1PORTNAME=		openldap
2DISTVERSION=		2.5.20
3CATEGORIES=		net databases
4MASTER_SITES=		https://www.openldap.org/software/download/OpenLDAP/%SUBDIR%/ \
5			http://gpl.savoirfairelinux.net/pub/mirrors/openldap/%SUBDIR%/ \
6			http://repository.linagora.org/OpenLDAP/%SUBDIR%/ \
7			http://mirror.eu.oneandone.net/software/openldap/%SUBDIR%/ \
8			ftp://ftp.ntua.gr/mirror/OpenLDAP/%SUBDIR%/ \
9			https://mirror-hk.koddos.net/OpenLDAP/%SUBDIR%/ \
10			ftp://ftp.dti.ad.jp/pub/net/OpenLDAP/%SUBDIR%/ \
11			https://mirror.koddos.net/OpenLDAP/%SUBDIR%/ \
12			https://mirror.lyrahosting.com/OpenLDAP/%SUBDIR%/ \
13			ftp://ftp.OpenLDAP.org/pub/OpenLDAP/%SUBDIR%/ \
14			http://www.openldap.org/software/download/OpenLDAP/%SUBDIR%/
15MASTER_SITE_SUBDIR=	openldap-release
16.if defined(CLIENT_ONLY)
17PKGNAMESUFFIX=		25-client
18.else
19PKGNAMESUFFIX=		25-server
20.endif
21
22MAINTAINER=		ports@MidnightBSD.org
23WWW=		https://www.OpenLDAP.org/
24.if defined(CLIENT_ONLY)
25COMMENT=		Open source LDAP client implementation
26.else
27COMMENT=		Open source LDAP server implementation
28.endif
29
30LICENSE=		openldap2.8
31
32# :keepla because port uses lt_dlopen
33USES=			cpe gmake libtool:keepla localbase ssl tar:tgz
34
35.if defined(CLIENT_ONLY)
36CONFLICTS_INSTALL=	${PORTNAME}2[0-46-9]-client ${PORTNAME}-client
37.else
38CONFLICTS_INSTALL=	${PORTNAME}2[0-46-9]-server ${PORTNAME}-server
39.endif
40
41GNU_CONFIGURE=		yes
42
43PORTREVISION_CLIENT=	0
44PORTREVISION_SERVER=	1
45OPENLDAP_SHLIB_MAJOR=	0
46OPENLDAP_SHLIB_MINOR=	1.14
47OPENLDAP_MAJOR=		${DISTVERSION:R}
48
49OPTIONS_DEFINE=		DEBUG
50OPTIONS_DEFAULT+=	DEBUG
51
52.if defined(CLIENT_ONLY)
53OPTIONS_DEFINE+=	DOCS FETCH
54
55FETCH_BUILD_DEPENDS=	autoconf>0:devel/autoconf
56FETCH_CONFIGURE_WITH=	fetch
57.else
58OPTIONS_GROUP=		BKNDS OVLYS
59BKNDS_DESC=		OpenLDAP backends
60BKNDS_DEFAULTS=		ASYNCMETA DNSSRV MDB PASSWD RELAY SOCK
61OPTIONS_GROUP_BKNDS+=	${BKNDS_DEFAULTS}
62OPTIONS_GROUP_BKNDS+=	PERL SQL
63
64OVLYS_DESC=		OpenLDAP overlays
65OPTIONS_GROUP_OVLYS+=	ACCESSLOG
66OPTIONS_GROUP_OVLYS+=	ADDPARTIAL
67OPTIONS_GROUP_OVLYS+=	ALLOP
68OPTIONS_GROUP_OVLYS+=	AUTOCA
69OPTIONS_GROUP_OVLYS+=	AUDITLOG
70OPTIONS_GROUP_OVLYS+=	AUTOGROUP
71OPTIONS_GROUP_OVLYS+=	CLOAK
72OPTIONS_GROUP_OVLYS+=	COLLECT
73OPTIONS_GROUP_OVLYS+=	CONSTRAINT
74OPTIONS_GROUP_OVLYS+=	DDS
75OPTIONS_GROUP_OVLYS+=	DENYOP
76OPTIONS_GROUP_OVLYS+=	DEREF
77OPTIONS_GROUP_OVLYS+=	DYNGROUP
78OPTIONS_GROUP_OVLYS+=	DYNLIST
79OPTIONS_GROUP_OVLYS+=	EMPTYDS
80OPTIONS_GROUP_OVLYS+=	HOMEDIR
81OPTIONS_GROUP_OVLYS+=	LASTBIND
82OPTIONS_GROUP_OVLYS+=	LASTMOD
83OPTIONS_GROUP_OVLYS+=	MEMBEROF
84OPTIONS_GROUP_OVLYS+=	NOPS
85OPTIONS_GROUP_OVLYS+=	OTP
86OPTIONS_GROUP_OVLYS+=	PROXYCACHE
87OPTIONS_GROUP_OVLYS+=	PPOLICY
88OPTIONS_GROUP_OVLYS+=	REFINT
89OPTIONS_GROUP_OVLYS+=	REMOTEAUTH
90OPTIONS_GROUP_OVLYS+=	RETCODE
91OPTIONS_GROUP_OVLYS+=	RWM
92OPTIONS_GROUP_OVLYS+=	SEQMOD
93OPTIONS_GROUP_OVLYS+=	SHA2
94OPTIONS_GROUP_OVLYS+=	SMBPWD
95OPTIONS_GROUP_OVLYS+=	SSSVLV
96OPTIONS_GROUP_OVLYS+=	SYNCPROV
97OPTIONS_GROUP_OVLYS+=	TRACE
98OPTIONS_GROUP_OVLYS+=	TRANSLUCENT
99OPTIONS_GROUP_OVLYS+=	UNIQUE
100OPTIONS_GROUP_OVLYS+=	VALSORT
101
102OPTIONS_DEFINE+=	GSSAPI
103OPTIONS_DEFINE+=	DYNACL ACI
104OPTIONS_DEFINE+=	RLOOKUPS SLP SLAPI
105OPTIONS_DEFINE+=	PBKDF2
106OPTIONS_DEFINE+=	OUTLOOK
107OPTIONS_DEFINE+=	ARGON2
108OPTIONS_DEFINE+=	LLOADD
109
110OPTIONS_DEFAULT+=	${BKNDS_DEFAULTS}
111OPTIONS_DEFAULT+=	${OPTIONS_GROUP_OVLYS}
112OPTIONS_DEFAULT+=	ARGON2 LLOADD
113
114OPTIONS_SUB=		yes
115
116ACI_DESC=		Per-object ACI (experimental)
117ARGON2_DESC=		Argon2 password hashing module
118DYNACL_DESC=		Run-time loadable ACL (experimental)
119FETCH_DESC=		Enable fetch(3) support
120GSSAPI_DESC=		With GSSAPI support
121LLOADD_DESC=		Enable load balancer
122OUTLOOK_DESC=		Force caseIgnoreOrderingMatch on name attribute (experimental)
123RLOOKUPS_DESC=		With reverse lookups of client hostnames
124SLAPI_DESC=		With Netscape SLAPI plugin API (experimental)
125SLP_DESC=		With SLPv2 (RFC 2608) support
126
127ASYNCMETA_DESC=		With asynchronous metadirectory backend
128DNSSRV_DESC=		With Dnssrv backend
129MDB_DESC=		With Memory-Mapped DB backend
130SQL_DESC=		With SQL backend
131PASSWD_DESC=		With Passwd backend
132PERL_DESC=		With Perl backend
133RELAY_DESC=		With Relay backend
134SOCK_DESC=		With Sock backend
135
136ACCESSLOG_DESC=		With In-Directory Access Logging overlay
137AUDITLOG_DESC=		With Audit Logging overlay
138AUTOCA_DESC=		With Automatic Certificate Authority overlay
139COLLECT_DESC=		With Collect overy Services overlay
140CONSTRAINT_DESC=	With Attribute Constraint overlay
141DDS_DESC=		With Dynamic Directory Services overlay
142DEREF_DESC=		With Dereference overlay
143DYNGROUP_DESC=		With Dynamic Group overlay
144DYNLIST_DESC=		With Dynamic List overlay
145HOMEDIR_DESC=		With Home Directory Management overlay
146MEMBEROF_DESC=		With Reverse Group Membership overlay
147NOPS_DESC=		With nops overlay
148OTP_DESC=		With OTP 2-factor authentication overlay
149PPOLICY_DESC=		With Password Policy overlay
150PROXYCACHE_DESC=	With Proxy Cache overlay
151REFINT_DESC=		With Referential Integrity overlay
152REMOTEAUTH_DESC=	With Deferred Authentication overlay
153RETCODE_DESC=		With Return Code testing overlay
154RWM_DESC=		With Rewrite/Remap overlay
155SEQMOD_DESC=		With Sequential Modify overlay
156SSSVLV_DESC=		With ServerSideSort/VLV overlay
157SYNCPROV_DESC=		With Syncrepl Provider overlay
158TRANSLUCENT_DESC=	With Translucent Proxy overlay
159UNIQUE_DESC=		With attribute Uniqueness overlay
160VALSORT_DESC=		With Value Sorting overlay
161
162ADDPARTIAL_DESC=	With addpartial overlay (experimental)
163ALLOP_DESC=		With allop overlay (experimental)
164AUTOGROUP_DESC=		With autogroup overlay (experimental)
165CLOAK_DESC=		With cloak overlay (experimental)
166DENYOP_DESC=		With denyop overlay (experimental)
167EMPTYDS_DESC=		With emptyds overlay (experimental)
168LASTBIND_DESC=		With lastbind overlay
169LASTMOD_DESC=		With lastmod overlay (experimental)
170TRACE_DESC=		With Trace overlay
171
172PBKDF2_DESC=		With PBKDF2 hash password support
173SHA2_DESC=		With SHA2 Password hashes overlay
174SMBPWD_DESC=		With Samba Password hashes overlay
175
176ACCESSLOG_CONFIGURE_ENABLE=	accesslog=mod
177ACI_CONFIGURE_ENABLE=		aci
178ARGON2_CONFIGURE_ENABLE=	argon2
179ARGON2_CONFIGURE_WITH=		argon2=libsodium
180ARGON2_LIB_DEPENDS=		libsodium.so:security/libsodium
181ASYNCMETA_CONFIGURE_ENABLE=	asyncmeta=mod
182AUDITLOG_CONFIGURE_ENABLE=	auditlog=mod
183AUTOCA_CONFIGURE_ENABLE=	autoca=mod
184COLLECT_CONFIGURE_ENABLE=	collect=mod
185CONSTRAINT_CONFIGURE_ENABLE=	constraint=mod
186DDS_CONFIGURE_ENABLE=		dds=mod
187DEBUG_CONFIGURE_ENABLE=		debug
188DEREF_CONFIGURE_ENABLE=		deref=mod
189DNSSRV_CONFIGURE_ENABLE=	dnssrv=mod
190DYNACL_CONFIGURE_ENABLE=	dynacl
191DYNGROUP_CONFIGURE_ENABLE=	dyngroup=mod
192DYNLIST_CONFIGURE_ENABLE=	dynlist=mod
193GSSAPI_RUN_DEPENDS=		cyrus-sasl-gssapi>0:security/cyrus-sasl2-gssapi
194HOMEDIR_CONFIGURE_ENABLE=	homedir=mod
195LLOADD_CONFIGURE_ENABLE=	balancer=mod
196LLOADD_LIB_DEPENDS=		libevent.so:devel/libevent
197MDB_CONFIGURE_ENABLE=		mdb=yes
198MEMBEROF_CONFIGURE_ENABLE=	memberof=mod
199OTP_CONFIGURE_ENABLE=		otp=mod
200PASSWD_CONFIGURE_ENABLE=	passwd=mod
201PERL_CONFIGURE_ENABLE=		perl=mod
202PERL_CONFIGURE_ENV=		PERLBIN="${PERL}"
203PERL_USES=			perl5
204PPOLICY_CONFIGURE_ENABLE=	ppolicy=mod
205PROXYCACHE_CONFIGURE_ENABLE=	proxycache=mod
206REFINT_CONFIGURE_ENABLE=	refint=mod
207RELAY_CONFIGURE_ENABLE=		relay=yes
208REMOTEAUTH_CONFIGURE_ENABLE=	remoteauth=mod
209RETCODE_CONFIGURE_ENABLE=	retcode=mod
210RLOOKUPS_CONFIGURE_ENABLE=	rlookups
211RWM_CONFIGURE_ENABLE=		rwm=mod
212SEQMOD_CONFIGURE_ENABLE=	seqmod=mod
213SLAPI_CONFIGURE_ENABLE=		slapi
214SLAPI_USE=			LDCONFIG
215SLP_CONFIGURE_ENABLE=		slp
216SLP_LIB_DEPENDS=		libslp.so:net/openslp
217SOCK_CONFIGURE_ENABLE=		sock=mod
218SQL_CONFIGURE_ENABLE=		sql=mod
219SQL_LDFLAGS=			-L${LOCALBASE}/lib
220SQL_LIB_DEPENDS=		libodbc.so:databases/unixODBC
221SSSVLV_CONFIGURE_ENABLE=	sssvlv=mod
222SYNCPROV_CONFIGURE_ENABLE=	syncprov=yes
223TRANSLUCENT_CONFIGURE_ENABLE=	translucent=mod
224UNIQUE_CONFIGURE_ENABLE=	unique=mod
225VALSORT_CONFIGURE_ENABLE=	valsort=mod
226
227# Force using caseIgnoreOrderingMatch on 'name' attribute.
228# This may be a violation of RFC 4519 2.18 definition.
229# See http://www.openldap.org/lists/openldap-technical/201211/msg00175.html
230OUTLOOK_EXTRA_PATCHES=		${FILESDIR}/extrapatch-outlook-servers__slapd__schema_prep.c
231.endif
232
233CONFIGURE_SED=		-e 's,uuid/uuid.h,xxuuid/uuid.h,g'
234
235NO_TEST=	yes
236
237.include <bsd.mport.options.mk>
238
239.if defined(CLIENT_ONLY)
240OPENLDAP_PORTREVISION=	${PORTREVISION_CLIENT}
241OPENLDAP_PKGFILESUFX=	.client
242
243PORTDOCS=		CHANGES drafts rfc
244
245CONFIGURE_ARGS+=	--disable-slapd \
246			--disable-monitor \
247			--disable-relay \
248			--disable-syncprov
249USE_LDCONFIG=		yes
250.else
251OPENLDAP_PORTREVISION=	${PORTREVISION_SERVER}
252OPENLDAP_PKGFILESUFX=
253
254LIB_DEPENDS+=		libicudata.so:devel/icu \
255			libldap.so:net/openldap25-client \
256			libltdl.so:devel/libltdl
257
258SUB_LIST+=		RC_DIR=${PREFIX} \
259			LDAP_RUN_DIR=${LDAP_RUN_DIR} \
260			DATABASEDIR=${DATABASEDIR}
261
262USERS=			ldap
263GROUPS=			ldap
264LDAP_USER?=		ldap
265LDAP_GROUP?=		ldap
266USE_LDCONFIG=		${PREFIX}/libexec/openldap
267SUB_FILES+=		pkg-deinstall
268USE_RC_SUBR=		slapd
269
270EXTRA_PATCHES+=		${FILESDIR}/extrapatch-Makefile.in
271
272LDFLAGS+=		-L${LOCALBASE}/lib
273
274SED_MODULES=		-e 's/\(moduleload[ 	]*back_[a-z]*\)\.la/\1/' \
275			-e 's/\# *\(modulepath\)/\1/'
276
277CONFIGURE_ARGS+=	--enable-modules \
278			--localstatedir=${LOCALSTATEDIR} \
279			--enable-crypt \
280			--enable-ldap=mod \
281			--enable-meta=mod \
282			--enable-null=mod
283.endif
284
285LDAP_RUN_DIR?=		/var/run/openldap
286LOCALSTATEDIR?=		/var/db
287DATABASEDIR?=		${LOCALSTATEDIR}/openldap-data
288BACKUPDIR?=		/var/backups/openldap
289
290DESCR=			${PKGDIR}/pkg-descr${OPENLDAP_PKGFILESUFX}
291PLIST=			${PKGDIR}/pkg-plist${OPENLDAP_PKGFILESUFX}
292
293SUB_FILES+=		pkg-message${OPENLDAP_PKGFILESUFX}
294PKGMESSAGE=		${WRKSRC}/pkg-message${OPENLDAP_PKGFILESUFX}
295
296SUB_LIST+=		LDAP_RUN_DIR=${LDAP_RUN_DIR} \
297			LDAP_USER=${LDAP_USER} \
298			LDAP_GROUP=${LDAP_GROUP} \
299			BACKUPDIR=${BACKUPDIR} \
300			DATABASEDIR=${DATABASEDIR} \
301			PORTNAME=${PORTNAME} \
302			PKGNAME=${PKGNAME} \
303			PKGNAMESUFFIX=${PKGNAMESUFFIX}
304
305CONFIGURE_ARGS+=	--with-threads=posix \
306			--with-tls=openssl \
307			--enable-dynamic
308
309LIB_DEPENDS+=		libsasl2.so:security/cyrus-sasl2
310CONFIGURE_ARGS+=	--with-cyrus-sasl --enable-spasswd
311MAKE_ENV+=		STRIP=${STRIP}
312
313CPPFLAGS+=		-I${LOCALBASE}/include
314LIBS+=			-L${LOCALBASE}/lib
315
316PLIST_SUB+=		${SUB_LIST}
317PLIST_SUB+=		SHLIB_MAJOR=${OPENLDAP_SHLIB_MAJOR}
318PLIST_SUB+=		SHLIB_MINOR=${OPENLDAP_SHLIB_MINOR}
319PLIST_SUB+=		OPENLDAP_MAJOR=${OPENLDAP_MAJOR}
320
321.if ${PORT_OPTIONS:MFETCH} && (defined(OPENSSL_INSTALLED) && ${OPENSSL_INSTALLED} != "" || ${SSL_DEFAULT} != base)
322BROKEN=	using OpenSSL from ports and OPTION FETCH together is not supported
323. endif
324
325.if ${PORT_OPTIONS:MADDPARTIAL}
326CONTRIB_MODULES+=	slapd-modules/addpartial
327CONTRIB_CLEANFILES+=	addpartial.a
328.endif
329.if ${PORT_OPTIONS:MALLOP}
330CONTRIB_MODULES+=	slapd-modules/allop
331CONTRIB_CLEANFILES+=	allop.a
332.endif
333.if ${PORT_OPTIONS:MAUTOGROUP}
334CONTRIB_MODULES+=	slapd-modules/autogroup
335CONTRIB_CLEANFILES+=	autogroup.a
336.endif
337.if ${PORT_OPTIONS:MCLOAK}
338CONTRIB_MODULES+=	slapd-modules/cloak
339CONTRIB_CLEANFILES+=	cloak.a
340.endif
341.if ${PORT_OPTIONS:MDENYOP}
342CONTRIB_MODULES+=	slapd-modules/denyop
343CONTRIB_CLEANFILES+=	denyop.a
344.endif
345.if ${PORT_OPTIONS:MEMPTYDS}
346CONTRIB_MODULES+=	slapd-modules/emptyds
347CONTRIB_CLEANFILES+=	emptyds.a
348.endif
349.if ${PORT_OPTIONS:MLASTBIND}
350CONTRIB_MODULES+=	slapd-modules/lastbind
351CONTRIB_CLEANFILES+=	lastbind.a
352.endif
353.if ${PORT_OPTIONS:MLASTMOD}
354CONTRIB_MODULES+=	slapd-modules/lastmod
355CONTRIB_CLEANFILES+=	lastmod.a
356.endif
357.if ${PORT_OPTIONS:MNOPS}
358CONTRIB_MODULES+=	slapd-modules/nops
359CONTRIB_CLEANFILES+=	nops.a
360.endif
361.if ${PORT_OPTIONS:MTRACE}
362CONTRIB_MODULES+=	slapd-modules/trace
363CONTRIB_CLEANFILES+=	trace.a
364.endif
365.if ${PORT_OPTIONS:MSHA2}
366CONTRIB_MODULES+=	slapd-modules/passwd/sha2
367CONTRIB_CLEANFILES+=	pw-sha2.a
368.endif
369.if ${PORT_OPTIONS:MPBKDF2}
370CONTRIB_MODULES+=	slapd-modules/passwd/pbkdf2
371CONTRIB_CLEANFILES+=	pw-pbkdf2.a
372.endif
373.if ${PORT_OPTIONS:MSMBPWD}
374CONTRIB_MODULES+=	slapd-modules/smbk5pwd
375CONTRIB_CLEANFILES+=	smbk5pwd.a
376.endif
377
378post-patch:
379	@${REINPLACE_CMD} -e 's|%LOCALSTATEDIR%/run/|${LDAP_RUN_DIR}/|g' \
380		${SED_MODULES} ${WRKSRC}/servers/slapd/slapd.conf
381	@${REINPLACE_CMD} -e 's|%LOCALSTATEDIR%/run/|${LDAP_RUN_DIR}/|g' \
382		${SED_MODULES} ${WRKSRC}/servers/slapd/slapd.ldif
383	@${REINPLACE_CMD} -e 's|^OPT =.*|OPT = ${CFLAGS}|g' \
384		-e 's|^CC =.*|CC = ${CC}|g' \
385		${SED_MODULES} ${WRKSRC}/contrib/slapd-modules/*/Makefile \
386		${WRKSRC}/contrib/slapd-modules/*/*/Makefile
387.if defined(CONFIGURE_SED)
388	@${REINPLACE_CMD} -E ${CONFIGURE_SED} \
389		${CONFIGURE_WRKSRC}/${CONFIGURE_SCRIPT}
390.endif
391
392pre-configure-FETCH-on:
393	@(cd ${WRKSRC} && ${LOCALBASE}/bin/autoconf)
394
395.if !defined(CLIENT_ONLY)
396post-build:
397.for module in ${CONTRIB_MODULES}
398	@(cd ${BUILD_WRKSRC}/contrib/${module} && \
399		${SETENV} ${MAKE_ENV} ${MAKE_CMD} ${MAKE_FLAGS} ${MAKEFILE} \
400		${MAKE_ARGS} prefix="${PREFIX}" all)
401.endfor
402.endif
403
404pre-install:
405.if !defined(CLIENT_ONLY)
406	${MKDIR} ${DATABASEDIR}
407.endif
408
409post-install:
410.if defined(CLIENT_ONLY)
411	${MKDIR} ${DOCSDIR}
412	${INSTALL_DATA} ${WRKSRC}/CHANGES ${DOCSDIR}
413	for dir in drafts rfc; do \
414		${MKDIR} ${DOCSDIR}/$${dir}; \
415		${INSTALL_DATA} ${WRKSRC}/doc/$${dir}/* ${DOCSDIR}/$${dir}; \
416	done
417	for prog in ldapcompare ldapdelete ldapexop ldapmodify ldapmodrdn ldappasswd ldapsearch ldapurl ldapvc ldapwhoami; do\
418		${STRIP_CMD} ${PREFIX}/bin/$${prog}; \
419	done
420	for library in lber ldap; do \
421		${STRIP_CMD} ${PREFIX}/lib/lib$${library}-${OPENLDAP_MAJOR}.so.${OPENLDAP_SHLIB_MAJOR}; \
422	done
423.else
424	${MKDIR} ${FAKE_DESTDIR}${LDAP_RUN_DIR}
425.for module in ${CONTRIB_MODULES}
426	(cd ${WRKSRC}/contrib/${module} && \
427		${SETENV} ${MAKE_ENV} ${MAKE_CMD} ${MAKE_FLAGS} ${MAKEFILE} \
428		${MAKE_ARGS} prefix="${PREFIX}" install)
429.endfor
430.for cleanfile in ${CONTRIB_CLEANFILES}
431	${RM} ${PREFIX}/libexec/openldap/${cleanfile}
432.endfor
433	${STRIP_CMD} ${PREFIX}/libexec/openldap/*.so
434	${STRIP_CMD} ${PREFIX}/libexec/slapd
435	${MKDIR} ${PREFIX}/libexec/openldap
436.endif # defined(CLIENT_ONLY)
437
438post-install-SLAPI-on:
439	for library in slapi; do \
440		${STRIP_CMD} ${FAKE_DESTDIR}${PREFIX}/lib/lib$${library}-${OPENLDAP_MAJOR}.so.${OPENLDAP_SHLIB_MAJOR}; \
441	done
442
443.include <bsd.port.mk>
444