# $Id$
# Maintainer: Qurban Ullah <qurbanullah@avouch.org>
# Contributor: Qurban Ullah <qurbanullah@avouch.org>

pkgbase=openldap
pkgname=('libldap' 'openldap')
pkgver=2.4.47
pkgrel=1
arch=('i686' 'x86_64')
url="http://www.openldap.org/"
license=('custom')
makedepends=('libltdl' 'libsasl' 'e2fsprogs' 'util-linux' 'chrpath' 'unixodbc')
options=('!makeflags' 'emptydirs')
source=(ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${pkgbase}-${pkgver}.tgz
        slapd.service openldap.tmpfiles openldap.sysusers openldap-ntlm.patch 01-CVE-2015-6908.patch)
sha1sums=('ec03e061bfdb2e6a90827855cf77a72cb3f89cf4'
          '2441815efbfa01ad7a1d39068e5503b53d1d04b0'
          '1f68bd85fb50595c4e916db164d8e90e0c6e21ee'
          '2bf64351c32b0bf0a70663bd42de22910998b795'
          'e4afd9f1c810ef4c4cd8fe1101dfe5887f2b7eef'
          '008cb2c9b66a7b031e23eee85a1954d57432e338')

# see http://www.openldap.org/faq/data/cache/756.html
# there's no proper backend support for anything apart from
# BerkeleyDB, if we don't want to drop local backend server support
# we are forced to keep Berkeley DB here

prepare() {
	cd "${srcdir}/${pkgbase}-${pkgver}"

	patch -Np1 -i ../openldap-2.4.44-consolidated-2.patch
	patch -p1 -i "${srcdir}"/openldap-ntlm.patch

	sed -i 's|-m 644 $(LIBRARY)|-m 755 $(LIBRARY)|' libraries/{liblber,libldap,libldap_r}/Makefile.in
	sed -i 's|#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi"|#define LDAPI_SOCK LDAP_DIRSEP "run" LDAP_DIRSEP "openldap" LDAP_DIRSEP "ldapi"|' include/ldap_defaults.h
	sed -i 's|%LOCALSTATEDIR%/run|/run/openldap|' servers/slapd/slapd.{conf,ldif}
	sed -i 's|-$(MKDIR) $(DESTDIR)$(localstatedir)/run|-$(MKDIR) $(DESTDIR)/run/openldap|' servers/slapd/Makefile.in

	autoconf
}

build() {
	cd "${srcdir}/${pkgbase}-${pkgver}"
	./configure --prefix=/usr \
	--libexecdir=/usr/lib \
	--sysconfdir=/etc \
	--localstatedir=/var \
	--sbindir=/usr/bin \
	--enable-dynamic \
	--enable-syslog \
	--enable-ipv6 \
	--enable-local \
	--enable-crypt \
	--enable-spasswd \
	--enable-modules \
	--enable-backends=mod \
	--enable-overlays=mod \
	--disable-static \
	--disable-ndb \
	--disable-bdb \
	--disable-hdb \
	--with-cyrus-sasl \
	--with-threads
	make depend
	make

	cd contrib/slapd-modules/nssov
	make prefix=/usr libexecdir=/usr/lib sysconfdir=/etc/openldap
	chrpath -d .libs/nssov.so
}

check() {
	cd "${srcdir}/${pkgbase}-${pkgver}"
	#make test
}

package_libldap() {
	pkgdesc="Lightweight Directory Access Protocol (LDAP) client libraries"
	depends=('libsasl' 'e2fsprogs')
	backup=('etc/openldap/ldap.conf')

	cd "${srcdir}/${pkgbase}-${pkgver}"
	for dir in include libraries doc/man/man3 ; do
		pushd ${dir}
		make DESTDIR="${pkgdir}" install
		popd
	done
	install -Dm644 doc/man/man5/ldap.conf.5.tmp "${pkgdir}"/usr/share/man/man5/ldap.conf.5

	# get rid of duplicate default conf files
	rm "${pkgdir}"/etc/openldap/*.default

	ln -sf liblber.so "${pkgdir}"/usr/lib/liblber.so.2
	ln -sf libldap.so "${pkgdir}"/usr/lib/libldap.so.2
}

package_openldap() {
	pkgdesc="Lightweight Directory Access Protocol (LDAP) client and server"
	depends=("libldap>=${pkgver}" 'libltdl' 'unixodbc')
	backup=('etc/openldap/slapd.conf' 'etc/openldap/slapd.ldif')
	install=openldap.install

	cd "${srcdir}/${pkgbase}-${pkgver}"
	for dir in clients servers doc/man/man{1,5,8}; do
		pushd ${dir}
		make DESTDIR="${pkgdir}" install
		popd
	done

	pushd contrib/slapd-modules/nssov
	install -m755 .libs/nssov.so.0.0.0 "${pkgdir}"/usr/lib/openldap
	ln -s nssov.so.0.0.0 "${pkgdir}"/usr/lib/openldap/nssov.so
	ln -s nssov.so.0.0.0 "${pkgdir}"/usr/lib/openldap/nssov.so.0
	install -m444 ldapns.schema "${pkgdir}"/etc/openldap/schema
	install -m644 slapo-nssov.5 "${pkgdir}"/usr/share/man/man5/slapo-nssov.5
	popd

	rm "${pkgdir}"/usr/share/man/man5/ldap.conf.5
	rm -r "${pkgdir}"/run

	# get rid of duplicate default conf files
	rm "${pkgdir}"/etc/openldap/*.default

	ln -s ../lib/slapd "${pkgdir}"/usr/bin/slapd

	chown root:120 "${pkgdir}"/etc/openldap/{slapd.{conf,ldif},DB_CONFIG.example}
	chmod 640 "${pkgdir}"/etc/openldap/{slapd.{conf,ldif},DB_CONFIG.example}

	install -dm700 -o 120 -g 120 "${pkgdir}"/var/lib/openldap
	chown -R 120:120 "${pkgdir}"/var/lib/openldap

	install -dm700 -o 120 -g 120 "${pkgdir}"/etc/openldap/slapd.d
	install -Dm644 "${srcdir}"/slapd.service "${pkgdir}"/usr/lib/systemd/system/slapd.service
	install -Dm644 "${srcdir}"/openldap.tmpfiles "${pkgdir}"/usr/lib/tmpfiles.d/openldap.conf
	install -Dm644 "${srcdir}"/openldap.sysusers "${pkgdir}"/usr/lib/sysusers.d/openldap.conf
}
