--- rpms/e-smith-ldap/sme10/e-smith-ldap.spec	2016/05/12 17:37:39	1.3
+++ rpms/e-smith-ldap/sme10/e-smith-ldap.spec	2023/02/06 05:48:31	1.22
@@ -1,15 +1,28 @@
-# $Id: e-smith-ldap.spec,v 1.2 2016/03/17 16:36:57 unnilennium Exp $
+# $Id: e-smith-ldap.spec,v 1.21 2023/02/06 05:26:53 jpp Exp $
 
 Summary: e-smith server and gateway - LDAP module
 %define name e-smith-ldap
 Name: %{name}
 %define version 5.6.0
-%define release 3
+%define release 17
 Version: %{version}
 Release: %{release}%{?dist}
 License: GPL
 Group: Networking/Daemons
 Source: %{name}-%{version}.tar.xz
+Patch0: e-smith-ldap-5.6.0-missing_shebang_ldap_init.patch
+Patch1: e-smith-ldap-5.6.0.bz9688.skipredirect.patch
+Patch2: e-smith-ldap-5.6.0-strong_encryption.patch
+Patch3: e-smith-ldap-5.6.0-bz10936-TLS-and-ciphers.patch
+Patch4: e-smith-ldap-5.6.0-bz11140-bz11099-bz11096-systemd-update.patch
+Patch5: e-smith-ldap-5.6.0-bz11480-timeoutstart.patch
+Patch6: e-smith-ldap-5.6.0-bz11595-ssl-template.patch
+Patch7: e-smith-ldap-5.6.0-bz11598.patch
+Patch8: e-smith-ldap-5.6.0-bz11745-log.patch
+Patch9: e-smith-ldap-5.6.0-bz11753-ldif-fix.patch
+Patch10: e-smith-ldap-5.6.0-bz12221-slapd-dropin.patch
+Patch11: e-smith-ldap-5.6.0-bz12314-alias.patch
+
 BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
 BuildArchitectures: noarch
 Requires: e-smith-base
@@ -27,6 +40,58 @@ AutoReqProv: no
 e-smith server and gateway software - LDAP module.
 
 %changelog
+* Mon Feb 06 2023 Jean-Philippe Pialasse <tests@pialasse.com> 5.6.0-17.sme
+- remove alias for slapd [SME: 12314]
+
+* Tue Nov 22 2022 Jean-Philippe Pialasse <tests@pialasse.com> 5.6.0-16.sme
+- fix slapd dropin missing section [SME: 12221]
+
+* Sun Apr 17 2022 Jean-Philippe Pialasse <tests@pialasse.com> 5.6.0-15.sme
+- add support or rsshusers system group [SME: 11753]
+
+* Fri Feb 18 2022 Jean-Philippe Pialasse <tests@pialasse.com> 5.6.0-14.sme
+- redirect syslog for ldapt to /var/log/ldap/ldap.log [SME: 11745]
+
+* Wed Jun 09 2021 Jean-Philippe Pialasse <tests@pialasse.com> 5.6.0-13.sme
+- fix ssl-update reload instead of restart ldap [SME: 11598]
+
+* Thu Jun 03 2021 Jean-Philippe Pialasse <tests@pialasse.com> 5.6.0-12.sme
+- fix wrong path for templates.metadata [SME: 11595]
+
+* Sun May 30 2021 Jean-Philippe Pialasse <tests@pialasse.com> 5.6.0-11.sme
+- use template for ssl pem [SME: 11595]
+
+* Sun Mar 21 2021 Jean-Philippe Pialasse <tests@pialasse.com> 5.6.0-10.sme
+- fix ldap failing to start on initial boot [SME: 11480]
+
+* Sat Jan 02 2021 Jean-Philipe Pialasse <tests@pialasse.com> 5.6.0-9.sme
+- fix wrong alias to ldap.init [SME: 11301]
+
+* Fri Dec 11 2020 Jean-Philipe Pialasse <tests@pialasse.com> 5.6.0-8.sme
+- add -update event [SME: 11140]
+- move ldap to systemd [SME: 11099]
+- move ldap.init to systemd [SME: 11096]
+
+* Sat May 02 2020 Jean-Philipe Pialasse <tests@pialasse.com> 5.6.0-7.sme
+- New protocol default as TLSv1.2  [SME: 10936]
+  New property TLSProtocolMin
+  Ciphers are now ordered with stronger first
+
+* Thu Feb 23 2017 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-6.sme
+- Disable SSLv3, but keep the possibility to enable it again [SME: 10108]
+- Better default cipher suite, and honor global suite [SME: 10108]
+
+* Sun Jul 24 2016 Jean-Philipe Pialasse <tests@pialasse.com> 5.6.0-5.sme
+- systemd skip redirect [SME: 9688]
+- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,
+  by assuming the date is correct and changing the weekday.
+  Fri Jun 01 2000 --> Fri May 26 2000 or Thu Jun 01 2000 or Fri Jun 02 2000 or ....
+  Thu Aug 07 2001 --> Thu Aug 02 2001 or Tue Aug 07 2001 or Thu Aug 09 2001 or ....
+  Tue Jun 10 2010 --> Tue Jun 08 2010 or Thu Jun 10 2010 or Tue Jun 15 2010 or ....
+
+* Thu May 12 2016 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-4.sme
+- Add missing shebang in ldap.init script [SME: 9432]
+
 * Thu May 12 2016 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-3.sme
 - Rebuild for [SME: 9393]
 
@@ -273,7 +338,8 @@ e-smith server and gateway software - LD
 * Wed Sep 22 2010 Daniel Berteaud <daniel@firewall-services.com> 5.2.0-24.sme
 - Restrict access to the ldif file [SME: 6217]
 
-* Tue Jun 10 2010 Jonathan Martens <smeserver-contribs@snetram.nl> 5.2.0-23.sme
+* Thu Jun 10 2010 Jonathan Martens <smeserver-contribs@snetram.nl> 5.2.0-23.sme
+  Tue Jun 10 2010 --> Tue Jun 08 2010 or Thu Jun 10 2010 or Tue Jun 15 2010 or ....
 - Fix ldap-create errors when adding empty groups [SME: 5920]
 
 * Mon Jun  7 2010 Federico Simoncelli <federico.simoncelli@gmail.com> 5.2.0-22.sme
@@ -813,7 +879,7 @@ e-smith server and gateway software - LD
 - [4.3.1-01]
 - Rolled version number to 4.3.1-01. Includes patches upto 4.3.0-07.
 
-* Thu Aug 07 2001 Charlie Brady <charlieb@e-smith.com>
+* Tue Aug 07 2001 Charlie Brady <charlieb@e-smith.com>
 - [4.3.0-07]
 - Break slapd.conf template into fragments, and include in-line
   at.conf and co.conf fragements, rather than use include feature.
@@ -987,11 +1053,26 @@ e-smith server and gateway software - LD
 * Mon Jun 12 2000 Charlie Brady <charlieb@e-smith.net>
 - Use new multi-arg form of backgroundCommand.
 
-* Fri Jun 1 2000 Charlie Brady <charlieb@e-smith.net>
+* Thu Jun 01 2000 Charlie Brady <charlieb@e-smith.net>
+  Fri Jun 01 2000 --> Fri May 26 2000 or Thu Jun 01 2000 or Fri Jun 02 2000 or ....
 - First created - broken out of e-smith-base 4.0.11.
 
 %prep
 %setup
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+mkdir -p root/etc/openldap/ssl
+rm -rf root/service root/var/service root/etc/rc.d/init.d/supervise
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
+%patch11 -p1
 
 %build
 perl createlinks
@@ -1001,14 +1082,15 @@ rm -rf $RPM_BUILD_ROOT
 (cd root   ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT)
 rm -f %{name}-%{version}-%{release}-filelist
 /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
-    --file /var/service/ldap/run 'attr(0750,root,root)' \
-    --file /var/service/ldap/log/run 'attr(0750,root,root)' \
+    --file /sbin/e-smith/systemd/ldap-certificate 'attr(0554,root,root)' \
+    --file /sbin/e-smith/systemd/ldap-prepare 'attr(0554,root,root)' \
+    --file /sbin/e-smith/systemd/ldap-finish 'attr(0554,root,root)' \
     --file /var/service/ldap/ldif-fix 'attr(0750,root,root)' \
     --file /var/service/ldap/finish 'attr(0750,root,root)' \
-    --file /var/service/ldap/control/1 'attr(0750,root,root)' \
     --dir /var/log/bdb 'attr(0700,ldap,ldap)' \
     --dir /home/e-smith/db/ldap 'attr(0750,root,ldap)' \
-    --dir /var/log/ldap 'attr(0750,smelog,smelog)' \
+    --dir /var/log/ldap 'attr(0750,root,root)' \
+    --dir /etc/openldap/ssl 'attr(0750,root,ldap)' \
     > %{name}-%{version}-%{release}-filelist
 echo "%doc COPYING" >> %{name}-%{version}-%{release}-filelist
 
@@ -1018,3 +1100,13 @@ rm -rf $RPM_BUILD_ROOT
 %files -f %{name}-%{version}-%{release}-filelist
 %defattr(-,root,root)
 
+%pre
+if [ -l /etc/systemd/system/slapd.service ] ; then
+  /usr/bin/unlink /etc/systemd/system/slapd.service
+fi
+if [ $1 -gt 1 ] ; then
+  if [ -e /var/service/ldap/run ] ; then
+       /usr/bin/sv d ldap
+       /usr/bin/sv d ldap/log
+  fi
+fi