--- rpms/e-smith-ldap/sme10/e-smith-ldap.spec	2017/02/23 10:21:52	1.8
+++ rpms/e-smith-ldap/sme10/e-smith-ldap.spec	2020/12/12 03:42:54	1.12
@@ -1,10 +1,10 @@
-# $Id: e-smith-ldap.spec,v 1.7 2016/07/24 15:37:08 unnilennium Exp $
+# $Id: e-smith-ldap.spec,v 1.11 2020/12/12 03:39:48 jpp Exp $
 
 Summary: e-smith server and gateway - LDAP module
 %define name e-smith-ldap
 Name: %{name}
 %define version 5.6.0
-%define release 6
+%define release 8
 Version: %{version}
 Release: %{release}%{?dist}
 License: GPL
@@ -13,6 +13,9 @@ Source: %{name}-%{version}.tar.xz
 Patch0: e-smith-ldap-5.6.0-missing_shebang_ldap_init.patch
 Patch1: e-smith-ldap-5.6.0.bz9688.skipredirect.patch
 Patch2: e-smith-ldap-5.6.0-strong_encryption.patch
+Patch3: e-smith-ldap-5.6.0-bz10936-TLS-and-ciphers.patch
+Patch4: e-smith-ldap-5.6.0-bz11140-bz11099-bz11096-systemd-update.patch
+
 BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
 BuildArchitectures: noarch
 Requires: e-smith-base
@@ -30,6 +33,16 @@ AutoReqProv: no
 e-smith server and gateway software - LDAP module.
 
 %changelog
+* Fri Dec 11 2020 Jean-Philipe Pialasse <tests@pialasse.com> 5.6.0-8.sme
+- add -update event [SME: 11140]
+- move ldap to systemd [SME: 11099]
+- move ldap.init to systemd [SME: 11096]
+
+* Sat May 02 2020 Jean-Philipe Pialasse <tests@pialasse.com> 5.6.0-7.sme
+- New protocol default as TLSv1.2  [SME: 10936]
+  New property TLSProtocolMin
+  Ciphers are now ordered with stronger first
+
 * Thu Feb 23 2017 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-6.sme
 - Disable SSLv3, but keep the possibility to enable it again [SME: 10108]
 - Better default cipher suite, and honor global suite [SME: 10108]
@@ -1015,6 +1028,11 @@ e-smith server and gateway software - LD
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
+%patch3 -p1
+%patch4 -p1
+
+mkdir -p root/etc/openldap/ssl
+rm -rf root/service root/var/service root/etc/rc.d/init.d/supervise
 
 %build
 perl createlinks
@@ -1024,14 +1042,15 @@ rm -rf $RPM_BUILD_ROOT
 (cd root   ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT)
 rm -f %{name}-%{version}-%{release}-filelist
 /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
-    --file /var/service/ldap/run 'attr(0750,root,root)' \
-    --file /var/service/ldap/log/run 'attr(0750,root,root)' \
+    --file /sbin/e-smith/systemd/ldap-certificate 'attr(0554,root,root)' \
+    --file /sbin/e-smith/systemd/ldap-prepare 'attr(0554,root,root)' \
+    --file /sbin/e-smith/systemd/ldap-finish 'attr(0554,root,root)' \
     --file /var/service/ldap/ldif-fix 'attr(0750,root,root)' \
     --file /var/service/ldap/finish 'attr(0750,root,root)' \
-    --file /var/service/ldap/control/1 'attr(0750,root,root)' \
     --dir /var/log/bdb 'attr(0700,ldap,ldap)' \
     --dir /home/e-smith/db/ldap 'attr(0750,root,ldap)' \
     --dir /var/log/ldap 'attr(0750,smelog,smelog)' \
+    --dir /etc/openldap/ssl 'attr(0750,root,ldap)' \
     > %{name}-%{version}-%{release}-filelist
 echo "%doc COPYING" >> %{name}-%{version}-%{release}-filelist
 
@@ -1041,3 +1060,10 @@ rm -rf $RPM_BUILD_ROOT
 %files -f %{name}-%{version}-%{release}-filelist
 %defattr(-,root,root)
 
+%pre
+if [ $1 -gt 1 ] ; then
+  if [ -e /var/service/ldap/run ] ; then
+       /usr/bin/sv d ldap
+       /usr/bin/sv d ldap/log
+  fi
+fi