diff --git a/SOURCES/perl-ldap-0.56-Fix-typos-in-man-pages.patch b/SOURCES/perl-ldap-0.56-Fix-typos-in-man-pages.patch new file mode 100644 index 0000000..a3c9ff9 --- /dev/null +++ b/SOURCES/perl-ldap-0.56-Fix-typos-in-man-pages.patch @@ -0,0 +1,289 @@ +--- a/lib/Net/LDAP/Entry.pod.bak 2015-11-30 11:27:26.531618113 +0100 ++++ b/lib/Net/LDAP/Entry.pod 2015-11-30 11:59:58.171801455 +0100 +@@ -300,7 +300,7 @@ + + B: In the interest of performance the array references returned + by C are references to structures held inside the entry +-object. These values and thier contents should B be modified ++object. These values and their contents should B be modified + directly. + + =item replace ( ATTR =E VALUE, ... ) +--- a/lib/Net/LDAP/Examples.pod.bak 2015-11-30 11:27:26.531618113 +0100 ++++ b/lib/Net/LDAP/Examples.pod 2015-11-30 12:00:46.011901949 +0100 +@@ -15,7 +15,7 @@ + specifics, e.g. Distinguished Name Syntax, related to the user's + own implementation. + +-The Itandard Iperating I

roceedure that is followed here is: ++The Itandard Iperating I

rocedure that is followed here is: + + =over 8 + +@@ -262,7 +262,7 @@ + my @AddArray; + + push @AddArray, 'cn', "me myself"; +- push @ReplaceArray, 'sn', '!@#$%^&*()__+Hello THere'; ++ push @ReplaceArray, 'sn', '!@#$%^&*()__+Hello There'; + push @ReplaceArray, 'cn', "me myself I"; + push @DeleteArray, 'cn', "me myself"; + +--- a/lib/Net/LDAP/FAQ.pod.bak 2015-11-30 11:27:26.531618113 +0100 ++++ b/lib/Net/LDAP/FAQ.pod 2015-11-30 12:05:21.216242185 +0100 +@@ -96,8 +96,8 @@ + + =item Git - fork on GitHub + +-If you have an account on Github (there's a free variant), you can easily +-fork the perl-ldap respository on GitHub. ++If you have an account on GitHub (there's a free variant), you can easily ++fork the perl-ldap repository on GitHub. + When logged on to GitHub, navigate to the perl-ldap repository + + https://github.com/perl-ldap/perl-ldap +@@ -107,7 +107,7 @@ + =item Git - clone repository + + You can download latest development version of perl-ldap from +-GitHub by cloning the repsoitory using the command: ++GitHub by cloning the repository using the command: + + git clone https://github.com/perl-ldap/perl-ldap.git + +@@ -297,7 +297,7 @@ + RDN => dc=com + + RDNs can contain multiple attributes, though this is somewhat +-ususual. They are called multi-AVA RDNs, and each AVA is separated in ++unusual. They are called multi-AVA RDNs, and each AVA is separated in + the RDN from the others with a plus sign (+). + + Example of a DN with a multi-AVA RDN: +@@ -586,7 +586,7 @@ + This optional module is required for JSON-formatted output of perl-ldap's + LWP::Protocol::ldap, LWP::Protocol::ldaps, or LWP::Protocol::ldapi modules. + +-If you need it, you can optain the latest releases from ++If you need it, you can obtain the latest releases from + http://search.cpan.org/search?module=JSON + + =item Time::Local +@@ -1186,7 +1186,7 @@ + In LDAPv3, this is defined to always work even if that attribute + doesn't exist in the entry. + +-ie: ++i.e.: + + my $mesg = $ldap->modify( $entry, replace => { %qv_del_arry } ); + +@@ -1417,7 +1417,7 @@ + $mysid = uc(unpack("H*",$sid)); + + $result = $exch->add ( dn => +- 'cn=user_name,cn=container,ou=site,o=organisation', ++ 'cn=user_name,cn=container,ou=site,o=organization', + attr => [ 'objectClass' => ['organizationalPerson'], + 'cn' => 'directory_name', + 'uid' => 'mail_nickname', +@@ -1523,7 +1523,7 @@ + When changing the password for the user bound to the directory + ADS expects it to be done by deleting the old password and + adding the new one. +-When doing it as a user with administrative priviledges replacing ++When doing it as a user with administrative privileges replacing + the unicodePwd's value with a new one is allowed too. + + Perl-ldap contains convenience methods for Active Directory that +@@ -1584,7 +1584,7 @@ + $ldaps = Net::LDAPS->new([ $ldapserverone, $ldapservertwo ], + port=>636, timeout=>5) or die "$@"; + +-For perl-ldap versions before 0.27, thes same goal can be achieved using: ++For perl-ldap versions before 0.27, the same goal can be achieved using: + + unless ( $ldaps = + Net::LDAPS->new($ldapserverone, +@@ -1745,7 +1745,7 @@ + Oracle Directory Server Enterprise Edition, formerly Sun One, formerly iPlanet. + http://www.oracle.com/technetwork/middleware/id-mgmt/index-085178.html + +-OptimalIDM - Virtual Identitity Server - .NET LDAP virtual directory ++OptimalIDM - Virtual Identity Server - .NET LDAP virtual directory + http://www.optimalidm.com/products/vis/Virtual-Directory-Server-VDS.aspx + + Quest One Quick Connect Virtual Directory Server - LDAP virtual directory +@@ -1764,7 +1764,7 @@ + A german LDAP Website + http://verzeichnisdienst.de/ldap/Perl/index.html + +-(non-exhaustive) list of LDAP software on wikipedia ++(non-exhaustive) list of LDAP software on Wikipedia + http://en.wikipedia.org/wiki/List_of_LDAP_software + + "RFC Sourcebook" on LDAP +--- a/lib/Net/LDAP/Filter.pod.bak 2015-11-30 11:27:26.532618115 +0100 ++++ b/lib/Net/LDAP/Filter.pod 2015-11-30 12:05:47.284397332 +0100 +@@ -105,7 +105,7 @@ + L, + L + +-=head1 ACKNOWLEDGEMENTS ++=head1 ACKNOWLEDGMENTS + + This document is based on a document originally written by Russell Fulton + Er.fulton@auckland.ac.nzE. +--- a/lib/Net/LDAP.pod.bak 2015-11-30 11:27:08.768578306 +0100 ++++ b/lib/Net/LDAP.pod 2015-11-30 11:27:08.768578306 +0100 +@@ -496,7 +496,7 @@ + Atomically increment the existing value in each given attribute by the + provided C. The attributes need to have integer syntax, or be + otherwise "incrementable". Note this will only work if the server +-advertizes support for LDAP_FEATURE_MODIFY_INCREMENT. Use ++advertises support for LDAP_FEATURE_MODIFY_INCREMENT. Use + L to check this. + + $mesg = $ldap->modify( $dn, +@@ -717,7 +717,7 @@ + as one expects even on strings with international characters. + + If this option is not given or the version of Perl Net::LDAP is running on +-is too old strings are encodeed the same as in earlier versions of perl-ldap. ++is too old strings are encoded the same as in earlier versions of perl-ldap. + + The value provided here overwrites the value inherited from the constructor. + +@@ -740,7 +740,7 @@ + Calling this method will convert the existing connection to using + Transport Layer Security (TLS), which provides an encrypted + connection. This is I possible if the connection uses LDAPv3, +-and requires that the server advertizes support for ++and requires that the server advertises support for + LDAP_EXTENSION_START_TLS. Use + L to check this. + +@@ -849,7 +849,7 @@ + + =item done ( ) + +-Convencience alias for C, named after the clean-up method ++Convenience alias for C, named after the clean-up method + of L. + + =back +@@ -1080,7 +1080,7 @@ + The homepage for the perl-ldap modules can be found at + http://ldap.perl.org/. + +-=head1 ACKNOWLEDGEMENTS ++=head1 ACKNOWLEDGMENTS + + This document is based on a document originally written by Russell Fulton + Er.fulton@auckland.ac.nzE. +--- a/lib/Net/LDAP/LDIF.pod.bak 2015-11-30 11:27:26.532618115 +0100 ++++ b/lib/Net/LDAP/LDIF.pod 2015-11-30 12:06:03.473488731 +0100 +@@ -136,7 +136,7 @@ + as one expects even on strings with international characters. + + If this option is not given or the version of Perl Net::LDAP is running on +-is too old strings are encodeed the same as in earlier versions of perl-ldap. ++is too old strings are encoded the same as in earlier versions of perl-ldap. + + Example: raw =E qr/(?i:^jpegPhoto|;binary)/ + +--- a/lib/Net/LDAP/Message.pod.bak 2015-11-30 11:27:26.532618115 +0100 ++++ b/lib/Net/LDAP/Message.pod 2015-11-30 12:06:10.645528088 +0100 +@@ -111,7 +111,7 @@ + L, + L + +-=head1 ACKNOWLEDGEMENTS ++=head1 ACKNOWLEDGMENTS + + This document is based on a document originally written by Russell + Fulton Er.fulton@auckland.ac.nzE. +--- a/lib/Net/LDAP/RFC.pod.bak 2015-11-30 11:27:26.532618115 +0100 ++++ b/lib/Net/LDAP/RFC.pod 2015-11-30 12:07:51.393017941 +0100 +@@ -642,7 +642,7 @@ + + The Internet is used for information exchange and communication + between its users. It can only be effective as such if users are able +-to find each other's addresses. Therefore the Internet benefits from ++to find each others addresses. Therefore the Internet benefits from + an adequate White Pages Service, i.e., a directory service offering + (Internet) address information related to people and organizations. + +--- a/lib/Net/LDAP/Schema.pod.bak 2015-11-30 11:27:26.532618115 +0100 ++++ b/lib/Net/LDAP/Schema.pod 2015-11-30 12:09:19.300370443 +0100 +@@ -32,7 +32,7 @@ + or raw oid (object identifier, in dotted numeric string form, e.g. 2.5.4.0) + may be supplied. + +-Each returned item of schema (eg an attribute definition) is returned ++Each returned item of schema (e.g. an attribute definition) is returned + in a HASH. The keys in the returned HASH are lowercased versions of + the keys read from the server. Here's a partial list (not all HASHes + define all keys) although note that RFC 4512 permits other keys as +@@ -159,7 +159,7 @@ + + =item attribute_syntax ( NAME ) + +-Given an attribute name, return the actual syntax taking into accountr ++Given an attribute name, return the actual syntax taking into account + attribute supertypes. + + =item matchingrule_for_attribute ( NAME, RULE ) +--- a/lib/Net/LDAP/Search.pod.bak 2015-11-30 11:27:26.532618115 +0100 ++++ b/lib/Net/LDAP/Search.pod 2015-11-30 12:09:30.515411574 +0100 +@@ -102,7 +102,7 @@ + L, + L + +-=head1 ACKNOWLEDGEMENTS ++=head1 ACKNOWLEDGMENTS + + This document is based on a document originally written by Russell + Fulton Er.fulton@auckland.ac.nzE. +--- a/lib/Net/LDAP/Security.pod.bak 2015-11-30 11:27:26.532618115 +0100 ++++ b/lib/Net/LDAP/Security.pod 2015-11-30 12:10:05.287534471 +0100 +@@ -130,7 +130,7 @@ + + You can only use TLS with an LDAPv3 server. That is because the + standard (RFC 4511) for LDAP and TLS requires that the I LDAP +-connection (ie., on port 389) can be switched on demand from plain text ++connection (i.e., on port 389) can be switched on demand from plain text + into a TLS connection. The switching mechanism uses a special extended + LDAP operation, and since these are not legal in LDAPv2, you can only + switch to TLS on an LDAPv3 connection. +@@ -151,18 +151,18 @@ + + The use of a mechanism like CRAM-MD5 provides a solution to the + password sniffing vulnerability, because these mechanisms typically do +-not require the user to send across a secret (eg., a password) in the ++not require the user to send across a secret (e.g., a password) in the + clear across the network. Instead, authentication is carried out in a + clever way which avoids this, and so prevents passwords from being + sniffed. + + B supports SASL using the B class. Currently the +-only B subclasses (ie., SASL mechanism) available are ++only B subclasses (i.e., SASL mechanism) available are + CRAM-MD5 and EXTERNAL. + + Some SASL mechanisms provide a general solution to the sniffing of all + data on the network vulnerability, as they can negotiate confidential +-(ie., encrypted) network connections. Note that this is over and above ++(i.e., encrypted) network connections. Note that this is over and above + any SSL or TLS encryption! Unfortunately, perl's B code + cannot negotiate this. + +@@ -172,7 +172,7 @@ + L, + L + +-=head1 ACKNOWLEDGEMENTS ++=head1 ACKNOWLEDGMENTS + + Jim Dutton Ejimd@dutton3.it.siu.eduE provided lots of useful feedback + on the early drafts. diff --git a/SOURCES/perl-ldap-0.56-Make-LDAP-work-after-LDAP-start_tls.patch b/SOURCES/perl-ldap-0.56-Make-LDAP-work-after-LDAP-start_tls.patch new file mode 100644 index 0000000..75a9831 --- /dev/null +++ b/SOURCES/perl-ldap-0.56-Make-LDAP-work-after-LDAP-start_tls.patch @@ -0,0 +1,44 @@ +From be16775bdacfe19ee0af38bd157272e137581640 Mon Sep 17 00:00:00 2001 +From: Peter Marschall +Date: Sat, 14 Dec 2013 15:17:46 +0100 +Subject: [PATCH] RT#90459: LDAP.pm: make LDAPS work after LDAP+start_tls + +Stop setting global SSL settings via IO::Socket::SSL::context_init() +in Net::LDAP::start_tls(). +According to Steffen Ullrich, the IO::Socket::SSL maintainer, setting +the global SSL settings is not necessary. + +While looking at it, Steffen found that connect_ldaps() does not make sure +the 'sslserver' argument is set to allow checking for the correct host name. +Fix this as well. + +Thanks to Klara Mall for reporting the bug and to Steffen Ullrich for +the patch ideas. +--- + lib/Net/LDAP.pm | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/lib/Net/LDAP.pm b/lib/Net/LDAP.pm +index 7ddd26a..2ee6898 100644 +--- a/lib/Net/LDAP.pm ++++ b/lib/Net/LDAP.pm +@@ -186,6 +186,8 @@ sub connect_ldaps { + # separate port from host overwriting given/default port + $host =~ s/^([^:]+|\[.*\]):(\d+)$/$1/ and $port = $2; + ++ $arg->{sslserver} = $host unless defined $arg->{sslserver}; ++ + $ldap->{net_ldap_socket} = IO::Socket::SSL->new( + PeerAddr => $host, + PeerPort => $port, +@@ -1080,7 +1082,6 @@ sub start_tls { + $arg->{sslversion} = 'tlsv1' unless defined $arg->{sslversion}; + $arg->{sslserver} = $ldap->{net_ldap_host} unless defined $arg->{sslserver}; + +- IO::Socket::SSL::context_init( { _SSL_context_init_args($arg) } ); + my $sock_class = ref($sock); + + return $mesg +-- +2.1.0 + diff --git a/SPECS/perl-LDAP.spec b/SPECS/perl-LDAP.spec index 183f70f..934c83e 100644 --- a/SPECS/perl-LDAP.spec +++ b/SPECS/perl-LDAP.spec @@ -1,6 +1,6 @@ Name: perl-LDAP Version: 0.56 -Release: 3%{?dist} +Release: 5%{?dist} Epoch: 1 Summary: LDAP Perl module Group: Development/Libraries @@ -16,6 +16,10 @@ Patch1: perl-ldap-0.56-LDAP.pm-set-SSL_cipher_list-to-correct-value.patc # Pass actual length to syswrite() instead of default 1500 B, bug #1104243, # CPAN RT#96203, in upstream 0.64 Patch2: perl-ldap-0.56-RT-96203-LDAP.pm-use-correct-length-for-syswrite.patch +# Make LDAPS work after LDAP+start_tls, bug #1210032 +Patch3: perl-ldap-0.56-Make-LDAP-work-after-LDAP-start_tls.patch +# Fix typo in man pages, bug #1286921 +Patch4: perl-ldap-0.56-Fix-typos-in-man-pages.patch BuildArch: noarch BuildRequires: perl BuildRequires: perl(inc::Module::Install) @@ -80,6 +84,8 @@ maintenance functions such as adding, deleting or modifying entries. %patch0 -p1 %patch1 -p1 %patch2 -p1 +%patch3 -p1 +%patch4 -p1 chmod -c 644 bin/* contrib/* lib/Net/LDAP/DSML.pm perl -pi -e 's|^#!/usr/local/bin/perl\b|#!%{__perl}|' contrib/* # Remove bundled libraries @@ -108,6 +114,13 @@ make test %{_mandir}/man3/*.3pm* %changelog +* Mon Mar 07 2016 Jitka Plesnikova - 1:0.56-5 +- Update patch to cleanup patch leftover + +* Fri Mar 04 2016 Jitka Plesnikova - 1:0.56-4 +- Make LDAPS work after LDAP+start_tls (bug #1210032) +- Fix typo in man pages (bug #1286921) + * Wed Aug 06 2014 Petr Pisar - 1:0.56-3 - Do not set SSL ciphers at all by default (bug #1091316) - Pass actual length to syswrite() instead of default 1500 B (bug #1104243)