From: Kurt Zeilenga <kurt@openldap.org>
Date: Sat, 3 Feb 2001 05:48:25 +0000 (+0000)
Subject: authc/authz fixes
X-Git-Tag: OPENLDAP_REL_ENG_2_0_8~44
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=df3789b7f15ef399cfc04da5d0213e9cd8ee64dc;p=thirdparty%2Fopenldap.git

authc/authz fixes
---

diff --git a/clients/tools/ldapdelete.c b/clients/tools/ldapdelete.c
index 4bcd7923b5..d4e74126b9 100644
--- a/clients/tools/ldapdelete.c
+++ b/clients/tools/ldapdelete.c
@@ -74,12 +74,12 @@ usage( const char *s )
 "  -P version procotol version (default: 3)\n"
 "  -Q         use SASL Quiet mode\n"
 "  -R realm   SASL realm\n"
-"  -U user    SASL authentication identity (username)\n"
+"  -U authcid SASL authentication identity\n"
 "  -v         run in verbose mode (diagnostics to standard output)\n"
 "  -w passwd  bind passwd (for simple authentication)\n"
 "  -W         prompt for bind passwd\n"
 "  -x         Simple authentication\n"
-"  -X id      SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
+"  -X authzid SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
 "  -Y mech    SASL mechanism\n"
 "  -Z         Start TLS request (-ZZ to require successful response)\n"
 ,		s );
diff --git a/clients/tools/ldapmodify.c b/clients/tools/ldapmodify.c
index 48dd7f960c..e767565679 100644
--- a/clients/tools/ldapmodify.c
+++ b/clients/tools/ldapmodify.c
@@ -121,12 +121,12 @@ usage( const char *prog )
 "  -P version procotol version (default: 3)\n"
 "  -Q         use SASL Quiet mode\n"
 "  -R realm   SASL realm\n"
-"  -U user    SASL authentication identity (username)\n"
+"  -U authcid SASL authentication identity\n"
 "  -v         run in verbose mode (diagnostics to standard output)\n"
 "  -w passwd  bind passwd (for simple authentication)\n"
 "  -W         prompt for bind passwd\n"
 "  -x         Simple authentication\n"
-"  -X id      SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
+"  -X authzid SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
 "  -Y mech    SASL mechanism\n"
 "  -Z         Start TLS request (-ZZ to require successful response)\n"
 	     , prog, (strcmp( prog, "ldapadd" ) ? " is to replace" : "") );
diff --git a/clients/tools/ldapmodrdn.c b/clients/tools/ldapmodrdn.c
index f2de59185a..35481a6a34 100644
--- a/clients/tools/ldapmodrdn.c
+++ b/clients/tools/ldapmodrdn.c
@@ -88,12 +88,12 @@ usage( const char *s )
 "  -P version procotol version (default: 3)\n"
 "  -Q         use SASL Quiet mode\n"
 "  -R realm   SASL realm\n"
-"  -U user    SASL authentication identity (username)\n"
+"  -U authzid SASL authentication identity\n"
 "  -v         run in verbose mode (diagnostics to standard output)\n"
 "  -w passwd  bind passwd (for simple authentication)\n"
 "  -W         prompt for bind passwd\n"
 "  -x         Simple authentication\n"
-"  -X id      SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
+"  -X authzid SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
 "  -Y mech    SASL mechanism\n"
 "  -Z         Start TLS request (-ZZ to require successful response)\n"
 ,		s );
diff --git a/clients/tools/ldappasswd.c b/clients/tools/ldappasswd.c
index 8f42c016fd..b79e4d3f23 100644
--- a/clients/tools/ldappasswd.c
+++ b/clients/tools/ldappasswd.c
@@ -49,12 +49,12 @@ usage(const char *s)
 "  -p port    port on LDAP server\n"
 "  -Q         use SASL Quiet mode\n"
 "  -R realm   SASL realm\n"
-"  -U user    SASL authentication identity (username)\n"
+"  -U authcid SASL authentication identity\n"
 "  -v         run in verbose mode (diagnostics to standard output)\n"
 "  -w passwd  bind passwd (for simple authentication)\n"
 "  -W         prompt for bind passwd\n"
 "  -x         Simple authentication\n"
-"  -X id      SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
+"  -X authzid SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
 "  -Y mech    SASL mechanism\n"
 "  -Z         Start TLS request (-ZZ to require successful response)\n"
 		, s );
diff --git a/clients/tools/ldapsearch.c b/clients/tools/ldapsearch.c
index 41f1cfc424..2aea2fb456 100644
--- a/clients/tools/ldapsearch.c
+++ b/clients/tools/ldapsearch.c
@@ -50,6 +50,7 @@ usage( const char *s )
 "  -a deref   one of never (default), always, search, or find\n"
 "  -A         retrieve attribute names only (no values)\n"
 "  -b basedn  base dn for search\n"
+"  -F prefix  URL prefix for files (default: \"" LDAP_FILE_URI_PREFIX ")\n"
 "  -l limit   time limit (in seconds) for search\n"
 "  -L         print responses in LDIFv1 format\n"
 "  -LL        print responses in LDIF format without comments\n"
@@ -62,7 +63,6 @@ usage( const char *s )
 "  -T path    write files to directory specified by path (default:\n"
 "             " LDAP_TMPDIR ")\n"
 "  -u         include User Friendly entry names in the output\n"
-"  -V prefix  URL prefix for files (default: \"" LDAP_FILE_URI_PREFIX ")\n"
 "  -z limit   size limit (in entries) for search\n"
 
 "Common options:\n"
@@ -81,12 +81,12 @@ usage( const char *s )
 "  -P version procotol version (default: 3)\n"
 "  -Q         use SASL Quiet mode\n"
 "  -R realm   SASL realm\n"
-"  -U user    SASL authentication identity (username)\n"
+"  -U authcid SASL authentication identity\n"
 "  -v         run in verbose mode (diagnostics to standard output)\n"
 "  -w passwd  bind passwd (for simple authentication)\n"
 "  -W         prompt for bind passwd\n"
 "  -x         Simple authentication\n"
-"  -X id      SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
+"  -X authzid SASL authorization identity (\"dn:<dn>\" or \"u:<user>\")\n"
 "  -Y mech    SASL mechanism\n"
 "  -Z         Start TLS request (-ZZ to require successful response)\n"
 , s );
@@ -135,7 +135,7 @@ static int dosearch LDAP_P((
 	int		attrsonly,
 	LDAPControl **sctrls,
 	LDAPControl **cctrls,
-	struct timeval *timelimit,
+	struct timeval *timeout,
 	int	sizelimit ));
 
 static char *tmpdir = NULL;
@@ -181,7 +181,7 @@ main( int argc, char **argv )
 
     prog = (prog = strrchr(argv[0], *LDAP_DIRSEP)) == NULL ? argv[0] : prog + 1;
 
-	while (( i = getopt( argc, argv, "Aa:b:f:Ll:S:s:T:tuV:z:"
+	while (( i = getopt( argc, argv, "Aa:b:F:f:Ll:S:s:T:tuz:"
 		"Cd:D:h:H:IkKMnO:p:P:QR:U:vw:WxX:Y:Z")) != EOF )
 	{
 	switch( i ) {
@@ -213,8 +213,17 @@ main( int argc, char **argv )
 		}
 		infile = strdup( optarg );
 		break;
+	case 'F':	/* uri prefix */
+		if( urlpre ) free( urlpre );
+		urlpre = strdup( optarg );
+		break;
 	case 'l':	/* time limit */
 		timelimit = atoi( optarg );
+		if( timelimit < 0 ) {
+			fprintf( stderr, "%s: invalid timelimit (%d) specified\n",
+				prog, timelimit );
+			return EXIT_FAILURE;
+		}
 		break;
 	case 'L':	/* print entries in LDIF format */
 		++ldif;
@@ -244,10 +253,6 @@ main( int argc, char **argv )
 		if( tmpdir ) free( tmpdir );
 		tmpdir = strdup( optarg );
 		break;
-	case 'V':	/* uri prefix */
-		if( urlpre ) free( urlpre );
-		urlpre = strdup( optarg );
-		break;
 	case 'z':	/* size limit */
 		sizelimit = atoi( optarg );
 		break;
@@ -884,7 +889,7 @@ static int dosearch(
 	int		attrsonly,
 	LDAPControl **sctrls,
 	LDAPControl **cctrls,
-	struct timeval *timelimit,
+	struct timeval *timeout,
 	int sizelimit )
 {
 	char		filter[ BUFSIZ ];
@@ -917,7 +922,7 @@ static int dosearch(
 	}
 
 	rc = ldap_search_ext( ld, base, scope, filter, attrs, attrsonly,
-		sctrls, cctrls, timelimit, sizelimit, &msgid );
+		sctrls, cctrls, timeout, sizelimit, &msgid );
 
 	if( rc != LDAP_SUCCESS ) {
 		fprintf( stderr, "%s: ldap_search_ext: %s (%d)\n",