Currently, slapd links libsystemd to notify service state to systemd.
However, libsystemd link several unnecessary libraries, which increases security risks.
The systemd documentation provides a method to send state notifications to systemd using a simple protocol without the need to link against libsystemd.
https://www.freedesktop.org/software/systemd/man/devel/sd_notify.html
Streamline configuration of slapd modules. Just use the
appropriate OL_ARG_ENABLE_xx, then almost no other edits
will be needed in configure.ac when adding new modules.
Backends will still have to add their Makefile to the
AC_CONFIG_FILES() list.
When configuring OpenLDAP using --with-tls=openssl with LibreSSL the
configure will fail to detect SSL_export_keyring_material_early() since
LibreSSL doesn't support this function yet. However OpenLDAP doesn't
actually use this function and only checks for it to ensure a modern
OpenSSL API is used. This can be easily solved by checking for an
equivalent modern OpenSSL function which both LibreSSL and OpenSSL both
support such as SSL_CTX_set_ciphersuites(). Doing this allows the build
and tests to succeed with modern LibreSSL versions. This was tested with
LibreSSL >= 3.6.
Bug: https://bugs.openldap.org/show_bug.cgi?id=10039
Fix the following warnings:
- -Wimplicit-int (fatal with Clang 16)
- -Wimplicit-function-declaration (fatal with Clang 16)
- -Wincompatible-function-pointer-types (fatal with Clang 16)
- -Wint-conversion (fatal with Clang 15)
- Old style prototypes (K&R, removed from C23)
These warnings-now-error led to misconfigurations and failure to build
OpenLDAP, as the tests used during configure caused the wrong results
to be emitted.
For more information, see LWN.net [0] or LLVM's Discourse [1], the Gentoo wiki [2],
or the (new) c-std-porting mailing list [3].
[0] https://lwn.net/Articles/913505/
[1] https://discourse.llvm.org/t/configure-script-breakage-with-the-new-werror-implicit-function-declaration/65213
[2] https://wiki.gentoo.org/wiki/Modern_C_porting
[3] hosted at lists.linux.dev.
Bug: https://bugs.gentoo.org/871288
Signed-off-by: Sam James <sam@gentoo.org>
