#define CONF_INT 1
#define CONF_STR 2
#define CONF_LIST_STR 4
+#define CONF_DEREF_VAL 5
#define SUDO_LDAP_SSL 1
#define SUDO_LDAP_STARTTLS 2
int rootuse_sasl;
int ssl_mode;
int timed;
+ int deref;
char *host;
struct ldap_config_list_str *uri;
char *binddn;
#ifdef LDAP_OPT_TIMEOUT
{ "timeout", CONF_INT, TRUE, -1 /* needs timeval, set manually */,
&ldap_conf.timeout },
+#endif
+#ifdef LDAP_OPT_DEREF
+ { "deref", CONF_DEREF_VAL, TRUE, LDAP_OPT_DEREF, &ldap_conf.deref },
#endif
{ "binddn", CONF_STR, FALSE, -1, &ldap_conf.binddn },
{ "bindpw", CONF_STR, FALSE, -1, &ldap_conf.bindpw },
ldap_conf.bind_timelimit = -1;
ldap_conf.use_sasl = -1;
ldap_conf.rootuse_sasl = -1;
+ ldap_conf.deref = -1;
if ((fp = fopen(_PATH_LDAP_CONF, "r")) == NULL)
return FALSE;
for (cur = ldap_conf_table; cur->conf_str != NULL; cur++) {
if (strcasecmp(keyword, cur->conf_str) == 0) {
switch (cur->type) {
+ case CONF_DEREF_VAL:
+ if (strcasecmp(value, "searching") == 0)
+ *(int *)(cur->valp) = LDAP_DEREF_SEARCHING;
+ else if (strcasecmp(value, "finding") == 0)
+ *(int *)(cur->valp) = LDAP_DEREF_FINDING;
+ else if (strcasecmp(value, "always") == 0)
+ *(int *)(cur->valp) = LDAP_DEREF_ALWAYS;
+ else
+ *(int *)(cur->valp) = LDAP_DEREF_NEVER;
+ break;
case CONF_BOOL:
*(int *)(cur->valp) = atobool(value) == TRUE;
break;
sudo_printf(SUDO_CONV_ERROR_MSG, "timelimit %d\n",
ldap_conf.timelimit);
}
+ if (ldap_conf.deref != -1) {
+ sudo_printf(SUDO_CONV_ERROR_MSG, "deref %d\n",
+ ldap_conf.deref);
+ }
sudo_printf(SUDO_CONV_ERROR_MSG, "ssl %s\n",
ldap_conf.ssl ? ldap_conf.ssl : "(no)");
if (ldap_conf.tls_checkpeer != -1) {
projects / debian / sudo / blobdiff