Todd C. Miller
6fd9d853a8
Be clear about what versions of sudo support new LDAP attributes.
...
Fix up some formatting of attribute names. Minor other tweaks.
2011-02-01 14:31:04 -05:00
Todd C. Miller
f7f8b6867e
Update copyright year to 2011
2011-01-20 16:46:56 -05:00
Todd C. Miller
49409b7c5d
Add support for TIMEOUT in ldap.conf, mapping to the OpenLDAP
...
LDAP_OPT_TIMEOUT. There is no corresponding option for mozilla-derived
LDAP SDKs but we can pass the timeout parameter to ldap_search_ext_s()
or ldap_search_st() when possible.
2011-01-10 10:33:22 -05:00
Todd C. Miller
823e812723
Add NETWORK_TIMEOUT as an alias for BIND_TIMELIMIT for compatibility
...
with OpenLDAP ldap.conf files.
2011-01-10 09:27:58 -05:00
Todd C. Miller
93e9635842
Pick last match in LDAP sudoers too
2010-12-20 16:37:44 -05:00
Todd C. Miller
3f605ebfaa
Clarify ordering of entries and attributes.
2010-11-30 15:05:44 -05:00
Todd C. Miller
23df0b6fa9
Fix typo and editing goof.
2010-11-30 13:40:25 -05:00
Todd C. Miller
feb02ed406
Merge in ordered LDAP entry support from Andreas Mueller.
2010-11-30 13:34:31 -05:00
Todd C. Miller
2b0fca31c0
Add timed entry support from Andreas Mueller.
2010-11-12 15:26:35 -05:00
Todd C. Miller
df8ec6fc25
Add support for multiple URI lines by joining the contents and passing
...
the result to ldap_initialize.
2010-09-04 20:43:51 -04:00
Todd C. Miller
432d27573d
TLS_CACERT is now an alias for TLS_CACERTFILE. OpenLDAP uses TLS_CACERT,
...
not TLS_CACERTFILE in its ldap.conf. Other LDAP client code, such as
nss_ldap, uses TLS_CACERTFILE. Also document why you should avoid
disabling TLS_CHECKPEER is possible.
2010-07-08 09:02:03 -04:00
Todd C. Miller
3906967771
Fix typo.
2010-07-06 13:24:00 -04:00
Todd C. Miller
d92c82ea3f
Add support for multiple sudoers_base entries in ldap.conf.
...
From Joachim Henke
2010-06-15 10:33:30 -04:00
Todd C. Miller
e90fa482f9
Rework source layout in preparation for modular sudo.
2010-02-20 09:14:01 -05:00
