From d02e06a825e50e750d036f90f5688a89bcf907fe Mon Sep 17 00:00:00 2001
From: Noriko Hosoi <nhosoi@redhat.com>
Date: Jun 19 2015 23:02:56 +0000
Subject: Release 1.3.4.0 (rebase)


- Enable nunc-stans in the build.
- Ticket 47490 - test case failing if 47721 is also fixed
- Ticket 47640 - Linked attributes transaction not aborted when  linked entry does not exit
- Ticket 47669 - CI test: added test cases for ticket 47669
- Ticket 47669 - Retro Changelog Plugin accepts invalid value in nsslapd-changelogmaxage attribute
- Ticket 47723 - winsync sets AccountUserControl in AD to 544
- Ticket 47787 - Make the test case more robust
- Ticket 47833 - TEST CASE only (modrdn fails if renamed entry member of a group and is out of memberof scope)
- Ticket 47878 - Improve setup-ds update logging
- Ticket 47893 - should use Sys::Hostname instead Net::Domain
- Ticket 47910 - allow logconv.pl -S/-E switches to work even when timestamps not present in access log
- Ticket 47913 - remove-ds.pl should not remove /var/lib/dirsrv
- Ticket 47921 - indirect cos does not reflect changes in the cos attribute
- Ticket 47927 - Uniqueness plugin: should allow to exclude some subtrees from its scope
- Ticket 47953 - testcase for removing invalid aci
- Ticket 47966 - CI test: added test cases for ticket 47966
- Ticket 47966 - slapd crashes during Dogtag clone reinstallation
- Ticket 47972 - make parsing of nsslapd-changelogmaxage more fault tolerant
- Ticket 47972 - make parsing of nsslapd-changelogmaxage more fool proof
- Ticket 47998 - cleanup WINDOWS ifdef's
- Ticket 47998 - remove remaining obsolete OS code/files
- Ticket 47998 - remove "windows" files
- Ticket 47999 - address several race conditions in tests
- Ticket 47999 - lib389 individual tests not running correctly  when run as a whole
- Ticket 48003 - build "suite" framework
- Ticket 48008 - db2bak.pl man page should be improved.
- Ticket 48017 - add script to generate lib389 CI test script
- Ticket 48019 - Remove refs to constants.py and backup/restore from lib389 tests
- Ticket 48023 - replace old replication check with lib389 function
- Ticket 48025 - add an option '-u' to dbgen.pl for adding group entries with uniquemembers
- Ticket 48026 - fix invalid write for friendly attribute names
- Ticket 48026 - Fix memory leak in uniqueness plugin
- Ticket 48026 - Support for uniqueness plugin to enforce uniqueness on a set of attributes.
- Ticket 48032 - change C code license to GPLv3; change C code license to allow openssl
- Ticket 48035 - nunc-stans - Revise shutdown sequence
- Ticket 48036 - ns_set_shutdown should call ns_job_done
- Ticket 48037 - ns_thrpool_new should take a config struct rather than many parameters
- Ticket 48038 - logging should be pluggable
- Ticket 48039 - nunc-stans malloc should be pluggable
- Ticket 48040 - preserve the FD when disabling a listener
- Ticket 48043 - use nunc-stans config initializer
- Ticket 48103 - update DS for new nunc-stans header file
- Ticket 48110 - Free all the nunc-stans signal jobs when shutdown is detected
- Ticket 48111 - "make clean" wipes out original files
- Ticket 48122 - nunc-stans FD leak
- Ticket 48127 - Using RPM, allows non root user to create/remove DS instance
- Ticket 48141 - aci with wildcard and macro not correctly evaluated
- Ticket 48143 - Password is not correctly passed to perl command line tools if it contains shell special characters.
- Ticket 48149 - ns-slapd double free or corruption crash
- Ticket 48154 - abort cleanAllRUV tasks should not certify-all by default
- Ticket 48169 - support NSS 3.18
- Ticket 48170 - Parse nsIndexType correctly
- Ticket 48175 - Avoid using regex in ACL if possible
- Ticket 48178 - add config param to enable nunc-stans
- Ticket 48191 - CI test: added test cases for ticket 48191
- Ticket 48191 - RFE: Adding nsslapd-maxsimplepaged-per-conn
- Ticket 48191 - RFE: Adding nsslapd-maxsimplepaged-per-conn Adding nsslapd-maxsimplepaged-per-conn
- Ticket 48194 - CI test: added test cases for ticket 48194
- Ticket 48197 - error texts from preop plugins not sent to client

---

diff --git a/.gitignore b/.gitignore
index 54da3c3..867b55c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -115,3 +115,6 @@
 /389-ds-base-1.3.3.10.tar.bz2
 /389-ds-base-1.3.3.11.tar.bz2
 /389-ds-base-1.3.3.12.tar.bz2
+/389-ds-base-1.3.4.0.tar.bz2
+/nunc-stans-0.1.3.tar.bz2
+/nunc-stans-0.1.4.tar.bz2
diff --git a/389-ds-base.spec b/389-ds-base.spec
index 760f921..51b52b8 100644
--- a/389-ds-base.spec
+++ b/389-ds-base.spec
@@ -11,6 +11,12 @@
 %global use_db4 0
 # If perl-Socket-2.000 or newer is available, set 0 to use_Socket6.
 %global use_Socket6 0
+# To build without nunc-stans, set 0 to use_nunc_stans.
+%global use_nunc_stans 1
+
+%if %{use_nunc_stans}
+%global nunc_stans_ver 0.1.4
+%endif
 
 # fedora 15 and later uses tmpfiles.d
 # otherwise, comment this out
@@ -24,7 +30,7 @@
 
 Summary:          389 Directory Server (base)
 Name:             389-ds-base
-Version:          1.3.3.12
+Version:          1.3.4.0
 Release:          %{?relprefix}1%{?prerel}%{?dist}
 License:          GPLv2 with exceptions
 URL:              http://port389.org/
@@ -113,6 +119,9 @@ Source0:          http://port389.org/binaries/%{name}-%{version}%{?prerel}.tar.b
 # 389-ds-git.sh should be used to generate the source tarball from git
 Source1:          %{name}-git.sh
 Source2:          %{name}-devel.README
+%if %{use_nunc_stans}
+Source3:          https://git.fedorahosted.org/cgit/nunc-stans.git/snapshot/nunc-stans-%{nunc_stans_ver}.tar.bz2
+%endif
 
 %description
 389 Directory Server is an LDAPv3 compliant server.  The base package includes
@@ -137,6 +146,11 @@ BuildRequires:    libdb-devel
 BuildRequires:    cyrus-sasl-devel
 BuildRequires:    libicu-devel
 BuildRequires:    pcre-devel
+%if %{use_nunc_stans}
+BuildRequires:    libtalloc-devel
+BuildRequires:    libevent-devel
+BuildRequires:    libtevent-devel
+%endif
 
 %description      libs
 Core libraries for the 389 Directory Server base package.  These libraries
@@ -156,26 +170,48 @@ Requires:         openldap-devel
 %else
 Requires:         mozldap-devel
 %endif
+%if %{use_nunc_stans}
+Requires:         libtalloc
+Requires:         libevent
+Requires:         libtevent
+%endif
 
 %description      devel
 Development Libraries and headers for the 389 Directory Server base package.
 
 %prep
 %setup -q -n %{name}-%{version}%{?prerel}
+%if %{use_nunc_stans}
+%setup -q -n %{name}-%{version}%{?prerel} -T -D -b 3
+%endif
 cp %{SOURCE2} README.devel
 
 %build
+%if %{use_nunc_stans}
+pushd ../nunc-stans-%{nunc_stans_ver}
+%configure --with-fhs --libdir=%{_libdir}/%{pkgname}
+make %{?_smp_mflags}
+mkdir lib
+cp .libs/libnunc-stans.so.0.0.0 lib/libnunc-stans.so
+mkdir -p include/nunc-stans
+cp nunc-stans.h include/nunc-stans/nunc-stans.h
+popd
+%endif
+
 %if %{use_openldap}
 OPENLDAP_FLAG="--with-openldap"
 %endif
 %{?with_tmpfiles_d: TMPFILES_FLAG="--with-tmpfiles-d=%{with_tmpfiles_d}"}
 # hack hack hack https://bugzilla.redhat.com/show_bug.cgi?id=833529
 NSSARGS="--with-svrcore-inc=%{_includedir} --with-svrcore-lib=%{_libdir} --with-nss-lib=%{_libdir} --with-nss-inc=%{_includedir}/nss3"
+%if %{use_nunc_stans}
+NUNC_STANS_FLAGS="--enable-nunc-stans --with-nunc-stans=../nunc-stans-%{nunc_stans_ver}" 
+%endif
 %configure --enable-autobind --with-selinux $OPENLDAP_FLAG $TMPFILES_FLAG \
            --with-systemdsystemunitdir=%{_unitdir} \
            --with-systemdsystemconfdir=%{_sysconfdir}/systemd/system \
            --with-perldir=/usr/bin \
-           --with-systemdgroupname=%{groupname} $NSSARGS
+           --with-systemdgroupname=%{groupname} $NSSARGS $NUNC_STANS_FLAGS
 
 # Generate symbolic info for debuggers
 export XCFLAGS=$RPM_OPT_FLAGS
@@ -184,6 +220,14 @@ make %{?_smp_mflags}
 
 
 %install
+%if %{use_nunc_stans}
+pushd ../nunc-stans-%{nunc_stans_ver}
+make DESTDIR="$RPM_BUILD_ROOT" install
+rm -rf $RPM_BUILD_ROOT%{_includedir} $RPM_BUILD_ROOT%{_datadir} \
+    $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/pkgconfig
+popd
+%endif
+
 make DESTDIR="$RPM_BUILD_ROOT" install
 
 mkdir -p $RPM_BUILD_ROOT/var/log/%{pkgname}
@@ -273,7 +317,7 @@ fi
 
 %files
 %defattr(-,root,root,-)
-%doc LICENSE EXCEPTION LICENSE.GPLv2
+%doc LICENSE LICENSE.GPLv3+ LICENSE.openssl
 %dir %{_sysconfdir}/%{pkgname}
 %dir %{_sysconfdir}/%{pkgname}/schema
 %config(noreplace)%{_sysconfdir}/%{pkgname}/schema/*.ldif
@@ -301,19 +345,87 @@ fi
 
 %files devel
 %defattr(-,root,root,-)
-%doc LICENSE EXCEPTION LICENSE.GPLv2 README.devel
+%doc LICENSE LICENSE.GPLv3+ LICENSE.openssl README.devel
 %{_includedir}/%{pkgname}
 %{_libdir}/%{pkgname}/libslapd.so
+%if %{use_nunc_stans}
+%{_libdir}/%{pkgname}/libnunc-stans.so
+%endif
 %{_libdir}/pkgconfig/*
 
 %files libs
 %defattr(-,root,root,-)
-%doc LICENSE EXCEPTION LICENSE.GPLv2 README.devel
+%doc LICENSE LICENSE.GPLv3+ LICENSE.openssl README.devel
 %dir %{_libdir}/%{pkgname}
 %{_libdir}/%{pkgname}/libslapd.so.*
 %{_libdir}/%{pkgname}/libns-dshttpd.so*
+%if %{use_nunc_stans}
+%{_libdir}/%{pkgname}/libnunc-stans.so*
+%endif
 
 %changelog
+* Fri Jun 19 2015 Noriko Hosoi <nhosoi@redhat.com> - 1.3.4.0-1
+- Release 1.3.4.0 (rebase)
+- Enable nunc-stans in the build.
+- Ticket 47490 - test case failing if 47721 is also fixed
+- Ticket 47640 - Linked attributes transaction not aborted when  linked entry does not exit
+- Ticket 47669 - CI test: added test cases for ticket 47669
+- Ticket 47669 - Retro Changelog Plugin accepts invalid value in nsslapd-changelogmaxage attribute
+- Ticket 47723 - winsync sets AccountUserControl in AD to 544
+- Ticket 47787 - Make the test case more robust
+- Ticket 47833 - TEST CASE only (modrdn fails if renamed entry member of a group and is out of memberof scope)
+- Ticket 47878 - Improve setup-ds update logging
+- Ticket 47893 - should use Sys::Hostname instead Net::Domain
+- Ticket 47910 - allow logconv.pl -S/-E switches to work even when timestamps not present in access log
+- Ticket 47913 - remove-ds.pl should not remove /var/lib/dirsrv
+- Ticket 47921 - indirect cos does not reflect changes in the cos attribute
+- Ticket 47927 - Uniqueness plugin: should allow to exclude some subtrees from its scope
+- Ticket 47953 - testcase for removing invalid aci
+- Ticket 47966 - CI test: added test cases for ticket 47966
+- Ticket 47966 - slapd crashes during Dogtag clone reinstallation
+- Ticket 47972 - make parsing of nsslapd-changelogmaxage more fault tolerant
+- Ticket 47972 - make parsing of nsslapd-changelogmaxage more fool proof
+- Ticket 47998 - cleanup WINDOWS ifdef's
+- Ticket 47998 - remove remaining obsolete OS code/files
+- Ticket 47998 - remove "windows" files
+- Ticket 47999 - address several race conditions in tests
+- Ticket 47999 - lib389 individual tests not running correctly  when run as a whole
+- Ticket 48003 - build "suite" framework
+- Ticket 48008 - db2bak.pl man page should be improved.
+- Ticket 48017 - add script to generate lib389 CI test script
+- Ticket 48019 - Remove refs to constants.py and backup/restore from lib389 tests
+- Ticket 48023 - replace old replication check with lib389 function
+- Ticket 48025 - add an option '-u' to dbgen.pl for adding group entries with uniquemembers
+- Ticket 48026 - fix invalid write for friendly attribute names
+- Ticket 48026 - Fix memory leak in uniqueness plugin
+- Ticket 48026 - Support for uniqueness plugin to enforce uniqueness on a set of attributes.
+- Ticket 48032 - change C code license to GPLv3; change C code license to allow openssl
+- Ticket 48035 - nunc-stans - Revise shutdown sequence
+- Ticket 48036 - ns_set_shutdown should call ns_job_done
+- Ticket 48037 - ns_thrpool_new should take a config struct rather than many parameters
+- Ticket 48038 - logging should be pluggable
+- Ticket 48039 - nunc-stans malloc should be pluggable
+- Ticket 48040 - preserve the FD when disabling a listener
+- Ticket 48043 - use nunc-stans config initializer
+- Ticket 48103 - update DS for new nunc-stans header file
+- Ticket 48110 - Free all the nunc-stans signal jobs when shutdown is detected
+- Ticket 48111 - "make clean" wipes out original files
+- Ticket 48122 - nunc-stans FD leak
+- Ticket 48127 - Using RPM, allows non root user to create/remove DS instance
+- Ticket 48141 - aci with wildcard and macro not correctly evaluated
+- Ticket 48143 - Password is not correctly passed to perl command line tools if it contains shell special characters.
+- Ticket 48149 - ns-slapd double free or corruption crash
+- Ticket 48154 - abort cleanAllRUV tasks should not certify-all by default
+- Ticket 48169 - support NSS 3.18
+- Ticket 48170 - Parse nsIndexType correctly
+- Ticket 48175 - Avoid using regex in ACL if possible
+- Ticket 48178 - add config param to enable nunc-stans
+- Ticket 48191 - CI test: added test cases for ticket 48191
+- Ticket 48191 - RFE: Adding nsslapd-maxsimplepaged-per-conn
+- Ticket 48191 - RFE: Adding nsslapd-maxsimplepaged-per-conn Adding nsslapd-maxsimplepaged-per-conn
+- Ticket 48194 - CI test: added test cases for ticket 48194
+- Ticket 48197 - error texts from preop plugins not sent to client
+
 * Wed Jun 17 2015 Noriko Hosoi <nhosoi@redhat.com> - 1.3.3.12-1
 - release 1.3.3.12
 - Resolves: Bug 1232896 - CVE-2015-3230 389-ds-base: nsSSL3Ciphers preference not enforced server side
diff --git a/sources b/sources
index 52f47ae..8cf1520 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-1d32ab7f87a866863e802917abf4951c  389-ds-base-1.3.3.12.tar.bz2
+f063c71662b103509db052ade47d3de9  nunc-stans-0.1.4.tar.bz2