--- rpms/e-smith-ldap/sme10/e-smith-ldap.spec	2016/05/12 17:37:39	1.3
+++ rpms/e-smith-ldap/sme10/e-smith-ldap.spec	2020/12/12 03:39:48	1.11
@@ -1,15 +1,21 @@
-# $Id: e-smith-ldap.spec,v 1.2 2016/03/17 16:36:57 unnilennium Exp $
+# $Id: e-smith-ldap.spec,v 1.10 2020/12/12 03:26:37 jpp Exp $
 
 Summary: e-smith server and gateway - LDAP module
 %define name e-smith-ldap
 Name: %{name}
 %define version 5.6.0
-%define release 3
+%define release 8
 Version: %{version}
 Release: %{release}%{?dist}
 License: GPL
 Group: Networking/Daemons
 Source: %{name}-%{version}.tar.xz
+Patch0: e-smith-ldap-5.6.0-missing_shebang_ldap_init.patch
+Patch1: e-smith-ldap-5.6.0.bz9688.skipredirect.patch
+Patch2: e-smith-ldap-5.6.0-strong_encryption.patch
+Patch3: e-smith-ldap-5.6.0-bz10936-TLS-and-ciphers.patch
+Patch4: e-smith-ldap-5.6.0-bz11140-bz11099-bz11096-systemd-update.patch
+
 BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
 BuildArchitectures: noarch
 Requires: e-smith-base
@@ -27,6 +33,31 @@ AutoReqProv: no
 e-smith server and gateway software - LDAP module.
 
 %changelog
+* Fri Dec 11 2020 Jean-Philipe Pialasse <tests@pialasse.com> 5.6.0-8.sme
+- add -update event [SME: 11140]
+- move ldap to systemd [SME: 11099]
+- move ldap.init to systemd [SME: 11096]
+
+* Sat May 02 2020 Jean-Philipe Pialasse <tests@pialasse.com> 5.6.0-7.sme
+- New protocol default as TLSv1.2  [SME: 10936]
+  New property TLSProtocolMin
+  Ciphers are now ordered with stronger first
+
+* Thu Feb 23 2017 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-6.sme
+- Disable SSLv3, but keep the possibility to enable it again [SME: 10108]
+- Better default cipher suite, and honor global suite [SME: 10108]
+
+* Sun Jul 24 2016 Jean-Philipe Pialasse <tests@pialasse.com> 5.6.0-5.sme
+- systemd skip redirect [SME: 9688]
+- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,
+  by assuming the date is correct and changing the weekday.
+  Fri Jun 01 2000 --> Fri May 26 2000 or Thu Jun 01 2000 or Fri Jun 02 2000 or ....
+  Thu Aug 07 2001 --> Thu Aug 02 2001 or Tue Aug 07 2001 or Thu Aug 09 2001 or ....
+  Tue Jun 10 2010 --> Tue Jun 08 2010 or Thu Jun 10 2010 or Tue Jun 15 2010 or ....
+
+* Thu May 12 2016 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-4.sme
+- Add missing shebang in ldap.init script [SME: 9432]
+
 * Thu May 12 2016 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-3.sme
 - Rebuild for [SME: 9393]
 
@@ -273,7 +304,8 @@ e-smith server and gateway software - LD
 * Wed Sep 22 2010 Daniel Berteaud <daniel@firewall-services.com> 5.2.0-24.sme
 - Restrict access to the ldif file [SME: 6217]
 
-* Tue Jun 10 2010 Jonathan Martens <smeserver-contribs@snetram.nl> 5.2.0-23.sme
+* Thu Jun 10 2010 Jonathan Martens <smeserver-contribs@snetram.nl> 5.2.0-23.sme
+  Tue Jun 10 2010 --> Tue Jun 08 2010 or Thu Jun 10 2010 or Tue Jun 15 2010 or ....
 - Fix ldap-create errors when adding empty groups [SME: 5920]
 
 * Mon Jun  7 2010 Federico Simoncelli <federico.simoncelli@gmail.com> 5.2.0-22.sme
@@ -813,7 +845,7 @@ e-smith server and gateway software - LD
 - [4.3.1-01]
 - Rolled version number to 4.3.1-01. Includes patches upto 4.3.0-07.
 
-* Thu Aug 07 2001 Charlie Brady <charlieb@e-smith.com>
+* Tue Aug 07 2001 Charlie Brady <charlieb@e-smith.com>
 - [4.3.0-07]
 - Break slapd.conf template into fragments, and include in-line
   at.conf and co.conf fragements, rather than use include feature.
@@ -987,11 +1019,20 @@ e-smith server and gateway software - LD
 * Mon Jun 12 2000 Charlie Brady <charlieb@e-smith.net>
 - Use new multi-arg form of backgroundCommand.
 
-* Fri Jun 1 2000 Charlie Brady <charlieb@e-smith.net>
+* Thu Jun 01 2000 Charlie Brady <charlieb@e-smith.net>
+  Fri Jun 01 2000 --> Fri May 26 2000 or Thu Jun 01 2000 or Fri Jun 02 2000 or ....
 - First created - broken out of e-smith-base 4.0.11.
 
 %prep
 %setup
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+
+mkdir -p root/etc/e-smith/templates/etc/openldap/ssl
+rm -rf root/service root/var/service root/etc/rc.d/init.d/supervise
 
 %build
 perl createlinks
@@ -1001,14 +1042,15 @@ rm -rf $RPM_BUILD_ROOT
 (cd root   ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT)
 rm -f %{name}-%{version}-%{release}-filelist
 /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
-    --file /var/service/ldap/run 'attr(0750,root,root)' \
-    --file /var/service/ldap/log/run 'attr(0750,root,root)' \
+    --file /sbin/e-smith/systemd/ldap-certificate 'attr(0554,root,root)' \
+    --file /sbin/e-smith/systemd/ldap-prepare 'attr(0554,root,root)' \
+    --file /sbin/e-smith/systemd/ldap-finish 'attr(0554,root,root)' \
     --file /var/service/ldap/ldif-fix 'attr(0750,root,root)' \
     --file /var/service/ldap/finish 'attr(0750,root,root)' \
-    --file /var/service/ldap/control/1 'attr(0750,root,root)' \
     --dir /var/log/bdb 'attr(0700,ldap,ldap)' \
     --dir /home/e-smith/db/ldap 'attr(0750,root,ldap)' \
     --dir /var/log/ldap 'attr(0750,smelog,smelog)' \
+    --dir /etc/openldap/ssl 'attr(0750,root,ldap)' \
     > %{name}-%{version}-%{release}-filelist
 echo "%doc COPYING" >> %{name}-%{version}-%{release}-filelist
 
@@ -1018,3 +1060,10 @@ rm -rf $RPM_BUILD_ROOT
 %files -f %{name}-%{version}-%{release}-filelist
 %defattr(-,root,root)
 
+%pre
+if [ $1 -gt 1 ] ; then
+  if [ -e /var/service/ldap/run ] ; then
+       /usr/bin/sv d ldap
+       /usr/bin/sv d ldap/log
+  fi
+fi