X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=include%2Fldap.h;h=288fab37c784b4dd41a8f2d642115d27a483ed4c;hb=43cf058dc56dc27bdfb69d31c54d4f7b81cba116;hp=fa6e4176ecc50b248b68314c42fd12c27c795a59;hpb=fca72f333b50ea7ca06a697d3fac517f6e64aced;p=openldap
diff --git a/include/ldap.h b/include/ldap.h
index fa6e4176ec..288fab37c7 100644
--- a/include/ldap.h
+++ b/include/ldap.h
@@ -1,7 +1,7 @@
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software .
*
- * Copyright 1998-2010 The OpenLDAP Foundation.
+ * Copyright 1998-2014 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -59,7 +59,9 @@ LDAP_BEGIN_DECL
defined( LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE ) )
/* -lldap may or may not be thread safe */
/* -lldap_r, if available, is always thread safe */
-# define LDAP_API_FEATURE_THREAD_SAFE 1
+# define LDAP_API_FEATURE_THREAD_SAFE 1
+# define LDAP_API_FEATURE_SESSION_THREAD_SAFE 1
+# define LDAP_API_FEATURE_OPERATION_THREAD_SAFE 1
#endif
#if defined( LDAP_THREAD_SAFE ) && \
defined( LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE )
@@ -135,6 +137,7 @@ LDAP_BEGIN_DECL
#define LDAP_OPT_DEFBASE 0x5009 /* searchbase */
#define LDAP_OPT_CONNECT_ASYNC 0x5010 /* create connections asynchronously */
#define LDAP_OPT_CONNECT_CB 0x5011 /* connection callbacks */
+#define LDAP_OPT_SESSION_REFCNT 0x5012 /* session reference count */
/* OpenLDAP TLS options */
#define LDAP_OPT_X_TLS 0x6000
@@ -154,6 +157,11 @@ LDAP_BEGIN_DECL
#define LDAP_OPT_X_TLS_DHFILE 0x600e
#define LDAP_OPT_X_TLS_NEWCTX 0x600f
#define LDAP_OPT_X_TLS_CRLFILE 0x6010 /* GNUtls only */
+#define LDAP_OPT_X_TLS_PACKAGE 0x6011
+#define LDAP_OPT_X_TLS_ECNAME 0x6012
+#define LDAP_OPT_X_TLS_VERSION 0x6013 /* read-only */
+#define LDAP_OPT_X_TLS_CIPHER 0x6014 /* read-only */
+#define LDAP_OPT_X_TLS_PEERCERT 0x6015 /* read-only */
#define LDAP_OPT_X_TLS_NEVER 0
#define LDAP_OPT_X_TLS_HARD 1
@@ -261,6 +269,9 @@ typedef struct ldapcontrol {
/* non-standard track controls */
#define LDAP_CONTROL_PAGEDRESULTS "1.2.840.113556.1.4.319" /* RFC 2696 */
+#define LDAP_CONTROL_AUTHZID_REQUEST "2.16.840.1.113730.4.16" /* RFC 3829 */
+#define LDAP_CONTROL_AUTHZID_RESPONSE "2.16.840.1.113730.4.15" /* RFC 3829 */
+
/* LDAP Content Synchronization Operation -- RFC 4533 */
#define LDAP_SYNC_OID "1.3.6.1.4.1.4203.1.9.1"
#define LDAP_CONTROL_SYNC LDAP_SYNC_OID ".1"
@@ -292,6 +303,8 @@ typedef struct ldapcontrol {
#define LDAP_SYNC_DELETE 3
#define LDAP_SYNC_NEW_COOKIE 4
+/* LDAP Don't Use Copy Control (RFC 6171) */
+#define LDAP_CONTROL_DONTUSECOPY "1.3.6.1.1.22"
/* Password policy Controls *//* work in progress */
/* ITS#3458: released; disabled by default */
@@ -305,7 +318,6 @@ typedef struct ldapcontrol {
#define LDAP_CONTROL_MANAGEDIT LDAP_CONTROL_RELAX
#define LDAP_CONTROL_SLURP "1.3.6.1.4.1.4203.666.5.13"
#define LDAP_CONTROL_VALSORT "1.3.6.1.4.1.4203.666.5.14"
-#define LDAP_CONTROL_DONTUSECOPY "1.3.6.1.4.1.4203.666.5.15"
#define LDAP_CONTROL_X_DEREF "1.3.6.1.4.1.4203.666.5.16"
#define LDAP_CONTROL_X_WHATFAILED "1.3.6.1.4.1.4203.666.5.17"
@@ -331,7 +343,6 @@ typedef struct ldapcontrol {
/* MS Active Directory controls - not implemented in slapd(8) */
#define LDAP_CONTROL_X_EXTENDED_DN "1.2.840.113556.1.4.529"
-#ifdef LDAP_DEVEL
/* */
#define LDAP_CONTROL_X_SESSION_TRACKING "1.3.6.1.4.1.21008.108.63.1"
#define LDAP_CONTROL_X_SESSION_TRACKING_RADIUS_ACCT_SESSION_ID \
@@ -340,9 +351,8 @@ typedef struct ldapcontrol {
LDAP_CONTROL_X_SESSION_TRACKING ".2"
#define LDAP_CONTROL_X_SESSION_TRACKING_USERNAME \
LDAP_CONTROL_X_SESSION_TRACKING ".3"
-#endif /* LDAP_DEVEL */
-
/* various expired works */
+
/* LDAP Duplicated Entry Control Extension *//* not implemented in slapd(8) */
#define LDAP_CONTROL_DUPENT_REQUEST "2.16.840.1.113719.1.27.101.1"
#define LDAP_CONTROL_DUPENT_RESPONSE "2.16.840.1.113719.1.27.101.2"
@@ -380,7 +390,14 @@ typedef struct ldapcontrol {
#define LDAP_EXOP_REFRESH "1.3.6.1.4.1.1466.101.119.1" /* RFC 2589 */
#define LDAP_TAG_EXOP_REFRESH_REQ_DN ((ber_tag_t) 0x80U)
#define LDAP_TAG_EXOP_REFRESH_REQ_TTL ((ber_tag_t) 0x81U)
-#define LDAP_TAG_EXOP_REFRESH_RES_TTL ((ber_tag_t) 0x80U)
+#define LDAP_TAG_EXOP_REFRESH_RES_TTL ((ber_tag_t) 0x81U)
+
+#define LDAP_EXOP_VERIFY_CREDENTIALS "1.3.6.1.4.1.4203.666.6.5"
+#define LDAP_EXOP_X_VERIFY_CREDENTIALS LDAP_EXOP_VERIFY_CREDENTIALS
+
+#define LDAP_TAG_EXOP_VERIFY_CREDENTIALS_COOKIE ((ber_tag_t) 0x80U)
+#define LDAP_TAG_EXOP_VERIFY_CREDENTIALS_SCREDS ((ber_tag_t) 0x81U)
+#define LDAP_TAG_EXOP_VERIFY_CREDENTIALS_CONTROLS ((ber_tag_t) 0xa2U) /* context specific + constructed + 2 */
#define LDAP_EXOP_WHO_AM_I "1.3.6.1.4.1.4203.1.11.3" /* RFC 4532 */
#define LDAP_EXOP_X_WHO_AM_I LDAP_EXOP_WHO_AM_I
@@ -405,13 +422,11 @@ typedef struct ldapcontrol {
#define LDAP_URLEXT_X_SEARCHEDSUBTREE "x-searchedSubtree"
#define LDAP_URLEXT_X_FAILEDNAME "x-failedName"
-#ifdef LDAP_DEVEL
#define LDAP_X_TXN "1.3.6.1.4.1.4203.666.11.7" /* tmp */
#define LDAP_EXOP_X_TXN_START LDAP_X_TXN ".1"
#define LDAP_CONTROL_X_TXN_SPEC LDAP_X_TXN ".2"
#define LDAP_EXOP_X_TXN_END LDAP_X_TXN ".3"
#define LDAP_EXOP_X_TXN_ABORTED_NOTICE LDAP_X_TXN ".4"
-#endif
/* LDAP Features */
#define LDAP_FEATURE_ALL_OP_ATTRS "1.3.6.1.4.1.4203.1.5.1" /* RFC 3673 */
@@ -1352,7 +1367,7 @@ ldap_parse_result LDAP_P((
LDAPMessage *res,
int *errcodep,
char **matcheddnp,
- char **errmsgp,
+ char **diagmsgp,
char ***referralsp,
LDAPControl ***serverctrls,
int freeit ));
@@ -1519,6 +1534,10 @@ ldap_initialize LDAP_P((
LDAP **ldp,
LDAP_CONST char *url ));
+LDAP_F( LDAP * )
+ldap_dup LDAP_P((
+ LDAP *old ));
+
/*
* in tls.c
*/
@@ -1931,6 +1950,10 @@ ldap_unbind_ext_s LDAP_P((
LDAPControl **serverctrls,
LDAPControl **clientctrls));
+LDAP_F( int )
+ldap_destroy LDAP_P((
+ LDAP *ld));
+
#if LDAP_DEPRECATED
LDAP_F( int )
ldap_unbind LDAP_P(( /* deprecated, use ldap_unbind_ext */
@@ -2203,6 +2226,76 @@ ldap_parse_vlvresponse_control LDAP_P((
struct berval **contextp,
int *errcodep ));
+/*
+ * LDAP Verify Credentials
+ */
+#define LDAP_API_FEATURE_VERIFY_CREDENTIALS 1000
+
+LDAP_F( int )
+ldap_verify_credentials LDAP_P((
+ LDAP *ld,
+ struct berval *cookie,
+ LDAP_CONST char *dn,
+ LDAP_CONST char *mechanism,
+ struct berval *cred,
+ LDAPControl **ctrls,
+ LDAPControl **serverctrls,
+ LDAPControl **clientctrls,
+ int *msgidp ));
+
+LDAP_F( int )
+ldap_verify_credentials_s LDAP_P((
+ LDAP *ld,
+ struct berval *cookie,
+ LDAP_CONST char *dn,
+ LDAP_CONST char *mechanism,
+ struct berval *cred,
+ LDAPControl **vcictrls,
+ LDAPControl **serverctrls,
+ LDAPControl **clientctrls,
+ int *code,
+ char **diagmsgp,
+ struct berval **scookie,
+ struct berval **servercredp,
+ LDAPControl ***vcoctrls));
+
+
+LDAP_F( int )
+ldap_parse_verify_credentials LDAP_P((
+ LDAP *ld,
+ LDAPMessage *res,
+ int *code,
+ char **diagmsgp,
+ struct berval **cookie,
+ struct berval **servercredp,
+ LDAPControl ***vcctrls));
+
+/* not yet implemented */
+/* #define LDAP_API_FEATURE_VERIFY_CREDENTIALS_INTERACTIVE 1000 */
+#ifdef LDAP_API_FEATURE_VERIFY_CREDENTIALS_INTERACTIVE
+LDAP_F( int )
+ldap_verify_credentials_interactive LDAP_P((
+ LDAP *ld,
+ LDAP_CONST char *dn, /* usually NULL */
+ LDAP_CONST char *saslMechanism,
+ LDAPControl **vcControls,
+ LDAPControl **serverControls,
+ LDAPControl **clientControls,
+
+ /* should be client controls */
+ unsigned flags,
+ LDAP_SASL_INTERACT_PROC *proc,
+ void *defaults,
+ void *context,
+
+ /* as obtained from ldap_result() */
+ LDAPMessage *result,
+
+ /* returned during bind processing */
+ const char **rmech,
+ int *msgid ));
+#endif
+
/*
* LDAP Who Am I?
* in whoami.c
@@ -2421,7 +2514,7 @@ ldap_create_session_tracking_value LDAP_P((
struct berval *value ));
LDAP_F( int )
-ldap_create_session_tracking LDAP_P((
+ldap_create_session_tracking_control LDAP_P((
LDAP *ld,
char *sessionSourceIp,
char *sessionSourceName,
@@ -2572,7 +2665,7 @@ ldap_ldif_record_done LDAP_P((
LDAP_F( int )
ldap_parse_ldif_record LDAP_P((
struct berval *rbuf,
- int linenum,
+ unsigned long linenum,
LDIFRecord *lr,
const char *errstr,
unsigned int flags ));