Apply Eric Irrgang's patch from ITS#4371

diff --git a/doc/man/man1/ldapsearch.1 b/doc/man/man1/ldapsearch.1
index 59466dcaaced6f582eaf8168649dcbddd34935e6..401535617c71eed01ed175c2b10bfa443066084f 100644 (file)
--- a/doc/man/man1/ldapsearch.1
+++ b/doc/man/man1/ldapsearch.1
@@ -13,7 +13,11 @@ ldapsearch \- LDAP search tool
 [\c
 .BR \-v ]
 [\c
-.BR \-t ]
+.BR \-t[t] ]
+[\c
+.BI \-T \ path\fR]
+[\c
+.BI \-F \ prefix\fR]
 [\c
 .BR \-A ]
 [\c
@@ -21,10 +25,14 @@ ldapsearch \- LDAP search tool
 [\c
 .BR \-M[M] ]
 [\c
+.BI \-S \ attribute\fR]
+[\c
 .BI \-d \ debuglevel\fR]
 [\c
 .BI \-f \ file\fR]
 [\c
+.BR \-x ]
+[\c
 .BI \-D \ binddn\fR]
 [\c
 .BR \-W ]
@@ -39,14 +47,18 @@ ldapsearch \- LDAP search tool
 [\c
 .BI \-p \ ldapport\fR]
 [\c
-.BI \-P \ 2\fR\||\|\fI3\fR]
-[\c
 .BI \-b \ searchbase\fR]
 [\c
 .BI \-s \ base\fR\||\|\fIone\fR\||\|\fIsub\fR\||\|\fIchildren\fR]
 [\c
 .BI \-a \ never\fR\||\|\fIalways\fR\||\|\fIsearch\fR\||\|\fIfind\fR]
 [\c
+.BI \-P \ 2\fR\||\|\fI3\fR]
+[\c
+.BR \-e \ [!]ext[=extparam]]
+[\c
+.BR \-E \ [!]ext[=extparam]]
+[\c
 .BI \-l \ timelimit\fR]
 [\c
 .BI \-z \ sizelimit\fR]
@@ -61,8 +73,6 @@ ldapsearch \- LDAP search tool
 [\c
 .BI \-R \ realm\fR]
 [\c
-.BR \-x ]
-[\c
 .BI \-X \ authzid\fR]
 [\c
 .BI \-Y \ mech\fR]
@@ -102,10 +112,19 @@ in the output.
 .B \-v
 Run in verbose mode, with many diagnostics written to standard output.
 .TP
-.B \-t
-Write retrieved non-printable values to a set of temporary files.  This
-is useful for dealing with values containing non-character data such as
-jpegPhoto or audio.
+.B \-t[t]
+A single -t writes retrieved non-printable values to a set of temporary
+files.  This is useful for dealing with values containing non-character
+data such as jpegPhoto or audio. A second -t writes all retrieved values to
+files.
+.TP
+.BI \-T \ path
+Write temporary files to directory specified by \fIpath\fP (default:
+/var/tmp/)
+.TP
+.BI \-F \ prefix
+URL prefix for temporary files.  Default is file://\fIpath\fP/ where
+\fIpath\fP is /var/tmp/ or specified with -T.
 .TP
 .B \-A
 Retrieve attributes only (no values).  This is useful when you just want to
@@ -211,6 +230,35 @@ base object for the search.  The default is to never dereference aliases.
 .BI \-P \ 2\fR\||\|\fI3
 Specify the LDAP protocol version to use.
 .TP
+.B \-e \fI[!]ext[=extparam]\fP
+.TP
+.B \-E \fI[!]ext[=extparam]\fP
+
+Specify general extensions with -e and search extensions with -E.
+\'!\' indicates criticality.
+
+General extensions:
+.nf
+  [!]assert=<filter>   (an RFC 2254 Filter)
+  [!]authzid=<authzid> ("dn:<dn>" or "u:<user>")
+  [!]manageDSAit
+  [!]noop
+  ppolicy
+  [!]postread[=<attrs>]        (a comma-separated attribute list)
+  [!]preread[=<attrs>] (a comma-separated attribute list)
+  abandon, cancel (SIGINT sends abandon/cancel; not really controls)
+.fi
+
+Search extensions:
+.nf
+  [!]domainScope                               (domain scope)
+  [!]mv=<filter>                               (matched values filter)
+  [!]pr=<size>[/prompt|noprompt]       (paged results/prompt)
+  [!]subentries[=true|false]           (subentries)
+  [!]sync=ro[/<cookie>]                        (LDAP Sync refreshOnly)
+          rp[/<cookie>][/<slimit>]     (LDAP Sync refreshAndPersist)
+.fi
+.TP
 .BI \-l \ timelimit
 wait at most \fItimelimit\fP seconds for a search to complete.
 A timelimit of