--- /dev/null
--- /dev/null
++usr/include/dirsrv/*
++usr/lib/*/dirsrv/libslapd.so
++usr/lib/*/pkgconfig/*
--- /dev/null
--- /dev/null
++usr/lib/*/dirsrv/libslapd.so.*
--- /dev/null
--- /dev/null
++# these are bogus warnings, no libs shipped in a public libdir
++postinst-has-useless-call-to-ldconfig
++postrm-has-useless-call-to-ldconfig
--- /dev/null
--- /dev/null
++# Defaults for dirsrv
++#
++# This is a POSIX shell fragment
++
++# Enable bindnow hardening
++LD_BIND_NOW=1
--- /dev/null
--- /dev/null
++var/log/dirsrv
++var/lib/dirsrv
--- /dev/null
--- /dev/null
++etc/default/dirsrv
++etc/default/dirsrv.systemd
++etc/dirsrv/config/
++etc/dirsrv/schema/*.ldif
++etc/systemd/
++lib/systemd/system/dirsrv-snmp.service
++lib/systemd/system/dirsrv.target
++lib/systemd/system/dirsrv@.service
++usr/bin/
++usr/lib/*/dirsrv/libns-dshttpd.so*
++usr/lib/*/dirsrv/perl/
++usr/lib/*/dirsrv/plugins/*.so
++usr/lib/*/dirsrv/python/
++usr/sbin/
++usr/share/dirsrv/
++usr/share/man/man1/*.1
++usr/share/man/man8/*.8
--- /dev/null
--- /dev/null
++/dev/null lib/systemd/system/dirsrv.service
--- /dev/null
--- /dev/null
++# these are bogus warnings, no libs shipped in a public libdir
++unused-shlib-entry-in-control-file
++postinst-has-useless-call-to-ldconfig
++postrm-has-useless-call-to-ldconfig
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++. /usr/share/debconf/confmodule
++
++CONFIG_DIR=/etc/dirsrv
++OUT=/dev/null
++INSTANCES=`ls -d /etc/dirsrv/slapd-* 2>/dev/null | grep -v removed | sed 's/.*slapd-//'`
++
++if [ "$1" = configure ]; then
++ # lets give them a user/group in all cases.
++ if ! getent passwd dirsrv > $OUT; then
++ adduser --quiet --system --home /var/lib/dirsrv \
++ --disabled-password --group \
++ --gecos "389 Directory Server user" \
++ --no-create-home \
++ dirsrv > $OUT
++ fi
++
++ chown -R dirsrv:dirsrv /etc/dirsrv/ /var/log/dirsrv/ /var/lib/dirsrv/ > $OUT || true
++ chmod 750 /etc/dirsrv/ /var/log/dirsrv/ /var/lib/dirsrv/ > $OUT || true
++
++ if [ -n "$2" ]; then
++ for inst in $INSTANCES; do
++ service dirsrv@$inst stop > $OUT 2>&1
++ done
++
++ setup-ds -l $OUT -u -s General.UpdateMode=offline > $OUT 2>&1
++
++ if [ $? = 0 ]; then
++ for inst in $INSTANCES; do
++ service dirsrv@$inst start > $OUT 2>&1
++ done
++ fi
++ fi
++fi
++
++invoke_failure() {
++ # invoke-rc.d failed, likely because no instance has been configured yet
++ # but exit with an error if an instance is configured and the invoke failed
++ if [ -z $INSTANCES ]; then
++ echo "... because no instance has been configured yet."
++ else
++ exit 1
++ fi
++}
++
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++. /usr/share/debconf/confmodule
++
++if [ "$1" = "purge" ]; then
++ if getent group dirsrv > /dev/null; then
++ deluser --system dirsrv || true
++ fi
++ rm -f /etc/systemd/system/dirsrv.target.wants/dirsrv@*.service
++ rm -rf /etc/dirsrv
++ rm -rf /var/lib/dirsrv
++ rm -rf /var/log/dirsrv
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++set -e
++
++#DEBHELPER#
++
++if [ "$1" = "purge" ]; then
++ # remove all installed instances
++ for FILE in `ls -d $CONFDIR/slapd-* 2>/dev/null | sed -n '/\.removed$/!$'`
++ do
++ if [ -d "$FILE" ] ; then
++ remove-ds -f -i $FILE
++ fi
++ done
++fi
--- /dev/null
--- /dev/null
++To complete the 389 Directory Server installation just run /usr/sbin/setup-ds.
++
++If you experience problems accessing the Directory Server, check with
++"netstat -tapen |grep 389" and verify that the server is not listening only
++to ipv6 (check for ^tcp6). In such case you will need to tweak the cn=config
++DIT with something like the following:
++
++dn: cn=config
++changetype: modify
++add: nsslapd-listenhost
++nsslapd-listenhost: <youripv4>
++
--- /dev/null
--- /dev/null
++389-ds-base (1.3.5.17-2) unstable; urgency=medium
++
++ * fix-upstream-49245.diff: Pull commits from upstream 1.3.5.x, which
++ remove rest of the asm code. (Closes: #862194)
++
++ -- Timo Aaltonen <tjaalton@debian.org> Wed, 10 May 2017 09:25:03 +0300
++
++389-ds-base (1.3.5.17-1) unstable; urgency=medium
++
++ * New upstream bugfix release.
++ - CVE-2017-2668 (Closes: #860125)
++ * watch: Updated.
++
++ -- Timo Aaltonen <tjaalton@debian.org> Tue, 09 May 2017 11:06:14 +0300
++
++389-ds-base (1.3.5.15-2) unstable; urgency=medium
++
++ * fix-48986-cve-2017-2591.diff: Fix upstream ticket 48986,
++ CVE-2017-2591. (Closes: #851769)
++
++ -- Timo Aaltonen <tjaalton@debian.org> Fri, 27 Jan 2017 00:01:53 +0200
++
++389-ds-base (1.3.5.15-1) unstable; urgency=medium
++
++ * New upstream release.
++ - CVE-2016-5405 (Closes: #842121)
++
++ -- Timo Aaltonen <tjaalton@debian.org> Wed, 16 Nov 2016 11:01:00 +0200
++
++389-ds-base (1.3.5.14-1) unstable; urgency=medium
++
++ * New upstream release.
++ * postrm: Remove /etc/dirsrv, /var/lib/dirsrv and /var/log/dirsrv on
++ purge.
++ * control: Bump build-dep on libsvrcore-dev to ensure it has support
++ for systemd password agent.
++
++ -- Timo Aaltonen <tjaalton@debian.org> Fri, 28 Oct 2016 01:42:27 +0300
++
++389-ds-base (1.3.5.13-1) unstable; urgency=medium
++
++ * New upstream release.
++ * control: Bump policy to 3.9.8, no changes.
++ * patches/default_user: Dropped, upstream.
++ * support-non-nss-libldap.diff: Dropped, upstream.
++ * fix-obsolete-target.diff: Updated.
++ * patches: Refreshed.
++ * control: Add libsystemd-dev to build-deps.
++ * control: Add acl to -base depends.
++
++ -- Timo Aaltonen <tjaalton@debian.org> Wed, 12 Oct 2016 11:11:20 +0300
++
++389-ds-base (1.3.4.14-2) unstable; urgency=medium
++
++ * tests: Add simple autopkgtests.
++ * postinst: Start instances after offline update.
++ * control, rules: Drop -dbg packages.
++ * control: Drop conflicts on slapd. (Closes: #822532)
++
++ -- Timo Aaltonen <tjaalton@debian.org> Mon, 03 Oct 2016 17:53:26 +0300
++
++389-ds-base (1.3.4.14-1) unstable; urgency=medium
++
++ * New upstream release.
++ * support-non-nss-libldap.diff: Refreshed.
++
++ -- Timo Aaltonen <tjaalton@debian.org> Mon, 29 Aug 2016 10:17:41 +0300
++
++389-ds-base (1.3.4.9-1) unstable; urgency=medium
++
++ * New upstream release.
++ * support-non-nss-libldap.diff: Support libldap built against gnutls.
++ (LP: #1564179)
++
++ -- Timo Aaltonen <tjaalton@debian.org> Mon, 18 Apr 2016 18:08:14 +0300
++
++389-ds-base (1.3.4.8-4) unstable; urgency=medium
++
++ * use-perl-move.diff: Dropped, 'rename' is more reliable.
++
++ -- Timo Aaltonen <tjaalton@debian.org> Wed, 30 Mar 2016 08:38:24 +0300
++
++389-ds-base (1.3.4.8-3) unstable; urgency=medium
++
++ * use-perl-move.diff: Fix 60upgradeschemafiles.pl to use File::Copy.
++ (Closes: #818578)
++
++ -- Timo Aaltonen <tjaalton@debian.org> Fri, 18 Mar 2016 11:15:23 +0200
++
++389-ds-base (1.3.4.8-2) unstable; urgency=medium
++
++ * postinst: Silence ls and adduser.
++ * Drop the init file, we depend on systemd anyway.
++ * rules: Don't enable dirsrv-snmp.service by default.
++ * postrm: Clean up /var/lib/dirsrv/scripts-* on purge.
++ * user-perl-move.diff: Use move instead of rename during upgrade.
++ (Closes: #775550)
++
++ -- Timo Aaltonen <tjaalton@debian.org> Thu, 17 Mar 2016 08:13:38 +0200
++
++389-ds-base (1.3.4.8-1) unstable; urgency=medium
++
++ * New upstream release.
++
++ -- Timo Aaltonen <tjaalton@debian.org> Mon, 22 Feb 2016 07:58:40 +0200
++
++389-ds-base (1.3.4.5-2) unstable; urgency=medium
++
++ * fix-systemctl-path.diff: Use correct path to /bin/systemctl.
++ (Closes: #779653)
++
++ -- Timo Aaltonen <tjaalton@debian.org> Wed, 09 Dec 2015 08:31:20 +0200
++
++389-ds-base (1.3.4.5-1) unstable; urgency=medium
++
++ * New upstream release.
++ * patches: Refreshed.
++
++ -- Timo Aaltonen <tjaalton@debian.org> Wed, 09 Dec 2015 08:14:56 +0200
++
++389-ds-base (1.3.3.13-1) unstable; urgency=medium
++
++ * New upstream release.
++ * control: Add systemd to 389-ds-base Depends. (Closes: #794301)
++ * postrm: Clean target.wants in postrm.
++ * reproducible-build.diff: Make builds reproducible. Thanks, Chris
++ Lamb! (Closes: #799010)
++
++ -- Timo Aaltonen <tjaalton@debian.org> Tue, 20 Oct 2015 14:25:05 +0300
++
++389-ds-base (1.3.3.12-1) unstable; urgency=medium
++
++ * New upstream release
++ - fix CVE-2015-3230 (Closes: #789202)
++
++ -- Timo Aaltonen <tjaalton@debian.org> Wed, 24 Jun 2015 11:47:50 +0300
++
++389-ds-base (1.3.3.10-1) unstable; urgency=medium
++
++ * New upstream release
++ - fix CVE-2015-1854 (Closes: #783923)
++ * postinst: Stop actual instances instead of 'dirsrv' on upgrade, and
++ use service(8) instead of invoke-rc.d.
++
++ -- Timo Aaltonen <tjaalton@debian.org> Thu, 07 May 2015 07:58:35 +0300
++
++389-ds-base (1.3.3.9-1) experimental; urgency=medium
++
++ * New upstream bugfix release.
++ - Drop cve-2014-8*.diff, upstream.
++
++ -- Timo Aaltonen <tjaalton@debian.org> Thu, 02 Apr 2015 14:47:20 +0300
++
++389-ds-base (1.3.3.5-4) unstable; urgency=medium
++
++ * Security fixes (Closes: #779909)
++ - cve-2014-8105.diff: Fix for CVE-2014-8105
++ - cve-2014-8112.diff: Fix for CVE-2014-8112
++
++ -- Timo Aaltonen <tjaalton@debian.org> Mon, 09 Mar 2015 10:53:03 +0200
++
++389-ds-base (1.3.3.5-3) unstable; urgency=medium
++
++ * use-bash-instead-of-sh.diff: Drop admin_scripts.diff and patch the
++ scripts to use bash instead of trying to fix bashisms. (Closes:
++ #772195)
++
++ -- Timo Aaltonen <tjaalton@debian.org> Fri, 16 Jan 2015 15:40:23 +0200
++
++389-ds-base (1.3.3.5-2) unstable; urgency=medium
++
++ * fix-saslpath.diff: Fix SASL library path.
++
++ -- Timo Aaltonen <tjaalton@debian.org> Sat, 25 Oct 2014 01:48:34 +0300
++
++389-ds-base (1.3.3.5-1) unstable; urgency=medium
++
++ * New upstream bugfix release.
++ * control: Bump policy, no changes.
++
++ -- Timo Aaltonen <tjaalton@debian.org> Mon, 20 Oct 2014 09:57:14 +0300
++
++389-ds-base (1.3.3.3-1) unstable; urgency=medium
++
++ * New upstream release.
++ * Dropped upstreamed patches, refresh others.
++ * control, rules, 389-ds-base.install: Add support for systemd.
++ * fix-obsolete-target.diff: Drop syslog.target from the service files.
++ * 389-ds-base.links: Mask the initscript so that it's not used with systemd.
++
++ -- Timo Aaltonen <tjaalton@debian.org> Mon, 06 Oct 2014 17:13:01 +0300
++
++389-ds-base (1.3.2.23-2) unstable; urgency=medium
++
++ * Team upload.
++ * Add fix-bsd.patch and support-kfreebsd.patch to fix the build failure
++ on kFreeBSD.
++
++ -- Benjamin Drung <benjamin.drung@profitbricks.com> Wed, 03 Sep 2014 15:32:22 +0200
++
++389-ds-base (1.3.2.23-1) unstable; urgency=medium
++
++ * New bugfix release.
++ * watch: Update the url.
++ * control: Update Vcs-Browser url to use cgit.
++
++ -- Timo Aaltonen <tjaalton@debian.org> Mon, 01 Sep 2014 13:32:59 +0300
++
++389-ds-base (1.3.2.21-1) unstable; urgency=medium
++
++ * New upstream release.
++ - CVE-2014-3562 (Closes: #757437)
++
++ -- Timo Aaltonen <tjaalton@ubuntu.com> Fri, 08 Aug 2014 10:48:55 +0300
++
++389-ds-base (1.3.2.19-1) unstable; urgency=medium
++
++ * New upstream release.
++ * admin_scripts.diff: Updated to fix more bashisms.
++ * watch: Update the url.
++ * Install failedbinds.py and logregex.py scripts.
++ * init: Use status from init-functions.
++ * control: Update my email.
++
++ -- Timo Aaltonen <tjaalton@debian.org> Tue, 08 Jul 2014 15:50:11 +0300
++
++389-ds-base (1.3.2.9-1.1) unstable; urgency=medium
++
++ * Non-maintainer upload.
++ * Apply fix for CVE-2014-0132, see like named patch (Closes: 741600)
++ * Fix m4-macro for libsrvcore and add missing B-D on libpci-dev
++ (Closes: #745821)
++
++ -- Tobias Frost <tobi@coldtobi.de> Fri, 25 Apr 2014 15:11:16 +0200
++
++389-ds-base (1.3.2.9-1) unstable; urgency=low
++
++ * New upstream release.
++ - fixes CVE-2013-0336 (Closes: #704077)
++ - fixes CVE-2013-1897 (Closes: #704421)
++ - fixes CVE-2013-2219 (Closes: #718325)
++ - fixes CVE-2013-4283 (Closes: #721222)
++ - fixes CVE-2013-4485 (Closes: #730115)
++ * Drop fix-CVE-2013-0312.diff, upstream.
++ * rules: Add new scripts to rename.
++ * fix-sasl-path.diff: Use a triplet path to find libsasl2. (LP:
++ #1088822)
++ * admin_scripts.diff: Add patch from upstream #47511 to fix bashisms.
++ * control: Add ldap-utils to -base depends.
++ * rules, rename-online-scripts.diff: Some scripts with .pl suffix are
++ meant for an online server, so instead of overwriting the offline
++ scripts use -online suffix.
++ * rules: Enable parallel build, but limit the jobs to 1 for
++ dh_auto_install.
++ * control: Bump policy to 3.9.5, no changes.
++ * rules: Add get-orig-source target.
++ * lintian-overrides: Drop obsolete entries, add comments for the rest.
++
++ -- Timo Aaltonen <tjaalton@ubuntu.com> Mon, 03 Feb 2014 11:08:50 +0200
++
++389-ds-base (1.3.0.3-1) unstable; urgency=low
++
++ * New upstream release.
++ * control: Bump the policy to 3.9.4, no changes.
++ * fix-CVE-2013-0312.diff: Patch to fix handling LDAPv3 control data.
++
++ -- Timo Aaltonen <tjaalton@ubuntu.com> Mon, 11 Mar 2013 14:23:20 +0200
++
++389-ds-base (1.2.11.17-1) UNRELEASED; urgency=low
++
++ * New upstream release.
++ * watch: Add a comment about the upstream git tree.
++ * fix-cve-2012-4450.diff: Remove, upstream.
++
++ -- Timo Aaltonen <tjaalton@ubuntu.com> Sat, 01 Dec 2012 14:22:13 +0200
++
++389-ds-base (1.2.11.15-1) unstable; urgency=low
++
++ * New upstream release.
++ * Add fix-cve-2012-4450.diff. (Closes: #688942)
++ * dirsrv.init: Fix stop() to remove the pidfile only when the process
++ is finished. (Closes: #689389)
++ * copyright: Update the source url.
++ * control: Drop quilt from build-depends, since using 3.0 (quilt)
++ * lintian-overrides: Add an override for hardening-no-fortify-
++ functions, since it's a false positive in this case.
++ * control: Drop dpkg-dev from build-depends, no need to specify it
++ directly.
++ * copyright: Add myself as a copyright holder for debian/*.
++ * 389-ds-base.prerm: Add 'set -e'.
++ * rules: drop DEB_HOST_MULTIARCH, dh9 handles it.
++
++ -- Timo Aaltonen <tjaalton@ubuntu.com> Wed, 03 Oct 2012 19:33:52 +0300
++
++389-ds-base (1.2.11.7-5) unstable; urgency=low
++
++ * control: Drop debconf-utils and po-debconf from build-depends.
++ * control: Add libnetaddr-ip-perl and libsocket-getaddrinfo-perl to
++ 389-ds-base Depends for ipv6 support. (Closes: #682847)
++
++ -- Timo Aaltonen <tjaalton@ubuntu.com> Mon, 30 Jul 2012 13:12:23 +0200
++
++389-ds-base (1.2.11.7-4) unstable; urgency=low
++
++ * debian/po: Remove, leftover from the template purge. (Closes: #681543)
++
++ -- Timo Aaltonen <tjaalton@ubuntu.com> Thu, 19 Jul 2012 23:12:01 +0300
++
++389-ds-base (1.2.11.7-3) unstable; urgency=low
++
++ * 389-ds-base.config: Removed, the debconf template is no more.
++ (Closes: #680351)
++ * control: Remove duplicate 'the' from the 389-ds description.
++
++ -- Timo Aaltonen <tjaalton@ubuntu.com> Wed, 11 Jul 2012 11:59:36 +0300
++
++389-ds-base (1.2.11.7-2) unstable; urgency=low
++
++ * control: Stop hardcoding libs to binary depends. (Closes: #679790)
++ * control: Add libnspr4-dev and libldap2-dev to 389-ds-base-dev
++ Depends. (Closes: #679742)
++ * l10n review (Closes: #679870) :
++ - Drop the debconf template, and rewrap README.Debian.
++ - control: Update the descriptions
++
++ -- Timo Aaltonen <tjaalton@ubuntu.com> Tue, 03 Jul 2012 17:58:20 +0300
++
++389-ds-base (1.2.11.7-1) unstable; urgency=low
++
++ [ Timo Aaltonen ]
++ * New upstream release.
++ * watch: Fix the url.
++ * patches/remove_license_prompt: Dropped, included upstream.
++ * patches/default_user: Refreshed.
++ * control: Change the VCS header to point to the git repository.
++ * control: Rename last remnants of Fedora to 389.
++ * changelog, control: Be consistent with the naming; renamed the source
++ to just '389-ds-base', which matches upstream tarball naming.
++ * control: Wrap Depends.
++ * compat, control: Bump compat to 9, and debhelper build-dep to (>= 9).
++ * rules: Switch to dh.
++ * Move dirsrv.lintian to dirsrv.lintian-overrides, adjust dirsrv.install.
++ * *.dirs: Clean up.
++ * control: Build-depend on dh-autoreconf, drop duplicate bdeps.
++ * Fold dirsrv-tools into the main package.
++ * Build against libldap2-dev (>= 2.4.28).
++ * Rename binary package to 389-ds-base.
++ * -dev.install: Install the pkgconfig file.
++ * rules: Enable PIE hardening.
++ * Add a default file, currently sets LD_BIND_NOW=1.
++ * control: 'dbgen' uses old perl libs, add libperl4-corelibs-perl
++ dependency to 389-ds-base.
++ * rules: Add --fail-missing for dh_install, remove files not needed
++ and make sure to install the rest.
++ * rules, control: Fix the installation name of ds-logpipe.py, add
++ python dependency to 389-ds-base..
++ * libns-dshttpd is internal to the server, ship it in 389-ds-base.
++ * Rename libdirsrv{-dev,0} -> 389-ds-base-{dev,libs}, includes only
++ libslapd and headers for external plugin development.
++ * control: Breaks/Replaces old libdirsrv-dev/libdirsrv0/dirsrv.
++ * Drop hyphen_used_as_minus, applied upstream.
++ * copyright: Use DEP5 format.
++ * Cherry-pick upstream commit ee320163c6 to get rid of unnecessary
++ and non-free MIB's from the tree, and build a dfsg compliant tarball.
++ * lintian-overrides: Update, create one for -libs.
++ * Fix the initscript to create the lockdir, and refactor code into separate
++ functions.
++ * Drop obsolete entries from copyright, and make it lintian clean.
++ * debian/po: Refer to the correct file after rename.
++ * control: Bump Standards-Version to 3.9.3, no changes.
++ * postinst: Drop unused 'lastversion'.
++ * patches: Add DEP3 compliant headers.
++ * rules, postinst: Add an error handler function for dh_installinit, so
++ that clean installs don't fail due to missing configuration.
++ * postinst: Run the update tool.
++ * dirsrv.init:
++ - Make the start and stop functions much simpler and LSB compliant
++ - Fix starting multiple instances
++ - Use '-b' for start-stop-daemon, since ns-slapd doesn't detach properly
++ * control: Add 389-ds metapackage.
++ * control: Change libdb4.8-dev build-depends to libdb-dev, since this version
++ supports db5.x.
++ * 389-ds-base.prerm: Add prerm script for removing installed instances on
++ purge.
++
++ [ Krzysztof Klimonda ]
++ * dirsrv.init:
++ - return 0 code if there are no instances configured and tweak message
++ so it doesn't indicate a failure.
++
++ -- Krzysztof Klimonda <kklimonda@syntaxhighlighted.com> Tue, 27 Mar 2012 14:26:16 +0200
++
++389-directory-server (1.2.6.1-5) unstable; urgency=low
++
++ * Removed db_stop from dirsrv.postinst
++ * Fix short description in libdirsrv0-dbg
++
++ -- Michele Baldessari <michele@acksyn.org> Wed, 20 Oct 2010 20:24:20 +0200
++
++389-directory-server (1.2.6.1-4) unstable; urgency=low
++
++ * Make libicu dep dependent on dpkg-vendor
++
++ -- Michele Baldessari <michele@acksyn.org> Mon, 18 Oct 2010 21:21:52 +0200
++
++389-directory-server (1.2.6.1-3) unstable; urgency=low
++
++ * Remove dirsrv user and group in postrm
++ * Clean up postrm and postinst
++
++ -- Michele Baldessari <michele@acksyn.org> Sun, 17 Oct 2010 21:54:08 +0200
++
++389-directory-server (1.2.6.1-2) unstable; urgency=low
++
++ * Fix QUILT_STAMPFN
++
++ -- Michele Baldessari <michele@acksyn.org> Sun, 17 Oct 2010 15:03:34 +0200
++
++389-directory-server (1.2.6.1-1) unstable; urgency=low
++
++ * New upstream
++
++ -- Michele Baldessari <michele@acksyn.org> Sat, 16 Oct 2010 23:08:09 +0200
++
++389-directory-server (1.2.6-2) unstable; urgency=low
++
++ * Update my email address
++
++ -- Michele Baldessari <michele@acksyn.org> Sat, 16 Oct 2010 22:34:19 +0200
++
++389-directory-server (1.2.6-1) unstable; urgency=low
++
++ * New upstream
++ * s/Fedora/389/g to clean up the branding
++ * Remove automatic configuration (breaks too often with every update)
++ * Remove dirsrv.config translation, no questions are asked anymore
++ * Fix old changelog versions with proper ~ on rc versions
++ * Update policy to 3.9.1
++ * Improve README.Debian
++ * Depend on libicu44
++ * Remove /var/run/dirsrv from the postinst scripts (managed by init script)
++
++ -- Michele Baldessari <michele@pupazzo.org> Sat, 04 Sep 2010 11:58:21 +0200
++
++389-directory-server (1.2.6~rc7-1) unstable; urgency=low
++
++ * New upstream
++
++ -- Michele Baldessari <michele@pupazzo.org> Fri, 03 Sep 2010 20:06:08 +0200
++
++389-directory-server (1.2.6~a3-1) unstable; urgency=low
++
++ * New upstream
++ * Rename man page remove-ds.pl in remove-ds
++ * Removed Debian.source
++
++ -- Michele Baldessari <michele@pupazzo.org> Sun, 23 May 2010 22:12:13 +0200
++
++389-directory-server (1.2.6~a2-1) unstable; urgency=low
++
++ * New upstream
++ * Removed speling_fixes patch, applied upstream
++
++ -- Michele Baldessari <michele@pupazzo.org> Sun, 23 May 2010 13:36:25 +0200
++
++389-directory-server (1.2.5-1) unstable; urgency=low
++
++ * New upstream
++ * Add libpcre3-dev Build-dep
++ * ldap-agent moved ti /usr/sbin
++ * Fix spelling errors in code and manpages
++ * Fix some lintian warnings
++ * Bump policy to 3.8.3
++ * Ignore lintian warning pkg-has-shlibs-control-file-but-no-actual-shared-libs
++ as the shlibs file is for dirsrv plugins
++ * Upgraded deps to libicu42 and libdb4.8
++ * Do create /var/lib/dirsrv as dirsrv user's home
++ * Added libsasl2-modules-gssapi-mit as a dependency for dirsrv (needed by
++ mandatory LDAP SASL mechs)
++ * Install all files of etc/dirsrv/config
++ * Add some missing start scripts in usr/sbin
++ * Fixed a bug in the dirsrv.init script
++ * Switch to dpkg-source 3.0 (quilt) format
++ * Bump policy to 3.8.4
++
++ -- Michele Baldessari <michele@pupazzo.org> Sun, 23 May 2010 12:31:24 +0200
++
++389-directory-server (1.2.1-0) unstable; urgency=low
++
++ * Rename of source package (note, since this is still staging work no
++ replace or upgrade is in place)
++ * Update watch file
++ * New Upstream
++
++ -- Michele Baldessari <michele@pupazzo.org> Fri, 12 Jun 2009 22:08:42 +0200
++
++fedora-directory-server (1.2.0-1) unstable; urgency=low
++
++ * New upstream release
++ * Add missing libkrb5-dev dependency
++ * Fix section of -dbg packages
++ * Fix all "dpatch-missing-description" lintian warnings
++
++ -- Michele Baldessari <michele@pupazzo.org> Wed, 22 Apr 2009 23:36:22 +0200
++
++fedora-directory-server (1.1.3-1) unstable; urgency=low
++
++ * New upstream
++ * Added watch file
++ * Make setup-ds use dirsrv:dirsrv user/group as defaults
++ * Added VCS-* fields
++ * --enable-autobind
++ * Add ldap/servers/plugins/replication/winsync-plugin.h to libdirsrv-dev
++
++ -- Michele Baldessari <michele@pupazzo.org> Mon, 24 Nov 2008 22:42:26 +0100
++
++fedora-directory-server (1.1.2-2) unstable; urgency=low
++
++ * Fixed build+configure twice issue
++ * Added Conflicts: slapd (thanks Alessandro)
++
++ -- Michele Baldessari <michele@pupazzo.org> Tue, 23 Sep 2008 21:12:44 +0200
++
++fedora-directory-server (1.1.2-1) unstable; urgency=low
++
++ * New upstream
++ * Removed /usr/sbin PATH from postinst script
++
++ -- Michele Baldessari <michele@pupazzo.org> Sat, 20 Sep 2008 20:10:52 +0000
++
++fedora-directory-server (1.1.1-0) unstable; urgency=low
++
++ * New upstream
++ * Don't apply patch for 439829, fixed upstream
++ * Bump to policy 3.8.0
++ * Added README.source
++
++ -- Michele Baldessari <michele@pupazzo.org> Fri, 22 Aug 2008 00:09:40 +0200
++
++fedora-directory-server (1.1.0-4) unstable; urgency=low
++
++ * dirsrv should depend on libmozilla-ldap-perl (thanks Mathias Kaufmann
++ <steiger@mmforces.de>)
++
++ -- Michele Baldessari <michele@pupazzo.org> Sun, 20 Jul 2008 18:41:58 +0200
++
++fedora-directory-server (1.1.0-3) unstable; urgency=low
++
++ * Fix up some descriptions
++
++ -- Michele Baldessari <michele@pupazzo.org> Sun, 25 May 2008 21:36:32 +0200
++
++fedora-directory-server (1.1.0-2) unstable; urgency=low
++
++ * Silenced init warning messages when chowning pid directory
++
++ -- Michele Baldessari <michele@pupazzo.org> Wed, 21 May 2008 23:08:32 +0200
++
++fedora-directory-server (1.1.0-1) unstable; urgency=low
++
++ * Removed template lintian warning
++ * Cleaned up manpages
++
++ -- Michele Baldessari <michele@pupazzo.org> Sun, 18 May 2008 13:39:58 +0200
++
++fedora-directory-server (1.1.0-0) unstable; urgency=low
++
++ * Initial release (Closes: #497098).
++ * Fixed postinst after renaming setup-ds.pl to setup-ds
++ * Applied patch from https://bugzilla.redhat.com/show_bug.cgi?id=439829 to
++ fix segfault against late NSS versions
++ * Switched to parseable copyright format
++ * Source package is lintian clean now
++ * Added initial manpage patch
++ * Switched to dh_install
++
++ -- Michele Baldessari <michele@pupazzo.org> Thu, 27 Mar 2008 23:56:17 +0200
--- /dev/null
--- /dev/null
++9
--- /dev/null
--- /dev/null
++Source: 389-ds-base
++Section: net
++Priority: optional
++Maintainer: Debian 389ds Team <pkg-fedora-ds-maintainers@lists.alioth.debian.org>
++Uploaders:
++ Timo Aaltonen <tjaalton@debian.org>,
++ Krzysztof Klimonda <kklimonda@syntaxhighlighted.com>,
++Build-Depends:
++ debhelper (>= 9),
++ dh-autoreconf,
++ dh-systemd,
++ libbz2-dev,
++ libdb-dev,
++ libicu-dev,
++ libkrb5-dev,
++ libldap2-dev (>= 2.4.28),
++ libnspr4-dev,
++ libnss3-dev,
++ libpam0g-dev,
++ libpci-dev,
++ libpcre3-dev,
++ libperl-dev,
++ libsasl2-dev,
++ libsnmp-dev,
++ libssl-dev,
++ libsvrcore-dev (>= 1:4.1.2+dfsg1-3),
++ libsystemd-dev,
++ pkg-config,
++ zlib1g-dev,
++Standards-Version: 3.9.8
++Vcs-Git: git://anonscm.debian.org/pkg-fedora-ds/389-ds-base.git
++Vcs-Browser: http://anonscm.debian.org/cgit/pkg-fedora-ds/389-ds-base.git
++Homepage: http://directory.fedoraproject.org
++
++Package: 389-ds
++Architecture: all
++Depends:
++ 389-admin,
++ 389-admin-console,
++ 389-console,
++ 389-ds-base,
++ 389-ds-console,
++ 389-dsgw,
++ ${misc:Depends},
++Description: 389 Directory Server suite - metapackage
++ Based on the Lightweight Directory Access Protocol (LDAP), the 389
++ Directory Server is designed to manage large directories of users and
++ resources robustly and scalably.
++ .
++ This is a metapackage depending on the LDAPv3 server, the HTTP
++ daemon used for server administration, and the graphical console used
++ for server and user/group administration.
++
++Package: 389-ds-base-libs
++Section: libs
++Architecture: any
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${misc:Depends}, ${shlibs:Depends}
++Breaks: libdirsrv0
++Replaces: libdirsrv0
++Description: 389 Directory Server suite - libraries
++ Based on the Lightweight Directory Access Protocol (LDAP), the 389
++ Directory Server is designed to manage large directories of users and
++ resources robustly and scalably.
++ .
++ This package contains core libraries for the 389 Directory Server.
++
++Package: 389-ds-base-dev
++Section: libdevel
++Architecture: any
++Depends:
++ 389-ds-base-libs (= ${binary:Version}),
++ libldap2-dev,
++ libnspr4-dev,
++ ${misc:Depends},
++ ${shlibs:Depends},
++Breaks: libdirsrv-dev
++Replaces: libdirsrv-dev
++Description: 389 Directory Server suite - development files
++ Based on the Lightweight Directory Access Protocol (LDAP), the 389
++ Directory Server is designed to manage large directories of users and
++ resources robustly and scalably.
++ .
++ This package contains development headers for the core libraries
++ of the 389 Directory Server, useful for developing plugins without
++ having to install the server itself.
++
++Package: 389-ds-base
++Architecture: any
++Pre-Depends: debconf (>= 0.5) | debconf-2.0
++Depends:
++ 389-ds-base-libs (= ${binary:Version}),
++ adduser,
++ acl,
++ ldap-utils,
++ libmozilla-ldap-perl,
++ libnetaddr-ip-perl,
++ libperl4-corelibs-perl | perl (<< 5.12.3-7),
++ libsasl2-modules-gssapi-mit,
++ libsocket-getaddrinfo-perl,
++ python,
++ systemd,
++ ${misc:Depends},
++ ${shlibs:Depends},
++Breaks: dirsrv, libdirsrv-dev, libdirsrv0
++Replaces: dirsrv, libdirsrv-dev, libdirsrv0
++Description: 389 Directory Server suite - server
++ Based on the Lightweight Directory Access Protocol (LDAP), the 389
++ Directory Server is designed to manage large directories of users and
++ resources robustly and scalably.
++ .
++ Its key features include:
++ * four-way multi-master replication;
++ * great scalability;
++ * extensive documentation;
++ * Active Directory user and group synchronization;
++ * secure authentication and transport;
++ * support for LDAPv3;
++ * graphical management console;
++ * on-line, zero downtime update of schema, configuration, and
++ in-tree Access Control Information.
++
--- /dev/null
--- /dev/null
++Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
++Upstream-name: 389-ds-base
++Source: http://directory.fedoraproject.org/wiki/Source
++
++Files: *
++Copyright: 2001 Sun Microsystems, Inc.
++ 2005 Red Hat, Inc.
++License: GPL-2 and Other
++
++Files: ldap/libraries/libavl/*.[ch] ldap/servers/slapd/abandon.c
++ ldap/servers/slapd/add.c ldap/servers/slapd/abandon.c
++ ldap/servers/slapd/add.c ldap/servers/slapd/bind.c
++ ldap/servers/slapd/bulk_import.c ldap/servers/slapd/compare.c
++ ldap/servers/slapd/delete.c ldap/servers/slapd/detach.c
++ ldap/servers/slapd/globals.c ldap/servers/slapd/modify.c
++ ldap/servers/slapd/modrdn.c ldap/servers/slapd/monitor.c
++ ldap/servers/slapd/search.c ldap/servers/slapd/unbind.c
++Copyright: 1993 Regents of the University of Michigan
++ 2001 Sun Microsystems, Inc.
++ 2005 Red Hat, Inc.
++License: GPL-2 and Other
++
++Files: ldap/servers/slapd/tools/ldaptool.h
++Copyright: 1998 Netscape Communication Corporation
++License: GPL-2+ or LGPL-2.1 or MPL-1.1
++
++Files: ldap/servers/slapd/tools/ldaptool-sasl.c
++ ldap/servers/slapd/tools/ldaptool-sasl.h
++Copyright: 2005 Sun Microsystems, Inc.
++License: GPL-2+ or LGPL-2.1 or MPL-1.1
++
++Files: m4/*
++Copyright: 2006, 2007 Red Hat, Inc.
++License: GPL-2+
++
++Files: debian/*
++Copyright: 2008 Michele Baldessari <michele@acksyn.org>
++ 2012 Timo Aaltonen <tjaalton@ubuntu.com>
++License: GPL-2+ or LGPL-2.1 or MPL-1.1
++
++License: Other
++ In addition, as a special exception, Red Hat, Inc. gives You the additional
++ right to link the code of this Program with code not covered under the GNU
++ General Public License ("Non-GPL Code") and to distribute linked combinations
++ including the two, subject to the limitations in this paragraph. Non-GPL Code
++ permitted under this exception must only link to the code of this Program
++ through those well defined interfaces identified in the file named EXCEPTION
++ found in the source code files (the "Approved Interfaces"). The files of
++ Non-GPL Code may instantiate templates or use macros or inline functions from
++ the Approved Interfaces without causing the resulting work to be covered by
++ the GNU General Public License. Only Red Hat, Inc. may make changes or
++ additions to the list of Approved Interfaces. You must obey the GNU General
++ Public License in all respects for all of the Program code and other code used
++ in conjunction with the Program except the Non-GPL Code covered by this
++ exception. If you modify this file, you may extend this exception to your
++ version of the file, but you are not obligated to do so. If you do not wish to
++ provide this exception without modification, you must delete this exception
++ statement from your version and license this file solely under the GPL without
++ exception.
++
++License: GPL-2 or GPL-2+
++ On Debian machines the full text of the GNU General Public License
++ can be found in the file /usr/share/common-licenses/GPL-2.
++
++License: LGPL-2.1
++ On Debian machines the full text of the GNU General Public License
++ can be found in the file /usr/share/common-licenses/LGPL-2.1.
++
++
++License: MPL-1.1
++ MOZILLA PUBLIC LICENSE
++ Version 1.1
++ .
++ ---------------
++ .
++ 1. Definitions.
++ .
++ 1.0.1. "Commercial Use" means distribution or otherwise making the
++ Covered Code available to a third party.
++ .
++ 1.1. "Contributor" means each entity that creates or contributes to
++ the creation of Modifications.
++ .
++ 1.2. "Contributor Version" means the combination of the Original
++ Code, prior Modifications used by a Contributor, and the Modifications
++ made by that particular Contributor.
++ .
++ 1.3. "Covered Code" means the Original Code or Modifications or the
++ combination of the Original Code and Modifications, in each case
++ including portions thereof.
++ .
++ 1.4. "Electronic Distribution Mechanism" means a mechanism generally
++ accepted in the software development community for the electronic
++ transfer of data.
++ .
++ 1.5. "Executable" means Covered Code in any form other than Source
++ Code.
++ .
++ 1.6. "Initial Developer" means the individual or entity identified
++ as the Initial Developer in the Source Code notice required by Exhibit
++ A.
++ .
++ 1.7. "Larger Work" means a work which combines Covered Code or
++ portions thereof with code not governed by the terms of this License.
++ .
++ 1.8. "License" means this document.
++ .
++ 1.8.1. "Licensable" means having the right to grant, to the maximum
++ extent possible, whether at the time of the initial grant or
++ subsequently acquired, any and all of the rights conveyed herein.
++ .
++ 1.9. "Modifications" means any addition to or deletion from the
++ substance or structure of either the Original Code or any previous
++ Modifications. When Covered Code is released as a series of files, a
++ Modification is:
++ A. Any addition to or deletion from the contents of a file
++ containing Original Code or previous Modifications.
++ .
++ B. Any new file that contains any part of the Original Code or
++ previous Modifications.
++ .
++ 1.10. "Original Code" means Source Code of computer software code
++ which is described in the Source Code notice required by Exhibit A as
++ Original Code, and which, at the time of its release under this
++ License is not already Covered Code governed by this License.
++ .
++ 1.10.1. "Patent Claims" means any patent claim(s), now owned or
++ hereafter acquired, including without limitation, method, process,
++ and apparatus claims, in any patent Licensable by grantor.
++ .
++ 1.11. "Source Code" means the preferred form of the Covered Code for
++ making modifications to it, including all modules it contains, plus
++ any associated interface definition files, scripts used to control
++ compilation and installation of an Executable, or source code
++ differential comparisons against either the Original Code or another
++ well known, available Covered Code of the Contributor's choice. The
++ Source Code can be in a compressed or archival form, provided the
++ appropriate decompression or de-archiving software is widely available
++ for no charge.
++ .
++ 1.12. "You" (or "Your") means an individual or a legal entity
++ exercising rights under, and complying with all of the terms of, this
++ License or a future version of this License issued under Section 6.1.
++ For legal entities, "You" includes any entity which controls, is
++ controlled by, or is under common control with You. For purposes of
++ this definition, "control" means (a) the power, direct or indirect,
++ to cause the direction or management of such entity, whether by
++ contract or otherwise, or (b) ownership of more than fifty percent
++ (50%) of the outstanding shares or beneficial ownership of such
++ entity.
++ .
++ 2. Source Code License.
++ .
++ 2.1. The Initial Developer Grant.
++ The Initial Developer hereby grants You a world-wide, royalty-free,
++ non-exclusive license, subject to third party intellectual property
++ claims:
++ (a) under intellectual property rights (other than patent or
++ trademark) Licensable by Initial Developer to use, reproduce,
++ modify, display, perform, sublicense and distribute the Original
++ Code (or portions thereof) with or without Modifications, and/or
++ as part of a Larger Work; and
++ .
++ (b) under Patents Claims infringed by the making, using or
++ selling of Original Code, to make, have made, use, practice,
++ sell, and offer for sale, and/or otherwise dispose of the
++ Original Code (or portions thereof).
++ .
++ (c) the licenses granted in this Section 2.1(a) and (b) are
++ effective on the date Initial Developer first distributes
++ Original Code under the terms of this License.
++ .
++ (d) Notwithstanding Section 2.1(b) above, no patent license is
++ granted: 1) for code that You delete from the Original Code; 2)
++ separate from the Original Code; or 3) for infringements caused
++ by: i) the modification of the Original Code or ii) the
++ combination of the Original Code with other software or devices.
++ .
++ 2.2. Contributor Grant.
++ Subject to third party intellectual property claims, each Contributor
++ hereby grants You a world-wide, royalty-free, non-exclusive license
++ .
++ (a) under intellectual property rights (other than patent or
++ trademark) Licensable by Contributor, to use, reproduce, modify,
++ display, perform, sublicense and distribute the Modifications
++ created by such Contributor (or portions thereof) either on an
++ unmodified basis, with other Modifications, as Covered Code
++ and/or as part of a Larger Work; and
++ .
++ (b) under Patent Claims infringed by the making, using, or
++ selling of Modifications made by that Contributor either alone
++ and/or in combination with its Contributor Version (or portions
++ of such combination), to make, use, sell, offer for sale, have
++ made, and/or otherwise dispose of: 1) Modifications made by that
++ Contributor (or portions thereof); and 2) the combination of
++ Modifications made by that Contributor with its Contributor
++ Version (or portions of such combination).
++ .
++ (c) the licenses granted in Sections 2.2(a) and 2.2(b) are
++ effective on the date Contributor first makes Commercial Use of
++ the Covered Code.
++ .
++ (d) Notwithstanding Section 2.2(b) above, no patent license is
++ granted: 1) for any code that Contributor has deleted from the
++ Contributor Version; 2) separate from the Contributor Version;
++ 3) for infringements caused by: i) third party modifications of
++ Contributor Version or ii) the combination of Modifications made
++ by that Contributor with other software (except as part of the
++ Contributor Version) or other devices; or 4) under Patent Claims
++ infringed by Covered Code in the absence of Modifications made by
++ that Contributor.
++ .
++ 3. Distribution Obligations.
++ .
++ 3.1. Application of License.
++ The Modifications which You create or to which You contribute are
++ governed by the terms of this License, including without limitation
++ Section 2.2. The Source Code version of Covered Code may be
++ distributed only under the terms of this License or a future version
++ of this License released under Section 6.1, and You must include a
++ copy of this License with every copy of the Source Code You
++ distribute. You may not offer or impose any terms on any Source Code
++ version that alters or restricts the applicable version of this
++ License or the recipients' rights hereunder. However, You may include
++ an additional document offering the additional rights described in
++ Section 3.5.
++ .
++ 3.2. Availability of Source Code.
++ Any Modification which You create or to which You contribute must be
++ made available in Source Code form under the terms of this License
++ either on the same media as an Executable version or via an accepted
++ Electronic Distribution Mechanism to anyone to whom you made an
++ Executable version available; and if made available via Electronic
++ Distribution Mechanism, must remain available for at least twelve (12)
++ months after the date it initially became available, or at least six
++ (6) months after a subsequent version of that particular Modification
++ has been made available to such recipients. You are responsible for
++ ensuring that the Source Code version remains available even if the
++ Electronic Distribution Mechanism is maintained by a third party.
++ .
++ 3.3. Description of Modifications.
++ You must cause all Covered Code to which You contribute to contain a
++ file documenting the changes You made to create that Covered Code and
++ the date of any change. You must include a prominent statement that
++ the Modification is derived, directly or indirectly, from Original
++ Code provided by the Initial Developer and including the name of the
++ Initial Developer in (a) the Source Code, and (b) in any notice in an
++ Executable version or related documentation in which You describe the
++ origin or ownership of the Covered Code.
++ .
++ 3.4. Intellectual Property Matters
++ (a) Third Party Claims.
++ If Contributor has knowledge that a license under a third party's
++ intellectual property rights is required to exercise the rights
++ granted by such Contributor under Sections 2.1 or 2.2,
++ Contributor must include a text file with the Source Code
++ distribution titled "LEGAL" which describes the claim and the
++ party making the claim in sufficient detail that a recipient will
++ know whom to contact. If Contributor obtains such knowledge after
++ the Modification is made available as described in Section 3.2,
++ Contributor shall promptly modify the LEGAL file in all copies
++ Contributor makes available thereafter and shall take other steps
++ (such as notifying appropriate mailing lists or newsgroups)
++ reasonably calculated to inform those who received the Covered
++ Code that new knowledge has been obtained.
++ .
++ (b) Contributor APIs.
++ If Contributor's Modifications include an application programming
++ interface and Contributor has knowledge of patent licenses which
++ are reasonably necessary to implement that API, Contributor must
++ also include this information in the LEGAL file.
++ .
++ (c) Representations.
++ Contributor represents that, except as disclosed pursuant to
++ Section 3.4(a) above, Contributor believes that Contributor's
++ Modifications are Contributor's original creation(s) and/or
++ Contributor has sufficient rights to grant the rights conveyed by
++ this License.
++ .
++ 3.5. Required Notices.
++ You must duplicate the notice in Exhibit A in each file of the Source
++ Code. If it is not possible to put such notice in a particular Source
++ Code file due to its structure, then You must include such notice in a
++ location (such as a relevant directory) where a user would be likely
++ to look for such a notice. If You created one or more Modification(s)
++ You may add your name as a Contributor to the notice described in
++ Exhibit A. You must also duplicate this License in any documentation
++ for the Source Code where You describe recipients' rights or ownership
++ rights relating to Covered Code. You may choose to offer, and to
++ charge a fee for, warranty, support, indemnity or liability
++ obligations to one or more recipients of Covered Code. However, You
++ may do so only on Your own behalf, and not on behalf of the Initial
++ Developer or any Contributor. You must make it absolutely clear than
++ any such warranty, support, indemnity or liability obligation is
++ offered by You alone, and You hereby agree to indemnify the Initial
++ Developer and every Contributor for any liability incurred by the
++ Initial Developer or such Contributor as a result of warranty,
++ support, indemnity or liability terms You offer.
++ .
++ 3.6. Distribution of Executable Versions.
++ You may distribute Covered Code in Executable form only if the
++ requirements of Section 3.1-3.5 have been met for that Covered Code,
++ and if You include a notice stating that the Source Code version of
++ the Covered Code is available under the terms of this License,
++ including a description of how and where You have fulfilled the
++ obligations of Section 3.2. The notice must be conspicuously included
++ in any notice in an Executable version, related documentation or
++ collateral in which You describe recipients' rights relating to the
++ Covered Code. You may distribute the Executable version of Covered
++ Code or ownership rights under a license of Your choice, which may
++ contain terms different from this License, provided that You are in
++ compliance with the terms of this License and that the license for the
++ Executable version does not attempt to limit or alter the recipient's
++ rights in the Source Code version from the rights set forth in this
++ License. If You distribute the Executable version under a different
++ license You must make it absolutely clear that any terms which differ
++ from this License are offered by You alone, not by the Initial
++ Developer or any Contributor. You hereby agree to indemnify the
++ Initial Developer and every Contributor for any liability incurred by
++ the Initial Developer or such Contributor as a result of any such
++ terms You offer.
++ .
++ 3.7. Larger Works.
++ You may create a Larger Work by combining Covered Code with other code
++ not governed by the terms of this License and distribute the Larger
++ Work as a single product. In such a case, You must make sure the
++ requirements of this License are fulfilled for the Covered Code.
++ .
++ 4. Inability to Comply Due to Statute or Regulation.
++ .
++ If it is impossible for You to comply with any of the terms of this
++ License with respect to some or all of the Covered Code due to
++ statute, judicial order, or regulation then You must: (a) comply with
++ the terms of this License to the maximum extent possible; and (b)
++ describe the limitations and the code they affect. Such description
++ must be included in the LEGAL file described in Section 3.4 and must
++ be included with all distributions of the Source Code. Except to the
++ extent prohibited by statute or regulation, such description must be
++ sufficiently detailed for a recipient of ordinary skill to be able to
++ understand it.
++ .
++ 5. Application of this License.
++ .
++ This License applies to code to which the Initial Developer has
++ attached the notice in Exhibit A and to related Covered Code.
++ .
++ 6. Versions of the License.
++ .
++ 6.1. New Versions.
++ Netscape Communications Corporation ("Netscape") may publish revised
++ and/or new versions of the License from time to time. Each version
++ will be given a distinguishing version number.
++ .
++ 6.2. Effect of New Versions.
++ Once Covered Code has been published under a particular version of the
++ License, You may always continue to use it under the terms of that
++ version. You may also choose to use such Covered Code under the terms
++ of any subsequent version of the License published by Netscape. No one
++ other than Netscape has the right to modify the terms applicable to
++ Covered Code created under this License.
++ .
++ 6.3. Derivative Works.
++ If You create or use a modified version of this License (which you may
++ only do in order to apply it to code which is not already Covered Code
++ governed by this License), You must (a) rename Your license so that
++ the phrases "Mozilla", "MOZILLAPL", "MOZPL", "Netscape",
++ "MPL", "NPL" or any confusingly similar phrase do not appear in your
++ license (except to note that your license differs from this License)
++ and (b) otherwise make it clear that Your version of the license
++ contains terms which differ from the Mozilla Public License and
++ Netscape Public License. (Filling in the name of the Initial
++ Developer, Original Code or Contributor in the notice described in
++ Exhibit A shall not of themselves be deemed to be modifications of
++ this License.)
++ .
++ 7. DISCLAIMER OF WARRANTY.
++ .
++ COVERED CODE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS,
++ WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING,
++ WITHOUT LIMITATION, WARRANTIES THAT THE COVERED CODE IS FREE OF
++ DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING.
++ THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED CODE
++ IS WITH YOU. SHOULD ANY COVERED CODE PROVE DEFECTIVE IN ANY RESPECT,
++ YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE
++ COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER
++ OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF
++ ANY COVERED CODE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER.
++ .
++ 8. TERMINATION.
++ .
++ 8.1. This License and the rights granted hereunder will terminate
++ automatically if You fail to comply with terms herein and fail to cure
++ such breach within 30 days of becoming aware of the breach. All
++ sublicenses to the Covered Code which are properly granted shall
++ survive any termination of this License. Provisions which, by their
++ nature, must remain in effect beyond the termination of this License
++ shall survive.
++ .
++ 8.2. If You initiate litigation by asserting a patent infringement
++ claim (excluding declatory judgment actions) against Initial Developer
++ or a Contributor (the Initial Developer or Contributor against whom
++ You file such action is referred to as "Participant") alleging that:
++ .
++ (a) such Participant's Contributor Version directly or indirectly
++ infringes any patent, then any and all rights granted by such
++ Participant to You under Sections 2.1 and/or 2.2 of this License
++ shall, upon 60 days notice from Participant terminate prospectively,
++ unless if within 60 days after receipt of notice You either: (i)
++ agree in writing to pay Participant a mutually agreeable reasonable
++ royalty for Your past and future use of Modifications made by such
++ Participant, or (ii) withdraw Your litigation claim with respect to
++ the Contributor Version against such Participant. If within 60 days
++ of notice, a reasonable royalty and payment arrangement are not
++ mutually agreed upon in writing by the parties or the litigation claim
++ is not withdrawn, the rights granted by Participant to You under
++ Sections 2.1 and/or 2.2 automatically terminate at the expiration of
++ the 60 day notice period specified above.
++ .
++ (b) any software, hardware, or device, other than such Participant's
++ Contributor Version, directly or indirectly infringes any patent, then
++ any rights granted to You by such Participant under Sections 2.1(b)
++ and 2.2(b) are revoked effective as of the date You first made, used,
++ sold, distributed, or had made, Modifications made by that
++ Participant.
++ .
++ 8.3. If You assert a patent infringement claim against Participant
++ alleging that such Participant's Contributor Version directly or
++ indirectly infringes any patent where such claim is resolved (such as
++ by license or settlement) prior to the initiation of patent
++ infringement litigation, then the reasonable value of the licenses
++ granted by such Participant under Sections 2.1 or 2.2 shall be taken
++ into account in determining the amount or value of any payment or
++ license.
++ .
++ 8.4. In the event of termination under Sections 8.1 or 8.2 above,
++ all end user license agreements (excluding distributors and resellers)
++ which have been validly granted by You or any distributor hereunder
++ prior to termination shall survive termination.
++ .
++ 9. LIMITATION OF LIABILITY.
++ .
++ UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT
++ (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL
++ DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED CODE,
++ OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR
++ ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY
++ CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL,
++ WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER
++ COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN
++ INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF
++ LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY
++ RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW
++ PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE
++ EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO
++ THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU.
++ .
++ 10. U.S. GOVERNMENT END USERS.
++ .
++ The Covered Code is a "commercial item," as that term is defined in
++ 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer
++ software" and "commercial computer software documentation," as such
++ terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48
++ C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995),
++ all U.S. Government End Users acquire Covered Code with only those
++ rights set forth herein.
++ .
++ 11. MISCELLANEOUS.
++ .
++ This License represents the complete agreement concerning subject
++ matter hereof. If any provision of this License is held to be
++ unenforceable, such provision shall be reformed only to the extent
++ necessary to make it enforceable. This License shall be governed by
++ California law provisions (except to the extent applicable law, if
++ any, provides otherwise), excluding its conflict-of-law provisions.
++ With respect to disputes in which at least one party is a citizen of,
++ or an entity chartered or registered to do business in the United
++ States of America, any litigation relating to this License shall be
++ subject to the jurisdiction of the Federal Courts of the Northern
++ District of California, with venue lying in Santa Clara County,
++ California, with the losing party responsible for costs, including
++ without limitation, court costs and reasonable attorneys' fees and
++ expenses. The application of the United Nations Convention on
++ Contracts for the International Sale of Goods is expressly excluded.
++ Any law or regulation which provides that the language of a contract
++ shall be construed against the drafter shall not apply to this
++ License.
++ .
++ 12. RESPONSIBILITY FOR CLAIMS.
++ .
++ As between Initial Developer and the Contributors, each party is
++ responsible for claims and damages arising, directly or indirectly,
++ out of its utilization of rights under this License and You agree to
++ work with Initial Developer and Contributors to distribute such
++ responsibility on an equitable basis. Nothing herein is intended or
++ shall be deemed to constitute any admission of liability.
++ .
++ 13. MULTIPLE-LICENSED CODE.
++ .
++ Initial Developer may designate portions of the Covered Code as
++ "Multiple-Licensed". "Multiple-Licensed" means that the Initial
++ Developer permits you to utilize portions of the Covered Code under
++ Your choice of the NPL or the alternative licenses, if any, specified
++ by the Initial Developer in the file described in Exhibit A.
++ .
++ EXHIBIT A -Mozilla Public License.
++ .
++ ``The contents of this file are subject to the Mozilla Public License
++ Version 1.1 (the "License"); you may not use this file except in
++ compliance with the License. You may obtain a copy of the License at
++ http://www.mozilla.org/MPL/
++ .
++ Software distributed under the License is distributed on an "AS IS"
++ basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
++ License for the specific language governing rights and limitations
++ under the License.
++ .
++ The Original Code is ______________________________________.
++ .
++ The Initial Developer of the Original Code is ________________________.
++ Portions created by ______________________ are Copyright (C) ______
++ _______________________. All Rights Reserved.
++ .
++ Contributor(s): ______________________________________.
++ .
++ Alternatively, the contents of this file may be used under the terms
++ of the _____ license (the "[___] License"), in which case the
++ provisions of [______] License are applicable instead of those
++ above. If you wish to allow use of your version of this file only
++ under the terms of the [____] License and not to allow others to use
++ your version of this file under the MPL, indicate your decision by
++ deleting the provisions above and replace them with the notice and
++ other provisions required by the [___] License. If you do not delete
++ the provisions above, a recipient may use your version of this file
++ under either the MPL or the [___] License."
++ .
++ [NOTE: The text of this Exhibit A may differ slightly from the text of
++ the notices in the Source Code files of the Original Code. You should
++ use the text of this Exhibit A rather than the text found in the
++ Original Code Source Code for Your Modifications.]
--- /dev/null
--- /dev/null
++commit ffda694dd622b31277da07be76d3469fad86150f
++Author: William Brown <william@blackhats.net.au>
++Date: Wed Sep 28 10:46:21 2016 +1000
++
++ Ticket 48986 - 47808 triggers overflow in uiduniq.c
++
++ Bug Description: Certain configurations of uiduniq.c would cause an overflow
++ when running with Address Sanitiser
++
++ Fix Description: Increase the size of the allocation to tmp_config->attrs.
++
++ https://fedorahosted.org/389/ticket/48986
++
++ Author: nhosoi
++
++ Reviewed by: wibrown
++
++diff --git a/ldap/servers/plugins/uiduniq/uid.c b/ldap/servers/plugins/uiduniq/uid.c
++index d1d0162..2aba17a 100644
++--- a/ldap/servers/plugins/uiduniq/uid.c
+++++ b/ldap/servers/plugins/uiduniq/uid.c
++@@ -302,7 +302,7 @@ uniqueness_entry_to_config(Slapi_PBlock *pb, Slapi_Entry *config_entry)
++ }
++
++ /* Store attrName in the config */
++- tmp_config->attrs = (const char **) slapi_ch_calloc(1, sizeof(char *));
+++ tmp_config->attrs = (const char **) slapi_ch_calloc(2, sizeof(char *));
++ tmp_config->attrs[0] = slapi_ch_strdup(attrName);
++ argc--;
++ argv++; /* First argument was attribute name and remaining are subtrees */
++@@ -345,7 +345,7 @@ uniqueness_entry_to_config(Slapi_PBlock *pb, Slapi_Entry *config_entry)
++ * - requiredObjectClass
++ */
++ /* Store attrName in the config */
++- tmp_config->attrs = (const char **) slapi_ch_calloc(1, sizeof(char *));
+++ tmp_config->attrs = (const char **) slapi_ch_calloc(2, sizeof(char *));
++ tmp_config->attrs[0] = slapi_ch_strdup(attrName);
++
++ /* There is no subtrees */
--- /dev/null
--- /dev/null
++Description: Fix build on kFreeBSD (and probably other BSD systems)
++ 1) ENODATA is no ISO C standard and is missing on BSD.
++ 2) The sysctl for the TCP keepalive interval is net.inet.tcp.keepintvl
++ on BSD.
++Author: Benjamin Drung <benjamin.drung@profitbricks.com>
++
++--- a/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c
+++++ b/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c
++@@ -66,6 +66,10 @@ typedef struct _rdn_elem {
++
++ #define TMPID 0 /* Used for the fake ID */
++
+++#ifndef ENODATA /* not defined on BSD systems */
+++#define ENODATA ENOMSG
+++#endif
+++
++ /* RDN(s) which can be added even if no suffix exists in the entryrdn index */
++ const char *rdn_exceptions[] = {
++ "nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff",
++--- a/ldap/systools/idsktune.c
+++++ b/ldap/systools/idsktune.c
++@@ -165,6 +165,11 @@ int mem_rec = 1024;
++ #define NAME_TCP_KEEPALIVE_INTERVAL "net.ipv4.tcp_keepalive_time"
++ #endif
++
+++#if defined(IDDS_BSD_SYSCTL)
+++#define NAME_TCP_SMALLEST_ANON_PORT "net.inet.ip.portrange.hifirst"
+++#define NAME_TCP_KEEPALIVE_INTERVAL "net.inet.tcp.keepintvl"
+++#endif
+++
++ #if defined(__sun) || defined(__hpux) || defined(IDDS_LINUX_SYSCTL)
++
++ long ndd_tcp_conn_req_max_q = 0;
--- /dev/null
--- /dev/null
++--- a/wrappers/systemd-snmp.service.in
+++++ b/wrappers/systemd-snmp.service.in
++@@ -5,7 +5,7 @@
++ # systemctl (re)start dirsrv-snmp.service
++ [Unit]
++ Description=@capbrand@ Directory Server SNMP Subagent.
++-After=syslog.target network.target
+++After=network.target
++
++ [Service]
++ Type=forking
++--- a/wrappers/systemd.group.in
+++++ b/wrappers/systemd.group.in
++@@ -1,6 +1,6 @@
++ [Unit]
++ Description=@capbrand@ Directory Server
++-After=chronyd.service ntpd.service network-online.target syslog.target
+++After=chronyd.service ntpd.service network-online.target
++
++ [Install]
++ WantedBy=multi-user.target
--- /dev/null
--- /dev/null
++--- a/ldap/servers/slapd/ldaputil.c
+++++ b/ldap/servers/slapd/ldaputil.c
++@@ -980,10 +980,10 @@ ldaputil_get_saslpath()
++ if (PR_SUCCESS != PR_Access(saslpath, PR_ACCESS_EXISTS)) {
++ #ifdef CPU_arm
++ /* the 64-bit ARMv8 architecture. */
++- saslpath = "/usr/lib/aarch64-linux-gnu";
+++ saslpath = "/usr/lib/aarch64-linux-gnu/sasl2";
++ #else
++ /* Try x86_64 gnu triplet */
++- saslpath = "/usr/lib/x86_64-linux-gnu";
+++ saslpath = "/usr/lib/x86_64-linux-gnu/sasl2";
++ #endif
++ }
++ #else
++@@ -991,14 +991,14 @@ ldaputil_get_saslpath()
++ if (PR_SUCCESS != PR_Access(saslpath, PR_ACCESS_EXISTS)) {
++ #ifdef CPU_arm
++ /* the latest 32 bit ARM architecture using the hard-float version of EABI. */
++- saslpath = "/usr/lib/arm-linux-gnueabihf";
+++ saslpath = "/usr/lib/arm-linux-gnueabihf/sasl2";
++ if (PR_SUCCESS != PR_Access(saslpath, PR_ACCESS_EXISTS)) {
++ /* the 32 bit ARM architecture of EABI. */
++- saslpath = "/usr/lib/arm-linux-gnueabi";
+++ saslpath = "/usr/lib/arm-linux-gnueabi/sasl2";
++ }
++ #else
++ /* Try i386 gnu triplet */
++- saslpath = "/usr/lib/i386-linux-gnu";
+++ saslpath = "/usr/lib/i386-linux-gnu/sasl2";
++ #endif
++ }
++ #endif
--- /dev/null
--- /dev/null
++Description: Fix the path to systemctl binary
++Author: Timo Aaltonen <tjaalton@debian.org>
++
++--- a/ldap/admin/src/scripts/start-dirsrv.in
+++++ b/ldap/admin/src/scripts/start-dirsrv.in
++@@ -55,7 +55,7 @@ start_instance() {
++ # otherwise start the instance the old way.
++ #
++ if [ -d "@systemdsystemunitdir@" ] && [ $(id -u) -eq 0 ];then
++- @bindir@/systemctl start @package_name@@$SERV_ID.service
+++ /bin/systemctl start @package_name@@$SERV_ID.service
++ if [ $? -ne 0 ]; then
++ return 1
++ fi
++--- a/ldap/admin/src/scripts/stop-dirsrv.in
+++++ b/ldap/admin/src/scripts/stop-dirsrv.in
++@@ -43,12 +43,12 @@ stop_instance() {
++ #
++ # Now, check if systemctl is aware of this running instance
++ #
++- @bindir@/systemctl is-active @package_name@@$SERV_ID.service > /dev/null 2>&1
+++ /bin/systemctl is-active @package_name@@$SERV_ID.service > /dev/null 2>&1
++ if [ $? -eq 0 ]; then
++ #
++ # systemctl sees the running process, so stop it correctly
++ #
++- @bindir@/systemctl stop @package_name@@$SERV_ID.service
+++ /bin/systemctl stop @package_name@@$SERV_ID.service
++ else
++ #
++ # Have to kill it since systemctl doesn't think it's running
--- /dev/null
--- /dev/null
++diff --git a/Makefile.am b/Makefile.am
++index d54a2cc..f885eea 100644
++--- a/Makefile.am
+++++ b/Makefile.am
++@@ -1059,9 +1059,6 @@ libslapd_la_SOURCES = ldap/servers/slapd/add.c \
++ $(libavl_a_SOURCES)
++
++ libslapd_la_CPPFLAGS = $(PLUGIN_CPPFLAGS) @sasl_inc@ @db_inc@ @svrcore_inc@ @kerberos_inc@ @pcre_inc@
++-if SPARC
++-libslapd_la_SOURCES += ldap/servers/slapd/slapi_counter_sunos_sparcv9.S
++-endif
++ libslapd_la_LIBADD = $(LDAPSDK_LINK) $(SASL_LINK) $(NUNC_STANS_LINK) $(SVRCORE_LINK) $(NSS_LINK) $(NSPR_LINK) $(KERBEROS_LINK) $(PCRE_LINK) $(THREADLIB) $(SYSTEMD_LINK)
++
++
++diff --git a/configure.ac b/configure.ac
++index 846e3b4..9b6377a 100644
++--- a/configure.ac
+++++ b/configure.ac
++@@ -519,11 +519,14 @@ case $host in
++ case $host in
++ i*86-*-linux*)
++ AC_DEFINE([CPU_x86], [], [cpu type x86])
++- AC_DEFINE([ATOMIC_64BIT_OPERATIONS], [1], [enabling atomic counter])
++ ;;
++ x86_64-*-linux*)
++- AC_DEFINE([CPU_x86_64], [], [cpu type x86_64])
++- AC_DEFINE([ATOMIC_64BIT_OPERATIONS], [1], [enabling atomic counter])
+++ AC_DEFINE([CPU_x86_64], [1], [cpu type x86_64])
+++
+++ # This turns on and off LFDS inside of libsds
+++ # wibrown -- 2017-02-21 disabled temporarily
+++ # with_atomic_queue="yes"
+++ # AC_DEFINE([ATOMIC_QUEUE_OPERATIONS], [1], [enabling atomic queue operations])
++ ;;
++ aarch64-*-linux*)
++ AC_DEFINE([CPU_arm], [], [cpu type arm])
++@@ -532,16 +535,6 @@ case $host in
++ AC_DEFINE([CPU_arm], [], [cpu type arm])
++ ;;
++ esac
++- AC_MSG_CHECKING([for GCC provided 64-bit atomic bool cas function ...])
++- AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],
++- [[long long ptrval = 0, val = 0, newval = 1; (void)__sync_bool_compare_and_swap_8(&ptrval, val, newval);]])],
++- [AC_DEFINE([HAVE_64BIT_ATOMIC_CAS_FUNC], [1], [have 64-bit atomic bool compare and swap function provided by gcc])AC_MSG_RESULT([yes])],
++- [AC_MSG_RESULT([no])])
++- AC_MSG_CHECKING([for GCC provided 64-bit atomic ops functions ...])
++- AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],
++- [[long long ptrval = 0, val = 0; (void)__sync_add_and_fetch_8(&ptrval, val);]])],
++- [AC_DEFINE([HAVE_64BIT_ATOMIC_OP_FUNCS], [1], [have 64-bit atomic operation functions provided by gcc])AC_MSG_RESULT([yes])],
++- [AC_MSG_RESULT([no])])
++ # some programs use the native thread library directly
++ THREADLIB=-lpthread
++ AC_SUBST([THREADLIB], [$THREADLIB])
++@@ -576,7 +569,6 @@ case $host in
++ AC_DEFINE([_POSIX_C_SOURCE], [199506L], [POSIX revision])
++ AC_DEFINE([_HPUX_SOURCE], [1], [Source namespace])
++ AC_DEFINE([_INCLUDE_STDC__SOURCE_199901], [1], [to pick up all of the printf format macros in inttypes.h])
++- AC_DEFINE([ATOMIC_64BIT_OPERATIONS], [1], [enabling atomic counter])
++ # assume 64 bit
++ initconfigdir="/$PACKAGE_NAME/config"
++ perlexec='/opt/perl_64/bin/perl'
++@@ -611,12 +603,11 @@ dnl Cstd and Crun are required to link any C++ related code
++ initdir='$(sysconfdir)/init.d'
++ case $host in
++ i?86-*-solaris2.1[[0-9]]*)
++-dnl I dont know why i386 need this explicit
+++ dnl I dont know why i386 need this explicit
++ AC_DEFINE([HAVE_GETPEERUCRED], [1], [have getpeerucred])
++ ;;
++ sparc-*-solaris*)
++-dnl includes some assembler stuff in counter.o
++- AC_DEFINE([ATOMIC_64BIT_OPERATIONS], [1], [enabling atomic counter])
+++ dnl includes some assembler stuff in counter.o
++ AC_DEFINE([CPU_sparc], [], [cpu type sparc])
++ TARGET='SPARC'
++ ;;
++@@ -627,6 +618,30 @@ dnl includes some assembler stuff in counter.o
++ ;;
++ esac
++
+++AC_MSG_CHECKING([for GCC provided 64-bit atomic operations])
+++AC_LINK_IFELSE([AC_LANG_PROGRAM([[
+++ #include <inttypes.h>
+++ ]],
+++ [[
+++ uint64_t t_counter = 0;
+++ uint64_t t_oldval = 0;
+++ uint64_t t_newval = 1;
+++
+++ __atomic_compare_exchange_8(&t_counter, &t_oldval, t_newval, 0, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST);
+++ __atomic_add_fetch_8(&t_counter, t_newval, __ATOMIC_SEQ_CST);
+++ __atomic_sub_fetch_8(&t_counter, t_newval, __ATOMIC_SEQ_CST);
+++ __atomic_load(&t_counter, &t_oldval, __ATOMIC_SEQ_CST);
+++ return 0;
+++ ]])],
+++ [
+++ AC_DEFINE([ATOMIC_64BIT_OPERATIONS], [1], [have 64-bit atomic operation functions provided by gcc])
+++ AC_MSG_RESULT([yes])
+++ ],
+++ [
+++ AC_MSG_RESULT([no])
+++ ]
+++)
+++
++ # cmd line overrides default setting above
++ if test -n "$with_initddir" ; then
++ initdir="$with_initddir"
++diff --git a/ldap/servers/slapd/slapi_counter.c b/ldap/servers/slapd/slapi_counter.c
++index d0696eb..9904fe9 100644
++--- a/ldap/servers/slapd/slapi_counter.c
+++++ b/ldap/servers/slapd/slapi_counter.c
++@@ -12,17 +12,22 @@
++
++ #include "slap.h"
++
+++#ifndef ATOMIC_64BIT_OPERATIONS
+++#include <pthread.h>
+++#endif
+++
++ #ifdef HPUX
++-#ifdef ATOMIC_64BIT_OPERATIONS
++ #include <machine/sys/inline.h>
++ #endif
++-#endif
++
++ /*
++ * Counter Structure
++ */
++ typedef struct slapi_counter {
++ uint64_t value;
+++#ifndef ATOMIC_64BIT_OPERATIONS
+++ pthread_mutex_t _lock;
+++#endif
++ } slapi_counter;
++
++ /*
++@@ -53,6 +58,9 @@ void slapi_counter_init(Slapi_Counter *counter)
++ if (counter != NULL) {
++ /* Set the value to 0. */
++ slapi_counter_set_value(counter, 0);
+++#ifndef ATOMIC_64BIT_OPERATIONS
+++ pthread_mutex_init(&(counter->_lock), NULL);
+++#endif
++ }
++ }
++
++@@ -65,6 +73,9 @@ void slapi_counter_init(Slapi_Counter *counter)
++ void slapi_counter_destroy(Slapi_Counter **counter)
++ {
++ if ((counter != NULL) && (*counter != NULL)) {
+++#ifndef ATOMIC_64BIT_OPERATIONS
+++ pthread_mutex_destroy(&((*counter)->_lock));
+++#endif
++ slapi_ch_free((void **)counter);
++ }
++ }
++@@ -99,17 +110,15 @@ uint64_t slapi_counter_decrement(Slapi_Counter *counter)
++ uint64_t slapi_counter_add(Slapi_Counter *counter, uint64_t addvalue)
++ {
++ uint64_t newvalue = 0;
++-#ifdef HPUX
++- uint64_t prev = 0;
++-#endif
++
++ if (counter == NULL) {
++ return newvalue;
++ }
++-
++-#ifndef HPUX
+++#ifdef ATOMIC_64BIT_OPERATIONS
++ newvalue = __atomic_add_fetch_8(&(counter->value), addvalue, __ATOMIC_SEQ_CST);
++ #else
+++#ifdef HPUX
+++ uint64_t prev = 0;
++ /* fetchadd only works with values of 1, 4, 8, and 16. In addition, it requires
++ * it's argument to be an integer constant. */
++ if (addvalue == 1) {
++@@ -133,6 +142,12 @@ uint64_t slapi_counter_add(Slapi_Counter *counter, uint64_t addvalue)
++ _Asm_mov_to_ar(_AREG_CCV, prev);
++ } while (prev != _Asm_cmpxchg(_FASZ_D, _SEM_ACQ, &(counter->value), newvalue, _LDHINT_NONE));
++ }
+++#else
+++ pthread_mutex_lock(&(counter->_lock));
+++ counter->value += addvalue;
+++ newvalue = counter->value;
+++ pthread_mutex_unlock(&(counter->_lock));
+++#endif
++ #endif
++
++ return newvalue;
++@@ -147,17 +162,16 @@ uint64_t slapi_counter_add(Slapi_Counter *counter, uint64_t addvalue)
++ uint64_t slapi_counter_subtract(Slapi_Counter *counter, uint64_t subvalue)
++ {
++ uint64_t newvalue = 0;
++-#ifdef HPUX
++- uint64_t prev = 0;
++-#endif
++
++ if (counter == NULL) {
++ return newvalue;
++ }
++
++-#ifndef HPUX
+++#ifdef ATOMIC_64BIT_OPERATIONS
++ newvalue = __atomic_sub_fetch_8(&(counter->value), subvalue, __ATOMIC_SEQ_CST);
++ #else
+++#ifdef HPUX
+++ uint64_t prev = 0;
++ /* fetchadd only works with values of -1, -4, -8, and -16. In addition, it requires
++ * it's argument to be an integer constant. */
++ if (subvalue == 1) {
++@@ -181,6 +195,12 @@ uint64_t slapi_counter_subtract(Slapi_Counter *counter, uint64_t subvalue)
++ _Asm_mov_to_ar(_AREG_CCV, prev);
++ } while (prev != _Asm_cmpxchg(_FASZ_D, _SEM_ACQ, &(counter->value), newvalue, _LDHINT_NONE));
++ }
+++#else
+++ pthread_mutex_lock(&(counter->_lock));
+++ counter->value -= subvalue;
+++ newvalue = counter->value;
+++ pthread_mutex_unlock(&(counter->_lock));
+++#endif
++ #endif
++
++ return newvalue;
++@@ -199,58 +219,22 @@ uint64_t slapi_counter_set_value(Slapi_Counter *counter, uint64_t newvalue)
++ return value;
++ }
++
++-#ifndef HPUX
++-/* Use our own inline assembly for an atomic set if
++- * the builtins aren't available. */
++-#if !HAVE_64BIT_ATOMIC_CAS_FUNC
++- /*
++- * %0 = counter->value
++- * %1 = newvalue
++- */
++- __asm__ __volatile__(
++-#ifdef CPU_x86
++- /* Save the PIC register */
++- " pushl %%ebx;"
++-#endif /* CPU_x86 */
++- /* Put value of counter->value in EDX:EAX */
++- "retryset: movl %0, %%eax;"
++- " movl 4%0, %%edx;"
++- /* Put newval in ECX:EBX */
++- " movl %1, %%ebx;"
++- " movl 4+%1, %%ecx;"
++- /* If EDX:EAX and counter-> are the same,
++- * replace *ptr with ECX:EBX */
++- " lock; cmpxchg8b %0;"
++- " jnz retryset;"
++-#ifdef CPU_x86
++- /* Restore the PIC register */
++- " popl %%ebx"
++-#endif /* CPU_x86 */
++- : "+o" (counter->value)
++- : "m" (newvalue)
++-#ifdef CPU_x86
++- : "memory", "eax", "ecx", "edx", "cc");
++-#else
++- : "memory", "eax", "ebx", "ecx", "edx", "cc");
++-#endif
++-
++- return newvalue;
++-#else /* HAVE_64BIT_ATOMIC_CAS_FUNC */
++- while (1) {
++- value = __atomic_load_8(&(counter->value), __ATOMIC_SEQ_CST);
++- if (__atomic_compare_exchange_8(&(counter->value), &value, newvalue, PR_FALSE, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST)){
++- return newvalue;
++- }
++- }
++-#endif
+++#ifdef ATOMIC_64BIT_OPERATIONS
+++ __atomic_store_8(&(counter->value), newvalue, __ATOMIC_SEQ_CST);
++ #else /* HPUX */
+++#ifdef HPUX
++ do {
++ value = counter->value;
++ /* Put value in a register for cmpxchg to compare against */
++ _Asm_mov_to_ar(_AREG_CCV, value);
++ } while (value != _Asm_cmpxchg(_FASZ_D, _SEM_ACQ, &(counter->value), newvalue, _LDHINT_NONE));
++- return newvalue;
+++#else
+++ pthread_mutex_lock(&(counter->_lock));
+++ counter->value = newvalue;
+++ pthread_mutex_unlock(&(counter->_lock));
+++#endif
++ #endif
+++ return newvalue;
++ }
++
++ /*
++@@ -266,57 +250,20 @@ uint64_t slapi_counter_get_value(Slapi_Counter *counter)
++ return value;
++ }
++
++-#ifndef HPUX
++-/* Use our own inline assembly for an atomic get if
++- * the builtins aren't available. */
++-#if !HAVE_64BIT_ATOMIC_CAS_FUNC
++- /*
++- * %0 = counter->value
++- * %1 = value
++- */
++- __asm__ __volatile__(
++-#ifdef CPU_x86
++- /* Save the PIC register */
++- " pushl %%ebx;"
++-#endif /* CPU_x86 */
++- /* Put value of counter->value in EDX:EAX */
++- "retryget: movl %0, %%eax;"
++- " movl 4%0, %%edx;"
++- /* Copy EDX:EAX to ECX:EBX */
++- " movl %%eax, %%ebx;"
++- " movl %%edx, %%ecx;"
++- /* If EDX:EAX and counter->value are the same,
++- * replace *ptr with ECX:EBX */
++- " lock; cmpxchg8b %0;"
++- " jnz retryget;"
++- /* Put retrieved value into value */
++- " movl %%ebx, %1;"
++- " movl %%ecx, 4%1;"
++-#ifdef CPU_x86
++- /* Restore the PIC register */
++- " popl %%ebx"
++-#endif /* CPU_x86 */
++- : "+o" (counter->value), "=m" (value)
++- :
++-#ifdef CPU_x86
++- : "memory", "eax", "ecx", "edx", "cc");
++-#else
++- : "memory", "eax", "ebx", "ecx", "edx", "cc");
++-#endif
++-#else /* HAVE_64BIT_ATOMIC_CAS_FUNC */
++- while (1) {
++- value = __atomic_load_8(&(counter->value), __ATOMIC_SEQ_CST);
++- if (__atomic_compare_exchange_8(&(counter->value), &value, value, PR_FALSE, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST)){
++- break;
++- }
++- }
++-#endif
+++#ifdef ATOMIC_64BIT_OPERATIONS
+++ value = __atomic_load_8(&(counter->value), __ATOMIC_SEQ_CST);
++ #else /* HPUX */
+++#ifdef HPUX
++ do {
++ value = counter->value;
++ /* Put value in a register for cmpxchg to compare against */
++ _Asm_mov_to_ar(_AREG_CCV, value);
++ } while (value != _Asm_cmpxchg(_FASZ_D, _SEM_ACQ, &(counter->value), value, _LDHINT_NONE));
+++#else
+++ pthread_mutex_lock(&(counter->_lock));
+++ value = counter->value;
+++ pthread_mutex_unlock(&(counter->_lock));
+++#endif
++ #endif
++
++ return value;
++diff --git a/ldap/servers/slapd/slapi_counter_sunos_sparcv9.S b/ldap/servers/slapd/slapi_counter_sunos_sparcv9.S
++deleted file mode 100644
++index e582c2a..0000000
++--- a/ldap/servers/slapd/slapi_counter_sunos_sparcv9.S
+++++ /dev/null
++@@ -1,105 +0,0 @@
++-! BEGIN COPYRIGHT BLOCK
++-! The Original Code is the Netscape Portable Runtime (NSPR).
++-!
++-! The Initial Developer of the Original Code is
++-! Netscape Communications Corporation.
++-! Portions created by the Initial Developer are Copyright (C) 1998-2000
++-! the Initial Developer. All Rights Reserved.
++-!
++-! The original code has been modified to support 64-bit atomic increments by
++-! Red Hat, Inc. These portions are Copyright (C) 2008 Red Hat, Inc. All Rights
++-! reserved.
++-!
++-! License: GPL (version 3 or any later version).
++-! See LICENSE for details.
++-! END COPYRIGHT BLOCK
++-!
++-
++-#define _ASM 1 /* force to set an assembler code macro _ASM */
++-#include <sys/asm_linkage.h>
++-
++-! ======================================================================
++-!
++-! Perform the sequence a = b atomically with respect to other
++-! fetch-and-stores to location a in a wait-free fashion.
++-!
++-! usage : old_val = PR_AtomicSet(address, newval)
++-!
++-! -----------------------
++-! Note on REGISTER USAGE:
++-! as this is a LEAF procedure, a new stack frame is not created;
++-! we use the caller's stack frame so what would normally be %i (input)
++-! registers are actually %o (output registers). Also, we must not
++-! overwrite the contents of %l (local) registers as they are not
++-! assumed to be volatile during calls.
++-! -----------------------
++-
++- ENTRY(_sparcv9_AtomicSet) ! standard assembler/ELF prologue
++-
++-retryAS:
++- ldx [%o0], %o2 ! set o2 to the current value
++- mov %o1, %o3 ! set up the new value
++- casx [%o0], %o2, %o3 ! atomically set if o0 hasn't changed
++- cmp %o2, %o3 ! see if we set the value
++- bne retryAS ! if not, try again
++- nop ! empty out the branch pipeline
++- retl ! return back to the caller
++- mov %o3, %o0 ! set the return code to the prev value
++-
++- SET_SIZE(_sparcv9_AtomicSet) ! standard assembler/ELF epilogue
++-
++-!
++-! end
++-!
++-! ======================================================================
++-!
++-! Perform the sequence a = a + b atomically with respect to other
++-! fetch-and-adds to location a in a wait-free fashion.
++-!
++-! usage : newval = PR_AtomicAdd(address, val)
++-! return: the value after addition
++-!
++- ENTRY(_sparcv9_AtomicAdd) ! standard assembler/ELF prologue
++-
++-retryAA:
++- ldx [%o0], %o2 ! set o2 to the current value
++- addx %o2, %o1, %o3 ! calc the new value
++- mov %o3, %o4 ! save the return value
++- casx [%o0], %o2, %o3 ! atomically set if o0 hasn't changed
++- cmp %o2, %o3 ! see if we set the value
++- bne retryAA ! if not, try again
++- nop ! empty out the branch pipeline
++- retl ! return back to the caller
++- mov %o4, %o0 ! set the return code to the new value
++-
++- SET_SIZE(_sparcv9_AtomicAdd) ! standard assembler/ELF epilogue
++-
++-!
++-! end
++-!
++-! ======================================================================
++-!
++-! Perform the sequence a = a - b atomically with respect to other
++-! fetch-and-subs to location a in a wait-free fashion.
++-!
++-! usage : newval = PR_AtomicSub(address, val)
++-! return: the value after addition
++-!
++- ENTRY(_sparcv9_AtomicSub) ! standard assembler/ELF prologue
++-
++-retryAU:
++- ldx [%o0], %o2 ! set o2 to the current value
++- subx %o2, %o1, %o3 ! calc the new value
++- mov %o3, %o4 ! save the return value
++- casx [%o0], %o2, %o3 ! atomically set if o0 hasn't changed
++- cmp %o2, %o3 ! see if we set the value
++- bne retryAU ! if not, try again
++- nop ! empty out the branch pipeline
++- retl ! return back to the caller
++- mov %o4, %o0 ! set the return code to the new value
++-
++- SET_SIZE(_sparcv9_AtomicSub) ! standard assembler/ELF epilogue
++-
++-!
++-! end
++-!
++diff --git a/test/libslapd/counters/atomic.c b/test/libslapd/counters/atomic.c
++new file mode 100644
++index 0000000..72fad88
++--- /dev/null
+++++ b/test/libslapd/counters/atomic.c
++@@ -0,0 +1,69 @@
+++/** BEGIN COPYRIGHT BLOCK
+++ * Copyright (C) 2017 Red Hat, Inc.
+++ * All rights reserved.
+++ *
+++ * License: GPL (version 3 or any later version).
+++ * See LICENSE for details.
+++ * END COPYRIGHT BLOCK **/
+++
+++#include "../../test_slapd.h"
+++
+++void
+++test_libslapd_counters_atomic_usage(void **state __attribute__((unused))) {
+++ Slapi_Counter *tc = slapi_counter_new();
+++
+++ uint64_t value = 0;
+++ /* Check that it starts as 0 */
+++ value = slapi_counter_get_value(tc);
+++ assert_true(value == 0);
+++ /* Increment */
+++ slapi_counter_increment(tc);
+++ value = slapi_counter_get_value(tc);
+++ assert_true(value == 1);
+++ /* add */
+++ slapi_counter_add(tc, 100);
+++ value = slapi_counter_get_value(tc);
+++ assert_true(value == 101);
+++ /* set */
+++ slapi_counter_set_value(tc, 200);
+++ value = slapi_counter_get_value(tc);
+++ assert_true(value == 200);
+++ /* dec */
+++ slapi_counter_decrement(tc);
+++ value = slapi_counter_get_value(tc);
+++ assert_true(value == 199);
+++ /* sub */
+++ slapi_counter_subtract(tc, 99);
+++ value = slapi_counter_get_value(tc);
+++ assert_true(value == 100);
+++ /* init */
+++ slapi_counter_init(tc);
+++ value = slapi_counter_get_value(tc);
+++ assert_true(value == 0);
+++
+++
+++ slapi_counter_destroy(&tc);
+++
+++ /* We could attempt a more complex thread test later? */
+++
+++}
+++
+++void
+++test_libslapd_counters_atomic_overflow(void **state __attribute__((unused))) {
+++ Slapi_Counter *tc = slapi_counter_new();
+++ /* This is intmax ... */
+++ uint32_t value_32 = 0xFFFFFFFF;
+++ uint64_t value = 0;
+++
+++ slapi_counter_set_value(tc, (uint64_t)value_32);
+++ value = slapi_counter_get_value(tc);
+++ assert_true(value == (uint64_t)value_32);
+++
+++ slapi_counter_increment(tc);
+++ value = slapi_counter_get_value(tc);
+++ assert_true(value != 0);
+++ assert_true(value > (uint64_t)value_32);
+++
+++ slapi_counter_destroy(&tc);
+++}
+++
--- /dev/null
--- /dev/null
++Description: Fix autoconf macro to detect svrcore properly
++ configure bails out with a linking error against libsoftokn, which is according
++ #473275 the correct behaviour. The patch modifies the m4 file to do not link
++ against this lib.
++Author: Tobias Frost <tobi@coldtobi.de>
++Forwarded: no
++Last-Update: 2014-04-25
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/m4/svrcore.m4
+++++ b/m4/svrcore.m4
++@@ -84,7 +84,7 @@ fi
++ if test -z "$svrcore_inc" -o -z "$svrcore_lib"; then
++ dnl just see if SVRCORE is already a system library
++ AC_CHECK_LIB([svrcore], [SVRCORE_GetRegisteredPinObj], [havesvrcore=1],
++- [], [$nss_inc $nspr_inc $nss_lib -lnss3 -lsoftokn3 $nspr_lib -lplds4 -lplc4 -lnspr4])
+++ [], [$nss_inc $nspr_inc $nss_lib -lnss3 $nspr_lib -lplds4 -lplc4 -lnspr4])
++ if test -n "$havesvrcore" ; then
++ dnl just see if SVRCORE is already a system header file
++ save_cppflags="$CPPFLAGS"
--- /dev/null
--- /dev/null
++--- a/ldap/admin/src/scripts/template-bak2db.pl.in
+++++ b/ldap/admin/src/scripts/template-bak2db.pl.in
++@@ -23,6 +23,6 @@ while ($i <= $#ARGV) {
++ $i++;
++ }
++
++-exec "{{SERVERBIN-DIR}}/bak2db.pl @wrapperArgs -Z {{SERV-ID}}";
+++exec "{{SERVERBIN-DIR}}/bak2db-online @wrapperArgs -Z {{SERV-ID}}";
++
++ exit ($?);
++--- a/ldap/admin/src/scripts/template-db2bak.pl.in
+++++ b/ldap/admin/src/scripts/template-db2bak.pl.in
++@@ -23,7 +23,7 @@ while ($i <= $#ARGV) {
++ $i++;
++ }
++
++-exec "{{SERVERBIN-DIR}}/db2bak.pl @wrapperArgs -Z {{SERV-ID}}";
+++exec "{{SERVERBIN-DIR}}/db2bak-online @wrapperArgs -Z {{SERV-ID}}";
++
++ exit ($?);
++
++--- a/ldap/admin/src/scripts/template-db2index.pl.in
+++++ b/ldap/admin/src/scripts/template-db2index.pl.in
++@@ -23,6 +23,6 @@ while ($i <= $#ARGV) {
++ $i++;
++ }
++
++-exec "{{SERVERBIN-DIR}}/db2index.pl @wrapperArgs -Z {{SERV-ID}}";
+++exec "{{SERVERBIN-DIR}}/db2index-online @wrapperArgs -Z {{SERV-ID}}";
++
++ exit ($?);
++--- a/ldap/admin/src/scripts/template-db2ldif.pl.in
+++++ b/ldap/admin/src/scripts/template-db2ldif.pl.in
++@@ -26,6 +26,6 @@ while ($i <= $#ARGV) {
++
++ $cwd = cwd();
++
++-exec "{{SERVERBIN-DIR}}/db2ldif.pl -c $cwd @wrapperArgs -Z {{SERV-ID}}";
+++exec "{{SERVERBIN-DIR}}/db2ldif-online -c $cwd @wrapperArgs -Z {{SERV-ID}}";
++
++ exit ($?);
++--- a/ldap/admin/src/scripts/template-ldif2db.pl.in
+++++ b/ldap/admin/src/scripts/template-ldif2db.pl.in
++@@ -23,6 +23,6 @@ while ($i <= $#ARGV) {
++ $i++;
++ }
++
++-exec "{{SERVERBIN-DIR}}/ldif2db.pl @wrapperArgs -Z {{SERV-ID}}";
+++exec "{{SERVERBIN-DIR}}/ldif2db-online @wrapperArgs -Z {{SERV-ID}}";
++
++ exit ($?);
--- /dev/null
--- /dev/null
++--- a/buildnum.pl
+++++ b/buildnum.pl
++@@ -31,7 +31,7 @@ if ($opt_H) {exitHelp();}
++ $platdir = $opt_p;
++
++ # Get current time
++-@now = gmtime;
+++@now = gmtime ($ENV{SOURCE_DATE_EPOCH} || time);
++
++ # Format buildnum as YYYY.DDD.HHMM
++ $year = $now[5] + 1900;
--- /dev/null
--- /dev/null
++use-bash-instead-of-sh.diff
++rename-online-scripts.diff
++ftbs_lsoftotkn3.diff
++fix-bsd.patch
++support-kfreebsd.patch
++fix-obsolete-target.diff
++fix-saslpath.diff
++reproducible-build.diff
++fix-systemctl-path.diff
++fix-48986-cve-2017-2591.diff
++fix-upstream-49245.diff
--- /dev/null
--- /dev/null
++Description: Add support for kFreeBSD
++ The configure script should check for available features of the host instead
++ of assuming that specific hosts (e.g. Linux) have specific features.
++ .
++ This patch hacks the configure script and various source files to behave
++ on kFreeBSD similar to Linux.
++Author: Benjamin Drung <benjamin.drung@profitbricks.com>
++
++--- a/configure.ac
+++++ b/configure.ac
++@@ -544,6 +544,46 @@ case $host in
++ AC_SUBST([LIBCRYPT], [$LIBCRYPT])
++ AC_DEFINE([USE_POSIX_RWLOCKS], [1], [POSIX rwlocks])
++ ;;
+++ *-*-kfreebsd*)
+++ dnl Assume that BSD has the getpeereid() function.
+++ dnl TODO: Check for the existance of the getpeereid() function!
+++ AC_DEFINE([HAVE_GETPEEREID], [1], [have getpeereid])
+++ dnl Check if we need to link against the bsd library for the getpeereid() function.
+++ AC_SEARCH_LIBS([getpeereid], [bsd])
+++ dnl Copied stuff from Linux section above
+++ dnl TODO: Check for features instead of setting flags based on the host!
+++ AC_DEFINE([XP_UNIX], [1], [UNIX])
+++ AC_DEFINE([freebsd], [1], [freebsd])
+++ AC_DEFINE([_GNU_SOURCE], [1], [GNU Source])
+++ initdir='$(sysconfdir)/rc.d/init.d'
+++ # do arch specific kfreebsd stuff here
+++ case $host in
+++ i*86-*-linux*)
+++ AC_DEFINE([CPU_x86], [], [cpu type x86])
+++ AC_DEFINE([ATOMIC_64BIT_OPERATIONS], [1], [enabling atomic counter])
+++ ;;
+++ x86_64-*-linux*)
+++ AC_DEFINE([CPU_x86_64], [], [cpu type x86_64])
+++ AC_DEFINE([ATOMIC_64BIT_OPERATIONS], [1], [enabling atomic counter])
+++ ;;
+++ esac
+++ AC_MSG_CHECKING([for GCC provided 64-bit atomic bool cas function ...])
+++ AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],
+++ [[long long ptrval = 0, val = 0, newval = 1; (void)__sync_bool_compare_and_swap_8(&ptrval, val, newval);]])],
+++ [AC_DEFINE([HAVE_64BIT_ATOMIC_CAS_FUNC], [1], [have 64-bit atomic bool compare and swap function provided by gcc])AC_MSG_RESULT([yes])],
+++ [AC_MSG_RESULT([no])])
+++ AC_MSG_CHECKING([for GCC provided 64-bit atomic ops functions ...])
+++ AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],
+++ [[long long ptrval = 0, val = 0; (void)__sync_add_and_fetch_8(&ptrval, val);]])],
+++ [AC_DEFINE([HAVE_64BIT_ATOMIC_OP_FUNCS], [1], [have 64-bit atomic operation functions provided by gcc])AC_MSG_RESULT([yes])],
+++ [AC_MSG_RESULT([no])])
+++ # some programs use the native thread library directly
+++ THREADLIB=-lpthread
+++ AC_SUBST([THREADLIB], [$THREADLIB])
+++ LIBCRYPT=-lcrypt
+++ AC_SUBST([LIBCRYPT], [$LIBCRYPT])
+++ AC_DEFINE([USE_POSIX_RWLOCKS], [1], [POSIX rwlocks])
+++ ;;
++ ia64-hp-hpux*)
++ AC_DEFINE([hpux], [1], [HP-UX])
++ AC_DEFINE([HPUX], [1], [HP-UX])
++--- a/include/base/systems.h
+++++ b/include/base/systems.h
++@@ -62,7 +62,7 @@
++ /* warning: mmap doesn't work under 9.04 */
++ #define SHMEM_MMAP_FLAGS MAP_FILE | MAP_VARIABLE | MAP_SHARED
++
++-#elif defined(Linux)
+++#elif defined(Linux) || defined(freebsd)
++
++ #define ACCELERATOR_CACHE
++ #define DNS_CACHE
++--- a/include/public/base/systems.h
+++++ b/include/public/base/systems.h
++@@ -56,7 +56,7 @@
++ #define SHMEM_UNIX_MMAP
++ #define ZERO(ptr,len) memset(ptr,0,len)
++
++-#elif defined(Linux)
+++#elif defined(Linux) || defined(freebsd)
++
++ #define FILE_UNIX
++ #define FILE_UNIX_MMAP
++--- a/ldap/include/portable.h
+++++ b/ldap/include/portable.h
++@@ -250,7 +250,7 @@ int strncasecmp(const char *, const char
++ defined(UNIXWARE) || defined(SUNOS4) || defined(SNI) || defined(BSDI) || \
++ defined(NCR) || defined(OSF1) || defined(NEC) || \
++ ( defined(HPUX10) && !defined(_REENTRANT)) || defined(HPUX11) || \
++- defined(UnixWare) || defined(LINUX2_0)
+++ defined(UnixWare) || defined(LINUX2_0) || defined(freebsd)
++ #define GETHOSTBYNAME( n, r, b, l, e ) gethostbyname( n )
++ #elif defined(AIX)
++ #define GETHOSTBYNAME_BUF_T struct hostent_data
++@@ -288,7 +288,7 @@ typedef char GETHOSTBYADDR_buf_t [BUFSIZ
++ #elif defined( hpux10 )
++ #define CTIME( c, b, l ) nsldapi_compat_ctime_r( c, b, l )
++ #elif defined( IRIX ) || defined(UNIXWARE) || defined(LINUX) \
++- || defined(OSF1V4) || defined(AIX) || defined(UnixWare) || defined (HPUX11)
+++ || defined(OSF1V4) || defined(AIX) || defined(UnixWare) || defined (HPUX11) || defined(freebsd)
++ #define CTIME( c, b, l ) ctime_r( c, b )
++ #elif defined( OSF1V3 )
++ #define CTIME( c, b, l ) (ctime_r( c, b, l ) ? NULL : b)
++@@ -297,7 +297,7 @@ typedef char GETHOSTBYADDR_buf_t [BUFSIZ
++ #endif
++ #if defined(hpux9) || defined(LINUX1_2) || defined(SUNOS4) || defined(SNI) || \
++ defined(SCOOS) || defined(BSDI) || defined(NCR) || \
++- defined(NEC) || defined(LINUX2_0)
+++ defined(NEC) || defined(LINUX2_0) || defined(freebsd)
++ /* strtok() is not MT safe, but it is okay to call here because used in mmt_protocol.xs which
++ has been moved in the tetframewrok */
++ #define STRTOK( s1, s2, l ) strtok( s1, s2 )
++--- a/ldap/servers/slapd/daemon.c
+++++ b/ldap/servers/slapd/daemon.c
++@@ -38,7 +38,7 @@
++ #endif /* NEED_FILIO */
++ /* for some reason, linux tty stuff defines CTIME */
++ #include <stdio.h>
++-#ifdef LINUX
+++#if defined(LINUX) || defined(freebsd)
++ #undef CTIME
++ #include <sys/statfs.h>
++ #else
++@@ -442,7 +442,7 @@ disk_mon_get_dirs(char ***list, int logs
++ char *
++ disk_mon_check_diskspace(char **dirs, PRUint64 threshold, PRUint64 *disk_space)
++ {
++-#ifdef LINUX
+++#if defined(LINUX) || defined(freebsd)
++ struct statfs buf;
++ #else
++ struct statvfs buf;
++@@ -455,7 +455,7 @@ disk_mon_check_diskspace(char **dirs, PR
++ int i = 0;
++
++ for(i = 0; dirs && dirs[i]; i++){
++-#ifndef LINUX
+++#if !defined(LINUX) && !defined(freebsd)
++ if (statvfs(dirs[i], &buf) != -1)
++ #else
++ if (statfs(dirs[i], &buf) != -1)
++--- a/ldap/servers/slapd/tools/pwenc.c
+++++ b/ldap/servers/slapd/tools/pwenc.c
++@@ -16,7 +16,7 @@
++ #include <sys/errno.h>
++ #include <sys/param.h>
++ #include <sys/types.h>
++-#if defined(LINUX) /* I bet other Unix would like
+++#if defined(LINUX) || defined(freebsd) /* I bet other Unix would like
++ * this flag. But don't want to
++ * break other builds so far */
++ #include <unistd.h>
++--- a/ldap/systools/idsktune.c
+++++ b/ldap/systools/idsktune.c
++@@ -16,6 +16,11 @@
++ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! */
++ static char *build_date = "14-JULY-2016";
++
+++#if defined(freebsd)
+++#define IDDS_BSD_INCLUDE 1
+++#define IDDS_BSD_SYSCTL 1
+++#endif
+++
++ #if defined(linux) || defined(__linux) || defined(__linux__)
++ #define IDDS_LINUX_INCLUDE 1
++ #define IDDS_LINUX_SYSCTL 1
++--- a/lib/base/dnsdmain.cpp
+++++ b/lib/base/dnsdmain.cpp
++@@ -35,12 +35,12 @@ extern "C" {
++ #define _PATH_RESCONF "/etc/resolv.conf"
++
++ NSPR_BEGIN_EXTERN_C
++-#ifdef Linux
+++#if defined Linux || defined(freebsd)
++ extern int getdomainname(char *, size_t);
++ #else
++ extern int getdomainname(char *, int);
++ #endif /* Linux */
++-#if defined(HPUX) || defined(Linux) || defined(SOLARIS_GCC)
+++#if defined(HPUX) || defined(Linux) || defined(SOLARIS_GCC) || defined(freebsd)
++ extern int gethostname (char *name, size_t namelen);
++ #else
++ extern int gethostname (char *name, int namelen);
++--- a/lib/base/file.cpp
+++++ b/lib/base/file.cpp
++@@ -213,7 +213,7 @@ NSAPI_PUBLIC int file_notfound(void)
++ return (errno == ENOENT);
++ }
++
++-#if !defined(LINUX)
+++#if !defined(LINUX) && !defined(freebsd)
++ extern char *sys_errlist[];
++ #endif
++
--- /dev/null
--- /dev/null
++--- a/ldap/admin/src/scripts/bak2db.in
+++++ b/ldap/admin/src/scripts/bak2db.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ . @datadir@/@package_name@/data/DSSharedLib
++
++--- a/ldap/admin/src/scripts/db2bak.in
+++++ b/ldap/admin/src/scripts/db2bak.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ . @datadir@/@package_name@/data/DSSharedLib
++
++--- a/ldap/admin/src/scripts/db2index.in
+++++ b/ldap/admin/src/scripts/db2index.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ . @datadir@/@package_name@/data/DSSharedLib
++
++--- a/ldap/admin/src/scripts/db2ldif.in
+++++ b/ldap/admin/src/scripts/db2ldif.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ . @datadir@/@package_name@/data/DSSharedLib
++
++--- a/ldap/admin/src/scripts/dbverify.in
+++++ b/ldap/admin/src/scripts/dbverify.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ . @datadir@/@package_name@/data/DSSharedLib
++
++--- a/ldap/admin/src/scripts/dn2rdn.in
+++++ b/ldap/admin/src/scripts/dn2rdn.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ . @datadir@/@package_name@/data/DSSharedLib
++
++--- a/ldap/admin/src/scripts/ldif2db.in
+++++ b/ldap/admin/src/scripts/ldif2db.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ . @datadir@/@package_name@/data/DSSharedLib
++
++--- a/ldap/admin/src/scripts/ldif2ldap.in
+++++ b/ldap/admin/src/scripts/ldif2ldap.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ . @datadir@/@package_name@/data/DSSharedLib
++
++--- a/ldap/admin/src/scripts/monitor.in
+++++ b/ldap/admin/src/scripts/monitor.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ . @datadir@/@package_name@/data/DSSharedLib
++
++--- a/ldap/admin/src/scripts/restart-dirsrv.in
+++++ b/ldap/admin/src/scripts/restart-dirsrv.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ # Script that restarts the ns-slapd server.
++ # Exit status can be:
++--- a/ldap/admin/src/scripts/restoreconfig.in
+++++ b/ldap/admin/src/scripts/restoreconfig.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ . @datadir@/@package_name@/data/DSSharedLib
++
++--- a/ldap/admin/src/scripts/saveconfig.in
+++++ b/ldap/admin/src/scripts/saveconfig.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ . @datadir@/@package_name@/data/DSSharedLib
++
++--- a/ldap/admin/src/scripts/start-dirsrv.in
+++++ b/ldap/admin/src/scripts/start-dirsrv.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ # Script that starts the ns-slapd server.
++ # Exit status can be:
++--- a/ldap/admin/src/scripts/stop-dirsrv.in
+++++ b/ldap/admin/src/scripts/stop-dirsrv.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ # Script that stops the ns-slapd server.
++ # Exit status can be:
++--- a/ldap/admin/src/scripts/suffix2instance.in
+++++ b/ldap/admin/src/scripts/suffix2instance.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ . @datadir@/@package_name@/data/DSSharedLib
++
++--- a/ldap/admin/src/scripts/upgradedb.in
+++++ b/ldap/admin/src/scripts/upgradedb.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ . @datadir@/@package_name@/data/DSSharedLib
++
++--- a/ldap/admin/src/scripts/upgradednformat.in
+++++ b/ldap/admin/src/scripts/upgradednformat.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ . @datadir@/@package_name@/data/DSSharedLib
++
++--- a/ldap/admin/src/scripts/vlvindex.in
+++++ b/ldap/admin/src/scripts/vlvindex.in
++@@ -1,4 +1,4 @@
++-#!/bin/sh
+++#!/bin/bash
++
++ . @datadir@/@package_name@/data/DSSharedLib
++
--- /dev/null
--- /dev/null
++#!/usr/bin/make -f
++# -*- makefile -*-
++
++export DEB_BUILD_MAINT_OPTIONS = hardening=+pie
++
++# Keep track of files we don't install
++NOT_INSTALLED :=
++
++REALFILE = \
++ bin/cl-dump.pl \
++ bin/dbgen.pl \
++ bin/ds-logpipe.py \
++ bin/logconv.pl \
++ bin/repl-monitor.pl \
++ sbin/migrate-ds.pl \
++ sbin/remove-ds.pl \
++ sbin/setup-ds.pl \
++ sbin/cleanallruv.pl \
++ sbin/fixup-linkedattrs.pl \
++ sbin/fixup-memberof.pl \
++ sbin/ns-accountstatus.pl \
++ sbin/ns-activate.pl \
++ sbin/ns-inactivate.pl \
++ sbin/ns-newpwpolicy.pl \
++ sbin/schema-reload.pl \
++ sbin/syntax-validate.pl \
++ sbin/usn-tombstone-cleanup.pl \
++ sbin/verify-db.pl \
++ share/man/man1/dbgen.pl.1 \
++ share/man/man1/ds-logpipe.py.1 \
++ share/man/man1/logconv.pl.1 \
++ share/man/man8/migrate-ds.pl.8 \
++ share/man/man8/setup-ds.pl.8 \
++ share/man/man8/remove-ds.pl.8
++
++# scripts for handling online servers
++REALFILE_ONLINE = \
++ sbin/bak2db.pl \
++ sbin/db2bak.pl \
++ sbin/db2index.pl \
++ sbin/db2ldif.pl \
++ sbin/ldif2db.pl \
++ share/man/man8/bak2db.pl.8 \
++ share/man/man8/db2bak.pl.8 \
++ share/man/man8/db2index.pl.8 \
++ share/man/man8/db2ldif.pl.8 \
++ share/man/man8/ldif2db.pl.8
++
++%:
++ dh $@ --parallel --with autoreconf,systemd --builddir build/
++
++override_dh_auto_configure:
++ dh_auto_configure -- \
++ --with-openldap \
++ --with-systemd \
++ --with-systemdsystemunitdir=/lib/systemd/system \
++ --with-systemdsystemconfdir=/etc/systemd/system \
++ --with-systemdgroupname=dirsrv.target \
++ --with-tmpfiles-d=/etc/tmpfiles.d \
++ --enable-autobind
++
++override_dh_auto_install:
++ dh_auto_install --max-parallel=1
++
++override_dh_install:
++ # lets do the renaming here afterall, instead of in 389-ds-base.install
++ for file in $(REALFILE); do mv -f $(CURDIR)/debian/tmp/usr/$$file \
++ $(CURDIR)/debian/tmp/usr/`echo $$file | \
++ sed -s 's/\.pl//;s/\.py//'`; \
++ done
++ # use -online suffix so that they won't overwrite the offline scripts
++ for file in $(REALFILE_ONLINE); do mv -f $(CURDIR)/debian/tmp/usr/$$file \
++ $(CURDIR)/debian/tmp/usr/`echo $$file | \
++ sed -s 's/\.pl/-online/'`; \
++ done
++ # purge .la files
++ find $(CURDIR)/debian/tmp -name "*.la" -type f -exec rm -f "{}" \;
++ # fix template script headers
++ find $(CURDIR)/debian/tmp/usr/share/dirsrv/script-templates/ -type f -exec perl -pi -e 's,#\{\{PERL-EXEC\}\},#!/usr/bin/perl,' "{}" \;
++
++ # Also get rid of other files which aren't installed. Do not
++ # use -f to ensure we notice disappearing files:
++ set -e; for file in $(NOT_INSTALLED); do rm debian/tmp/$$file; done
++
++ mkdir -p $(CURDIR)/debian/tmp/etc/systemd/system/dirsrv.target.wants
++
++ dh_install --fail-missing
++
++override_dh_systemd_enable:
++ dh_systemd_enable -p389-ds-base --no-enable dirsrv-snmp.service
++
++override_dh_shlibdeps:
++ dh_shlibdeps -l"debian/389-ds-base/usr/lib/$(DEB_HOST_MULTIARCH)/dirsrv" -a
--- /dev/null
--- /dev/null
++3.0 (quilt)
--- /dev/null
--- /dev/null
++Tests: setup
++Depends:
++ 389-ds-base,
++ python-lib389,
++Restrictions: needs-root
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++# hack for lxc
++IP=`ip route get 1.1.1.1 | awk '{print $NF; exit}'`
++HOSTNAME=`cat /etc/hosts| grep '127.0.1.1' | awk '{print $NF; exit}'`
++echo "$IP $HOSTNAME.debci $HOSTNAME" >> /etc/hosts
++
++/usr/sbin/setup-ds --silent -- \
++ General.FullMachineName=$HOSTNAME.debci\
++ General.SuiteSpotUserID=dirsrv\
++ General.SuiteSpotGroup=dirsrv\
++ slapd.ServerPort=1389\
++ slapd.ServerIdentifier=debci\
++ slapd.Suffix=dc=example,dc=com\
++ slapd.RootDN="cn=Directory Manager"\
++ slapd.RootDNPwd=Secret123
++
--- /dev/null
--- /dev/null
++#git=https://pagure.io/389-ds-base.git
++version=3
++http://releases.pagure.org/389-ds-base/389-ds-base-(.*).tar.bz2
projects / 389-ds-base.git / commitdiff