loader: use snprintf() with variable length error messages
[unleashed.git] / usr / src / head / ldap.h
blob046d08f4f0cd57e41c2637c5e45a2f0a78184ed8
1 /*
2 * Copyright 2011 Nexenta Systems, Inc. All rights reserved.
3 * Copyright 2001-2003 Sun Microsystems, Inc. All rights reserved.
4 * Use is subject to license terms.
5 */
7 /*
8 * The contents of this file are subject to the Netscape Public
9 * License Version 1.1 (the "License"); you may not use this file
10 * except in compliance with the License. You may obtain a copy of
11 * the License at http://www.mozilla.org/NPL/
13 * Software distributed under the License is distributed on an "AS
14 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
15 * implied. See the License for the specific language governing
16 * rights and limitations under the License.
18 * The Original Code is Mozilla Communicator client code, released
19 * March 31, 1998.
21 * The Initial Developer of the Original Code is Netscape
22 * Communications Corporation. Portions created by Netscape are
23 * Copyright (C) 1998-1999 Netscape Communications Corporation. All
24 * Rights Reserved.
26 * Contributor(s):
29 #ifndef _LDAP_H
30 #define _LDAP_H
32 #ifdef __cplusplus
33 extern "C" {
34 #endif
36 #ifndef _SOLARIS_SDK
37 #define _SOLARIS_SDK
38 #endif
40 #ifndef LDAP_TYPE_TIMEVAL_DEFINED
41 #include <sys/time.h>
42 #endif
43 #ifndef LDAP_TYPE_SOCKET_DEFINED /* API extension */
44 #include <sys/types.h>
45 #include <sys/socket.h>
46 #endif
48 #include <lber.h>
50 #define LDAP_PORT 389
51 #define LDAPS_PORT 636
52 #define LDAP_PORT_MAX 65535 /* API extension */
53 #define LDAP_VERSION1 1 /* API extension */
54 #define LDAP_VERSION2 2
55 #define LDAP_VERSION3 3
56 #define LDAP_VERSION LDAP_VERSION2 /* API extension */
57 #define LDAP_VERSION_MIN LDAP_VERSION3
58 #define LDAP_VERSION_MAX LDAP_VERSION3
60 #define LDAP_VENDOR_VERSION 500 /* version # * 100 */
61 #define LDAP_VENDOR_NAME "Sun Microsystems Inc."
63 * The following will be an RFC number once the LDAP C API Internet Draft
64 * is published as a Proposed Standard RFC. For now we use 2000 + the
65 * draft revision number (currently 5) since we are close to compliance
66 * with revision 5 of the draft.
68 #define LDAP_API_VERSION 2005
71 * C LDAP features we support that are not (yet) part of the LDAP C API
72 * Internet Draft. Use the ldap_get_option() call with an option value of
73 * LDAP_OPT_API_FEATURE_INFO to retrieve information about a feature.
75 * Note that this list is incomplete; it includes only the most widely
76 * used extensions. Also, the version is 1 for all of these for now.
78 #define LDAP_API_FEATURE_SERVER_SIDE_SORT 1
79 #define LDAP_API_FEATURE_VIRTUAL_LIST_VIEW 1
80 #define LDAP_API_FEATURE_PERSISTENT_SEARCH 1
81 #define LDAP_API_FEATURE_PROXY_AUTHORIZATION 1
82 #define LDAP_API_FEATURE_X_LDERRNO 1
83 #define LDAP_API_FEATURE_X_MEMCACHE 1
84 #define LDAP_API_FEATURE_X_IO_FUNCTIONS 1
85 #define LDAP_API_FEATURE_X_EXTIO_FUNCTIONS 1
86 #define LDAP_API_FEATURE_X_DNS_FUNCTIONS 1
87 #define LDAP_API_FEATURE_X_MEMALLOC_FUNCTIONS 1
88 #define LDAP_API_FEATURE_X_THREAD_FUNCTIONS 1
89 #define LDAP_API_FEATURE_X_EXTHREAD_FUNCTIONS 1
90 #define LDAP_API_FEATURE_X_GETLANGVALUES 1
91 #define LDAP_API_FEATURE_X_CLIENT_SIDE_SORT 1
92 #define LDAP_API_FEATURE_X_URL_FUNCTIONS 1
93 #define LDAP_API_FEATURE_X_FILTER_FUNCTIONS 1
95 #define LDAP_ROOT_DSE "" /* API extension */
96 #define LDAP_NO_ATTRS "1.1"
97 #define LDAP_ALL_USER_ATTRS "*"
100 * Standard options (used with ldap_set_option() and ldap_get_option):
102 #define LDAP_OPT_API_INFO 0x00 /* 0 */
103 #define LDAP_OPT_DESC 0x01 /* 1 */
104 #define LDAP_OPT_DEREF 0x02 /* 2 */
105 #define LDAP_OPT_SIZELIMIT 0x03 /* 3 */
106 #define LDAP_OPT_TIMELIMIT 0x04 /* 4 */
107 #define LDAP_OPT_REFERRALS 0x08 /* 8 */
108 #define LDAP_OPT_RESTART 0x09 /* 9 */
109 #define LDAP_OPT_PROTOCOL_VERSION 0x11 /* 17 */
110 #define LDAP_OPT_SERVER_CONTROLS 0x12 /* 18 */
111 #define LDAP_OPT_CLIENT_CONTROLS 0x13 /* 19 */
112 #define LDAP_OPT_API_FEATURE_INFO 0x15 /* 21 */
113 #define LDAP_OPT_HOST_NAME 0x30 /* 48 */
114 #define LDAP_OPT_ERROR_NUMBER 0x31 /* 49 */
115 #define LDAP_OPT_ERROR_STRING 0x32 /* 50 */
116 #define LDAP_OPT_MATCHED_DN 0x33 /* 51 */
119 * Well-behaved private and experimental extensions will use option values
120 * between 0x4000 (16384) and 0x7FFF (32767) inclusive.
122 #define LDAP_OPT_PRIVATE_EXTENSION_BASE 0x4000 /* to 0x7FFF inclusive */
124 * Special timeout values for poll and connect:
126 #define LDAP_X_IO_TIMEOUT_NO_WAIT 0 /* return immediately */
127 #define LDAP_X_IO_TIMEOUT_NO_TIMEOUT (-1) /* block indefinitely */
129 * Timeout value for nonblocking connect call
131 #define LDAP_X_OPT_CONNECT_TIMEOUT (LDAP_OPT_PRIVATE_EXTENSION_BASE + 0x0F01)
132 /* 0x4000 + 0x0F01 = 0x4F01 = 20225 - API extension */
134 /* for on/off options */
135 #define LDAP_OPT_ON ((void *)1)
136 #define LDAP_OPT_OFF ((void *)0)
138 typedef struct ldap LDAP; /* opaque connection handle */
139 typedef struct ldapmsg LDAPMessage; /* opaque result/entry handle */
141 #define NULLMSG ((LDAPMessage *)0)
143 /* structure representing an LDAP modification */
144 typedef struct ldapmod {
145 int mod_op; /* kind of mod + form of values */
146 #define LDAP_MOD_ADD 0x00
147 #define LDAP_MOD_DELETE 0x01
148 #define LDAP_MOD_REPLACE 0x02
149 #define LDAP_MOD_BVALUES 0x80
150 char *mod_type; /* attribute name to modify */
151 union mod_vals_u {
152 char **modv_strvals;
153 struct berval **modv_bvals;
154 } mod_vals; /* values to add/delete/replace */
155 #define mod_values mod_vals.modv_strvals
156 #define mod_bvalues mod_vals.modv_bvals
157 } LDAPMod;
161 * structure for holding ldapv3 controls
163 typedef struct ldapcontrol {
164 char *ldctl_oid;
165 struct berval ldctl_value;
166 char ldctl_iscritical;
167 } LDAPControl;
171 * LDAP API information. Can be retrieved by using a sequence like:
173 * LDAPAPIInfo ldai;
174 * ldai.ldapai_info_version = LDAP_API_INFO_VERSION;
175 * if ( ldap_get_option( NULL, LDAP_OPT_API_INFO, &ldia ) == 0 ) ...
177 #define LDAP_API_INFO_VERSION 1
178 typedef struct ldapapiinfo {
179 int ldapai_info_version; /* version of this struct (1) */
180 int ldapai_api_version; /* revision of API supported */
181 int ldapai_protocol_version; /* highest LDAP version supported */
182 char **ldapai_extensions; /* names of API extensions */
183 char *ldapai_vendor_name; /* name of supplier */
184 int ldapai_vendor_version; /* supplier-specific version times 100 */
185 } LDAPAPIInfo;
189 * LDAP API extended features info. Can be retrieved by using a sequence like:
191 * LDAPAPIFeatureInfo ldfi;
192 * ldfi.ldapaif_info_version = LDAP_FEATURE_INFO_VERSION;
193 * ldfi.ldapaif_name = "VIRTUAL_LIST_VIEW";
194 * if ( ldap_get_option( NULL, LDAP_OPT_API_FEATURE_INFO, &ldfi ) == 0 ) ...
196 #define LDAP_FEATURE_INFO_VERSION 1
197 typedef struct ldap_apifeature_info {
198 int ldapaif_info_version; /* version of this struct (1) */
199 char *ldapaif_name; /* name of supported feature */
200 int ldapaif_version; /* revision of supported feature */
201 } LDAPAPIFeatureInfo;
204 /* possible result types a server can return */
205 #define LDAP_RES_BIND 0x61 /* 97 */
206 #define LDAP_RES_SEARCH_ENTRY 0x64 /* 100 */
207 #define LDAP_RES_SEARCH_RESULT 0x65 /* 101 */
208 #define LDAP_RES_MODIFY 0x67 /* 103 */
209 #define LDAP_RES_ADD 0x69 /* 105 */
210 #define LDAP_RES_DELETE 0x6b /* 107 */
211 #define LDAP_RES_MODDN 0x6d /* 109 */
212 #define LDAP_RES_COMPARE 0x6f /* 111 */
213 #define LDAP_RES_SEARCH_REFERENCE 0x73 /* 115 */
214 #define LDAP_RES_EXTENDED 0x78 /* 120 */
216 /* Special values for ldap_result() "msgid" parameter */
217 #define LDAP_RES_ANY (-1)
218 #define LDAP_RES_UNSOLICITED 0
220 /* built-in SASL methods */
221 #define LDAP_SASL_SIMPLE 0 /* special value used for simple bind */
222 #define LDAP_SASL_EXTERNAL "EXTERNAL" /* TLS/SSL extension */
224 #ifdef _SOLARIS_SDK
225 #define LDAP_SASL_CRAM_MD5 "CRAM-MD5"
226 #define LDAP_SASL_DIGEST_MD5 "DIGEST-MD5"
227 #define LDAP_SASL_BIND_INPROGRESS 0x0e /* for backward compatibility */
228 #endif
230 /* search scopes */
231 #define LDAP_SCOPE_BASE 0x00
232 #define LDAP_SCOPE_ONELEVEL 0x01
233 #define LDAP_SCOPE_SUBTREE 0x02
235 /* alias dereferencing */
236 #define LDAP_DEREF_NEVER 0
237 #define LDAP_DEREF_SEARCHING 1
238 #define LDAP_DEREF_FINDING 2
239 #define LDAP_DEREF_ALWAYS 3
241 /* predefined size/time limits */
242 #define LDAP_NO_LIMIT 0
244 /* allowed values for "all" ldap_result() parameter */
245 #define LDAP_MSG_ONE 0
246 #define LDAP_MSG_ALL 1
247 #define LDAP_MSG_RECEIVED 2
249 /* possible error codes we can be returned */
250 #define LDAP_SUCCESS 0x00 /* 0 */
251 #define LDAP_OPERATIONS_ERROR 0x01 /* 1 */
252 #define LDAP_PROTOCOL_ERROR 0x02 /* 2 */
253 #define LDAP_TIMELIMIT_EXCEEDED 0x03 /* 3 */
254 #define LDAP_SIZELIMIT_EXCEEDED 0x04 /* 4 */
255 #define LDAP_COMPARE_FALSE 0x05 /* 5 */
256 #define LDAP_COMPARE_TRUE 0x06 /* 6 */
257 #define LDAP_STRONG_AUTH_NOT_SUPPORTED 0x07 /* 7 */
258 #define LDAP_STRONG_AUTH_REQUIRED 0x08 /* 8 */
259 #define LDAP_PARTIAL_RESULTS 0x09 /* 9 (UMich LDAPv2 extn) */
260 #define LDAP_REFERRAL 0x0a /* 10 - LDAPv3 */
261 #define LDAP_ADMINLIMIT_EXCEEDED 0x0b /* 11 - LDAPv3 */
262 #define LDAP_UNAVAILABLE_CRITICAL_EXTENSION 0x0c /* 12 - LDAPv3 */
263 #define LDAP_CONFIDENTIALITY_REQUIRED 0x0d /* 13 */
264 #define LDAP_SASL_BIND_IN_PROGRESS 0x0e /* 14 - LDAPv3 */
266 #define LDAP_NO_SUCH_ATTRIBUTE 0x10 /* 16 */
267 #define LDAP_UNDEFINED_TYPE 0x11 /* 17 */
268 #define LDAP_INAPPROPRIATE_MATCHING 0x12 /* 18 */
269 #define LDAP_CONSTRAINT_VIOLATION 0x13 /* 19 */
270 #define LDAP_TYPE_OR_VALUE_EXISTS 0x14 /* 20 */
271 #define LDAP_INVALID_SYNTAX 0x15 /* 21 */
273 #define LDAP_NO_SUCH_OBJECT 0x20 /* 32 */
274 #define LDAP_ALIAS_PROBLEM 0x21 /* 33 */
275 #define LDAP_INVALID_DN_SYNTAX 0x22 /* 34 */
276 #define LDAP_IS_LEAF 0x23 /* 35 (not used in LDAPv3) */
277 #define LDAP_ALIAS_DEREF_PROBLEM 0x24 /* 36 */
279 #define NAME_ERROR(n) ((n & 0xf0) == 0x20)
281 #define LDAP_INAPPROPRIATE_AUTH 0x30 /* 48 */
282 #define LDAP_INVALID_CREDENTIALS 0x31 /* 49 */
283 #define LDAP_INSUFFICIENT_ACCESS 0x32 /* 50 */
284 #define LDAP_BUSY 0x33 /* 51 */
285 #define LDAP_UNAVAILABLE 0x34 /* 52 */
286 #define LDAP_UNWILLING_TO_PERFORM 0x35 /* 53 */
287 #define LDAP_LOOP_DETECT 0x36 /* 54 */
289 #define LDAP_SORT_CONTROL_MISSING 0x3C /* 60 (server side sort extn) */
290 #define LDAP_INDEX_RANGE_ERROR 0x3D /* 61 (VLV extn) */
292 #define LDAP_NAMING_VIOLATION 0x40 /* 64 */
293 #define LDAP_OBJECT_CLASS_VIOLATION 0x41 /* 65 */
294 #define LDAP_NOT_ALLOWED_ON_NONLEAF 0x42 /* 66 */
295 #define LDAP_NOT_ALLOWED_ON_RDN 0x43 /* 67 */
296 #define LDAP_ALREADY_EXISTS 0x44 /* 68 */
297 #define LDAP_NO_OBJECT_CLASS_MODS 0x45 /* 69 */
298 #define LDAP_RESULTS_TOO_LARGE 0x46 /* 70 - CLDAP */
299 #define LDAP_AFFECTS_MULTIPLE_DSAS 0x47 /* 71 */
301 #define LDAP_OTHER 0x50 /* 80 */
302 #define LDAP_SERVER_DOWN 0x51 /* 81 */
303 #define LDAP_LOCAL_ERROR 0x52 /* 82 */
304 #define LDAP_ENCODING_ERROR 0x53 /* 83 */
305 #define LDAP_DECODING_ERROR 0x54 /* 84 */
306 #define LDAP_TIMEOUT 0x55 /* 85 */
307 #define LDAP_AUTH_UNKNOWN 0x56 /* 86 */
308 #define LDAP_FILTER_ERROR 0x57 /* 87 */
309 #define LDAP_USER_CANCELLED 0x58 /* 88 */
310 #define LDAP_PARAM_ERROR 0x59 /* 89 */
311 #define LDAP_NO_MEMORY 0x5a /* 90 */
312 #define LDAP_CONNECT_ERROR 0x5b /* 91 */
313 #define LDAP_NOT_SUPPORTED 0x5c /* 92 - LDAPv3 */
314 #define LDAP_CONTROL_NOT_FOUND 0x5d /* 93 - LDAPv3 */
315 #define LDAP_NO_RESULTS_RETURNED 0x5e /* 94 - LDAPv3 */
316 #define LDAP_MORE_RESULTS_TO_RETURN 0x5f /* 95 - LDAPv3 */
317 #define LDAP_CLIENT_LOOP 0x60 /* 96 - LDAPv3 */
318 #define LDAP_REFERRAL_LIMIT_EXCEEDED 0x61 /* 97 - LDAPv3 */
321 * LDAPv3 unsolicited notification messages we know about
323 #define LDAP_NOTICE_OF_DISCONNECTION "1.3.6.1.4.1.1466.20036"
326 * LDAPv3 server controls we know about
328 #define LDAP_CONTROL_MANAGEDSAIT "2.16.840.1.113730.3.4.2"
329 #define LDAP_CONTROL_SORTREQUEST "1.2.840.113556.1.4.473"
330 #define LDAP_CONTROL_SORTRESPONSE "1.2.840.113556.1.4.474"
331 #define LDAP_CONTROL_PERSISTENTSEARCH "2.16.840.1.113730.3.4.3"
332 #define LDAP_CONTROL_ENTRYCHANGE "2.16.840.1.113730.3.4.7"
333 #define LDAP_CONTROL_VLVREQUEST "2.16.840.1.113730.3.4.9"
334 #define LDAP_CONTROL_VLVRESPONSE "2.16.840.1.113730.3.4.10"
335 #define LDAP_CONTROL_PROXYAUTH "2.16.840.1.113730.3.4.12"
336 /* version 1 */
337 #define LDAP_CONTROL_PROXIEDAUTH "2.16.840.1.113730.3.4.18"
338 /* version 2 */
340 #ifdef _SOLARIS_SDK
342 * Simple Page control OID
344 #define LDAP_CONTROL_SIMPLE_PAGE "1.2.840.113556.1.4.319"
347 * Begin LDAP Display Template Definitions
349 #define LDAP_TEMPLATE_VERSION 1
352 * general types of items (confined to most significant byte)
354 #define LDAP_SYN_TYPE_TEXT 0x01000000L
355 #define LDAP_SYN_TYPE_IMAGE 0x02000000L
356 #define LDAP_SYN_TYPE_BOOLEAN 0x04000000L
357 #define LDAP_SYN_TYPE_BUTTON 0x08000000L
358 #define LDAP_SYN_TYPE_ACTION 0x10000000L
361 * syntax options (confined to second most significant byte)
363 #define LDAP_SYN_OPT_DEFER 0x00010000L
366 * display template item syntax ids (defined by common agreement)
367 * these are the valid values for the ti_syntaxid of the tmplitem
368 * struct (defined below). A general type is encoded in the
369 * most-significant 8 bits, and some options are encoded in the next
370 * 8 bits. The lower 16 bits are reserved for the distinct types.
372 #define LDAP_SYN_CASEIGNORESTR (1 | LDAP_SYN_TYPE_TEXT)
373 #define LDAP_SYN_MULTILINESTR (2 | LDAP_SYN_TYPE_TEXT)
374 #define LDAP_SYN_DN (3 | LDAP_SYN_TYPE_TEXT)
375 #define LDAP_SYN_BOOLEAN (4 | LDAP_SYN_TYPE_BOOLEAN)
376 #define LDAP_SYN_JPEGIMAGE (5 | LDAP_SYN_TYPE_IMAGE)
377 #define LDAP_SYN_JPEGBUTTON (6 | LDAP_SYN_TYPE_BUTTON | LDAP_SYN_OPT_DEFER)
378 #define LDAP_SYN_FAXIMAGE (7 | LDAP_SYN_TYPE_IMAGE)
379 #define LDAP_SYN_FAXBUTTON (8 | LDAP_SYN_TYPE_BUTTON | LDAP_SYN_OPT_DEFER)
380 #define LDAP_SYN_AUDIOBUTTON (9 | LDAP_SYN_TYPE_BUTTON | LDAP_SYN_OPT_DEFER)
381 #define LDAP_SYN_TIME (10 | LDAP_SYN_TYPE_TEXT)
382 #define LDAP_SYN_DATE (11 | LDAP_SYN_TYPE_TEXT)
383 #define LDAP_SYN_LABELEDURL (12 | LDAP_SYN_TYPE_TEXT)
384 #define LDAP_SYN_SEARCHACTION (13 | LDAP_SYN_TYPE_ACTION)
385 #define LDAP_SYN_LINKACTION (14 | LDAP_SYN_TYPE_ACTION)
386 #define LDAP_SYN_ADDDNACTION (15 | LDAP_SYN_TYPE_ACTION)
387 #define LDAP_SYN_VERIFYDNACTION (16 | LDAP_SYN_TYPE_ACTION)
388 #define LDAP_SYN_RFC822ADDR (17 | LDAP_SYN_TYPE_TEXT)
391 * handy macros
393 #define LDAP_GET_SYN_TYPE(syid) ((syid) & 0xFF000000UL)
394 #define LDAP_GET_SYN_OPTIONS(syid) ((syid) & 0x00FF0000UL)
398 * display options for output routines (used by entry2text and friends)
401 * use calculated label width (based on length of longest label in
402 * template) instead of contant width
404 #define LDAP_DISP_OPT_AUTOLABELWIDTH 0x00000001L
405 #define LDAP_DISP_OPT_HTMLBODYONLY 0x00000002L
408 * perform search actions (applies to ldap_entry2text_search only)
410 #define LDAP_DISP_OPT_DOSEARCHACTIONS 0x00000002L
413 * include additional info. relevant to "non leaf" entries only
414 * used by ldap_entry2html and ldap_entry2html_search to include "Browse"
415 * and "Move Up" HREFs
417 #define LDAP_DISP_OPT_NONLEAF 0x00000004L
420 * display template item options (may not apply to all types)
421 * if this bit is set in ti_options, it applies.
423 #define LDAP_DITEM_OPT_READONLY 0x00000001L
424 #define LDAP_DITEM_OPT_SORTVALUES 0x00000002L
425 #define LDAP_DITEM_OPT_SINGLEVALUED 0x00000004L
426 #define LDAP_DITEM_OPT_HIDEIFEMPTY 0x00000008L
427 #define LDAP_DITEM_OPT_VALUEREQUIRED 0x00000010L
428 #define LDAP_DITEM_OPT_HIDEIFFALSE 0x00000020L /* booleans only */
430 #endif /* _SOLARIS_SDK */
432 /* Authentication request and response controls */
433 #define LDAP_CONTROL_AUTH_REQUEST "2.16.840.1.113730.3.4.16"
434 #define LDAP_CONTROL_AUTH_RESPONSE "2.16.840.1.113730.3.4.15"
436 /* Password information sent back to client */
437 #define LDAP_CONTROL_PWEXPIRED "2.16.840.1.113730.3.4.4"
438 #define LDAP_CONTROL_PWEXPIRING "2.16.840.1.113730.3.4.5"
442 * Client controls we know about
444 #define LDAP_CONTROL_REFERRALS "1.2.840.113556.1.4.616"
448 * LDAP_API macro definition:
450 #ifndef LDAP_API
451 #define LDAP_API(rt) rt
452 #endif /* LDAP_API */
454 #ifdef _SOLARIS_SDK
455 /* Simple Page Control functions for Solaris SDK */
456 int ldap_create_page_control(LDAP *ld, unsigned int pagesize,
457 struct berval *cookie, char isCritical, LDAPControl **output);
458 int ldap_parse_page_control(LDAP *ld, LDAPControl **controls,
459 unsigned int *totalcount, struct berval **cookie);
461 /* CRAM-MD5 functions */
462 int ldap_sasl_cram_md5_bind_s(LDAP *ld, char *dn,
463 struct berval *cred, LDAPControl **serverctrls,
464 LDAPControl **clientctrls);
465 /* DIGEST-MD5 Function */
466 int ldap_x_sasl_digest_md5_bind_s(LDAP *ld, char *dn,
467 struct berval *cred, LDAPControl **serverctrls,
468 LDAPControl **clientctrls);
469 int ldap_x_sasl_digest_md5_bind(LDAP *ld, char *dn,
470 struct berval *cred, LDAPControl **serverctrls,
471 LDAPControl **clientctrls, struct timeval *timeout,
472 LDAPMessage **result);
474 #endif /* _SOLARIS_SDK */
476 LDAP_API(LDAP *) LDAP_CALL ldap_open(const char *host, int port);
477 LDAP_API(LDAP *) LDAP_CALL ldap_init(const char *defhost, int defport);
478 int LDAP_CALL ldap_set_option(LDAP *ld, int option,
479 const void *optdata);
480 int LDAP_CALL ldap_get_option(LDAP *ld, int option, void *optdata);
481 int LDAP_CALL ldap_unbind(LDAP *ld);
482 int LDAP_CALL ldap_unbind_s(LDAP *ld);
485 * perform ldap operations and obtain results
487 int LDAP_CALL ldap_abandon(LDAP *ld, int msgid);
488 int LDAP_CALL ldap_add(LDAP *ld, const char *dn, LDAPMod **attrs);
489 int LDAP_CALL ldap_add_s(LDAP *ld, const char *dn, LDAPMod **attrs);
490 int LDAP_CALL ldap_simple_bind(LDAP *ld, const char *who,
491 const char *passwd);
492 int LDAP_CALL ldap_simple_bind_s(LDAP *ld, const char *who,
493 const char *passwd);
494 int LDAP_CALL ldap_modify(LDAP *ld, const char *dn, LDAPMod **mods);
495 int LDAP_CALL ldap_modify_s(LDAP *ld, const char *dn,
496 LDAPMod **mods);
497 int LDAP_CALL ldap_modrdn(LDAP *ld, const char *dn,
498 const char *newrdn);
499 int LDAP_CALL ldap_modrdn_s(LDAP *ld, const char *dn,
500 const char *newrdn);
502 /* The following 2 functions are deprecated */
503 int LDAP_CALL ldap_modrdn2(LDAP *ld, const char *dn,
504 const char *newrdn, int deleteoldrdn);
505 int LDAP_CALL ldap_modrdn2_s(LDAP *ld, const char *dn,
506 const char *newrdn, int deleteoldrdn);
508 int LDAP_CALL ldap_compare(LDAP *ld, const char *dn,
509 const char *attr, const char *value);
510 int LDAP_CALL ldap_compare_s(LDAP *ld, const char *dn,
511 const char *attr, const char *value);
512 int LDAP_CALL ldap_delete(LDAP *ld, const char *dn);
513 int LDAP_CALL ldap_delete_s(LDAP *ld, const char *dn);
514 int LDAP_CALL ldap_search(LDAP *ld, const char *base, int scope,
515 const char *filter, char **attrs, int attrsonly);
516 int LDAP_CALL ldap_search_s(LDAP *ld, const char *base, int scope,
517 const char *filter, char **attrs, int attrsonly, LDAPMessage **res);
518 int LDAP_CALL ldap_search_st(LDAP *ld, const char *base, int scope,
519 const char *filter, char **attrs, int attrsonly,
520 struct timeval *timeout, LDAPMessage **res);
521 int LDAP_CALL ldap_result(LDAP *ld, int msgid, int all,
522 struct timeval *timeout, LDAPMessage **result);
523 int LDAP_CALL ldap_msgfree(LDAPMessage *lm);
524 int LDAP_CALL ldap_msgid(LDAPMessage *lm);
525 int LDAP_CALL ldap_msgtype(LDAPMessage *lm);
529 * Routines to parse/deal with results and errors returned
531 int LDAP_CALL ldap_result2error(LDAP *ld, LDAPMessage *r,
532 int freeit);
533 char *LDAP_CALL ldap_err2string(int err);
534 LDAP_API(void) LDAP_CALL ldap_perror(LDAP *ld, const char *s);
535 LDAP_API(LDAPMessage *) LDAP_CALL ldap_first_entry(LDAP *ld,
536 LDAPMessage *chain);
537 LDAP_API(LDAPMessage *) LDAP_CALL ldap_next_entry(LDAP *ld,
538 LDAPMessage *entry);
539 int LDAP_CALL ldap_count_entries(LDAP *ld, LDAPMessage *chain);
540 char *LDAP_CALL ldap_get_dn(LDAP *ld, LDAPMessage *entry);
541 char *LDAP_CALL ldap_dn2ufn(const char *dn);
542 char **LDAP_CALL ldap_explode_dn(const char *dn,
543 const int notypes);
544 char **LDAP_CALL ldap_explode_rdn(const char *rdn,
545 const int notypes);
546 char *LDAP_CALL ldap_first_attribute(LDAP *ld, LDAPMessage *entry,
547 BerElement **ber);
548 char *LDAP_CALL ldap_next_attribute(LDAP *ld, LDAPMessage *entry,
549 BerElement *ber);
551 /* The following function is deprecated */
552 LDAP_API(void) LDAP_CALL ldap_ber_free(BerElement *ber, int freebuf);
554 char **LDAP_CALL ldap_get_values(LDAP *ld, LDAPMessage *entry,
555 const char *target);
556 struct berval **LDAP_CALL ldap_get_values_len(LDAP *ld,
557 LDAPMessage *entry, const char *target);
558 int LDAP_CALL ldap_count_values(char **vals);
559 int LDAP_CALL ldap_count_values_len(struct berval **vals);
560 LDAP_API(void) LDAP_CALL ldap_value_free(char **vals);
561 LDAP_API(void) LDAP_CALL ldap_value_free_len(struct berval **vals);
562 LDAP_API(void) LDAP_CALL ldap_memfree(void *p);
566 * LDAPv3 extended operation calls
569 * Note: all of the new asynchronous calls return an LDAP error code,
570 * not a message id. A message id is returned via the int *msgidp
571 * parameter (usually the last parameter) if appropriate.
573 int LDAP_CALL ldap_abandon_ext(LDAP *ld, int msgid,
574 LDAPControl **serverctrls, LDAPControl **clientctrls);
575 int LDAP_CALL ldap_add_ext(LDAP *ld, const char *dn, LDAPMod **attrs,
576 LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp);
577 int LDAP_CALL ldap_add_ext_s(LDAP *ld, const char *dn,
578 LDAPMod **attrs, LDAPControl **serverctrls, LDAPControl **clientctrls);
579 int LDAP_CALL ldap_sasl_bind(LDAP *ld, const char *dn,
580 const char *mechanism, const struct berval *cred,
581 LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp);
582 int LDAP_CALL ldap_sasl_bind_s(LDAP *ld, const char *dn,
583 const char *mechanism, const struct berval *cred,
584 LDAPControl **serverctrls, LDAPControl **clientctrls,
585 struct berval **servercredp);
586 int LDAP_CALL ldap_modify_ext(LDAP *ld, const char *dn,
587 LDAPMod **mods, LDAPControl **serverctrls, LDAPControl **clientctrls,
588 int *msgidp);
589 int LDAP_CALL ldap_modify_ext_s(LDAP *ld, const char *dn,
590 LDAPMod **mods, LDAPControl **serverctrls, LDAPControl **clientctrls);
591 int LDAP_CALL ldap_rename(LDAP *ld, const char *dn,
592 const char *newrdn, const char *newparent, int deleteoldrdn,
593 LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp);
594 int LDAP_CALL ldap_rename_s(LDAP *ld, const char *dn,
595 const char *newrdn, const char *newparent, int deleteoldrdn,
596 LDAPControl **serverctrls, LDAPControl **clientctrls);
597 int LDAP_CALL ldap_compare_ext(LDAP *ld, const char *dn,
598 const char *attr, const struct berval *bvalue,
599 LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp);
600 int LDAP_CALL ldap_compare_ext_s(LDAP *ld, const char *dn,
601 const char *attr, const struct berval *bvalue,
602 LDAPControl **serverctrls, LDAPControl **clientctrls);
603 int LDAP_CALL ldap_delete_ext(LDAP *ld, const char *dn,
604 LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp);
605 int LDAP_CALL ldap_delete_ext_s(LDAP *ld, const char *dn,
606 LDAPControl **serverctrls, LDAPControl **clientctrls);
607 int LDAP_CALL ldap_search_ext(LDAP *ld, const char *base,
608 int scope, const char *filter, char **attrs, int attrsonly,
609 LDAPControl **serverctrls, LDAPControl **clientctrls,
610 struct timeval *timeoutp, int sizelimit, int *msgidp);
611 int LDAP_CALL ldap_search_ext_s(LDAP *ld, const char *base,
612 int scope, const char *filter, char **attrs, int attrsonly,
613 LDAPControl **serverctrls, LDAPControl **clientctrls,
614 struct timeval *timeoutp, int sizelimit, LDAPMessage **res);
615 int LDAP_CALL ldap_extended_operation(LDAP *ld,
616 const char *requestoid, const struct berval *requestdata,
617 LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp);
618 int LDAP_CALL ldap_extended_operation_s(LDAP *ld,
619 const char *requestoid, const struct berval *requestdata,
620 LDAPControl **serverctrls, LDAPControl **clientctrls,
621 char **retoidp, struct berval **retdatap);
622 int LDAP_CALL ldap_unbind_ext(LDAP *ld, LDAPControl **serverctrls,
623 LDAPControl **clientctrls);
627 * LDAPv3 extended parsing / result handling calls
629 int LDAP_CALL ldap_parse_sasl_bind_result(LDAP *ld,
630 LDAPMessage *res, struct berval **servercredp, int freeit);
631 int LDAP_CALL ldap_parse_result(LDAP *ld, LDAPMessage *res,
632 int *errcodep, char **matcheddnp, char **errmsgp, char ***referralsp,
633 LDAPControl ***serverctrlsp, int freeit);
634 int LDAP_CALL ldap_parse_extended_result(LDAP *ld, LDAPMessage *res,
635 char **retoidp, struct berval **retdatap, int freeit);
636 LDAP_API(LDAPMessage *) LDAP_CALL ldap_first_message(LDAP *ld,
637 LDAPMessage *res);
638 LDAP_API(LDAPMessage *) LDAP_CALL ldap_next_message(LDAP *ld,
639 LDAPMessage *msg);
640 int LDAP_CALL ldap_count_messages(LDAP *ld, LDAPMessage *res);
641 LDAP_API(LDAPMessage *) LDAP_CALL ldap_first_reference(LDAP *ld,
642 LDAPMessage *res);
643 LDAP_API(LDAPMessage *) LDAP_CALL ldap_next_reference(LDAP *ld,
644 LDAPMessage *ref);
645 int LDAP_CALL ldap_count_references(LDAP *ld, LDAPMessage *res);
646 int LDAP_CALL ldap_parse_reference(LDAP *ld, LDAPMessage *ref,
647 char ***referralsp, LDAPControl ***serverctrlsp, int freeit);
648 int LDAP_CALL ldap_get_entry_controls(LDAP *ld, LDAPMessage *entry,
649 LDAPControl ***serverctrlsp);
650 LDAP_API(void) LDAP_CALL ldap_control_free(LDAPControl *ctrl);
651 LDAP_API(void) LDAP_CALL ldap_controls_free(LDAPControl **ctrls);
653 #ifdef _SOLARIS_SDK
654 char ** ldap_get_reference_urls(LDAP *ld, LDAPMessage *res);
655 #endif
657 LDAP_API(void) LDAP_CALL ldap_add_result_entry(
658 LDAPMessage **list, LDAPMessage *e);
659 LDAP_API(LDAPMessage *) LDAP_CALL ldap_delete_result_entry(
660 LDAPMessage **list, LDAPMessage *e);
663 /* End of core standard C LDAP API definitions */
666 * Server side sorting of search results (an LDAPv3 extension --
667 * LDAP_API_FEATURE_SERVER_SIDE_SORT)
669 typedef struct LDAPsortkey { /* structure for a sort-key */
670 char *sk_attrtype;
671 char *sk_matchruleoid;
672 int sk_reverseorder;
673 } LDAPsortkey;
675 int LDAP_CALL ldap_create_sort_control(LDAP *ld,
676 LDAPsortkey **sortKeyList, const char ctl_iscritical,
677 LDAPControl **ctrlp);
678 int LDAP_CALL ldap_parse_sort_control(LDAP *ld,
679 LDAPControl **ctrls, unsigned long *result, char **attribute);
681 LDAP_API(void) LDAP_CALL ldap_free_sort_keylist(LDAPsortkey **sortKeyList);
682 int LDAP_CALL ldap_create_sort_keylist(LDAPsortkey ***sortKeyList,
683 const char *string_rep);
687 * Virtual list view (an LDAPv3 extension -- LDAP_API_FEATURE_VIRTUAL_LIST_VIEW)
690 * structure that describes a VirtualListViewRequest control.
691 * note that ldvlist_index and ldvlist_size are only relevant to
692 * ldap_create_virtuallist_control() if ldvlist_attrvalue is NULL.
694 typedef struct ldapvirtuallist {
695 unsigned long ldvlist_before_count; /* # entries before target */
696 unsigned long ldvlist_after_count; /* # entries after target */
697 char *ldvlist_attrvalue; /* jump to this value */
698 unsigned long ldvlist_index; /* list offset */
699 unsigned long ldvlist_size; /* number of items in vlist */
700 void *ldvlist_extradata; /* for use by application */
701 } LDAPVirtualList;
704 * VLV functions:
706 int LDAP_CALL ldap_create_virtuallist_control(LDAP *ld,
707 LDAPVirtualList *ldvlistp, LDAPControl **ctrlp);
709 int LDAP_CALL ldap_parse_virtuallist_control(LDAP *ld,
710 LDAPControl **ctrls, unsigned long *target_posp,
711 unsigned long *list_sizep, int *errcodep);
715 * Routines for creating persistent search controls and for handling
716 * "entry changed notification" controls (an LDAPv3 extension --
717 * LDAP_API_FEATURE_PERSISTENT_SEARCH)
719 #define LDAP_CHANGETYPE_ADD 1
720 #define LDAP_CHANGETYPE_DELETE 2
721 #define LDAP_CHANGETYPE_MODIFY 4
722 #define LDAP_CHANGETYPE_MODDN 8
723 #define LDAP_CHANGETYPE_ANY (1|2|4|8)
724 int LDAP_CALL ldap_create_persistentsearch_control(LDAP *ld,
725 int changetypes, int changesonly, int return_echg_ctls,
726 char ctl_iscritical, LDAPControl **ctrlp);
727 int LDAP_CALL ldap_parse_entrychange_control(LDAP *ld,
728 LDAPControl **ctrls, int *chgtypep, char **prevdnp,
729 int *chgnumpresentp, ber_int_t *chgnump);
733 * Routines for creating Proxied Authorization controls (an LDAPv3
734 * extension -- LDAP_API_FEATURE_PROXY_AUTHORIZATION)
735 * ldap_create_proxyauth_control() is for the old (version 1) control.
736 * ldap_create_proxiedauth_control() is for the newer (version 2) control.
737 * Version 1 is supported by iPlanet Directory Server 4.1 and later.
738 * Version 2 is supported by iPlanet Directory Server 5.0 and later.
740 int LDAP_CALL ldap_create_proxyauth_control(LDAP *ld,
741 const char *dn, const char ctl_iscritical, LDAPControl **ctrlp);
742 int LDAP_CALL ldap_create_proxiedauth_control(LDAP *ld,
743 const char *authzid, LDAPControl **ctrlp);
747 * Functions to get and set LDAP error information (API extension --
748 * LDAP_API_FEATURE_X_LDERRNO )
750 int LDAP_CALL ldap_get_lderrno(LDAP *ld, char **m, char **s);
751 int LDAP_CALL ldap_set_lderrno(LDAP *ld, int e, char *m, char *s);
755 * LDAP URL functions and definitions (an API extension --
756 * LDAP_API_FEATURE_X_URL_FUNCTIONS)
759 * types for ldap URL handling
761 typedef struct ldap_url_desc {
762 char *lud_host;
763 int lud_port;
764 char *lud_dn;
765 char **lud_attrs;
766 int lud_scope;
767 char *lud_filter;
768 unsigned long lud_options;
769 #define LDAP_URL_OPT_SECURE 0x01
770 char *lud_string; /* for internal use only */
771 } LDAPURLDesc;
773 #define NULLLDAPURLDESC ((LDAPURLDesc *)NULL)
776 * possible errors returned by ldap_url_parse()
778 #define LDAP_URL_ERR_NOTLDAP 1 /* URL doesn't begin with "ldap://" */
779 #define LDAP_URL_ERR_NODN 2 /* URL has no DN (required) */
780 #define LDAP_URL_ERR_BADSCOPE 3 /* URL scope string is invalid */
781 #define LDAP_URL_ERR_MEM 4 /* can't allocate memory space */
782 #define LDAP_URL_ERR_PARAM 5 /* bad parameter to an URL function */
783 #define LDAP_URL_ERR_HOSTPORT 6 /* URL hostcode is invalid */
786 * URL functions:
788 int LDAP_CALL ldap_is_ldap_url(const char *url);
789 int LDAP_CALL ldap_url_parse(const char *url, LDAPURLDesc **ludpp);
790 int LDAP_CALL ldap_url_parse_nodn(const char *url, LDAPURLDesc **ludpp);
791 LDAP_API(void) LDAP_CALL ldap_free_urldesc(LDAPURLDesc *ludp);
792 int LDAP_CALL ldap_url_search(LDAP *ld, const char *url,
793 int attrsonly);
794 int LDAP_CALL ldap_url_search_s(LDAP *ld, const char *url,
795 int attrsonly, LDAPMessage **res);
796 int LDAP_CALL ldap_url_search_st(LDAP *ld, const char *url,
797 int attrsonly, struct timeval *timeout, LDAPMessage **res);
799 #ifdef _SOLARIS_SDK
801 * Additional URL functions plus Character set, Search Preference
802 * and Display Template functions moved from internal header files
806 * URL functions
808 char *ldap_dns_to_url(LDAP *ld, char *dns_name, char *attrs,
809 char *scope, char *filter);
810 char *ldap_dn_to_url(LDAP *ld, char *dn, int nameparts);
813 * Character set functions
815 #ifdef STR_TRANSLATION
816 void ldap_set_string_translators(LDAP *ld,
817 BERTranslateProc encode_proc, BERTranslateProc decode_proc);
818 int ldap_translate_from_t61(LDAP *ld, char **bufp,
819 unsigned long *lenp, int free_input);
820 int ldap_translate_to_t61(LDAP *ld, char **bufp,
821 unsigned long *lenp, int free_input);
822 void ldap_enable_translation(LDAP *ld, LDAPMessage *entry,
823 int enable);
824 #ifdef LDAP_CHARSET_8859
825 int ldap_t61_to_8859(char **bufp, unsigned long *buflenp,
826 int free_input);
827 int ldap_8859_to_t61(char **bufp, unsigned long *buflenp,
828 int free_input);
829 #endif /* LDAP_CHARSET_8859 */
830 #endif /* STR_TRANSLATION */
833 * Display Temple functions/structures
836 * display template item structure
838 struct ldap_tmplitem {
839 unsigned long ti_syntaxid;
840 unsigned long ti_options;
841 char *ti_attrname;
842 char *ti_label;
843 char **ti_args;
844 struct ldap_tmplitem *ti_next_in_row;
845 struct ldap_tmplitem *ti_next_in_col;
846 void *ti_appdata;
849 #define NULLTMPLITEM ((struct ldap_tmplitem *)0)
851 #define LDAP_SET_TMPLITEM_APPDATA(ti, datap) \
852 (ti)->ti_appdata = (void *)(datap)
854 #define LDAP_GET_TMPLITEM_APPDATA(ti, type) \
855 (type)((ti)->ti_appdata)
857 #define LDAP_IS_TMPLITEM_OPTION_SET(ti, option) \
858 (((ti)->ti_options & option) != 0)
861 * object class array structure
863 struct ldap_oclist {
864 char **oc_objclasses;
865 struct ldap_oclist *oc_next;
868 #define NULLOCLIST ((struct ldap_oclist *)0)
872 * add defaults list
874 struct ldap_adddeflist {
875 int ad_source;
876 #define LDAP_ADSRC_CONSTANTVALUE 1
877 #define LDAP_ADSRC_ADDERSDN 2
878 char *ad_attrname;
879 char *ad_value;
880 struct ldap_adddeflist *ad_next;
883 #define NULLADLIST ((struct ldap_adddeflist *)0)
887 * display template global options
888 * if this bit is set in dt_options, it applies.
891 * users should be allowed to try to add objects of these entries
893 #define LDAP_DTMPL_OPT_ADDABLE 0x00000001L
896 * users should be allowed to do "modify RDN" operation of these entries
898 #define LDAP_DTMPL_OPT_ALLOWMODRDN 0x00000002L
901 * this template is an alternate view, not a primary view
903 #define LDAP_DTMPL_OPT_ALTVIEW 0x00000004L
907 * display template structure
909 struct ldap_disptmpl {
910 char *dt_name;
911 char *dt_pluralname;
912 char *dt_iconname;
913 unsigned long dt_options;
914 char *dt_authattrname;
915 char *dt_defrdnattrname;
916 char *dt_defaddlocation;
917 struct ldap_oclist *dt_oclist;
918 struct ldap_adddeflist *dt_adddeflist;
919 struct ldap_tmplitem *dt_items;
920 void *dt_appdata;
921 struct ldap_disptmpl *dt_next;
924 #define NULLDISPTMPL ((struct ldap_disptmpl *)0)
926 #define LDAP_SET_DISPTMPL_APPDATA(dt, datap) \
927 (dt)->dt_appdata = (void *)(datap)
929 #define LDAP_GET_DISPTMPL_APPDATA(dt, type) \
930 (type)((dt)->dt_appdata)
932 #define LDAP_IS_DISPTMPL_OPTION_SET(dt, option) \
933 (((dt)->dt_options & option) != 0)
935 #define LDAP_TMPL_ERR_VERSION 1
936 #define LDAP_TMPL_ERR_MEM 2
937 #define LDAP_TMPL_ERR_SYNTAX 3
938 #define LDAP_TMPL_ERR_FILE 4
941 * buffer size needed for entry2text and vals2text
943 #define LDAP_DTMPL_BUFSIZ 8192
945 typedef int (*writeptype)(void *writeparm, char *p, int len);
947 LDAP_API(int)
948 LDAP_CALL
949 ldap_init_templates(char *file, struct ldap_disptmpl **tmpllistp);
951 LDAP_API(int)
952 LDAP_CALL
953 ldap_init_templates_buf(char *buf, long buflen,
954 struct ldap_disptmpl **tmpllistp);
956 LDAP_API(void)
957 LDAP_CALL
958 ldap_free_templates(struct ldap_disptmpl *tmpllist);
960 LDAP_API(struct ldap_disptmpl *)
961 LDAP_CALL
962 ldap_first_disptmpl(struct ldap_disptmpl *tmpllist);
964 LDAP_API(struct ldap_disptmpl *)
965 LDAP_CALL
966 ldap_next_disptmpl(struct ldap_disptmpl *tmpllist,
967 struct ldap_disptmpl *tmpl);
969 LDAP_API(struct ldap_disptmpl *)
970 LDAP_CALL
971 ldap_name2template(char *name, struct ldap_disptmpl *tmpllist);
973 LDAP_API(struct ldap_disptmpl *)
974 LDAP_CALL
975 ldap_oc2template(char **oclist, struct ldap_disptmpl *tmpllist);
977 LDAP_API(char **)
978 LDAP_CALL
979 ldap_tmplattrs(struct ldap_disptmpl *tmpl, char **includeattrs, int exclude,
980 unsigned long syntaxmask);
982 LDAP_API(struct ldap_tmplitem *)
983 LDAP_CALL
984 ldap_first_tmplrow(struct ldap_disptmpl *tmpl);
986 LDAP_API(struct ldap_tmplitem *)
987 LDAP_CALL
988 ldap_next_tmplrow(struct ldap_disptmpl *tmpl, struct ldap_tmplitem *row);
990 LDAP_API(struct ldap_tmplitem *)
991 LDAP_CALL
992 ldap_first_tmplcol(struct ldap_disptmpl *tmpl, struct ldap_tmplitem *row);
994 LDAP_API(struct ldap_tmplitem *)
995 LDAP_CALL
996 ldap_next_tmplcol(struct ldap_disptmpl *tmpl, struct ldap_tmplitem *row,
997 struct ldap_tmplitem *col);
999 LDAP_API(int)
1000 LDAP_CALL
1001 ldap_entry2text(LDAP *ld, char *buf, LDAPMessage *entry,
1002 struct ldap_disptmpl *tmpl, char **defattrs, char ***defvals,
1003 writeptype writeproc, void *writeparm, char *eol, int rdncount,
1004 unsigned long opts);
1006 LDAP_API(int)
1007 LDAP_CALL
1008 ldap_vals2text(LDAP *ld, char *buf, char **vals, char *label, int labelwidth,
1009 unsigned long syntaxid, writeptype writeproc, void *writeparm,
1010 char *eol, int rdncount);
1012 LDAP_API(int)
1013 LDAP_CALL
1014 ldap_entry2text_search(LDAP *ld, char *dn, char *base, LDAPMessage *entry,
1015 struct ldap_disptmpl *tmpllist, char **defattrs, char ***defvals,
1016 writeptype writeproc, void *writeparm, char *eol, int rdncount,
1017 unsigned long opts);
1019 LDAP_API(int)
1020 LDAP_CALL
1021 ldap_entry2html(LDAP *ld, char *buf, LDAPMessage *entry,
1022 struct ldap_disptmpl *tmpl, char **defattrs, char ***defvals,
1023 writeptype writeproc, void *writeparm, char *eol, int rdncount,
1024 unsigned long opts, char *urlprefix, char *base);
1026 LDAP_API(int)
1027 LDAP_CALL
1028 ldap_vals2html(LDAP *ld, char *buf, char **vals, char *label, int labelwidth,
1029 unsigned long syntaxid, writeptype writeproc, void *writeparm,
1030 char *eol, int rdncount, char *urlprefix);
1032 LDAP_API(int)
1033 LDAP_CALL
1034 ldap_entry2html_search(LDAP *ld, char *dn, char *base, LDAPMessage *entry,
1035 struct ldap_disptmpl *tmpllist, char **defattrs, char ***defvals,
1036 writeptype writeproc, void *writeparm, char *eol, int rdncount,
1037 unsigned long opts, char *urlprefix);
1040 * Search Preference Definitions
1043 struct ldap_searchattr {
1044 char *sa_attrlabel;
1045 char *sa_attr;
1046 /* max 32 matchtypes for now */
1047 unsigned long sa_matchtypebitmap;
1048 char *sa_selectattr;
1049 char *sa_selecttext;
1050 struct ldap_searchattr *sa_next;
1053 struct ldap_searchmatch {
1054 char *sm_matchprompt;
1055 char *sm_filter;
1056 struct ldap_searchmatch *sm_next;
1059 struct ldap_searchobj {
1060 char *so_objtypeprompt;
1061 unsigned long so_options;
1062 char *so_prompt;
1063 short so_defaultscope;
1064 char *so_filterprefix;
1065 char *so_filtertag;
1066 char *so_defaultselectattr;
1067 char *so_defaultselecttext;
1068 struct ldap_searchattr *so_salist;
1069 struct ldap_searchmatch *so_smlist;
1070 struct ldap_searchobj *so_next;
1073 #define NULLSEARCHOBJ ((struct ldap_searchobj *)0)
1076 * global search object options
1078 #define LDAP_SEARCHOBJ_OPT_INTERNAL 0x00000001
1080 #define LDAP_IS_SEARCHOBJ_OPTION_SET(so, option) \
1081 (((so)->so_options & option) != 0)
1083 #define LDAP_SEARCHPREF_VERSION_ZERO 0
1084 #define LDAP_SEARCHPREF_VERSION 1
1086 #define LDAP_SEARCHPREF_ERR_VERSION 1
1087 #define LDAP_SEARCHPREF_ERR_MEM 2
1088 #define LDAP_SEARCHPREF_ERR_SYNTAX 3
1089 #define LDAP_SEARCHPREF_ERR_FILE 4
1091 LDAP_API(int)
1092 LDAP_CALL
1093 ldap_init_searchprefs(char *file, struct ldap_searchobj **solistp);
1095 LDAP_API(int)
1096 LDAP_CALL
1097 ldap_init_searchprefs_buf(char *buf, long buflen,
1098 struct ldap_searchobj **solistp);
1100 LDAP_API(void)
1101 LDAP_CALL
1102 ldap_free_searchprefs(struct ldap_searchobj *solist);
1104 LDAP_API(struct ldap_searchobj *)
1105 LDAP_CALL
1106 ldap_first_searchobj(struct ldap_searchobj *solist);
1108 LDAP_API(struct ldap_searchobj *)
1109 LDAP_CALL
1110 ldap_next_searchobj(struct ldap_searchobj *sollist,
1111 struct ldap_searchobj *so);
1114 * specific LDAP instantiations of BER types we know about
1117 /* general stuff */
1118 #define LDAP_TAG_MESSAGE 0x30 /* tag is 16 + constructed bit */
1119 #define LDAP_TAG_MSGID 0x02 /* INTEGER */
1120 #define LDAP_TAG_CONTROLS 0xa0 /* context specific + constructed + 0 */
1121 #define LDAP_TAG_REFERRAL 0xa3 /* context specific + constructed + 3 */
1122 #define LDAP_TAG_NEWSUPERIOR 0x80 /* context specific + primitive + 0 */
1123 #define LDAP_TAG_SASL_RES_CREDS 0x87 /* context specific + primitive + 7 */
1124 #define LDAP_TAG_VLV_BY_INDEX 0xa0 /* context specific + constructed + 0 */
1125 #define LDAP_TAG_VLV_BY_VALUE 0x81 /* context specific + primitive + 1 */
1126 /* tag for sort control */
1127 #define LDAP_TAG_SK_MATCHRULE 0x80L /* context specific + primitive + 0 */
1128 #define LDAP_TAG_SK_REVERSE 0x81L /* context specific + primitive + 1 */
1129 #define LDAP_TAG_SR_ATTRTYPE 0x80L /* context specific + primitive + 0 */
1131 /* possible operations a client can invoke */
1132 #define LDAP_REQ_BIND 0x60 /* application + constructed + 0 */
1133 #define LDAP_REQ_UNBIND 0x42 /* application + primitive + 2 */
1134 #define LDAP_REQ_SEARCH 0x63 /* application + constructed + 3 */
1135 #define LDAP_REQ_MODIFY 0x66 /* application + constructed + 6 */
1136 #define LDAP_REQ_ADD 0x68 /* application + constructed + 8 */
1137 #define LDAP_REQ_DELETE 0x4a /* application + primitive + 10 */
1138 #define LDAP_REQ_MODRDN 0x6c /* application + constructed + 12 */
1139 #define LDAP_REQ_MODDN 0x6c /* application + constructed + 12 */
1140 #define LDAP_REQ_RENAME 0x6c /* application + constructed + 12 */
1141 #define LDAP_REQ_COMPARE 0x6e /* application + constructed + 14 */
1142 #define LDAP_REQ_ABANDON 0x50 /* application + primitive + 16 */
1143 #define LDAP_REQ_EXTENDED 0x77 /* application + constructed + 23 */
1145 /* U-M LDAP release 3.0 compatibility stuff */
1146 #define LDAP_REQ_UNBIND_30 0x62
1147 #define LDAP_REQ_DELETE_30 0x6a
1148 #define LDAP_REQ_ABANDON_30 0x70
1150 /* U-M LDAP 3.0 compatibility auth methods */
1151 #define LDAP_AUTH_SIMPLE_30 0xa0 /* context specific + constructed */
1152 #define LDAP_AUTH_KRBV41_30 0xa1 /* context specific + constructed */
1153 #define LDAP_AUTH_KRBV42_30 0xa2 /* context specific + constructed */
1155 /* filter types */
1156 #define LDAP_FILTER_AND 0xa0 /* context specific + constructed + 0 */
1157 #define LDAP_FILTER_OR 0xa1 /* context specific + constructed + 1 */
1158 #define LDAP_FILTER_NOT 0xa2 /* context specific + constructed + 2 */
1159 #define LDAP_FILTER_EQUALITY 0xa3 /* context specific + constructed + 3 */
1160 #define LDAP_FILTER_SUBSTRINGS 0xa4 /* context specific + constructed + 4 */
1161 #define LDAP_FILTER_GE 0xa5 /* context specific + constructed + 5 */
1162 #define LDAP_FILTER_LE 0xa6 /* context specific + constructed + 6 */
1163 #define LDAP_FILTER_PRESENT 0x87 /* context specific + primitive + 7 */
1164 #define LDAP_FILTER_APPROX 0xa8 /* context specific + constructed + 8 */
1165 #define LDAP_FILTER_EXTENDED 0xa9 /* context specific + constructed + 0 */
1167 /* U-M LDAP 3.0 compatibility filter types */
1168 #define LDAP_FILTER_PRESENT_30 0xa7 /* context specific + constructed */
1170 /* substring filter component types */
1171 #define LDAP_SUBSTRING_INITIAL 0x80 /* context specific + primitive + 0 */
1172 #define LDAP_SUBSTRING_ANY 0x81 /* context specific + primitive + 1 */
1173 #define LDAP_SUBSTRING_FINAL 0x82 /* context specific + primitive + 2 */
1175 /* U-M LDAP 3.0 compatibility substring filter component types */
1176 #define LDAP_SUBSTRING_INITIAL_30 0xa0 /* context specific */
1177 #define LDAP_SUBSTRING_ANY_30 0xa1 /* context specific */
1178 #define LDAP_SUBSTRING_FINAL_30 0xa2 /* context specific */
1180 #endif /* _SOLARIS_SDK */
1183 * Function to dispose of an array of LDAPMod structures (an API extension).
1184 * Warning: don't use this unless the mods array was allocated using the
1185 * same memory allocator as is being used by libldap.
1187 LDAP_API(void) LDAP_CALL ldap_mods_free(LDAPMod **mods, int freemods);
1190 * Preferred language and get_lang_values (an API extension --
1191 * LDAP_API_FEATURE_X_GETLANGVALUES)
1193 * The following two APIs are deprecated
1196 char **LDAP_CALL ldap_get_lang_values(LDAP *ld, LDAPMessage *entry,
1197 const char *target, char **type);
1198 struct berval **LDAP_CALL ldap_get_lang_values_len(LDAP *ld,
1199 LDAPMessage *entry, const char *target, char **type);
1203 * Rebind callback function (an API extension)
1205 #define LDAP_OPT_REBIND_FN 0x06 /* 6 - API extension */
1206 #define LDAP_OPT_REBIND_ARG 0x07 /* 7 - API extension */
1207 typedef int (LDAP_CALL LDAP_CALLBACK LDAP_REBINDPROC_CALLBACK)(LDAP *ld,
1208 char **dnp, char **passwdp, int *authmethodp, int freeit, void *arg);
1209 LDAP_API(void) LDAP_CALL ldap_set_rebind_proc(LDAP *ld,
1210 LDAP_REBINDPROC_CALLBACK *rebindproc, void *arg);
1213 * Thread function callbacks (an API extension --
1214 * LDAP_API_FEATURE_X_THREAD_FUNCTIONS).
1216 #define LDAP_OPT_THREAD_FN_PTRS 0x05 /* 5 - API extension */
1219 * Thread callback functions:
1221 typedef void *(LDAP_C LDAP_CALLBACK LDAP_TF_MUTEX_ALLOC_CALLBACK)(void);
1222 typedef void (LDAP_C LDAP_CALLBACK LDAP_TF_MUTEX_FREE_CALLBACK)(void *m);
1223 typedef int (LDAP_C LDAP_CALLBACK LDAP_TF_MUTEX_LOCK_CALLBACK)(void *m);
1224 typedef int (LDAP_C LDAP_CALLBACK LDAP_TF_MUTEX_UNLOCK_CALLBACK)(void *m);
1225 typedef int (LDAP_C LDAP_CALLBACK LDAP_TF_GET_ERRNO_CALLBACK)(void);
1226 typedef void (LDAP_C LDAP_CALLBACK LDAP_TF_SET_ERRNO_CALLBACK)(int e);
1227 typedef int (LDAP_C LDAP_CALLBACK LDAP_TF_GET_LDERRNO_CALLBACK)(
1228 char **matchedp, char **errmsgp, void *arg);
1229 typedef void (LDAP_C LDAP_CALLBACK LDAP_TF_SET_LDERRNO_CALLBACK)(int err,
1230 char *matched, char *errmsg, void *arg);
1233 * Structure to hold thread function pointers:
1235 struct ldap_thread_fns {
1236 LDAP_TF_MUTEX_ALLOC_CALLBACK *ltf_mutex_alloc;
1237 LDAP_TF_MUTEX_FREE_CALLBACK *ltf_mutex_free;
1238 LDAP_TF_MUTEX_LOCK_CALLBACK *ltf_mutex_lock;
1239 LDAP_TF_MUTEX_UNLOCK_CALLBACK *ltf_mutex_unlock;
1240 LDAP_TF_GET_ERRNO_CALLBACK *ltf_get_errno;
1241 LDAP_TF_SET_ERRNO_CALLBACK *ltf_set_errno;
1242 LDAP_TF_GET_LDERRNO_CALLBACK *ltf_get_lderrno;
1243 LDAP_TF_SET_LDERRNO_CALLBACK *ltf_set_lderrno;
1244 void *ltf_lderrno_arg;
1248 * Client side sorting of entries (an API extension --
1249 * LDAP_API_FEATURE_X_CLIENT_SIDE_SORT)
1252 * Client side sorting callback functions:
1254 typedef const struct berval *(LDAP_C LDAP_CALLBACK
1255 LDAP_KEYGEN_CALLBACK)(void *arg, LDAP *ld, LDAPMessage *entry);
1256 typedef int (LDAP_C LDAP_CALLBACK
1257 LDAP_KEYCMP_CALLBACK)(void *arg, const struct berval *,
1258 const struct berval *);
1259 typedef void (LDAP_C LDAP_CALLBACK
1260 LDAP_KEYFREE_CALLBACK)(void *arg, const struct berval *);
1261 typedef int (LDAP_C LDAP_CALLBACK
1262 LDAP_CMP_CALLBACK)(const char *val1, const char *val2);
1263 typedef int (LDAP_C LDAP_CALLBACK
1264 LDAP_VALCMP_CALLBACK)(const char **val1p, const char **val2p);
1267 * Client side sorting functions:
1269 int LDAP_CALL ldap_multisort_entries(LDAP *ld, LDAPMessage **chain,
1270 char **attr, LDAP_CMP_CALLBACK *cmp);
1271 int LDAP_CALL ldap_sort_entries(LDAP *ld, LDAPMessage **chain,
1272 char *attr, LDAP_CMP_CALLBACK *cmp);
1273 int LDAP_CALL ldap_sort_values(LDAP *ld, char **vals,
1274 LDAP_VALCMP_CALLBACK *cmp);
1275 int LDAP_C LDAP_CALLBACK ldap_sort_strcasecmp(const char **a,
1276 const char **b);
1280 * Filter functions and definitions (an API extension --
1281 * LDAP_API_FEATURE_X_FILTER_FUNCTIONS)
1284 * Structures, constants, and types for filter utility routines:
1286 typedef struct ldap_filt_info {
1287 char *lfi_filter;
1288 char *lfi_desc;
1289 int lfi_scope; /* LDAP_SCOPE_BASE, etc */
1290 int lfi_isexact; /* exact match filter? */
1291 struct ldap_filt_info *lfi_next;
1292 } LDAPFiltInfo;
1294 #define LDAP_FILT_MAXSIZ 1024
1296 typedef struct ldap_filt_list LDAPFiltList; /* opaque filter list handle */
1297 typedef struct ldap_filt_desc LDAPFiltDesc; /* opaque filter desc handle */
1300 * Filter utility functions:
1302 LDAP_API(LDAPFiltDesc *) LDAP_CALL ldap_init_getfilter(char *fname);
1303 LDAP_API(LDAPFiltDesc *) LDAP_CALL ldap_init_getfilter_buf(char *buf,
1304 ssize_t buflen);
1305 LDAP_API(LDAPFiltInfo *) LDAP_CALL ldap_getfirstfilter(LDAPFiltDesc *lfdp,
1306 char *tagpat, char *value);
1307 LDAP_API(LDAPFiltInfo *) LDAP_CALL ldap_getnextfilter(LDAPFiltDesc *lfdp);
1308 int LDAP_CALL ldap_set_filter_additions(LDAPFiltDesc *lfdp,
1309 char *prefix, char *suffix);
1310 int LDAP_CALL ldap_create_filter(char *buf, unsigned long buflen,
1311 char *pattern, char *prefix, char *suffix, char *attr,
1312 char *value, char **valwords);
1313 LDAP_API(void) LDAP_CALL ldap_getfilter_free(LDAPFiltDesc *lfdp);
1317 * Friendly mapping structure and routines (an API extension)
1319 typedef struct friendly {
1320 char *f_unfriendly;
1321 char *f_friendly;
1322 } *FriendlyMap;
1323 char *LDAP_CALL ldap_friendly_name(char *filename, char *name,
1324 FriendlyMap *map);
1325 LDAP_API(void) LDAP_CALL ldap_free_friendlymap(FriendlyMap *map);
1329 * In Memory Cache (an API extension -- LDAP_API_FEATURE_X_MEMCACHE)
1331 typedef struct ldapmemcache LDAPMemCache; /* opaque in-memory cache handle */
1333 int LDAP_CALL ldap_memcache_init(unsigned long ttl,
1334 unsigned long size, char **baseDNs, struct ldap_thread_fns *thread_fns,
1335 LDAPMemCache **cachep);
1336 int LDAP_CALL ldap_memcache_set(LDAP *ld, LDAPMemCache *cache);
1337 int LDAP_CALL ldap_memcache_get(LDAP *ld, LDAPMemCache **cachep);
1338 LDAP_API(void) LDAP_CALL ldap_memcache_flush(LDAPMemCache *cache, char *dn,
1339 int scope);
1340 LDAP_API(void) LDAP_CALL ldap_memcache_destroy(LDAPMemCache *cache);
1341 LDAP_API(void) LDAP_CALL ldap_memcache_update(LDAPMemCache *cache);
1344 * Server reconnect (an API extension).
1346 #define LDAP_OPT_RECONNECT 0x62 /* 98 - API extension */
1349 * Asynchronous I/O (an API extension).
1352 * This option enables completely asynchronous IO. It works by using ioctl()
1353 * on the fd, (or tlook())
1355 #define LDAP_OPT_ASYNC_CONNECT 0x63 /* 99 - API extension */
1358 * I/O function callbacks option (an API extension --
1359 * LDAP_API_FEATURE_X_IO_FUNCTIONS).
1360 * Use of the extended I/O functions instead is recommended; see above.
1362 #define LDAP_OPT_IO_FN_PTRS 0x0B /* 11 - API extension */
1365 * Extended I/O function callbacks option (an API extension --
1366 * LDAP_API_FEATURE_X_EXTIO_FUNCTIONS).
1368 #define LDAP_X_OPT_EXTIO_FN_PTRS (LDAP_OPT_PRIVATE_EXTENSION_BASE + 0x0F00)
1369 /* 0x4000 + 0x0F00 = 0x4F00 = 20224 - API extension */
1374 * generalized bind
1377 * Authentication methods:
1379 #define LDAP_AUTH_NONE 0x00
1380 #define LDAP_AUTH_SIMPLE 0x80
1381 #define LDAP_AUTH_SASL 0xa3
1382 int LDAP_CALL ldap_bind(LDAP *ld, const char *who,
1383 const char *passwd, int authmethod);
1384 int LDAP_CALL ldap_bind_s(LDAP *ld, const char *who,
1385 const char *cred, int method);
1388 * experimental DN format support
1390 char **LDAP_CALL ldap_explode_dns(const char *dn);
1391 int LDAP_CALL ldap_is_dns_dn(const char *dn);
1393 #ifdef _SOLARIS_SDK
1394 char *ldap_dns_to_dn(char *dns_name, int *nameparts);
1395 #endif
1399 * user friendly naming/searching routines
1401 typedef int (LDAP_C LDAP_CALLBACK LDAP_CANCELPROC_CALLBACK)(void *cl);
1402 int LDAP_CALL ldap_ufn_search_c(LDAP *ld, char *ufn,
1403 char **attrs, int attrsonly, LDAPMessage **res,
1404 LDAP_CANCELPROC_CALLBACK *cancelproc, void *cancelparm);
1405 int LDAP_CALL ldap_ufn_search_ct(LDAP *ld, char *ufn,
1406 char **attrs, int attrsonly, LDAPMessage **res,
1407 LDAP_CANCELPROC_CALLBACK *cancelproc, void *cancelparm,
1408 char *tag1, char *tag2, char *tag3);
1409 int LDAP_CALL ldap_ufn_search_s(LDAP *ld, char *ufn,
1410 char **attrs, int attrsonly, LDAPMessage **res);
1411 LDAP_API(LDAPFiltDesc *) LDAP_CALL ldap_ufn_setfilter(LDAP *ld, char *fname);
1412 LDAP_API(void) LDAP_CALL ldap_ufn_setprefix(LDAP *ld, char *prefix);
1413 int LDAP_C ldap_ufn_timeout(void *tvparam);
1416 * functions and definitions that have been replaced by new improved ones
1419 * Use ldap_get_option() with LDAP_OPT_API_INFO and an LDAPAPIInfo structure
1420 * instead of ldap_version(). The use of this API is deprecated.
1422 typedef struct _LDAPVersion {
1423 int sdk_version; /* Version of the SDK, * 100 */
1424 int protocol_version; /* Highest protocol version supported, * 100 */
1425 int SSL_version; /* SSL version if this SDK supports it, * 100 */
1426 int security_level; /* highest level available */
1427 int reserved[4];
1428 } LDAPVersion;
1429 #define LDAP_SECURITY_NONE 0
1430 int LDAP_CALL ldap_version(LDAPVersion *ver);
1432 /* use ldap_create_filter() instead of ldap_build_filter() */
1433 LDAP_API(void) LDAP_CALL ldap_build_filter(char *buf, size_t buflen,
1434 char *pattern, char *prefix, char *suffix, char *attr,
1435 char *value, char **valwords);
1436 /* use ldap_set_filter_additions() instead of ldap_setfilteraffixes() */
1437 LDAP_API(void) LDAP_CALL ldap_setfilteraffixes(LDAPFiltDesc *lfdp,
1438 char *prefix, char *suffix);
1440 /* older result types a server can return -- use LDAP_RES_MODDN instead */
1441 #define LDAP_RES_MODRDN LDAP_RES_MODDN
1442 #define LDAP_RES_RENAME LDAP_RES_MODDN
1444 /* older error messages */
1445 #define LDAP_AUTH_METHOD_NOT_SUPPORTED LDAP_STRONG_AUTH_NOT_SUPPORTED
1447 /* end of unsupported functions */
1449 #ifdef _SOLARIS_SDK
1451 /* SSL Functions */
1454 * these three defines resolve the SSL strength
1455 * setting auth weak, diables all cert checking
1456 * the CNCHECK tests for the man in the middle hack
1458 #define LDAPSSL_AUTH_WEAK 0
1459 #define LDAPSSL_AUTH_CERT 1
1460 #define LDAPSSL_AUTH_CNCHECK 2
1463 * Initialize LDAP library for SSL
1465 LDAP * LDAP_CALL ldapssl_init(const char *defhost, int defport,
1466 int defsecure);
1469 * Install I/O routines to make SSL over LDAP possible.
1470 * Use this after ldap_init() or just use ldapssl_init() instead.
1472 int LDAP_CALL ldapssl_install_routines(LDAP *ld);
1476 * The next three functions initialize the security code for SSL
1477 * The first one ldapssl_client_init() does initialization for SSL only
1478 * The next one supports ldapssl_clientauth_init() intializes security
1479 * for SSL for client authentication. The third function initializes
1480 * security for doing SSL with client authentication, and PKCS, that is,
1481 * the third function initializes the security module database(secmod.db).
1482 * The parameters are as follows:
1483 * const char *certdbpath - path to the cert file. This can be a shortcut
1484 * to the directory name, if so cert7.db will be postfixed to the string.
1485 * void *certdbhandle - Normally this is NULL. This memory will need
1486 * to be freed.
1487 * int needkeydb - boolean. Must be ! = 0 if client Authentification
1488 * is required
1489 * char *keydbpath - path to the key database. This can be a shortcut
1490 * to the directory name, if so key3.db will be postfixed to the string.
1491 * void *keydbhandle - Normally this is NULL, This memory will need
1492 * to be freed
1493 * int needsecmoddb - boolean. Must be ! = 0 to assure that the correct
1494 * security module is loaded into memory
1495 * char *secmodpath - path to the secmod. This can be a shortcut to the
1496 * directory name, if so secmod.db will be postfixed to the string.
1498 * These three functions are mutually exclusive. You can only call
1499 * one. This means that, for a given process, you must call the
1500 * appropriate initialization function for the life of the process.
1505 * Initialize the secure parts (Security and SSL) of the runtime for use
1506 * by a client application. This is only called once.
1508 int LDAP_CALL ldapssl_client_init(
1509 const char *certdbpath, void *certdbhandle);
1512 * Initialize the secure parts (Security and SSL) of the runtime for use
1513 * by a client application that may want to do SSL client authentication.
1515 int LDAP_CALL ldapssl_clientauth_init(
1516 const char *certdbpath, void *certdbhandle,
1517 const int needkeydb, const char *keydbpath, void *keydbhandle);
1520 * Initialize the secure parts (Security and SSL) of the runtime for use
1521 * by a client application that may want to do SSL client authentication.
1523 int LDAP_CALL ldapssl_advclientauth_init(
1524 const char *certdbpath, void *certdbhandle,
1525 const int needkeydb, const char *keydbpath, void *keydbhandle,
1526 const int needsecmoddb, const char *secmoddbpath,
1527 const int sslstrength);
1530 * get a meaningful error string back from the security library
1531 * this function should be called, if ldap_err2string doesn't
1532 * identify the error code.
1534 const char *LDAP_CALL ldapssl_err2string(const int prerrno);
1537 * Enable SSL client authentication on the given ld.
1539 int LDAP_CALL ldapssl_enable_clientauth(LDAP *ld, char *keynickname,
1540 char *keypasswd, char *certnickname);
1542 typedef int (LDAP_C LDAP_CALLBACK LDAP_PKCS_GET_TOKEN_CALLBACK)
1543 (void *context, char **tokenname);
1544 typedef int (LDAP_C LDAP_CALLBACK LDAP_PKCS_GET_PIN_CALLBACK)
1545 (void *context, const char *tokenname, char **tokenpin);
1546 typedef int (LDAP_C LDAP_CALLBACK LDAP_PKCS_GET_CERTPATH_CALLBACK)
1547 (void *context, char **certpath);
1548 typedef int (LDAP_C LDAP_CALLBACK LDAP_PKCS_GET_KEYPATH_CALLBACK)
1549 (void *context, char **keypath);
1550 typedef int (LDAP_C LDAP_CALLBACK LDAP_PKCS_GET_MODPATH_CALLBACK)
1551 (void *context, char **modulepath);
1552 typedef int (LDAP_C LDAP_CALLBACK LDAP_PKCS_GET_CERTNAME_CALLBACK)
1553 (void *context, char **certname);
1554 typedef int (LDAP_C LDAP_CALLBACK LDAP_PKCS_GET_DONGLEFILENAME_CALLBACK)
1555 (void *context, char **filename);
1557 #define PKCS_STRUCTURE_ID 1
1558 struct ldapssl_pkcs_fns {
1559 int local_structure_id;
1560 void *local_data;
1561 LDAP_PKCS_GET_CERTPATH_CALLBACK *pkcs_getcertpath;
1562 LDAP_PKCS_GET_CERTNAME_CALLBACK *pkcs_getcertname;
1563 LDAP_PKCS_GET_KEYPATH_CALLBACK *pkcs_getkeypath;
1564 LDAP_PKCS_GET_MODPATH_CALLBACK *pkcs_getmodpath;
1565 LDAP_PKCS_GET_PIN_CALLBACK *pkcs_getpin;
1566 LDAP_PKCS_GET_TOKEN_CALLBACK *pkcs_gettokenname;
1567 LDAP_PKCS_GET_DONGLEFILENAME_CALLBACK *pkcs_getdonglefilename;
1572 int LDAP_CALL ldapssl_pkcs_init(const struct ldapssl_pkcs_fns *pfns);
1574 /* end of SSL functions */
1575 #endif /* _SOLARIS_SDK */
1577 /* SASL options */
1578 #define LDAP_OPT_X_SASL_MECH 0x6100
1579 #define LDAP_OPT_X_SASL_REALM 0x6101
1580 #define LDAP_OPT_X_SASL_AUTHCID 0x6102
1581 #define LDAP_OPT_X_SASL_AUTHZID 0x6103
1582 #define LDAP_OPT_X_SASL_SSF 0x6104 /* read-only */
1583 #define LDAP_OPT_X_SASL_SSF_EXTERNAL 0x6105 /* write-only */
1584 #define LDAP_OPT_X_SASL_SECPROPS 0x6106 /* write-only */
1585 #define LDAP_OPT_X_SASL_SSF_MIN 0x6107
1586 #define LDAP_OPT_X_SASL_SSF_MAX 0x6108
1587 #define LDAP_OPT_X_SASL_MAXBUFSIZE 0x6109
1590 * ldap_interactive_bind_s Interaction flags
1591 * Interactive: prompt always - REQUIRED
1593 #define LDAP_SASL_INTERACTIVE 1U
1596 * V3 SASL Interaction Function Callback Prototype
1597 * when using SASL, interact is pointer to sasl_interact_t
1598 * should likely passed in a control (and provided controls)
1600 typedef int (LDAP_SASL_INTERACT_PROC)
1601 (LDAP *ld, unsigned flags, void* defaults, void *interact);
1603 int LDAP_CALL ldap_sasl_interactive_bind_s(LDAP *ld, const char *dn,
1604 const char *saslMechanism, LDAPControl **serverControls,
1605 LDAPControl **clientControls, unsigned flags,
1606 LDAP_SASL_INTERACT_PROC *proc, void *defaults);
1608 #ifdef __cplusplus
1610 #endif
1612 #endif /* _LDAP_H */