/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2008 The OpenLDAP Foundation.
+ * Copyright 1998-2013 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
defined( LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE ) )
/* -lldap may or may not be thread safe */
/* -lldap_r, if available, is always thread safe */
-# define LDAP_API_FEATURE_THREAD_SAFE 1
+# define LDAP_API_FEATURE_THREAD_SAFE 1
+# define LDAP_API_FEATURE_SESSION_THREAD_SAFE 1
+# define LDAP_API_FEATURE_OPERATION_THREAD_SAFE 1
#endif
#if defined( LDAP_THREAD_SAFE ) && \
defined( LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE )
#define LDAP_OPT_DEFBASE 0x5009 /* searchbase */
#define LDAP_OPT_CONNECT_ASYNC 0x5010 /* create connections asynchronously */
#define LDAP_OPT_CONNECT_CB 0x5011 /* connection callbacks */
+#define LDAP_OPT_SESSION_REFCNT 0x5012 /* session reference count */
/* OpenLDAP TLS options */
#define LDAP_OPT_X_TLS 0x6000
#define LDAP_OPT_X_TLS_CERTFILE 0x6004
#define LDAP_OPT_X_TLS_KEYFILE 0x6005
#define LDAP_OPT_X_TLS_REQUIRE_CERT 0x6006
-/* #define LDAP_OPT_X_TLS_PROTOCOL 0x6007 */
+#define LDAP_OPT_X_TLS_PROTOCOL_MIN 0x6007
#define LDAP_OPT_X_TLS_CIPHER_SUITE 0x6008
#define LDAP_OPT_X_TLS_RANDOM_FILE 0x6009
#define LDAP_OPT_X_TLS_SSL_CTX 0x600a /* OpenSSL SSL* */
#define LDAP_OPT_X_TLS_DHFILE 0x600e
#define LDAP_OPT_X_TLS_NEWCTX 0x600f
#define LDAP_OPT_X_TLS_CRLFILE 0x6010 /* GNUtls only */
+#define LDAP_OPT_X_TLS_PACKAGE 0x6011
#define LDAP_OPT_X_TLS_NEVER 0
#define LDAP_OPT_X_TLS_HARD 1
#define LDAP_OPT_X_TLS_CRL_PEER 1
#define LDAP_OPT_X_TLS_CRL_ALL 2
+/* for LDAP_OPT_X_TLS_PROTOCOL_MIN */
+#define LDAP_OPT_X_TLS_PROTOCOL(maj,min) (((maj) << 8) + (min))
+#define LDAP_OPT_X_TLS_PROTOCOL_SSL2 (2 << 8)
+#define LDAP_OPT_X_TLS_PROTOCOL_SSL3 (3 << 8)
+#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_0 ((3 << 8) + 1)
+#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_1 ((3 << 8) + 2)
+#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_2 ((3 << 8) + 3)
+
/* OpenLDAP SASL options */
#define LDAP_OPT_X_SASL_MECH 0x6100
#define LDAP_OPT_X_SASL_REALM 0x6101
#define LDAP_OPT_X_SASL_MAXBUFSIZE 0x6109
#define LDAP_OPT_X_SASL_MECHLIST 0x610a /* read-only */
#define LDAP_OPT_X_SASL_NOCANON 0x610b
+#define LDAP_OPT_X_SASL_USERNAME 0x610c /* read-only */
+#define LDAP_OPT_X_SASL_GSS_CREDS 0x610d
/* OpenLDAP GSSAPI options */
#define LDAP_OPT_X_GSSAPI_DO_NOT_FREE_CONTEXT 0x6200
#define LDAP_OPT_X_GSSAPI_ALLOW_REMOTE_PRINCIPAL 0x6201
+/*
+ * OpenLDAP per connection tcp-keepalive settings
+ * (Linux only, ignored where unsupported)
+ */
+#define LDAP_OPT_X_KEEPALIVE_IDLE 0x6300
+#define LDAP_OPT_X_KEEPALIVE_PROBES 0x6301
+#define LDAP_OPT_X_KEEPALIVE_INTERVAL 0x6302
/* Private API Extensions -- reserved for application use */
#define LDAP_OPT_PRIVATE_EXTENSION_BASE 0x7000 /* Private API inclusive */
#define LDAP_CONTROL_PRE_READ "1.3.6.1.1.13.1" /* RFC 4527 */
#define LDAP_CONTROL_POST_READ "1.3.6.1.1.13.2" /* RFC 4527 */
-/* standard track - not implemented in slapd(8) */
#define LDAP_CONTROL_SORTREQUEST "1.2.840.113556.1.4.473" /* RFC 2891 */
#define LDAP_CONTROL_SORTRESPONSE "1.2.840.113556.1.4.474" /* RFC 2891 */
#define LDAP_SYNC_ADD 1
#define LDAP_SYNC_MODIFY 2
#define LDAP_SYNC_DELETE 3
+#define LDAP_SYNC_NEW_COOKIE 4
/* Password policy Controls *//* work in progress */
/* MS Active Directory controls - not implemented in slapd(8) */
#define LDAP_CONTROL_X_EXTENDED_DN "1.2.840.113556.1.4.529"
-#ifdef LDAP_DEVEL
/* <draft-wahl-ldap-session> */
#define LDAP_CONTROL_X_SESSION_TRACKING "1.3.6.1.4.1.21008.108.63.1"
#define LDAP_CONTROL_X_SESSION_TRACKING_RADIUS_ACCT_SESSION_ID \
LDAP_CONTROL_X_SESSION_TRACKING ".2"
#define LDAP_CONTROL_X_SESSION_TRACKING_USERNAME \
LDAP_CONTROL_X_SESSION_TRACKING ".3"
-#endif /* LDAP_DEVEL */
-
/* various expired works */
+
/* LDAP Duplicated Entry Control Extension *//* not implemented in slapd(8) */
#define LDAP_CONTROL_DUPENT_REQUEST "2.16.840.1.113719.1.27.101.1"
#define LDAP_CONTROL_DUPENT_RESPONSE "2.16.840.1.113719.1.27.101.2"
#define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_MODIFY 0x4
#define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_RENAME 0x8
-/* LDAP VLV *//* not implemented in slapd(8) */
+/* LDAP VLV */
#define LDAP_CONTROL_VLVREQUEST "2.16.840.1.113730.3.4.9"
#define LDAP_CONTROL_VLVRESPONSE "2.16.840.1.113730.3.4.10"
-
/* LDAP Unsolicited Notifications */
#define LDAP_NOTICE_OF_DISCONNECTION "1.3.6.1.4.1.1466.20036" /* RFC 4511 */
#define LDAP_NOTICE_DISCONNECT LDAP_NOTICE_OF_DISCONNECTION
#define LDAP_EXOP_REFRESH "1.3.6.1.4.1.1466.101.119.1" /* RFC 2589 */
#define LDAP_TAG_EXOP_REFRESH_REQ_DN ((ber_tag_t) 0x80U)
#define LDAP_TAG_EXOP_REFRESH_REQ_TTL ((ber_tag_t) 0x81U)
-#define LDAP_TAG_EXOP_REFRESH_RES_TTL ((ber_tag_t) 0x80U)
+#define LDAP_TAG_EXOP_REFRESH_RES_TTL ((ber_tag_t) 0x81U)
#define LDAP_EXOP_WHO_AM_I "1.3.6.1.4.1.4203.1.11.3" /* RFC 4532 */
#define LDAP_EXOP_X_WHO_AM_I LDAP_EXOP_WHO_AM_I
#define LDAP_RESULTS_TOO_LARGE 0x46 /* CLDAP */
#define LDAP_AFFECTS_MULTIPLE_DSAS 0x47
+#define LDAP_VLV_ERROR 0x4C
+
#define LDAP_OTHER 0x50
/* LCUP operation codes (113-117) - not implemented */
typedef int (LDAP_SASL_INTERACT_PROC) LDAP_P((
LDAP *ld, unsigned flags, void* defaults, void *interact ));
+LDAP_F( int )
+ldap_sasl_interactive_bind LDAP_P((
+ LDAP *ld,
+ LDAP_CONST char *dn, /* usually NULL */
+ LDAP_CONST char *saslMechanism,
+ LDAPControl **serverControls,
+ LDAPControl **clientControls,
+
+ /* should be client controls */
+ unsigned flags,
+ LDAP_SASL_INTERACT_PROC *proc,
+ void *defaults,
+
+ /* as obtained from ldap_result() */
+ LDAPMessage *result,
+
+ /* returned during bind processing */
+ const char **rmech,
+ int *msgid ));
+
LDAP_F( int )
ldap_sasl_interactive_bind_s LDAP_P((
LDAP *ld,
#endif
+/*
+ * gssapi.c:
+ */
+LDAP_F( int )
+ldap_gssapi_bind LDAP_P((
+ LDAP *ld,
+ LDAP_CONST char *dn,
+ LDAP_CONST char *creds ));
+
+LDAP_F( int )
+ldap_gssapi_bind_s LDAP_P((
+ LDAP *ld,
+ LDAP_CONST char *dn,
+ LDAP_CONST char *creds ));
+
+
/*
* in modify.c:
*/
LDAP **ldp,
LDAP_CONST char *url ));
+LDAP_F( LDAP * )
+ldap_dup LDAP_P((
+ LDAP *old ));
+
/*
* in tls.c
*/
LDAPControl **serverctrls,
LDAPControl **clientctrls));
+LDAP_F( int )
+ldap_destroy LDAP_P((
+ LDAP *ld));
+
#if LDAP_DEPRECATED
LDAP_F( int )
ldap_unbind LDAP_P(( /* deprecated, use ldap_unbind_ext */
struct berval *value ));
LDAP_F( int )
-ldap_create_session_tracking LDAP_P((
+ldap_create_session_tracking_control LDAP_P((
LDAP *ld,
char *sessionSourceIp,
char *sessionSourceName,