#define LDAP_OPT_ERROR_STRING LDAP_OPT_DIAGNOSTIC_MESSAGE
#define LDAP_OPT_MATCHED_DN 0x0033
/* 0x0034 - 0x3fff not defined */
+/* 0x0091 used by Microsoft for LDAP_OPT_AUTO_RECONNECT */
+#define LDAP_OPT_SSPI_FLAGS 0x0092
+/* 0x0093 used by Microsoft for LDAP_OPT_SSL_INFO */
+/* 0x0094 used by Microsoft for LDAP_OPT_REF_DEREF_CONN_PER_MSG */
+#define LDAP_OPT_SIGN 0x0095
+#define LDAP_OPT_ENCRYPT 0x0096
+#define LDAP_OPT_SASL_METHOD 0x0097
+/* 0x0098 used by Microsoft for LDAP_OPT_AREC_EXCLUSIVE */
+#define LDAP_OPT_SECURITY_CONTEXT 0x0099
+/* 0x009A used by Microsoft for LDAP_OPT_ROOTDSE_CACHE */
+/* 0x009B - 0x3fff not defined */
/* API Extensions */
#define LDAP_OPT_API_EXTENSION_BASE 0x4000 /* API extensions */
#define LDAP_OPT_SOCKBUF 0x5008 /* sockbuf */
#define LDAP_OPT_DEFBASE 0x5009 /* searchbase */
#define LDAP_OPT_CONNECT_ASYNC 0x5010 /* create connections asynchronously */
+#define LDAP_OPT_CONNECT_CB 0x5011 /* connection callbacks */
/* OpenLDAP TLS options */
#define LDAP_OPT_X_TLS 0x6000
-#define LDAP_OPT_X_TLS_CTX 0x6001 /* OpenSSL CTX */
+#define LDAP_OPT_X_TLS_CTX 0x6001 /* OpenSSL CTX* */
#define LDAP_OPT_X_TLS_CACERTFILE 0x6002
#define LDAP_OPT_X_TLS_CACERTDIR 0x6003
#define LDAP_OPT_X_TLS_CERTFILE 0x6004
/* #define LDAP_OPT_X_TLS_PROTOCOL 0x6007 */
#define LDAP_OPT_X_TLS_CIPHER_SUITE 0x6008
#define LDAP_OPT_X_TLS_RANDOM_FILE 0x6009
-#define LDAP_OPT_X_TLS_SSL_CTX 0x600a
+#define LDAP_OPT_X_TLS_SSL_CTX 0x600a /* OpenSSL SSL* */
#define LDAP_OPT_X_TLS_CRLCHECK 0x600b
#define LDAP_OPT_X_TLS_CONNECT_CB 0x600c
#define LDAP_OPT_X_TLS_CONNECT_ARG 0x600d
#define LDAP_OPT_X_SASL_SECPROPS 0x6106 /* write-only */
#define LDAP_OPT_X_SASL_SSF_MIN 0x6107
#define LDAP_OPT_X_SASL_SSF_MAX 0x6108
-#define LDAP_OPT_X_SASL_MAXBUFSIZE 0x6109
+#define LDAP_OPT_X_SASL_MAXBUFSIZE 0x6109
+#define LDAP_OPT_X_SASL_MECHLIST 0x610a /* read-only */
+
+/* OpenLDAP GSSAPI options */
+#define LDAP_OPT_X_GSSAPI_DO_NOT_FREE_CONTEXT 0x6200
+#define LDAP_OPT_X_GSSAPI_ALLOW_REMOTE_PRINCIPAL 0x6201
+
/* Private API Extensions -- reserved for application use */
#define LDAP_OPT_PRIVATE_EXTENSION_BASE 0x7000 /* Private API inclusive */
#define LDAP_AUTH_KRBV41 ((ber_tag_t) 0x81U) /* context specific + primitive */
#define LDAP_AUTH_KRBV42 ((ber_tag_t) 0x82U) /* context specific + primitive */
+/* used by the Windows API but not used on the wire */
+#define LDAP_AUTH_NEGOTIATE ((ber_tag_t) 0x04FFU)
/* filter types */
#define LDAP_FILTER_AND ((ber_tag_t) 0xa0U) /* context specific + constructed */
* End of LDAP sync (RFC4533) API
*/
+/*
+ * Connection callbacks...
+ */
+struct ldap_conncb;
+struct sockaddr;
+
+/* Called after a connection is established */
+typedef int (ldap_conn_add_f) LDAP_P(( LDAP *ld, Sockbuf *sb, LDAPURLDesc *srv, struct sockaddr *addr,
+ struct ldap_conncb *ctx ));
+/* Called before a connection is closed */
+typedef void (ldap_conn_del_f) LDAP_P(( LDAP *ld, Sockbuf *sb, struct ldap_conncb *ctx ));
+
+/* Callbacks are pushed on a stack. Last one pushed is first one executed. The
+ * delete callback is called with a NULL Sockbuf just before freeing the LDAP handle.
+ */
+typedef struct ldap_conncb {
+ ldap_conn_add_f *lc_add;
+ ldap_conn_del_f *lc_del;
+ void *lc_arg;
+} ldap_conncb;
+
/*
* The API draft spec says we should declare (or cause to be declared)
* 'struct timeval'. We don't. See IETF LDAPext discussions.
#endif /* LDAP_CONTROL_X_SESSION_TRACKING */
+/*
+ * in assertion.c
+ */
+LDAP_F (int)
+ldap_create_assertion_control_value LDAP_P((
+ LDAP *ld,
+ char *assertion,
+ struct berval *value ));
+
+LDAP_F( int )
+ldap_create_assertion_control LDAP_P((
+ LDAP *ld,
+ char *filter,
+ int iscritical,
+ LDAPControl **ctrlp ));
+
LDAP_END_DECL
#endif /* _LDAP_H */