From: Todd C. Miller <Todd.Miller@sudo.ws>
Date: Sat, 3 Feb 2018 21:56:00 +0000 (-0700)
Subject: Display sudoNotBefore and sudoNotAfter in "sudo -l"
X-Git-Tag: SUDO_1_8_23^2~151
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3189de5bb9af76d1877dbb0a632dc6f60e32a040;p=sudo

Display sudoNotBefore and sudoNotAfter in "sudo -l"
---

diff --git a/plugins/sudoers/ldap.c b/plugins/sudoers/ldap.c
index c3cb3fe53..020488080 100644
--- a/plugins/sudoers/ldap.c
+++ b/plugins/sudoers/ldap.c
@@ -2490,6 +2490,22 @@ sudo_ldap_display_entry_short(LDAP *ld, LDAPMessage *entry, struct passwd *pw,
     }
     sudo_lbuf_append(lbuf, ") ");
 
+    /* Get the sudoNotBefore and sudoNotAfter Values from the entry */
+    bv = ldap_get_values_len(ld, entry, "sudoNotBefore");
+    if (bv != NULL) {
+	for (p = bv; *p != NULL; p++) {
+	    sudo_lbuf_append(lbuf, "NOTBEFORE=%s ", (*p)->bv_val);
+	}
+	ldap_value_free_len(bv);
+    }
+    bv = ldap_get_values_len(ld, entry, "sudoNotAfter");
+    if (bv != NULL) {
+	for (p = bv; *p != NULL; p++) {
+	    sudo_lbuf_append(lbuf, "NOTAFTER=%s ", (*p)->bv_val);
+	}
+	ldap_value_free_len(bv);
+    }
+
     /* get the Option Values from the entry */
     bv = ldap_get_values_len(ld, entry, "sudoOption");
     if (bv != NULL) {
@@ -2594,6 +2610,26 @@ sudo_ldap_display_entry_long(LDAP *ld, LDAPMessage *entry, struct passwd *pw,
 	sudo_lbuf_append(lbuf, "\n");
     }
 
+    /* Get the sudoNotBefore and sudoNotAfter Values from the entry */
+    bv = ldap_get_values_len(ld, entry, "sudoNotBefore");
+    if (bv != NULL) {
+	sudo_lbuf_append(lbuf, "    NotBefore: ");
+	for (p = bv; *p != NULL; p++) {
+	    sudo_lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
+	}
+	ldap_value_free_len(bv);
+	sudo_lbuf_append(lbuf, "\n");
+    }
+    bv = ldap_get_values_len(ld, entry, "sudoNotAfter");
+    if (bv != NULL) {
+	sudo_lbuf_append(lbuf, "    NotAfter: ");
+	for (p = bv; *p != NULL; p++) {
+	    sudo_lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
+	}
+	ldap_value_free_len(bv);
+	sudo_lbuf_append(lbuf, "\n");
+    }
+
     /* get the Option Values from the entry */
     bv = ldap_get_values_len(ld, entry, "sudoOption");
     if (bv != NULL) {