o --with-ldap now takes an optional dir as a parameter

o added check for ldap_initialize() and start_tls_s()

INSTALL

@@ -175,6 +175,11 @@ Special features/options:
         does not use the Kerberos cookie scheme.  Will not work for
         Kerberos V older than version 1.1.
 
+  --with-ldap[=DIR]
+	Enable LDAP support.  If specified, DIR is the base directory
+	containing the LDAP include and lib directories.  Please see
+	README.LDAP for more information.
+
   --with-authenticate
 	Enable support for the AIX 4.x general authentication function.
 	This will use the authentication scheme specified for the user

README.LDAP

@@ -101,15 +101,12 @@ need to recompile sudo.
 If your ldap libraries and headers are in a non standard place, you will need
 to specify them at configure time.
 
-  $ CPPFLAGS="-I/usr/local/ldapsdk/include" \
+  $ ./configure --with-ldap=/usr/local/ldapsdk --with-pam
-  > LDFLAGS="-L/usr/local/ldapsdk/lib" \
-  > ./configure --with-ldap --with-pam
 
 Sudo by default builds against OpenLDAP's libraries.  For others LDAP libraries
 such as Netscape, iPlanet, Mozilla, SecureWay, add these lines to config.h
 before running make:
 
-  #undef HAVE_LDAP_INITIALIZE
   #define HAVE_LBER_H
 
 You might have to also include '-llber' or '-lldif' in your LIBS.
@@ -121,7 +118,6 @@ sudo.
 More Build Notes:
 HP-UX 11.23 (gcc3) Galen Johnson <Galen.Johnson@sas.com>
   CFLAGS="-D__10_10_compat_code" LDFLAGS="-L/opt/ldapux/lib"
-  Also had to comment out '#define HAVE_LDAP_START_TLS_S' in config.h
 
 Schema Changes
 ==============

config.h.in

@@ -169,10 +169,10 @@
 #undef HAVE_LBER_H
 
 /* Define if your LDAP Supports URLs. (OpenLDAP does) */
-#define HAVE_LDAP_INITIALIZE
+#undef HAVE_LDAP_INITIALIZE
 
 /* Define if your LDAP Supports start_tls_s. (OpenLDAP does) */
-#define HAVE_LDAP_START_TLS_S
+#undef HAVE_LDAP_START_TLS_S
 
 /* Define to 1 if you have the `lockf' function. */
 #undef HAVE_LOCKF

configure.in

@@ -907,15 +907,13 @@ AC_ARG_WITH(goons-insults, [  --with-goons-insults    include the insults from t
 		;;
 esac])
 
-AC_ARG_WITH(ldap, [  --with-ldap             enable LDAP support],
+AC_ARG_WITH(ldap, [  --with-ldap[[=DIR]]     enable LDAP support],
 [case $with_ldap in
-    yes)	AC_DEFINE(HAVE_LDAP, 1, [Define if you use LDAP.])
+    no)		with_ldap="";;
+    *)		AC_DEFINE(HAVE_LDAP, 1, [Define if you use LDAP.])
 		AC_MSG_CHECKING(whether to use sudoers from LDAP)
 		AC_MSG_RESULT(yes)
 		;;
-    no)		;;
-    *)		AC_MSG_ERROR(["--with-ldap does not take an argument."])
-		;;
 esac])
 
 AC_ARG_WITH(pc-insults, [  --with-pc-insults       replace politically incorrect insults with less offensive ones],
@@ -2075,9 +2073,18 @@ fi
 dnl
 dnl extra lib and .o file for LDAP support
 dnl
-if test "$with_ldap" = "yes"; then
+if test -n "$with_ldap"; then
+    if test "$with_ldap" != "yes"; then
+	SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_ldap}/lib])
+	CPPFLAGS="${CPPFLAGS} -I${with_ldap}/include"
+	with_ldap=yes
+    fi
+    LIBS="${LIBS} -lldap"
     SUDO_LIBS="${SUDO_LIBS} -lldap"
     SUDO_OBJS="${SUDO_OBJS} ldap.o"
+
+    dnl XXX - check for -llber and -lldif as well as if lber.h is needed XXX
+    AC_CHECK_FUNCS(ldap_initialize ldap_start_tls_s)
 fi
 
 dnl