From e7dd5eecd8c32340e5bff1c5add8198ba53f968c Mon Sep 17 00:00:00 2001
From: Kurt Zeilenga <kurt@openldap.org>
Date: Thu, 24 Aug 2000 23:24:12 +0000
Subject: [PATCH] Import man page updates from devel.

---
 doc/man/man5/ldap.conf.5  | 43 ++++++++++++++++++-
 doc/man/man5/slapd.conf.5 | 89 ++++++++++++++++++++++++++++++++++++---
 doc/man/man8/slapadd.8    |  2 +-
 doc/man/man8/slapcat.8    |  2 +-
 doc/man/man8/slapd.8      |  2 +-
 doc/man/man8/slapindex.8  |  2 +-
 doc/man/man8/slappasswd.8 |  2 +-
 doc/man/man8/slurpd.8     |  2 +-
 8 files changed, 132 insertions(+), 12 deletions(-)

diff --git a/doc/man/man5/ldap.conf.5 b/doc/man/man5/ldap.conf.5
index 1c1723a79e..195bd980a1 100644
--- a/doc/man/man5/ldap.conf.5
+++ b/doc/man/man5/ldap.conf.5
@@ -63,8 +63,49 @@ listed of host may be provided.
 Used to specify the port used with connecting to LDAP servers(s).
 The port may be specified as a number.
 .TP 1i
-\fBSASL_SECPROPS <string>\fP
+\fBSASL_SECPROPS <properties>\fP
 Used to specify Cyrus SASL security properties.
+The
+.B none
+flag (without any other properities) causes the flag properites
+defaults ("noanonymous,noplain") to be cleared.
+The
+.B noplain
+flag disables mechanisms susceptible to simple passive attacks.
+The
+.B noactive
+flag disables mechanisms susceptible to active attacks.
+The
+.B nodict
+flag disables mechanisms susceptible to passive dictionary attacks.
+The
+.B noanonyous
+flag disables mechanisms which support anonymous login.
+The
+.B forwardsec
+flag require forward secrecy between sessions.
+The
+.B passcred
+require mechanisms which pass client credentials (and allow
+mechanisms which can pass credentials to do so).
+The
+.B minssf=<factor> 
+property specifies the minimum acceptable
+.I security strength factor
+as an integer approximate to effective key length used for
+encryption.  0 (zero) implies no protection, 1 implies integrity
+protection only, 56 allows DES or other weak ciphers, 112
+allows triple DES and other strong ciphers, 128 allows RC4,
+Blowfish and other modern strong ciphers.  The default is 0.
+The
+.B maxssf=<factor> 
+property specifies the maximum acceptable
+.I security strength factor
+as an integer (see minssf description).  The default is INT_MAX.
+The
+.B maxbufsize=<factor> 
+property specifies the maximum security layer receive buffer
+size allowed.  0 disables security layers.  The default is 65536.
 .TP 1i
 \fBSIZELIMIT <integer>\fP
 Used to specify a size limit to use when performing searches.  The
diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5
index 4627d5e52c..a78833769f 100644
--- a/doc/man/man5/slapd.conf.5
+++ b/doc/man/man5/slapd.conf.5
@@ -1,4 +1,4 @@
-.TH SLAPD.CONF 5 "20 August 2000" "OpenLDAP LDVERSION"
+.TH SLAPD.CONF 5 "23 August 2000" "OpenLDAP LDVERSION"
 .\" $OpenLDAP$
 .\" Copyright 1998-2000 The OpenLDAP Foundation All Rights Reserved.
 .\" Copying restrictions apply.  See COPYRIGHT/LICENSE.
@@ -232,8 +232,65 @@ If specified multiple times, each url is provided.
 .B sasl-realm <string>
 Used to specify Cyrus SASL realm.
 .TP
-.B sasl-secprops <string>
+.B sasl-secprops <properties>
 Used to specify Cyrus SASL security properties.
+The
+.B none
+flag (without any other properities) causes the flag properites
+defaults ("noanonymous,noplain") to be cleared.
+The
+.B noplain
+flag disables mechanisms susceptible to simple passive attacks.
+The
+.B noactive
+flag disables mechanisms susceptible to active attacks.
+The
+.B nodict
+flag disables mechanisms susceptible to passive dictionary attacks.
+The
+.B noanonyous
+flag disables mechanisms which support anonymous login.
+The
+.B forwardsec
+flag require forward secrecy between sessions.
+The
+.B passcred
+require mechanisms which pass client credentials (and allow
+mechanisms which can pass credentials to do so).
+The
+.B minssf=<factor> 
+property specifies the minimum acceptable
+.I security strength factor
+as an integer approximate to effective key length used for
+encryption.  0 (zero) implies no protection, 1 implies integrity
+protection only, 56 allows DES or other weak ciphers, 112
+allows triple DES and other strong ciphers, 128 allows RC4,
+Blowfish and other modern strong ciphers.  The default is 0.
+The
+.B maxssf=<factor> 
+property specifies the maximum acceptable
+.I security strength factor
+as an integer (see minssf description).  The default is INT_MAX.
+The
+.B maxbufsize=<factor> 
+property specifies the maximum security layer receive buffer
+size allowed.  0 disables security layers.  The default is 65536.
+.TP
+.B schemacheck { on | off }
+Turn schema checking on or off. The default is on.
+.TP
+.B sizelimit <integer>
+Specify the maximum number of entries to return from a search operation.
+The default size limit is 500.
+.TP
+.B srvtab <filename>
+Specify the srvtab file in which the kerberos keys necessary for
+authenticating clients using kerberos can be found. This option is only
+meaningful if you are using Kerberos authentication.
+.TP
+.B timelimit <integer>
+Specify the maximum number of seconds (in real time)
+require forward secrecy between sessions.
 .TP
 .B schemacheck { on | off }
 Turn schema checking on or off. The default is on.
@@ -415,10 +472,32 @@ each database.  The default is
 .BR LOCALSTATEDIR/openldap-ldbm .
 .TP
 .B
-index { <attrlist> | default } [ pres,eq,approx,sub,none ]
+index {<attrlist>|default} [pres,eq,approx,sub,<special>]
 Specify the indexes to maintain for the given attribute. If only 
 an <attr> is given, the indices specified for \fBdefault\fR
-are maintained.
+are maintained.  A number of special index parameters may be
+specified.
+The index type
+.B sub
+can be decomposed into
+.BR subinitial ,
+.BR subany ,\ and
+.B subfinal
+indices.
+The special type
+.B lang
+may be specified to allow use of this index by language subtypes.
+The special type
+.B autolang
+may be specified to automatically maintain separate indices for each
+language subtypes.
+The special type
+.B subtypes
+may be specified to allow use of this index by named subtypes.
+The special type
+.B autosubtypes
+may be specified to automatically maintain separate indices for each
+other subtypes.
 .TP
 .B mode <integer>
 Specify the file protection mode that newly created database 
@@ -483,7 +562,7 @@ ETCDIR/slapd.conf
 .BR slappassword (8),
 .BR slurpd (8),
 .LP
-"OpenLDAP Administrator's Guide"
+"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
 .SH ACKNOWLEDGEMENTS
 .B	OpenLDAP
 is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
diff --git a/doc/man/man8/slapadd.8 b/doc/man/man8/slapadd.8
index 1709f789a2..47c2378784 100644
--- a/doc/man/man8/slapadd.8
+++ b/doc/man/man8/slapadd.8
@@ -97,7 +97,7 @@ database give the command:
 .BR ldapadd (1),
 .BR slapd (8)
 .LP
-"OpenLDAP Administrator's Guide"
+"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
 .SH ACKNOWLEDGEMENTS
 .B	OpenLDAP
 is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
diff --git a/doc/man/man8/slapcat.8 b/doc/man/man8/slapcat.8
index c682383c5e..f90d5f4ea5 100644
--- a/doc/man/man8/slapcat.8
+++ b/doc/man/man8/slapcat.8
@@ -86,7 +86,7 @@ give the command:
 .BR ldapadd (1),
 .BR slapd (8)
 .LP
-"OpenLDAP Administrator's Guide"
+"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
 .SH ACKNOWLEDGEMENTS
 .B	OpenLDAP
 is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
diff --git a/doc/man/man8/slapd.8 b/doc/man/man8/slapd.8
index 503bdf11af..91923b047b 100644
--- a/doc/man/man8/slapd.8
+++ b/doc/man/man8/slapd.8
@@ -166,7 +166,7 @@ on voluminous debugging which will be printed on standard error, type:
 .BR slapd.conf (5),
 .BR slurpd (8)
 .LP
-"OpenLDAP Administrator's Guide"
+"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
 .SH BUGS
 See http://www.openldap.org/its/
 .SH ACKNOWLEDGEMENTS
diff --git a/doc/man/man8/slapindex.8 b/doc/man/man8/slapindex.8
index 0d864fd15e..b0df5d6ddc 100644
--- a/doc/man/man8/slapindex.8
+++ b/doc/man/man8/slapindex.8
@@ -77,7 +77,7 @@ To reindex your SLAPD database, give the command:
 .BR ldapadd (1),
 .BR slapd (8)
 .LP
-"OpenLDAP Administrator's Guide"
+"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
 .SH ACKNOWLEDGEMENTS
 .B	OpenLDAP
 is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
diff --git a/doc/man/man8/slappasswd.8 b/doc/man/man8/slappasswd.8
index 9584a9f34c..a99091c5f8 100644
--- a/doc/man/man8/slappasswd.8
+++ b/doc/man/man8/slappasswd.8
@@ -63,7 +63,7 @@ were clear text passwords.
 .BR ldapmodify (1),
 .BR slapd (8)
 .LP
-"OpenLDAP Administrator's Guide"
+"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
 .SH ACKNOWLEDGEMENTS
 .B	OpenLDAP
 is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
diff --git a/doc/man/man8/slurpd.8 b/doc/man/man8/slurpd.8
index 5b30dedf63..1ea989a946 100644
--- a/doc/man/man8/slurpd.8
+++ b/doc/man/man8/slurpd.8
@@ -151,7 +151,7 @@ on voluminous debugging which will be printed on standard error, type:
 .BR slapd.replog (5),
 .BR slapd (8)
 .LP
-"OpenLDAP Administrator's Guide"
+"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
 .SH ACKNOWLEDGEMENTS
 .B	OpenLDAP
 is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
-- 
2.39.5