X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fslap.h;h=6dcef2c184de99f47eb1c84fe5ecce28d30b5f69;hb=a5ee438c9394a19a241716d3d922299c20b0365d;hp=2768528086aa12f27d2b9221c49bf8adda1983ca;hpb=0dbaf87730ec9afe44dceaa452ae51e1dcaac3e7;p=openldap diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index 2768528086..6dcef2c184 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -1,12 +1,12 @@ /* slap.h - stand alone ldap server include file */ /* $OpenLDAP$ */ /* - * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved. + * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. * COPYING RESTRICTIONS APPLY, see COPYRIGHT file */ -#ifndef _SLDAPD_H_ -#define _SLDAPD_H_ +#ifndef _SLAP_H_ +#define _SLAP_H_ #include "ldap_defaults.h" @@ -40,12 +40,13 @@ LDAP_BEGIN_DECL +#define SERVICE_NAME OPENLDAP_PACKAGE "-slapd" +#define SLAPD_ANONYMOUS "" + #ifdef f_next #undef f_next /* name conflict between sys/file.h on SCO and struct filter */ #endif -#define SERVICE_NAME OPENLDAP_PACKAGE "-slapd" - /* LDAPMod.mod_op value ===> Must be kept in sync with ldap.h! * * This is a value used internally by the backends. It is needed to allow @@ -54,7 +55,6 @@ LDAP_BEGIN_DECL * JCG 05/1999 (gomez@engr.sgi.com) */ #define SLAP_MOD_SOFTADD 0x1000 -#undef LDAP_MOD_BVALUES /* we always use BVALUES */ #define ON 1 #define OFF (-1) @@ -62,8 +62,13 @@ LDAP_BEGIN_DECL #define MAXREMATCHES 10 -/* psuedo error code to indicating abandoned operation */ -#define SLAPD_ABANDON -1 + +/* psuedo error code indicating abandoned operation */ +#define SLAPD_ABANDON (-1) + +/* psuedo error code indicating disconnect */ +#define SLAPD_DISCONNECT (-2) + /* We assume "C" locale, that is US-ASCII */ #define ASCII_SPACE(c) ( (c) == ' ' ) @@ -88,24 +93,58 @@ LDAP_BEGIN_DECL #define AD_LEADCHAR(c) ( ATTR_CHAR(c) ) #define AD_CHAR(c) ( ATTR_CHAR(c) || (c) == ';' ) -#define SLAPD_ACI_DEFAULT_ATTR "aci" +/* must match in schema_init.c */ +#define SLAPD_DN_SYNTAX "1.3.6.1.4.1.1466.115.121.1.12" +#define SLAPD_GROUP_ATTR "member" +#define SLAPD_GROUP_CLASS "groupOfNames" +#define SLAPD_ROLE_ATTR "roleOccupant" +#define SLAPD_ROLE_CLASS "organizationalRole" -/* schema needed by slapd */ -#define SLAPD_OID_DN_SYNTAX "1.3.6.1.4.1.1466.115.121.1.12" -#define SLAPD_OID_ACI_SYNTAX "1.3.6.1.4.1.4203.2.1" /* experimental */ +#define SLAPD_ACI_SYNTAX "1.3.6.1.4.1.4203.666.2.1" +#define SLAPD_ACI_ATTR "OpenLDAPaci" LIBSLAPD_F (int) slap_debug; /* * Index types */ -#define SLAP_INDEX_PRESENCE 0x0001U -#define SLAP_INDEX_EQUALITY 0x0002U -#define SLAP_INDEX_APPROX 0x0004U -#define SLAP_INDEX_SUB 0x0008U -#define SLAP_INDEX_UNKNOWN 0x0010U -#define SLAP_INDEX_FROMINIT 0x8000U /* psuedo type */ +#define SLAP_INDEX_TYPE 0x00FFUL +#define SLAP_INDEX_UNDEFINED 0x0001UL +#define SLAP_INDEX_PRESENT 0x0002UL +#define SLAP_INDEX_EQUALITY 0x0004UL +#define SLAP_INDEX_APPROX 0x0008UL +#define SLAP_INDEX_SUBSTR 0x0010UL +#define SLAP_INDEX_EXTENDED 0x0020UL + +#define SLAP_INDEX_DEFAULT SLAP_INDEX_EQUALITY +#define IS_SLAP_INDEX(mask, type) (((mask) & (type)) == (type) ) + +#define SLAP_INDEX_SUBSTR_TYPE 0x0F00UL + +#define SLAP_INDEX_SUBSTR_INITIAL ( SLAP_INDEX_SUBSTR | 0x0100UL ) +#define SLAP_INDEX_SUBSTR_ANY ( SLAP_INDEX_SUBSTR | 0x0200UL ) +#define SLAP_INDEX_SUBSTR_FINAL ( SLAP_INDEX_SUBSTR | 0x0400UL ) +#define SLAP_INDEX_SUBSTR_DEFAULT ( SLAP_INDEX_SUBSTR \ + | SLAP_INDEX_SUBSTR_INITIAL | SLAP_INDEX_SUBSTR_FINAL ) + +#define SLAP_INDEX_FLAGS 0xF000UL +#define SLAP_INDEX_SUBTYPES 0x1000UL /* use index with subtypes */ +#define SLAP_INDEX_AUTO_SUBTYPES 0x2000UL /* use mask with subtypes */ +#define SLAP_INDEX_LANG 0x4000UL /* use index with lang subtypes */ +#define SLAP_INDEX_AUTO_LANG 0x8000UL /* use mask with lang subtypes */ + +typedef long slap_index; + +/* + * there is a single index for each attribute. these prefixes ensure + * that there is no collision among keys. + */ +#define SLAP_INDEX_EQUALITY_PREFIX '=' /* prefix for equality keys */ +#define SLAP_INDEX_APPROX_PREFIX '~' /* prefix for approx keys */ +#define SLAP_INDEX_SUBSTR_PREFIX '*' /* prefix for substring keys */ +#define SLAP_INDEX_CONT_PREFIX '.' /* prefix for continuation keys */ +#define SLAP_INDEX_UNKNOWN_PREFIX '?' /* prefix for unknown keys */ /* * represents schema information for a database @@ -144,22 +183,37 @@ typedef int slap_syntax_transform_func LDAP_P(( typedef struct slap_syntax { LDAP_SYNTAX ssyn_syn; +#define ssyn_oid ssyn_syn.syn_oid +#define ssyn_desc ssyn_syn.syn_desc +#define ssyn_extensions ssyn_syn.syn_extensions + unsigned ssyn_flags; -#define SLAP_SYNTAX_NONE 0x0U -#define SLAP_SYNTAX_BINARY 0x1U +#define SLAP_SYNTAX_NONE 0x00U +#define SLAP_SYNTAX_BLOB 0x01U /* syntax treated as blob (audio) */ +#define SLAP_SYNTAX_BINARY 0x02U /* binary transfer required (certificate) */ +#define SLAP_SYNTAX_BER 0x04U /* stored using BER encoding (binary,certificate) */ +#define SLAP_SYNTAX_HIDE 0x80U /* hide (do not publish) */ slap_syntax_validate_func *ssyn_validate; + slap_syntax_transform_func *ssyn_normalize; + slap_syntax_transform_func *ssyn_pretty; +#ifdef SLAPD_BINARY_CONVERSION /* convert to and from binary */ slap_syntax_transform_func *ssyn_ber2str; slap_syntax_transform_func *ssyn_str2ber; +#endif struct slap_syntax *ssyn_next; -#define ssyn_oid ssyn_syn.syn_oid -#define ssyn_desc ssyn_syn.syn_desc } Syntax; +#define slap_syntax_is_flag(s,flag) ((int)((s)->ssyn_flags & (flag)) ? 1 : 0) +#define slap_syntax_is_blob(s) slap_syntax_is_flag((s),SLAP_SYNTAX_BLOB) +#define slap_syntax_is_binary(s) slap_syntax_is_flag((s),SLAP_SYNTAX_BINARY) +#define slap_syntax_is_ber(s) slap_syntax_is_flag((s),SLAP_SYNTAX_BER) +#define slap_syntax_is_hidden(s) slap_syntax_is_flag((s),SLAP_SYNTAX_HIDE) + /* XXX -> UCS-2 Converter */ typedef int slap_mr_convert_func LDAP_P(( struct berval * in, @@ -175,6 +229,7 @@ typedef int slap_mr_normalize_func LDAP_P(( /* Match (compare) function */ typedef int slap_mr_match_func LDAP_P(( + int *match, unsigned use, struct slap_syntax *syntax, /* syntax of stored value */ struct slap_matching_rule *mr, @@ -186,27 +241,38 @@ typedef int slap_mr_indexer_func LDAP_P(( unsigned use, struct slap_syntax *syntax, /* syntax of stored value */ struct slap_matching_rule *mr, + struct berval *prefix, struct berval **values, - struct berval **keys )); + struct berval ***keys )); -struct slap_filter; /* forward declaration */ /* Filter index function */ typedef int slap_mr_filter_func LDAP_P(( unsigned use, struct slap_syntax *syntax, /* syntax of stored value */ struct slap_matching_rule *mr, - struct slap_filter *filter, - struct berval **keys )); + struct berval *prefix, + void * assertValue, + struct berval ***keys )); typedef struct slap_matching_rule { LDAP_MATCHING_RULE smr_mrule; unsigned smr_usage; -#define SLAP_MR_NONE 0x00U -#define SLAP_MR_EQUALITY 0x01U -#define SLAP_MR_APPROX 0x02U -#define SLAP_MR_ORDERING 0x04U -#define SLAP_MR_SUBSTR 0x08U -#define SLAP_MR_EXT 0x10U + +#define SLAP_MR_TYPE_MASK 0xFF00U +#define SLAP_MR_SUBTYPE_MASK 0x00FFU + +#define SLAP_MR_NONE 0x0000U +#define SLAP_MR_EQUALITY 0x0100U +#define SLAP_MR_ORDERING 0x0200U +#define SLAP_MR_SUBSTR 0x0400U +#define SLAP_MR_EXT 0x0800U + +#define SLAP_MR_EQUALITY_APPROX ( SLAP_MR_EQUALITY | 0x0001U ) + +#define SLAP_MR_SUBSTR_INITIAL ( SLAP_MR_SUBSTR | 0x0001U ) +#define SLAP_MR_SUBSTR_ANY ( SLAP_MR_SUBSTR | 0x0002U ) +#define SLAP_MR_SUBSTR_FINAL ( SLAP_MR_SUBSTR | 0x0004U ) + Syntax *smr_syntax; slap_mr_convert_func *smr_convert; slap_mr_normalize_func *smr_normalize; @@ -219,6 +285,7 @@ typedef struct slap_matching_rule { #define smr_desc smr_mrule.mr_desc #define smr_obsolete smr_mrule.mr_obsolete #define smr_syntax_oid smr_mrule.mr_syntax_oid +#define smr_extensions smr_mrule.mr_extensions } MatchingRule; typedef struct slap_attribute_type { @@ -229,6 +296,7 @@ typedef struct slap_attribute_type { struct slap_attribute_type *sat_sup; struct slap_attribute_type **sat_subtypes; MatchingRule *sat_equality; + MatchingRule *sat_approx; MatchingRule *sat_ordering; MatchingRule *sat_substr; Syntax *sat_syntax; @@ -250,6 +318,7 @@ typedef struct slap_attribute_type { #define sat_collective sat_atype.at_collective #define sat_no_user_mod sat_atype.at_no_user_mod #define sat_usage sat_atype.at_usage +#define sat_extensions sat_atype.at_extensions } AttributeType; #define is_at_operational(at) ((at)->sat_usage) @@ -271,6 +340,7 @@ typedef struct slap_object_class { #define soc_kind soc_oclass.oc_kind #define soc_at_oids_must soc_oclass.oc_at_oids_must #define soc_at_oids_may soc_oclass.oc_at_oids_may +#define soc_extensions soc_oclass.oc_extensions } ObjectClass; @@ -287,6 +357,65 @@ typedef struct slap_attr_desc { #define SLAP_DESC_BINARY 0x1U } AttributeDescription; +#define slap_ad_is_lang(ad) ( (ad)->ad_lang != NULL ) +#define slap_ad_is_binary(ad) ( (int)((ad)->ad_flags & SLAP_DESC_BINARY) ? 1 : 0 ) + +/* + * pointers to schema elements used internally + */ +struct slap_internal_schema { + /* objectClass */ + ObjectClass *si_oc_top; + ObjectClass *si_oc_extensibleObject; + ObjectClass *si_oc_alias; + ObjectClass *si_oc_referral; + ObjectClass *si_oc_subentry; + ObjectClass *si_oc_subschema; + ObjectClass *si_oc_rootdse; + + /* objectClass attribute */ + AttributeDescription *si_ad_objectClass; + + /* operational attributes */ + AttributeDescription *si_ad_creatorsName; + AttributeDescription *si_ad_createTimestamp; + AttributeDescription *si_ad_modifiersName; + AttributeDescription *si_ad_modifyTimestamp; + AttributeDescription *si_ad_subschemaSubentry; + + /* root DSE attributes */ + AttributeDescription *si_ad_namingContexts; + AttributeDescription *si_ad_supportedControl; + AttributeDescription *si_ad_supportedExtension; + AttributeDescription *si_ad_supportedLDAPVersion; + AttributeDescription *si_ad_supportedSASLMechanisms; + + /* subschema subentry attributes */ + AttributeDescription *si_ad_objectClasses; + AttributeDescription *si_ad_attributeTypes; + AttributeDescription *si_ad_ldapSyntaxes; + AttributeDescription *si_ad_matchingRules; + AttributeDescription *si_ad_matchingRulesUse; + + /* Aliases & Referrals */ + AttributeDescription *si_ad_aliasedObjectName; + AttributeDescription *si_ad_ref; + + /* Access Control Internals */ + AttributeDescription *si_ad_entry; + AttributeDescription *si_ad_children; +#ifdef SLAPD_ACI_ENABLED + AttributeDescription *si_ad_aci; +#endif + + /* Other */ + AttributeDescription *si_ad_userPassword; + AttributeDescription *si_ad_authPassword; +#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND + AttributeDescription *si_ad_krbName; +#endif +}; + typedef struct slap_attr_assertion { AttributeDescription *aa_desc; struct berval *aa_value; @@ -297,7 +426,7 @@ typedef struct slap_ss_assertion { struct berval *sa_initial; struct berval **sa_any; struct berval *sa_final; -} SubstringAssertion; +} SubstringsAssertion; typedef struct slap_mr_assertion { char *ma_rule; /* optional */ @@ -331,10 +460,18 @@ typedef struct slap_mra { /* * represents a search filter */ + typedef struct slap_filter { - ber_tag_t f_choice; /* values taken from ldap.h */ + ber_tag_t f_choice; /* values taken from ldap.h, plus: */ +#define SLAPD_FILTER_COMPUTED ((ber_tag_t) -1) +#define SLAPD_FILTER_DN_ONE ((ber_tag_t) -2) +#define SLAPD_FILTER_DN_SUBTREE ((ber_tag_t) -3) + union f_un_u { + /* precomputed result */ + ber_int_t f_un_result; + #ifdef SLAPD_SCHEMA_NOT_COMPAT /* DN */ char *f_un_dn; @@ -346,14 +483,11 @@ typedef struct slap_filter { AttributeAssertion *f_un_ava; /* substring assertion */ - SubstringAssertion *f_un_ssa; + SubstringsAssertion *f_un_ssa; /* matching rule assertion */ MatchingRuleAssertion *f_un_mra; - /* and, or, not */ - struct slap_filter *f_un_complex; - #define f_dn f_un.f_un_dn #define f_desc f_un.f_un_desc #define f_ava f_un.f_un_ava @@ -379,9 +513,6 @@ typedef struct slap_filter { /* extensible */ Mra f_un_fra; - /* and, or, not, list */ - struct slap_filter *f_un_complex; - /* substrings */ struct sub { char *f_un_sub_type; @@ -393,6 +524,7 @@ typedef struct slap_filter { #define f_dn f_un.f_un_type /* used for DN indices */ #define f_type f_un.f_un_type +#define f_desc f_type #define f_ava f_un.f_un_ava #define f_avtype f_un.f_un_ava.ava_type #define f_avvalue f_un.f_un_ava.ava_value @@ -402,12 +534,17 @@ typedef struct slap_filter { #define f_mrdnaddrs f_un.f_un_mra.mra_dnattrs #define f_sub f_un.f_un_sub #define f_sub_type f_un.f_un_sub.f_un_sub_type +#define f_sub_desc f_sub_type #define f_sub_initial f_un.f_un_sub.f_un_sub_initial #define f_sub_any f_un.f_un_sub.f_un_sub_any #define f_sub_final f_un.f_un_sub.f_un_sub_final #endif + + /* and, or, not */ + struct slap_filter *f_un_complex; } f_un; +#define f_result f_un.f_un_result #define f_and f_un.f_un_complex #define f_or f_un.f_un_complex #define f_not f_un.f_un_complex @@ -416,12 +553,15 @@ typedef struct slap_filter { struct slap_filter *f_next; } Filter; +/* compare routines can return undefined */ +#define SLAPD_COMPARE_UNDEFINED ((ber_tag_t) -1) + /* * represents an attribute (description + values) */ typedef struct slap_attr { #ifdef SLAPD_SCHEMA_NOT_COMPAT - AttributeDescription a_desc; + AttributeDescription *a_desc; #else char *a_type; /* description */ int a_syntax; @@ -473,27 +613,45 @@ typedef struct slap_entry { #ifdef SLAPD_SCHEMA_NOT_COMPAT typedef struct slap_mod { int sm_op; - AttributeDescription sm_desc; + AttributeDescription *sm_desc; struct berval **sm_bvalues; } Modification; #else #define Modification LDAPMod +#define sm_op mod_op +#define sm_desc mod_type +#define sm_bvalues mod_bvalues #endif typedef struct slap_mod_list { - Modification ml_mod; + Modification sml_mod; +#define sml_op sml_mod.sm_op +#define sml_desc sml_mod.sm_desc +#define sml_bvalues sml_mod.sm_bvalues +#ifndef SLAPD_SCHEMA_NOT_COMPAT +#define sml_type sml_mod.sm_desc +#endif + struct slap_mod_list *sml_next; +} Modifications; + #ifdef SLAPD_SCHEMA_NOT_COMPAT -#define ml_op ml_mod.sm_op -#define ml_desc ml_mod.sm_desc -#define ml_bvalues ml_mod.sm_bvalues -#else +typedef struct slap_ldap_modlist { + LDAPMod ml_mod; + struct slap_ldap_modlist *ml_next; #define ml_op ml_mod.mod_op #define ml_type ml_mod.mod_type #define ml_values ml_mod.mod_values #define ml_bvalues ml_mod.mod_bvalues +} LDAPModList; +#else +#define LDAPModList Modifications +#define ml_mod sml_mod +#define ml_op sml_mod.mod_op +#define ml_type sml_mod.mod_type +#define ml_values sml_mod.mod_values +#define ml_bvalues sml_mod.mod_bvalues +#define ml_next sml_next #endif - struct slap_mod_list *ml_next; -} Modifications; /* * represents an access control list @@ -605,10 +763,11 @@ typedef struct slap_access { /* ACL Groups */ char *a_group_pat; - char *a_group_oc; #ifdef SLAPD_SCHEMA_NOT_COMPAT + ObjectClass *a_group_oc; AttributeDescription *a_group_at; #else + char *a_group_oc; char *a_group_at; #endif @@ -661,7 +820,6 @@ LIBSLAPD_F (int) slapMode; #ifdef SLAPD_BDB2 #define SLAP_TIMED_MODE 0x1000 #endif -#define SLAP_TOOLID_MODE 4 /* temporary aliases */ typedef BackendDB Backend; @@ -743,12 +901,12 @@ typedef int (*SLAP_EXTENDED_FN) LDAP_P(( Backend *be, struct slap_conn *conn, struct slap_op *op, - char *reqoid, + const char *reqoid, struct berval * reqdata, char **rspoid, struct berval ** rspdata, LDAPControl *** rspctrls, - char ** text, + const char ** text, struct berval *** refs )); struct slap_backend_info { @@ -812,38 +970,42 @@ struct slap_backend_info { /* LDAP Operations Handling Routines */ int (*bi_op_bind) LDAP_P(( BackendDB *bd, struct slap_conn *c, struct slap_op *o, - char *dn, char *ndn, int method, char* mechanism, + const char *dn, const char *ndn, int method, struct berval *cred, char** edn )); int (*bi_op_unbind) LDAP_P((BackendDB *bd, struct slap_conn *c, struct slap_op *o )); int (*bi_op_search) LDAP_P((BackendDB *bd, struct slap_conn *c, struct slap_op *o, - char *base, char *nbase, int scope, int deref, + const char *base, const char *nbase, + int scope, int deref, int slimit, int tlimit, - Filter *f, char *filterstr, char **attrs, - int attrsonly)); + Filter *f, const char *filterstr, + char **attrs, int attrsonly)); #ifdef SLAPD_SCHEMA_NOT_COMPAT int (*bi_op_compare)LDAP_P((BackendDB *bd, struct slap_conn *c, struct slap_op *o, - char *dn, char *ndn, AttributeAssertion *ava)); + const char *dn, const char *ndn, + AttributeAssertion *ava)); #else int (*bi_op_compare)LDAP_P((BackendDB *bd, struct slap_conn *c, struct slap_op *o, - char *dn, char *ndn, Ava *ava)); + const char *dn, const char *ndn, + Ava *ava)); #endif int (*bi_op_modify) LDAP_P((BackendDB *bd, struct slap_conn *c, struct slap_op *o, - char *dn, char *ndn, Modifications *m)); + const char *dn, const char *ndn, Modifications *m)); int (*bi_op_modrdn) LDAP_P((BackendDB *bd, struct slap_conn *c, struct slap_op *o, - char *dn, char *ndn, char *newrdn, int deleteoldrdn, - char *newSuperior)); + const char *dn, const char *ndn, + const char *newrdn, int deleteoldrdn, + const char *newSuperior)); int (*bi_op_add) LDAP_P((BackendDB *bd, struct slap_conn *c, struct slap_op *o, Entry *e)); int (*bi_op_delete) LDAP_P((BackendDB *bd, struct slap_conn *c, struct slap_op *o, - char *dn, char *ndn)); + const char *dn, const char *ndn)); int (*bi_op_abandon) LDAP_P((BackendDB *bd, struct slap_conn *c, struct slap_op *o, ber_int_t msgid)); @@ -857,12 +1019,12 @@ struct slap_backend_info { #ifdef SLAPD_SCHEMA_NOT_COMPAT int (*bi_acl_group) LDAP_P((Backend *bd, Entry *e, const char *bdn, const char *edn, - const char *objectclassValue, + ObjectClass *group_oc, AttributeDescription *group_at )); #else int (*bi_acl_group) LDAP_P((Backend *bd, Entry *e, const char *bdn, const char *edn, - const char *objectclassValue, + const char *group_oc, const char *group_at )); #endif @@ -878,9 +1040,19 @@ struct slap_backend_info { ID (*bi_tool_entry_next) LDAP_P(( BackendDB *be )); Entry* (*bi_tool_entry_get) LDAP_P(( BackendDB *be, ID id )); ID (*bi_tool_entry_put) LDAP_P(( BackendDB *be, Entry *e )); - int (*bi_tool_index_attr) LDAP_P(( BackendDB *be, char* type )); - int (*bi_tool_index_change) LDAP_P(( BackendDB *be, char* type, +#ifdef SLAPD_SCHEMA_NOT_COMPAT + int (*bi_tool_index_attr) LDAP_P(( BackendDB *be, + AttributeDescription *desc )); + int (*bi_tool_index_change) LDAP_P(( BackendDB *be, + AttributeDescription *desc, struct berval **bv, ID id, int op )); +#else + int (*bi_tool_index_attr) LDAP_P(( BackendDB *be, + char* type )); + int (*bi_tool_index_change) LDAP_P(( BackendDB *be, + char* type, + struct berval **bv, ID id, int op )); +#endif int (*bi_tool_sync) LDAP_P(( BackendDB *be )); #ifdef HAVE_CYRUS_SASL @@ -919,7 +1091,6 @@ typedef struct slap_op { ber_tag_t o_tag; /* tag of the request */ time_t o_time; /* time op was initiated */ - int o_bind_in_progress; /* multi-step bind in progress */ #ifdef SLAP_AUTHZID /* should only be used for reporting purposes */ char *o_authc_dn; /* authentication DN */ @@ -978,15 +1149,16 @@ typedef struct slap_conn { char *c_sock_name; /* sock name (trans=addr:port) */ /* only can be changed by binding thread */ - int c_bind_in_progress; /* multi-op bind in progress */ + int c_sasl_bind_in_progress; /* multi-op bind in progress */ + char *c_sasl_bind_mech; /* mech in progress */ #ifdef HAVE_CYRUS_SASL - sasl_conn_t *c_sasl_context; + sasl_conn_t *c_sasl_bind_context; /* Cyrus SASL state data */ #endif - void *c_authstate; /* SASL state data */ + /* authentication backend */ Backend *c_authc_backend; - /* authorization backend */ + /* authorization backend - normally same as c_authc_backend */ Backend *c_authz_backend; #ifdef SLAP_AUTHZID @@ -1048,4 +1220,4 @@ LDAP_END_DECL #include "proto-slap.h" -#endif /* _slap_h_ */ +#endif /* _SLAP_H_ */