ldap.h 63.8 KB
Newer Older
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1
/* $OpenLDAP$ */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
2
3
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 * 
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
4
 * Copyright 1998-2020 The OpenLDAP Foundation.
5
6
 * All rights reserved.
 *
7
8
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted only as authorized by the OpenLDAP
Kurt Zeilenga's avatar
Kurt Zeilenga committed
9
10
11
12
13
 * Public License.
 *
 * A copy of this license is available in file LICENSE in the
 * top-level directory of the distribution or, alternatively, at
 * <http://www.OpenLDAP.org/license.html>.
14
 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
15
/* Portions Copyright (c) 1990 Regents of the University of Michigan.
Kurt Zeilenga's avatar
Kurt Zeilenga committed
16
17
18
19
20
21
22
23
24
25
26
27
28
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms are permitted
 * provided that this notice is preserved and that due credit is given
 * to the University of Michigan at Ann Arbor. The name of the University
 * may not be used to endorse or promote products derived from this
 * software without specific prior written permission. This software
 * is provided ``as is'' without express or implied warranty.
 */

#ifndef _LDAP_H
#define _LDAP_H

Kurt Zeilenga's avatar
Kurt Zeilenga committed
29
/* pull in lber */
30
31
#include <lber.h>

32
33
34
/* include version and API feature defines */
#include <ldap_features.h>

Kurt Zeilenga's avatar
Kurt Zeilenga committed
35
LDAP_BEGIN_DECL
Kurt Zeilenga's avatar
Kurt Zeilenga committed
36
37
38

#define LDAP_VERSION1	1
#define LDAP_VERSION2	2
Kurt Zeilenga's avatar
Kurt Zeilenga committed
39
#define LDAP_VERSION3	3
40
41

#define LDAP_VERSION_MIN	LDAP_VERSION2
42
43
#define	LDAP_VERSION		LDAP_VERSION2
#define LDAP_VERSION_MAX	LDAP_VERSION3
Kurt Zeilenga's avatar
Kurt Zeilenga committed
44

45
/*
Kurt Zeilenga's avatar
Kurt Zeilenga committed
46
47
48
49
 * We use 3000+n here because it is above 1823 (for RFC 1823),
 * above 2000+rev of IETF LDAPEXT draft (now quite dated),
 * yet below allocations for new RFCs (just in case there is
 * someday an RFC produced).
50
 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
51
#define LDAP_API_VERSION	3001
52
#define LDAP_VENDOR_NAME	"OpenLDAP"
53

54
/* OpenLDAP API Features */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
55
#define LDAP_API_FEATURE_X_OPENLDAP LDAP_VENDOR_VERSION
56

57
58
59
60
61
#if defined( LDAP_API_FEATURE_X_OPENLDAP_REENTRANT ) || \
	( defined( LDAP_THREAD_SAFE ) && \
		defined( LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE ) )
	/* -lldap may or may not be thread safe */
	/* -lldap_r, if available, is always thread safe */
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
62
63
64
#	define	LDAP_API_FEATURE_THREAD_SAFE 		1
#	define  LDAP_API_FEATURE_SESSION_THREAD_SAFE	1
#	define  LDAP_API_FEATURE_OPERATION_THREAD_SAFE	1
65
66
67
68
69
70
71
#endif
#if defined( LDAP_THREAD_SAFE ) && \
	defined( LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE )
/* #define LDAP_API_FEATURE_SESSION_SAFE	1	*/
/* #define LDAP_API_OPERATION_SESSION_SAFE	1	*/
#endif

Kurt Zeilenga's avatar
Kurt Zeilenga committed
72

Kurt Zeilenga's avatar
Kurt Zeilenga committed
73
74
#define LDAP_PORT		389		/* ldap:///		default LDAP port */
#define LDAPS_PORT		636		/* ldaps:///	default LDAP over TLS port */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
75
76
77
78

#define LDAP_ROOT_DSE				""
#define LDAP_NO_ATTRS				"1.1"
#define LDAP_ALL_USER_ATTRIBUTES	"*"
Kurt Zeilenga's avatar
Kurt Zeilenga committed
79
#define LDAP_ALL_OPERATIONAL_ATTRIBUTES	"+" /* RFC 3673 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
80

Kurt Zeilenga's avatar
Kurt Zeilenga committed
81
/* RFC 4511:  maxInt INTEGER ::= 2147483647 -- (2^^31 - 1) -- */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
82
83
#define LDAP_MAXINT (2147483647)

Kurt Zeilenga's avatar
ldap.h:    
Kurt Zeilenga committed
84
/*
Kurt Zeilenga's avatar
Kurt Zeilenga committed
85
86
87
88
 * LDAP_OPTions
 *	0x0000 - 0x0fff reserved for api options
 *	0x1000 - 0x3fff reserved for api extended options
 *	0x4000 - 0x7fff reserved for private and experimental options
Kurt Zeilenga's avatar
ldap.h:    
Kurt Zeilenga committed
89
 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
90

91
#define LDAP_OPT_API_INFO			0x0000
Kurt Zeilenga's avatar
Kurt Zeilenga committed
92
#define LDAP_OPT_DESC				0x0001 /* historic */
93
94
95
#define LDAP_OPT_DEREF				0x0002
#define LDAP_OPT_SIZELIMIT			0x0003
#define LDAP_OPT_TIMELIMIT			0x0004
Kurt Zeilenga's avatar
Kurt Zeilenga committed
96
/* 0x05 - 0x07 not defined */
97
98
#define LDAP_OPT_REFERRALS			0x0008
#define LDAP_OPT_RESTART			0x0009
Kurt Zeilenga's avatar
Kurt Zeilenga committed
99
/* 0x0a - 0x10 not defined */
100
101
102
#define LDAP_OPT_PROTOCOL_VERSION		0x0011
#define LDAP_OPT_SERVER_CONTROLS		0x0012
#define LDAP_OPT_CLIENT_CONTROLS		0x0013
Kurt Zeilenga's avatar
Kurt Zeilenga committed
103
/* 0x14 not defined */
104
#define LDAP_OPT_API_FEATURE_INFO		0x0015
Kurt Zeilenga's avatar
Kurt Zeilenga committed
105
/* 0x16 - 0x2f not defined */
106
#define LDAP_OPT_HOST_NAME			0x0030
107
108
109
110
#define LDAP_OPT_RESULT_CODE			0x0031
#define LDAP_OPT_ERROR_NUMBER			LDAP_OPT_RESULT_CODE
#define LDAP_OPT_DIAGNOSTIC_MESSAGE		0x0032
#define LDAP_OPT_ERROR_STRING			LDAP_OPT_DIAGNOSTIC_MESSAGE
111
#define LDAP_OPT_MATCHED_DN			0x0033
Kurt Zeilenga's avatar
Kurt Zeilenga committed
112
/* 0x0034 - 0x3fff not defined */
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
113
114
115
116
117
118
119
120
121
122
123
/* 0x0091 used by Microsoft for LDAP_OPT_AUTO_RECONNECT */
#define LDAP_OPT_SSPI_FLAGS			0x0092
/* 0x0093 used by Microsoft for LDAP_OPT_SSL_INFO */
/* 0x0094 used by Microsoft for LDAP_OPT_REF_DEREF_CONN_PER_MSG */
#define LDAP_OPT_SIGN				0x0095
#define LDAP_OPT_ENCRYPT			0x0096
#define LDAP_OPT_SASL_METHOD			0x0097
/* 0x0098 used by Microsoft for LDAP_OPT_AREC_EXCLUSIVE */
#define LDAP_OPT_SECURITY_CONTEXT		0x0099
/* 0x009A used by Microsoft for LDAP_OPT_ROOTDSE_CACHE */
/* 0x009B - 0x3fff not defined */
124

Kurt Zeilenga's avatar
Kurt Zeilenga committed
125
126
/* API Extensions */
#define LDAP_OPT_API_EXTENSION_BASE 0x4000  /* API extensions */
127

Kurt Zeilenga's avatar
ldap.h:    
Kurt Zeilenga committed
128
/* private and experimental options */
129
/* OpenLDAP specific options */
Kurt Zeilenga's avatar
ldap.h:    
Kurt Zeilenga committed
130
131
132
#define LDAP_OPT_DEBUG_LEVEL		0x5001	/* debug level */
#define LDAP_OPT_TIMEOUT			0x5002	/* default timeout */
#define LDAP_OPT_REFHOPLIMIT		0x5003	/* ref hop limit */
133
#define LDAP_OPT_NETWORK_TIMEOUT	0x5005	/* socket level timeout */
134
#define LDAP_OPT_URI				0x5006
135
#define LDAP_OPT_REFERRAL_URLS      0x5007  /* Referral URLs */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
136
#define LDAP_OPT_SOCKBUF            0x5008  /* sockbuf */
137
#define LDAP_OPT_DEFBASE		0x5009	/* searchbase */
138
#define	LDAP_OPT_CONNECT_ASYNC		0x5010	/* create connections asynchronously */
139
#define	LDAP_OPT_CONNECT_CB			0x5011	/* connection callbacks */
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
140
#define	LDAP_OPT_SESSION_REFCNT		0x5012	/* session reference count */
141

142
/* OpenLDAP TLS options */
143
#define LDAP_OPT_X_TLS				0x6000
144
#define LDAP_OPT_X_TLS_CTX			0x6001	/* OpenSSL CTX* */
145
146
#define LDAP_OPT_X_TLS_CACERTFILE	0x6002
#define LDAP_OPT_X_TLS_CACERTDIR	0x6003
Julio Sánchez Fernández's avatar
   
Julio Sánchez Fernández committed
147
148
149
#define LDAP_OPT_X_TLS_CERTFILE		0x6004
#define LDAP_OPT_X_TLS_KEYFILE		0x6005
#define LDAP_OPT_X_TLS_REQUIRE_CERT	0x6006
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
150
#define LDAP_OPT_X_TLS_PROTOCOL_MIN	0x6007
151
152
#define LDAP_OPT_X_TLS_CIPHER_SUITE	0x6008
#define LDAP_OPT_X_TLS_RANDOM_FILE	0x6009
153
#define LDAP_OPT_X_TLS_SSL_CTX		0x600a	/* OpenSSL SSL* */
154
#define LDAP_OPT_X_TLS_CRLCHECK		0x600b
155
156
#define LDAP_OPT_X_TLS_CONNECT_CB	0x600c
#define LDAP_OPT_X_TLS_CONNECT_ARG	0x600d
157
#define LDAP_OPT_X_TLS_DHFILE		0x600e
Howard Chu's avatar
Howard Chu committed
158
#define LDAP_OPT_X_TLS_NEWCTX		0x600f
159
#define LDAP_OPT_X_TLS_CRLFILE		0x6010	/* GNUtls only */
Howard Chu's avatar
Howard Chu committed
160
#define LDAP_OPT_X_TLS_PACKAGE		0x6011
161
#define LDAP_OPT_X_TLS_ECNAME		0x6012
Howard Chu's avatar
Howard Chu committed
162
#define LDAP_OPT_X_TLS_REQUIRE_SAN	0x601a
Julio Sánchez Fernández's avatar
   
Julio Sánchez Fernández committed
163

Kurt Zeilenga's avatar
Kurt Zeilenga committed
164
#define LDAP_OPT_X_TLS_NEVER	0
Julio Sánchez Fernández's avatar
   
Julio Sánchez Fernández committed
165
#define LDAP_OPT_X_TLS_HARD		1
Kurt Zeilenga's avatar
Kurt Zeilenga committed
166
167
#define LDAP_OPT_X_TLS_DEMAND	2
#define LDAP_OPT_X_TLS_ALLOW	3
Julio Sánchez Fernández's avatar
   
Julio Sánchez Fernández committed
168
169
#define LDAP_OPT_X_TLS_TRY		4

170
171
172
173
#define LDAP_OPT_X_TLS_CRL_NONE	0
#define LDAP_OPT_X_TLS_CRL_PEER	1
#define LDAP_OPT_X_TLS_CRL_ALL	2

Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
174
175
176
177
178
179
180
181
/* for LDAP_OPT_X_TLS_PROTOCOL_MIN */
#define LDAP_OPT_X_TLS_PROTOCOL(maj,min)	(((maj) << 8) + (min))
#define LDAP_OPT_X_TLS_PROTOCOL_SSL2		(2 << 8)
#define LDAP_OPT_X_TLS_PROTOCOL_SSL3		(3 << 8)
#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_0		((3 << 8) + 1)
#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_1		((3 << 8) + 2)
#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_2		((3 << 8) + 3)

182
/* OpenLDAP SASL options */
183
184
185
186
187
188
189
190
191
#define LDAP_OPT_X_SASL_MECH			0x6100
#define LDAP_OPT_X_SASL_REALM			0x6101
#define LDAP_OPT_X_SASL_AUTHCID			0x6102
#define LDAP_OPT_X_SASL_AUTHZID			0x6103
#define LDAP_OPT_X_SASL_SSF				0x6104 /* read-only */
#define LDAP_OPT_X_SASL_SSF_EXTERNAL	0x6105 /* write-only */
#define LDAP_OPT_X_SASL_SECPROPS		0x6106 /* write-only */
#define LDAP_OPT_X_SASL_SSF_MIN			0x6107
#define LDAP_OPT_X_SASL_SSF_MAX			0x6108
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
192
193
#define LDAP_OPT_X_SASL_MAXBUFSIZE		0x6109
#define LDAP_OPT_X_SASL_MECHLIST		0x610a /* read-only */
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
194
#define LDAP_OPT_X_SASL_NOCANON			0x610b
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
195
#define LDAP_OPT_X_SASL_USERNAME		0x610c /* read-only */
196
#define LDAP_OPT_X_SASL_GSS_CREDS		0x610d
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
197
198
199
200
201

/* OpenLDAP GSSAPI options */
#define LDAP_OPT_X_GSSAPI_DO_NOT_FREE_CONTEXT      0x6200
#define LDAP_OPT_X_GSSAPI_ALLOW_REMOTE_PRINCIPAL   0x6201

202
203
204
205
206
207
208
/*
 * OpenLDAP per connection tcp-keepalive settings
 * (Linux only, ignored where unsupported)
 */
#define LDAP_OPT_X_KEEPALIVE_IDLE		0x6300
#define LDAP_OPT_X_KEEPALIVE_PROBES		0x6301
#define LDAP_OPT_X_KEEPALIVE_INTERVAL	0x6302
209

Kurt Zeilenga's avatar
Kurt Zeilenga committed
210
211
/* Private API Extensions -- reserved for application use */
#define LDAP_OPT_PRIVATE_EXTENSION_BASE 0x7000  /* Private API inclusive */
212

213
214
215
216
217
218
/*
 * ldap_get_option() and ldap_set_option() return values.
 * As later versions may return other values indicating
 * failure, current applications should only compare returned
 * value against LDAP_OPT_SUCCESS.
 */
219
220
221
#define LDAP_OPT_SUCCESS	0
#define	LDAP_OPT_ERROR		(-1)

Kurt Zeilenga's avatar
Kurt Zeilenga committed
222
223
224
225
/* option on/off values */
#define LDAP_OPT_ON		((void *) &ber_pvt_opt_on)
#define LDAP_OPT_OFF	((void *) 0)

226
typedef struct ldapapiinfo {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
227
228
	int		ldapai_info_version;		/* version of LDAPAPIInfo */
#define LDAP_API_INFO_VERSION	(1)
229
230
231
	int		ldapai_api_version;			/* revision of API supported */
	int		ldapai_protocol_version;	/* highest LDAP version supported */
	char	**ldapai_extensions;		/* names of API extensions */
232
	char	*ldapai_vendor_name;		/* name of supplier */
233
	int		ldapai_vendor_version;		/* supplier-specific version * 100 */
234
235
} LDAPAPIInfo;

Kurt Zeilenga's avatar
Kurt Zeilenga committed
236
typedef struct ldap_apifeature_info {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
237
238
239
240
	int		ldapaif_info_version;		/* version of LDAPAPIFeatureInfo */
#define LDAP_FEATURE_INFO_VERSION (1)	/* apifeature_info struct version */
	char*	ldapaif_name;				/* LDAP_API_FEATURE_* (less prefix) */
	int		ldapaif_version;			/* value of LDAP_API_FEATURE_... */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
241
242
} LDAPAPIFeatureInfo;

Kurt Zeilenga's avatar
Kurt Zeilenga committed
243
244
245
/*
 * LDAP Control structure
 */
246
typedef struct ldapcontrol {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
247
248
249
	char *			ldctl_oid;			/* numericoid of control */
	struct berval	ldctl_value;		/* encoded value of control */
	char			ldctl_iscritical;	/* criticality */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
250
} LDAPControl;
251

252
/* LDAP Controls */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
253
/*	standard track controls */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
254
#define LDAP_CONTROL_MANAGEDSAIT	"2.16.840.1.113730.3.4.2"  /* RFC 3296 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
255
#define LDAP_CONTROL_PROXY_AUTHZ	"2.16.840.1.113730.3.4.18" /* RFC 4370 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
256
257
#define LDAP_CONTROL_SUBENTRIES		"1.3.6.1.4.1.4203.1.10.1"  /* RFC 3672 */

258
259
#define LDAP_CONTROL_VALUESRETURNFILTER "1.2.826.0.1.3344810.2.3"/* RFC 3876 */

Kurt Zeilenga's avatar
Kurt Zeilenga committed
260
261
262
#define LDAP_CONTROL_ASSERT				"1.3.6.1.1.12"			/* RFC 4528 */
#define LDAP_CONTROL_PRE_READ			"1.3.6.1.1.13.1"		/* RFC 4527 */
#define LDAP_CONTROL_POST_READ			"1.3.6.1.1.13.2"		/* RFC 4527 */
263

Kurt Zeilenga's avatar
Kurt Zeilenga committed
264
265
266
#define LDAP_CONTROL_SORTREQUEST    "1.2.840.113556.1.4.473" /* RFC 2891 */
#define LDAP_CONTROL_SORTRESPONSE	"1.2.840.113556.1.4.474" /* RFC 2891 */

Kurt Zeilenga's avatar
Kurt Zeilenga committed
267
268
/*	non-standard track controls */
#define LDAP_CONTROL_PAGEDRESULTS	"1.2.840.113556.1.4.319"   /* RFC 2696 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
269

Kurt Zeilenga's avatar
Kurt Zeilenga committed
270
/* LDAP Content Synchronization Operation -- RFC 4533 */
271
272
273
274
275
#define LDAP_SYNC_OID			"1.3.6.1.4.1.4203.1.9.1"
#define LDAP_CONTROL_SYNC		LDAP_SYNC_OID ".1"
#define LDAP_CONTROL_SYNC_STATE	LDAP_SYNC_OID ".2"
#define LDAP_CONTROL_SYNC_DONE	LDAP_SYNC_OID ".3"
#define LDAP_SYNC_INFO			LDAP_SYNC_OID ".4"
276

277
278
#define LDAP_SYNC_NONE					0x00
#define LDAP_SYNC_REFRESH_ONLY			0x01
Kurt Zeilenga's avatar
Kurt Zeilenga committed
279
#define LDAP_SYNC_RESERVED				0x02
280
281
282
283
#define LDAP_SYNC_REFRESH_AND_PERSIST	0x03

#define LDAP_SYNC_REFRESH_PRESENTS		0
#define LDAP_SYNC_REFRESH_DELETES		1
284
285
286
287
288
289

#define LDAP_TAG_SYNC_NEW_COOKIE		((ber_tag_t) 0x80U)
#define LDAP_TAG_SYNC_REFRESH_DELETE	((ber_tag_t) 0xa1U)
#define LDAP_TAG_SYNC_REFRESH_PRESENT	((ber_tag_t) 0xa2U)
#define	LDAP_TAG_SYNC_ID_SET			((ber_tag_t) 0xa3U)

290
291
292
293
#define LDAP_TAG_SYNC_COOKIE			((ber_tag_t) 0x04U)
#define LDAP_TAG_REFRESHDELETES			((ber_tag_t) 0x01U)
#define LDAP_TAG_REFRESHDONE			((ber_tag_t) 0x01U)
#define LDAP_TAG_RELOAD_HINT			((ber_tag_t) 0x01U)
294

295
296
297
298
#define LDAP_SYNC_PRESENT				0
#define LDAP_SYNC_ADD					1
#define LDAP_SYNC_MODIFY				2
#define LDAP_SYNC_DELETE				3
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
299
#define LDAP_SYNC_NEW_COOKIE			4
300

301
302
/* LDAP Don't Use Copy Control (RFC 6171) */
#define LDAP_CONTROL_DONTUSECOPY		"1.3.6.1.1.22"
Kurt Zeilenga's avatar
cleanup    
Kurt Zeilenga committed
303
304
305
306
307
308
309
310
311

/* Password policy Controls *//* work in progress */
/* ITS#3458: released; disabled by default */
#define LDAP_CONTROL_PASSWORDPOLICYREQUEST	"1.3.6.1.4.1.42.2.27.8.5.1"
#define LDAP_CONTROL_PASSWORDPOLICYRESPONSE	"1.3.6.1.4.1.42.2.27.8.5.1"

/* various works in progress */
#define LDAP_CONTROL_NOOP				"1.3.6.1.4.1.4203.666.5.2"
#define LDAP_CONTROL_NO_SUBORDINATES	"1.3.6.1.4.1.4203.666.5.11"
Kurt Zeilenga's avatar
Kurt Zeilenga committed
312
313
#define LDAP_CONTROL_RELAX				"1.3.6.1.4.1.4203.666.5.12"
#define LDAP_CONTROL_MANAGEDIT			LDAP_CONTROL_RELAX
Kurt Zeilenga's avatar
cleanup    
Kurt Zeilenga committed
314
315
#define LDAP_CONTROL_SLURP				"1.3.6.1.4.1.4203.666.5.13"
#define LDAP_CONTROL_VALSORT			"1.3.6.1.4.1.4203.666.5.14"
316
317
#define	LDAP_CONTROL_X_DEREF			"1.3.6.1.4.1.4203.666.5.16"
#define	LDAP_CONTROL_X_WHATFAILED		"1.3.6.1.4.1.4203.666.5.17"
Kurt Zeilenga's avatar
cleanup    
Kurt Zeilenga committed
318

319
320
/* LDAP Chaining Behavior Control *//* work in progress */
/* <draft-sermersheim-ldap-chaining>;
321
 * see also LDAP_NO_REFERRALS_FOUND, LDAP_CANNOT_CHAIN */
322
323
324
325
326
327
328
#define LDAP_CONTROL_X_CHAINING_BEHAVIOR	"1.3.6.1.4.1.4203.666.11.3"

#define	LDAP_CHAINING_PREFERRED				0
#define	LDAP_CHAINING_REQUIRED				1
#define LDAP_REFERRALS_PREFERRED			2
#define LDAP_REFERRALS_REQUIRED				3

Kurt Zeilenga's avatar
Kurt Zeilenga committed
329
/* MS Active Directory controls (for compatibility) */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
330
#define LDAP_CONTROL_X_INCREMENTAL_VALUES	"1.2.840.113556.1.4.802"
Kurt Zeilenga's avatar
Kurt Zeilenga committed
331
332
#define LDAP_CONTROL_X_DOMAIN_SCOPE			"1.2.840.113556.1.4.1339"
#define LDAP_CONTROL_X_PERMISSIVE_MODIFY	"1.2.840.113556.1.4.1413"
Kurt Zeilenga's avatar
Kurt Zeilenga committed
333
#define LDAP_CONTROL_X_SEARCH_OPTIONS		"1.2.840.113556.1.4.1340"
Kurt Zeilenga's avatar
Kurt Zeilenga committed
334
335
#define LDAP_SEARCH_FLAG_DOMAIN_SCOPE 1 /* do not generate referrals */
#define LDAP_SEARCH_FLAG_PHANTOM_ROOT 2 /* search all subordinate NCs */
336
#define LDAP_CONTROL_X_TREE_DELETE		"1.2.840.113556.1.4.805"
Kurt Zeilenga's avatar
Kurt Zeilenga committed
337
338

/* MS Active Directory controls - not implemented in slapd(8) */
Luke Howard's avatar
Luke Howard committed
339
#define LDAP_CONTROL_X_EXTENDED_DN		"1.2.840.113556.1.4.529"
Kurt Zeilenga's avatar
Kurt Zeilenga committed
340

341
342
343
344
345
346
347
348
/* <draft-wahl-ldap-session> */
#define LDAP_CONTROL_X_SESSION_TRACKING		"1.3.6.1.4.1.21008.108.63.1"
#define LDAP_CONTROL_X_SESSION_TRACKING_RADIUS_ACCT_SESSION_ID \
						LDAP_CONTROL_X_SESSION_TRACKING ".1"
#define LDAP_CONTROL_X_SESSION_TRACKING_RADIUS_ACCT_MULTI_SESSION_ID \
						LDAP_CONTROL_X_SESSION_TRACKING ".2"
#define LDAP_CONTROL_X_SESSION_TRACKING_USERNAME \
						LDAP_CONTROL_X_SESSION_TRACKING ".3"
349
/* various expired works */
350

351
352
353
354
355
356
357
358
359
/* LDAP Duplicated Entry Control Extension *//* not implemented in slapd(8) */
#define LDAP_CONTROL_DUPENT_REQUEST		"2.16.840.1.113719.1.27.101.1"
#define LDAP_CONTROL_DUPENT_RESPONSE	"2.16.840.1.113719.1.27.101.2"
#define LDAP_CONTROL_DUPENT_ENTRY		"2.16.840.1.113719.1.27.101.3"
#define LDAP_CONTROL_DUPENT	LDAP_CONTROL_DUPENT_REQUEST

/* LDAP Persistent Search Control *//* not implemented in slapd(8) */
#define LDAP_CONTROL_PERSIST_REQUEST				"2.16.840.1.113730.3.4.3"
#define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_NOTICE	"2.16.840.1.113730.3.4.7"
360
361
362
363
#define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_ADD		0x1
#define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_DELETE	0x2
#define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_MODIFY	0x4
#define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_RENAME	0x8
364

Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
365
/* LDAP VLV */
366
367
368
#define LDAP_CONTROL_VLVREQUEST    	"2.16.840.1.113730.3.4.9"
#define LDAP_CONTROL_VLVRESPONSE    "2.16.840.1.113730.3.4.10"

369
/* Netscape Password policy response controls */
370
/* <draft-vchu-ldap-pwd-policy> */
371
372
373
#define LDAP_CONTROL_X_PASSWORD_EXPIRED		"2.16.840.1.113730.3.4.4"
#define LDAP_CONTROL_X_PASSWORD_EXPIRING	"2.16.840.1.113730.3.4.5"

374
/* LDAP Unsolicited Notifications */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
375
#define	LDAP_NOTICE_OF_DISCONNECTION	"1.3.6.1.4.1.1466.20036" /* RFC 4511 */
376
#define LDAP_NOTICE_DISCONNECT LDAP_NOTICE_OF_DISCONNECTION
Kurt Zeilenga's avatar
ldap.h:    
Kurt Zeilenga committed
377

378
/* LDAP Extended Operations */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
379
#define LDAP_EXOP_START_TLS		"1.3.6.1.4.1.1466.20037"	/* RFC 4511 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
380

Kurt Zeilenga's avatar
Kurt Zeilenga committed
381
#define LDAP_EXOP_MODIFY_PASSWD	"1.3.6.1.4.1.4203.1.11.1"	/* RFC 3062 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
382
383
384
385
#define LDAP_TAG_EXOP_MODIFY_PASSWD_ID	((ber_tag_t) 0x80U)
#define LDAP_TAG_EXOP_MODIFY_PASSWD_OLD	((ber_tag_t) 0x81U)
#define LDAP_TAG_EXOP_MODIFY_PASSWD_NEW	((ber_tag_t) 0x82U)
#define LDAP_TAG_EXOP_MODIFY_PASSWD_GEN	((ber_tag_t) 0x80U)
Kurt Zeilenga's avatar
ldap.h:    
Kurt Zeilenga committed
386

Kurt Zeilenga's avatar
Kurt Zeilenga committed
387
#define LDAP_EXOP_CANCEL		"1.3.6.1.1.8"					/* RFC 3909 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
388
389
#define LDAP_EXOP_X_CANCEL		LDAP_EXOP_CANCEL

390
391
392
#define	LDAP_EXOP_REFRESH		"1.3.6.1.4.1.1466.101.119.1"	/* RFC 2589 */
#define	LDAP_TAG_EXOP_REFRESH_REQ_DN	((ber_tag_t) 0x80U)
#define	LDAP_TAG_EXOP_REFRESH_REQ_TTL	((ber_tag_t) 0x81U)
393
#define	LDAP_TAG_EXOP_REFRESH_RES_TTL	((ber_tag_t) 0x81U)
394

Kurt Zeilenga's avatar
Kurt Zeilenga committed
395
#define LDAP_EXOP_WHO_AM_I		"1.3.6.1.4.1.4203.1.11.3"		/* RFC 4532 */
396
397
#define LDAP_EXOP_X_WHO_AM_I	LDAP_EXOP_WHO_AM_I

Kurt Zeilenga's avatar
Kurt Zeilenga committed
398
/* various works in progress */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
399
400
#define LDAP_EXOP_TURN		"1.3.6.1.1.19"				/* RFC 4531 */
#define LDAP_EXOP_X_TURN	LDAP_EXOP_TURN
401

402
403
/* LDAP Distributed Procedures <draft-sermersheim-ldap-distproc> */
/* a work in progress */
404
#define LDAP_X_DISTPROC_BASE		"1.3.6.1.4.1.4203.666.11.6"
405
406
407
408
409
410
411
412
413
414
415
416
417
#define LDAP_EXOP_X_CHAINEDREQUEST	LDAP_X_DISTPROC_BASE ".1"
#define LDAP_FEATURE_X_CANCHAINOPS	LDAP_X_DISTPROC_BASE ".2"
#define LDAP_CONTROL_X_RETURNCONTREF	LDAP_X_DISTPROC_BASE ".3"
#define LDAP_URLEXT_X_LOCALREFOID	LDAP_X_DISTPROC_BASE ".4"
#define LDAP_URLEXT_X_REFTYPEOID	LDAP_X_DISTPROC_BASE ".5"
#define LDAP_URLEXT_X_SEARCHEDSUBTREEOID \
					LDAP_X_DISTPROC_BASE ".6"
#define LDAP_URLEXT_X_FAILEDNAMEOID	LDAP_X_DISTPROC_BASE ".7"
#define LDAP_URLEXT_X_LOCALREF		"x-localReference"
#define LDAP_URLEXT_X_REFTYPE		"x-referenceType"
#define LDAP_URLEXT_X_SEARCHEDSUBTREE	"x-searchedSubtree"
#define LDAP_URLEXT_X_FAILEDNAME	"x-failedName"

418
#ifdef LDAP_DEVEL
Kurt Zeilenga's avatar
Kurt Zeilenga committed
419
#define LDAP_X_TXN						"1.3.6.1.4.1.4203.666.11.7" /* tmp */
420
421
422
423
424
425
#define LDAP_EXOP_X_TXN_START			LDAP_X_TXN ".1"
#define LDAP_CONTROL_X_TXN_SPEC			LDAP_X_TXN ".2"
#define LDAP_EXOP_X_TXN_END				LDAP_X_TXN ".3"
#define LDAP_EXOP_X_TXN_ABORTED_NOTICE	LDAP_X_TXN ".4"
#endif

Kurt Zeilenga's avatar
Kurt Zeilenga committed
426
/* LDAP Features */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
427
#define LDAP_FEATURE_ALL_OP_ATTRS	"1.3.6.1.4.1.4203.1.5.1"	/* RFC 3673 */
428
429
#define LDAP_FEATURE_OBJECTCLASS_ATTRS \
	"1.3.6.1.4.1.4203.1.5.2" /*  @objectClass - new number to be assigned */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
430
431
432
#define LDAP_FEATURE_ABSOLUTE_FILTERS "1.3.6.1.4.1.4203.1.5.3"  /* (&) (|) */
#define LDAP_FEATURE_LANGUAGE_TAG_OPTIONS "1.3.6.1.4.1.4203.1.5.4"
#define LDAP_FEATURE_LANGUAGE_RANGE_OPTIONS "1.3.6.1.4.1.4203.1.5.5"
Kurt Zeilenga's avatar
Kurt Zeilenga committed
433
#define LDAP_FEATURE_MODIFY_INCREMENT "1.3.6.1.1.14"
Kurt Zeilenga's avatar
Kurt Zeilenga committed
434

Kurt Zeilenga's avatar
Kurt Zeilenga committed
435
/* LDAP Experimental (works in progress) Features */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
436
437
438
#define LDAP_FEATURE_SUBORDINATE_SCOPE \
	"1.3.6.1.4.1.4203.666.8.1" /* "children" */
#define LDAP_FEATURE_CHILDREN_SCOPE LDAP_FEATURE_SUBORDINATE_SCOPE
Kurt Zeilenga's avatar
Kurt Zeilenga committed
439

440
/*
Kurt Zeilenga's avatar
Kurt Zeilenga committed
441
442
443
 * specific LDAP instantiations of BER types we know about
 */

Kurt Zeilenga's avatar
Kurt Zeilenga committed
444
445
446
447
448
449
450
451
452
/* Overview of LBER tag construction
 *
 *	Bits
 *	______
 *	8 7 | CLASS
 *	0 0 = UNIVERSAL
 *	0 1 = APPLICATION
 *	1 0 = CONTEXT-SPECIFIC
 *	1 1 = PRIVATE
453
 *		_____
Kurt Zeilenga's avatar
Kurt Zeilenga committed
454
455
456
457
458
 *		| 6 | DATA-TYPE
 *		  0 = PRIMITIVE
 *		  1 = CONSTRUCTED
 *			___________
 *			| 5 ... 1 | TAG-NUMBER
459
 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
460
461

/* general stuff */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
462
463
#define LDAP_TAG_MESSAGE	((ber_tag_t) 0x30U)	/* constructed + 16 */
#define LDAP_TAG_MSGID		((ber_tag_t) 0x02U)	/* integer */
464

Kurt Zeilenga's avatar
Kurt Zeilenga committed
465
466
#define LDAP_TAG_LDAPDN		((ber_tag_t) 0x04U)	/* octet string */
#define LDAP_TAG_LDAPCRED	((ber_tag_t) 0x04U)	/* octet string */
467

Kurt Zeilenga's avatar
Kurt Zeilenga committed
468
469
#define LDAP_TAG_CONTROLS	((ber_tag_t) 0xa0U)	/* context specific + constructed + 0 */
#define LDAP_TAG_REFERRAL	((ber_tag_t) 0xa3U)	/* context specific + constructed + 3 */
470

Kurt Zeilenga's avatar
Kurt Zeilenga committed
471
#define LDAP_TAG_NEWSUPERIOR	((ber_tag_t) 0x80U)	/* context-specific + primitive + 0 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
472

Kurt Zeilenga's avatar
Kurt Zeilenga committed
473
474
475
476
#define LDAP_TAG_EXOP_REQ_OID   ((ber_tag_t) 0x80U)	/* context specific + primitive */
#define LDAP_TAG_EXOP_REQ_VALUE ((ber_tag_t) 0x81U)	/* context specific + primitive */
#define LDAP_TAG_EXOP_RES_OID   ((ber_tag_t) 0x8aU)	/* context specific + primitive */
#define LDAP_TAG_EXOP_RES_VALUE ((ber_tag_t) 0x8bU)	/* context specific + primitive */
477

478
479
480
#define LDAP_TAG_IM_RES_OID   ((ber_tag_t) 0x80U)	/* context specific + primitive */
#define LDAP_TAG_IM_RES_VALUE ((ber_tag_t) 0x81U)	/* context specific + primitive */

Kurt Zeilenga's avatar
Kurt Zeilenga committed
481
#define LDAP_TAG_SASL_RES_CREDS	((ber_tag_t) 0x87U)	/* context specific + primitive */
482

Kurt Zeilenga's avatar
Kurt Zeilenga committed
483
/* LDAP Request Messages */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
484
485
486
487
488
489
490
491
492
493
494
495
#define LDAP_REQ_BIND		((ber_tag_t) 0x60U)	/* application + constructed */
#define LDAP_REQ_UNBIND		((ber_tag_t) 0x42U)	/* application + primitive   */
#define LDAP_REQ_SEARCH		((ber_tag_t) 0x63U)	/* application + constructed */
#define LDAP_REQ_MODIFY		((ber_tag_t) 0x66U)	/* application + constructed */
#define LDAP_REQ_ADD		((ber_tag_t) 0x68U)	/* application + constructed */
#define LDAP_REQ_DELETE		((ber_tag_t) 0x4aU)	/* application + primitive   */
#define LDAP_REQ_MODDN		((ber_tag_t) 0x6cU)	/* application + constructed */
#define LDAP_REQ_MODRDN		LDAP_REQ_MODDN
#define LDAP_REQ_RENAME		LDAP_REQ_MODDN
#define LDAP_REQ_COMPARE	((ber_tag_t) 0x6eU)	/* application + constructed */
#define LDAP_REQ_ABANDON	((ber_tag_t) 0x50U)	/* application + primitive   */
#define LDAP_REQ_EXTENDED	((ber_tag_t) 0x77U)	/* application + constructed */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
496

Kurt Zeilenga's avatar
Kurt Zeilenga committed
497
/* LDAP Response Messages */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
498
499
#define LDAP_RES_BIND		((ber_tag_t) 0x61U)	/* application + constructed */
#define LDAP_RES_SEARCH_ENTRY	((ber_tag_t) 0x64U)	/* application + constructed */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
500
#define LDAP_RES_SEARCH_REFERENCE	((ber_tag_t) 0x73U)	/* V3: application + constructed */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
501
502
503
504
505
506
507
508
509
#define LDAP_RES_SEARCH_RESULT	((ber_tag_t) 0x65U)	/* application + constructed */
#define LDAP_RES_MODIFY		((ber_tag_t) 0x67U)	/* application + constructed */
#define LDAP_RES_ADD		((ber_tag_t) 0x69U)	/* application + constructed */
#define LDAP_RES_DELETE		((ber_tag_t) 0x6bU)	/* application + constructed */
#define LDAP_RES_MODDN		((ber_tag_t) 0x6dU)	/* application + constructed */
#define LDAP_RES_MODRDN		LDAP_RES_MODDN	/* application + constructed */
#define LDAP_RES_RENAME		LDAP_RES_MODDN	/* application + constructed */
#define LDAP_RES_COMPARE	((ber_tag_t) 0x6fU)	/* application + constructed */
#define LDAP_RES_EXTENDED	((ber_tag_t) 0x78U)	/* V3: application + constructed */
510
#define LDAP_RES_INTERMEDIATE	((ber_tag_t) 0x79U) /* V3+: application + constructed */
511

512
513
#define LDAP_RES_ANY			(-1)
#define LDAP_RES_UNSOLICITED	(0)
Kurt Zeilenga's avatar
Kurt Zeilenga committed
514
515


516
/* sasl methods */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
517
518
#define LDAP_SASL_SIMPLE	((char*)0)
#define LDAP_SASL_NULL		("")
519

520

Kurt Zeilenga's avatar
Kurt Zeilenga committed
521
/* authentication methods available */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
522
523
524
525
526
527
#define LDAP_AUTH_NONE   ((ber_tag_t) 0x00U) /* no authentication */
#define LDAP_AUTH_SIMPLE ((ber_tag_t) 0x80U) /* context specific + primitive */
#define LDAP_AUTH_SASL   ((ber_tag_t) 0xa3U) /* context specific + constructed */
#define LDAP_AUTH_KRBV4  ((ber_tag_t) 0xffU) /* means do both of the following */
#define LDAP_AUTH_KRBV41 ((ber_tag_t) 0x81U) /* context specific + primitive */
#define LDAP_AUTH_KRBV42 ((ber_tag_t) 0x82U) /* context specific + primitive */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
528

Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
529
530
/* used by the Windows API but not used on the wire */
#define LDAP_AUTH_NEGOTIATE ((ber_tag_t) 0x04FFU)
Kurt Zeilenga's avatar
Kurt Zeilenga committed
531
532

/* filter types */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
533
534
535
#define LDAP_FILTER_AND	((ber_tag_t) 0xa0U)	/* context specific + constructed */
#define LDAP_FILTER_OR	((ber_tag_t) 0xa1U)	/* context specific + constructed */
#define LDAP_FILTER_NOT	((ber_tag_t) 0xa2U)	/* context specific + constructed */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
536
537
538
539
540
541
#define LDAP_FILTER_EQUALITY ((ber_tag_t) 0xa3U) /* context specific + constructed */
#define LDAP_FILTER_SUBSTRINGS ((ber_tag_t) 0xa4U) /* context specific + constructed */
#define LDAP_FILTER_GE ((ber_tag_t) 0xa5U) /* context specific + constructed */
#define LDAP_FILTER_LE ((ber_tag_t) 0xa6U) /* context specific + constructed */
#define LDAP_FILTER_PRESENT ((ber_tag_t) 0x87U) /* context specific + primitive   */
#define LDAP_FILTER_APPROX ((ber_tag_t) 0xa8U)	/* context specific + constructed */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
542
#define LDAP_FILTER_EXT	((ber_tag_t) 0xa9U)	/* context specific + constructed */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
543

Kurt Zeilenga's avatar
Kurt Zeilenga committed
544
/* extended filter component types */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
545
#define LDAP_FILTER_EXT_OID		((ber_tag_t) 0x81U)	/* context specific */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
546
547
548
#define LDAP_FILTER_EXT_TYPE	((ber_tag_t) 0x82U)	/* context specific */
#define LDAP_FILTER_EXT_VALUE	((ber_tag_t) 0x83U)	/* context specific */
#define LDAP_FILTER_EXT_DNATTRS	((ber_tag_t) 0x84U)	/* context specific */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
549

Kurt Zeilenga's avatar
Kurt Zeilenga committed
550
/* substring filter component types */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
551
#define LDAP_SUBSTRING_INITIAL	((ber_tag_t) 0x80U)	/* context specific */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
552
#define LDAP_SUBSTRING_ANY		((ber_tag_t) 0x81U)	/* context specific */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
553
#define LDAP_SUBSTRING_FINAL	((ber_tag_t) 0x82U)	/* context specific */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
554
555

/* search scopes */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
556
557
558
559
560
561
562
563
#define LDAP_SCOPE_BASE			((ber_int_t) 0x0000)
#define LDAP_SCOPE_BASEOBJECT	LDAP_SCOPE_BASE
#define LDAP_SCOPE_ONELEVEL		((ber_int_t) 0x0001)
#define LDAP_SCOPE_ONE			LDAP_SCOPE_ONELEVEL
#define LDAP_SCOPE_SUBTREE		((ber_int_t) 0x0002)
#define LDAP_SCOPE_SUB			LDAP_SCOPE_SUBTREE
#define LDAP_SCOPE_SUBORDINATE	((ber_int_t) 0x0003) /* OpenLDAP extension */
#define LDAP_SCOPE_CHILDREN		LDAP_SCOPE_SUBORDINATE
564
#define LDAP_SCOPE_DEFAULT		((ber_int_t) -1)	 /* OpenLDAP extension */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
565

566
567
/* substring filter component types */
#define LDAP_SUBSTRING_INITIAL	((ber_tag_t) 0x80U)	/* context specific */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
568
#define LDAP_SUBSTRING_ANY		((ber_tag_t) 0x81U)	/* context specific */
569
#define LDAP_SUBSTRING_FINAL	((ber_tag_t) 0x82U)	/* context specific */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
570

571
/*
Kurt Zeilenga's avatar
Kurt Zeilenga committed
572
 * LDAP Result Codes
Kurt Zeilenga's avatar
Kurt Zeilenga committed
573
 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
574
#define LDAP_SUCCESS				0x00
Kurt Zeilenga's avatar
Kurt Zeilenga committed
575

Kurt Zeilenga's avatar
Kurt Zeilenga committed
576
#define LDAP_RANGE(n,x,y)	(((x) <= (n)) && ((n) <= (y)))
577

Kurt Zeilenga's avatar
Kurt Zeilenga committed
578
#define LDAP_OPERATIONS_ERROR		0x01
Kurt Zeilenga's avatar
Kurt Zeilenga committed
579
#define LDAP_PROTOCOL_ERROR			0x02
Kurt Zeilenga's avatar
Kurt Zeilenga committed
580
581
#define LDAP_TIMELIMIT_EXCEEDED		0x03
#define LDAP_SIZELIMIT_EXCEEDED		0x04
Kurt Zeilenga's avatar
Kurt Zeilenga committed
582
583
#define LDAP_COMPARE_FALSE			0x05
#define LDAP_COMPARE_TRUE			0x06
584
585
#define LDAP_AUTH_METHOD_NOT_SUPPORTED	0x07
#define LDAP_STRONG_AUTH_NOT_SUPPORTED	LDAP_AUTH_METHOD_NOT_SUPPORTED
Kurt Zeilenga's avatar
Kurt Zeilenga committed
586
#define LDAP_STRONG_AUTH_REQUIRED	0x08
587
#define LDAP_STRONGER_AUTH_REQUIRED	LDAP_STRONG_AUTH_REQUIRED
Kurt Zeilenga's avatar
Kurt Zeilenga committed
588
#define LDAP_PARTIAL_RESULTS		0x09	/* LDAPv2+ (not LDAPv3) */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
589
590

#define	LDAP_REFERRAL				0x0a /* LDAPv3 */
591
#define LDAP_ADMINLIMIT_EXCEEDED	0x0b /* LDAPv3 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
592
#define	LDAP_UNAVAILABLE_CRITICAL_EXTENSION	0x0c /* LDAPv3 */
593
#define LDAP_CONFIDENTIALITY_REQUIRED	0x0d /* LDAPv3 */
594
#define	LDAP_SASL_BIND_IN_PROGRESS	0x0e /* LDAPv3 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
595

596
597
#define LDAP_ATTR_ERROR(n)	LDAP_RANGE((n),0x10,0x15) /* 16-21 */

Kurt Zeilenga's avatar
Kurt Zeilenga committed
598
#define LDAP_NO_SUCH_ATTRIBUTE		0x10
Kurt Zeilenga's avatar
Kurt Zeilenga committed
599
#define LDAP_UNDEFINED_TYPE			0x11
Kurt Zeilenga's avatar
Kurt Zeilenga committed
600
601
602
#define LDAP_INAPPROPRIATE_MATCHING	0x12
#define LDAP_CONSTRAINT_VIOLATION	0x13
#define LDAP_TYPE_OR_VALUE_EXISTS	0x14
Kurt Zeilenga's avatar
Kurt Zeilenga committed
603
#define LDAP_INVALID_SYNTAX			0x15
Kurt Zeilenga's avatar
Kurt Zeilenga committed
604

605
606
#define LDAP_NAME_ERROR(n)	LDAP_RANGE((n),0x20,0x24) /* 32-34,36 */

Kurt Zeilenga's avatar
Kurt Zeilenga committed
607
608
#define LDAP_NO_SUCH_OBJECT			0x20
#define LDAP_ALIAS_PROBLEM			0x21
Kurt Zeilenga's avatar
Kurt Zeilenga committed
609
#define LDAP_INVALID_DN_SYNTAX		0x22
Kurt Zeilenga's avatar
Kurt Zeilenga committed
610
#define LDAP_IS_LEAF				0x23 /* not LDAPv3 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
611
612
#define LDAP_ALIAS_DEREF_PROBLEM	0x24

613
#define LDAP_SECURITY_ERROR(n)	LDAP_RANGE((n),0x2F,0x32) /* 47-50 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
614

615
#define LDAP_X_PROXY_AUTHZ_FAILURE	0x2F /* LDAPv3 proxy authorization */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
616
617
618
#define LDAP_INAPPROPRIATE_AUTH		0x30
#define LDAP_INVALID_CREDENTIALS	0x31
#define LDAP_INSUFFICIENT_ACCESS	0x32
619
620
621

#define LDAP_SERVICE_ERROR(n)	LDAP_RANGE((n),0x33,0x36) /* 51-54 */

Kurt Zeilenga's avatar
Kurt Zeilenga committed
622
623
#define LDAP_BUSY					0x33
#define LDAP_UNAVAILABLE			0x34
Kurt Zeilenga's avatar
Kurt Zeilenga committed
624
#define LDAP_UNWILLING_TO_PERFORM	0x35
Kurt Zeilenga's avatar
Kurt Zeilenga committed
625
#define LDAP_LOOP_DETECT			0x36
Kurt Zeilenga's avatar
Kurt Zeilenga committed
626

627
628
#define LDAP_UPDATE_ERROR(n)	LDAP_RANGE((n),0x40,0x47) /* 64-69,71 */

Kurt Zeilenga's avatar
Kurt Zeilenga committed
629
630
631
632
#define LDAP_NAMING_VIOLATION		0x40
#define LDAP_OBJECT_CLASS_VIOLATION	0x41
#define LDAP_NOT_ALLOWED_ON_NONLEAF	0x42
#define LDAP_NOT_ALLOWED_ON_RDN		0x43
Kurt Zeilenga's avatar
Kurt Zeilenga committed
633
#define LDAP_ALREADY_EXISTS			0x44
Kurt Zeilenga's avatar
Kurt Zeilenga committed
634
#define LDAP_NO_OBJECT_CLASS_MODS	0x45
635
#define LDAP_RESULTS_TOO_LARGE		0x46 /* CLDAP */
636
#define LDAP_AFFECTS_MULTIPLE_DSAS	0x47
Kurt Zeilenga's avatar
Kurt Zeilenga committed
637

Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
638
639
#define LDAP_VLV_ERROR				0x4C

640
641
#define LDAP_OTHER					0x50

642
/* LCUP operation codes (113-117) - not implemented */
643
644
645
646
647
648
649
650
651
652
653
654
#define LDAP_CUP_RESOURCES_EXHAUSTED	0x71
#define LDAP_CUP_SECURITY_VIOLATION		0x72
#define LDAP_CUP_INVALID_DATA			0x73
#define LDAP_CUP_UNSUPPORTED_SCHEME		0x74
#define LDAP_CUP_RELOAD_REQUIRED		0x75

/* Cancel operation codes (118-121) */
#define LDAP_CANCELLED				0x76
#define LDAP_NO_SUCH_OPERATION		0x77
#define LDAP_TOO_LATE				0x78
#define LDAP_CANNOT_CANCEL			0x79

655
656
657
/* Assertion control (122) */ 
#define LDAP_ASSERTION_FAILED		0x7A

658
659
/* Proxied Authorization Denied (123) */ 
#define LDAP_PROXIED_AUTHORIZATION_DENIED		0x7B
660

661
/* Experimental result codes */
662
#define LDAP_E_ERROR(n)	LDAP_RANGE((n),0x1000,0x3FFF)
Kurt Zeilenga's avatar
Kurt Zeilenga committed
663

664
665
/* LDAP Sync (4096) */
#define LDAP_SYNC_REFRESH_REQUIRED		0x1000
666

667

668
669
670
671
672
673
674
675
/* Private Use result codes */
#define LDAP_X_ERROR(n)	LDAP_RANGE((n),0x4000,0xFFFF)

#define LDAP_X_SYNC_REFRESH_REQUIRED	0x4100 /* defunct */
#define LDAP_X_ASSERTION_FAILED			0x410f /* defunct */

/* for the LDAP No-Op control */
#define LDAP_X_NO_OPERATION				0x410e
676

677
678
679
/* for the Chaining Behavior control (consecutive result codes requested;
 * see <draft-sermersheim-ldap-chaining> ) */
#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
680
#define	LDAP_X_NO_REFERRALS_FOUND		0x4110
681
#define LDAP_X_CANNOT_CHAIN			0x4111
682
683
#endif

684
685
686
687
/* for Distributed Procedures (see <draft-sermersheim-ldap-distproc>) */
#ifdef LDAP_X_DISTPROC_BASE
#define LDAP_X_INVALIDREFERENCE			0x4112
#endif
688

Kurt Zeilenga's avatar
Kurt Zeilenga committed
689
690
691
692
#ifdef LDAP_X_TXN
#define LDAP_X_TXN_SPECIFY_OKAY		0x4120
#define LDAP_X_TXN_ID_INVALID		0x4121
#endif
693

694
695
696
/* API Error Codes
 *
 * Based on draft-ietf-ldap-c-api-xx
Kurt Zeilenga's avatar
Kurt Zeilenga committed
697
 * but with new negative code values
698
 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
699
700
701
#define LDAP_API_ERROR(n)		((n)<0)
#define LDAP_API_RESULT(n)		((n)<=0)

Kurt Zeilenga's avatar
Kurt Zeilenga committed
702
703
704
705
706
707
708
709
710
711
#define LDAP_SERVER_DOWN				(-1)
#define LDAP_LOCAL_ERROR				(-2)
#define LDAP_ENCODING_ERROR				(-3)
#define LDAP_DECODING_ERROR				(-4)
#define LDAP_TIMEOUT					(-5)
#define LDAP_AUTH_UNKNOWN				(-6)
#define LDAP_FILTER_ERROR				(-7)
#define LDAP_USER_CANCELLED				(-8)
#define LDAP_PARAM_ERROR				(-9)
#define LDAP_NO_MEMORY					(-10)
712
713
714
715
#define LDAP_CONNECT_ERROR				(-11)
#define LDAP_NOT_SUPPORTED				(-12)
#define LDAP_CONTROL_NOT_FOUND			(-13)
#define LDAP_NO_RESULTS_RETURNED		(-14)
716
#define LDAP_MORE_RESULTS_TO_RETURN		(-15)	/* Obsolete */
717
718
#define LDAP_CLIENT_LOOP				(-16)
#define LDAP_REFERRAL_LIMIT_EXCEEDED	(-17)
719
#define	LDAP_X_CONNECTING			(-18)
720

721

Kurt Zeilenga's avatar
Kurt Zeilenga committed
722
723
724
725
726
727
/*
 * This structure represents both ldap messages and ldap responses.
 * These are really the same, except in the case of search responses,
 * where a response has multiple messages.
 */

728
typedef struct ldapmsg LDAPMessage;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
729

730
731
732
733
/* for modifications */
typedef struct ldapmod {
	int		mod_op;

734
#define LDAP_MOD_OP			(0x0007)
Kurt Zeilenga's avatar
Kurt Zeilenga committed
735
736
737
#define LDAP_MOD_ADD		(0x0000)
#define LDAP_MOD_DELETE		(0x0001)
#define LDAP_MOD_REPLACE	(0x0002)
Kurt Zeilenga's avatar
Kurt Zeilenga committed
738
#define LDAP_MOD_INCREMENT	(0x0003) /* OpenLDAP extension */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
739
#define LDAP_MOD_BVALUES	(0x0080)
740
741
742
743
744
745
746
747
748
749
750
751
752
753
/* IMPORTANT: do not use code 0x1000 (or above),
 * it is used internally by the backends!
 * (see ldap/servers/slapd/slap.h)
 */

	char		*mod_type;
	union mod_vals_u {
		char		**modv_strvals;
		struct berval	**modv_bvals;
	} mod_vals;
#define mod_values	mod_vals.modv_strvals
#define mod_bvalues	mod_vals.modv_bvals
} LDAPMod;

Kurt Zeilenga's avatar
Kurt Zeilenga committed
754
/*
Kurt Zeilenga's avatar
Kurt Zeilenga committed
755
756
757
 * structure representing an ldap session which can
 * encompass connections to multiple servers (in the
 * face of referrals).
Kurt Zeilenga's avatar
Kurt Zeilenga committed
758
 */
759
typedef struct ldap LDAP;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
760

Kurt Zeilenga's avatar
Kurt Zeilenga committed
761
#define LDAP_DEREF_NEVER		0x00
762
#define LDAP_DEREF_SEARCHING	0x01
Kurt Zeilenga's avatar
Kurt Zeilenga committed
763
764
#define LDAP_DEREF_FINDING		0x02
#define LDAP_DEREF_ALWAYS		0x03
Kurt Zeilenga's avatar
Kurt Zeilenga committed
765

Kurt Zeilenga's avatar
Kurt Zeilenga committed
766
#define LDAP_NO_LIMIT			0
Kurt Zeilenga's avatar
Kurt Zeilenga committed
767

Kurt Zeilenga's avatar
Kurt Zeilenga committed
768
/* how many messages to retrieve results for */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
769
770
771
#define LDAP_MSG_ONE			0x00
#define LDAP_MSG_ALL			0x01
#define LDAP_MSG_RECEIVED		0x02
Kurt Zeilenga's avatar
Kurt Zeilenga committed
772
773
774
775
776

/*
 * types for ldap URL handling
 */
typedef struct ldap_url_desc {
Kurt Zeilenga's avatar
Kurt Zeilenga committed
777
778
779
780
781
782
783
784
785
	struct ldap_url_desc *lud_next;
	char	*lud_scheme;
	char	*lud_host;
	int		lud_port;
	char	*lud_dn;
	char	**lud_attrs;
	int		lud_scope;
	char	*lud_filter;
	char	**lud_exts;
786
	int		lud_crit_exts;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
787
788
} LDAPURLDesc;

Kurt Zeilenga's avatar
Kurt Zeilenga committed
789
790
791
792
#define LDAP_URL_SUCCESS		0x00	/* Success */
#define LDAP_URL_ERR_MEM		0x01	/* can't allocate memory space */
#define LDAP_URL_ERR_PARAM		0x02	/* parameter is bad */

793
#define LDAP_URL_ERR_BADSCHEME	0x03	/* URL doesn't begin with "ldap[si]://" */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
794
795
796
797
798
799
800
#define LDAP_URL_ERR_BADENCLOSURE 0x04	/* URL is missing trailing ">" */
#define LDAP_URL_ERR_BADURL		0x05	/* URL is bad */
#define LDAP_URL_ERR_BADHOST	0x06	/* host port is bad */
#define LDAP_URL_ERR_BADATTRS	0x07	/* bad (or missing) attributes */
#define LDAP_URL_ERR_BADSCOPE	0x08	/* scope string is invalid (or missing) */
#define LDAP_URL_ERR_BADFILTER	0x09	/* bad or missing filter */
#define LDAP_URL_ERR_BADEXTS	0x0a	/* bad or missing extensions */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
801

802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
/*
 * LDAP sync (RFC4533) API
 */

typedef struct ldap_sync_t ldap_sync_t;

typedef enum {
	/* these are private - the client should never see them */
	LDAP_SYNC_CAPI_NONE		= -1,

	LDAP_SYNC_CAPI_PHASE_FLAG	= 0x10U,
	LDAP_SYNC_CAPI_IDSET_FLAG	= 0x20U,
	LDAP_SYNC_CAPI_DONE_FLAG	= 0x40U,

	/* these are passed to ls_search_entry() */
	LDAP_SYNC_CAPI_PRESENT		= LDAP_SYNC_PRESENT,
	LDAP_SYNC_CAPI_ADD		= LDAP_SYNC_ADD,
	LDAP_SYNC_CAPI_MODIFY		= LDAP_SYNC_MODIFY,
	LDAP_SYNC_CAPI_DELETE		= LDAP_SYNC_DELETE,

	/* these are passed to ls_intermediate() */
	LDAP_SYNC_CAPI_PRESENTS		= ( LDAP_SYNC_CAPI_PHASE_FLAG | LDAP_SYNC_CAPI_PRESENT ),
	LDAP_SYNC_CAPI_DELETES		= ( LDAP_SYNC_CAPI_PHASE_FLAG | LDAP_SYNC_CAPI_DELETE ),

	LDAP_SYNC_CAPI_PRESENTS_IDSET	= ( LDAP_SYNC_CAPI_PRESENTS | LDAP_SYNC_CAPI_IDSET_FLAG ),
	LDAP_SYNC_CAPI_DELETES_IDSET	= ( LDAP_SYNC_CAPI_DELETES | LDAP_SYNC_CAPI_IDSET_FLAG ),

	LDAP_SYNC_CAPI_DONE		= ( LDAP_SYNC_CAPI_DONE_FLAG | LDAP_SYNC_CAPI_PRESENTS )
} ldap_sync_refresh_t;

/*
 * Called when an entry is returned by ldap_result().
 * If phase is LDAP_SYNC_CAPI_ADD or LDAP_SYNC_CAPI_MODIFY,
 * the entry has been either added or modified, and thus
 * the complete view of the entry should be in the LDAPMessage.
 * If phase is LDAP_SYNC_CAPI_PRESENT or LDAP_SYNC_CAPI_DELETE,
 * only the DN should be in the LDAPMessage.
 */
typedef int (*ldap_sync_search_entry_f) LDAP_P((
	ldap_sync_t			*ls,
	LDAPMessage			*msg,
	struct berval			*entryUUID,
	ldap_sync_refresh_t		phase ));

/*
 * Called when a reference is returned; the client should know 
 * what to do with it.
 */
typedef int (*ldap_sync_search_reference_f) LDAP_P((
	ldap_sync_t			*ls,
	LDAPMessage			*msg ));

/*
 * Called when specific intermediate/final messages are returned.
 * If phase is LDAP_SYNC_CAPI_PRESENTS or LDAP_SYNC_CAPI_DELETES,
 * a "presents" or "deletes" phase begins.
 * If phase is LDAP_SYNC_CAPI_DONE, a special "presents" phase
 * with refreshDone set to "TRUE" has been returned, to indicate
 * that the refresh phase of a refreshAndPersist is complete.
 * In the above cases, syncUUIDs is NULL.
 *
 * If phase is LDAP_SYNC_CAPI_PRESENTS_IDSET or 
 * LDAP_SYNC_CAPI_DELETES_IDSET, syncUUIDs is an array of UUIDs
 * that are either present or have been deleted.
 */
typedef int (*ldap_sync_intermediate_f) LDAP_P((
	ldap_sync_t			*ls,
	LDAPMessage			*msg,
	BerVarray			syncUUIDs,
	ldap_sync_refresh_t		phase ));

/*
 * Called when a searchResultDone is returned.  In refreshAndPersist,
 * this can only occur if the search for any reason is being terminated
 * by the server.
 */
typedef int (*ldap_sync_search_result_f) LDAP_P((
	ldap_sync_t			*ls,
	LDAPMessage			*msg,
	int				refreshDeletes ));

/*
 * This structure contains all information about the persistent search;
 * the caller is responsible for connecting, setting version, binding, tls...
 */
struct ldap_sync_t {
	/* conf search params */
	char				*ls_base;
	int				ls_scope;
	char				*ls_filter;
	char				**ls_attrs;
	int				ls_timelimit;
	int				ls_sizelimit;

	/* poll timeout */
	int				ls_timeout;

	/* helpers - add as appropriate */
	ldap_sync_search_entry_f	ls_search_entry;
	ldap_sync_search_reference_f	ls_search_reference;
	ldap_sync_intermediate_f	ls_intermediate;
	ldap_sync_search_result_f	ls_search_result;

	/* set by the caller as appropriate */
	void				*ls_private;

	/* conn stuff */
	LDAP				*ls_ld;

	/* --- the parameters below are private - do not modify --- */

	/* FIXME: make the structure opaque, and provide an interface
	 * to modify the public values? */

	/* result stuff */
	int				ls_msgid;

	/* sync stuff */
	/* needed by refreshOnly */
	int				ls_reloadHint;

	/* opaque - need to pass between sessions, updated by the API */
	struct berval			ls_cookie;

	/* state variable - do not modify */
	ldap_sync_refresh_t		ls_refreshPhase;
};

/*
 * End of LDAP sync (RFC4533) API
 */

934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
/*
 * Connection callbacks...
 */
struct ldap_conncb;
struct sockaddr;

/* Called after a connection is established */
typedef int (ldap_conn_add_f) LDAP_P(( LDAP *ld, Sockbuf *sb, LDAPURLDesc *srv, struct sockaddr *addr,
	struct ldap_conncb *ctx ));
/* Called before a connection is closed */
typedef void (ldap_conn_del_f) LDAP_P(( LDAP *ld, Sockbuf *sb, struct ldap_conncb *ctx ));

/* Callbacks are pushed on a stack. Last one pushed is first one executed. The
 * delete callback is called with a NULL Sockbuf just before freeing the LDAP handle.
 */
typedef struct ldap_conncb {
	ldap_conn_add_f *lc_add;
	ldap_conn_del_f *lc_del;
	void *lc_arg;
} ldap_conncb;

Kurt Zeilenga's avatar
ldap.h:    
Kurt Zeilenga committed
955
956
/*
 * The API draft spec says we should declare (or cause to be declared)
957
 * 'struct timeval'.   We don't.  See IETF LDAPext discussions.
Kurt Zeilenga's avatar
ldap.h:    
Kurt Zeilenga committed
958
 */
959
struct timeval;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
960

961
962
963
/*
 * in options.c:
 */
964
LDAP_F( int )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
965
ldap_get_option LDAP_P((
966
	LDAP *ld,
Kurt Zeilenga's avatar
Kurt Zeilenga committed
967
968
969
	int option,
	void *outvalue));

970
LDAP_F( int )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
971
972
973
974
ldap_set_option LDAP_P((
	LDAP *ld,
	int option,
	LDAP_CONST void *invalue));
975

976
/* V3 REBIND Function Callback Prototype */
977
typedef int (LDAP_REBIND_PROC) LDAP_P((
Kurt Zeilenga's avatar
Kurt Zeilenga committed
978
979
	LDAP *ld, LDAP_CONST char *url,
	ber_tag_t request, ber_int_t msgid,
980
	void *params ));
981

982
LDAP_F( int )
983
984
ldap_set_rebind_proc LDAP_P((
	LDAP *ld,
Kurt Zeilenga's avatar
Kurt Zeilenga committed
985
	LDAP_REBIND_PROC *rebind_proc,
986
	void *params ));
987

988
989
990
991
992
993
994
995
996
997
998
/* V3 referral selection Function Callback Prototype */
typedef int (LDAP_NEXTREF_PROC) LDAP_P((
	LDAP *ld, char ***refsp, int *cntp,
	void *params ));

LDAP_F( int )
ldap_set_nextref_proc LDAP_P((
	LDAP *ld,
	LDAP_NEXTREF_PROC *nextref_proc,
	void *params ));

999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
/* V3 URLLIST Function Callback Prototype */
typedef int (LDAP_URLLIST_PROC) LDAP_P((
	LDAP *ld, 
	LDAPURLDesc **urllist,
	LDAPURLDesc **url,
	void *params ));

LDAP_F( int )
ldap_set_urllist_proc LDAP_P((
	LDAP *ld,
	LDAP_URLLIST_PROC *urllist_proc,
	void *params ));

1012
1013
1014
/*
 * in controls.c:
 */
1015
#if LDAP_DEPRECATED	
1016
LDAP_F( int )
1017
ldap_create_control LDAP_P((	/* deprecated, use ldap_control_create */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1018
	LDAP_CONST char *requestOID,
1019
	BerElement *ber,
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1020
1021
1022
	int iscritical,
	LDAPControl **ctrlp ));

1023
LDAP_F( LDAPControl * )
1024
ldap_find_control LDAP_P((	/* deprecated, use ldap_control_find */
1025
1026
	LDAP_CONST char *oid,
	LDAPControl **ctrls ));
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
#endif

LDAP_F( int )
ldap_control_create LDAP_P((
	LDAP_CONST char *requestOID,
	int iscritical,
	struct berval *value,
	int dupval,
	LDAPControl **ctrlp ));

LDAP_F( LDAPControl * )
ldap_control_find LDAP_P((
	LDAP_CONST char *oid,
	LDAPControl **ctrls,
	LDAPControl ***nextctrlp ));
1042

1043
LDAP_F( void )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1044
1045
1046
ldap_control_free LDAP_P((
	LDAPControl *ctrl ));

1047
LDAP_F( void )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1048
1049
ldap_controls_free LDAP_P((
	LDAPControl **ctrls ));
1050

1051
1052
1053
1054
1055
1056
1057
1058
LDAP_F( LDAPControl ** )
ldap_controls_dup LDAP_P((
	LDAPControl *LDAP_CONST *controls ));

LDAP_F( LDAPControl * )
ldap_control_dup LDAP_P((
	LDAP_CONST LDAPControl *c ));

Luke Howard's avatar
   
Luke Howard committed
1059
1060
1061
/*
 * in dnssrv.c:
 */
1062
LDAP_F( int )
1063
1064
1065
1066
ldap_domain2dn LDAP_P((
	LDAP_CONST char* domain,
	char** dn ));

1067
LDAP_F( int )
1068
1069
1070
1071
ldap_dn2domain LDAP_P((
	LDAP_CONST char* dn,
	char** domain ));

1072
LDAP_F( int )
1073
1074
1075
ldap_domain2hostlist LDAP_P((
	LDAP_CONST char *domain,
	char** hostlist ));
Luke Howard's avatar
   
Luke Howard committed
1076

1077
1078
1079
/*
 * in extended.c:
 */
1080
LDAP_F( int )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1081
ldap_extended_operation LDAP_P((
1082
	LDAP			*ld,
1083
1084
	LDAP_CONST char	*reqoid,
	struct berval	*reqdata,
1085
1086
1087
1088
	LDAPControl		**serverctrls,
	LDAPControl		**clientctrls,
	int				*msgidp ));

1089
LDAP_F( int )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1090
ldap_extended_operation_s LDAP_P((
1091
	LDAP			*ld,
1092
1093
	LDAP_CONST char	*reqoid,
	struct berval	*reqdata,
1094
1095
1096
1097
1098
	LDAPControl		**serverctrls,
	LDAPControl		**clientctrls,
	char			**retoidp,
	struct berval	**retdatap ));

1099
LDAP_F( int )
1100
1101
1102
1103
1104
1105
1106
ldap_parse_extended_result LDAP_P((
	LDAP			*ld,
	LDAPMessage		*res,
	char			**retoidp,
	struct berval	**retdatap,
	int				freeit ));

1107
LDAP_F( int )
1108
ldap_parse_intermediate LDAP_P((
1109
1110
1111
1112
1113
1114
1115
	LDAP			*ld,
	LDAPMessage		*res,
	char			**retoidp,
	struct berval	**retdatap,
	LDAPControl		***serverctrls,
	int				freeit ));

1116

Kurt Zeilenga's avatar
Kurt Zeilenga committed
1117
1118
1119
/*
 * in abandon.c:
 */
1120
LDAP_F( int )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1121
ldap_abandon_ext LDAP_P((
1122
1123
1124
1125
1126
	LDAP			*ld,
	int				msgid,
	LDAPControl		**serverctrls,
	LDAPControl		**clientctrls ));

1127
#if LDAP_DEPRECATED	
1128
LDAP_F( int )
1129
ldap_abandon LDAP_P((	/* deprecated, use ldap_abandon_ext */
1130
1131
	LDAP *ld,
	int msgid ));