ports/71030: add LDAP backend support to net/isc-dhcp3-server

Fri Aug 27 13:40:28 UTC 2004

>Number:         71030
>Category:       ports
>Synopsis:       add LDAP backend support to net/isc-dhcp3-server
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Fri Aug 27 13:40:27 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator:     Joerg Pulz
>Release:        FreeBSD 5.2.1-RELEASE-p8 i386
>Organization:
TU-Munich / ZWE FRM-II
>Environment:
System: FreeBSD hades.admin.frm2 5.2.1-RELEASE-p8 FreeBSD 5.2.1-RELEASE-p8 #4: Tue Aug 17 11:51:25 CEST 2004 root at hades.admin.frm2:/usr/obj/usr/src/sys/HADES i386


	
>Description:
	with some modifications to the port itself and utilizing a patch
	from Brian Masney (http://www.newwave.net/~masneyb/) it is
	possible to use an LDAP backend to store the configuration
	for dhcpd, the different network and host entries. dynamic leases
	are also written to the LDAP backend.
	this is very useful in a dhcp failover environment, as it is no
	longer necessary to sync the dhcpd.conf file manually to the
	backup system if one has changed something on the dhcp master.
	two lookup methods are implemented.
	- static lookup:
		on dhcpd startup one LDAP lookup for all entries is done.
		no further lookups will be made.
		dhcpd must be restarted for every configuration change.
	- dynamic lookup:
		for every client request an LDAP lookup will be made.
		every configuration change kicks in when the next
		client request is recieved and the lookup is made.
>How-To-Repeat:
	
>Fix:

--- isc-dhcp3-server.diff begins here ---
Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/net/isc-dhcp3-server/Makefile,v
retrieving revision 1.101
diff -u -r1.101 Makefile
--- Makefile	20 Aug 2004 11:52:33 -0000	1.101
+++ Makefile	27 Aug 2004 13:11:26 -0000
@@ -30,7 +30,9 @@
 .endif
 .if ${SUBSYS} == server
 OPTIONS=	DHCP_PARANOIA "add -user, -group and -chroot options" on \
-		DHCP_JAIL "add -chroot and -jail options" on
+		DHCP_JAIL "add -chroot and -jail options" on \
+		DHCP_LDAP "add experimental LDAP backend support" off \
+		DHCP_LDAP_SSL "support LDAP connection over SSL/TLS" on
 .endif
 
 .include <bsd.port.pre.mk>
@@ -118,6 +120,11 @@
 .endif
 .if !defined(NOPORTDOCS)
 PORTDOCS=	LICENSE README RELNOTES
+.if ${SUBSYS} == server
+.ifdef(WITH_DHCP_LDAP)
+PORTDOCS+=	README.ldap
+.endif
+.endif
 .endif
 
 SAMP_SUFX=	.sample
@@ -139,7 +146,32 @@
 .else
 RCSCRIPTS_SUB+=	JAIL=NO
 .endif
-PKGMESSAGE_SUB=	PREFIX=${PREFIX} MAN1PREFIX=${MAN1PREFIX}
+PKGMESSAGE_SUB=	PREFIX=${PREFIX} MAN1PREFIX=${MAN1PREFIX} \
+		DOCSDIR=${DOCSDIR} SCHEMA_DIR=${SCHEMA_DIR}
+
+.if ${SUBSYS} == server
+.ifdef(WITH_DHCP_LDAP)
+# Based on patch from Brian Masney.
+# http://www.newwave.net/~masneyb/
+PATCH_SITES=	http://www.newwave.net/~masneyb/
+PATCHFILES=	${PORTNAME}-${RELEASE}${VERSION}${PATCHLEVEL}-ldap-patch
+PATCH_DIST_STRIP=	-p1
+USE_PERL5_RUN=	yes
+USE_OPENLDAP=	yes
+LDAP_SCRIPT=	contrib/dhcpd-conf-to-ldap.pl
+LDAP_SCHEMA=	contrib/dhcp.schema
+SCHEMA_DIR=	${PREFIX}/share/${PKGBASE}
+PLIST_SUB+=	LDAP="" \
+		PKGBASE=${PKGBASE}
+.if defined(WITH_DHCP_LDAP_SSL)
+USE_OPENSSL=	yes
+# hack to get bsd.openssl.mk included at this late state
+.include "${PORTSDIR}/Mk/bsd.openssl.mk"
+.endif
+.else
+PLIST_SUB+=	LDAP="@comment "
+.endif
+.endif
 
 # Post-extract
 #
@@ -179,6 +211,15 @@
 .if !defined(WITHOUT_DHCP_JAIL)
 	@${ECHO_CMD} CFLAGS += -DJAIL >> ${WRKSRC}/site.conf
 .endif
+.ifdef(WITH_DHCP_LDAP)
+	@${ECHO_CMD} CFLAGS += -I${LOCALBASE}/include >> ${WRKSRC}/site.conf
+	@${ECHO_CMD} LIBS += -L${LOCALBASE}/lib >> ${WRKSRC}/site.conf
+.ifdef(WITH_DHCP_LDAP_SSL)
+	@${ECHO_CMD} CFLAGS += -DUSE_SSL -I${OPENSSLINC} >> ${WRKSRC}/site.conf
+	@${ECHO_CMD} LIBS += -L${OPENSSLLIB} >> ${WRKSRC}/site.conf
+	@${ECHO_CMD} LIBS += -lcrypto -lssl >> ${WRKSRC}/site.conf
+.endif
+.endif
 .endif
 
 patch-makefile-conf:
@@ -205,6 +246,11 @@
 .if ${SUBSYS} != devel
 	@${SED} ${PKGMESSAGE_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \
 		${MSG_FILE} > ${PKGMESSAGE}
+.ifndef(WITH_DHCP_LDAP)
+	@${REINPLACE_CMD} -e '/^%%LDAP%%/d' ${PKGMESSAGE}
+.else
+	@${REINPLACE_CMD} -e 's|^%%LDAP%%||g' ${PKGMESSAGE}
+.endif
 .endif
 
 # Post-install
@@ -216,7 +262,7 @@
 
 parallel-post-install: \
 	strip-binary-files install-startup-files \
-	install-doc-files install-sample-files \
+	install-doc-files install-ldap-files install-sample-files \
 	create-conf-files create-data-files
 
 strip-binary-files:
@@ -242,6 +288,15 @@
 .endfor
 .endif
 
+install-ldap-files:
+.if ${SUBSYS} == server
+.ifdef(WITH_DHCP_LDAP)
+	@${INSTALL_SCRIPT} ${WRKSRC}/${LDAP_SCRIPT} ${PREFIX}/bin
+	@${MKDIR} ${SCHEMA_DIR}
+	@${INSTALL_DATA} ${WRKSRC}/${LDAP_SCHEMA} ${SCHEMA_DIR}
+.endif
+.endif
+
 install-sample-files:
 .for f in ${SAMP_FILES}
 	@${INSTALL_DATA} ${WRKSRC}/${f} ${CONF_DIR}/${f:T}${SAMP_SUFX}
Index: distinfo
===================================================================
RCS file: /home/ncvs/ports/net/isc-dhcp3-server/distinfo,v
retrieving revision 1.47
diff -u -r1.47 distinfo
--- distinfo	25 Jun 2004 18:50:13 -0000	1.47
+++ distinfo	27 Aug 2004 13:11:26 -0000
@@ -1,2 +1,4 @@
 MD5 (dhcp-3.0.1rc14.tar.gz) = a68074d9ebdeb355c293d9b3645b3c2c
 SIZE (dhcp-3.0.1rc14.tar.gz) = 842712
+MD5 (dhcp-3.0.1rc14-ldap-patch) = 38fde70e0f27758da2be70ce46c17f8b
+SIZE (dhcp-3.0.1rc14-ldap-patch) = 152494
Index: pkg-message
===================================================================
RCS file: /home/ncvs/ports/net/isc-dhcp3-server/pkg-message,v
retrieving revision 1.7
diff -u -r1.7 pkg-message
--- pkg-message	18 Aug 2004 09:31:58 -0000	1.7
+++ pkg-message	27 Aug 2004 13:11:26 -0000
@@ -39,3 +39,9 @@
       variables are still read there but should be moved /etc/rc.conf or
       /etc/rc.conf.d/dhcpd instead.  Also, the dhcpd_options variable must
       be renamed dhcpd_flags if any.
+%%LDAP%%
+%%LDAP%%****  You have requested support for the LDAP configuration backend.
+%%LDAP%%      The OpenLDAP schema file is installed as
+%%LDAP%%      %%SCHEMA_DIR%%/dhcp.schema.
+%%LDAP%%      See %%DOCSDIR%%/README.ldap for further
+%%LDAP%%      LDAP configuration details.
Index: pkg-plist
===================================================================
RCS file: /home/ncvs/ports/net/isc-dhcp3-server/pkg-plist,v
retrieving revision 1.29
diff -u -r1.29 pkg-plist
--- pkg-plist	26 Jun 2004 14:32:40 -0000	1.29
+++ pkg-plist	27 Aug 2004 13:11:26 -0000
@@ -1,5 +1,8 @@
 @comment $FreeBSD: ports/net/isc-dhcp3-server/pkg-plist,v 1.29 2004/06/26 14:32:40 eik Exp $
 bin/omshell
+%%LDAP%%bin/dhcpd-conf-to-ldap.pl
 etc/dhcpd.conf.sample
 etc/rc.d/isc-dhcpd.sh
 sbin/dhcpd
+%%LDAP%%share/%%PKGBASE%%/dhcp.schema
+%%LDAP%%@dirrm share/%%PKGBASE%%
--- isc-dhcp3-server.diff ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

