fix brokenness.

diff --git a/sys-auth/nss_ldap/Manifest b/sys-auth/nss_ldap/Manifest
index 5e74e0a1df93d6f4be0cf6ab078a9ae6352a80db..01861111328f69ac790e56304c121a32a87de39f 100644 (file)
--- a/sys-auth/nss_ldap/Manifest
+++ b/sys-auth/nss_ldap/Manifest
@@ -111,10 +111,10 @@ EBUILD nss_ldap-250.ebuild 1635 RMD160 654f59b80ae4e74275b3e60d9eff2e94d4dc98be
 MD5 56b97cbabe2edecf2df93dcc6d22ff68 nss_ldap-250.ebuild 1635
 RMD160 654f59b80ae4e74275b3e60d9eff2e94d4dc98be nss_ldap-250.ebuild 1635
 SHA256 1b30dcfdba73edaed5f1a2b529075695330b04e2a4e961120e6185a624e1446b nss_ldap-250.ebuild 1635
-MISC ChangeLog 10013 RMD160 b36c00e00d4195a3e7f88e1faec7a2a5531a69ab SHA1 b08622ddc5a80c663b2f9a54bea060a155c2ecfa SHA256 a2ef4f8ef988d5b09332815abe0a3d28394feee302a6122aa7b81682c49e9012
-MD5 a8862b26ada31e583ae9864871e091f2 ChangeLog 10013
-RMD160 b36c00e00d4195a3e7f88e1faec7a2a5531a69ab ChangeLog 10013
-SHA256 a2ef4f8ef988d5b09332815abe0a3d28394feee302a6122aa7b81682c49e9012 ChangeLog 10013
+MISC ChangeLog 10170 RMD160 28f77591a3402fe36f48cc36b7613ed0a124a66c SHA1 4eff347b696bb88d059e950dda9b93f7809a1f3f SHA256 a7e711551426cf89c52356f68430a390b4e3e3dfb66ecaa0d9338cc971301873
+MD5 d2368b41bb98ebfdd23c2d0e1d7956a4 ChangeLog 10170
+RMD160 28f77591a3402fe36f48cc36b7613ed0a124a66c ChangeLog 10170
+SHA256 a7e711551426cf89c52356f68430a390b4e3e3dfb66ecaa0d9338cc971301873 ChangeLog 10170
 MISC metadata.xml 255 RMD160 2a5b1ef0df8360b2a563653844baae48e44c6e79 SHA1 8124f773eff8377a014c4a83dfb6f3071ad80bd1 SHA256 c3d87e158edbe4189c6e38c4c891285af2e68b0fbef16d59cb6326e287da0cb6
 MD5 5ba8c9c9be079ebcbc93c08f838665bd metadata.xml 255
 RMD160 2a5b1ef0df8360b2a563653844baae48e44c6e79 metadata.xml 255

diff --git a/sys-auth/nss_ldap/files/nss_ldap-250-reconnect-timeouts.patch b/sys-auth/nss_ldap/files/nss_ldap-250-reconnect-timeouts.patch
deleted file mode 100644 (file)
index dc8a37a..0000000
--- a/sys-auth/nss_ldap/files/nss_ldap-250-reconnect-timeouts.patch
+++ /dev/null
@@ -1,71 +0,0 @@
-This patch changes the default timeouts, so that they are much lower, and do
-not cause major delays when booting a system. This is a workaround until the
-core /etc/{passwd,group} contain all of the data needed for a system boot.
-
-Also add a note that 'ssl on' is broken and TLS should be used instead.
-
-Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
-
-diff -Nuar --exclude '*~' nss_ldap-250.orig/ldap-nss.h nss_ldap-250/ldap-nss.h
---- nss_ldap-250.orig/ldap-nss.h       2006-04-26 18:19:00.000000000 -0700
-+++ nss_ldap-250/ldap-nss.h    2006-06-14 01:58:01.933005492 -0700
-@@ -96,9 +96,9 @@
-  * unacceptable, in which case you may wish to adjust
-  * the constants below.
-  */
--#define LDAP_NSS_TRIES           5    /* number of sleeping reconnect attempts */
--#define LDAP_NSS_SLEEPTIME       4    /* seconds to sleep; doubled until max */
--#define LDAP_NSS_MAXSLEEPTIME    64   /* maximum seconds to sleep */
-+#define LDAP_NSS_TRIES           4    /* number of sleeping reconnect attempts */
-+#define LDAP_NSS_SLEEPTIME       1    /* seconds to sleep; doubled until max */
-+#define LDAP_NSS_MAXSLEEPTIME    16   /* maximum seconds to sleep */
- #define LDAP_NSS_MAXCONNTRIES    2    /* reconnect attempts before sleeping */
- 
- #if defined(HAVE_NSSWITCH_H) || defined(HAVE_IRS_H)
-diff -Nuar --exclude '*~' nss_ldap-250.orig/ldap.conf nss_ldap-250/ldap.conf
---- nss_ldap-250.orig/ldap.conf        2006-04-26 18:19:00.000000000 -0700
-+++ nss_ldap-250/ldap.conf     2006-06-14 02:12:02.008444745 -0700
-@@ -1,4 +1,4 @@
-- @(#)$Id: ldap.conf,v 2.46 2006/04/13 03:25:56 lukeh Exp $
-+# @(#)$Id: ldap.conf,v 2.46 2006/04/13 03:25:56 lukeh Exp $
- #
- # This is the configuration file for the LDAP nameservice
- # switch library and the LDAP PAM module.
-@@ -283,7 +283,8 @@
- # OpenLDAP SSL mechanism
- # start_tls mechanism uses the normal LDAP port, LDAPS typically 636
- #ssl start_tls
--#ssl on
-+###ssl on
-+# Gentoo note: Don't use 'ssl on' in 249/250. They are broken in some cases! Use start_tls instead.
- 
- # OpenLDAP SSL options
- # Require and verify server certificate (yes/no)
-@@ -315,3 +316,27 @@
- # Override the default Kerberos ticket cache location.
- #krb5_ccname FILE:/etc/.ldapcache
- 
-+# Timeout behavior
-+# Upstream nss_ldap hard-codes these values:
-+#nss_reconnect_tries 5                        # number of times to double the sleep time
-+#nss_reconnect_sleeptime 4            # initial sleep value
-+#nss_reconnect_maxsleeptime 64        # max sleep value to cap at
-+#nss_reconnect_maxconntries 2 # how many tries before sleeping
-+# This leads to a delay of 124 seconds (4+8+16+32+64=124) per lookup if the
-+# server is not available.
-+
-+# For Gentoo's distribution of nss_ldap, as of 250-r1, we use these values
-+# (The hardwired constants in the code are changed to them as well):
-+nss_reconnect_tries 4                 # number of times to double the sleep time
-+nss_reconnect_sleeptime 1             # initial sleep value
-+nss_reconnect_maxsleeptime 16 # max sleep value to cap at
-+nss_reconnect_maxconntries 2  # how many tries before sleeping
-+# This leads to a delay of 15 seconds (1+2+4+8=15)
-+
-+# If you are impatient, and know your LDAP server is reliable, fast or local,
-+# you may wish to use these values instead:
-+#nss_reconnect_tries 1                        # number of times to double the sleep time
-+#nss_reconnect_sleeptime 1            # initial sleep value
-+#nss_reconnect_maxsleeptime 1 # max sleep value to cap at
-+#nss_reconnect_maxconntries 3 # how many tries before sleeping
-+# This leads to a delay of 1 second.