/* $OpenLDAP$ */
/*
- * Copyright 1998-2001 The OpenLDAP Foundation, Redwood City, California, USA
+ * Copyright 1998-2002 The OpenLDAP Foundation, Redwood City, California, USA
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
#define LDAP_OPT_DEBUG_LEVEL 0x5001 /* debug level */
#define LDAP_OPT_TIMEOUT 0x5002 /* default timeout */
#define LDAP_OPT_REFHOPLIMIT 0x5003 /* ref hop limit */
-#define LDAP_OPT_NETWORK_TIMEOUT 0x5005 /* socket level timeout */
+#define LDAP_OPT_NETWORK_TIMEOUT 0x5005 /* socket level timeout */
#define LDAP_OPT_URI 0x5006
+#define LDAP_OPT_REFERRAL_URLS 0x5007 /* Referral URLs */
/* OpenLDAP TLS options */
#define LDAP_OPT_X_TLS 0x6000
/* #define LDAP_OPT_X_TLS_PROTOCOL 0x6007 */
#define LDAP_OPT_X_TLS_CIPHER_SUITE 0x6008
#define LDAP_OPT_X_TLS_RANDOM_FILE 0x6009
+#define LDAP_OPT_X_TLS_SSL_CTX 0x600a
#define LDAP_OPT_X_TLS_NEVER 0
#define LDAP_OPT_X_TLS_HARD 1
/* LDAP Controls */
-#ifdef undef
+#if 0
/* chase referrals client control (not yet implemented) */
#define LDAP_CONTROL_REFERRALS "1.2.840.113666.1.4.616"
#define LDAP_CHASE_SUBORDINATE_REFERRALS 0x0020U
#define LDAP_CHASE_EXTERNAL_REFERRALS 0x0040U
#endif
-#define LDAP_CONTROL_MANAGEDSAIT "2.16.840.1.113730.3.4.2"
+#define LDAP_CONTROL_PROXY_AUTHZ "2.16.840.1.113730.3.4.18"
+#define LDAP_CONTROL_MANAGEDSAIT "2.16.840.1.113730.3.4.2"
+#define LDAP_CONTROL_SUBENTRIES "1.3.6.1.4.1.4203.1.10.1"
+#define LDAP_CONTROL_NOOP "1.3.6.1.4.1.4203.1.10.2"
-#define LDAP_CONTROL_DUPENT LDAP_CONTROL_DUPENT_REQUEST
+#if 0
#define LDAP_CONTROL_DUPENT_REQUEST "2.16.840.1.113719.1.27.101.1"
#define LDAP_CONTROL_DUPENT_RESPONSE "2.16.840.1.113719.1.27.101.2"
#define LDAP_CONTROL_DUPENT_ENTRY "2.16.840.1.113719.1.27.101.3"
+#define LDAP_CONTROL_DUPENT LDAP_CONTROL_DUPENT_REQUEST
+#endif
-/* Experimental Controls */
+#define LDAP_CONTROL_PAGEDRESULTS "1.2.840.113556.1.4.319"
+
+/*
+#define LDAP_CLIENT_UPDATE 1
+*/
+#ifdef LDAP_CLIENT_UPDATE
+#define LDAP_CONTROL_CLIENT_UPDATE "1.3.6.1.4.1.4203.666.5.3"
+#define LDAP_CONTROL_ENTRY_UPDATE "1.3.6.1.4.1.4203.666.5.4"
+#define LDAP_CONTROL_CLIENT_UPDATE_DONE "1.3.6.1.4.1.4203.666.5.5"
+#endif
#define LDAP_CONTROL_SORTREQUEST "1.2.840.113556.1.4.473"
#define LDAP_CONTROL_SORTRESPONSE "1.2.840.113556.1.4.474"
#define LDAP_CONTROL_VLVREQUEST "2.16.840.1.113730.3.4.9"
#define LDAP_CONTROL_VLVRESPONSE "2.16.840.1.113730.3.4.10"
+#define LDAP_CONTROL_VALUESRETURNFILTER "1.2.826.0.1.334810.2.3"
+
/* LDAP Unsolicited Notifications */
#define LDAP_NOTICE_OF_DISCONNECTION "1.3.6.1.4.1.1466.20036"
#define LDAP_NOTICE_DISCONNECT LDAP_NOTICE_OF_DISCONNECTION
/* LDAP Extended Operations */
-#define LDAP_EXOP_START_TLS "1.3.6.1.4.1.1466.20037"
+#define LDAP_EXOP_START_TLS "1.3.6.1.4.1.1466.20037"
+
+#define LDAP_EXOP_MODIFY_PASSWD "1.3.6.1.4.1.4203.1.11.1"
+#define LDAP_TAG_EXOP_MODIFY_PASSWD_ID ((ber_tag_t) 0x80U)
+#define LDAP_TAG_EXOP_MODIFY_PASSWD_OLD ((ber_tag_t) 0x81U)
+#define LDAP_TAG_EXOP_MODIFY_PASSWD_NEW ((ber_tag_t) 0x82U)
+#define LDAP_TAG_EXOP_MODIFY_PASSWD_GEN ((ber_tag_t) 0x80U)
+
+#define LDAP_EXOP_X_CANCEL "1.3.6.1.4.1.4203.666.6.3"
+#define LDAP_EXOP_X_WHO_AM_I "1.3.6.1.4.1.4203.1.11.3"
-#define LDAP_EXOP_X_MODIFY_PASSWD "1.3.6.1.4.1.4203.1.11.1"
-#define LDAP_TAG_EXOP_X_MODIFY_PASSWD_ID ((ber_tag_t) 0x80U)
-#define LDAP_TAG_EXOP_X_MODIFY_PASSWD_OLD ((ber_tag_t) 0x81U)
-#define LDAP_TAG_EXOP_X_MODIFY_PASSWD_NEW ((ber_tag_t) 0x82U)
-#define LDAP_TAG_EXOP_X_MODIFY_PASSWD_GEN ((ber_tag_t) 0x80U)
+/* LDAP Features */
+#define LDAP_FEATURE_ALL_OPERATIONAL_ATTRS "1.3.6.1.4.1.4203.1.5.1" /* + */
+#define LDAP_FEATURE_OBJECTCLASS_ATTRS "1.3.6.1.4.1.4203.1.5.2"
+#define LDAP_FEATURE_ABSOLUTE_FILTERS "1.3.6.1.4.1.4203.1.5.3" /* (&) (|) */
+#define LDAP_FEATURE_LANGUAGE_TAG_OPTIONS "1.3.6.1.4.1.4203.1.5.4"
+#define LDAP_FEATURE_LANGUAGE_RANGE_OPTIONS "1.3.6.1.4.1.4203.1.5.5"
/*
* specific LDAP instantiations of BER types we know about
/* general stuff */
#define LDAP_TAG_MESSAGE ((ber_tag_t) 0x30U) /* constructed + 16 */
#define LDAP_TAG_MSGID ((ber_tag_t) 0x02U) /* integer */
+
+#ifdef LDAP_CLIENT_UPDATE
+#define LDAP_TAG_INTERVAL ((ber_tag_t) 0x02U) /* integer */
+#endif /* LDAP_CLIENT_UPDATE */
+
#define LDAP_TAG_LDAPDN ((ber_tag_t) 0x04U) /* octet string */
#define LDAP_TAG_LDAPCRED ((ber_tag_t) 0x04U) /* octet string */
+
+#ifdef LDAP_CLIENT_UPDATE
+#define LDAP_TAG_COOKIE ((ber_tag_t) 0x30U) /* sequence */
+#endif /* LDAP_CLIENT_UPDATE */
+
#define LDAP_TAG_CONTROLS ((ber_tag_t) 0xa0U) /* context specific + constructed + 0 */
#define LDAP_TAG_REFERRAL ((ber_tag_t) 0xa3U) /* context specific + constructed + 3 */
#define LDAP_IS_LEAF 0x23 /* not LDAPv3 */
#define LDAP_ALIAS_DEREF_PROBLEM 0x24
-#define LDAP_SECURITY_ERROR(n) LDAP_RANGE((n),0x30,0x32) /* 48-50 */
+#define LDAP_SECURITY_ERROR(n) LDAP_RANGE((n),0x2F,0x32) /* 47-50 */
+#define LDAP_PROXY_AUTHZ_FAILURE 0x2F /* LDAPv3 proxy authorization */
#define LDAP_INAPPROPRIATE_AUTH 0x30
#define LDAP_INVALID_CREDENTIALS 0x31
#define LDAP_INSUFFICIENT_ACCESS 0x32
#define LDAP_CLIENT_LOOP 0x60 /* draft-ietf-ldap-c-api-xx */
#define LDAP_REFERRAL_LIMIT_EXCEEDED 0x61 /* draft-ietf-ldap-c-api-xx */
+#ifdef LDAP_CLIENT_UPDATE
+/* resultCode for LCUP */
+#define LDAP_CUP_RESOURCES_EXHAUSTED 0x62
+#define LDAP_CUP_SECURITY_VIOLATION 0x63
+#define LDAP_CUP_INVALID_COOKIE 0x64
+#define LDAP_CUP_UNSUPPORTED_SCHEME 0x65
+#define LDAP_CUP_CLIENT_DISCONNECT 0x66
+#define LDAP_CUP_RELOAD_REQUIRED 0x67
+
+/* LCUP update type */
+#define LDAP_CUP_SYNC_ONLY 0x00
+#define LDAP_CUP_SYNC_AND_PERSIST 0x01
+#define LDAP_CUP_PERSIST_ONLY 0x02
+
+/* LCUP default cookie interval */
+#define LDAP_CUP_DEFAULT_SEND_COOKIE_INTERVAL 0x01
+#endif /* LDAP_CLIENT_UPDATE */
+
/*
* This structure represents both ldap messages and ldap responses.
* These are really the same, except in the case of search responses,
#define mod_bvalues mod_vals.modv_bvals
} LDAPMod;
-/*
- * structures for ldap getfilter routines
- */
-
-typedef struct ldap_filt_info {
- char *lfi_filter;
- char *lfi_desc;
- int lfi_scope;
- int lfi_isexact;
- struct ldap_filt_info *lfi_next;
-} LDAPFiltInfo;
-
-typedef struct ldap_filt_list {
- char *lfl_tag;
- char *lfl_pattern;
- char *lfl_delims;
- LDAPFiltInfo *lfl_ilist;
- struct ldap_filt_list *lfl_next;
-} LDAPFiltList;
-
-
-#define LDAP_FILT_MAXSIZ 1024
-
-typedef struct ldap_filt_desc {
- LDAPFiltList *lfd_filtlist;
- LDAPFiltInfo *lfd_curfip;
- LDAPFiltInfo lfd_retfi;
- char lfd_filter[ LDAP_FILT_MAXSIZ ];
- char *lfd_curval;
- char *lfd_curvalcopy;
- char **lfd_curvalwords;
- char *lfd_filtprefix;
- char *lfd_filtsuffix;
-} LDAPFiltDesc;
-
-
/*
* structure representing an ldap session which can
* encompass connections to multiple servers (in the
*/
LDAP_F( int )
ldap_create_control LDAP_P((
- const char *requestOID,
+ LDAP_CONST char *requestOID,
BerElement *ber,
int iscritical,
LDAPControl **ctrlp ));
ldap_uncache_request LDAP_P(( LDAP *ld, int msgid ));
+/*
+ * LDAP Cancel Extended Operation <draft-zeilenga-ldap-cancel-xx.txt>
+ */
+
+LDAP_F( int )
+ldap_cancel LDAP_P(( LDAP *ld,
+ int cancelid,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls,
+ int *msgidp ));
+
+LDAP_F( int )
+ldap_cancel_s LDAP_P((
+ LDAP *ld,
+ int cancelid,
+ LDAPControl **sctrl,
+ LDAPControl **cctrl ));
+
/*
* in compare.c:
*/
LDAPMessage *entry ));
typedef struct ldap_ava {
- struct berval *la_attr;
- struct berval *la_value;
+ struct berval la_attr;
+ struct berval la_value;
unsigned la_flags;
#define LDAP_AVA_STRING 0x0000U
#define LDAP_AVA_BINARY 0x0001U
#define LDAP_DN_FORMAT_DCE 0x0030U
#define LDAP_DN_FORMAT_UFN 0x0040U /* dn2str only */
#define LDAP_DN_FORMAT_AD_CANONICAL 0x0050U /* dn2str only */
+#define LDAP_DN_FORMAT_LBER 0x00F0U /* for testing only */
#define LDAP_DN_FORMAT_MASK 0x00F0U
/* DN flags */
#define LDAP_DN_PRETTY 0x0100U
+#define LDAP_DN_SKIP 0x0200U
#define LDAP_DN_P_NOLEADTRAILSPACES 0x1000U
#define LDAP_DN_P_NOSPACEAFTERRDN 0x2000U
#define LDAP_DN_PEDANTIC 0xF000U
LDAP_F( void )
ldap_dnfree LDAP_P(( LDAPDN *dn ));
+LDAP_F( int )
+ldap_bv2dn LDAP_P((
+ struct berval *bv,
+ LDAPDN **dn,
+ unsigned flags ));
+
LDAP_F( int )
ldap_str2dn LDAP_P((
LDAP_CONST char *str,
char **str,
unsigned flags ));
+LDAP_F( int )
+ldap_bv2rdn LDAP_P((
+ struct berval *bv,
+ LDAPRDN **rdn,
+ char **next,
+ unsigned flags ));
+
LDAP_F( int )
ldap_str2rdn LDAP_P((
- const char *str,
+ LDAP_CONST char *str,
LDAPRDN **rdn,
- const char **next,
+ char **next,
unsigned flags ));
LDAP_F( int )
LDAP_CONST char *rdn,
int notypes ));
+typedef int LDAPDN_rewrite_func LDAP_P(( LDAPDN *dn, unsigned flags ));
+
+LDAP_F( int )
+ldap_X509dn2bv LDAP_P(( void *x509_name, struct berval *dn,
+ LDAPDN_rewrite_func *func, unsigned flags ));
+
LDAP_F( char * )
ldap_dn2dcedn LDAP_P(( LDAP_CONST char *dn )); /* deprecated */
LDAP_F( char * )
ldap_dn2ad_canonical LDAP_P(( LDAP_CONST char *dn )); /* deprecated */
+LDAP_F( int )
+ldap_get_dn_ber LDAP_P((
+ LDAP *ld, LDAPMessage *e, BerElement **berout, struct berval *dn ));
+
+LDAP_F( int )
+ldap_get_attribute_ber LDAP_P((
+ LDAP *ld, LDAPMessage *e, BerElement *ber, struct berval *attr,
+ struct berval **vals ));
+
/*
* in getattr.c
*/
LDAPControl **clientctrls));
/*
- * in getfilter.c
- * (deprecated)
+ * in filter.c
*/
-LDAP_F( LDAPFiltDesc * )
-ldap_init_getfilter LDAP_P(( /* deprecated */
- LDAP_CONST char *fname ));
-
-LDAP_F( LDAPFiltInfo * )
-ldap_getfirstfilter LDAP_P(( /* deprecated */
- LDAPFiltDesc *lfdp,
- /* LDAP_CONST */ char *tagpat,
- /* LDAP_CONST */ char *value ));
-
-LDAP_F( LDAPFiltInfo * )
-ldap_getnextfilter LDAP_P(( /* deprecated */
- LDAPFiltDesc *lfdp ));
-
+LDAP_F( int )
+ldap_put_vrFilter LDAP_P((
+ BerElement *ber,
+ const char *vrf ));
/*
* in free.c
ldap_strdup LDAP_P((
LDAP_CONST char * ));
-LDAP_F( void )
-ldap_getfilter_free LDAP_P((
- LDAPFiltDesc *lfdp ));
-
LDAP_F( void )
ldap_mods_free LDAP_P((
LDAPMod **mods,
*/
/*
- * structure for virtul list.
+ * structure for virtual list.
*/
typedef struct ldapvlvinfo {
int ldvlv_version;
struct berval **contextp,
int *errcodep ));
+/*
+ * LDAP Who Am I? (whoami.c)
+ */
+
+LDAP_F( int )
+ldap_parse_whoami LDAP_P((
+ LDAP *ld,
+ LDAPMessage *res,
+ struct berval **authzid ));
+
+LDAP_F( int )
+ldap_whoami LDAP_P(( LDAP *ld,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls,
+ int *msgidp ));
+
+LDAP_F( int )
+ldap_whoami_s LDAP_P((
+ LDAP *ld,
+ struct berval **authzid,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls ));
LDAP_END_DECL
#endif /* _LDAP_H */