From ce8311fb488bb696e61ac0364be599ef9fe95110 Mon Sep 17 00:00:00 2001 From: Russ Allbery Date: Tue, 28 May 2013 15:55:39 -0700 Subject: Fix documentation of ldap_map_principal hook Fix the Wallet::Config documentation for the ldap-attr verifier to reference an ldap_map_principal hook, not ldap_map_attribute, matching the implementation. Change-Id: I258edcf69d4dcb3d2ec8dc66db4b768d91645fc4 Reviewed-on: https://gerrit.stanford.edu/1204 Reviewed-by: Russ Allbery Tested-by: Russ Allbery --- NEWS | 4 ++++ perl/Wallet/Config.pm | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index 460d475..5ff85d0 100644 --- a/NEWS +++ b/NEWS @@ -5,6 +5,10 @@ wallet 1.1 (unreleased) Fix the code to set enctype restrictions for keytab objects in the wallet server. + Fix the Wallet::Config documentation for the ldap-attr verifier to + reference an ldap_map_principal hook, not ldap_map_attribute, matching + the implementation. + wallet 1.0 (2013-03-27) Owners of wallet objects are now allowed to destroy them. In previous diff --git a/perl/Wallet/Config.pm b/perl/Wallet/Config.pm index af153e7..c3f6d15 100644 --- a/perl/Wallet/Config.pm +++ b/perl/Wallet/Config.pm @@ -511,7 +511,7 @@ matches the Kerberos principal. The attribute designated by LDAP_FILTER_ATTR may instead hold a transformation of the principal name (such as the principal with the local realm stripped off, or rewritten into an LDAP DN form). If this is the case, define a Perl function named -ldap_map_attribute. This function will be called whenever an LDAP +ldap_map_principal. This function will be called whenever an LDAP attribute ACL is being verified. It will take one argument, the principal, and is expected to return the value to search for in the LDAP directory server. @@ -520,7 +520,7 @@ For example, if the principal name without the local realm is stored in the C attribute in the directory, set LDAP_FILTER_ATTR to C and then define ldap_map_attribute as follows: - sub ldap_map_attribute { + sub ldap_map_principal { my ($principal) = @_; $principal =~ s/\@EXAMPLE\.COM$//; return $principal; -- cgit v1.2.3