slapd is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+@@ -59,22 +56,28 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID
++ exit $RC
++fi
++
+ echo "Using ldapadd to create the context prefix entry in the master..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDCP > /dev/null 2>&1
+ RC=$?
+ if test $RC != 0 ; then
+ echo "ldapadd failed ($RC)!"
+- kill -HUP $PID $SLAVEPID
++ kill -HUP $PID
+ exit $RC
+ fi
+
+ echo "Starting slave slapd on TCP/IP port $R1SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $R1SRSLAVECONF > $R1REPLCONF
+ $SLAPD -f $R1REPLCONF -h $R1SLAVEURI -d $LVL $TIMING > $R1SLAVELOG 2>&1 &
+-R1SLAVEPID=$!
++SLAVEPID=$!
+ if test $WAIT != 0 ; then
+- echo SLAVEPID $R1SLAVEPID
++ echo SLAVEPID $SLAVEPID
+ read foo
+ fi
+
+@@ -90,6 +93,12 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID
++ exit $RC
++fi
++
+ echo "Using ldapadd to populate the master directory..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDNOCP > /dev/null 2>&1
+@@ -203,11 +212,11 @@
+
+ if test $RC != 0 ; then
+ echo "ldapsearch failed at slave ($RC)!"
+- kill -HUP $PID $R1SLAVEPID
++ kill -HUP $PID $SLAVEPID
+ exit $RC
+ fi
+
+-kill -HUP $PID $R1SLAVEPID
++kill -HUP $PID $SLAVEPID
+
+ SEARCHOUT=$MASTEROUT
+ LDIF=$R1SLAVEOUT
diff --git a/net/openldap22-server/files/patch-tests::scripts::test018-syncreplication-persist b/net/openldap22-server/files/patch-tests::scripts::test018-syncreplication-persist
new file mode 100644
index 000000000000..2325aef08a3a
--- /dev/null
+++ b/net/openldap22-server/files/patch-tests::scripts::test018-syncreplication-persist
@@ -0,0 +1,71 @@
+--- tests/scripts/test018-syncreplication-persist Mon Oct 6 16:57:32 2003
++++ tests/scripts/test018-syncreplication-persist Sun Oct 19 15:33:58 2003
+@@ -44,9 +44,6 @@
+ fi
+ BACKEND=$SAVE
+
+-echo "Waiting 5 seconds to wait for master to start..."
+-sleep 5
+-
+ echo "Using ldapsearch to check that master slapd is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+@@ -59,22 +56,28 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID
++ exit $RC
++fi
++
+ echo "Using ldapadd to create the context prefix entry in the master..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDCP > /dev/null 2>&1
+ RC=$?
+ if test $RC != 0 ; then
+ echo "ldapadd failed ($RC)!"
+- kill -HUP $PID $SLAVEPID
++ kill -HUP $PID
+ exit $RC
+ fi
+
+ echo "Starting slave slapd on TCP/IP port $P1SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $P1SRSLAVECONF > $P1REPLCONF
+ $SLAPD -f $P1REPLCONF -h $P1SLAVEURI -d $LVL $TIMING > $P1SLAVELOG 2>&1 &
+-P1SLAVEPID=$!
++SLAVEPID=$!
+ if test $WAIT != 0 ; then
+- echo SLAVEPID $P1SLAVEPID
++ echo SLAVEPID $SLAVEPID
+ read foo
+ fi
+
+@@ -90,6 +93,12 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $SLAVEPID
++ exit $RC
++fi
++
+ echo "Using ldapadd to populate the master directory..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDNOCP > /dev/null 2>&1
+@@ -203,11 +212,11 @@
+
+ if test $RC != 0 ; then
+ echo "ldapsearch failed at slave ($RC)!"
+- kill -HUP $PID $P1SLAVEPID
++ kill -HUP $PID $SLAVEPID
+ exit $RC
+ fi
+
+-kill -HUP $PID $P1SLAVEPID
++kill -HUP $PID $SLAVEPID
+
+ SEARCHOUT=$MASTEROUT
+ LDIF=$P1SLAVEOUT
diff --git a/net/openldap22-server/files/patch-tests::scripts::test020-syncreplication-cascading b/net/openldap22-server/files/patch-tests::scripts::test020-syncreplication-cascading
new file mode 100644
index 000000000000..182a6a73c7d0
--- /dev/null
+++ b/net/openldap22-server/files/patch-tests::scripts::test020-syncreplication-cascading
@@ -0,0 +1,220 @@
+--- tests/scripts/test020-syncreplication-cascading Mon Oct 6 16:57:32 2003
++++ tests/scripts/test020-syncreplication-cascading Sun Oct 19 15:33:58 2003
+@@ -39,13 +39,14 @@
+ mkdir $P3REPLDIR
+
+ SAVE=$BACKEND
+-if test $BACKEND = ldbm; then
+- if test $SYNCREPL = no; then
++if test $SYNCREPL = no; then
++ if test $BACKEND = ldbm; then
+ echo "Sync replication requires back-bdb or back-hdb"
+ exit 0
+ fi
+- BACKEND=$SYNCREPL
++ SYNCREPL=$BACKEND
+ fi
++BACKEND=$SYNCREPL
+ echo "Starting master slapd on TCP/IP port $PORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $SRMASTERCONF > $DBCONF
+ $SLAPD -f $DBCONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 &
+@@ -54,12 +55,8 @@
+ echo PID $PID
+ read foo
+ fi
+-BACKEND=$SAVE
+-
+-echo "Waiting 5 seconds to wait for master to start..."
+-sleep 5
+
+-echo "Using ldapsearch to check that master slapd is running..."
++echo "Using ldapsearch to check that master slapd PID $PID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -71,6 +68,12 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID
++ exit $RC
++fi
++
+ echo "Using ldapadd to create the context prefix entry in the master..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDCP > /dev/null 2>&1
+@@ -81,14 +84,6 @@
+ exit $RC
+ fi
+
+-SAVE=$BACKEND
+-if test $BACKEND = ldbm; then
+- if test $SYNCREPL = no; then
+- echo "Sync replication requires back-bdb or back-hdb"
+- exit 0
+- fi
+- BACKEND=$SYNCREPL
+-fi
+ echo "Starting R1 slave slapd on TCP/IP port $R1SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $R1SRSLAVECONF > $R1REPLCONF
+ $SLAPD -f $R1REPLCONF -h $R1SLAVEURI -d $LVL $TIMING > $R1SLAVELOG 2>&1 &
+@@ -97,9 +92,8 @@
+ echo SLAVE R1 PID $R1SLAVEPID
+ read foo
+ fi
+-BACKEND=$SAVE
+
+-echo "Using ldapsearch to check that R1 slave slapd is running..."
++echo "Using ldapsearch to check that R1 slave slapd PID $R1SLAVEPID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $R1SLAVEPORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -111,9 +105,13 @@
+ sleep 5
+ done
+
+-echo "Waiting for the R1 slave to replicate..."
+-sleep 10
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $R1SLAVEPID
++ exit $RC
++fi
+
++BACKEND=$SAVE
+ echo "Starting R2 slave slapd on TCP/IP port $R2SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $R2SRSLAVECONF > $R2REPLCONF
+ $SLAPD -f $R2REPLCONF -h $R2SLAVEURI -d $LVL $TIMING > $R2SLAVELOG 2>&1 &
+@@ -123,7 +121,7 @@
+ read foo
+ fi
+
+-echo "Using ldapsearch to check that the R2 slave slapd is running..."
++echo "Using ldapsearch to check that the R2 slave slapd PID $R2SLAVEPID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $R2SLAVEPORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -135,17 +133,13 @@
+ sleep 5
+ done
+
+-echo "Waiting for the R2 slave to replicate..."
+-sleep 10
+-
+-SAVE=$BACKEND
+-if test $BACKEND = ldbm; then
+- if test $SYNCREPL = no; then
+- echo "Sync replication requires back-bdb or back-hdb"
+- exit 0
+- fi
+- BACKEND=$SYNCREPL
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID
++ exit $RC
+ fi
++
++BACKEND=$SYNCREPL
+ echo "Starting P1 slave slapd on TCP/IP port $P1SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $P1SRSLAVECONF > $P1REPLCONF
+ $SLAPD -f $P1REPLCONF -h $P1SLAVEURI -d $LVL $TIMING > $P1SLAVELOG 2>&1 &
+@@ -154,9 +148,8 @@
+ echo SLAVE P1 PID $P1SLAVEPID
+ read foo
+ fi
+-BACKEND=$SAVE
+
+-echo "Using ldapsearch to check that the P1 slave slapd is running..."
++echo "Using ldapsearch to check that the P1 slave slapd PID $P1SLAVEPID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $P1SLAVEPORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -168,9 +161,13 @@
+ sleep 5
+ done
+
+-echo "Waiting for the P1 slave to replicate..."
+-sleep 10
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID
++ exit $RC
++fi
+
++BACKEND=$SAVE
+ echo "Starting P2 slave slapd on TCP/IP port $P2SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $P2SRSLAVECONF > $P2REPLCONF
+ $SLAPD -f $P2REPLCONF -h $P2SLAVEURI -d $LVL $TIMING > $P2SLAVELOG 2>&1 &
+@@ -180,7 +177,7 @@
+ read foo
+ fi
+
+-echo "Using ldapsearch to check that the P2 slave slapd is running..."
++echo "Using ldapsearch to check that the P2 slave slapd PID $P2SLAVEPID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $P2SLAVEPORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -192,6 +189,12 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID $P2SLAVEPID
++ exit $RC
++fi
++
+ echo "Starting P3 slave slapd on TCP/IP port $P3SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $P3SRSLAVECONF > $P3REPLCONF
+ $SLAPD -f $P3REPLCONF -h $P3SLAVEURI -d $LVL $TIMING > $P3SLAVELOG 2>&1 &
+@@ -201,7 +204,7 @@
+ read foo
+ fi
+
+-echo "Using ldapsearch to check that the P3 slave slapd is running..."
++echo "Using ldapsearch to check that the P3 slave slapd PID $P3SLAVEPID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $P3SLAVEPORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -213,6 +216,12 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID $P2SLAVEPID $P3SLAVEPID
++ exit $RC
++fi
++
+ echo "Using ldapadd to populate the master directory..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDNOCP > /dev/null 2>&1
+@@ -347,7 +356,7 @@
+ RC=$?
+
+ if test $RC != 0 ; then
+- echo "ldapsearch failed at R1 slave ($RC)!"
++ echo "ldapsearch failed at P1 slave ($RC)!"
+ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID $P2SLAVEPID $P3SLAVEPID
+ exit $RC
+ fi
+@@ -358,7 +367,7 @@
+ RC=$?
+
+ if test $RC != 0 ; then
+- echo "ldapsearch failed at R2 slave ($RC)!"
++ echo "ldapsearch failed at P2 slave ($RC)!"
+ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID $P2SLAVEPID $P3SLAVEPID
+ exit $RC
+ fi
+@@ -369,7 +378,7 @@
+ RC=$?
+
+ if test $RC != 0 ; then
+- echo "ldapsearch failed at R2 slave ($RC)!"
++ echo "ldapsearch failed at P3 slave ($RC)!"
+ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID $P2SLAVEPID $P3SLAVEPID
+ exit $RC
+ fi
diff --git a/net/openldap22-server/pkg-deinstall b/net/openldap22-server/pkg-deinstall
new file mode 100644
index 000000000000..2a5ec1ef8f65
--- /dev/null
+++ b/net/openldap22-server/pkg-deinstall
@@ -0,0 +1,33 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+ECHO_CMD=echo
+
+case $2 in
+POST-DEINSTALL)
+ ${ECHO_CMD}
+ ${ECHO_CMD} "The OpenLDAP server package has been deleted."
+ ${ECHO_CMD} "If you're *not* upgrading and won't be using"
+ ${ECHO_CMD} "it any longer, you may want to issue the"
+ ${ECHO_CMD} "following commands:"
+ ${ECHO_CMD}
+ if [ -d %%DATABASEDIR%% ]; then
+ ${ECHO_CMD} "- to delete the OpenLDAP database permanently (losing all data):"
+ ${ECHO_CMD} " rm -Rf %%DATABASEDIR%%"
+ ${ECHO_CMD}
+ fi
+ if [ -d %%SLURPDIR%% ]; then
+ ${ECHO_CMD} "- to remove the OpenLDAP replication directory:"
+ ${ECHO_CMD} " rm -Rf %%SLURPDIR%%"
+ ${ECHO_CMD}
+ fi
+ ${ECHO_CMD} "- to remove the OpenLDAP user:"
+ ${ECHO_CMD} " pw userdel ldap"
+ ${ECHO_CMD}
+ ${ECHO_CMD} "If you are upgrading, don't forget to restart"
+ ${ECHO_CMD} "slapd and slurpd."
+ ${ECHO_CMD}
+ ;;
+esac
diff --git a/net/openldap22-server/pkg-install b/net/openldap22-server/pkg-install
index 47b2ea825164..ee0a9e8588bd 100644
--- a/net/openldap22-server/pkg-install
+++ b/net/openldap22-server/pkg-install
@@ -13,9 +13,9 @@ FTPUSERS=/etc/ftpusers
case $2 in
PRE-INSTALL)
if ! ${PW} usershow -n ldap >/dev/null 2>&1; then
+ ${ECHO_CMD}
if ! ${PW} groupshow -n ldap >/dev/null 2>&1; then
if ! ${PW} groupadd -n ldap -g 389; then
- ${ECHO_CMD}
${ECHO_CMD} "*** Failed to add a group ldap with id 389."
${ECHO_CMD}
${ECHO_CMD} "Please add the ldap user manually with"
@@ -24,12 +24,10 @@ PRE-INSTALL)
${ECHO_CMD} "and retry installing this package."
exit 1
fi
+ ${ECHO_CMD} "===> Group 'ldap' created."
fi
- if ${PW} useradd -n ldap -u 389 -g ldap -c 'OpenLDAP Server' \
+ if ! ${PW} useradd -n ldap -u 389 -g ldap -c 'OpenLDAP Server' \
-d /nonexistent -s /sbin/nologin -h -; then
- ${GREP} -qs '^ldap$' ${FTPUSERS} || ${ECHO_CMD} ldap >> ${FTPUSERS}
- else
- ${ECHO_CMD}
${ECHO_CMD} "*** Failed to add an user ldap with id 389."
${ECHO_CMD}
${ECHO_CMD} "Please add the ldap user manually with"
@@ -38,6 +36,8 @@ PRE-INSTALL)
${ECHO_CMD} "and retry installing this package."
exit 1
fi
+ ${GREP} -qs '^ldap$' ${FTPUSERS} || ${ECHO_CMD} ldap >> ${FTPUSERS}
+ ${ECHO_CMD} "===> Account 'ldap' created."
fi
;;
esac
diff --git a/net/openldap22-server/pkg-message b/net/openldap22-server/pkg-message
index 737d02348bdb..d130eb4d5a06 100644
--- a/net/openldap22-server/pkg-message
+++ b/net/openldap22-server/pkg-message
@@ -14,7 +14,7 @@ Then start the server with
or reboot.
Try `man slapd' and the online manual at
- http://www.OpenLDAP.org/doc/admin20/
+ http://www.OpenLDAP.org/devel/admin/
for more information.
NOTE: Some variable names have been changed to conform with rc.subr(8)
diff --git a/net/openldap22-server/pkg-message.client b/net/openldap22-server/pkg-message.client
index ef3234fa4b86..92ef70d0f99b 100644
--- a/net/openldap22-server/pkg-message.client
+++ b/net/openldap22-server/pkg-message.client
@@ -6,4 +6,8 @@ Edit
%%PREFIX%%/etc/openldap/ldap.conf
to change the system-wide client defaults.
+Try `man ldap.conf' and visit the OpenLDAP FAQ-O-Matic at
+ http://www.OpenLDAP.org/faq/index.cgi?file=3
+for more information.
+
************************************************************
diff --git a/net/openldap22-server/pkg-plist b/net/openldap22-server/pkg-plist
index d2c94faf8fe7..a36978413511 100644
--- a/net/openldap22-server/pkg-plist
+++ b/net/openldap22-server/pkg-plist
@@ -1,36 +1,10 @@
@comment $FreeBSD$
-@unexec %%RC_DIR%%/slapd%%RC_SUFX%% stop 2>/dev/null || true
-@unexec %%RC_DIR%%/slurpd%%RC_SUFX%% stop 2>/dev/null || true
+@unexec %%RC_DIR%%/slapd%%RC_SUFX%% stop 2>&1 >/dev/null || true
+@unexec %%RC_DIR%%/slurpd%%RC_SUFX%% stop 2>&1 >/dev/null || true
etc/openldap/schema/README
-@unexec if cmp -s %D/etc/openldap/schema/corba.schema %D/etc/openldap/schema/corba.schema.default; then rm -f %D/etc/openldap/schema/corba.schema; fi
-etc/openldap/schema/corba.schema.default
-@exec [ -f %B/corba.schema ] || cp %B/%f %B/corba.schema
-@unexec if cmp -s %D/etc/openldap/schema/core.schema %D/etc/openldap/schema/core.schema.default; then rm -f %D/etc/openldap/schema/core.schema; fi
-etc/openldap/schema/core.schema.default
-@exec [ -f %B/core.schema ] || cp %B/%f %B/core.schema
-@unexec if cmp -s %D/etc/openldap/schema/cosine.schema %D/etc/openldap/schema/cosine.schema.default; then rm -f %D/etc/openldap/schema/cosine.schema; fi
-etc/openldap/schema/cosine.schema.default
-@exec [ -f %B/cosine.schema ] || cp %B/%f %B/cosine.schema
-@unexec if cmp -s %D/etc/openldap/schema/inetorgperson.schema %D/etc/openldap/schema/inetorgperson.schema.default; then rm -f %D/etc/openldap/schema/inetorgperson.schema; fi
-etc/openldap/schema/inetorgperson.schema.default
-@exec [ -f %B/inetorgperson.schema ] || cp %B/%f %B/inetorgperson.schema
-@unexec if cmp -s %D/etc/openldap/schema/java.schema %D/etc/openldap/schema/java.schema.default; then rm -f %D/etc/openldap/schema/java.schema; fi
-etc/openldap/schema/java.schema.default
-@exec [ -f %B/java.schema ] || cp %B/%f %B/java.schema
-@unexec if cmp -s %D/etc/openldap/schema/misc.schema %D/etc/openldap/schema/misc.schema.default; then rm -f %D/etc/openldap/schema/misc.schema; fi
-etc/openldap/schema/misc.schema.default
-@exec [ -f %B/misc.schema ] || cp %B/%f %B/misc.schema
-@unexec if cmp -s %D/etc/openldap/schema/nis.schema %D/etc/openldap/schema/nis.schema.default; then rm -f %D/etc/openldap/schema/nis.schema; fi
-etc/openldap/schema/nis.schema.default
-@exec [ -f %B/nis.schema ] || cp %B/%f %B/nis.schema
-@unexec if cmp -s %D/etc/openldap/schema/openldap.schema %D/etc/openldap/schema/openldap.schema.default; then rm -f %D/etc/openldap/schema/openldap.schema; fi
-etc/openldap/schema/openldap.schema.default
-@exec [ -f %B/openldap.schema ] || cp %B/%f %B/openldap.schema
@unexec if cmp -s %D/etc/openldap/slapd.conf %D/etc/openldap/slapd.conf.default; then rm -f %D/etc/openldap/slapd.conf; fi
etc/openldap/slapd.conf.default
@exec [ -f %B/slapd.conf ] || cp %B/%f %B/slapd.conf
-@unexec rmdir %D/etc/openldap/schema 2>/dev/null || true
-@unexec rmdir %D/etc/openldap 2>/dev/null || true
%%SLAPI%%lib/libslapi.a
%%SLAPI%%lib/libslapi.so
%%SLAPI%%lib/libslapi.so.2
@@ -41,11 +15,8 @@ sbin/slapcat
sbin/slapindex
sbin/slappasswd
@exec mkdir -p %%LDAP_RUN_DIR%%
+@unexec rmdir %%LDAP_RUN_DIR%% 2>/dev/null || true
@exec mkdir -p %%DATABASEDIR%%
-@exec mkdir -p %%SLURPDIR%%
-@unexec rmdir %%LDAP_RUN_DIR%%
@unexec rmdir %%DATABASEDIR%% 2>/dev/null || true
+@exec mkdir -p %%SLURPDIR%%
@unexec rmdir %%SLURPDIR%% 2>/dev/null || true
-@cwd %%RC_DIR%%
-slapd%%RC_SUFX%%
-slurpd%%RC_SUFX%%
diff --git a/net/openldap23-server/Makefile b/net/openldap23-server/Makefile
index cac16f92b2a6..91c7ef445ee1 100644
--- a/net/openldap23-server/Makefile
+++ b/net/openldap23-server/Makefile
@@ -6,7 +6,7 @@
#
PORTNAME= openldap
-PORTVERSION= ${OPENLDAP_VERSION}.a
+PORTVERSION= 2.2.2.b
PORTREVISION= ${OPENLDAP_PORTVERSION}
CATEGORIES= net databases
MASTER_SITES= ftp://ftp.OpenLDAP.org/pub/OpenLDAP/%SUBDIR%/ \
@@ -26,17 +26,14 @@ MASTER_SITES= ftp://ftp.OpenLDAP.org/pub/OpenLDAP/%SUBDIR%/ \
ftp://ftp.plig.org/pub/OpenLDAP/%SUBDIR%/
MASTER_SITE_SUBDIR= openldap-test
PKGNAMESUFFIX= ${OPENLDAP_PKGNAMESUFFIX}
-DISTNAME= openldap-${OPENLDAP_VERSION}alpha
+DISTNAME= ${PORTNAME}-${PORTVERSION:S/.b/beta/}
EXTRACT_SUFX= .tgz
MAINTAINER= eik@FreeBSD.org
COMMENT?= Open source LDAP server implementation
-OPENLDAP_VERSION= 2.2.0
-
LATEST_LINK= ${PKGNAMEPREFIX}openldap22${PKGNAMESUFFIX}
-CONFLICTS= openldap12-* \
- ${PKGNAMEPREFIX}${PORTNAME}-client-2.[013-9].*
+CONFLICTS= ${PKGNAMEPREFIX}${PORTNAME}-client-2.[013-9].*
WANT_OPENLDAP_VER?= 22
.if ${WANT_OPENLDAP_VER} != 22
@@ -48,26 +45,35 @@ OPENLDAP_PORTVERSION= 0
OPENLDAP_PKGNAMESUFFIX?=-client
OPENLDAP_PKGFILESUFX?= .client
+.if !defined(NOPORTDOCS)
+PORTDOCS= drafts rfc
+.endif
+
.if defined(USE_OPENLDAP)
.error You have `USE_OPENLDAP' defined either in your environment or in make(1) arguments.
.endif
.else
-OPENLDAP_PORTVERSION= 2
+OPENLDAP_PORTVERSION= 0
OPENLDAP_PKGNAMESUFFIX?=-server
OPENLDAP_PKGFILESUFX?=
-USE_OPENLDAP= yes
+RUN_DEPENDS= ${LOCALBASE}/lib/libldap.so.2:${PORTSDIR}/net/openldap22-client
CONFLICTS+= ${PKGNAMEPREFIX}${PORTNAME}-server-2.[013-9].*
.endif
-#USE_OPENSSL= yes
+USE_OPENSSL= yes
USE_REINPLACE= yes
USE_LIBTOOL_VER= 14
DESCR= ${PKGDIR}/pkg-descr${OPENLDAP_PKGFILESUFX}
-PLIST= ${WRKDIR}/pkg-plist
+PLIST= ${PKGDIR}/pkg-plist${OPENLDAP_PKGFILESUFX}
PKGINSTALL= ${WRKDIR}/pkg-install
PKGMESSAGE= ${WRKDIR}/pkg-message
+PKGDEINSTALL= ${WRKDIR}/pkg-deinstall
+
+SCHEMATA= corba core cosine \
+ dyngroup inetorgperson java \
+ misc nis openldap
LDAP_RUN_DIR?= ${DESTDIR}/var/run/openldap
LOCALSTATEDIR?= ${DESTDIR}/var/db
@@ -80,7 +86,8 @@ PLIST_SUB+= LDAP_RUN_DIR=${LDAP_RUN_DIR} \
SED_SCRIPT= -e 's,%%PREFIX%%,${PREFIX},g' \
-e 's,%%LDAP_RUN_DIR%%,${LDAP_RUN_DIR},g' \
- -e 's,%%DATABASEDIR%%,${DATABASEDIR},g'
+ -e 's,%%DATABASEDIR%%,${DATABASEDIR},g' \
+ -e 's,%%SLURPDIR%%,${SLURPDIR},g'
CONFIGURE_ARGS= --with-threads \
--with-tls=openssl \
@@ -177,8 +184,7 @@ CONFIGURE_ARGS+= --enable-wrappers
# end of client/server specific configuration
.endif
-# math.h uses _REENTRANT and stdio.h uses _THREAD_SAFE, so define both.
-CPPFLAGS+= -D_REENTRANT ${PTHREAD_CFLAGS} \
+CPPFLAGS+= ${PTHREAD_CFLAGS} \
-I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
@@ -242,9 +248,9 @@ post-build:
.for script in slapd slurpd
@${SED} ${SED_SCRIPT} ${FILESDIR}/${script}.sh >${WRKDIR}/${script}.sh
.endfor
-.for text in pkg-install pkg-message
- @if [ -f ${MASTERDIR}/${text}${OPENLDAP_PKGFILESUFX} ]; then \
- ${SED} ${SED_SCRIPT} ${MASTERDIR}/${text}${OPENLDAP_PKGFILESUFX} \
+.for text in pkg-install pkg-message pkg-deinstall
+ @if [ -f ${PKGDIR}/${text}${OPENLDAP_PKGFILESUFX} ]; then \
+ ${SED} ${SED_SCRIPT} ${PKGDIR}/${text}${OPENLDAP_PKGFILESUFX} \
>${WRKDIR}/${text}; \
fi
.endfor
@@ -256,18 +262,6 @@ test: build
.endif
pre-install:
- @${CP} ${MASTERDIR}/pkg-plist${OPENLDAP_PKGFILESUFX} ${PLIST}
-.if defined(CLIENT_ONLY)
-.if !defined(NOPORTDOCS)
- @for dir in rfc drafts; do \
- ${FIND} ${WRKSRC}/doc/$${dir} -maxdepth 1 -type f \
- | ${SED} -e "s,^${WRKSRC}/doc/,%%DOCSDIR%%/," \
- >>${PLIST}; \
- ${ECHO_CMD} "@dirrm %%DOCSDIR%%/$${dir}" >>${PLIST}; \
- done
- @${ECHO_CMD} "@dirrm %%DOCSDIR%%" >>${PLIST}
-.endif
-.endif
@if [ -f ${PKGINSTALL} ]; then \
${SETENV} "PKG_PREFIX=${PREFIX}" ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL; \
fi
@@ -276,15 +270,28 @@ post-install:
.if defined(CLIENT_ONLY)
.if !defined(NOPORTDOCS)
@${MKDIR} ${DOCSDIR}
- @for dir in rfc drafts; do \
+ @for dir in drafts rfc; do \
${MKDIR} ${DOCSDIR}/$${dir}; \
- ${FIND} ${WRKSRC}/doc/$${dir} -maxdepth 1 -type f \
- -exec ${INSTALL_DATA} {} ${DOCSDIR}/$${dir} \; ; \
+ ${INSTALL_DATA} ${WRKSRC}/doc/$${dir}/* ${DOCSDIR}/$${dir}; \
done
.endif
.else
+ @for schema in ${SCHEMATA}; do \
+ ${ECHO_CMD} "@unexec if cmp -s %D/etc/openldap/schema/$${schema}.schema" \
+ "%D/etc/openldap/schema/$${schema}.schema.default; then" \
+ "rm -f %D/etc/openldap/schema/$${schema}.schema; fi" >>${TMPPLIST}; \
+ ${ECHO_CMD} "etc/openldap/schema/$${schema}.schema.default" >>${TMPPLIST}; \
+ ${ECHO_CMD} "@exec [ -f %B/$${schema}.schema ] || cp %B/%f %B/$${schema}.schema" >>${TMPPLIST}; \
+ done
+ @${ECHO_CMD} "@unexec rmdir %D/etc/openldap/schema 2>/dev/null || true" >>${TMPPLIST}
+ @${ECHO_CMD} "@unexec rmdir %D/etc/openldap 2>/dev/null || true" >>${TMPPLIST}
+# currently the only way to participate in rcorder(8)
+ @if [ "${RC_DIR}" != "${PREFIX}" ]; then \
+ ${ECHO_CMD} "@cwd ${RC_DIR}" >>${TMPPLIST}; \
+ fi
.for script in slapd slurpd
@${INSTALL_SCRIPT} ${WRKDIR}/${script}.sh ${RC_DIR}/${script}${RC_SUFX}
+ @${ECHO_CMD} "${script}${RC_SUFX}" >>${TMPPLIST}
.endfor
@${MKDIR} ${LDAP_RUN_DIR}
.endif
diff --git a/net/openldap23-server/distinfo b/net/openldap23-server/distinfo
index eef25e637b2e..f719bfa9ac22 100644
--- a/net/openldap23-server/distinfo
+++ b/net/openldap23-server/distinfo
@@ -1 +1,3 @@
-MD5 (openldap-2.2.0alpha.tgz) = 72fe342067b717a37b9697898dacfa0a
+MD5 (openldap-2.2.2beta.tgz) = c5e58d6d518692e0de4841a6433a5956
+SHA1 (openldap-2.2.2beta.tgz) = 08b0f15c32f2b7ada33c2d0bf52ba135ae7a4637
+SIZE (openldap-2.2.2beta.tgz) = 2473910
diff --git a/net/openldap23-server/files/patch-libraries::liblunicode::ucstr.c b/net/openldap23-server/files/patch-libraries::liblunicode::ucstr.c
deleted file mode 100644
index b8044b524697..000000000000
--- a/net/openldap23-server/files/patch-libraries::liblunicode::ucstr.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- libraries/liblunicode/ucstr.c.orig Fri Apr 11 03:57:10 2003
-+++ libraries/liblunicode/ucstr.c Sun Jul 6 02:50:32 2003
-@@ -10,7 +10,7 @@
- #include <ac/string.h>
- #include <ac/stdlib.h>
-
--#include <lber.h>
-+#include <lber_pvt.h>
-
- #include <ldap_utf8.h>
- #include <ldap_pvt_uc.h>
diff --git a/net/openldap23-server/files/patch-libraries::liblutil::passwd.c b/net/openldap23-server/files/patch-libraries::liblutil::passwd.c
deleted file mode 100644
index 32de74e9ee11..000000000000
--- a/net/openldap23-server/files/patch-libraries::liblutil::passwd.c
+++ /dev/null
@@ -1,14 +0,0 @@
-#
-# ITS#2562: add missing arg to hash_lanman
-#
---- libraries/liblutil/passwd.c.orig Fri May 2 13:29:29 2003
-+++ libraries/liblutil/passwd.c Sun Jun 22 03:08:18 2003
-@@ -632,7 +632,7 @@
- {
- struct berval *hash;
-
-- hash = hash_lanman( scheme, cred );
-+ hash = hash_lanman( scheme, cred, text );
- return memcmp( &hash->bv_val[scheme->bv_len], passwd->bv_val, 32);
- }
- #endif /* SLAPD_LMHASH */
diff --git a/net/openldap23-server/files/patch-servers::slapd::back-perl b/net/openldap23-server/files/patch-servers::slapd::back-perl
deleted file mode 100644
index c6d024df3ed0..000000000000
--- a/net/openldap23-server/files/patch-servers::slapd::back-perl
+++ /dev/null
@@ -1,302 +0,0 @@
-diff -Nur servers/slapd/back-perl/add.c.orig servers/slapd/back-perl/add.c
---- servers/slapd/back-perl/add.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/add.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/bind.c.orig servers/slapd/back-perl/bind.c
---- servers/slapd/back-perl/bind.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/bind.c Thu Jun 5 11:44:06 2003
-@@ -13,18 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--/* init.c - initialize Perl backend */
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/close.c.orig servers/slapd/back-perl/close.c
---- servers/slapd/back-perl/close.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/close.c Thu Jun 5 11:44:06 2003
-@@ -13,18 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--/* init.c - initialize shell backend */
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/compare.c.orig servers/slapd/back-perl/compare.c
---- servers/slapd/back-perl/compare.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/compare.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "lutil.h"
- #include "perl_back.h"
-diff -Nur servers/slapd/back-perl/config.c.orig servers/slapd/back-perl/config.c
---- servers/slapd/back-perl/config.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/config.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/delete.c.orig servers/slapd/back-perl/delete.c
---- servers/slapd/back-perl/delete.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/delete.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/init.c.orig servers/slapd/back-perl/init.c
---- servers/slapd/back-perl/init.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/init.c Thu Jun 12 22:25:21 2003
-@@ -13,18 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
-- /* init.c - initialize shell backend */
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-@@ -37,7 +38,7 @@
-
- #ifdef SLAPD_PERL_DYNAMIC
-
--int back_perl_LTX_init_module(int argc, char *argv[])
-+int init_module(int argc, char *argv[])
- {
- BackendInfo bi;
-
-diff -Nur servers/slapd/back-perl/modify.c.orig servers/slapd/back-perl/modify.c
---- servers/slapd/back-perl/modify.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/modify.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/modrdn.c.orig servers/slapd/back-perl/modrdn.c
---- servers/slapd/back-perl/modrdn.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/modrdn.c Thu Jun 5 11:44:06 2003
-@@ -26,17 +26,19 @@
- *
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/search.c.orig servers/slapd/back-perl/search.c
---- servers/slapd/back-perl/search.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/search.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
diff --git a/net/openldap23-server/files/patch-servers::slapd::backend.c b/net/openldap23-server/files/patch-servers::slapd::backend.c
new file mode 100644
index 000000000000..663f1248838d
--- /dev/null
+++ b/net/openldap23-server/files/patch-servers::slapd::backend.c
@@ -0,0 +1,19 @@
+--- servers/slapd/backend.c Mon Oct 6 16:57:29 2003
++++ servers/slapd/backend.c Sun Oct 19 15:33:56 2003
+@@ -244,8 +244,6 @@
+ int i;
+ int rc = 0;
+
+- init_syncrepl();
+-
+ if( ! ( nBackendDB > 0 ) ) {
+ /* no databases */
+ #ifdef NEW_LOGGING
+@@ -377,6 +375,7 @@
+ if ( backendDB[i].syncinfo != NULL ) {
+ syncinfo_t *si = ( syncinfo_t * ) backendDB[i].syncinfo;
+ si->be = &backendDB[i];
++ init_syncrepl(si);
+ ldap_pvt_thread_mutex_lock( &syncrepl_rq.rq_mutex );
+ ldap_pvt_runqueue_insert( &syncrepl_rq, si->interval,
+ do_syncrepl, (void *) backendDB[i].syncinfo );
diff --git a/net/openldap23-server/files/patch-servers::slapd::config.c b/net/openldap23-server/files/patch-servers::slapd::config.c
new file mode 100644
index 000000000000..c33e1e964316
--- /dev/null
+++ b/net/openldap23-server/files/patch-servers::slapd::config.c
@@ -0,0 +1,51 @@
+--- servers/slapd/config.c Mon Oct 13 03:57:02 2003
++++ servers/slapd/config.c Sun Oct 19 15:33:56 2003
+@@ -2782,9 +2782,9 @@
+ ber_dupbv( &si->updatedn, &be->be_rootndn );
+ si->bindmethod = LDAP_AUTH_SIMPLE;
+ si->schemachecking = 0;
+- si->filterstr = "(objectclass=*)";
++ ber_str2bv( "(objectclass=*)", sizeof("(objectclass=*)")-1, 0, &si->filterstr );
+ if ( be->be_suffix && be->be_suffix[0].bv_val )
+- si->base = ch_strdup( be->be_suffix[0].bv_val );
++ ber_dupbv( &si->base, &be->be_nsuffix[0] );
+ si->scope = LDAP_SCOPE_SUBTREE;
+ si->attrsonly = 0;
+ si->attrs = (char **) ch_calloc( 1, sizeof( char * ));
+@@ -2914,14 +2914,11 @@
+ }
+ } else if ( !strncasecmp( cargv[ i ],
+ UPDATEDNSTR, sizeof( UPDATEDNSTR ) - 1 ) ) {
+- char *str;
+ struct berval updatedn = {0, NULL};
+ val = cargv[ i ] + sizeof( UPDATEDNSTR );
+- str = ch_strdup( val );
+- ber_str2bv( str, strlen(str), 1, &updatedn );
++ ber_str2bv( val, 0, 0, &updatedn );
++ ch_free( si->updatedn.bv_val );
+ dnNormalize( 0, NULL, NULL, &updatedn, &si->updatedn, NULL );
+- ch_free( str );
+- ch_free( updatedn.bv_val );
+ } else if ( !strncasecmp( cargv[ i ], BINDMETHSTR,
+ sizeof( BINDMETHSTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( BINDMETHSTR );
+@@ -2987,11 +2984,17 @@
+ } else if ( !strncasecmp( cargv[ i ],
+ FILTERSTR, sizeof( FILTERSTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( FILTERSTR );
+- si->filterstr = ch_strdup( val );
++ ber_str2bv( val, 0, 1, &si->filterstr );
+ } else if ( !strncasecmp( cargv[ i ],
+ SEARCHBASESTR, sizeof( SEARCHBASESTR ) - 1 ) ) {
++ struct berval bv;
+ val = cargv[ i ] + sizeof( SEARCHBASESTR );
+- si->base = ch_strdup( val );
++ ch_free( si->base.bv_val );
++ ber_str2bv( val, 0, 0, &bv );
++ if ( dnNormalize( 0, NULL, NULL, &bv, &si->base, NULL )) {
++ fprintf( stderr, "Invalid base DN \"%s\"\n", val );
++ return 1;
++ }
+ } else if ( !strncasecmp( cargv[ i ],
+ SCOPESTR, sizeof( SCOPESTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( SCOPESTR );
diff --git a/net/openldap23-server/files/patch-servers::slapd::daemon.c b/net/openldap23-server/files/patch-servers::slapd::daemon.c
new file mode 100644
index 000000000000..09e9b11f9704
--- /dev/null
+++ b/net/openldap23-server/files/patch-servers::slapd::daemon.c
@@ -0,0 +1,32 @@
+--- servers/slapd/daemon.c Mon Oct 13 03:57:02 2003
++++ servers/slapd/daemon.c Sun Oct 19 15:33:56 2003
+@@ -1357,8 +1357,8 @@
+ ldap_pvt_thread_mutex_unlock( &syncrepl_rq.rq_mutex );
+ ldap_pvt_thread_pool_submit( &connection_pool,
+ rtask->routine, (void *) rtask );
++ ldap_pvt_thread_mutex_lock( &syncrepl_rq.rq_mutex );
+ }
+- ldap_pvt_thread_mutex_lock( &syncrepl_rq.rq_mutex );
+ rtask = ldap_pvt_runqueue_next_sched( &syncrepl_rq, &cat );
+ }
+ ldap_pvt_thread_mutex_unlock( &syncrepl_rq.rq_mutex );
+@@ -2077,18 +2077,10 @@
+ * SIGBREAK is generated when a user logs out.
+ */
+
+-#if 0
+ #if HAVE_NT_SERVICE_MANAGER && SIGBREAK
+ if (is_NT_Service && sig == SIGBREAK)
+-#ifdef NEW_LOGGING
+- LDAP_LOG( CONNECTION, CRIT,
+- "slap_sig_shutdown: SIGBREAK ignored.\n", 0, 0, 0 );
+-#else
+- Debug(LDAP_DEBUG_TRACE, "slap_sig_shutdown: SIGBREAK ignored.\n",
+- 0, 0, 0);
+-#endif
++ ;
+ else
+-#endif
+ #endif
+ #ifdef SIGHUP
+ if (sig == SIGHUP && global_gentlehup && slapd_gentle_shutdown == 0)
diff --git a/net/openldap23-server/files/patch-servers::slapd::proto-slap.h b/net/openldap23-server/files/patch-servers::slapd::proto-slap.h
new file mode 100644
index 000000000000..ebcf93bccc24
--- /dev/null
+++ b/net/openldap23-server/files/patch-servers::slapd::proto-slap.h
@@ -0,0 +1,20 @@
+--- servers/slapd/proto-slap.h Mon Oct 13 03:57:02 2003
++++ servers/slapd/proto-slap.h Sun Oct 19 15:33:56 2003
+@@ -1175,16 +1175,10 @@
+ * syncrepl.c
+ */
+
+-LDAP_SLAPD_V( const struct berval ) slap_syncrepl_bvc;
+-LDAP_SLAPD_V( const struct berval ) slap_syncrepl_cn_bvc;
+-
+ LDAP_SLAPD_V (struct runqueue_s) syncrepl_rq;
+
+-LDAP_SLAPD_F (void) init_syncrepl LDAP_P(());
++LDAP_SLAPD_F (void) init_syncrepl LDAP_P((syncinfo_t *));
+ LDAP_SLAPD_F (void*) do_syncrepl LDAP_P((void *, void *));
+-LDAP_SLAPD_F (int) ldap_sync_search LDAP_P((
+- syncinfo_t *, LDAP *, LDAPControl **,
+- LDAPControl **, int *));
+ LDAP_SLAPD_F (Entry*) syncrepl_message_to_entry LDAP_P((
+ syncinfo_t *, LDAP *, Operation *, LDAPMessage *,
+ Modifications **, int*, struct berval *, struct berval * ));
diff --git a/net/openldap23-server/files/patch-servers::slapd::slap.h b/net/openldap23-server/files/patch-servers::slapd::slap.h
new file mode 100644
index 000000000000..a50dc46db29a
--- /dev/null
+++ b/net/openldap23-server/files/patch-servers::slapd::slap.h
@@ -0,0 +1,40 @@
+--- servers/slapd/slap.h Mon Oct 6 16:57:29 2003
++++ servers/slapd/slap.h Sun Oct 19 15:33:56 2003
+@@ -451,11 +451,18 @@
+ */
+ #define SLAP_MR_VALUE_OF_ASSERTION_SYNTAX 0x0001U
+ #define SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX 0x0002U
++#define SLAP_MR_VALUE_OF_SYNTAX 0x0003U
+
+ #define SLAP_MR_IS_VALUE_OF_ATTRIBUTE_SYNTAX( usage ) \
+ ((usage) & SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX )
+ #define SLAP_MR_IS_VALUE_OF_ASSERTION_SYNTAX( usage ) \
+ ((usage) & SLAP_MR_VALUE_OF_ASSERTION_SYNTAX )
++#ifdef LDAP_DEBUG
++#define SLAP_MR_IS_VALUE_OF_SYNTAX( usage ) \
++ ((usage) & SLAP_MR_VALUE_OF_SYNTAX)
++#else
++#define SLAP_MR_IS_VALUE_OF_SYNTAX( usage ) (1)
++#endif
+
+ /* either or both the asserted value or attribute value
+ * may be provided in normalized form
+@@ -1311,8 +1318,8 @@
+ char *srvtab;
+ int schemachecking;
+ Filter *filter;
+- char *filterstr;
+- char *base;
++ struct berval filterstr;
++ struct berval base;
+ int scope;
+ int attrsonly;
+ char **attrs;
+@@ -1980,7 +1987,6 @@
+
+ ValuesReturnFilter *o_vrFilter; /* ValuesReturnFilter */
+
+- syncinfo_t* o_si;
+ int o_nocaching;
+
+ #ifdef LDAP_SLAPI
diff --git a/net/openldap23-server/files/patch-servers::slapd::syncrepl.c b/net/openldap23-server/files/patch-servers::slapd::syncrepl.c
new file mode 100644
index 000000000000..950f459f1937
--- /dev/null
+++ b/net/openldap23-server/files/patch-servers::slapd::syncrepl.c
@@ -0,0 +1,1310 @@
+--- servers/slapd/syncrepl.c Mon Oct 13 03:57:03 2003
++++ servers/slapd/syncrepl.c Sun Oct 19 15:33:56 2003
+@@ -19,6 +19,12 @@
+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
+ * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ */
++/* Modified by Howard Chu
++ *
++ * Copyright (c) 2003 by Howard Chu, Symas Corporation
++ *
++ * Modifications provided under the terms of the OpenLDAP public license.
++ */
+
+ #include "portable.h"
+
+@@ -26,7 +32,6 @@
+
+ #include <ac/string.h>
+ #include <ac/socket.h>
+-#include <db.h>
+
+ #include "ldap_pvt.h"
+ #include "lutil.h"
+@@ -35,106 +40,142 @@
+
+ #include "ldap_rq.h"
+
+-static const struct berval slap_syncrepl_bvc = BER_BVC("syncreplxxx");
+-static const struct berval slap_syncrepl_cn_bvc = BER_BVC("cn=syncreplxxx");
++#ifdef LDAP_SLAPI
++#include "slapi.h"
++#endif
++
++#define SYNCREPL_STR "syncreplxxx"
++#define CN_STR "cn="
++
++static const struct berval slap_syncrepl_bvc = BER_BVC(SYNCREPL_STR);
++static const struct berval slap_syncrepl_cn_bvc = BER_BVC(CN_STR SYNCREPL_STR);
+
+ static void
+-syncrepl_del_nonpresent( LDAP *, Operation * );
++syncrepl_del_nonpresent( LDAP *, Operation *, syncinfo_t * );
+
+ /* callback functions */
+-static int cookie_callback( struct slap_op *, struct slap_rep * );
+ static int dn_callback( struct slap_op *, struct slap_rep * );
+ static int nonpresent_callback( struct slap_op *, struct slap_rep * );
+ static int null_callback( struct slap_op *, struct slap_rep * );
+-static int contextcsn_callback( Operation*, SlapReply* );
+
+-static AttributeDescription **sync_descs;
++static AttributeDescription *sync_descs[4];
+
+ struct runqueue_s syncrepl_rq;
+
+ void
+-init_syncrepl()
++init_syncrepl(syncinfo_t *si)
+ {
+- sync_descs = ch_malloc( 4 * sizeof( AttributeDescription * ));
+- sync_descs[0] = slap_schema.si_ad_objectClass;
+- sync_descs[1] = slap_schema.si_ad_structuralObjectClass;
+- sync_descs[2] = slap_schema.si_ad_entryCSN;
+- sync_descs[3] = NULL;
++ int i, j, k, n;
++ char **tmp;
++
++ if ( !sync_descs[0] ) {
++ sync_descs[0] = slap_schema.si_ad_objectClass;
++ sync_descs[1] = slap_schema.si_ad_structuralObjectClass;
++ sync_descs[2] = slap_schema.si_ad_entryCSN;
++ sync_descs[3] = NULL;
++ }
++
++ for ( n = 0; si->attrs[ n ] != NULL; n++ ) ;
++
++ if ( n ) {
++ /* Delete Attributes */
++ for ( i = 0; sync_descs[i] != NULL; i++ ) {
++ for ( j = 0; si->attrs[j] != NULL; j++ ) {
++ if ( !strcmp( si->attrs[j], sync_descs[i]->ad_cname.bv_val )) {
++ ch_free( si->attrs[j] );
++ for ( k = j; si->attrs[k] != NULL; k++ ) {
++ si->attrs[k] = si->attrs[k+1];
++ }
++ }
++ }
++ }
++ for ( n = 0; si->attrs[ n ] != NULL; n++ );
++ tmp = ( char ** ) ch_realloc( si->attrs, ( n + 4 ) * sizeof( char * ));
++ if ( tmp == NULL ) {
++#ifdef NEW_LOGGING
++ LDAP_LOG( OPERATION, ERR, "out of memory\n", 0,0,0 );
++#else
++ Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 );
++#endif
++ }
++ } else {
++ tmp = ( char ** ) ch_realloc( si->attrs, 5 * sizeof( char * ));
++ if ( tmp == NULL ) {
++#ifdef NEW_LOGGING
++ LDAP_LOG( OPERATION, ERR, "out of memory\n", 0,0,0 );
++#else
++ Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 );
++#endif
++ }
++ tmp[ n++ ] = ch_strdup( "*" );
++ }
++
++ si->attrs = tmp;
++
++ /* Add Attributes */
++
++ for ( i = 0; sync_descs[ i ] != NULL; i++ ) {
++ si->attrs[ n++ ] = ch_strdup ( sync_descs[i]->ad_cname.bv_val );
++ si->attrs[ n ] = NULL;
++ }
+ }
+
+-int
++static int
+ ldap_sync_search(
+ syncinfo_t *si,
+ LDAP *ld,
+- LDAPControl **sctrls,
+- LDAPControl **cctrls,
++ void *ctx,
+ int *msgidp )
+ {
+- BerElement *ber;
+- int timelimit;
+- ber_int_t id;
+-
+- int rc;
+- BerElement *sync_ber = NULL;
+- struct berval *sync_bvalp = NULL;
+- LDAPControl c[2];
+- LDAPControl **ctrls;
+- int err;
++ BerElementBuffer berbuf;
++ BerElement *ber = (BerElement *)&berbuf;
++ LDAPControl c[2], *ctrls[3];
+ struct timeval timeout;
++ int rc;
+
+- /* setup LDAP SYNC control */
+- sync_ber = ber_alloc_t( LBER_USE_DER );
+- ber_set_option( sync_ber, LBER_OPT_BER_MEMCTX, NULL );
+-
+- if ( si->syncCookie ) {
+- ber_printf( sync_ber, "{eO}", abs(si->type), si->syncCookie );
+- } else {
+- ber_printf( sync_ber, "{e}", abs(si->type) );
+- }
+-
+- if ( ber_flatten( sync_ber, &sync_bvalp ) == LBER_ERROR ) {
+- ber_free( sync_ber, 1 );
+- return LBER_ERROR;
+- }
+- ber_free( sync_ber, 1 );
+-
+- ctrls = (LDAPControl**) sl_calloc( 3, sizeof(LDAPControl*), NULL );
+-
+- c[0].ldctl_oid = LDAP_CONTROL_SYNC;
+- c[0].ldctl_value = (*sync_bvalp);
+- c[0].ldctl_iscritical = si->type < 0;
+- ctrls[0] = &c[0];
+-
+- if ( si->authzId ) {
+- c[1].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
+- c[1].ldctl_value.bv_val = si->authzId;
+- c[1].ldctl_value.bv_len = strlen( si->authzId );
+- c[1].ldctl_iscritical = 1;
+- ctrls[1] = &c[1];
+- } else {
+- ctrls[1] = NULL;
+- }
+-
+- ctrls[2] = NULL;
++ /* setup LDAP SYNC control */
++ ber_init2( ber, NULL, LBER_USE_DER );
++ ber_set_option( ber, LBER_OPT_BER_MEMCTX, &ctx );
+
+- err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, ctrls );
++ if ( si->syncCookie ) {
++ ber_printf( ber, "{eO}", abs(si->type), si->syncCookie );
++ } else {
++ ber_printf( ber, "{e}", abs(si->type) );
++ }
++
++ if ( (rc = ber_flatten2( ber, &c[0].ldctl_value, 0 )) == LBER_ERROR ) {
++ ber_free_buf( ber );
++ return rc;
++ }
+
+- ber_bvfree( sync_bvalp );
+- ch_free( ctrls );
++ c[0].ldctl_oid = LDAP_CONTROL_SYNC;
++ c[0].ldctl_iscritical = si->type < 0;
++ ctrls[0] = &c[0];
+
+- if ( err != LDAP_OPT_SUCCESS )
+- fprintf( stderr, "Could not set controls : %d\n", err );
++ if ( si->authzId ) {
++ c[1].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
++ ber_str2bv( si->authzId, 0, 0, &c[1].ldctl_value );
++ c[1].ldctl_iscritical = 1;
++ ctrls[1] = &c[1];
++ ctrls[2] = NULL;
++ } else {
++ ctrls[1] = NULL;
++ }
+
+ timeout.tv_sec = si->tlimit > 0 ? si->tlimit : 1;
++ timeout.tv_usec = 0;
+
+- rc = ldap_search_ext( ld, si->base, si->scope, si->filterstr,
+- si->attrs, si->attrsonly, sctrls, cctrls,
++ rc = ldap_search_ext( ld, si->base.bv_val, si->scope, si->filterstr.bv_val,
++ si->attrs, si->attrsonly, ctrls, NULL,
+ si->tlimit < 0 ? NULL : &timeout,
+ si->slimit, msgidp );
++ ber_free_buf( ber );
+
+ return rc;
+ }
+
++static const Listener dummy_list = { {0, ""}, {0, ""} };
++
+ void *
+ do_syncrepl(
+ void *ctx,
+@@ -142,18 +183,11 @@
+ {
+ struct re_s* rtask = arg;
+ syncinfo_t *si = ( syncinfo_t * ) rtask->arg;
+- Backend *be = si->be;
+-
+- SlapReply rs = {REP_RESULT};
++ Backend *be;
+
+- LDAPControl c[2];
+- LDAPControl **sctrls = NULL;
+ LDAPControl **rctrls = NULL;
+ LDAPControl *rctrlp = NULL;
+- BerElement *sync_ber = NULL;
+- struct berval *sync_bvalp = NULL;
+
+- BerElement *ctrl_ber = NULL;
+ BerElement *res_ber = NULL;
+
+ LDAP *ld = NULL;
+@@ -162,10 +196,6 @@
+
+ ber_int_t msgid;
+
+- int nresponses, nreferences, nextended, npartial;
+- int nresponses_psearch;
+-
+- int cancel_msgid = -1;
+ char *retoid = NULL;
+ struct berval *retdata = NULL;
+
+@@ -182,31 +212,20 @@
+ ber_len_t len;
+ int syncinfo_arrived = 0;
+
+- char **tmp = NULL;
+- AttributeDescription** descs = NULL;
+-
+- Connection conn;
++ Connection conn = {0};
+ Operation op = {0};
+ slap_callback cb;
+
+ void *memctx = NULL;
+ ber_len_t memsiz;
+
+- int i, j, k, n;
+ int rc_efree;
+
+- struct berval base_bv = { 0, NULL };
+- struct berval pbase = { 0, NULL };
+- struct berval nbase = { 0, NULL };
+- struct berval psubrdn = { 0, NULL };
+- struct berval nsubrdn = { 0, NULL };
+ struct berval psub = { 0, NULL };
+- struct berval nsub = { 0, NULL };
+ Modifications *modlist = NULL;
+- Modifications *ml, *mlnext;
+- char *def_filter_str = NULL;
+
+- struct berval slap_syncrepl_bv = BER_BVNULL;
++ char syncrepl_cbuf[sizeof(CN_STR SYNCREPL_STR)];
++ struct berval syncrepl_cn_bv = {sizeof(syncrepl_cbuf)-1, syncrepl_cbuf};
+
+ const char *text;
+ int match;
+@@ -224,7 +243,7 @@
+ return NULL;
+
+ if ( abs(si->type) != LDAP_SYNC_REFRESH_ONLY &&
+- abs(si->type) != LDAP_SYNC_REFRESH_AND_PERSIST ) {
++ abs(si->type) != LDAP_SYNC_REFRESH_AND_PERSIST ) {
+ return NULL;
+ }
+
+@@ -235,14 +254,15 @@
+ rc = ldap_initialize( &ld, si->provideruri );
+ if ( rc != LDAP_SUCCESS ) {
+ #ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR, "do_syncrepl: "
+- "ldap_initialize failed (%s)\n",
++ LDAP_LOG( OPERATION, ERR,
++ "do_syncrepl: ldap_initialize failed (%s)\n",
+ si->provideruri, 0, 0 );
+ #else
+- Debug( LDAP_DEBUG_ANY, "do_syncrepl: "
+- "ldap_initialize failed (%s)\n",
++ Debug( LDAP_DEBUG_ANY,
++ "do_syncrepl: ldap_initialize failed (%s)\n",
+ si->provideruri, 0, 0 );
+ #endif
++ return NULL;
+ }
+
+ op.o_protocol = LDAP_VERSION3;
+@@ -293,10 +313,10 @@
+
+ defaults = lutil_sasl_defaults( ld,
+ si->saslmech,
+- si->realm,
+- si->authcId,
+- si->passwd,
+- si->authzId );
++ si->realm,
++ si->authcId,
++ si->passwd,
++ si->authzId );
+
+ rc = ldap_sasl_interactive_bind_s( ld,
+ si->binddn,
+@@ -306,6 +326,8 @@
+ lutil_sasl_interact,
+ defaults );
+
++ lutil_sasl_freedefs( defaults );
++
+ /* FIXME : different error behaviors according to
+ 1) return code
+ 2) on err policy : exit, retry, backoff ...
+@@ -343,6 +365,16 @@
+ /* set thread context in syncinfo */
+ si->ctx = ctx;
+
++ be = si->be;
++
++ si->conn = &conn;
++ conn.c_connid = -1;
++ conn.c_send_ldap_result = slap_send_ldap_result;
++ conn.c_send_search_entry = slap_send_search_entry;
++ conn.c_send_search_reference = slap_send_search_reference;
++ conn.c_listener = (Listener *)&dummy_list;
++ conn.c_peer_name = slap_empty_bv;
++
+ /* set memory context */
+ #define SLAB_SIZE 1048576
+ memsiz = SLAB_SIZE;
+@@ -350,119 +382,44 @@
+ op.o_tmpmemctx = memctx;
+ op.o_tmpmfuncs = &sl_mfuncs;
+
+- op.o_si = si;
+- op.o_tag = LDAP_REQ_SEARCH;
+ op.o_dn = si->updatedn;
+ op.o_ndn = si->updatedn;
+ op.o_callback = &cb;
+ op.o_time = slap_get_time();
+- op.o_managedsait = 1;
+ op.o_threadctx = si->ctx;
++ op.o_managedsait = 1;
+ op.o_bd = be;
+ op.o_conn = &conn;
+ op.o_connid = op.o_conn->c_connid;
+- op.ors_scope = LDAP_SCOPE_BASE;
+- op.ors_deref = LDAP_DEREF_NEVER;
+- op.ors_slimit = 0;
+- op.ors_tlimit = 0;
+- op.ors_attrsonly = 0;
+- op.ors_attrs = NULL;
+- op.ors_filter = str2filter_x( &op, def_filter_str = "(objectClass=*)" );
+- ber_str2bv( def_filter_str, 0, 0, &op.ors_filterstr );
+-
+- si->conn = &conn;
+- conn.c_send_ldap_result = slap_send_ldap_result;
+- conn.c_send_search_entry = slap_send_search_entry;
+- conn.c_send_search_reference = slap_send_search_reference;
++#if defined( LDAP_SLAPI )
++ op.o_pb = slapi_pblock_new();
++ slapi_x_create_object_extensions( SLAPI_X_EXT_OPERATION, &op );
++#endif /* defined( LDAP_SLAPI ) */
+
+ /* get syncrepl cookie of shadow replica from subentry */
+- ber_str2bv( si->base, 0, 0, &base_bv );
+- dnPrettyNormal( 0, &base_bv, &pbase, &nbase, op.o_tmpmemctx );
+-
+- ber_dupbv( &slap_syncrepl_bv, (struct berval *) &slap_syncrepl_bvc );
+- slap_syncrepl_bv.bv_len = snprintf( slap_syncrepl_bv.bv_val,
+- slap_syncrepl_bvc.bv_len,
+- "syncrepl%d", si->id );
+- build_new_dn( &op.o_req_dn, &pbase, &slap_syncrepl_bv, op.o_tmpmemctx );
+- build_new_dn( &op.o_req_ndn, &nbase, &slap_syncrepl_bv, op.o_tmpmemctx );
+
+- /* set callback function */
+- cb.sc_response = cookie_callback;
+- cb.sc_private = si;
++ snprintf(syncrepl_cbuf, sizeof(syncrepl_cbuf), CN_STR "syncrepl%d",
++ si->id );
++ build_new_dn( &op.o_req_ndn, &si->base, &syncrepl_cn_bv, op.o_tmpmemctx );
++ op.o_req_dn = op.o_req_ndn;
+
+- /* search subentry to retrieve cookie */
+ si->syncCookie = NULL;
+- be->be_search( &op, &rs );
+-
+- if ( op.o_req_dn.bv_val )
+- ch_free( op.o_req_dn.bv_val );
+- if ( op.o_req_ndn.bv_val )
+- ch_free( op.o_req_ndn.bv_val );
+- if ( op.ors_filter )
+- filter_free( op.ors_filter );
+- if ( op.ors_filterstr.bv_val )
+- ch_free( op.ors_filterstr.bv_val );
+- if ( slap_syncrepl_bv.bv_val )
+- ch_free( slap_syncrepl_bv.bv_val );
+- if ( pbase.bv_val )
+- ch_free( pbase.bv_val );
+- if ( nbase.bv_val )
+- ch_free( nbase.bv_val );
++ backend_attribute( &op, NULL, &op.o_req_ndn,
++ slap_schema.si_ad_syncreplCookie, &si->syncCookie );
+
+ ber_dupbv( &syncCookie_req, si->syncCookie );
+
+ psub = be->be_nsuffix[0];
+
+- for ( n = 0; si->attrs[ n ] != NULL; n++ ) ;
+-
+- if ( n != 0 ) {
+- /* Delete Attributes */
+- descs = sync_descs;
+- for ( i = 0; descs[i] != NULL; i++ ) {
+- for ( j = 0; si->attrs[j] != NULL; j++ ) {
+- if ( !strcmp( si->attrs[j], descs[i]->ad_cname.bv_val )) {
+- ch_free( si->attrs[j] );
+- for ( k = j; si->attrs[k] != NULL; k++ ) {
+- si->attrs[k] = si->attrs[k+1];
+- }
+- }
+- }
+- }
+- for ( n = 0; si->attrs[ n ] != NULL; n++ );
+- tmp = ( char ** ) ch_realloc( si->attrs, ( n + 4 ) * sizeof( char * ));
+- if ( tmp == NULL ) {
+-#ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR, "out of memory\n", 0,0,0 );
+-#else
+- Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 );
+-#endif
+- }
+- } else {
+- tmp = ( char ** ) ch_realloc( si->attrs, 5 * sizeof( char * ));
+- if ( tmp == NULL ) {
++ rc = ldap_sync_search( si, ld, memctx, &msgid );
++ if( rc != LDAP_SUCCESS ) {
+ #ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR, "out of memory\n", 0,0,0 );
++ LDAP_LOG ( OPERATION, ERR, "do_syncrepl: "
++ "ldap_search_ext: %s (%d)\n", ldap_err2string( rc ), rc, 0 );
+ #else
+- Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 );
++ Debug( LDAP_DEBUG_ANY, "do_syncrepl: "
++ "ldap_search_ext: %s (%d)\n", ldap_err2string( rc ), rc, 0 );
+ #endif
+- }
+- tmp[ n++ ] = ch_strdup( "*" );
+- }
+-
+- descs = sync_descs;
+- si->attrs = tmp;
+-
+- /* Add Attributes */
+-
+- for ( i = 0; descs[ i ] != NULL; i++ ) {
+- si->attrs[ n++ ] = ch_strdup ( descs[i]->ad_cname.bv_val );
+- si->attrs[ n ] = NULL;
+- }
+-
+- rc = ldap_sync_search( si, ld, NULL, NULL, &msgid );
+- if( rc != LDAP_SUCCESS ) {
+- fprintf( stderr, "syncrepl: ldap_search_ext: %s (%d)\n",
+- ldap_err2string( rc ), rc );
+ return NULL;
+ }
+
+@@ -473,7 +430,6 @@
+ }
+
+ while (( rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ONE, tout_p, &res )) >= 0 ) {
+-
+ if ( rc == 0 ) {
+ if ( slapd_abrupt_shutdown ) {
+ break;
+@@ -483,8 +439,8 @@
+ }
+
+ for ( msg = ldap_first_message( ld, res );
+- msg != NULL;
+- msg = ldap_next_message( ld, msg ) )
++ msg != NULL;
++ msg = ldap_next_message( ld, msg ) )
+ {
+ syncCookie.bv_len = 0; syncCookie.bv_val = NULL;
+ switch( ldap_msgtype( msg ) ) {
+@@ -517,17 +473,18 @@
+ case LDAP_RES_SEARCH_RESULT:
+ ldap_parse_result( ld, msg, &err, NULL, NULL, NULL, &rctrls, 0 );
+ if ( rctrls ) {
++ BerElementBuffer berbuf;
++ BerElement *ctrl_ber;
+ rctrlp = *rctrls;
+- ctrl_ber = ber_alloc_t( LBER_USE_DER );
+- ber_set_option( ctrl_ber, LBER_OPT_BER_MEMCTX, &op.o_tmpmemctx );
+- ber_write( ctrl_ber, rctrlp->ldctl_value.bv_val, rctrlp->ldctl_value.bv_len, 0 );
+- ber_reset( ctrl_ber, 1 );
++ ctrl_ber = (BerElement *)&berbuf;
++ ber_init2( ctrl_ber, &rctrlp->ldctl_value, LBER_USE_DER );
+
+ ber_scanf( ctrl_ber, "{" /*"}"*/);
+ if ( ber_peek_tag( ctrl_ber, &len )
+ == LDAP_SYNC_TAG_COOKIE ) {
+ ber_scanf( ctrl_ber, "o", &syncCookie );
+ }
++ ldap_controls_free( rctrls );
+ }
+ value_match( &match, slap_schema.si_ad_entryCSN,
+ slap_schema.si_ad_entryCSN->ad_type->sat_ordering,
+@@ -541,8 +498,6 @@
+ if ( syncCookie.bv_len && match < 0) {
+ syncrepl_updateCookie( si, ld, &op, &psub, &syncCookie );
+ }
+- if ( ctrl_ber )
+- ber_free( ctrl_ber, 1 );
+ goto done;
+ } else {
+ /* FIXME : different error behaviors according to
+@@ -553,10 +508,8 @@
+ syncrepl_updateCookie( si, ld, &op, &psub, &syncCookie);
+ }
+ if ( si->sync_mode == LDAP_SYNC_STATE_MODE && match < 0 ) {
+- syncrepl_del_nonpresent( ld, &op );
++ syncrepl_del_nonpresent( ld, &op, si );
+ }
+- if ( ctrl_ber )
+- ber_free( ctrl_ber, 1 );
+ goto done;
+ }
+ break;
+@@ -595,7 +548,7 @@
+
+ if ( syncstate == LDAP_SYNC_STATE_MODE_DONE ) {
+ if ( match < 0 ) {
+- syncrepl_del_nonpresent( ld, &op );
++ syncrepl_del_nonpresent( ld, &op, si );
+ }
+ si->sync_mode = LDAP_SYNC_LOG_MODE;
+ } else if ( syncstate == LDAP_SYNC_LOG_MODE_DONE ) {
+@@ -643,10 +596,14 @@
+ break;
+
+ }
+- if ( syncCookie.bv_val )
++ if ( syncCookie.bv_val ) {
+ ch_free( syncCookie.bv_val );
+- if ( syncUUID.bv_val )
++ syncCookie.bv_val = NULL;
++ }
++ if ( syncUUID.bv_val ) {
+ ch_free( syncUUID.bv_val );
++ syncUUID.bv_val = NULL;
++ }
+ }
+ ldap_msgfree( res );
+ }
+@@ -668,6 +625,11 @@
+ }
+
+ done:
++#if defined( LDAP_SLAPI )
++ if ( op.o_pb ) slapi_pblock_destroy( op.o_pb );
++ slapi_x_free_object_extensions( SLAPI_X_EXT_OPERATION, &op );
++#endif /* defined( LDAP_SLAPI ) */
++
+ if ( syncCookie.bv_val )
+ ch_free( syncCookie.bv_val );
+ if ( syncCookie_req.bv_val )
+@@ -704,37 +666,22 @@
+ struct berval *syncCookie
+ )
+ {
+- Entry *e;
++ Entry *e = NULL;
+ BerElement *ber = NULL;
+- BerElement *tmpber;
+- struct berval bv = {0, NULL};
+ Modifications tmp;
+ Modifications *mod;
+ Modifications **modtail = modlist;
+- Backend *be = op->o_bd;
+
+ const char *text;
+ char txtbuf[SLAP_TEXT_BUFLEN];
+ size_t textlen = sizeof txtbuf;
+
+- struct berval **bvals = NULL;
+- char *dn;
+- struct berval bdn = {0, NULL};
+- Attribute *attr;
+- struct berval empty_bv = { 0, NULL };
++ struct berval bdn = {0, NULL}, dn, ndn;
+ int rc;
+- char *a;
+
+ ber_len_t len;
+ LDAPControl* rctrlp;
+ LDAPControl** rctrls = NULL;
+- BerElement* ctrl_ber;
+-
+- ber_tag_t tag;
+-
+- Modifications *ml = NULL;
+- AttributeDescription** descs;
+- int i;
+
+ *modlist = NULL;
+
+@@ -751,61 +698,7 @@
+
+ op->o_tag = LDAP_REQ_ADD;
+
+- rc = ldap_get_dn_ber( ld, msg, &ber, &bdn );
+-
+- if ( rc != LDAP_SUCCESS ) {
+-#ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR,
+- "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 );
+-#else
+- Debug( LDAP_DEBUG_ANY,
+- "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 );
+-#endif
+- return NULL;
+- }
+-
+- e = ( Entry * ) ch_calloc( 1, sizeof( Entry ));
+- dnPrettyNormal( NULL, &bdn, &e->e_name, &e->e_nname, NULL );
+-
+- e->e_attrs = NULL;
+-
+- while ( ber_remaining( ber ) ) {
+- tag = ber_scanf( ber, "{mW}", &tmp.sml_type, &tmp.sml_values );
+-
+- if ( tag == LBER_ERROR ) break;
+- if ( tmp.sml_type.bv_val == NULL ) break;
+-
+- mod = (Modifications *) ch_malloc( sizeof( Modifications ));
+-
+- mod->sml_op = LDAP_MOD_REPLACE;
+- mod->sml_next = NULL;
+- mod->sml_desc = NULL;
+- mod->sml_type = tmp.sml_type;
+- mod->sml_bvalues = tmp.sml_bvalues;
+- mod->sml_nvalues = NULL;
+-
+- *modtail = mod;
+- modtail = &mod->sml_next;
+- }
+-
+- if ( ber_scanf( ber, "}") == LBER_ERROR ) {
+-#ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR,
+- "syncrepl_message_to_entry: ber_scanf failed\n", 0, 0, 0 );
+-#else
+- Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: ber_scanf failed\n",
+- 0, 0, 0 );
+-#endif
+- return NULL;
+- }
+-
+- ber_free( ber, 0 );
+- tmpber = ldap_get_message_ber( msg );
+- ber = ber_dup( tmpber );
+-
+- ber_scanf( ber, "{xx" );
+-
+- rc = ldap_pvt_get_controls( ber, &rctrls );
++ rc = ldap_get_entry_controls( ld, msg, &rctrls );
+ if ( rc != LDAP_SUCCESS ) {
+ #ifdef NEW_LOGGING
+ LDAP_LOG( OPERATION, ERR,
+@@ -818,16 +711,16 @@
+ }
+
+ if ( rctrls ) {
++ BerElementBuffer berbuf;
++ BerElement *ctrl_ber;
++
+ rctrlp = *rctrls;
+- ctrl_ber = ber_alloc_t( LBER_USE_DER );
+- ber_set_option( ctrl_ber, LBER_OPT_BER_MEMCTX, &op->o_tmpmemctx );
+- ber_write( ctrl_ber, rctrlp->ldctl_value.bv_val, rctrlp->ldctl_value.bv_len, 0 );
+- ber_reset( ctrl_ber, 1 );
++ ctrl_ber = (BerElement *)&berbuf;
++ ber_init2( ctrl_ber, &rctrlp->ldctl_value, LBER_USE_DER );
+ ber_scanf( ctrl_ber, "{eo", syncstate, syncUUID );
+ if ( ber_peek_tag( ctrl_ber, &len ) == LDAP_SYNC_TAG_COOKIE ) {
+ ber_scanf( ctrl_ber, "o}", syncCookie );
+ }
+- ber_free( ctrl_ber, 1 );
+ ldap_controls_free( rctrls );
+ } else {
+ #ifdef NEW_LOGGING
+@@ -839,8 +732,48 @@
+ #endif
+ }
+
++ rc = ldap_get_dn_ber( ld, msg, &ber, &bdn );
++
++ if ( rc != LDAP_SUCCESS ) {
++#ifdef NEW_LOGGING
++ LDAP_LOG( OPERATION, ERR,
++ "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 );
++#else
++ Debug( LDAP_DEBUG_ANY,
++ "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 );
++#endif
++ return NULL;
++ }
++
++ dnPrettyNormal( NULL, &bdn, &dn, &ndn, op->o_tmpmemctx );
++ ber_dupbv( &op->o_req_dn, &dn );
++ ber_dupbv( &op->o_req_ndn, &ndn );
++ sl_free( ndn.bv_val, op->o_tmpmemctx );
++ sl_free( dn.bv_val, op->o_tmpmemctx );
++
+ if ( *syncstate == LDAP_SYNC_PRESENT || *syncstate == LDAP_SYNC_DELETE ) {
+- goto done;
++ return NULL;
++ }
++
++ e = ( Entry * ) ch_calloc( 1, sizeof( Entry ) );
++ e->e_name = op->o_req_dn;
++ e->e_nname = op->o_req_ndn;
++
++ while ( ber_remaining( ber ) ) {
++ if ( (ber_scanf( ber, "{mW}", &tmp.sml_type, &tmp.sml_values ) ==
++ LBER_ERROR ) || ( tmp.sml_type.bv_val == NULL )) break;
++
++ mod = (Modifications *) ch_malloc( sizeof( Modifications ));
++
++ mod->sml_op = LDAP_MOD_REPLACE;
++ mod->sml_next = NULL;
++ mod->sml_desc = NULL;
++ mod->sml_type = tmp.sml_type;
++ mod->sml_bvalues = tmp.sml_bvalues;
++ mod->sml_nvalues = NULL;
++
++ *modtail = mod;
++ modtail = &mod->sml_next;
+ }
+
+ if ( *modlist == NULL ) {
+@@ -853,21 +786,6 @@
+ #endif
+ }
+
+- ml = *modlist;
+- while ( ml != NULL ) {
+- AttributeDescription *ad = NULL;
+- rc = slap_bv2ad( &ml->sml_type, &ml->sml_desc, &text );
+-
+- if( rc != LDAP_SUCCESS ) {
+- e = NULL;
+- goto done;
+- }
+-
+- ad = ml->sml_desc;
+- ml->sml_desc = NULL;
+- ml = ml->sml_next;
+- }
+-
+ rc = slap_mods_check( *modlist, 1, &text, txtbuf, textlen, NULL );
+
+ if ( rc != LDAP_SUCCESS ) {
+@@ -878,7 +796,7 @@
+ Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: mods check (%s)\n",
+ text, 0, 0 );
+ #endif
+- return NULL;
++ goto done;
+ }
+
+ rc = slap_mods2entry( *modlist, &e, 1, 1, &text, txtbuf, textlen);
+@@ -893,8 +811,11 @@
+ }
+
+ done:
+-
+ ber_free ( ber, 0 );
++ if ( rc != LDAP_SUCCESS ) {
++ entry_free( e );
++ e = NULL;
++ }
+
+ return e;
+ }
+@@ -924,20 +845,11 @@
+ {
+ Backend *be = op->o_bd;
+ slap_callback cb;
+- struct berval csn_bv = {0, NULL};
+ struct berval *syncuuid_bv = NULL;
+- char csnbuf[ LDAP_LUTIL_CSNSTR_BUFSIZE ];
+
+ SlapReply rs = {REP_RESULT};
+ int rc = LDAP_SUCCESS;
+
+- struct berval base_bv = {0, NULL};
+-
+- char *filterstr;
+- Filter *filter;
+-
+- Attribute *a;
+-
+ if ( refresh &&
+ ( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_ADD )) {
+ syncuuid_bv = ber_dupbv( NULL, syncUUID );
+@@ -953,24 +865,21 @@
+ }
+ }
+
+- filterstr = (char *) sl_malloc( strlen("entryUUID=") + syncUUID->bv_len + 1,
++ op->ors_filterstr.bv_len = strlen("entryUUID=") + syncUUID->bv_len;
++ op->ors_filterstr.bv_val = (char *) sl_malloc( op->ors_filterstr.bv_len + 1,
+ op->o_tmpmemctx );
+- strcpy( filterstr, "entryUUID=" );
+- strcat( filterstr, syncUUID->bv_val );
++ strcpy( op->ors_filterstr.bv_val, "entryUUID=" );
++ strcat( op->ors_filterstr.bv_val, syncUUID->bv_val );
+
+ si->e = e;
+ si->syncUUID_ndn = NULL;
+
+- filter = str2filter( filterstr );
+- ber_str2bv( filterstr, strlen(filterstr), 1, &op->ors_filterstr );
+- ch_free( filterstr );
+- op->ors_filter = filter;
++ op->ors_filter = str2filter_x( op, op->ors_filterstr.bv_val );
+ op->ors_scope = LDAP_SCOPE_SUBTREE;
+
+ /* get syncrepl cookie of shadow replica from subentry */
+- ber_str2bv( si->base, strlen(si->base), 1, &base_bv );
+- dnPrettyNormal( 0, &base_bv, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx );
+- ch_free( base_bv.bv_val );
++ op->o_req_dn = si->base;
++ op->o_req_ndn = si->base;
+
+ /* set callback function */
+ op->o_callback = &cb;
+@@ -981,14 +890,10 @@
+
+ rc = be->be_search( op, &rs );
+
+- if ( op->o_req_dn.bv_val )
+- ch_free( op->o_req_dn.bv_val );
+- if ( op->o_req_ndn.bv_val )
+- ch_free( op->o_req_ndn.bv_val );
+ if ( op->ors_filter )
+- filter_free( op->ors_filter );
++ filter_free_x( op, op->ors_filter );
+ if ( op->ors_filterstr.bv_val )
+- ch_free( op->ors_filterstr.bv_val );
++ sl_free( op->ors_filterstr.bv_val, op->o_tmpmemctx );
+
+ cb.sc_response = null_callback;
+ cb.sc_private = si;
+@@ -1086,7 +991,7 @@
+ rc = be->be_delete( op, &rs );
+ }
+ /* Already deleted otherwise */
+- return 1;
++ return 0;
+
+ default :
+ #ifdef NEW_LOGGING
+@@ -1103,23 +1008,17 @@
+ static void
+ syncrepl_del_nonpresent(
+ LDAP *ld,
+- Operation *op
++ Operation *op,
++ syncinfo_t *si
+ )
+ {
+ Backend* be = op->o_bd;
+- syncinfo_t *si = op->o_si;
+ slap_callback cb;
+- struct berval base_bv = {0, NULL};
+- Filter *filter;
+ SlapReply rs = {REP_RESULT};
+- struct berval filterstr_bv = {0, NULL};
+ struct nonpresent_entry *np_list, *np_prev;
+
+- ber_str2bv( si->base, strlen(si->base), 1, &base_bv );
+- dnPrettyNormal(0, &base_bv, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx );
+- ch_free( base_bv.bv_val );
+-
+- filter = str2filter( si->filterstr );
++ op->o_req_dn = si->base;
++ op->o_req_ndn = si->base;
+
+ cb.sc_response = nonpresent_callback;
+ cb.sc_private = si;
+@@ -1132,21 +1031,15 @@
+ op->ors_tlimit = 0;
+ op->ors_attrsonly = 0;
+ op->ors_attrs = NULL;
+- op->ors_filter = filter;
+- ber_str2bv( si->filterstr, strlen( si->filterstr ), 1, &op->ors_filterstr );
++ op->ors_filter = str2filter_x( op, si->filterstr.bv_val );
++ op->ors_filterstr = si->filterstr;
+
+ op->o_nocaching = 1;
+ be->be_search( op, &rs );
+ op->o_nocaching = 0;
+
+- if ( op->o_req_dn.bv_val )
+- ch_free( op->o_req_dn.bv_val );
+- if ( op->o_req_ndn.bv_val )
+- ch_free( op->o_req_ndn.bv_val );
+ if ( op->ors_filter )
+- filter_free( op->ors_filter );
+- if ( op->ors_filterstr.bv_val )
+- ch_free( op->ors_filterstr.bv_val );
++ filter_free_x( op, op->ors_filter );
+
+ if ( !LDAP_LIST_EMPTY( &si->nonpresentlist ) ) {
+ np_list = LDAP_LIST_FIRST( &si->nonpresentlist );
+@@ -1173,6 +1066,11 @@
+ }
+
+
++static struct berval gcbva[] = {
++ BER_BVC("top"),
++ BER_BVC("glue")
++};
++
+ void
+ syncrepl_add_glue(
+ syncinfo_t *si,
+@@ -1186,72 +1084,72 @@
+ )
+ {
+ Backend *be = op->o_bd;
+- struct berval uuid_bv = {0, NULL};
+ slap_callback cb;
+ Attribute *a;
+ int rc;
+- char uuidbuf[ LDAP_LUTIL_UUIDSTR_BUFSIZE ];
+- int levels = 0;
+- int i, j, k;
++ int suffrdns;
++ int i;
+ struct berval dn = {0, NULL};
+- struct berval pdn = {0, NULL};
+ struct berval ndn = {0, NULL};
+- struct berval rdn = {0, NULL};
+ Entry *glue;
+ SlapReply rs = {REP_RESULT};
+- Connection *conn = op->o_conn;
+- char* ptr;
++ char *ptr, *comma;
+
+ op->o_tag = LDAP_REQ_ADD;
+ op->o_callback = &cb;
+ cb.sc_response = null_callback;
+ cb.sc_private = si;
+
+- ber_dupbv( &dn, &e->e_nname );
+- ber_dupbv( &pdn, &e->e_nname );
++ dn = e->e_name;
++ ndn = e->e_nname;
+
+- ptr = dn.bv_val;
+- while ( !be_issuffix ( be, &pdn )) {
+- dnParent( &dn, &pdn );
+- dn.bv_val = pdn.bv_val;
+- dn.bv_len = pdn.bv_len;
+- levels++;
+- }
+- ch_free( ptr );
+-
+- for ( i = 0; i <= levels; i++ ) {
+- glue = (Entry*) ch_calloc( 1, sizeof(Entry) );
+- ber_dupbv( &dn, &e->e_nname );
+- j = levels - i;
+-
+- ptr = dn.bv_val;
+- for ( k = 0; k < j; k++ ) {
+- dnParent( &dn, &pdn );
+- dn.bv_val = pdn.bv_val;
+- dn.bv_len = pdn.bv_len;
++ /* count RDNs in suffix */
++ if ( be->be_nsuffix[0].bv_len ) {
++ for (i=0, ptr=be->be_nsuffix[0].bv_val; ptr; ptr=strchr( ptr, ',' )) {
++ ptr++;
++ i++;
+ }
++ suffrdns = i;
++ } else {
++ /* suffix is "" */
++ suffrdns = 0;
++ }
+
+- dnPrettyNormal( 0, &dn, &pdn, &ndn, op->o_tmpmemctx );
+- ber_dupbv( &glue->e_name, &pdn );
++ /* Start with BE suffix */
++ for ( i = 0, ptr = NULL; i < suffrdns; i++ ) {
++ comma = strrchr(dn.bv_val, ',');
++ if ( ptr ) *ptr = ',';
++ if ( comma ) *comma = '\0';
++ ptr = comma;
++ }
++ if ( ptr ) {
++ *ptr++ = ',';
++ dn.bv_len -= ptr - dn.bv_val;
++ dn.bv_val = ptr;
++ }
++ /* the normalizedDNs are always the same length, no counting
++ * required.
++ */
++ if ( ndn.bv_len > be->be_nsuffix[0].bv_len ) {
++ ndn.bv_val += ndn.bv_len - be->be_nsuffix[0].bv_len;
++ ndn.bv_len = be->be_nsuffix[0].bv_len;
++ }
++
++ while ( ndn.bv_val > e->e_nname.bv_val ) {
++ glue = (Entry *) ch_calloc( 1, sizeof(Entry) );
++ ber_dupbv( &glue->e_name, &dn );
+ ber_dupbv( &glue->e_nname, &ndn );
+- ch_free( ptr );
+- ch_free( pdn.bv_val );
+- ch_free( ndn.bv_val );
+
+ a = ch_calloc( 1, sizeof( Attribute ));
+ a->a_desc = slap_schema.si_ad_objectClass;
+
+ a->a_vals = ch_calloc( 3, sizeof( struct berval ));
+- ber_str2bv( "top", strlen("top"), 1, &a->a_vals[0] );
+- ber_str2bv( "glue", strlen("glue"), 1, &a->a_vals[1] );
++ ber_dupbv( &a->a_vals[0], &gcbva[0] );
++ ber_dupbv( &a->a_vals[1], &gcbva[1] );
+ a->a_vals[2].bv_len = 0;
+ a->a_vals[2].bv_val = NULL;
+
+- a->a_nvals = ch_calloc( 3, sizeof( struct berval ));
+- ber_str2bv( "top", strlen("top"), 1, &a->a_nvals[0] );
+- ber_str2bv( "glue", strlen("glue"), 1, &a->a_nvals[1] );
+- a->a_nvals[2].bv_len = 0;
+- a->a_nvals[2].bv_val = NULL;
++ a->a_nvals = a->a_vals;
+
+ a->a_next = glue->e_attrs;
+ glue->e_attrs = a;
+@@ -1260,42 +1158,45 @@
+ a->a_desc = slap_schema.si_ad_structuralObjectClass;
+
+ a->a_vals = ch_calloc( 2, sizeof( struct berval ));
+- ber_str2bv( "glue", strlen("glue"), 1, &a->a_vals[0] );
++ ber_dupbv( &a->a_vals[0], &gcbva[1] );
+ a->a_vals[1].bv_len = 0;
+ a->a_vals[1].bv_val = NULL;
+
+- a->a_nvals = ch_calloc( 2, sizeof( struct berval ));
+- ber_str2bv( "glue", strlen("glue"), 1, &a->a_nvals[0] );
+- a->a_nvals[1].bv_len = 0;
+- a->a_nvals[1].bv_val = NULL;
++ a->a_nvals = a->a_vals;
+
+ a->a_next = glue->e_attrs;
+ glue->e_attrs = a;
+
+- if ( !strcmp( e->e_nname.bv_val, glue->e_nname.bv_val )) {
+- op->o_req_dn = e->e_name;
+- op->o_req_ndn = e->e_nname;
+- op->ora_e = e;
+- rc = be->be_add ( op, &rs );
+- if ( rc == LDAP_SUCCESS )
+- be_entry_release_w( op, e );
+- else
+- entry_free( e );
+- entry_free( glue );
++ op->o_req_dn = glue->e_name;
++ op->o_req_ndn = glue->e_nname;
++ op->ora_e = glue;
++ rc = be->be_add ( op, &rs );
++ if ( rc == LDAP_SUCCESS ) {
++ be_entry_release_w( op, glue );
+ } else {
+- op->o_req_dn = glue->e_name;
+- op->o_req_ndn = glue->e_nname;
+- op->ora_e = glue;
+- rc = be->be_add ( op, &rs );
+- if ( rc == LDAP_SUCCESS ) {
+- be_entry_release_w( op, glue );
+- } else {
+- /* incl. ALREADY EXIST */
+- entry_free( glue );
+- }
++ /* incl. ALREADY EXIST */
++ entry_free( glue );
+ }
++
++ /* Move to next child */
++ for (ptr = dn.bv_val-2; ptr > e->e_name.bv_val && *ptr != ','; ptr--);
++ if ( ptr == e->e_name.bv_val ) break;
++ dn.bv_val = ++ptr;
++ dn.bv_len = e->e_name.bv_len - (ptr-e->e_name.bv_val);
++ for (ptr = ndn.bv_val-2; ptr > e->e_nname.bv_val && *ptr != ','; ptr--);
++ ndn.bv_val = ++ptr;
++ ndn.bv_len = e->e_nname.bv_len - (ptr-e->e_nname.bv_val);
+ }
+
++ op->o_req_dn = e->e_name;
++ op->o_req_ndn = e->e_nname;
++ op->ora_e = e;
++ rc = be->be_add ( op, &rs );
++ if ( rc == LDAP_SUCCESS )
++ be_entry_release_w( op, e );
++ else
++ entry_free( e );
++
+ return;
+ }
+
+@@ -1317,7 +1218,7 @@
+ };
+
+ static struct berval scbva[] = {
+- BER_BVC("subentry"),
++ BER_BVNULL,
+ BER_BVNULL
+ };
+
+@@ -1344,6 +1245,7 @@
+ Entry* e = NULL;
+ int rc;
+
++ char syncrepl_cbuf[sizeof(CN_STR SYNCREPL_STR)];
+ struct berval slap_syncrepl_dn_bv = BER_BVNULL;
+ struct berval slap_syncrepl_cn_bv = BER_BVNULL;
+
+@@ -1375,6 +1277,7 @@
+ *modtail = mod;
+ modtail = &mod->sml_next;
+
++ if ( scbva[0].bv_val ) ch_free( scbva[0].bv_val );
+ ber_dupbv( &scbva[0], si->syncCookie );
+ mod = (Modifications *) ch_calloc( 1, sizeof( Modifications ));
+ mod->sml_op = LDAP_MOD_REPLACE;
+@@ -1392,26 +1295,13 @@
+ *modtail = mod;
+ modtail = &mod->sml_next;
+
+-#if 0
+- rc = slap_mods_check( modlist, 1, &text, txtbuf, textlen, NULL );
+-
+- if ( rc != LDAP_SUCCESS ) {
+-#ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR,
+- "syncrepl_updateCookie: mods check (%s)\n", text, 0, 0 );
+-#else
+- Debug( LDAP_DEBUG_ANY, "syncrepl_updateCookie: mods check (%s)\n",
+- text, 0, 0 );
+-#endif
+- }
+-#endif
++ mlnext = mod;
+
+ op->o_tag = LDAP_REQ_ADD;
+ rc = slap_mods_opattrs( op, modlist, modtail,
+ &text,txtbuf, textlen );
+
+- for ( ml = modlist; ml != NULL; ml = mlnext ) {
+- mlnext = ml->sml_next;
++ for ( ml = modlist; ml != NULL; ml = ml->sml_next ) {
+ ml->sml_op = LDAP_MOD_REPLACE;
+ }
+
+@@ -1427,18 +1317,17 @@
+
+ e = ( Entry * ) ch_calloc( 1, sizeof( Entry ));
+
+- ber_dupbv( &slap_syncrepl_cn_bv, (struct berval *) &slap_syncrepl_cn_bvc );
++ slap_syncrepl_cn_bv.bv_val = syncrepl_cbuf;
+ slap_syncrepl_cn_bv.bv_len = snprintf( slap_syncrepl_cn_bv.bv_val,
+ slap_syncrepl_cn_bvc.bv_len,
+ "cn=syncrepl%d", si->id );
+
+- build_new_dn( &slap_syncrepl_dn_bv, pdn, &slap_syncrepl_cn_bv, NULL );
+- dnPrettyNormal( NULL, &slap_syncrepl_dn_bv, &e->e_name, &e->e_nname, NULL );
++ build_new_dn( &slap_syncrepl_dn_bv, pdn, &slap_syncrepl_cn_bv, op->o_tmpmemctx );
++ ber_dupbv( &e->e_name, &slap_syncrepl_dn_bv );
++ ber_dupbv( &e->e_nname, &slap_syncrepl_dn_bv );
+
+- if ( slap_syncrepl_cn_bv.bv_val )
+- ch_free( slap_syncrepl_cn_bv.bv_val );
+ if ( slap_syncrepl_dn_bv.bv_val )
+- ch_free( slap_syncrepl_dn_bv.bv_val );
++ sl_free( slap_syncrepl_dn_bv.bv_val, op->o_tmpmemctx );
+
+ e->e_attrs = NULL;
+
+@@ -1519,10 +1408,21 @@
+
+ done :
+
+- if ( cnbva[0].bv_val )
++ if ( cnbva[0].bv_val ) {
+ ch_free( cnbva[0].bv_val );
++ cnbva[0].bv_val = NULL;
++ }
++ if ( scbva[0].bv_val ) {
++ ch_free( scbva[0].bv_val );
++ scbva[0].bv_val = NULL;
++ }
++
++ if ( mlnext->sml_next ) {
++ slap_mods_free( mlnext->sml_next );
++ mlnext->sml_next = NULL;
++ }
+
+- for ( ; ml != NULL; ml = mlnext ) {
++ for (ml = modlist ; ml != NULL; ml = mlnext ) {
+ mlnext = ml->sml_next;
+ free( ml );
+ }
+@@ -1543,27 +1443,6 @@
+ }
+
+ static int
+-cookie_callback(
+- Operation* op,
+- SlapReply* rs
+-)
+-{
+- syncinfo_t *si = op->o_callback->sc_private;
+- Attribute *a;
+-
+- if ( rs->sr_type != REP_SEARCH ) return LDAP_SUCCESS;
+-
+- a = attr_find( rs->sr_entry->e_attrs, slap_schema.si_ad_syncreplCookie );
+-
+- if ( a == NULL ) {
+- si->syncCookie = NULL;
+- } else {
+- si->syncCookie = ber_dupbv( NULL, &a->a_vals[0] );
+- }
+- return LDAP_SUCCESS;
+-}
+-
+-static int
+ dn_callback(
+ Operation* op,
+ SlapReply* rs
+@@ -1602,8 +1481,6 @@
+ Attribute *a;
+ int count = 0;
+ struct berval* present_uuid = NULL;
+- slap_callback cb;
+- SlapReply rs_cb = {REP_RESULT};
+ struct nonpresent_entry *np_entry;
+
+ if ( rs->sr_type == REP_RESULT ) {
+@@ -1643,8 +1520,6 @@
+ SlapReply* rs
+ )
+ {
+- syncinfo_t *si = op->o_callback->sc_private;
+-
+ if ( rs->sr_err != LDAP_SUCCESS &&
+ rs->sr_err != LDAP_REFERRAL &&
+ rs->sr_err != LDAP_ALREADY_EXISTS &&
+@@ -1671,7 +1546,6 @@
+ )
+ {
+ Entry* e;
+- int rc;
+
+ struct berval bv;
+
diff --git a/net/openldap23-server/files/patch-tests::scripts::test017-syncreplication-refresh b/net/openldap23-server/files/patch-tests::scripts::test017-syncreplication-refresh
new file mode 100644
index 000000000000..c354e00a7fb6
--- /dev/null
+++ b/net/openldap23-server/files/patch-tests::scripts::test017-syncreplication-refresh
@@ -0,0 +1,71 @@
+--- tests/scripts/test017-syncreplication-refresh Mon Oct 6 16:57:32 2003
++++ tests/scripts/test017-syncreplication-refresh Sun Oct 19 15:33:58 2003
+@@ -44,9 +44,6 @@
+ fi
+ BACKEND=$SAVE
+
+-echo "Waiting 5 seconds to wait for master to start..."
+-sleep 5
+-
+ echo "Using ldapsearch to check that master slapd is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+@@ -59,22 +56,28 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID
++ exit $RC
++fi
++
+ echo "Using ldapadd to create the context prefix entry in the master..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDCP > /dev/null 2>&1
+ RC=$?
+ if test $RC != 0 ; then
+ echo "ldapadd failed ($RC)!"
+- kill -HUP $PID $SLAVEPID
++ kill -HUP $PID
+ exit $RC
+ fi
+
+ echo "Starting slave slapd on TCP/IP port $R1SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $R1SRSLAVECONF > $R1REPLCONF
+ $SLAPD -f $R1REPLCONF -h $R1SLAVEURI -d $LVL $TIMING > $R1SLAVELOG 2>&1 &
+-R1SLAVEPID=$!
++SLAVEPID=$!
+ if test $WAIT != 0 ; then
+- echo SLAVEPID $R1SLAVEPID
++ echo SLAVEPID $SLAVEPID
+ read foo
+ fi
+
+@@ -90,6 +93,12 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID
++ exit $RC
++fi
++
+ echo "Using ldapadd to populate the master directory..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDNOCP > /dev/null 2>&1
+@@ -203,11 +212,11 @@
+
+ if test $RC != 0 ; then
+ echo "ldapsearch failed at slave ($RC)!"
+- kill -HUP $PID $R1SLAVEPID
++ kill -HUP $PID $SLAVEPID
+ exit $RC
+ fi
+
+-kill -HUP $PID $R1SLAVEPID
++kill -HUP $PID $SLAVEPID
+
+ SEARCHOUT=$MASTEROUT
+ LDIF=$R1SLAVEOUT
diff --git a/net/openldap23-server/files/patch-tests::scripts::test018-syncreplication-persist b/net/openldap23-server/files/patch-tests::scripts::test018-syncreplication-persist
new file mode 100644
index 000000000000..2325aef08a3a
--- /dev/null
+++ b/net/openldap23-server/files/patch-tests::scripts::test018-syncreplication-persist
@@ -0,0 +1,71 @@
+--- tests/scripts/test018-syncreplication-persist Mon Oct 6 16:57:32 2003
++++ tests/scripts/test018-syncreplication-persist Sun Oct 19 15:33:58 2003
+@@ -44,9 +44,6 @@
+ fi
+ BACKEND=$SAVE
+
+-echo "Waiting 5 seconds to wait for master to start..."
+-sleep 5
+-
+ echo "Using ldapsearch to check that master slapd is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+@@ -59,22 +56,28 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID
++ exit $RC
++fi
++
+ echo "Using ldapadd to create the context prefix entry in the master..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDCP > /dev/null 2>&1
+ RC=$?
+ if test $RC != 0 ; then
+ echo "ldapadd failed ($RC)!"
+- kill -HUP $PID $SLAVEPID
++ kill -HUP $PID
+ exit $RC
+ fi
+
+ echo "Starting slave slapd on TCP/IP port $P1SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $P1SRSLAVECONF > $P1REPLCONF
+ $SLAPD -f $P1REPLCONF -h $P1SLAVEURI -d $LVL $TIMING > $P1SLAVELOG 2>&1 &
+-P1SLAVEPID=$!
++SLAVEPID=$!
+ if test $WAIT != 0 ; then
+- echo SLAVEPID $P1SLAVEPID
++ echo SLAVEPID $SLAVEPID
+ read foo
+ fi
+
+@@ -90,6 +93,12 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $SLAVEPID
++ exit $RC
++fi
++
+ echo "Using ldapadd to populate the master directory..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDNOCP > /dev/null 2>&1
+@@ -203,11 +212,11 @@
+
+ if test $RC != 0 ; then
+ echo "ldapsearch failed at slave ($RC)!"
+- kill -HUP $PID $P1SLAVEPID
++ kill -HUP $PID $SLAVEPID
+ exit $RC
+ fi
+
+-kill -HUP $PID $P1SLAVEPID
++kill -HUP $PID $SLAVEPID
+
+ SEARCHOUT=$MASTEROUT
+ LDIF=$P1SLAVEOUT
diff --git a/net/openldap23-server/files/patch-tests::scripts::test020-syncreplication-cascading b/net/openldap23-server/files/patch-tests::scripts::test020-syncreplication-cascading
new file mode 100644
index 000000000000..182a6a73c7d0
--- /dev/null
+++ b/net/openldap23-server/files/patch-tests::scripts::test020-syncreplication-cascading
@@ -0,0 +1,220 @@
+--- tests/scripts/test020-syncreplication-cascading Mon Oct 6 16:57:32 2003
++++ tests/scripts/test020-syncreplication-cascading Sun Oct 19 15:33:58 2003
+@@ -39,13 +39,14 @@
+ mkdir $P3REPLDIR
+
+ SAVE=$BACKEND
+-if test $BACKEND = ldbm; then
+- if test $SYNCREPL = no; then
++if test $SYNCREPL = no; then
++ if test $BACKEND = ldbm; then
+ echo "Sync replication requires back-bdb or back-hdb"
+ exit 0
+ fi
+- BACKEND=$SYNCREPL
++ SYNCREPL=$BACKEND
+ fi
++BACKEND=$SYNCREPL
+ echo "Starting master slapd on TCP/IP port $PORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $SRMASTERCONF > $DBCONF
+ $SLAPD -f $DBCONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 &
+@@ -54,12 +55,8 @@
+ echo PID $PID
+ read foo
+ fi
+-BACKEND=$SAVE
+-
+-echo "Waiting 5 seconds to wait for master to start..."
+-sleep 5
+
+-echo "Using ldapsearch to check that master slapd is running..."
++echo "Using ldapsearch to check that master slapd PID $PID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -71,6 +68,12 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID
++ exit $RC
++fi
++
+ echo "Using ldapadd to create the context prefix entry in the master..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDCP > /dev/null 2>&1
+@@ -81,14 +84,6 @@
+ exit $RC
+ fi
+
+-SAVE=$BACKEND
+-if test $BACKEND = ldbm; then
+- if test $SYNCREPL = no; then
+- echo "Sync replication requires back-bdb or back-hdb"
+- exit 0
+- fi
+- BACKEND=$SYNCREPL
+-fi
+ echo "Starting R1 slave slapd on TCP/IP port $R1SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $R1SRSLAVECONF > $R1REPLCONF
+ $SLAPD -f $R1REPLCONF -h $R1SLAVEURI -d $LVL $TIMING > $R1SLAVELOG 2>&1 &
+@@ -97,9 +92,8 @@
+ echo SLAVE R1 PID $R1SLAVEPID
+ read foo
+ fi
+-BACKEND=$SAVE
+
+-echo "Using ldapsearch to check that R1 slave slapd is running..."
++echo "Using ldapsearch to check that R1 slave slapd PID $R1SLAVEPID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $R1SLAVEPORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -111,9 +105,13 @@
+ sleep 5
+ done
+
+-echo "Waiting for the R1 slave to replicate..."
+-sleep 10
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $R1SLAVEPID
++ exit $RC
++fi
+
++BACKEND=$SAVE
+ echo "Starting R2 slave slapd on TCP/IP port $R2SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $R2SRSLAVECONF > $R2REPLCONF
+ $SLAPD -f $R2REPLCONF -h $R2SLAVEURI -d $LVL $TIMING > $R2SLAVELOG 2>&1 &
+@@ -123,7 +121,7 @@
+ read foo
+ fi
+
+-echo "Using ldapsearch to check that the R2 slave slapd is running..."
++echo "Using ldapsearch to check that the R2 slave slapd PID $R2SLAVEPID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $R2SLAVEPORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -135,17 +133,13 @@
+ sleep 5
+ done
+
+-echo "Waiting for the R2 slave to replicate..."
+-sleep 10
+-
+-SAVE=$BACKEND
+-if test $BACKEND = ldbm; then
+- if test $SYNCREPL = no; then
+- echo "Sync replication requires back-bdb or back-hdb"
+- exit 0
+- fi
+- BACKEND=$SYNCREPL
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID
++ exit $RC
+ fi
++
++BACKEND=$SYNCREPL
+ echo "Starting P1 slave slapd on TCP/IP port $P1SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $P1SRSLAVECONF > $P1REPLCONF
+ $SLAPD -f $P1REPLCONF -h $P1SLAVEURI -d $LVL $TIMING > $P1SLAVELOG 2>&1 &
+@@ -154,9 +148,8 @@
+ echo SLAVE P1 PID $P1SLAVEPID
+ read foo
+ fi
+-BACKEND=$SAVE
+
+-echo "Using ldapsearch to check that the P1 slave slapd is running..."
++echo "Using ldapsearch to check that the P1 slave slapd PID $P1SLAVEPID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $P1SLAVEPORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -168,9 +161,13 @@
+ sleep 5
+ done
+
+-echo "Waiting for the P1 slave to replicate..."
+-sleep 10
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID
++ exit $RC
++fi
+
++BACKEND=$SAVE
+ echo "Starting P2 slave slapd on TCP/IP port $P2SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $P2SRSLAVECONF > $P2REPLCONF
+ $SLAPD -f $P2REPLCONF -h $P2SLAVEURI -d $LVL $TIMING > $P2SLAVELOG 2>&1 &
+@@ -180,7 +177,7 @@
+ read foo
+ fi
+
+-echo "Using ldapsearch to check that the P2 slave slapd is running..."
++echo "Using ldapsearch to check that the P2 slave slapd PID $P2SLAVEPID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $P2SLAVEPORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -192,6 +189,12 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID $P2SLAVEPID
++ exit $RC
++fi
++
+ echo "Starting P3 slave slapd on TCP/IP port $P3SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $P3SRSLAVECONF > $P3REPLCONF
+ $SLAPD -f $P3REPLCONF -h $P3SLAVEURI -d $LVL $TIMING > $P3SLAVELOG 2>&1 &
+@@ -201,7 +204,7 @@
+ read foo
+ fi
+
+-echo "Using ldapsearch to check that the P3 slave slapd is running..."
++echo "Using ldapsearch to check that the P3 slave slapd PID $P3SLAVEPID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $P3SLAVEPORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -213,6 +216,12 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID $P2SLAVEPID $P3SLAVEPID
++ exit $RC
++fi
++
+ echo "Using ldapadd to populate the master directory..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDNOCP > /dev/null 2>&1
+@@ -347,7 +356,7 @@
+ RC=$?
+
+ if test $RC != 0 ; then
+- echo "ldapsearch failed at R1 slave ($RC)!"
++ echo "ldapsearch failed at P1 slave ($RC)!"
+ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID $P2SLAVEPID $P3SLAVEPID
+ exit $RC
+ fi
+@@ -358,7 +367,7 @@
+ RC=$?
+
+ if test $RC != 0 ; then
+- echo "ldapsearch failed at R2 slave ($RC)!"
++ echo "ldapsearch failed at P2 slave ($RC)!"
+ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID $P2SLAVEPID $P3SLAVEPID
+ exit $RC
+ fi
+@@ -369,7 +378,7 @@
+ RC=$?
+
+ if test $RC != 0 ; then
+- echo "ldapsearch failed at R2 slave ($RC)!"
++ echo "ldapsearch failed at P3 slave ($RC)!"
+ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID $P2SLAVEPID $P3SLAVEPID
+ exit $RC
+ fi
diff --git a/net/openldap23-server/pkg-deinstall b/net/openldap23-server/pkg-deinstall
new file mode 100644
index 000000000000..2a5ec1ef8f65
--- /dev/null
+++ b/net/openldap23-server/pkg-deinstall
@@ -0,0 +1,33 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+ECHO_CMD=echo
+
+case $2 in
+POST-DEINSTALL)
+ ${ECHO_CMD}
+ ${ECHO_CMD} "The OpenLDAP server package has been deleted."
+ ${ECHO_CMD} "If you're *not* upgrading and won't be using"
+ ${ECHO_CMD} "it any longer, you may want to issue the"
+ ${ECHO_CMD} "following commands:"
+ ${ECHO_CMD}
+ if [ -d %%DATABASEDIR%% ]; then
+ ${ECHO_CMD} "- to delete the OpenLDAP database permanently (losing all data):"
+ ${ECHO_CMD} " rm -Rf %%DATABASEDIR%%"
+ ${ECHO_CMD}
+ fi
+ if [ -d %%SLURPDIR%% ]; then
+ ${ECHO_CMD} "- to remove the OpenLDAP replication directory:"
+ ${ECHO_CMD} " rm -Rf %%SLURPDIR%%"
+ ${ECHO_CMD}
+ fi
+ ${ECHO_CMD} "- to remove the OpenLDAP user:"
+ ${ECHO_CMD} " pw userdel ldap"
+ ${ECHO_CMD}
+ ${ECHO_CMD} "If you are upgrading, don't forget to restart"
+ ${ECHO_CMD} "slapd and slurpd."
+ ${ECHO_CMD}
+ ;;
+esac
diff --git a/net/openldap23-server/pkg-install b/net/openldap23-server/pkg-install
index 47b2ea825164..ee0a9e8588bd 100644
--- a/net/openldap23-server/pkg-install
+++ b/net/openldap23-server/pkg-install
@@ -13,9 +13,9 @@ FTPUSERS=/etc/ftpusers
case $2 in
PRE-INSTALL)
if ! ${PW} usershow -n ldap >/dev/null 2>&1; then
+ ${ECHO_CMD}
if ! ${PW} groupshow -n ldap >/dev/null 2>&1; then
if ! ${PW} groupadd -n ldap -g 389; then
- ${ECHO_CMD}
${ECHO_CMD} "*** Failed to add a group ldap with id 389."
${ECHO_CMD}
${ECHO_CMD} "Please add the ldap user manually with"
@@ -24,12 +24,10 @@ PRE-INSTALL)
${ECHO_CMD} "and retry installing this package."
exit 1
fi
+ ${ECHO_CMD} "===> Group 'ldap' created."
fi
- if ${PW} useradd -n ldap -u 389 -g ldap -c 'OpenLDAP Server' \
+ if ! ${PW} useradd -n ldap -u 389 -g ldap -c 'OpenLDAP Server' \
-d /nonexistent -s /sbin/nologin -h -; then
- ${GREP} -qs '^ldap$' ${FTPUSERS} || ${ECHO_CMD} ldap >> ${FTPUSERS}
- else
- ${ECHO_CMD}
${ECHO_CMD} "*** Failed to add an user ldap with id 389."
${ECHO_CMD}
${ECHO_CMD} "Please add the ldap user manually with"
@@ -38,6 +36,8 @@ PRE-INSTALL)
${ECHO_CMD} "and retry installing this package."
exit 1
fi
+ ${GREP} -qs '^ldap$' ${FTPUSERS} || ${ECHO_CMD} ldap >> ${FTPUSERS}
+ ${ECHO_CMD} "===> Account 'ldap' created."
fi
;;
esac
diff --git a/net/openldap23-server/pkg-message b/net/openldap23-server/pkg-message
index 737d02348bdb..d130eb4d5a06 100644
--- a/net/openldap23-server/pkg-message
+++ b/net/openldap23-server/pkg-message
@@ -14,7 +14,7 @@ Then start the server with
or reboot.
Try `man slapd' and the online manual at
- http://www.OpenLDAP.org/doc/admin20/
+ http://www.OpenLDAP.org/devel/admin/
for more information.
NOTE: Some variable names have been changed to conform with rc.subr(8)
diff --git a/net/openldap23-server/pkg-message.client b/net/openldap23-server/pkg-message.client
index ef3234fa4b86..92ef70d0f99b 100644
--- a/net/openldap23-server/pkg-message.client
+++ b/net/openldap23-server/pkg-message.client
@@ -6,4 +6,8 @@ Edit
%%PREFIX%%/etc/openldap/ldap.conf
to change the system-wide client defaults.
+Try `man ldap.conf' and visit the OpenLDAP FAQ-O-Matic at
+ http://www.OpenLDAP.org/faq/index.cgi?file=3
+for more information.
+
************************************************************
diff --git a/net/openldap23-server/pkg-plist b/net/openldap23-server/pkg-plist
index d2c94faf8fe7..a36978413511 100644
--- a/net/openldap23-server/pkg-plist
+++ b/net/openldap23-server/pkg-plist
@@ -1,36 +1,10 @@
@comment $FreeBSD$
-@unexec %%RC_DIR%%/slapd%%RC_SUFX%% stop 2>/dev/null || true
-@unexec %%RC_DIR%%/slurpd%%RC_SUFX%% stop 2>/dev/null || true
+@unexec %%RC_DIR%%/slapd%%RC_SUFX%% stop 2>&1 >/dev/null || true
+@unexec %%RC_DIR%%/slurpd%%RC_SUFX%% stop 2>&1 >/dev/null || true
etc/openldap/schema/README
-@unexec if cmp -s %D/etc/openldap/schema/corba.schema %D/etc/openldap/schema/corba.schema.default; then rm -f %D/etc/openldap/schema/corba.schema; fi
-etc/openldap/schema/corba.schema.default
-@exec [ -f %B/corba.schema ] || cp %B/%f %B/corba.schema
-@unexec if cmp -s %D/etc/openldap/schema/core.schema %D/etc/openldap/schema/core.schema.default; then rm -f %D/etc/openldap/schema/core.schema; fi
-etc/openldap/schema/core.schema.default
-@exec [ -f %B/core.schema ] || cp %B/%f %B/core.schema
-@unexec if cmp -s %D/etc/openldap/schema/cosine.schema %D/etc/openldap/schema/cosine.schema.default; then rm -f %D/etc/openldap/schema/cosine.schema; fi
-etc/openldap/schema/cosine.schema.default
-@exec [ -f %B/cosine.schema ] || cp %B/%f %B/cosine.schema
-@unexec if cmp -s %D/etc/openldap/schema/inetorgperson.schema %D/etc/openldap/schema/inetorgperson.schema.default; then rm -f %D/etc/openldap/schema/inetorgperson.schema; fi
-etc/openldap/schema/inetorgperson.schema.default
-@exec [ -f %B/inetorgperson.schema ] || cp %B/%f %B/inetorgperson.schema
-@unexec if cmp -s %D/etc/openldap/schema/java.schema %D/etc/openldap/schema/java.schema.default; then rm -f %D/etc/openldap/schema/java.schema; fi
-etc/openldap/schema/java.schema.default
-@exec [ -f %B/java.schema ] || cp %B/%f %B/java.schema
-@unexec if cmp -s %D/etc/openldap/schema/misc.schema %D/etc/openldap/schema/misc.schema.default; then rm -f %D/etc/openldap/schema/misc.schema; fi
-etc/openldap/schema/misc.schema.default
-@exec [ -f %B/misc.schema ] || cp %B/%f %B/misc.schema
-@unexec if cmp -s %D/etc/openldap/schema/nis.schema %D/etc/openldap/schema/nis.schema.default; then rm -f %D/etc/openldap/schema/nis.schema; fi
-etc/openldap/schema/nis.schema.default
-@exec [ -f %B/nis.schema ] || cp %B/%f %B/nis.schema
-@unexec if cmp -s %D/etc/openldap/schema/openldap.schema %D/etc/openldap/schema/openldap.schema.default; then rm -f %D/etc/openldap/schema/openldap.schema; fi
-etc/openldap/schema/openldap.schema.default
-@exec [ -f %B/openldap.schema ] || cp %B/%f %B/openldap.schema
@unexec if cmp -s %D/etc/openldap/slapd.conf %D/etc/openldap/slapd.conf.default; then rm -f %D/etc/openldap/slapd.conf; fi
etc/openldap/slapd.conf.default
@exec [ -f %B/slapd.conf ] || cp %B/%f %B/slapd.conf
-@unexec rmdir %D/etc/openldap/schema 2>/dev/null || true
-@unexec rmdir %D/etc/openldap 2>/dev/null || true
%%SLAPI%%lib/libslapi.a
%%SLAPI%%lib/libslapi.so
%%SLAPI%%lib/libslapi.so.2
@@ -41,11 +15,8 @@ sbin/slapcat
sbin/slapindex
sbin/slappasswd
@exec mkdir -p %%LDAP_RUN_DIR%%
+@unexec rmdir %%LDAP_RUN_DIR%% 2>/dev/null || true
@exec mkdir -p %%DATABASEDIR%%
-@exec mkdir -p %%SLURPDIR%%
-@unexec rmdir %%LDAP_RUN_DIR%%
@unexec rmdir %%DATABASEDIR%% 2>/dev/null || true
+@exec mkdir -p %%SLURPDIR%%
@unexec rmdir %%SLURPDIR%% 2>/dev/null || true
-@cwd %%RC_DIR%%
-slapd%%RC_SUFX%%
-slurpd%%RC_SUFX%%
diff --git a/net/openldap24-server/Makefile b/net/openldap24-server/Makefile
index cac16f92b2a6..91c7ef445ee1 100644
--- a/net/openldap24-server/Makefile
+++ b/net/openldap24-server/Makefile
@@ -6,7 +6,7 @@
#
PORTNAME= openldap
-PORTVERSION= ${OPENLDAP_VERSION}.a
+PORTVERSION= 2.2.2.b
PORTREVISION= ${OPENLDAP_PORTVERSION}
CATEGORIES= net databases
MASTER_SITES= ftp://ftp.OpenLDAP.org/pub/OpenLDAP/%SUBDIR%/ \
@@ -26,17 +26,14 @@ MASTER_SITES= ftp://ftp.OpenLDAP.org/pub/OpenLDAP/%SUBDIR%/ \
ftp://ftp.plig.org/pub/OpenLDAP/%SUBDIR%/
MASTER_SITE_SUBDIR= openldap-test
PKGNAMESUFFIX= ${OPENLDAP_PKGNAMESUFFIX}
-DISTNAME= openldap-${OPENLDAP_VERSION}alpha
+DISTNAME= ${PORTNAME}-${PORTVERSION:S/.b/beta/}
EXTRACT_SUFX= .tgz
MAINTAINER= eik@FreeBSD.org
COMMENT?= Open source LDAP server implementation
-OPENLDAP_VERSION= 2.2.0
-
LATEST_LINK= ${PKGNAMEPREFIX}openldap22${PKGNAMESUFFIX}
-CONFLICTS= openldap12-* \
- ${PKGNAMEPREFIX}${PORTNAME}-client-2.[013-9].*
+CONFLICTS= ${PKGNAMEPREFIX}${PORTNAME}-client-2.[013-9].*
WANT_OPENLDAP_VER?= 22
.if ${WANT_OPENLDAP_VER} != 22
@@ -48,26 +45,35 @@ OPENLDAP_PORTVERSION= 0
OPENLDAP_PKGNAMESUFFIX?=-client
OPENLDAP_PKGFILESUFX?= .client
+.if !defined(NOPORTDOCS)
+PORTDOCS= drafts rfc
+.endif
+
.if defined(USE_OPENLDAP)
.error You have `USE_OPENLDAP' defined either in your environment or in make(1) arguments.
.endif
.else
-OPENLDAP_PORTVERSION= 2
+OPENLDAP_PORTVERSION= 0
OPENLDAP_PKGNAMESUFFIX?=-server
OPENLDAP_PKGFILESUFX?=
-USE_OPENLDAP= yes
+RUN_DEPENDS= ${LOCALBASE}/lib/libldap.so.2:${PORTSDIR}/net/openldap22-client
CONFLICTS+= ${PKGNAMEPREFIX}${PORTNAME}-server-2.[013-9].*
.endif
-#USE_OPENSSL= yes
+USE_OPENSSL= yes
USE_REINPLACE= yes
USE_LIBTOOL_VER= 14
DESCR= ${PKGDIR}/pkg-descr${OPENLDAP_PKGFILESUFX}
-PLIST= ${WRKDIR}/pkg-plist
+PLIST= ${PKGDIR}/pkg-plist${OPENLDAP_PKGFILESUFX}
PKGINSTALL= ${WRKDIR}/pkg-install
PKGMESSAGE= ${WRKDIR}/pkg-message
+PKGDEINSTALL= ${WRKDIR}/pkg-deinstall
+
+SCHEMATA= corba core cosine \
+ dyngroup inetorgperson java \
+ misc nis openldap
LDAP_RUN_DIR?= ${DESTDIR}/var/run/openldap
LOCALSTATEDIR?= ${DESTDIR}/var/db
@@ -80,7 +86,8 @@ PLIST_SUB+= LDAP_RUN_DIR=${LDAP_RUN_DIR} \
SED_SCRIPT= -e 's,%%PREFIX%%,${PREFIX},g' \
-e 's,%%LDAP_RUN_DIR%%,${LDAP_RUN_DIR},g' \
- -e 's,%%DATABASEDIR%%,${DATABASEDIR},g'
+ -e 's,%%DATABASEDIR%%,${DATABASEDIR},g' \
+ -e 's,%%SLURPDIR%%,${SLURPDIR},g'
CONFIGURE_ARGS= --with-threads \
--with-tls=openssl \
@@ -177,8 +184,7 @@ CONFIGURE_ARGS+= --enable-wrappers
# end of client/server specific configuration
.endif
-# math.h uses _REENTRANT and stdio.h uses _THREAD_SAFE, so define both.
-CPPFLAGS+= -D_REENTRANT ${PTHREAD_CFLAGS} \
+CPPFLAGS+= ${PTHREAD_CFLAGS} \
-I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
@@ -242,9 +248,9 @@ post-build:
.for script in slapd slurpd
@${SED} ${SED_SCRIPT} ${FILESDIR}/${script}.sh >${WRKDIR}/${script}.sh
.endfor
-.for text in pkg-install pkg-message
- @if [ -f ${MASTERDIR}/${text}${OPENLDAP_PKGFILESUFX} ]; then \
- ${SED} ${SED_SCRIPT} ${MASTERDIR}/${text}${OPENLDAP_PKGFILESUFX} \
+.for text in pkg-install pkg-message pkg-deinstall
+ @if [ -f ${PKGDIR}/${text}${OPENLDAP_PKGFILESUFX} ]; then \
+ ${SED} ${SED_SCRIPT} ${PKGDIR}/${text}${OPENLDAP_PKGFILESUFX} \
>${WRKDIR}/${text}; \
fi
.endfor
@@ -256,18 +262,6 @@ test: build
.endif
pre-install:
- @${CP} ${MASTERDIR}/pkg-plist${OPENLDAP_PKGFILESUFX} ${PLIST}
-.if defined(CLIENT_ONLY)
-.if !defined(NOPORTDOCS)
- @for dir in rfc drafts; do \
- ${FIND} ${WRKSRC}/doc/$${dir} -maxdepth 1 -type f \
- | ${SED} -e "s,^${WRKSRC}/doc/,%%DOCSDIR%%/," \
- >>${PLIST}; \
- ${ECHO_CMD} "@dirrm %%DOCSDIR%%/$${dir}" >>${PLIST}; \
- done
- @${ECHO_CMD} "@dirrm %%DOCSDIR%%" >>${PLIST}
-.endif
-.endif
@if [ -f ${PKGINSTALL} ]; then \
${SETENV} "PKG_PREFIX=${PREFIX}" ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL; \
fi
@@ -276,15 +270,28 @@ post-install:
.if defined(CLIENT_ONLY)
.if !defined(NOPORTDOCS)
@${MKDIR} ${DOCSDIR}
- @for dir in rfc drafts; do \
+ @for dir in drafts rfc; do \
${MKDIR} ${DOCSDIR}/$${dir}; \
- ${FIND} ${WRKSRC}/doc/$${dir} -maxdepth 1 -type f \
- -exec ${INSTALL_DATA} {} ${DOCSDIR}/$${dir} \; ; \
+ ${INSTALL_DATA} ${WRKSRC}/doc/$${dir}/* ${DOCSDIR}/$${dir}; \
done
.endif
.else
+ @for schema in ${SCHEMATA}; do \
+ ${ECHO_CMD} "@unexec if cmp -s %D/etc/openldap/schema/$${schema}.schema" \
+ "%D/etc/openldap/schema/$${schema}.schema.default; then" \
+ "rm -f %D/etc/openldap/schema/$${schema}.schema; fi" >>${TMPPLIST}; \
+ ${ECHO_CMD} "etc/openldap/schema/$${schema}.schema.default" >>${TMPPLIST}; \
+ ${ECHO_CMD} "@exec [ -f %B/$${schema}.schema ] || cp %B/%f %B/$${schema}.schema" >>${TMPPLIST}; \
+ done
+ @${ECHO_CMD} "@unexec rmdir %D/etc/openldap/schema 2>/dev/null || true" >>${TMPPLIST}
+ @${ECHO_CMD} "@unexec rmdir %D/etc/openldap 2>/dev/null || true" >>${TMPPLIST}
+# currently the only way to participate in rcorder(8)
+ @if [ "${RC_DIR}" != "${PREFIX}" ]; then \
+ ${ECHO_CMD} "@cwd ${RC_DIR}" >>${TMPPLIST}; \
+ fi
.for script in slapd slurpd
@${INSTALL_SCRIPT} ${WRKDIR}/${script}.sh ${RC_DIR}/${script}${RC_SUFX}
+ @${ECHO_CMD} "${script}${RC_SUFX}" >>${TMPPLIST}
.endfor
@${MKDIR} ${LDAP_RUN_DIR}
.endif
diff --git a/net/openldap24-server/distinfo b/net/openldap24-server/distinfo
index eef25e637b2e..f719bfa9ac22 100644
--- a/net/openldap24-server/distinfo
+++ b/net/openldap24-server/distinfo
@@ -1 +1,3 @@
-MD5 (openldap-2.2.0alpha.tgz) = 72fe342067b717a37b9697898dacfa0a
+MD5 (openldap-2.2.2beta.tgz) = c5e58d6d518692e0de4841a6433a5956
+SHA1 (openldap-2.2.2beta.tgz) = 08b0f15c32f2b7ada33c2d0bf52ba135ae7a4637
+SIZE (openldap-2.2.2beta.tgz) = 2473910
diff --git a/net/openldap24-server/files/patch-libraries::liblunicode::ucstr.c b/net/openldap24-server/files/patch-libraries::liblunicode::ucstr.c
deleted file mode 100644
index b8044b524697..000000000000
--- a/net/openldap24-server/files/patch-libraries::liblunicode::ucstr.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- libraries/liblunicode/ucstr.c.orig Fri Apr 11 03:57:10 2003
-+++ libraries/liblunicode/ucstr.c Sun Jul 6 02:50:32 2003
-@@ -10,7 +10,7 @@
- #include <ac/string.h>
- #include <ac/stdlib.h>
-
--#include <lber.h>
-+#include <lber_pvt.h>
-
- #include <ldap_utf8.h>
- #include <ldap_pvt_uc.h>
diff --git a/net/openldap24-server/files/patch-libraries::liblutil::passwd.c b/net/openldap24-server/files/patch-libraries::liblutil::passwd.c
deleted file mode 100644
index 32de74e9ee11..000000000000
--- a/net/openldap24-server/files/patch-libraries::liblutil::passwd.c
+++ /dev/null
@@ -1,14 +0,0 @@
-#
-# ITS#2562: add missing arg to hash_lanman
-#
---- libraries/liblutil/passwd.c.orig Fri May 2 13:29:29 2003
-+++ libraries/liblutil/passwd.c Sun Jun 22 03:08:18 2003
-@@ -632,7 +632,7 @@
- {
- struct berval *hash;
-
-- hash = hash_lanman( scheme, cred );
-+ hash = hash_lanman( scheme, cred, text );
- return memcmp( &hash->bv_val[scheme->bv_len], passwd->bv_val, 32);
- }
- #endif /* SLAPD_LMHASH */
diff --git a/net/openldap24-server/files/patch-servers::slapd::back-perl b/net/openldap24-server/files/patch-servers::slapd::back-perl
deleted file mode 100644
index c6d024df3ed0..000000000000
--- a/net/openldap24-server/files/patch-servers::slapd::back-perl
+++ /dev/null
@@ -1,302 +0,0 @@
-diff -Nur servers/slapd/back-perl/add.c.orig servers/slapd/back-perl/add.c
---- servers/slapd/back-perl/add.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/add.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/bind.c.orig servers/slapd/back-perl/bind.c
---- servers/slapd/back-perl/bind.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/bind.c Thu Jun 5 11:44:06 2003
-@@ -13,18 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--/* init.c - initialize Perl backend */
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/close.c.orig servers/slapd/back-perl/close.c
---- servers/slapd/back-perl/close.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/close.c Thu Jun 5 11:44:06 2003
-@@ -13,18 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--/* init.c - initialize shell backend */
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/compare.c.orig servers/slapd/back-perl/compare.c
---- servers/slapd/back-perl/compare.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/compare.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "lutil.h"
- #include "perl_back.h"
-diff -Nur servers/slapd/back-perl/config.c.orig servers/slapd/back-perl/config.c
---- servers/slapd/back-perl/config.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/config.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/delete.c.orig servers/slapd/back-perl/delete.c
---- servers/slapd/back-perl/delete.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/delete.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/init.c.orig servers/slapd/back-perl/init.c
---- servers/slapd/back-perl/init.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/init.c Thu Jun 12 22:25:21 2003
-@@ -13,18 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
-- /* init.c - initialize shell backend */
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-@@ -37,7 +38,7 @@
-
- #ifdef SLAPD_PERL_DYNAMIC
-
--int back_perl_LTX_init_module(int argc, char *argv[])
-+int init_module(int argc, char *argv[])
- {
- BackendInfo bi;
-
-diff -Nur servers/slapd/back-perl/modify.c.orig servers/slapd/back-perl/modify.c
---- servers/slapd/back-perl/modify.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/modify.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/modrdn.c.orig servers/slapd/back-perl/modrdn.c
---- servers/slapd/back-perl/modrdn.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/modrdn.c Thu Jun 5 11:44:06 2003
-@@ -26,17 +26,19 @@
- *
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
-diff -Nur servers/slapd/back-perl/search.c.orig servers/slapd/back-perl/search.c
---- servers/slapd/back-perl/search.c.orig Sun May 25 03:56:59 2003
-+++ servers/slapd/back-perl/search.c Thu Jun 5 11:44:06 2003
-@@ -13,17 +13,19 @@
- * in file LICENSE in the top-level directory of the distribution.
- */
-
--#include "portable.h"
--
--#include <stdio.h>
-+#include <EXTERN.h>
-+#include <perl.h>
-+#undef _ /* #defined used by both Perl and ac/localize.h */
-
--#include "slap.h"
- #ifdef HAVE_WIN32_ASPERL
- #include "asperl_undefs.h"
- #endif
-
--#include <EXTERN.h>
--#include <perl.h>
-+#include "portable.h"
-+
-+#include <stdio.h>
-+
-+#include "slap.h"
-
- #include "perl_back.h"
-
diff --git a/net/openldap24-server/files/patch-servers::slapd::backend.c b/net/openldap24-server/files/patch-servers::slapd::backend.c
new file mode 100644
index 000000000000..663f1248838d
--- /dev/null
+++ b/net/openldap24-server/files/patch-servers::slapd::backend.c
@@ -0,0 +1,19 @@
+--- servers/slapd/backend.c Mon Oct 6 16:57:29 2003
++++ servers/slapd/backend.c Sun Oct 19 15:33:56 2003
+@@ -244,8 +244,6 @@
+ int i;
+ int rc = 0;
+
+- init_syncrepl();
+-
+ if( ! ( nBackendDB > 0 ) ) {
+ /* no databases */
+ #ifdef NEW_LOGGING
+@@ -377,6 +375,7 @@
+ if ( backendDB[i].syncinfo != NULL ) {
+ syncinfo_t *si = ( syncinfo_t * ) backendDB[i].syncinfo;
+ si->be = &backendDB[i];
++ init_syncrepl(si);
+ ldap_pvt_thread_mutex_lock( &syncrepl_rq.rq_mutex );
+ ldap_pvt_runqueue_insert( &syncrepl_rq, si->interval,
+ do_syncrepl, (void *) backendDB[i].syncinfo );
diff --git a/net/openldap24-server/files/patch-servers::slapd::config.c b/net/openldap24-server/files/patch-servers::slapd::config.c
new file mode 100644
index 000000000000..c33e1e964316
--- /dev/null
+++ b/net/openldap24-server/files/patch-servers::slapd::config.c
@@ -0,0 +1,51 @@
+--- servers/slapd/config.c Mon Oct 13 03:57:02 2003
++++ servers/slapd/config.c Sun Oct 19 15:33:56 2003
+@@ -2782,9 +2782,9 @@
+ ber_dupbv( &si->updatedn, &be->be_rootndn );
+ si->bindmethod = LDAP_AUTH_SIMPLE;
+ si->schemachecking = 0;
+- si->filterstr = "(objectclass=*)";
++ ber_str2bv( "(objectclass=*)", sizeof("(objectclass=*)")-1, 0, &si->filterstr );
+ if ( be->be_suffix && be->be_suffix[0].bv_val )
+- si->base = ch_strdup( be->be_suffix[0].bv_val );
++ ber_dupbv( &si->base, &be->be_nsuffix[0] );
+ si->scope = LDAP_SCOPE_SUBTREE;
+ si->attrsonly = 0;
+ si->attrs = (char **) ch_calloc( 1, sizeof( char * ));
+@@ -2914,14 +2914,11 @@
+ }
+ } else if ( !strncasecmp( cargv[ i ],
+ UPDATEDNSTR, sizeof( UPDATEDNSTR ) - 1 ) ) {
+- char *str;
+ struct berval updatedn = {0, NULL};
+ val = cargv[ i ] + sizeof( UPDATEDNSTR );
+- str = ch_strdup( val );
+- ber_str2bv( str, strlen(str), 1, &updatedn );
++ ber_str2bv( val, 0, 0, &updatedn );
++ ch_free( si->updatedn.bv_val );
+ dnNormalize( 0, NULL, NULL, &updatedn, &si->updatedn, NULL );
+- ch_free( str );
+- ch_free( updatedn.bv_val );
+ } else if ( !strncasecmp( cargv[ i ], BINDMETHSTR,
+ sizeof( BINDMETHSTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( BINDMETHSTR );
+@@ -2987,11 +2984,17 @@
+ } else if ( !strncasecmp( cargv[ i ],
+ FILTERSTR, sizeof( FILTERSTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( FILTERSTR );
+- si->filterstr = ch_strdup( val );
++ ber_str2bv( val, 0, 1, &si->filterstr );
+ } else if ( !strncasecmp( cargv[ i ],
+ SEARCHBASESTR, sizeof( SEARCHBASESTR ) - 1 ) ) {
++ struct berval bv;
+ val = cargv[ i ] + sizeof( SEARCHBASESTR );
+- si->base = ch_strdup( val );
++ ch_free( si->base.bv_val );
++ ber_str2bv( val, 0, 0, &bv );
++ if ( dnNormalize( 0, NULL, NULL, &bv, &si->base, NULL )) {
++ fprintf( stderr, "Invalid base DN \"%s\"\n", val );
++ return 1;
++ }
+ } else if ( !strncasecmp( cargv[ i ],
+ SCOPESTR, sizeof( SCOPESTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( SCOPESTR );
diff --git a/net/openldap24-server/files/patch-servers::slapd::daemon.c b/net/openldap24-server/files/patch-servers::slapd::daemon.c
new file mode 100644
index 000000000000..09e9b11f9704
--- /dev/null
+++ b/net/openldap24-server/files/patch-servers::slapd::daemon.c
@@ -0,0 +1,32 @@
+--- servers/slapd/daemon.c Mon Oct 13 03:57:02 2003
++++ servers/slapd/daemon.c Sun Oct 19 15:33:56 2003
+@@ -1357,8 +1357,8 @@
+ ldap_pvt_thread_mutex_unlock( &syncrepl_rq.rq_mutex );
+ ldap_pvt_thread_pool_submit( &connection_pool,
+ rtask->routine, (void *) rtask );
++ ldap_pvt_thread_mutex_lock( &syncrepl_rq.rq_mutex );
+ }
+- ldap_pvt_thread_mutex_lock( &syncrepl_rq.rq_mutex );
+ rtask = ldap_pvt_runqueue_next_sched( &syncrepl_rq, &cat );
+ }
+ ldap_pvt_thread_mutex_unlock( &syncrepl_rq.rq_mutex );
+@@ -2077,18 +2077,10 @@
+ * SIGBREAK is generated when a user logs out.
+ */
+
+-#if 0
+ #if HAVE_NT_SERVICE_MANAGER && SIGBREAK
+ if (is_NT_Service && sig == SIGBREAK)
+-#ifdef NEW_LOGGING
+- LDAP_LOG( CONNECTION, CRIT,
+- "slap_sig_shutdown: SIGBREAK ignored.\n", 0, 0, 0 );
+-#else
+- Debug(LDAP_DEBUG_TRACE, "slap_sig_shutdown: SIGBREAK ignored.\n",
+- 0, 0, 0);
+-#endif
++ ;
+ else
+-#endif
+ #endif
+ #ifdef SIGHUP
+ if (sig == SIGHUP && global_gentlehup && slapd_gentle_shutdown == 0)
diff --git a/net/openldap24-server/files/patch-servers::slapd::proto-slap.h b/net/openldap24-server/files/patch-servers::slapd::proto-slap.h
new file mode 100644
index 000000000000..ebcf93bccc24
--- /dev/null
+++ b/net/openldap24-server/files/patch-servers::slapd::proto-slap.h
@@ -0,0 +1,20 @@
+--- servers/slapd/proto-slap.h Mon Oct 13 03:57:02 2003
++++ servers/slapd/proto-slap.h Sun Oct 19 15:33:56 2003
+@@ -1175,16 +1175,10 @@
+ * syncrepl.c
+ */
+
+-LDAP_SLAPD_V( const struct berval ) slap_syncrepl_bvc;
+-LDAP_SLAPD_V( const struct berval ) slap_syncrepl_cn_bvc;
+-
+ LDAP_SLAPD_V (struct runqueue_s) syncrepl_rq;
+
+-LDAP_SLAPD_F (void) init_syncrepl LDAP_P(());
++LDAP_SLAPD_F (void) init_syncrepl LDAP_P((syncinfo_t *));
+ LDAP_SLAPD_F (void*) do_syncrepl LDAP_P((void *, void *));
+-LDAP_SLAPD_F (int) ldap_sync_search LDAP_P((
+- syncinfo_t *, LDAP *, LDAPControl **,
+- LDAPControl **, int *));
+ LDAP_SLAPD_F (Entry*) syncrepl_message_to_entry LDAP_P((
+ syncinfo_t *, LDAP *, Operation *, LDAPMessage *,
+ Modifications **, int*, struct berval *, struct berval * ));
diff --git a/net/openldap24-server/files/patch-servers::slapd::slap.h b/net/openldap24-server/files/patch-servers::slapd::slap.h
new file mode 100644
index 000000000000..a50dc46db29a
--- /dev/null
+++ b/net/openldap24-server/files/patch-servers::slapd::slap.h
@@ -0,0 +1,40 @@
+--- servers/slapd/slap.h Mon Oct 6 16:57:29 2003
++++ servers/slapd/slap.h Sun Oct 19 15:33:56 2003
+@@ -451,11 +451,18 @@
+ */
+ #define SLAP_MR_VALUE_OF_ASSERTION_SYNTAX 0x0001U
+ #define SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX 0x0002U
++#define SLAP_MR_VALUE_OF_SYNTAX 0x0003U
+
+ #define SLAP_MR_IS_VALUE_OF_ATTRIBUTE_SYNTAX( usage ) \
+ ((usage) & SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX )
+ #define SLAP_MR_IS_VALUE_OF_ASSERTION_SYNTAX( usage ) \
+ ((usage) & SLAP_MR_VALUE_OF_ASSERTION_SYNTAX )
++#ifdef LDAP_DEBUG
++#define SLAP_MR_IS_VALUE_OF_SYNTAX( usage ) \
++ ((usage) & SLAP_MR_VALUE_OF_SYNTAX)
++#else
++#define SLAP_MR_IS_VALUE_OF_SYNTAX( usage ) (1)
++#endif
+
+ /* either or both the asserted value or attribute value
+ * may be provided in normalized form
+@@ -1311,8 +1318,8 @@
+ char *srvtab;
+ int schemachecking;
+ Filter *filter;
+- char *filterstr;
+- char *base;
++ struct berval filterstr;
++ struct berval base;
+ int scope;
+ int attrsonly;
+ char **attrs;
+@@ -1980,7 +1987,6 @@
+
+ ValuesReturnFilter *o_vrFilter; /* ValuesReturnFilter */
+
+- syncinfo_t* o_si;
+ int o_nocaching;
+
+ #ifdef LDAP_SLAPI
diff --git a/net/openldap24-server/files/patch-servers::slapd::syncrepl.c b/net/openldap24-server/files/patch-servers::slapd::syncrepl.c
new file mode 100644
index 000000000000..950f459f1937
--- /dev/null
+++ b/net/openldap24-server/files/patch-servers::slapd::syncrepl.c
@@ -0,0 +1,1310 @@
+--- servers/slapd/syncrepl.c Mon Oct 13 03:57:03 2003
++++ servers/slapd/syncrepl.c Sun Oct 19 15:33:56 2003
+@@ -19,6 +19,12 @@
+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
+ * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ */
++/* Modified by Howard Chu
++ *
++ * Copyright (c) 2003 by Howard Chu, Symas Corporation
++ *
++ * Modifications provided under the terms of the OpenLDAP public license.
++ */
+
+ #include "portable.h"
+
+@@ -26,7 +32,6 @@
+
+ #include <ac/string.h>
+ #include <ac/socket.h>
+-#include <db.h>
+
+ #include "ldap_pvt.h"
+ #include "lutil.h"
+@@ -35,106 +40,142 @@
+
+ #include "ldap_rq.h"
+
+-static const struct berval slap_syncrepl_bvc = BER_BVC("syncreplxxx");
+-static const struct berval slap_syncrepl_cn_bvc = BER_BVC("cn=syncreplxxx");
++#ifdef LDAP_SLAPI
++#include "slapi.h"
++#endif
++
++#define SYNCREPL_STR "syncreplxxx"
++#define CN_STR "cn="
++
++static const struct berval slap_syncrepl_bvc = BER_BVC(SYNCREPL_STR);
++static const struct berval slap_syncrepl_cn_bvc = BER_BVC(CN_STR SYNCREPL_STR);
+
+ static void
+-syncrepl_del_nonpresent( LDAP *, Operation * );
++syncrepl_del_nonpresent( LDAP *, Operation *, syncinfo_t * );
+
+ /* callback functions */
+-static int cookie_callback( struct slap_op *, struct slap_rep * );
+ static int dn_callback( struct slap_op *, struct slap_rep * );
+ static int nonpresent_callback( struct slap_op *, struct slap_rep * );
+ static int null_callback( struct slap_op *, struct slap_rep * );
+-static int contextcsn_callback( Operation*, SlapReply* );
+
+-static AttributeDescription **sync_descs;
++static AttributeDescription *sync_descs[4];
+
+ struct runqueue_s syncrepl_rq;
+
+ void
+-init_syncrepl()
++init_syncrepl(syncinfo_t *si)
+ {
+- sync_descs = ch_malloc( 4 * sizeof( AttributeDescription * ));
+- sync_descs[0] = slap_schema.si_ad_objectClass;
+- sync_descs[1] = slap_schema.si_ad_structuralObjectClass;
+- sync_descs[2] = slap_schema.si_ad_entryCSN;
+- sync_descs[3] = NULL;
++ int i, j, k, n;
++ char **tmp;
++
++ if ( !sync_descs[0] ) {
++ sync_descs[0] = slap_schema.si_ad_objectClass;
++ sync_descs[1] = slap_schema.si_ad_structuralObjectClass;
++ sync_descs[2] = slap_schema.si_ad_entryCSN;
++ sync_descs[3] = NULL;
++ }
++
++ for ( n = 0; si->attrs[ n ] != NULL; n++ ) ;
++
++ if ( n ) {
++ /* Delete Attributes */
++ for ( i = 0; sync_descs[i] != NULL; i++ ) {
++ for ( j = 0; si->attrs[j] != NULL; j++ ) {
++ if ( !strcmp( si->attrs[j], sync_descs[i]->ad_cname.bv_val )) {
++ ch_free( si->attrs[j] );
++ for ( k = j; si->attrs[k] != NULL; k++ ) {
++ si->attrs[k] = si->attrs[k+1];
++ }
++ }
++ }
++ }
++ for ( n = 0; si->attrs[ n ] != NULL; n++ );
++ tmp = ( char ** ) ch_realloc( si->attrs, ( n + 4 ) * sizeof( char * ));
++ if ( tmp == NULL ) {
++#ifdef NEW_LOGGING
++ LDAP_LOG( OPERATION, ERR, "out of memory\n", 0,0,0 );
++#else
++ Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 );
++#endif
++ }
++ } else {
++ tmp = ( char ** ) ch_realloc( si->attrs, 5 * sizeof( char * ));
++ if ( tmp == NULL ) {
++#ifdef NEW_LOGGING
++ LDAP_LOG( OPERATION, ERR, "out of memory\n", 0,0,0 );
++#else
++ Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 );
++#endif
++ }
++ tmp[ n++ ] = ch_strdup( "*" );
++ }
++
++ si->attrs = tmp;
++
++ /* Add Attributes */
++
++ for ( i = 0; sync_descs[ i ] != NULL; i++ ) {
++ si->attrs[ n++ ] = ch_strdup ( sync_descs[i]->ad_cname.bv_val );
++ si->attrs[ n ] = NULL;
++ }
+ }
+
+-int
++static int
+ ldap_sync_search(
+ syncinfo_t *si,
+ LDAP *ld,
+- LDAPControl **sctrls,
+- LDAPControl **cctrls,
++ void *ctx,
+ int *msgidp )
+ {
+- BerElement *ber;
+- int timelimit;
+- ber_int_t id;
+-
+- int rc;
+- BerElement *sync_ber = NULL;
+- struct berval *sync_bvalp = NULL;
+- LDAPControl c[2];
+- LDAPControl **ctrls;
+- int err;
++ BerElementBuffer berbuf;
++ BerElement *ber = (BerElement *)&berbuf;
++ LDAPControl c[2], *ctrls[3];
+ struct timeval timeout;
++ int rc;
+
+- /* setup LDAP SYNC control */
+- sync_ber = ber_alloc_t( LBER_USE_DER );
+- ber_set_option( sync_ber, LBER_OPT_BER_MEMCTX, NULL );
+-
+- if ( si->syncCookie ) {
+- ber_printf( sync_ber, "{eO}", abs(si->type), si->syncCookie );
+- } else {
+- ber_printf( sync_ber, "{e}", abs(si->type) );
+- }
+-
+- if ( ber_flatten( sync_ber, &sync_bvalp ) == LBER_ERROR ) {
+- ber_free( sync_ber, 1 );
+- return LBER_ERROR;
+- }
+- ber_free( sync_ber, 1 );
+-
+- ctrls = (LDAPControl**) sl_calloc( 3, sizeof(LDAPControl*), NULL );
+-
+- c[0].ldctl_oid = LDAP_CONTROL_SYNC;
+- c[0].ldctl_value = (*sync_bvalp);
+- c[0].ldctl_iscritical = si->type < 0;
+- ctrls[0] = &c[0];
+-
+- if ( si->authzId ) {
+- c[1].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
+- c[1].ldctl_value.bv_val = si->authzId;
+- c[1].ldctl_value.bv_len = strlen( si->authzId );
+- c[1].ldctl_iscritical = 1;
+- ctrls[1] = &c[1];
+- } else {
+- ctrls[1] = NULL;
+- }
+-
+- ctrls[2] = NULL;
++ /* setup LDAP SYNC control */
++ ber_init2( ber, NULL, LBER_USE_DER );
++ ber_set_option( ber, LBER_OPT_BER_MEMCTX, &ctx );
+
+- err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, ctrls );
++ if ( si->syncCookie ) {
++ ber_printf( ber, "{eO}", abs(si->type), si->syncCookie );
++ } else {
++ ber_printf( ber, "{e}", abs(si->type) );
++ }
++
++ if ( (rc = ber_flatten2( ber, &c[0].ldctl_value, 0 )) == LBER_ERROR ) {
++ ber_free_buf( ber );
++ return rc;
++ }
+
+- ber_bvfree( sync_bvalp );
+- ch_free( ctrls );
++ c[0].ldctl_oid = LDAP_CONTROL_SYNC;
++ c[0].ldctl_iscritical = si->type < 0;
++ ctrls[0] = &c[0];
+
+- if ( err != LDAP_OPT_SUCCESS )
+- fprintf( stderr, "Could not set controls : %d\n", err );
++ if ( si->authzId ) {
++ c[1].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
++ ber_str2bv( si->authzId, 0, 0, &c[1].ldctl_value );
++ c[1].ldctl_iscritical = 1;
++ ctrls[1] = &c[1];
++ ctrls[2] = NULL;
++ } else {
++ ctrls[1] = NULL;
++ }
+
+ timeout.tv_sec = si->tlimit > 0 ? si->tlimit : 1;
++ timeout.tv_usec = 0;
+
+- rc = ldap_search_ext( ld, si->base, si->scope, si->filterstr,
+- si->attrs, si->attrsonly, sctrls, cctrls,
++ rc = ldap_search_ext( ld, si->base.bv_val, si->scope, si->filterstr.bv_val,
++ si->attrs, si->attrsonly, ctrls, NULL,
+ si->tlimit < 0 ? NULL : &timeout,
+ si->slimit, msgidp );
++ ber_free_buf( ber );
+
+ return rc;
+ }
+
++static const Listener dummy_list = { {0, ""}, {0, ""} };
++
+ void *
+ do_syncrepl(
+ void *ctx,
+@@ -142,18 +183,11 @@
+ {
+ struct re_s* rtask = arg;
+ syncinfo_t *si = ( syncinfo_t * ) rtask->arg;
+- Backend *be = si->be;
+-
+- SlapReply rs = {REP_RESULT};
++ Backend *be;
+
+- LDAPControl c[2];
+- LDAPControl **sctrls = NULL;
+ LDAPControl **rctrls = NULL;
+ LDAPControl *rctrlp = NULL;
+- BerElement *sync_ber = NULL;
+- struct berval *sync_bvalp = NULL;
+
+- BerElement *ctrl_ber = NULL;
+ BerElement *res_ber = NULL;
+
+ LDAP *ld = NULL;
+@@ -162,10 +196,6 @@
+
+ ber_int_t msgid;
+
+- int nresponses, nreferences, nextended, npartial;
+- int nresponses_psearch;
+-
+- int cancel_msgid = -1;
+ char *retoid = NULL;
+ struct berval *retdata = NULL;
+
+@@ -182,31 +212,20 @@
+ ber_len_t len;
+ int syncinfo_arrived = 0;
+
+- char **tmp = NULL;
+- AttributeDescription** descs = NULL;
+-
+- Connection conn;
++ Connection conn = {0};
+ Operation op = {0};
+ slap_callback cb;
+
+ void *memctx = NULL;
+ ber_len_t memsiz;
+
+- int i, j, k, n;
+ int rc_efree;
+
+- struct berval base_bv = { 0, NULL };
+- struct berval pbase = { 0, NULL };
+- struct berval nbase = { 0, NULL };
+- struct berval psubrdn = { 0, NULL };
+- struct berval nsubrdn = { 0, NULL };
+ struct berval psub = { 0, NULL };
+- struct berval nsub = { 0, NULL };
+ Modifications *modlist = NULL;
+- Modifications *ml, *mlnext;
+- char *def_filter_str = NULL;
+
+- struct berval slap_syncrepl_bv = BER_BVNULL;
++ char syncrepl_cbuf[sizeof(CN_STR SYNCREPL_STR)];
++ struct berval syncrepl_cn_bv = {sizeof(syncrepl_cbuf)-1, syncrepl_cbuf};
+
+ const char *text;
+ int match;
+@@ -224,7 +243,7 @@
+ return NULL;
+
+ if ( abs(si->type) != LDAP_SYNC_REFRESH_ONLY &&
+- abs(si->type) != LDAP_SYNC_REFRESH_AND_PERSIST ) {
++ abs(si->type) != LDAP_SYNC_REFRESH_AND_PERSIST ) {
+ return NULL;
+ }
+
+@@ -235,14 +254,15 @@
+ rc = ldap_initialize( &ld, si->provideruri );
+ if ( rc != LDAP_SUCCESS ) {
+ #ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR, "do_syncrepl: "
+- "ldap_initialize failed (%s)\n",
++ LDAP_LOG( OPERATION, ERR,
++ "do_syncrepl: ldap_initialize failed (%s)\n",
+ si->provideruri, 0, 0 );
+ #else
+- Debug( LDAP_DEBUG_ANY, "do_syncrepl: "
+- "ldap_initialize failed (%s)\n",
++ Debug( LDAP_DEBUG_ANY,
++ "do_syncrepl: ldap_initialize failed (%s)\n",
+ si->provideruri, 0, 0 );
+ #endif
++ return NULL;
+ }
+
+ op.o_protocol = LDAP_VERSION3;
+@@ -293,10 +313,10 @@
+
+ defaults = lutil_sasl_defaults( ld,
+ si->saslmech,
+- si->realm,
+- si->authcId,
+- si->passwd,
+- si->authzId );
++ si->realm,
++ si->authcId,
++ si->passwd,
++ si->authzId );
+
+ rc = ldap_sasl_interactive_bind_s( ld,
+ si->binddn,
+@@ -306,6 +326,8 @@
+ lutil_sasl_interact,
+ defaults );
+
++ lutil_sasl_freedefs( defaults );
++
+ /* FIXME : different error behaviors according to
+ 1) return code
+ 2) on err policy : exit, retry, backoff ...
+@@ -343,6 +365,16 @@
+ /* set thread context in syncinfo */
+ si->ctx = ctx;
+
++ be = si->be;
++
++ si->conn = &conn;
++ conn.c_connid = -1;
++ conn.c_send_ldap_result = slap_send_ldap_result;
++ conn.c_send_search_entry = slap_send_search_entry;
++ conn.c_send_search_reference = slap_send_search_reference;
++ conn.c_listener = (Listener *)&dummy_list;
++ conn.c_peer_name = slap_empty_bv;
++
+ /* set memory context */
+ #define SLAB_SIZE 1048576
+ memsiz = SLAB_SIZE;
+@@ -350,119 +382,44 @@
+ op.o_tmpmemctx = memctx;
+ op.o_tmpmfuncs = &sl_mfuncs;
+
+- op.o_si = si;
+- op.o_tag = LDAP_REQ_SEARCH;
+ op.o_dn = si->updatedn;
+ op.o_ndn = si->updatedn;
+ op.o_callback = &cb;
+ op.o_time = slap_get_time();
+- op.o_managedsait = 1;
+ op.o_threadctx = si->ctx;
++ op.o_managedsait = 1;
+ op.o_bd = be;
+ op.o_conn = &conn;
+ op.o_connid = op.o_conn->c_connid;
+- op.ors_scope = LDAP_SCOPE_BASE;
+- op.ors_deref = LDAP_DEREF_NEVER;
+- op.ors_slimit = 0;
+- op.ors_tlimit = 0;
+- op.ors_attrsonly = 0;
+- op.ors_attrs = NULL;
+- op.ors_filter = str2filter_x( &op, def_filter_str = "(objectClass=*)" );
+- ber_str2bv( def_filter_str, 0, 0, &op.ors_filterstr );
+-
+- si->conn = &conn;
+- conn.c_send_ldap_result = slap_send_ldap_result;
+- conn.c_send_search_entry = slap_send_search_entry;
+- conn.c_send_search_reference = slap_send_search_reference;
++#if defined( LDAP_SLAPI )
++ op.o_pb = slapi_pblock_new();
++ slapi_x_create_object_extensions( SLAPI_X_EXT_OPERATION, &op );
++#endif /* defined( LDAP_SLAPI ) */
+
+ /* get syncrepl cookie of shadow replica from subentry */
+- ber_str2bv( si->base, 0, 0, &base_bv );
+- dnPrettyNormal( 0, &base_bv, &pbase, &nbase, op.o_tmpmemctx );
+-
+- ber_dupbv( &slap_syncrepl_bv, (struct berval *) &slap_syncrepl_bvc );
+- slap_syncrepl_bv.bv_len = snprintf( slap_syncrepl_bv.bv_val,
+- slap_syncrepl_bvc.bv_len,
+- "syncrepl%d", si->id );
+- build_new_dn( &op.o_req_dn, &pbase, &slap_syncrepl_bv, op.o_tmpmemctx );
+- build_new_dn( &op.o_req_ndn, &nbase, &slap_syncrepl_bv, op.o_tmpmemctx );
+
+- /* set callback function */
+- cb.sc_response = cookie_callback;
+- cb.sc_private = si;
++ snprintf(syncrepl_cbuf, sizeof(syncrepl_cbuf), CN_STR "syncrepl%d",
++ si->id );
++ build_new_dn( &op.o_req_ndn, &si->base, &syncrepl_cn_bv, op.o_tmpmemctx );
++ op.o_req_dn = op.o_req_ndn;
+
+- /* search subentry to retrieve cookie */
+ si->syncCookie = NULL;
+- be->be_search( &op, &rs );
+-
+- if ( op.o_req_dn.bv_val )
+- ch_free( op.o_req_dn.bv_val );
+- if ( op.o_req_ndn.bv_val )
+- ch_free( op.o_req_ndn.bv_val );
+- if ( op.ors_filter )
+- filter_free( op.ors_filter );
+- if ( op.ors_filterstr.bv_val )
+- ch_free( op.ors_filterstr.bv_val );
+- if ( slap_syncrepl_bv.bv_val )
+- ch_free( slap_syncrepl_bv.bv_val );
+- if ( pbase.bv_val )
+- ch_free( pbase.bv_val );
+- if ( nbase.bv_val )
+- ch_free( nbase.bv_val );
++ backend_attribute( &op, NULL, &op.o_req_ndn,
++ slap_schema.si_ad_syncreplCookie, &si->syncCookie );
+
+ ber_dupbv( &syncCookie_req, si->syncCookie );
+
+ psub = be->be_nsuffix[0];
+
+- for ( n = 0; si->attrs[ n ] != NULL; n++ ) ;
+-
+- if ( n != 0 ) {
+- /* Delete Attributes */
+- descs = sync_descs;
+- for ( i = 0; descs[i] != NULL; i++ ) {
+- for ( j = 0; si->attrs[j] != NULL; j++ ) {
+- if ( !strcmp( si->attrs[j], descs[i]->ad_cname.bv_val )) {
+- ch_free( si->attrs[j] );
+- for ( k = j; si->attrs[k] != NULL; k++ ) {
+- si->attrs[k] = si->attrs[k+1];
+- }
+- }
+- }
+- }
+- for ( n = 0; si->attrs[ n ] != NULL; n++ );
+- tmp = ( char ** ) ch_realloc( si->attrs, ( n + 4 ) * sizeof( char * ));
+- if ( tmp == NULL ) {
+-#ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR, "out of memory\n", 0,0,0 );
+-#else
+- Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 );
+-#endif
+- }
+- } else {
+- tmp = ( char ** ) ch_realloc( si->attrs, 5 * sizeof( char * ));
+- if ( tmp == NULL ) {
++ rc = ldap_sync_search( si, ld, memctx, &msgid );
++ if( rc != LDAP_SUCCESS ) {
+ #ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR, "out of memory\n", 0,0,0 );
++ LDAP_LOG ( OPERATION, ERR, "do_syncrepl: "
++ "ldap_search_ext: %s (%d)\n", ldap_err2string( rc ), rc, 0 );
+ #else
+- Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 );
++ Debug( LDAP_DEBUG_ANY, "do_syncrepl: "
++ "ldap_search_ext: %s (%d)\n", ldap_err2string( rc ), rc, 0 );
+ #endif
+- }
+- tmp[ n++ ] = ch_strdup( "*" );
+- }
+-
+- descs = sync_descs;
+- si->attrs = tmp;
+-
+- /* Add Attributes */
+-
+- for ( i = 0; descs[ i ] != NULL; i++ ) {
+- si->attrs[ n++ ] = ch_strdup ( descs[i]->ad_cname.bv_val );
+- si->attrs[ n ] = NULL;
+- }
+-
+- rc = ldap_sync_search( si, ld, NULL, NULL, &msgid );
+- if( rc != LDAP_SUCCESS ) {
+- fprintf( stderr, "syncrepl: ldap_search_ext: %s (%d)\n",
+- ldap_err2string( rc ), rc );
+ return NULL;
+ }
+
+@@ -473,7 +430,6 @@
+ }
+
+ while (( rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ONE, tout_p, &res )) >= 0 ) {
+-
+ if ( rc == 0 ) {
+ if ( slapd_abrupt_shutdown ) {
+ break;
+@@ -483,8 +439,8 @@
+ }
+
+ for ( msg = ldap_first_message( ld, res );
+- msg != NULL;
+- msg = ldap_next_message( ld, msg ) )
++ msg != NULL;
++ msg = ldap_next_message( ld, msg ) )
+ {
+ syncCookie.bv_len = 0; syncCookie.bv_val = NULL;
+ switch( ldap_msgtype( msg ) ) {
+@@ -517,17 +473,18 @@
+ case LDAP_RES_SEARCH_RESULT:
+ ldap_parse_result( ld, msg, &err, NULL, NULL, NULL, &rctrls, 0 );
+ if ( rctrls ) {
++ BerElementBuffer berbuf;
++ BerElement *ctrl_ber;
+ rctrlp = *rctrls;
+- ctrl_ber = ber_alloc_t( LBER_USE_DER );
+- ber_set_option( ctrl_ber, LBER_OPT_BER_MEMCTX, &op.o_tmpmemctx );
+- ber_write( ctrl_ber, rctrlp->ldctl_value.bv_val, rctrlp->ldctl_value.bv_len, 0 );
+- ber_reset( ctrl_ber, 1 );
++ ctrl_ber = (BerElement *)&berbuf;
++ ber_init2( ctrl_ber, &rctrlp->ldctl_value, LBER_USE_DER );
+
+ ber_scanf( ctrl_ber, "{" /*"}"*/);
+ if ( ber_peek_tag( ctrl_ber, &len )
+ == LDAP_SYNC_TAG_COOKIE ) {
+ ber_scanf( ctrl_ber, "o", &syncCookie );
+ }
++ ldap_controls_free( rctrls );
+ }
+ value_match( &match, slap_schema.si_ad_entryCSN,
+ slap_schema.si_ad_entryCSN->ad_type->sat_ordering,
+@@ -541,8 +498,6 @@
+ if ( syncCookie.bv_len && match < 0) {
+ syncrepl_updateCookie( si, ld, &op, &psub, &syncCookie );
+ }
+- if ( ctrl_ber )
+- ber_free( ctrl_ber, 1 );
+ goto done;
+ } else {
+ /* FIXME : different error behaviors according to
+@@ -553,10 +508,8 @@
+ syncrepl_updateCookie( si, ld, &op, &psub, &syncCookie);
+ }
+ if ( si->sync_mode == LDAP_SYNC_STATE_MODE && match < 0 ) {
+- syncrepl_del_nonpresent( ld, &op );
++ syncrepl_del_nonpresent( ld, &op, si );
+ }
+- if ( ctrl_ber )
+- ber_free( ctrl_ber, 1 );
+ goto done;
+ }
+ break;
+@@ -595,7 +548,7 @@
+
+ if ( syncstate == LDAP_SYNC_STATE_MODE_DONE ) {
+ if ( match < 0 ) {
+- syncrepl_del_nonpresent( ld, &op );
++ syncrepl_del_nonpresent( ld, &op, si );
+ }
+ si->sync_mode = LDAP_SYNC_LOG_MODE;
+ } else if ( syncstate == LDAP_SYNC_LOG_MODE_DONE ) {
+@@ -643,10 +596,14 @@
+ break;
+
+ }
+- if ( syncCookie.bv_val )
++ if ( syncCookie.bv_val ) {
+ ch_free( syncCookie.bv_val );
+- if ( syncUUID.bv_val )
++ syncCookie.bv_val = NULL;
++ }
++ if ( syncUUID.bv_val ) {
+ ch_free( syncUUID.bv_val );
++ syncUUID.bv_val = NULL;
++ }
+ }
+ ldap_msgfree( res );
+ }
+@@ -668,6 +625,11 @@
+ }
+
+ done:
++#if defined( LDAP_SLAPI )
++ if ( op.o_pb ) slapi_pblock_destroy( op.o_pb );
++ slapi_x_free_object_extensions( SLAPI_X_EXT_OPERATION, &op );
++#endif /* defined( LDAP_SLAPI ) */
++
+ if ( syncCookie.bv_val )
+ ch_free( syncCookie.bv_val );
+ if ( syncCookie_req.bv_val )
+@@ -704,37 +666,22 @@
+ struct berval *syncCookie
+ )
+ {
+- Entry *e;
++ Entry *e = NULL;
+ BerElement *ber = NULL;
+- BerElement *tmpber;
+- struct berval bv = {0, NULL};
+ Modifications tmp;
+ Modifications *mod;
+ Modifications **modtail = modlist;
+- Backend *be = op->o_bd;
+
+ const char *text;
+ char txtbuf[SLAP_TEXT_BUFLEN];
+ size_t textlen = sizeof txtbuf;
+
+- struct berval **bvals = NULL;
+- char *dn;
+- struct berval bdn = {0, NULL};
+- Attribute *attr;
+- struct berval empty_bv = { 0, NULL };
++ struct berval bdn = {0, NULL}, dn, ndn;
+ int rc;
+- char *a;
+
+ ber_len_t len;
+ LDAPControl* rctrlp;
+ LDAPControl** rctrls = NULL;
+- BerElement* ctrl_ber;
+-
+- ber_tag_t tag;
+-
+- Modifications *ml = NULL;
+- AttributeDescription** descs;
+- int i;
+
+ *modlist = NULL;
+
+@@ -751,61 +698,7 @@
+
+ op->o_tag = LDAP_REQ_ADD;
+
+- rc = ldap_get_dn_ber( ld, msg, &ber, &bdn );
+-
+- if ( rc != LDAP_SUCCESS ) {
+-#ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR,
+- "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 );
+-#else
+- Debug( LDAP_DEBUG_ANY,
+- "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 );
+-#endif
+- return NULL;
+- }
+-
+- e = ( Entry * ) ch_calloc( 1, sizeof( Entry ));
+- dnPrettyNormal( NULL, &bdn, &e->e_name, &e->e_nname, NULL );
+-
+- e->e_attrs = NULL;
+-
+- while ( ber_remaining( ber ) ) {
+- tag = ber_scanf( ber, "{mW}", &tmp.sml_type, &tmp.sml_values );
+-
+- if ( tag == LBER_ERROR ) break;
+- if ( tmp.sml_type.bv_val == NULL ) break;
+-
+- mod = (Modifications *) ch_malloc( sizeof( Modifications ));
+-
+- mod->sml_op = LDAP_MOD_REPLACE;
+- mod->sml_next = NULL;
+- mod->sml_desc = NULL;
+- mod->sml_type = tmp.sml_type;
+- mod->sml_bvalues = tmp.sml_bvalues;
+- mod->sml_nvalues = NULL;
+-
+- *modtail = mod;
+- modtail = &mod->sml_next;
+- }
+-
+- if ( ber_scanf( ber, "}") == LBER_ERROR ) {
+-#ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR,
+- "syncrepl_message_to_entry: ber_scanf failed\n", 0, 0, 0 );
+-#else
+- Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: ber_scanf failed\n",
+- 0, 0, 0 );
+-#endif
+- return NULL;
+- }
+-
+- ber_free( ber, 0 );
+- tmpber = ldap_get_message_ber( msg );
+- ber = ber_dup( tmpber );
+-
+- ber_scanf( ber, "{xx" );
+-
+- rc = ldap_pvt_get_controls( ber, &rctrls );
++ rc = ldap_get_entry_controls( ld, msg, &rctrls );
+ if ( rc != LDAP_SUCCESS ) {
+ #ifdef NEW_LOGGING
+ LDAP_LOG( OPERATION, ERR,
+@@ -818,16 +711,16 @@
+ }
+
+ if ( rctrls ) {
++ BerElementBuffer berbuf;
++ BerElement *ctrl_ber;
++
+ rctrlp = *rctrls;
+- ctrl_ber = ber_alloc_t( LBER_USE_DER );
+- ber_set_option( ctrl_ber, LBER_OPT_BER_MEMCTX, &op->o_tmpmemctx );
+- ber_write( ctrl_ber, rctrlp->ldctl_value.bv_val, rctrlp->ldctl_value.bv_len, 0 );
+- ber_reset( ctrl_ber, 1 );
++ ctrl_ber = (BerElement *)&berbuf;
++ ber_init2( ctrl_ber, &rctrlp->ldctl_value, LBER_USE_DER );
+ ber_scanf( ctrl_ber, "{eo", syncstate, syncUUID );
+ if ( ber_peek_tag( ctrl_ber, &len ) == LDAP_SYNC_TAG_COOKIE ) {
+ ber_scanf( ctrl_ber, "o}", syncCookie );
+ }
+- ber_free( ctrl_ber, 1 );
+ ldap_controls_free( rctrls );
+ } else {
+ #ifdef NEW_LOGGING
+@@ -839,8 +732,48 @@
+ #endif
+ }
+
++ rc = ldap_get_dn_ber( ld, msg, &ber, &bdn );
++
++ if ( rc != LDAP_SUCCESS ) {
++#ifdef NEW_LOGGING
++ LDAP_LOG( OPERATION, ERR,
++ "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 );
++#else
++ Debug( LDAP_DEBUG_ANY,
++ "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 );
++#endif
++ return NULL;
++ }
++
++ dnPrettyNormal( NULL, &bdn, &dn, &ndn, op->o_tmpmemctx );
++ ber_dupbv( &op->o_req_dn, &dn );
++ ber_dupbv( &op->o_req_ndn, &ndn );
++ sl_free( ndn.bv_val, op->o_tmpmemctx );
++ sl_free( dn.bv_val, op->o_tmpmemctx );
++
+ if ( *syncstate == LDAP_SYNC_PRESENT || *syncstate == LDAP_SYNC_DELETE ) {
+- goto done;
++ return NULL;
++ }
++
++ e = ( Entry * ) ch_calloc( 1, sizeof( Entry ) );
++ e->e_name = op->o_req_dn;
++ e->e_nname = op->o_req_ndn;
++
++ while ( ber_remaining( ber ) ) {
++ if ( (ber_scanf( ber, "{mW}", &tmp.sml_type, &tmp.sml_values ) ==
++ LBER_ERROR ) || ( tmp.sml_type.bv_val == NULL )) break;
++
++ mod = (Modifications *) ch_malloc( sizeof( Modifications ));
++
++ mod->sml_op = LDAP_MOD_REPLACE;
++ mod->sml_next = NULL;
++ mod->sml_desc = NULL;
++ mod->sml_type = tmp.sml_type;
++ mod->sml_bvalues = tmp.sml_bvalues;
++ mod->sml_nvalues = NULL;
++
++ *modtail = mod;
++ modtail = &mod->sml_next;
+ }
+
+ if ( *modlist == NULL ) {
+@@ -853,21 +786,6 @@
+ #endif
+ }
+
+- ml = *modlist;
+- while ( ml != NULL ) {
+- AttributeDescription *ad = NULL;
+- rc = slap_bv2ad( &ml->sml_type, &ml->sml_desc, &text );
+-
+- if( rc != LDAP_SUCCESS ) {
+- e = NULL;
+- goto done;
+- }
+-
+- ad = ml->sml_desc;
+- ml->sml_desc = NULL;
+- ml = ml->sml_next;
+- }
+-
+ rc = slap_mods_check( *modlist, 1, &text, txtbuf, textlen, NULL );
+
+ if ( rc != LDAP_SUCCESS ) {
+@@ -878,7 +796,7 @@
+ Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: mods check (%s)\n",
+ text, 0, 0 );
+ #endif
+- return NULL;
++ goto done;
+ }
+
+ rc = slap_mods2entry( *modlist, &e, 1, 1, &text, txtbuf, textlen);
+@@ -893,8 +811,11 @@
+ }
+
+ done:
+-
+ ber_free ( ber, 0 );
++ if ( rc != LDAP_SUCCESS ) {
++ entry_free( e );
++ e = NULL;
++ }
+
+ return e;
+ }
+@@ -924,20 +845,11 @@
+ {
+ Backend *be = op->o_bd;
+ slap_callback cb;
+- struct berval csn_bv = {0, NULL};
+ struct berval *syncuuid_bv = NULL;
+- char csnbuf[ LDAP_LUTIL_CSNSTR_BUFSIZE ];
+
+ SlapReply rs = {REP_RESULT};
+ int rc = LDAP_SUCCESS;
+
+- struct berval base_bv = {0, NULL};
+-
+- char *filterstr;
+- Filter *filter;
+-
+- Attribute *a;
+-
+ if ( refresh &&
+ ( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_ADD )) {
+ syncuuid_bv = ber_dupbv( NULL, syncUUID );
+@@ -953,24 +865,21 @@
+ }
+ }
+
+- filterstr = (char *) sl_malloc( strlen("entryUUID=") + syncUUID->bv_len + 1,
++ op->ors_filterstr.bv_len = strlen("entryUUID=") + syncUUID->bv_len;
++ op->ors_filterstr.bv_val = (char *) sl_malloc( op->ors_filterstr.bv_len + 1,
+ op->o_tmpmemctx );
+- strcpy( filterstr, "entryUUID=" );
+- strcat( filterstr, syncUUID->bv_val );
++ strcpy( op->ors_filterstr.bv_val, "entryUUID=" );
++ strcat( op->ors_filterstr.bv_val, syncUUID->bv_val );
+
+ si->e = e;
+ si->syncUUID_ndn = NULL;
+
+- filter = str2filter( filterstr );
+- ber_str2bv( filterstr, strlen(filterstr), 1, &op->ors_filterstr );
+- ch_free( filterstr );
+- op->ors_filter = filter;
++ op->ors_filter = str2filter_x( op, op->ors_filterstr.bv_val );
+ op->ors_scope = LDAP_SCOPE_SUBTREE;
+
+ /* get syncrepl cookie of shadow replica from subentry */
+- ber_str2bv( si->base, strlen(si->base), 1, &base_bv );
+- dnPrettyNormal( 0, &base_bv, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx );
+- ch_free( base_bv.bv_val );
++ op->o_req_dn = si->base;
++ op->o_req_ndn = si->base;
+
+ /* set callback function */
+ op->o_callback = &cb;
+@@ -981,14 +890,10 @@
+
+ rc = be->be_search( op, &rs );
+
+- if ( op->o_req_dn.bv_val )
+- ch_free( op->o_req_dn.bv_val );
+- if ( op->o_req_ndn.bv_val )
+- ch_free( op->o_req_ndn.bv_val );
+ if ( op->ors_filter )
+- filter_free( op->ors_filter );
++ filter_free_x( op, op->ors_filter );
+ if ( op->ors_filterstr.bv_val )
+- ch_free( op->ors_filterstr.bv_val );
++ sl_free( op->ors_filterstr.bv_val, op->o_tmpmemctx );
+
+ cb.sc_response = null_callback;
+ cb.sc_private = si;
+@@ -1086,7 +991,7 @@
+ rc = be->be_delete( op, &rs );
+ }
+ /* Already deleted otherwise */
+- return 1;
++ return 0;
+
+ default :
+ #ifdef NEW_LOGGING
+@@ -1103,23 +1008,17 @@
+ static void
+ syncrepl_del_nonpresent(
+ LDAP *ld,
+- Operation *op
++ Operation *op,
++ syncinfo_t *si
+ )
+ {
+ Backend* be = op->o_bd;
+- syncinfo_t *si = op->o_si;
+ slap_callback cb;
+- struct berval base_bv = {0, NULL};
+- Filter *filter;
+ SlapReply rs = {REP_RESULT};
+- struct berval filterstr_bv = {0, NULL};
+ struct nonpresent_entry *np_list, *np_prev;
+
+- ber_str2bv( si->base, strlen(si->base), 1, &base_bv );
+- dnPrettyNormal(0, &base_bv, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx );
+- ch_free( base_bv.bv_val );
+-
+- filter = str2filter( si->filterstr );
++ op->o_req_dn = si->base;
++ op->o_req_ndn = si->base;
+
+ cb.sc_response = nonpresent_callback;
+ cb.sc_private = si;
+@@ -1132,21 +1031,15 @@
+ op->ors_tlimit = 0;
+ op->ors_attrsonly = 0;
+ op->ors_attrs = NULL;
+- op->ors_filter = filter;
+- ber_str2bv( si->filterstr, strlen( si->filterstr ), 1, &op->ors_filterstr );
++ op->ors_filter = str2filter_x( op, si->filterstr.bv_val );
++ op->ors_filterstr = si->filterstr;
+
+ op->o_nocaching = 1;
+ be->be_search( op, &rs );
+ op->o_nocaching = 0;
+
+- if ( op->o_req_dn.bv_val )
+- ch_free( op->o_req_dn.bv_val );
+- if ( op->o_req_ndn.bv_val )
+- ch_free( op->o_req_ndn.bv_val );
+ if ( op->ors_filter )
+- filter_free( op->ors_filter );
+- if ( op->ors_filterstr.bv_val )
+- ch_free( op->ors_filterstr.bv_val );
++ filter_free_x( op, op->ors_filter );
+
+ if ( !LDAP_LIST_EMPTY( &si->nonpresentlist ) ) {
+ np_list = LDAP_LIST_FIRST( &si->nonpresentlist );
+@@ -1173,6 +1066,11 @@
+ }
+
+
++static struct berval gcbva[] = {
++ BER_BVC("top"),
++ BER_BVC("glue")
++};
++
+ void
+ syncrepl_add_glue(
+ syncinfo_t *si,
+@@ -1186,72 +1084,72 @@
+ )
+ {
+ Backend *be = op->o_bd;
+- struct berval uuid_bv = {0, NULL};
+ slap_callback cb;
+ Attribute *a;
+ int rc;
+- char uuidbuf[ LDAP_LUTIL_UUIDSTR_BUFSIZE ];
+- int levels = 0;
+- int i, j, k;
++ int suffrdns;
++ int i;
+ struct berval dn = {0, NULL};
+- struct berval pdn = {0, NULL};
+ struct berval ndn = {0, NULL};
+- struct berval rdn = {0, NULL};
+ Entry *glue;
+ SlapReply rs = {REP_RESULT};
+- Connection *conn = op->o_conn;
+- char* ptr;
++ char *ptr, *comma;
+
+ op->o_tag = LDAP_REQ_ADD;
+ op->o_callback = &cb;
+ cb.sc_response = null_callback;
+ cb.sc_private = si;
+
+- ber_dupbv( &dn, &e->e_nname );
+- ber_dupbv( &pdn, &e->e_nname );
++ dn = e->e_name;
++ ndn = e->e_nname;
+
+- ptr = dn.bv_val;
+- while ( !be_issuffix ( be, &pdn )) {
+- dnParent( &dn, &pdn );
+- dn.bv_val = pdn.bv_val;
+- dn.bv_len = pdn.bv_len;
+- levels++;
+- }
+- ch_free( ptr );
+-
+- for ( i = 0; i <= levels; i++ ) {
+- glue = (Entry*) ch_calloc( 1, sizeof(Entry) );
+- ber_dupbv( &dn, &e->e_nname );
+- j = levels - i;
+-
+- ptr = dn.bv_val;
+- for ( k = 0; k < j; k++ ) {
+- dnParent( &dn, &pdn );
+- dn.bv_val = pdn.bv_val;
+- dn.bv_len = pdn.bv_len;
++ /* count RDNs in suffix */
++ if ( be->be_nsuffix[0].bv_len ) {
++ for (i=0, ptr=be->be_nsuffix[0].bv_val; ptr; ptr=strchr( ptr, ',' )) {
++ ptr++;
++ i++;
+ }
++ suffrdns = i;
++ } else {
++ /* suffix is "" */
++ suffrdns = 0;
++ }
+
+- dnPrettyNormal( 0, &dn, &pdn, &ndn, op->o_tmpmemctx );
+- ber_dupbv( &glue->e_name, &pdn );
++ /* Start with BE suffix */
++ for ( i = 0, ptr = NULL; i < suffrdns; i++ ) {
++ comma = strrchr(dn.bv_val, ',');
++ if ( ptr ) *ptr = ',';
++ if ( comma ) *comma = '\0';
++ ptr = comma;
++ }
++ if ( ptr ) {
++ *ptr++ = ',';
++ dn.bv_len -= ptr - dn.bv_val;
++ dn.bv_val = ptr;
++ }
++ /* the normalizedDNs are always the same length, no counting
++ * required.
++ */
++ if ( ndn.bv_len > be->be_nsuffix[0].bv_len ) {
++ ndn.bv_val += ndn.bv_len - be->be_nsuffix[0].bv_len;
++ ndn.bv_len = be->be_nsuffix[0].bv_len;
++ }
++
++ while ( ndn.bv_val > e->e_nname.bv_val ) {
++ glue = (Entry *) ch_calloc( 1, sizeof(Entry) );
++ ber_dupbv( &glue->e_name, &dn );
+ ber_dupbv( &glue->e_nname, &ndn );
+- ch_free( ptr );
+- ch_free( pdn.bv_val );
+- ch_free( ndn.bv_val );
+
+ a = ch_calloc( 1, sizeof( Attribute ));
+ a->a_desc = slap_schema.si_ad_objectClass;
+
+ a->a_vals = ch_calloc( 3, sizeof( struct berval ));
+- ber_str2bv( "top", strlen("top"), 1, &a->a_vals[0] );
+- ber_str2bv( "glue", strlen("glue"), 1, &a->a_vals[1] );
++ ber_dupbv( &a->a_vals[0], &gcbva[0] );
++ ber_dupbv( &a->a_vals[1], &gcbva[1] );
+ a->a_vals[2].bv_len = 0;
+ a->a_vals[2].bv_val = NULL;
+
+- a->a_nvals = ch_calloc( 3, sizeof( struct berval ));
+- ber_str2bv( "top", strlen("top"), 1, &a->a_nvals[0] );
+- ber_str2bv( "glue", strlen("glue"), 1, &a->a_nvals[1] );
+- a->a_nvals[2].bv_len = 0;
+- a->a_nvals[2].bv_val = NULL;
++ a->a_nvals = a->a_vals;
+
+ a->a_next = glue->e_attrs;
+ glue->e_attrs = a;
+@@ -1260,42 +1158,45 @@
+ a->a_desc = slap_schema.si_ad_structuralObjectClass;
+
+ a->a_vals = ch_calloc( 2, sizeof( struct berval ));
+- ber_str2bv( "glue", strlen("glue"), 1, &a->a_vals[0] );
++ ber_dupbv( &a->a_vals[0], &gcbva[1] );
+ a->a_vals[1].bv_len = 0;
+ a->a_vals[1].bv_val = NULL;
+
+- a->a_nvals = ch_calloc( 2, sizeof( struct berval ));
+- ber_str2bv( "glue", strlen("glue"), 1, &a->a_nvals[0] );
+- a->a_nvals[1].bv_len = 0;
+- a->a_nvals[1].bv_val = NULL;
++ a->a_nvals = a->a_vals;
+
+ a->a_next = glue->e_attrs;
+ glue->e_attrs = a;
+
+- if ( !strcmp( e->e_nname.bv_val, glue->e_nname.bv_val )) {
+- op->o_req_dn = e->e_name;
+- op->o_req_ndn = e->e_nname;
+- op->ora_e = e;
+- rc = be->be_add ( op, &rs );
+- if ( rc == LDAP_SUCCESS )
+- be_entry_release_w( op, e );
+- else
+- entry_free( e );
+- entry_free( glue );
++ op->o_req_dn = glue->e_name;
++ op->o_req_ndn = glue->e_nname;
++ op->ora_e = glue;
++ rc = be->be_add ( op, &rs );
++ if ( rc == LDAP_SUCCESS ) {
++ be_entry_release_w( op, glue );
+ } else {
+- op->o_req_dn = glue->e_name;
+- op->o_req_ndn = glue->e_nname;
+- op->ora_e = glue;
+- rc = be->be_add ( op, &rs );
+- if ( rc == LDAP_SUCCESS ) {
+- be_entry_release_w( op, glue );
+- } else {
+- /* incl. ALREADY EXIST */
+- entry_free( glue );
+- }
++ /* incl. ALREADY EXIST */
++ entry_free( glue );
+ }
++
++ /* Move to next child */
++ for (ptr = dn.bv_val-2; ptr > e->e_name.bv_val && *ptr != ','; ptr--);
++ if ( ptr == e->e_name.bv_val ) break;
++ dn.bv_val = ++ptr;
++ dn.bv_len = e->e_name.bv_len - (ptr-e->e_name.bv_val);
++ for (ptr = ndn.bv_val-2; ptr > e->e_nname.bv_val && *ptr != ','; ptr--);
++ ndn.bv_val = ++ptr;
++ ndn.bv_len = e->e_nname.bv_len - (ptr-e->e_nname.bv_val);
+ }
+
++ op->o_req_dn = e->e_name;
++ op->o_req_ndn = e->e_nname;
++ op->ora_e = e;
++ rc = be->be_add ( op, &rs );
++ if ( rc == LDAP_SUCCESS )
++ be_entry_release_w( op, e );
++ else
++ entry_free( e );
++
+ return;
+ }
+
+@@ -1317,7 +1218,7 @@
+ };
+
+ static struct berval scbva[] = {
+- BER_BVC("subentry"),
++ BER_BVNULL,
+ BER_BVNULL
+ };
+
+@@ -1344,6 +1245,7 @@
+ Entry* e = NULL;
+ int rc;
+
++ char syncrepl_cbuf[sizeof(CN_STR SYNCREPL_STR)];
+ struct berval slap_syncrepl_dn_bv = BER_BVNULL;
+ struct berval slap_syncrepl_cn_bv = BER_BVNULL;
+
+@@ -1375,6 +1277,7 @@
+ *modtail = mod;
+ modtail = &mod->sml_next;
+
++ if ( scbva[0].bv_val ) ch_free( scbva[0].bv_val );
+ ber_dupbv( &scbva[0], si->syncCookie );
+ mod = (Modifications *) ch_calloc( 1, sizeof( Modifications ));
+ mod->sml_op = LDAP_MOD_REPLACE;
+@@ -1392,26 +1295,13 @@
+ *modtail = mod;
+ modtail = &mod->sml_next;
+
+-#if 0
+- rc = slap_mods_check( modlist, 1, &text, txtbuf, textlen, NULL );
+-
+- if ( rc != LDAP_SUCCESS ) {
+-#ifdef NEW_LOGGING
+- LDAP_LOG( OPERATION, ERR,
+- "syncrepl_updateCookie: mods check (%s)\n", text, 0, 0 );
+-#else
+- Debug( LDAP_DEBUG_ANY, "syncrepl_updateCookie: mods check (%s)\n",
+- text, 0, 0 );
+-#endif
+- }
+-#endif
++ mlnext = mod;
+
+ op->o_tag = LDAP_REQ_ADD;
+ rc = slap_mods_opattrs( op, modlist, modtail,
+ &text,txtbuf, textlen );
+
+- for ( ml = modlist; ml != NULL; ml = mlnext ) {
+- mlnext = ml->sml_next;
++ for ( ml = modlist; ml != NULL; ml = ml->sml_next ) {
+ ml->sml_op = LDAP_MOD_REPLACE;
+ }
+
+@@ -1427,18 +1317,17 @@
+
+ e = ( Entry * ) ch_calloc( 1, sizeof( Entry ));
+
+- ber_dupbv( &slap_syncrepl_cn_bv, (struct berval *) &slap_syncrepl_cn_bvc );
++ slap_syncrepl_cn_bv.bv_val = syncrepl_cbuf;
+ slap_syncrepl_cn_bv.bv_len = snprintf( slap_syncrepl_cn_bv.bv_val,
+ slap_syncrepl_cn_bvc.bv_len,
+ "cn=syncrepl%d", si->id );
+
+- build_new_dn( &slap_syncrepl_dn_bv, pdn, &slap_syncrepl_cn_bv, NULL );
+- dnPrettyNormal( NULL, &slap_syncrepl_dn_bv, &e->e_name, &e->e_nname, NULL );
++ build_new_dn( &slap_syncrepl_dn_bv, pdn, &slap_syncrepl_cn_bv, op->o_tmpmemctx );
++ ber_dupbv( &e->e_name, &slap_syncrepl_dn_bv );
++ ber_dupbv( &e->e_nname, &slap_syncrepl_dn_bv );
+
+- if ( slap_syncrepl_cn_bv.bv_val )
+- ch_free( slap_syncrepl_cn_bv.bv_val );
+ if ( slap_syncrepl_dn_bv.bv_val )
+- ch_free( slap_syncrepl_dn_bv.bv_val );
++ sl_free( slap_syncrepl_dn_bv.bv_val, op->o_tmpmemctx );
+
+ e->e_attrs = NULL;
+
+@@ -1519,10 +1408,21 @@
+
+ done :
+
+- if ( cnbva[0].bv_val )
++ if ( cnbva[0].bv_val ) {
+ ch_free( cnbva[0].bv_val );
++ cnbva[0].bv_val = NULL;
++ }
++ if ( scbva[0].bv_val ) {
++ ch_free( scbva[0].bv_val );
++ scbva[0].bv_val = NULL;
++ }
++
++ if ( mlnext->sml_next ) {
++ slap_mods_free( mlnext->sml_next );
++ mlnext->sml_next = NULL;
++ }
+
+- for ( ; ml != NULL; ml = mlnext ) {
++ for (ml = modlist ; ml != NULL; ml = mlnext ) {
+ mlnext = ml->sml_next;
+ free( ml );
+ }
+@@ -1543,27 +1443,6 @@
+ }
+
+ static int
+-cookie_callback(
+- Operation* op,
+- SlapReply* rs
+-)
+-{
+- syncinfo_t *si = op->o_callback->sc_private;
+- Attribute *a;
+-
+- if ( rs->sr_type != REP_SEARCH ) return LDAP_SUCCESS;
+-
+- a = attr_find( rs->sr_entry->e_attrs, slap_schema.si_ad_syncreplCookie );
+-
+- if ( a == NULL ) {
+- si->syncCookie = NULL;
+- } else {
+- si->syncCookie = ber_dupbv( NULL, &a->a_vals[0] );
+- }
+- return LDAP_SUCCESS;
+-}
+-
+-static int
+ dn_callback(
+ Operation* op,
+ SlapReply* rs
+@@ -1602,8 +1481,6 @@
+ Attribute *a;
+ int count = 0;
+ struct berval* present_uuid = NULL;
+- slap_callback cb;
+- SlapReply rs_cb = {REP_RESULT};
+ struct nonpresent_entry *np_entry;
+
+ if ( rs->sr_type == REP_RESULT ) {
+@@ -1643,8 +1520,6 @@
+ SlapReply* rs
+ )
+ {
+- syncinfo_t *si = op->o_callback->sc_private;
+-
+ if ( rs->sr_err != LDAP_SUCCESS &&
+ rs->sr_err != LDAP_REFERRAL &&
+ rs->sr_err != LDAP_ALREADY_EXISTS &&
+@@ -1671,7 +1546,6 @@
+ )
+ {
+ Entry* e;
+- int rc;
+
+ struct berval bv;
+
diff --git a/net/openldap24-server/files/patch-tests::scripts::test017-syncreplication-refresh b/net/openldap24-server/files/patch-tests::scripts::test017-syncreplication-refresh
new file mode 100644
index 000000000000..c354e00a7fb6
--- /dev/null
+++ b/net/openldap24-server/files/patch-tests::scripts::test017-syncreplication-refresh
@@ -0,0 +1,71 @@
+--- tests/scripts/test017-syncreplication-refresh Mon Oct 6 16:57:32 2003
++++ tests/scripts/test017-syncreplication-refresh Sun Oct 19 15:33:58 2003
+@@ -44,9 +44,6 @@
+ fi
+ BACKEND=$SAVE
+
+-echo "Waiting 5 seconds to wait for master to start..."
+-sleep 5
+-
+ echo "Using ldapsearch to check that master slapd is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+@@ -59,22 +56,28 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID
++ exit $RC
++fi
++
+ echo "Using ldapadd to create the context prefix entry in the master..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDCP > /dev/null 2>&1
+ RC=$?
+ if test $RC != 0 ; then
+ echo "ldapadd failed ($RC)!"
+- kill -HUP $PID $SLAVEPID
++ kill -HUP $PID
+ exit $RC
+ fi
+
+ echo "Starting slave slapd on TCP/IP port $R1SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $R1SRSLAVECONF > $R1REPLCONF
+ $SLAPD -f $R1REPLCONF -h $R1SLAVEURI -d $LVL $TIMING > $R1SLAVELOG 2>&1 &
+-R1SLAVEPID=$!
++SLAVEPID=$!
+ if test $WAIT != 0 ; then
+- echo SLAVEPID $R1SLAVEPID
++ echo SLAVEPID $SLAVEPID
+ read foo
+ fi
+
+@@ -90,6 +93,12 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID
++ exit $RC
++fi
++
+ echo "Using ldapadd to populate the master directory..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDNOCP > /dev/null 2>&1
+@@ -203,11 +212,11 @@
+
+ if test $RC != 0 ; then
+ echo "ldapsearch failed at slave ($RC)!"
+- kill -HUP $PID $R1SLAVEPID
++ kill -HUP $PID $SLAVEPID
+ exit $RC
+ fi
+
+-kill -HUP $PID $R1SLAVEPID
++kill -HUP $PID $SLAVEPID
+
+ SEARCHOUT=$MASTEROUT
+ LDIF=$R1SLAVEOUT
diff --git a/net/openldap24-server/files/patch-tests::scripts::test018-syncreplication-persist b/net/openldap24-server/files/patch-tests::scripts::test018-syncreplication-persist
new file mode 100644
index 000000000000..2325aef08a3a
--- /dev/null
+++ b/net/openldap24-server/files/patch-tests::scripts::test018-syncreplication-persist
@@ -0,0 +1,71 @@
+--- tests/scripts/test018-syncreplication-persist Mon Oct 6 16:57:32 2003
++++ tests/scripts/test018-syncreplication-persist Sun Oct 19 15:33:58 2003
+@@ -44,9 +44,6 @@
+ fi
+ BACKEND=$SAVE
+
+-echo "Waiting 5 seconds to wait for master to start..."
+-sleep 5
+-
+ echo "Using ldapsearch to check that master slapd is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+@@ -59,22 +56,28 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID
++ exit $RC
++fi
++
+ echo "Using ldapadd to create the context prefix entry in the master..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDCP > /dev/null 2>&1
+ RC=$?
+ if test $RC != 0 ; then
+ echo "ldapadd failed ($RC)!"
+- kill -HUP $PID $SLAVEPID
++ kill -HUP $PID
+ exit $RC
+ fi
+
+ echo "Starting slave slapd on TCP/IP port $P1SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $P1SRSLAVECONF > $P1REPLCONF
+ $SLAPD -f $P1REPLCONF -h $P1SLAVEURI -d $LVL $TIMING > $P1SLAVELOG 2>&1 &
+-P1SLAVEPID=$!
++SLAVEPID=$!
+ if test $WAIT != 0 ; then
+- echo SLAVEPID $P1SLAVEPID
++ echo SLAVEPID $SLAVEPID
+ read foo
+ fi
+
+@@ -90,6 +93,12 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $SLAVEPID
++ exit $RC
++fi
++
+ echo "Using ldapadd to populate the master directory..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDNOCP > /dev/null 2>&1
+@@ -203,11 +212,11 @@
+
+ if test $RC != 0 ; then
+ echo "ldapsearch failed at slave ($RC)!"
+- kill -HUP $PID $P1SLAVEPID
++ kill -HUP $PID $SLAVEPID
+ exit $RC
+ fi
+
+-kill -HUP $PID $P1SLAVEPID
++kill -HUP $PID $SLAVEPID
+
+ SEARCHOUT=$MASTEROUT
+ LDIF=$P1SLAVEOUT
diff --git a/net/openldap24-server/files/patch-tests::scripts::test020-syncreplication-cascading b/net/openldap24-server/files/patch-tests::scripts::test020-syncreplication-cascading
new file mode 100644
index 000000000000..182a6a73c7d0
--- /dev/null
+++ b/net/openldap24-server/files/patch-tests::scripts::test020-syncreplication-cascading
@@ -0,0 +1,220 @@
+--- tests/scripts/test020-syncreplication-cascading Mon Oct 6 16:57:32 2003
++++ tests/scripts/test020-syncreplication-cascading Sun Oct 19 15:33:58 2003
+@@ -39,13 +39,14 @@
+ mkdir $P3REPLDIR
+
+ SAVE=$BACKEND
+-if test $BACKEND = ldbm; then
+- if test $SYNCREPL = no; then
++if test $SYNCREPL = no; then
++ if test $BACKEND = ldbm; then
+ echo "Sync replication requires back-bdb or back-hdb"
+ exit 0
+ fi
+- BACKEND=$SYNCREPL
++ SYNCREPL=$BACKEND
+ fi
++BACKEND=$SYNCREPL
+ echo "Starting master slapd on TCP/IP port $PORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $SRMASTERCONF > $DBCONF
+ $SLAPD -f $DBCONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 &
+@@ -54,12 +55,8 @@
+ echo PID $PID
+ read foo
+ fi
+-BACKEND=$SAVE
+-
+-echo "Waiting 5 seconds to wait for master to start..."
+-sleep 5
+
+-echo "Using ldapsearch to check that master slapd is running..."
++echo "Using ldapsearch to check that master slapd PID $PID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -71,6 +68,12 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID
++ exit $RC
++fi
++
+ echo "Using ldapadd to create the context prefix entry in the master..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDCP > /dev/null 2>&1
+@@ -81,14 +84,6 @@
+ exit $RC
+ fi
+
+-SAVE=$BACKEND
+-if test $BACKEND = ldbm; then
+- if test $SYNCREPL = no; then
+- echo "Sync replication requires back-bdb or back-hdb"
+- exit 0
+- fi
+- BACKEND=$SYNCREPL
+-fi
+ echo "Starting R1 slave slapd on TCP/IP port $R1SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $R1SRSLAVECONF > $R1REPLCONF
+ $SLAPD -f $R1REPLCONF -h $R1SLAVEURI -d $LVL $TIMING > $R1SLAVELOG 2>&1 &
+@@ -97,9 +92,8 @@
+ echo SLAVE R1 PID $R1SLAVEPID
+ read foo
+ fi
+-BACKEND=$SAVE
+
+-echo "Using ldapsearch to check that R1 slave slapd is running..."
++echo "Using ldapsearch to check that R1 slave slapd PID $R1SLAVEPID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $R1SLAVEPORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -111,9 +105,13 @@
+ sleep 5
+ done
+
+-echo "Waiting for the R1 slave to replicate..."
+-sleep 10
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $R1SLAVEPID
++ exit $RC
++fi
+
++BACKEND=$SAVE
+ echo "Starting R2 slave slapd on TCP/IP port $R2SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $R2SRSLAVECONF > $R2REPLCONF
+ $SLAPD -f $R2REPLCONF -h $R2SLAVEURI -d $LVL $TIMING > $R2SLAVELOG 2>&1 &
+@@ -123,7 +121,7 @@
+ read foo
+ fi
+
+-echo "Using ldapsearch to check that the R2 slave slapd is running..."
++echo "Using ldapsearch to check that the R2 slave slapd PID $R2SLAVEPID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $R2SLAVEPORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -135,17 +133,13 @@
+ sleep 5
+ done
+
+-echo "Waiting for the R2 slave to replicate..."
+-sleep 10
+-
+-SAVE=$BACKEND
+-if test $BACKEND = ldbm; then
+- if test $SYNCREPL = no; then
+- echo "Sync replication requires back-bdb or back-hdb"
+- exit 0
+- fi
+- BACKEND=$SYNCREPL
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID
++ exit $RC
+ fi
++
++BACKEND=$SYNCREPL
+ echo "Starting P1 slave slapd on TCP/IP port $P1SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $P1SRSLAVECONF > $P1REPLCONF
+ $SLAPD -f $P1REPLCONF -h $P1SLAVEURI -d $LVL $TIMING > $P1SLAVELOG 2>&1 &
+@@ -154,9 +148,8 @@
+ echo SLAVE P1 PID $P1SLAVEPID
+ read foo
+ fi
+-BACKEND=$SAVE
+
+-echo "Using ldapsearch to check that the P1 slave slapd is running..."
++echo "Using ldapsearch to check that the P1 slave slapd PID $P1SLAVEPID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $P1SLAVEPORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -168,9 +161,13 @@
+ sleep 5
+ done
+
+-echo "Waiting for the P1 slave to replicate..."
+-sleep 10
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID
++ exit $RC
++fi
+
++BACKEND=$SAVE
+ echo "Starting P2 slave slapd on TCP/IP port $P2SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $P2SRSLAVECONF > $P2REPLCONF
+ $SLAPD -f $P2REPLCONF -h $P2SLAVEURI -d $LVL $TIMING > $P2SLAVELOG 2>&1 &
+@@ -180,7 +177,7 @@
+ read foo
+ fi
+
+-echo "Using ldapsearch to check that the P2 slave slapd is running..."
++echo "Using ldapsearch to check that the P2 slave slapd PID $P2SLAVEPID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $P2SLAVEPORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -192,6 +189,12 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID $P2SLAVEPID
++ exit $RC
++fi
++
+ echo "Starting P3 slave slapd on TCP/IP port $P3SLAVEPORT..."
+ . $CONFFILTER $BACKEND $MONITORDB < $P3SRSLAVECONF > $P3REPLCONF
+ $SLAPD -f $P3REPLCONF -h $P3SLAVEURI -d $LVL $TIMING > $P3SLAVELOG 2>&1 &
+@@ -201,7 +204,7 @@
+ read foo
+ fi
+
+-echo "Using ldapsearch to check that the P3 slave slapd is running..."
++echo "Using ldapsearch to check that the P3 slave slapd PID $P3SLAVEPID is running..."
+ for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $P3SLAVEPORT \
+ 'objectclass=*' > /dev/null 2>&1
+@@ -213,6 +216,12 @@
+ sleep 5
+ done
+
++if test $RC != 0 ; then
++ echo "ldapsearch failed ($RC)!"
++ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID $P2SLAVEPID $P3SLAVEPID
++ exit $RC
++fi
++
+ echo "Using ldapadd to populate the master directory..."
+ $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDEREDNOCP > /dev/null 2>&1
+@@ -347,7 +356,7 @@
+ RC=$?
+
+ if test $RC != 0 ; then
+- echo "ldapsearch failed at R1 slave ($RC)!"
++ echo "ldapsearch failed at P1 slave ($RC)!"
+ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID $P2SLAVEPID $P3SLAVEPID
+ exit $RC
+ fi
+@@ -358,7 +367,7 @@
+ RC=$?
+
+ if test $RC != 0 ; then
+- echo "ldapsearch failed at R2 slave ($RC)!"
++ echo "ldapsearch failed at P2 slave ($RC)!"
+ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID $P2SLAVEPID $P3SLAVEPID
+ exit $RC
+ fi
+@@ -369,7 +378,7 @@
+ RC=$?
+
+ if test $RC != 0 ; then
+- echo "ldapsearch failed at R2 slave ($RC)!"
++ echo "ldapsearch failed at P3 slave ($RC)!"
+ kill -HUP $PID $R1SLAVEPID $R2SLAVEPID $P1SLAVEPID $P2SLAVEPID $P3SLAVEPID
+ exit $RC
+ fi
diff --git a/net/openldap24-server/pkg-deinstall b/net/openldap24-server/pkg-deinstall
new file mode 100644
index 000000000000..2a5ec1ef8f65
--- /dev/null
+++ b/net/openldap24-server/pkg-deinstall
@@ -0,0 +1,33 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+ECHO_CMD=echo
+
+case $2 in
+POST-DEINSTALL)
+ ${ECHO_CMD}
+ ${ECHO_CMD} "The OpenLDAP server package has been deleted."
+ ${ECHO_CMD} "If you're *not* upgrading and won't be using"
+ ${ECHO_CMD} "it any longer, you may want to issue the"
+ ${ECHO_CMD} "following commands:"
+ ${ECHO_CMD}
+ if [ -d %%DATABASEDIR%% ]; then
+ ${ECHO_CMD} "- to delete the OpenLDAP database permanently (losing all data):"
+ ${ECHO_CMD} " rm -Rf %%DATABASEDIR%%"
+ ${ECHO_CMD}
+ fi
+ if [ -d %%SLURPDIR%% ]; then
+ ${ECHO_CMD} "- to remove the OpenLDAP replication directory:"
+ ${ECHO_CMD} " rm -Rf %%SLURPDIR%%"
+ ${ECHO_CMD}
+ fi
+ ${ECHO_CMD} "- to remove the OpenLDAP user:"
+ ${ECHO_CMD} " pw userdel ldap"
+ ${ECHO_CMD}
+ ${ECHO_CMD} "If you are upgrading, don't forget to restart"
+ ${ECHO_CMD} "slapd and slurpd."
+ ${ECHO_CMD}
+ ;;
+esac
diff --git a/net/openldap24-server/pkg-install b/net/openldap24-server/pkg-install
index 47b2ea825164..ee0a9e8588bd 100644
--- a/net/openldap24-server/pkg-install
+++ b/net/openldap24-server/pkg-install
@@ -13,9 +13,9 @@ FTPUSERS=/etc/ftpusers
case $2 in
PRE-INSTALL)
if ! ${PW} usershow -n ldap >/dev/null 2>&1; then
+ ${ECHO_CMD}
if ! ${PW} groupshow -n ldap >/dev/null 2>&1; then
if ! ${PW} groupadd -n ldap -g 389; then
- ${ECHO_CMD}
${ECHO_CMD} "*** Failed to add a group ldap with id 389."
${ECHO_CMD}
${ECHO_CMD} "Please add the ldap user manually with"
@@ -24,12 +24,10 @@ PRE-INSTALL)
${ECHO_CMD} "and retry installing this package."
exit 1
fi
+ ${ECHO_CMD} "===> Group 'ldap' created."
fi
- if ${PW} useradd -n ldap -u 389 -g ldap -c 'OpenLDAP Server' \
+ if ! ${PW} useradd -n ldap -u 389 -g ldap -c 'OpenLDAP Server' \
-d /nonexistent -s /sbin/nologin -h -; then
- ${GREP} -qs '^ldap$' ${FTPUSERS} || ${ECHO_CMD} ldap >> ${FTPUSERS}
- else
- ${ECHO_CMD}
${ECHO_CMD} "*** Failed to add an user ldap with id 389."
${ECHO_CMD}
${ECHO_CMD} "Please add the ldap user manually with"
@@ -38,6 +36,8 @@ PRE-INSTALL)
${ECHO_CMD} "and retry installing this package."
exit 1
fi
+ ${GREP} -qs '^ldap$' ${FTPUSERS} || ${ECHO_CMD} ldap >> ${FTPUSERS}
+ ${ECHO_CMD} "===> Account 'ldap' created."
fi
;;
esac
diff --git a/net/openldap24-server/pkg-message b/net/openldap24-server/pkg-message
index 737d02348bdb..d130eb4d5a06 100644
--- a/net/openldap24-server/pkg-message
+++ b/net/openldap24-server/pkg-message
@@ -14,7 +14,7 @@ Then start the server with
or reboot.
Try `man slapd' and the online manual at
- http://www.OpenLDAP.org/doc/admin20/
+ http://www.OpenLDAP.org/devel/admin/
for more information.
NOTE: Some variable names have been changed to conform with rc.subr(8)
diff --git a/net/openldap24-server/pkg-message.client b/net/openldap24-server/pkg-message.client
index ef3234fa4b86..92ef70d0f99b 100644
--- a/net/openldap24-server/pkg-message.client
+++ b/net/openldap24-server/pkg-message.client
@@ -6,4 +6,8 @@ Edit
%%PREFIX%%/etc/openldap/ldap.conf
to change the system-wide client defaults.
+Try `man ldap.conf' and visit the OpenLDAP FAQ-O-Matic at
+ http://www.OpenLDAP.org/faq/index.cgi?file=3
+for more information.
+
************************************************************
diff --git a/net/openldap24-server/pkg-plist b/net/openldap24-server/pkg-plist
index d2c94faf8fe7..a36978413511 100644
--- a/net/openldap24-server/pkg-plist
+++ b/net/openldap24-server/pkg-plist
@@ -1,36 +1,10 @@
@comment $FreeBSD$
-@unexec %%RC_DIR%%/slapd%%RC_SUFX%% stop 2>/dev/null || true
-@unexec %%RC_DIR%%/slurpd%%RC_SUFX%% stop 2>/dev/null || true
+@unexec %%RC_DIR%%/slapd%%RC_SUFX%% stop 2>&1 >/dev/null || true
+@unexec %%RC_DIR%%/slurpd%%RC_SUFX%% stop 2>&1 >/dev/null || true
etc/openldap/schema/README
-@unexec if cmp -s %D/etc/openldap/schema/corba.schema %D/etc/openldap/schema/corba.schema.default; then rm -f %D/etc/openldap/schema/corba.schema; fi
-etc/openldap/schema/corba.schema.default
-@exec [ -f %B/corba.schema ] || cp %B/%f %B/corba.schema
-@unexec if cmp -s %D/etc/openldap/schema/core.schema %D/etc/openldap/schema/core.schema.default; then rm -f %D/etc/openldap/schema/core.schema; fi
-etc/openldap/schema/core.schema.default
-@exec [ -f %B/core.schema ] || cp %B/%f %B/core.schema
-@unexec if cmp -s %D/etc/openldap/schema/cosine.schema %D/etc/openldap/schema/cosine.schema.default; then rm -f %D/etc/openldap/schema/cosine.schema; fi
-etc/openldap/schema/cosine.schema.default
-@exec [ -f %B/cosine.schema ] || cp %B/%f %B/cosine.schema
-@unexec if cmp -s %D/etc/openldap/schema/inetorgperson.schema %D/etc/openldap/schema/inetorgperson.schema.default; then rm -f %D/etc/openldap/schema/inetorgperson.schema; fi
-etc/openldap/schema/inetorgperson.schema.default
-@exec [ -f %B/inetorgperson.schema ] || cp %B/%f %B/inetorgperson.schema
-@unexec if cmp -s %D/etc/openldap/schema/java.schema %D/etc/openldap/schema/java.schema.default; then rm -f %D/etc/openldap/schema/java.schema; fi
-etc/openldap/schema/java.schema.default
-@exec [ -f %B/java.schema ] || cp %B/%f %B/java.schema
-@unexec if cmp -s %D/etc/openldap/schema/misc.schema %D/etc/openldap/schema/misc.schema.default; then rm -f %D/etc/openldap/schema/misc.schema; fi
-etc/openldap/schema/misc.schema.default
-@exec [ -f %B/misc.schema ] || cp %B/%f %B/misc.schema
-@unexec if cmp -s %D/etc/openldap/schema/nis.schema %D/etc/openldap/schema/nis.schema.default; then rm -f %D/etc/openldap/schema/nis.schema; fi
-etc/openldap/schema/nis.schema.default
-@exec [ -f %B/nis.schema ] || cp %B/%f %B/nis.schema
-@unexec if cmp -s %D/etc/openldap/schema/openldap.schema %D/etc/openldap/schema/openldap.schema.default; then rm -f %D/etc/openldap/schema/openldap.schema; fi
-etc/openldap/schema/openldap.schema.default
-@exec [ -f %B/openldap.schema ] || cp %B/%f %B/openldap.schema
@unexec if cmp -s %D/etc/openldap/slapd.conf %D/etc/openldap/slapd.conf.default; then rm -f %D/etc/openldap/slapd.conf; fi
etc/openldap/slapd.conf.default
@exec [ -f %B/slapd.conf ] || cp %B/%f %B/slapd.conf
-@unexec rmdir %D/etc/openldap/schema 2>/dev/null || true
-@unexec rmdir %D/etc/openldap 2>/dev/null || true
%%SLAPI%%lib/libslapi.a
%%SLAPI%%lib/libslapi.so
%%SLAPI%%lib/libslapi.so.2
@@ -41,11 +15,8 @@ sbin/slapcat
sbin/slapindex
sbin/slappasswd
@exec mkdir -p %%LDAP_RUN_DIR%%
+@unexec rmdir %%LDAP_RUN_DIR%% 2>/dev/null || true
@exec mkdir -p %%DATABASEDIR%%
-@exec mkdir -p %%SLURPDIR%%
-@unexec rmdir %%LDAP_RUN_DIR%%
@unexec rmdir %%DATABASEDIR%% 2>/dev/null || true
+@exec mkdir -p %%SLURPDIR%%
@unexec rmdir %%SLURPDIR%% 2>/dev/null || true
-@cwd %%RC_DIR%%
-slapd%%RC_SUFX%%
-slurpd%%RC_SUFX%%