1 /* ***** BEGIN LICENSE BLOCK *****
2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
4 * The contents of this file are subject to the Mozilla Public License Version
5 * 1.1 (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 * http://www.mozilla.org/MPL/
9 * Software distributed under the License is distributed on an "AS IS" basis,
10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 * for the specific language governing rights and limitations under the
14 * The Original Code is the Netscape security libraries.
16 * The Initial Developer of the Original Code is
17 * Netscape Communications Corporation.
18 * Portions created by the Initial Developer are Copyright (C) 1994-2000
19 * the Initial Developer. All Rights Reserved.
24 * Alternatively, the contents of this file may be used under the terms of
25 * either the GNU General Public License Version 2 or later (the "GPL"), or
26 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
27 * in which case the provisions of the GPL or the LGPL are applicable instead
28 * of those above. If you wish to allow use of your version of this file only
29 * under the terms of either the GPL or the LGPL, and not to allow others to
30 * use your version of this file under the terms of the MPL, indicate your
31 * decision by deleting the provisions above and replace them with the notice
32 * and other provisions required by the GPL or the LGPL. If you do not delete
33 * the provisions above, a recipient may use your version of this file under
34 * the terms of any one of the MPL, the GPL or the LGPL.
36 * ***** END LICENSE BLOCK ***** */
38 * pkix_pl_ldapcertstore.h
40 * LDAPCertstore Object Type Definition
44 #ifndef _PKIX_PL_LDAPCERTSTORE_H
45 #define _PKIX_PL_LDAPCERTSTORE_H
47 #include "pkix_pl_ldapt.h"
48 #include "pkix_pl_common.h"
55 * At the time of this version, there are unresolved questions about the LDAP
56 * protocol. Although RFC1777 describes a BIND and UNBIND message, it is not
57 * clear whether they are appropriate to this application. We have tested only
58 * using servers that do not expect authentication, and that reject BIND
59 * messages. It is not clear what values might be appropriate for the bindname
60 * and authentication fields, which are currently implemented as char strings
61 * supplied by the caller. (If this changes, the API and possibly the templates
62 * will have to change.) Therefore the CertStore_Create API contains a BindAPI
63 * structure, a union, which will have to be revised and extended when this
64 * area of the protocol is better understood.
66 * It is further assumed that a given LdapCertStore will connect only to a
67 * single server, and that the creation of the socket will initiate the
68 * CONNECT. Therefore the LdapCertStore handles only the case of continuing
69 * the connection, if nonblocking I/O is being used.
77 LDAP_BIND_RESPONSE_PENDING
,
87 #define LDAP_CACHEBUCKETS 128
88 #define RCVBUFSIZE 512
90 struct PKIX_PL_LdapCertStoreContext
{
91 PKIX_PL_LdapClient
*client
;
94 /* see source file for function documentation */
96 PKIX_Error
*pkix_pl_LdapCertStoreContext_RegisterSelf(void *plContext
);
99 pkix_pl_LdapCertStore_BuildCertList(
100 PKIX_List
*responseList
,
108 #endif /* _PKIX_PL_LDAPCERTSTORE_H */