openldap2 (2.1.30-13.4) unstable; urgency=low

  * Non-maintainer upload.
  * Remove all debian/slapd.* files as slapd is not built anymore. This also:
    - Removes all debconf translatable material as well as translated
      material. Closes: #231934, #365517
    - Removes the need to Build-Depend on po-debconf
  * Add empty binary-indep target to debian/rules. Closes: #395723
  * Remove one occurrence of the old FSF address in debian/copyright

 -- Christian Perrier <bubulle@debian.org>  Sun, 11 Mar 2007 09:23:38 +0100

openldap2 (2.1.30-13.3) unstable; urgency=low

  * Non-maintainer upload to fix other remaining l10n issues.
  * Debconf translations:
    - Spanish. Closes: #402684
    - Russian. Closes: #405692
    - Galician. Closes: #407266
    - Swedish. Closes: #408100

 -- Christian Perrier <bubulle@debian.org>  Fri, 16 Feb 2007 23:12:23 +0100

openldap2 (2.1.30-13.2) unstable; urgency=low

  * Non-maintainer upload to fix remaining l10n issues
  * Add debconf-updatepo to the clean target of debian/rules
    Closes: #328957
  * Debconf translations:
    - Catalan added. Closes: #248744

 -- Christian Perrier <bubulle@debian.org>  Wed,  8 Nov 2006 07:33:47 +0100

openldap2 (2.1.30-13.1) unstable; urgency=low

  * Non-maintainer upload to fix longstanding l10n issues
  * Debconf translations:
    - German updated. Closes: #313941, #252223
    - French updated. Closes: #232492, #237100
    - Dutch updated. Closes: #365173
    - Brazilian Portuguese updated. Closes: #234421
    - Czech added. Closes: #265582
    - Danish added. Closes: #296988
    - Swedish added. Closes: #341039
    - Portuguese added. Sent during the call for updates related to the NMU.
    - Vietnamese added. Sent during the call for updates related to the NMU.

 -- Christian Perrier <bubulle@debian.org>  Thu, 12 Oct 2006 22:29:27 +0200

openldap2 (2.1.30-13) unstable; urgency=low

  * Build against libgnutls12.  Update the gnutls patch accordingly; no
    compatibility for libgnutls11 is provided, the APIs have changed
    enough that a baseline of gnutls 1.2 is now assumed.
  * Fix several minor bugs in the gnutls patch that manifested as
    compiler warnings

 -- Steve Langasek <vorlon@debian.org>  Tue, 28 Feb 2006 00:44:46 -0800

openldap2 (2.1.30-12) unstable; urgency=low

  * [l10n] Vietnamese translations by Clytie Siddall (closes: #316603).
  * Fix duplicate timeout setting using the patch by Ondrej Sury 
    (closes: #329076). Thanks, Ondrej!

 -- Torsten Landschoff <torsten@debian.org>  Mon, 19 Sep 2005 15:05:23 +0200

openldap2 (2.1.30-11) unstable; urgency=high

  * [SECURITY] Possible password disclosure                 (CAN-2005-2069)
  + libraries/libldap/tls.c: Make sure that TLS is enabled when handling
    referrals with "ssl start_tls" in /etc/ldap/ldap.conf (closes: #316674).

 -- Torsten Landschoff <torsten@debian.org>  Sun,  3 Jul 2005 10:52:07 +0200

openldap2 (2.1.30-10) unstable; urgency=low

  * Apply patch by Steven Ihde to fix libldap NTLM integration (and correct
    the libldap_r Makefile.in as well) (closes: #305559).
  * Revert the last change and have symlinks of the library again. Consensus
    on #debian-devel was that having the same library in two files is a 
    recipe for disaster.
  * debian/libldap2.postinst: Improve the removal of old libraries to 
    catch more cases which might occur.

 -- Torsten Landschoff <torsten@debian.org>  Mon, 30 May 2005 10:22:52 +0200

openldap2 (2.1.30-9) unstable; urgency=low

  * Copy libldap_r to libldap instead of using symlinks. Means 200kByte more
    of disk usage and less problems I hope.

 -- Torsten Landschoff <torsten@debian.org>  Sun, 29 May 2005 19:03:46 +0200

openldap2 (2.1.30-8) unstable; urgency=low

  * Steve Langasek <vorlon@debian.org>
    + debian/libldap2.postinst: nuke files orphaned by libldap2-tls on
      install, so that running ldconfig doesn't break our symlinks.
      Closes: #309485.

 -- Steve Langasek <vorlon@debian.org>  Tue, 17 May 2005 21:50:22 -0700

openldap2 (2.1.30-7) unstable; urgency=high

  * Stephen Frost <sfrost@debian.org>
    + debian/move_files: make libldap a symlink to libldap_r, as carrying
      two versions of this library around is more trouble than it's worth,
      and can cause glorious segfaults down the line 
      (closes: #306258, #302296, #306546)
    + debian/move_files: Comment out moves for things we no longer build here
      (slapd, libslapd2-dev, ldap-utils).  Makes rebuilding cleaner.
    + debian/control: Remove libslapd2-dev; doesn't make any sense without the
      slapd to go along with.
    + debian/control: Add Steve Langasek as Uploader.
    + debian/move_files: Disable check_completeness since it doesn't make
      sense anymore (we don't *want* to use all the files).
    + debian/rules: comment-out and remove binary-indep, since we no longer
      have any arch: all packages in here.

 -- Stephen Frost <sfrost@debian.org>  Fri, 13 May 2005 19:06:21 -0400

openldap2 (2.1.30-6) unstable; urgency=high

  * Torsten Landschoff <torsten@debian.org>
    + Update configure stuff using libtoolize, aclocal-1.4 and autoconf2.50
      to update libtool for kfreebsd-gnu and friends (closes: #266688).
    + Readd ntlm.c from the NTLM patch which got lost somewhere inbetween, 
      ouch. Forgot to svn add it...
    + debian/move_files: Move the ucdata files into the slapd package (which
      is no longer build) as libldap2 (where they used to be) does not use
      them (closes: #298270).
    + Apply patch from #278875 to allow building against OpenSSL if 
      requested by user (closes: #278875). Run autoconf to recreate configure.
    + debian/check_config: Make check more robust for different autoconf
      versions.
    + debian/rules: Remove automatic invocation of autoheader and autoconf
      as they failed here.
    + debian/slapd.init: Add --oknodo to start-stop-daemon invocations to
      make the script idempotent (bug #298741), patch by Bill Allombert.

 -- Torsten Landschoff <torsten@debian.org>  Wed, 23 Feb 2005 00:08:40 +0100

openldap2 (2.1.30-5) experimental; urgency=low

  * BEWARE: Don't upload this before openldap2.2 is there!!
  * debian/rules: Only build libldap2 and libldap2-dev for client
    packages. The openldap2 source package will be superseded with
    openldap2.2 which provides the server support.

 -- Torsten Landschoff <torsten@debian.org>  Wed, 23 Feb 2005 00:08:40 +0100

openldap2 (2.1.30-4) unstable; urgency=low

  * Roland Bauerschmidt <rb@debian.org>
    + Applied patch by Modestas Vainius <geromanas@mailas.com> to fix a
      memory leak in the GNUTLS compatibility wrapper. Closes: #264443.
    + Applied patch by Modestas Vainius <geromanas@mailas.com> to
      install executables without stripping them by using the "-s"
      option. They will be stripped by dh_strip later, which is aware
      of DEB_BUILD_OPTIONS. Closes: #264448.
    + Fix a segmentation fault when a non-existent TLS_CACERTDIR is
      specified in ldap.conf. Thanks to Guido Guenther <agx@debian.org>
      for the straight-forward patch. Closes: #269758.
  * Torsten Landschoff <torsten@debian.org>
    + debian/configure.options: Build back-ldap statically (closes: #238444).
    + libraries/libldap/Makefile.in: Link with thread libraries
      (closes: #266688).
    + Refine the patch for the TLS_CACERTDIR problem to log an error 
      message if the directory can't be opened.
    + Fix the check if an existing database should be moved (closes: #276380).
    + debian/fix_ldif: Apply patch from Andreas Schuldei for better
      schema checks et cetera.
    + Apply patch for NTLM support from
      http://patches.ximian.com/download.cgi?object=openldap-ntlm.patch-4
      (closes: #283606).

 -- Torsten Landschoff <torsten@debian.org>  Sun, 12 Sep 2004 10:02:39 +0200

openldap2 (2.1.30-3) unstable; urgency=high

  * Urgeny high since previous releases were hardly usable (at least
    with TLS).
  * Roland Bauerschmidt <rb@debian.org>
    + libraries/libldap/gnutls.c, libraries/libldap/tls.c,
      include/ldap_pvt_gnutls.h: Use callback with
      gnutls_certificate_set_params_function to generate dh_params and
      rsa_params (this is also the way, it's done with OpenSSL). We need
      GNUTLS 1.0.9 for this. With the new version of libgcrypt, we also
      need to initialize threading explicitly. The previous
      segmentation faults resulted from the *global* param structure
      being recreated and freed for every session. Many thanks to
      Matthias Urlichs who helped debugging a lot and also packaged
      GNUTLS 1.0.16 very quickly... Closes: #244827.
    + debian/control: Add build dependency to libgcrypt11-dev (we're
      initializing it directly now) and change libgnutls10-dev to
      libgnutls11-dev.
    + libraries/libldap/gnutls.c: in tls_gnutls_need_{dh,rsa}_params
      (formerly ldap_gnutls_need_...), create temp files more securely,
      doing unlink before opening and opening them with O_EXCL. This is
      necessary because under Linux 2.6 all threads have the same PID.
      Thanks to Andrew Suffield for pointing this out.
    + debian/slapd.cron.daily: cron job to remove GNUTLS rsa_export and
      dh param cache files every day.
    + debian/slapd.README.Debian: add note that we use GNUTLS rather
      than OpenSSL.

 -- Roland Bauerschmidt <rb@debian.org>  Mon, 26 Jul 2004 18:41:23 +0200

openldap2 (2.1.30-2) unstable; urgency=low

  * Roland Bauerschmidt <rb@debian.org>
    + debian/slapd.scripts-common: add missing space before !
      Closes: #251036, #253633, #257513.
  * Torsten Landschoff <torsten@debian.org>
    + Applied patch by Ralf Hack to support non-standard config file
      location in /etc/default/slapd (closes: #229195).
    + Applied patch to fix handling of abandoned commands 
      (closes: #254183). Thanks to Peter Marschall for submitting it.
    + Applied patch to fix memory leak after search (closes: #254184).
      Thanks again, Peter!
    + Applied trivial patch to support logging to DAEMON facility
      as well as LOCAL* (closes: #254186). Here you are, Peter ;)

 -- Roland Bauerschmidt <rb@debian.org>  Fri, 09 Jul 2004 15:56:06 +0200

openldap2 (2.1.30-1) unstable; urgency=low

  * Torsten Landschoff <torsten@debian.org>:
    + debian/control: Have slapd conflict with libltdl3 version 1.5.4-1
      as with that version loading of .so files is broken which breaks
      slapd (closes: #249152).
    + Applied patch to fix Perl backend (closes: #245347). Kudos
      to Peter Marschall.
    + debian/configure.options: Enable building of Perl backend.

  * Roland Bauerschmidt <rb@debian.org>
    + debian/slapd.templates: replace 'domain' with 'DNS domain name'
      which is little more specific
    + debian/slapd.config: check if the domain has a valid syntax to
      prevent slapadd from failing. Closes: #235749.
    + New upstream version with fix for NS-MTA-MD5 hash length 
      checking. Closes: #226583.

 -- Torsten Landschoff <torsten@debian.org>  Mon, 24 May 2004 23:33:21 +0200

openldap2 (2.1.29-2) unstable; urgency=low

  * Roland Bauerschmidt <rb@debian.org>
    + debian/rules: Revert change to install ldapadd as symlink.
      Somehow, with that change, ldapadd didn't get installed at all.
      Closes: #243537.

 -- Roland Bauerschmidt <rb@debian.org>  Tue, 13 Apr 2004 19:49:55 +0200

openldap2 (2.1.29-1) unstable; urgency=low

  * Stephen Frost <sfrost@debian.org>
    + libraries/gnutls.c: Generate and store RSA/DH parameters,
      based off a patch by Petr Vandrovec (though changed alot).
      Closes: #234639, #234593

  * Roland Bauerschmidt <rb@debian.org>
    + Merged new upstream release.
    + debian/slapd.prerm: add #DEBHELPER# token.
    + debian/control: have slapd depend on debconf (>= 0.5) to ensure
      it supports the seen flag.
    + debian/rules: ldapadd is installed as a hardlink to ldapmodify;
      use a symlink instead.
    + debian/slapd.{scripts-common,postinst,preinst,config}: Add new
      function read_slapd_conf that evaluates include statements.

 -- Torsten Landschoff <torsten@debian.org>  Mon, 12 Apr 2004 15:27:55 +0200

openldap2 (2.1.26-1) unstable; urgency=low

  * Torsten Landschoff <torsten@debian.org>:
    + Merged new upstream release.
    + debian/slapd.templates (slapd/purge_database): Set default value to 
      false.
    + debian/slapd.config (manual_configuration_wanted): Don't exit
      from the script directly if the user wants to configure 
      slapd manually (exit 0 -> return 0).
    + Build-depend on libgnutls10-dev instead of libgnutls7-dev and 
      rebuild (closes: #233833).
    + Move previous content of /var/lib/ldap away during creation of 
      an initial directory (closes: #228886, #233512).
    + debian/slapd.postrm: Remove flag files in /var/lib/slapd on purge.
    + Removed functionality (verbose error messages) from gnutls.c until
      it compiled with libgnutls10-dev :-((
    + debian/slapd.postinst: Overwrite existing /etc/ldap/slapd.conf (only
      reached during initial installation/dpkg-reconfigure).
    
 -- Torsten Landschoff <torsten@debian.org>  Mon, 23 Feb 2004 09:36:32 +0100

openldap2 (2.1.25-1) unstable; urgency=low

  * Roland Bauerschmidt <rb@debian.org>:
    + New upstream version.
      - Build against libdb4.2. Hopefully, this resolves the BDB
        lock ups when configured improperly.
    + debian/control: Have ldap-utils depend on the same version of
      libldap2, and libldap2 conflict with ldap-utils (<= 2.1.23-1).
      Closes: #216661.
    + debian/slapd.{templates,config}: Check if there are slave
      databases in slapd.conf lacking an updateref option, and warn
      about it. Closes: #216797.
    + debian/slapd.{templates,config,postinst,conf}: Ask which
      database backend to use (BDB or LDBM).
    + debian/slapd.README.Debian: cleanup
    + servers/slapd/back-bdb/dbcache.c: Turn off subdatabases. This
      is an incompatible database format change, but according to
      Howard Chu "using them (subdatabases) is known to cause deadlocks
      on multiprocessor machines, among other issues."
    + debian/control: add Recommends: db4.2-util to slapd
    + debian/control: add Recommends: libsasl2-modules to slapd and
      ldap-utils. Closes: #224058.
    + debian/slapd.{scripts-common,preinst,postinst}: Extended dump
      and restore code to deal with different versions for different
      backends.
    + debian/control: Geez, centipede seems to have vanished a long
      time ago. So don't claim it's included in the slapd package.
    + debian/slapd.docs: created with servers/slapd/back-sql/
      rdbms_depends. Closes: #225807.
  
  * Torsten Landschoff <torsten@debian.org>:
    + debian/move_files: Install slappasswd into ldap-utils instead 
      of slapd as it's useful without slapd as well (closes: #228705).
    + debian/control: Make ldap-utils Replaces: slapd < 2.1.25 because
      of that change.
    + debian/control: Use libdb4.2-dev instead of libdb4.1-dev as a
      number of problems seem to be related to DB 4.1.

 -- Torsten Landschoff <torsten@debian.org>  Fri,  6 Feb 2004 20:48:22 +0100

openldap2 (2.1.23-1) unstable; urgency=low

  * Roland Bauerschmidt <rb@debian.org>:
    + New upstream version.
    + Applied fix for admin password breakage from Michael Beattie
      <mjb@debian.org>. Closes: #214270.
    + Added Dutch Debconf template translation by cobaco@linux.be.
      Closes: #215373.
    + Bumped Standards-Version (no changes needed).
  
  * Torsten Landschoff <torsten@debian.org>:
    + debian/move_files: Install slappasswd into ldap-utils instead
      of slapd (closes: #228705).

 -- Roland Bauerschmidt <rb@debian.org>  Sat, 18 Oct 2003 19:56:54 +0200

openldap2 (2.1.22-3) unstable; urgency=low

  * Call perl -w to run debian/dh_installscripts-common. Closes: #214054.

 -- Roland Bauerschmidt <rb@debian.org>  Sat,  4 Oct 2003 14:22:11 +0200

openldap2 (2.1.22-2) unstable; urgency=high

  * Stephen Frost <sfrost@debian.org>
    + servers/slapd/daemon.c: Apply patch from head for select handling.
    + debian/rules: Fix build options to optimize correctly and to use
      DEB_BUILD_OPTIONS (Policy, 10.1). Closes: #202306
    + debian/slapd.conf: Add in ACL for root DSE explicitly.
    + debian/slapd.init: Add --oknodo in stop_slurpd. Closes: #202592
    + debian/rules: Need quotes around $(CFLAGS) on configure line.
    + debian/slapd.init: Remove \'s before quotes around pidfile.
    + debian/slapd.init: Add support for -h slapd flag. Closes: #201991
    + debian/slapd.default: Add variable $SLAPD_SERVICES for slapd -h.
    + libraries/libldap/tls.c: Apply patch from asuffield in #202741 to
      fix subjectAltName usage.  Closes: #202741

  * Torsten Landschoff <torsten@debian.org>:
    + Fix invocation of "head" in maintainer scripts and replace usage of
      [ foo -a bar ] by [ foo ] && [ bar ] (closes: #203292).
    + debian/slapd.postrm: Small cleanup, only remove the directory, not
      the backups, on purge.
    + debian/rules: Don't run the upstream install target if we did not
      rebuild the whole tree. Makes debugging maintainer script much more
      tolerable.
    + debian/slapd.config: Cleaned up and restructured for readability.
    + debian/slapd.templates: Replaced the invalid_suffix template with
      invalid_config which is more general and can be used for any
      inconsistency in the initial configuration.
    + debian/slapd.postinst: Rewritten to eliminate all that spaghetti.
      Did not yet implement all old features again...
      - Now the #DEBHELPER# part is always reached so that the daemon
        will be restarted even if no automatic configuration is wanted
        (closes: #204008).
    + Fixed the undefined symbols in libldap_r.so.2 (closes: #195990).
    | configure.in: Try -lpthread before -pthread to link the thread
      library. libtool does not pass -pthread through, -lpthread seems
      to work though.
    | libraries/libldap_r/Makefile.in: Add $(LTHREAD_LIBS) to
      UNIX_LINK_LIBS so that pthread is linked when creating a shared library
      as well.

  * Roland Bauerschmidt <rb@debian.org>:
    + debian/configure.options: change --localstatedir=/var/lib to
      --localstatedir=/var/run. Since localstatedir isn't used anywhere
      in the code, except for the ldapi socket (and examples in the
      manpages which are correct at the moment anyway), all this change
      does should be changing the default location of the ldapi socket
      from /var/lib/ldapi to /var/run/ldapi. Closes: #160965.
    + libraries/libldap/tls.c: In get_ca_list, walk through CACERTDIR
      manually if building against GNUTLS (since there is no equivalent
      to SSL_add_dir_cert_subjects_to_stack). Closes: #205609.
    + debian/slapd.preinst: create /var/backups/ldap/$oldver with
      permissions 0700. Also change permissions for /var/backups/ldap
      to 0700 if it already exists. Closes: #209019.
    + Added Japanese translation of Debconf templates by Kenshi Muto
      <kmuto@debian.org>. Closes: #210731.
    + debian/slapd.{postinst,preinst,config}: Replaced duplicate
      implementations of the same functions with one version and moved
      those into debian/slapd.scripts-common which will be included by
      debian/dh_installscripts-common.
    + debian/slapd.preinst: before dumping the database, check if the
      backend is supported
    + debian/slapd.postinst:
      - add -q to grep call for allow bind_v2
      - readded pre-2.1 (woody) upgrade path (that is, dumping, fixing
        and reimporting the database)

 -- Roland Bauerschmidt <rb@debian.org>  Fri,  3 Oct 2003 15:35:29 +0200

openldap2 (2.1.22-1) unstable; urgency=low

  * Stephen Frost <sfrost@debian.org>:
    + New upstream version (minor changes).
    + debian/control: Change build-deps to autoconf2.13, Closes: #201482
    + debian/rules: Add dh_compress -i for binary-indep.
    + debian/slapd.postinst: Give variable for read (avoids bashism).
    + configure/.in: Use upstream's version of back-meta/back-ldap fix.

 -- Stephen Frost <sfrost@debian.org>  Wed, 16 Jul 2003 08:42:23 -0400

openldap2 (2.1.21-2) unstable; urgency=low

  * Stephen Frost <sfrost@debian.org>:
    + debian/slapd.preinst: slapcat here if possible, if slapcat not
      available then slapcat in postinst.  Also remove old unused
      function.
    + debian/slapd.postinst: Check if slapcat in preinst worked and use
      those results in preference.  Also moved to using /var/backups/ldap.
    + servers/slapd/daemon.c: Provide more information on socket/bind 
      failures. Patch submitted upstream. Closes: #94967.
    + ./configure, ./configure.in: Fix check for back_ldap in back_meta.
      back_ldap now included as module.  back_ldap and back_meta appear
      to load fine, though order may matter.  Closes: #196995.
    + debian/control: Add versioned Depends on perl, need recent version
      for migration script.
    + debian/slapd.{pre,post}inst: Allow for whitespace in postinst 
      before database definitions
    + debian/control: Drop the libldap2-dev Depends that aren't actually
      necessary.
    + debian/slapd.preinst: Add create_sed_script to create the script to
      deal with multi-line commands in slapd.conf.  Modify things to use
      sed script to preprocess slapd.conf before using it.  Remove
      support for whitespace preceeding commands.
    + debian/slapd.postinst: Add create_sed_script here too and modify
      everything to use it as necessary.  Also change everything to
      reference $SLAPD_CONF instead of /etc/ldap/slapd.conf everywhere.
      Remove support for whitespace preceeding commands.
    + debian/slapd.postinst: Removed all tabs.  Changed all sed scripts
      to used [:space:] instead of [space tab].
    + debian/slapd.postinst: Removed debugging statements from ldap_v2
      support handling code.
    + debian/slapd.preinst: Changed to use mktemp for sed script.
    + debian/slapd.postinst: Changed to use mktemp for sed script.
    + debian/slapd.config: If no hostname set just use debian.org.
    + contrib/ldapc++/config.{sub,guess}: Resync back to upstream, no 
      reason not to, we don't even build this stuff...
    + debian/control: Change build-depends to libgnutls7-dev instead of
      libssl-dev.
    + debian/rules: Now run autoconf && autoheader to pick up on the
      configure.in changes needed for GNU TLS.
    + debian/copyright: Added Steve Langasek (SL) copyright statement.
    + Patch from Steve Langasek for GNU TLS support, Closes: #198553
    | include/ldap_pvt_gnutls.h: Added for GNU TLS
    | configure.in: Now uses GNU TLS where available.
    | servers/slapd/schema_init.c: Modified for GNU TLS- some functions
      removed because GNU TLS layer does not support them yet.
    | build/install-sh: Added for new autoconf.
    | libraries/libldap/Makefile.in: Changed to compile GNU TLS portions.
    | libraries/libldap/getdn.c: Stub function added, GNU TLS layer does 
      not support TLS certificates for authentication yet.
    | libraries/libldap/tls.c: Now calls GNU TLS functions instead of
      OpenSSL.
    | libraries/libldap/gnutls.c: Added to support GNU TLS in place of
      OpenSSL for TLS connections.
    | libraries/libldap_r/Makefile.in: Changed to compile GNU TLS portions.
    + debian/slapd.postinst: remove temp file if upgrading or doing a
      reconfigure but the OLDSUFFIX and basedn match so that we do not
      move an empty file overtop of slapd.conf.  Closes: #190797.
    + debian/slapd.init: Inform user when not starting slapd due to
      no configuration file found.  Deals with users who select to not
      configure slapd during installation.
    + debian/slapd.init: Removed cat <<-EOF and got rid of associated
      tabs; best to not depend on tab vs. space distinction.
    + debian/slapd.config: Change debconf question names to be fully
      qualified in the $var from the for loop- organization is under
      shared/ and domain is under slapd/, not both under slapd/.
    + debian/slapd.postrm: Can not depend on debconf being around in
      postrm so check before attempting to source it.  Also protect
      against failure from db_get.
    + debian/slapd.postinst: Check for old directory and move it out
      of the way if it exists on new configure or reconfigure.
    + debian/slapd.postinst: Fix db_input's for error messages,
      should be high priority and need to || true them.
    + debian/slapd.postinst: Do not error exit once we've told the
      user about the problem, if there was one, with slapcat/slapadd.
    + debian/slapd.postinst: Make sure we get the organization before
      we attempt to fix_ldif on old slapcat output.  Default to unknown
      if the organization is not set.
    + debian/slapd.postinst: Be sure that slapd has been stopped before
      attempting to fix and slapadd old slapcat.
    + debian/slapd.postinst: Do not use --exec with s-s-d in postinst.
    + debian/slapd.postinst: grep calls need to be || true'd when no
      matching lines found is possible (this case is handled).
    + debian/slapd.postinst: Be very sure slapd has stopped before
      attempting to upgrade database.
    + debian/slapd.preinst: Use either the pidfile or exec if pidfile
      is not available when stopping.  Do not put \"\" around pidfile.
      Use $oldver instead of $2.
    + debian/slapd.config: Reask questions on a reconfigure.  Use the
      same logic as slapd.postinst for when to ask questions regarding
      the db.  Be sure to db_go after db_input's.
    + debian/slapd.templates: Fix allow_bind_v2 short description to
      make more sense since the default is off.
    + debian/slapd.preinst: Use perl instead of sed for handling conf.
    + debian/slapd.postinst: Use perl instead of sed for handling conf,
      use old sed method to insert \n's, user invoke-rc.d when slapd
      needs to be stopped.  Assume preinst shuts slapd down for upgrade.
    + debian/slapd.postinst: Only stop slapd on reconfigure.

  * Torsten Landschoff <torsten@debian.org>:
    + doc/man/man8/slapd.8: Refer to slapd.conf(5) for a description of 
      the debugging level (closes: #176980).
    + debian/move_files: Kill of the static archives of our backend 
      modules as they are of absolutely no use.

  * Steve Langasek <vorlon@debian.org>:
    + debian/slapd.postinst: Add a new function, get_database_list, that
      prints out the list of configured databases from slapd.conf
      one row at a time. Move all of the upgrade handling into a
      loop, and iterate through the configured databases.  Since the
      while loop is in fact a subshell, be sure to handle errors
      correctly.  We also have to look at the configured directory
      for each database, instead of assuming /var/lib/ldap.
      Closes: #190155, #190156.
    + debian/slapd.preinst: Simplify the handling of error status: if
      the slapcat fails, just remove the ldif file.  Also, add the
      suffix to the name of the output file, and add the
      get_database_list function here as well.

  * Roland Bauerschmidt <rb@debian.org>:
    + debian/rules: call dh_makeshlibs with -plibldap2 rather than just
      with libldap2
    + debian/slapd.postinst: Add question about no configuration.
    + debian/slapd.templates: Add template for no config question.
    + debian/slapd.templates: Add template for invalid suffix.
    + debian/slapd.config: Add no configuration option.  Closes: #87986
    + debian/slapd.config: Complain to the user on invalid domain/org.

 -- Stephen Frost <sfrost@debian.org>  Tue, 15 Jul 2003 12:37:05 -0400

openldap2 (2.1.21-1) unstable; urgency=low

  * Torsten Landschoff <torsten@debian.org>:
    + Merged new upstream release.
  
  * Stephen Frost <sfrost@debian.org>:
    + debian/control: Add libbind-dev and bind-dev to the conflicts for 
      slapd, the libs in them can end up being used even when not 
      compiled against causing getaddrinfo() to fail. Closes: #166777
    + debian/copyright: Flush out the copyright file to include all found 
      copyrights and updates to those.
    + debian/copyright: Add clarification of MA license
    + debian/copyright: Add clarification of JC license
    + debian/slapd.templates: More clearly inform users of important 
      config change.  Closes: #194192.
    + debian/control: Remove patch from build-depends (dpkg-dev depends on it)
    + debian/fix_ldif: Correctly handle base64-encoded DNs.  Closes: #197014.
    + debian/slapd.templates: Added templates for asking about LDAPv2 support 
      and telling the user of slapcat/slapadd failures during upgrade. 
    + debian/slapd.postinst: Added support for adding LDAPv2 support
    + debian/slapd.postinst: Modified to handle slapcat/slapadd failure.
      In the event of an upgrade failure the database will be left untouched
      and the user notified.  Closes: #192431
    + debian/slapd.postinst: Use ldif_dump_location in more places...
    + debian/slapd.prerm: Check if upgrade failed and assume bad old init.d
      script was used and attempt to shut down slapd with --oknodo in case
      slapd isn't running.  Closes: #193854. (Again)
    + debian/slapd.conf: Add commented out allow line
    + debian/rules: Tell dh_installinit to not touch slapd.prerm now.
    + debian/slapd.postinst: Do a dry-run with slapadd first and check if
      that worked or not.  If it did not work then tell the user, otherwise
      do a real slapadd which should work.
    + debian/slapd.postinst: Make sure slapd is stopped before doing
      slapadd/slapcat's and the like. (Note: The woody version does not
      stop slapd).  Closes: #189777.
    + debian/slapd.postinst: Check if directories exist before attempting
      to mkdir them.  Closes: #189947
    + debian/slapd.README.debian: Add note about runlevel issue. 
      Closes: #175736
    + debian/move_files: Copy ldiftopasswd into /usr/share/slapd for users
      to use, if they find it useful.  Closes: #94963.
    + debian/slapd.README.Debian: Added note about ldiftopasswd.

  * Roland Bauerschmidt <rb@debian.org>:
    + debian/slapd.postinst: fixed typos and check for the existence of
      slapd.conf before reading it.

 -- Torsten Landschoff <torsten@debian.org>  Thu, 19 Jun 2003 17:35:32 +0200

openldap2 (2.1.17-3) unstable; urgency=low

  * Stephen Frost <sfrost@debian.org>:
    + debian/slapd.init: Add --oknodo for stopping slapd. Closes: #192423, #193854.
    + debian/slapd.init: Change START_SLURPD to SLURPD_START. Closes: #190724.
    + debian/libldap2.shlibs: Bump to 2.1.17- 2.1.12 never hit the archive.
      These should only be bumped when new symbols are added so we should
      figure out a way to handle checking that.
    + debian/slapd.dirs: Added /var/run/slapd for pidfile
    + debian/slapd.conf: Moved pidfile to /var/run/slapd; Needed if running
      non-root.
    + debian/slapd.conf: Clean up config file, be more explicit about what
      directives are 'general', 'backend', and 'database'.  Moved and
      commented out 'replogfile' since it is database specific, wasn't doing
      anything where it was and use of it depends on slurpd usage.
      I consider this solving #151511 since we don't ask if you want to use
      replication anymore anyway. Closes: #151511
    + debian/copy_slapd_dev_files: Added to copy the include files for
      building slapd back-ends.
    + debian/control: Add warning about libslapd2-dev
    + debian/control: Add build-depend on po-debconf for dh_installdebconf
    + debian/slapd.default: Add option for settings SLAPD_CONF file
    + debian/slapd.init: Changed to use SLAPD_CONF, setting it to
      /etc/ldap/slapd.conf if it is not specified. Closes: #91318
    + debian/control: Added libslapd2-dev to control file. Closes: #192163.
    + debian/rules: Added binary-indep to the binary: build line and flushed
      it out to build the libslapd2-dev deb.  Added -k to dh_clean since we're
      building arch and indep debs now.
    + Maintainer upload, acknowledge NMU. Closes: #98039.
    + Add debian/po/fr.po from 194740.  Closes: #194740
    + Add space before ']' on line 113 of postinst. Closes: #194192, #194943

  * Torsten Landschoff <torsten@debian.org>:
    + debian/control: Enforce libldap2 to be the same version as slapd
      as slapd (legitimately) uses internal functions of that library
      (closes: #190164).
    + debian/slapd.postinst: Fix the regexp for finding the database
      definitions.

  * Steve Langasek <vorlon@debian.org>:
    + debian/slapd.preinst: don't use debconf or ldapsearch in the
      preinst, as this is a policy violation (even if a previous
      version was installed, it could've been removed-but-not-purged).
      Closes: #189811, #195029.
    + debian/slapd.{pre,post}inst: dump & fix up the directory in the
      postinst, not in the preinst -- using slapcat/slapadd, not
      ldapmodify.  This ensures that the dump will succeed whenever the
      database is present, rather than depending on access to an admin
      dn.  Closes: #190085.
    + debian/fix_ldif, debian/move_files, debian/copyright: add Dave
      Horsfall's dn-fixing script, to handle objectClass upgrading
    + debian/slapd.postinst: Skip the duplicate prompting for the
      organization name; we're guaranteed to always have one.

 -- Torsten Landschoff <torsten@debian.org>  Fri,  6 Jun 2003 16:56:16 +0200

openldap2 (2.1.17-2) unstable; urgency=low

  * The who-says-slavery-is-dead upload.
  * Steve Langasek <vorlon@debian.org>:
    + debian/slapd.postinst: Fix the database regexp.
    + debian/slapd.postinst: Only add moduleload lines *once* on upgrade
      from 2.0.  Wrap the backup code with a check for
      /var/lib/slapd/upgrade_2.0, to guarantee idempotency.
      Closes: #190401.
    + debian/slapd.{config,templates,postinst}: On dpkg-reconfigure,
      don't wipe out an existing config; only merge in any requested
      changes.  Also, prompt before wiping out the existing db.
      Closes: #190799.
    + debian/slapd.{postinst,examples},debian/rules: Move slapd.conf
      from doc/slapd/examples to /usr/share/slapd, per policy.
    + debian/slapd.postinst: make sure slapd.conf is always created
      atomically.
    + debian/slapd.postrm: If removing databases on package purge,
      remove any database backups as well.
  
  * Torsten Landschoff <torsten@debian.org>:
    + debian/configure.options: Disable ACIs because they are still 
      experimental.
    + debian/control: Change section and priority of libldap2-dev to
      libdevel and extra respectively (dinstall message).
    + debian/slapd.preinst: Only query the object classes of the root
      dn if there was no error parsing the config.
    + Update templates for po-debconf using the patch submitted by 
      Andre Luis Lopes (closes: #189933).
    + Use [[:space:]] instead of [\t ] in sed invocations since the 
      latter does not seem to work (reported by Daniel Lutz).
    + debian/control: Add Replaces: entry for openldapd since ldif.5.gz
      was included in the potato package of that name (closes: #190660).
    + debian/control: Tighten the build dependency on libtldl3-dev as
      versions before 1.4.3 required the .la file for dynamic binding
      (thanks to Josip Rodin for pointing this out).

 -- Torsten Landschoff <torsten@debian.org>  Sat, 19 Apr 2003 02:28:32 +0200

openldap2 (2.1.17-1) unstable; urgency=low

  * New upstream release.
  * Torsten Landschoff <torsten@debian.org>:
    + debian/slapd.init: Improve the error reporting. If nothing is output
      by the failing command don't leave the user alone but print a hint
      to look into the logfile etc.
    + debian/control: Require at least version 2.1.3 of libsasl2-dev
      as this is what the configure script checks for. Pointed out by
      Norbert Tretkowski.
    + debian/slapd.{pre,post}inst: Small cleanups, added some comments, 
      adapted for the removal of the .la files in slapd package. 

 -- Torsten Landschoff <torsten@debian.org>  Sat, 19 Apr 2003 01:59:26 +0200

openldap2.1 (2.1.16-1) unstable; urgency=low

  * New upstream release.
    + build/top.mk: Remove patch to omit "-static" at linking time. Upstream
      now respects the --enable-shared flag used at configuration time.
    + debian/slapd.postinst: Automagically add the module load directives
      after upgrade as needed.
    + debian/slapd.config: 
      - Only ask questions to create a new directory on fresh install.
      - Ask wether the right modules should automatically be loaded in 
        slapd.conf.
    + debian/slapd.templates: Add the templates for autoloading modules
      and fixing the directory.
    + debian/slapd.preinst: New script to support upgrading from 2.0. 
      The old prerm did not stop the daemon so we have to do it here. 
      Also a first attempt to fix broken LDAP directories not acceptable
      to 2.1.
      - Conditionally load debconf when upgrading as it only has to 
        be available in that case.
    + debian/slapd.preinst: Dump database before upgrade.
    + debian/slapd.postinst: Recreate database from dump after upgrade. 
      Move old database out of the way.

  * Roland Bauerschmidt <rb@debian.org>
    + debian/slapd.README.Debian: mention that backend database modules are
      now compiled as shared objects

  * Stephen Frost <sfrost@debian.org>
    + debian/slapd.conf: Drop the '.la' file extension
    + debian/move_files: Drop and rm the .la files, they aren't necessary.
    + debian/slapd.README.Debian: Dropped the .la from the module_load line.
    + servers/slapd/daemon.c: check slapd_srvurls is not NULL before
      deref; included in upstream CVS.
    + servers/slapd/back-*/init.c: Change the munged symbol names to 
      init_module, they do not need to be munged, and cause problems when
      they are and not using .la files (which cause other problems)
    + servers/slapd/module.c: Change to use lt_dlopenext() so we don't
      need the .la files

 -- Torsten Landschoff <torsten@debian.org>  Wed, 26 Mar 2003 20:34:35 +0100

openldap2.1 (2.1.12-1) experimental; urgency=low

  * Initial release of OpenLDAP 2.1 packages. Closes: #167566, #178014.
    - this includes support for the >= and <= operators. Closes: #159078.
    - fixes various upstream bugs. Closes: #171008.

  * Torsten Landschoff <torsten@debian.org>
    - debian/check_config: Added script to check if OpenLDAP was configured
      the way we want it.
    - Don't build special TLS packages anymore - SSL is enabled in the
      stock ldap library. Everything else will just give me more headaches.
    - Build against libsasl2 instead of libsasl1. Closes: #176462.
    - debian/control:
      - Build-depend on debhelper 4.0 as debian/rules uses DH_COMPAT=4.
      - Depend on coreutils | fileutils. Closes: #175704, #185676.
      - Make libldap2 conflict with libldap2-tls which is obsolete now.
    - debian/rules: Move the long list of configure options to a new
      file debian/configure.options and read $(CONFIG) from that file.
    - configure with --enable-aci. Closes: #101602.
    - debian/slapd.init: Rewrite and add comments.
      - Add support for running as non-root (closes: #111765, #157037).
    - servers/slapd/main.c (main): Remove pid file on exit (closes: #162284).
    - servers/slurpd/slurp.h: Change the default spool directory to
      /var/spool/slurpd (avoids passing it via -t in init.d).
    - servers/{slapd,slurpd}/Makefile.in: Install binaries into sbindir
      instead of libexecdir.
    - debian/control: Add Stephen Frost to the Uploaders field. Thanks
      for your help, Stephen!
    - contrib/ldapc++/config.{guess,sub}: Replaced with current files from
      autotools-dev (lintian). Not actually neccessary since this part of
      the package is not currently built but I think this is the best way
      to shut up lintian :)
    - build/mod.mk: Use -m 644 instead of -m 755 in installing shared
      libraries. Shared libraries should not be marked as executable
      (lintian).
    - debian/libldap2.conffiles: Remove, since we are using version 4
      of debhelper which tags everything in /etc as conffile by default.
    - debian/rules: Change the mode of everything upstream installed into
      /etc to 0644 as required by policy (lintian).
    - debian/rules: Call dh_installdeb later in the binary target so that
      the conffiles are already there for listing. Without this nothing in
      /etc gets tagged as conffile... (lintian).
    - debian/rules: Pass the start and stop priority of slapd to
      dh_installinit in preparation for a postinst supported by debhelper.
    - debian/rules: Call dh_installdirs again.
    - Rewrite slapd.config, slapd.postinst, slapd.templates - a first try
      in getting slapd to configure itself. Way to go.

  * Roland Bauerschmidt <rb@debian.org>
    - debian/control:
      - build-depend on libdb4.1-dev instead of libdb4.0-dev
      - conflict, replace, and provide libldap2-tls (libldap2)
      - removed ldap-gateways binary package
      - drop suggestion to obsolete openldap-guide. Closes: #171894, #146968.
    - debian/rules:
      - build with BDB backend
      - run dh_installdeb
      - only run dh_makeshlibs for libldap2
    - debian/slapd.dirs: added to create /var/lib/ldap and /var/spool/slurpd
    - debian/slapd.postinst:
      - properly remove temporary files on errors. Closes: #160412.
      - install init.d link if slapd.conf already exists. Closes: #159542.
      - run db_stop even if package isn't configured for the first time. This
        prevents hanging during upgrades.
    - added debian/slapd.default and use it from debian/slapd.init.
      Closes: #160964, #176832.
    - added debian/slapd.README.Debian
    - added versioned dependency on coreutils to make lintian quiet.
    - added debian/slapd.postrm
      - remove slapd.conf when package is purged
      - remove /var/lib/ldap when slapd/purge_database is true
      - remove /etc/ldap/schema if empty. Closes: #185173.
    - debian/templates: added slapd/purge_database template
    - build/top.mk: link against libcrypt before other SECURITY_LIBS
    - debian/libldap2.shlibs: tighten dependencies. Closes: #181168.

  * Stephen Frost <sfrost@debian.org>
    - debian/control: added libltdl2-dev and libslp-dev to the build-depends
    - Correct typo for back-sql init routine; already in OpenLDAP upstream
      CVS
    - Correct free of SASL interact results; already in OpenLDAP upstream CVS
    - Duplicate the DN from SASL to ensure '\0' termination; already in
      OpenLDAP upstream CVS
    - debian/control: added Replaces: slapd (<< 2.1) for ldap-utils due to
      ldif.5 move.
    - Add modulepath /usr/lib/ldap to default slapd config
    - Add moduleload back_bdb to default slapd config
    - Changed libexecdir to ${prefix}/lib
    - Add usr/lib/ldap to slapd portion of move_files
    - Modified backend types to be built as modules for dynamic loading
    - Fixed pt_BR translation

 -- Roland Bauerschmidt <rb@debian.org>  Sat, 15 Mar 2003 21:35:24 +0100

openldap2 (2.0.27-3) unstable; urgency=high

  * [SECURITY]: Apply the patch used by SuSE in SuSE-SA:2002:047
    (or rather the parts of it not yet included upstream).

 -- Torsten Landschoff <torsten@debian.org>  Fri, 20 Dec 2002 04:47:15 +0100

openldap2 (2.0.27-2) unstable; urgency=low

  * debian/control: Make libldap2-dev depend on libssl-dev and 
    libsasl-dev, since those libs are pulled via the libldap.la file
    (closes: #164791).
  * debian/control: Add shlibs:Depends to libldap2-tls as well. Most 
    of those depends are pulled via libldap2 but of course libssl 
    is not among those. (closes: #169950).
  * debian/libldap2-tls: Remove old divertions on "configure" and not
    on "upgrade" - the latter is not really called.

 -- Torsten Landschoff <torsten@debian.org>  Fri, 22 Nov 2002 00:35:29 +0100

openldap2 (2.0.27-1) unstable; urgency=low

  * New upstream release.

 -- Torsten Landschoff <torsten@debian.org>  Wed,  6 Nov 2002 01:12:06 +0100

openldap2 (2.0.23-14) unstable; urgency=low

  * debian/rules: Remove search paths from .la files using some perl 
    trickery (closes: #110479).
  * debian/libldap2.README.debian: Document the NSS problem which stops /usr
    from being unmounted cleanly when using libnss-ldap (for more info
    see bug#159771).
  
  * Started cleaning up the maintainer scripts: 
    - Remove creation of the /usr/doc symlinks (lintian).
    - Don't run ldconfig in prerm scripts (lintian).

 -- Torsten Landschoff <torsten@debian.org>  Mon, 30 Sep 2002 12:10:05 +0200

openldap2 (2.0.23-13) unstable; urgency=low

  * As Ashley Clark found out the preinst of libldap-tls fails for a new
    install. My fault - I did not check that (removing ldap is cumbersome
    if you are using it... :) and the scripts were only checked without
    "set -e" in effect. 
    + debian/libldap2-tls.preinst: Apply Ashley's patch (thanks a lot, 
      Ashley. closes: #162123).
    + Coincidently the other installation scripts seem to be okay, the
      failing command is in the middle of a pipe and therefore ignored.

 -- Torsten Landschoff <torsten@debian.org>  Tue, 24 Sep 2002 12:56:18 +0200

openldap2 (2.0.23-12) unstable; urgency=low

  * Apply the patch from upstream ITS#2012 to support MD5 hashes. Problem
    is that OpenSSL comes with its own version of the crypt() function
    which is linked in instead of the system's version from libcrypt. 
    The patch changes the link order so that slapd takes the system's
    implementation.
  * debian/rules: Pass --enable-crypt-first to configure to enable the
    patch (closes: #160763).
  * Fix the diversion handling of libldap2-tls:
    - preinst:  Only install diversions that are not there.
    - postrm:   Remove this package's diversions.
    - postinst: Remove obsolete diversions after upgrade.
    - Removal of diversions is done in reverted order of the installation.
  
  * Enable DNSSRV support as requested by Turbo. No Kerberos for now, sorry.
  * debian/control: Updates Standards-Version to 3.5.7 and fix running
    of ldconfig in maintainer scripts.

 -- Torsten Landschoff <torsten@debian.org>  Mon, 23 Sep 2002 12:18:40 +0200

openldap2 (2.0.23-11) unstable; urgency=low

  * debian/rules: Build with --with-tls (closes: #80591, #155937).
  * debian/control: 
    + Add build dependency on libssl-dev.
    + Specify Roland Bauerschmidt as co maintainer.
  * Added the trickery to have libldap2 without TLS and libldap2-tls
    with the TLS stuff. Otherwise we have to change the base system, 
    and god knows how long that would take. 
  
    Most of the changes done by Roland Bauerschmidt. We now build the 
    source two times - with and without ssl. We mostly use the ssl enabled
    stuff with the exception of a libldap2 package which does not have 
    support for that. If you need TLS support you have to install 
    libldap2-tls, which diverts the libraries from libldap2 out of the
    way and replaces them with the TLS enabled version.

 -- Torsten Landschoff <torsten@debian.org>  Thu, 29 Aug 2002 13:35:39 +0200

openldap2 (2.0.23-10) unstable; urgency=low

  * debian/control: Build depend on libdb4.0-dev instead of libdb3-dev.
    This should fix the index corruption problems (closes: #152959).

 -- Torsten Landschoff <torsten@debian.org>  Sun, 18 Aug 2002 19:47:02 +0200

openldap2 (2.0.23-9) unstable; urgency=low

  * debian/slapd.init: Wait for the daemons to actually terminate for
    the stop action (which is used for restart) and trap all errors 
    (closes: #148033).
  * debian/rules: Build with -D_FILE_OFFSET_BITS=64 to support files
    bigger than 2GB on all architectures (closes: #155197). As off_t is
    about never used in the source that should not create any problems.
  * debian/control: Make libldap2-dev depend on libsasl-dev 
    (closes: #135223, #96957).
  * doc/man/man1/ldapmodify.1: Fix typo (closes: #105905).
  * debian/rules: Create symlinks for some manpages (closes: #99547).
  * Fix spelling error in description of ldap-gateways (closes: #124859).
  * debian/copyright: Include the full content of the LICENSE file
    (closes: #151222).

 -- Torsten Landschoff <torsten@debian.org>  Thu,  8 Aug 2002 15:54:46 +0200

openldap2 (2.0.23-8) unstable; urgency=low

  * New maintainer.
  * debian/control: Build-Conflict with libbind-dev to use the right
    resolver library everywhere (closes: #112459). Of course, the 
    real solution must be to fix the configure script to not detect
    libbind-dev and use the right resolver all the time. But a work around
    is better than nothing I would say...

 -- Torsten Landschoff <torsten@debian.org>  Wed,  7 Aug 2002 14:53:39 +0200

openldap2 (2.0.23-7) unstable; urgency=low

  * Add Brazilian translation for debconf templates. Closes: Bug#114021
  * Fix hostless LDAP URLs, patch from Lamont Jones. Closes: Bug#140387

 -- Wichert Akkerman <wakkerma@debian.org>  Sat,  4 May 2002 20:05:32 +0200

openldap2 (2.0.23-6) unstable; urgency=high

  * Make slapd.config idempotent, so that calling it once (during
    preconfiguration) and again (during postinst) doesn't break things.
    Patch from Anthony Towns. Closes: Bug#137552).

 -- Wichert Akkerman <wakkerma@debian.org>  Sun, 14 Apr 2002 19:10:50 +0200

openldap2 (2.0.23-5) unstable; urgency=high

  * Fix slurpd invocation in slapd.init. Closes: Bug#141959
  * Ask for admin DN when using LDIF initialization as well.
    Lets hope this finally Closes: Bug#137552
  * Merge German translation for debconf templates. Closes: Bug#141712
  * Add Build-Depends on debconf-utils since we use debconf-mergetemplate
  * Remove bogus error from slapd.init. Closes: Bug#137718

 -- Wichert Akkerman <wakkerma@debian.org>  Tue,  9 Apr 2002 14:49:27 +0200

openldap2 (2.0.23-4) unstable; urgency=high

  * Only show already-configured note on initial installs. Closes: Bug#137100
  * Supply -t option to slurpd when starting it, not when stopping it.
    Closes: Bug#136240
  * Use db_input instead of db_get for notes in the slapd postinst.
  * Only fetch password from debconf when not using ldif initialization.
    Closes: Bug#138558,#137552
  * Check if slapd.conf exists in slapd postinst. Closes: Bug#138136

 -- Wichert Akkerman <wakkerma@debian.org>  Sat,  6 Apr 2002 23:02:42 +0200

openldap2 (2.0.23-3) unstable; urgency=high

  * If can not get a password for the admin entry when installing slapd
    generate one randomly. Closes: Bug#134774
  * Bump shlibs dependency to 2.0.23

 -- Wichert Akkerman <wakkerma@debian.org>  Thu, 21 Feb 2002 23:23:57 +0100

openldap2 (2.0.23-2) unstable; urgency=high

  * Create /var/spool/slurpd and tell slurpd to use that as temporary
    directory. Closes: Bug#134564
  * Improve debconf prompts a bit. Closes: Bug#134945
  * Properly set default value for domain
  * Clear crypted password from debconf after creating the LDAP directory

 -- Wichert Akkerman <wakkerma@debian.org>  Sun, 17 Feb 2002 16:07:18 +0100

openldap2 (2.0.23-1) unstable; urgency=high

  * Upstream updated config.{guess,sub} so we are back to zero patches
    again.
  * Apply fix from Klaus Duscher for the missing password problem: the
    config script did not check if it was run twice without slapd.conf
    being generated in between and would abort with a missing password
    error. Closes: Bug#132566
  * Change slapd priority for boot sequence to start earlier and stop
    later so people can use LDAP for NSS purposes. Closes: Bug#130277

 -- Wichert Akkerman <wakkerma@debian.org>  Sun, 17 Feb 2002 16:07:18 +0100

openldap2 (2.0.22-2) unstable; urgency=low

  * Update config.{guess,sub} again. Closes: Bug#131469

 -- Wichert Akkerman <wakkerma@debian.org>  Thu,  7 Feb 2002 22:33:01 +0100

openldap2 (2.0.22-1) unstable; urgency=low

  * New upstream version
  * Build properly as non-native package

 -- Wichert Akkerman <wakkerma@debian.org>  Wed,  6 Feb 2002 00:17:20 +0100

openldap2 (2.0.21-3) unstable; urgency=high

  * Add logic to config and postinst to configure replication as well
  * Don't fail in slapd postinst if we can't stop slapd. Closes: Bug#131617
  * Change localstatedir to /var/lib
  * Remove /var/lib/ldap when purging slapd
  * Don't remove user-supplied ldif file after creating the directory
  * Set default replogfile
  * Fix typo in severity for no_password note
  * Encrypt admin password and remove it from the debconf database

 -- Wichert Akkerman <wakkerma@debian.org>  Thu, 31 Jan 2002 17:03:36 +0100

openldap2 (2.0.21-2) unstable; urgency=medium

  * Update config.{guess,sub} and forwarded upstream (ITS#1567).
    Closes: Bug#131469
  * Remove -x from slapd postinst. Closes: Bug#131502

 -- Wichert Akkerman <wakkerma@debian.org>  Wed, 30 Jan 2002 10:53:45 +0100

openldap2 (2.0.21-1) unstable; urgency=high

  * New upstream version,
  * Update copyright
  * Update config.guess and config.sub
  * Redone packaging, no more dbs or debhelper
  * Drop all patches, they are either unnecessary or alternatives have
    been made upstream

 -- Wichert Akkerman <wakkerma@debian.org>  Tue, 29 Jan 2002 17:04:10 +0100

openldap2 (2.0.14-1) unstable; urgency=high

  * New upstream version, which includes a billion second bug.
    Closes: Bug#111833
  * Drop 005_libldbm_dbopen, upgrading the database in place no longer works
    with the new db-env code.
  * Redo 008_porting_maxpathlen

 -- Wichert Akkerman <wakkerma@debian.org>  Sat, 15 Sep 2001 13:39:46 +0200

openldap2 (2.0.11-2) unstable; urgency=low

  * Test if /etc/init.d/slapd is executable when purging slapd.
    Closes: Bug#100938
  * Update 008_porting_maxpathlen. Closes: Bug#100584
  * Don't use four11 as referral example anymore. Closes: Bug#99998
  * Fix synopsis of slapindex manpage. Added to 002_man_fixes.
    Closes: Bug#98805
  * Removed stray backup file from 002_man_fixes

 -- Wichert Akkerman <wakkerma@debian.org>  Tue, 19 Jun 2001 01:01:17 +0200

openldap2 (2.0.11-1) unstable; urgency=low

  * New upstream version
  * Add autoconf to Build-Depends. Closes: Bug#99440
  * Fix new db upgrade patch. Closes: Bug#98853

 -- Wichert Akkerman <wakkerma@debian.org>  Sun,  3 Jun 2001 00:25:47 +0200

openldap2 (2.0.10-2) unstable; urgency=low

  * Tighten shlibs dependency to >= 2.0.1-1. Closes: Bug#98683

 -- Wichert Akkerman <wakkerma@debian.org>  Fri, 25 May 2001 16:32:35 +0200

openldap2 (2.0.10-1) unstable; urgency=low

  * New upstream version
  * New maintainer
  * Remove useless LINE_WIDTH bit from patch 000_clients
  * Patch 004_ssl_fix has been merged upstream, removed
  * Redo 005_db3_upgrade 
  * Rediff all other patches

 -- Wichert Akkerman <wakkerma@debian.org>  Thu, 24 May 2001 14:56:02 +0200

openldap2 (2.0.7-6) unstable; urgency=low

  * Make sure autoconf is run if configure.in is changed (for Hurd patch),
    closes: #96145
  * Fix slapd.postinst in the case of using an ldif file, closes: #95600
  * Use a var for slapd.conf in slapd init script. Partially fixes bug
    91318.
  * Fixed hurd patch for strrchr in replog.c, closes: #93605

 -- Ben Collins <bcollins@debian.org>  Mon,  7 May 2001 23:00:27 -0400

openldap2 (2.0.7-5) unstable; urgency=low

  * Fixed db3 upgrade code, closes: #92331, #92916
  * m68k should compile fine with db3 now, closes: #90165
  * Included provided patch for Hurd compilation, closes: #88079

 -- Ben Collins <bcollins@debian.org>  Wed,  4 Apr 2001 17:46:47 -0400

openldap2 (2.0.7-4) unstable; urgency=low

  * slapd.conf is no longer a conffile, and not provided by the package.
    Instead, it is only generated. closes: #81359
  * Fixed by previous upload, closes: #71852, #78950, #82491
  * Actually install the netscape schema, closes: #90323
  * Add comment to README.Debian about being compiled with libwrap,
    closes: #84954
  * Provide example sasl config file, closes: #90855
  * Conflict replace openldap-utils (ldap-utils), and libopenldap-dev
    (libldap2-dev), closes: #71471
  * Revert to using some code to upgrade previous db's. Remove slapd's dep
    on db3-util, and remove postinst code that upgrades the db's.

 -- Ben Collins <bcollins@debian.org>  Sat, 24 Mar 2001 21:59:20 -0500

openldap2 (2.0.7-3) unstable; urgency=low

  * netscape-profile.schema: new schema for old roaming support
  * 004_ssl_fix.diff: Fix for SSL support (not compiled in, but some
    people use it).
  * slapd.config: FINALLY fix the "dc=" base bug.
  * Build-Depend on libdb3-dev now that it is available.
  * Now that we use db3, make sure we upgrade existing databases to the
    db3 format with db3_upgrade.

 -- Ben Collins <bcollins@debian.org>  Sun, 11 Mar 2001 23:36:34 -0500

openldap2 (2.0.7-2) unstable; urgency=low

  * slapd.postinst: fix debhelper wraper so it gets the right @argv,
    closes: #71854
  * sendmail appears to be compiled against glibc2.2/libdb2 now,
    closes: #71602
  * %strace ldapsearch cn=admin | & grep /etc | grep ldap
    open("/etc/ldap/ldap.conf", O_RDONLY)   = 3
    closes: #71716
  * ldap_first_attribute.3: s/ber_free(3)/ber_free/. closes: #76719
  * init.d/slapd: fix reference to pidfile, and also remove the pidfile
    after killing the daemon, closes: #77633, #77635
  * Fix fgets buffer size thinko in slurpd. closes: #78003
  * slapd.8: s/ldap.h/slapd.conf(5)/. closes: #80457

 -- Ben Collins <bcollins@debian.org>  Sun, 31 Dec 2000 00:02:46 -0500

openldap2 (2.0.7-1) unstable; urgency=low

  * New upstream
  * Removed hack for shlibs now that dpkg 1.7 is available, added dpkg-dev
    1.7.1 to build-depends.
  * start using DH_COMPAT=2

 -- Ben Collins <bcollins@debian.org>  Fri, 10 Nov 2000 18:53:25 -0500

openldap2 (2.0.2-2) unstable; urgency=low

  * Recompile against libdb2/glibc 2.1.94/sasl

 -- Ben Collins <bcollins@debian.org>  Wed, 27 Sep 2000 11:31:59 -0400

openldap2 (2.0.2-1) unstable; urgency=low

  * New upstream version, includes some patches from me that fix some
    stability issues
  * debian/control:Build-Depends: change libwrap-dev to libwrap0-dev for
    clarity, closes: #71366
  * debian/rules: make sure mail500 docs do not get installed under bogus
    subdirs, closes: #71473
  * debian/README.build,debian/scripts/dbs-build.mk: Fix and document
    build system better, closes: #71584
  * debian/local/slapd.conf: Setup default ACL's to work with openldap2
    correctly, closes: #71127, #71131
  * debian/README: document how to access OpenLDAP 1 servers via
    ldap-utils, closes: #71469
  * debian/rules:CFLAGS: add -I/usr/include/db2 to make sure we get the
    right <db.h> header, closes: #71470
  * I cannot reproduce this. In debian/rules I have done exactly what is
    needed to keep it from happening, and sparc, i386 and powerpc builds
    do not show it, closes: #71472

 -- Ben Collins <bcollins@debian.org>  Wed, 13 Sep 2000 22:32:35 -0400

openldap2 (2.0.1-2) unstable; urgency=low

  * Fixed up depend for libldap2 on itself

 -- Ben Collins <bcollins@debian.org>  Wed,  6 Sep 2000 13:24:06 -0400

openldap2 (2.0.1-1) unstable; urgency=low

  * New upstream version
  * Added libsasl-dev to build-deps, closes: #70923

 -- Ben Collins <bcollins@debian.org>  Tue,  5 Sep 2000 06:49:05 -0400

openldap2 (2.0-1) unstable; urgency=low

  * Initial release of OpenLDAP 2 test code

 -- Ben Collins <bcollins@debian.org>  Tue, 29 Aug 2000 14:28:39 -0400
