Well help when we split assertion options out from the description.

routine.  Could be combined into one routine.
Modify slapd matching rule struct to only have match function.
Modify old attribute such that 'bin' implies octetString, not 'binary'.
Add compatibility for IA5 strings.  Only directoryStrings were handled
before.
Treat attribute types without syntax as incomplete, not default.
Add OctetStringValidate (always returns okay).
Add {UTF8,IA5}StringValidate/Normalize  (IA5 based loosely on
case_exact_normalize).  Need case{Exact,Ignore}UTFMatch, using IA5 versions
for now.
Removed default of syntax/mr handlders, should just skip
registration of syntax/mr's without handlers.
Added comments to slap.h about types versus descriptions.

s/case_ignore_compare/caseIgnoreIA5Match/
s/case_exact_normalize/caseExactIA5Normalize/
s/case_exact_compare/caseExactIA5Match/

to make room for UTF-8 and T.61 varients.

Add US ASCII optimizations macros.
#ifdef out unused routines
Ready to hack getdn.c and others to support UTF-8

We may likely want to expose the routines at a later date (ldap_utf8.h?).

ldap_utf8_strcspn, ldap_utf8_strtok.

code has been committed.
Add item to implement SASL/TLS to clients.
(This is not to imply that the code is complete)

Add creat* modify* attributes

In tls_verify_cb() use CRYPTO_free instead of free (necessary on NT due to
use of different heaps).
Changed update_flags to use SSL_get_error() to check success/status. This
fixes the problem of sb->sb_trans_needs_read getting set on dead sockets.

nondefault objectclass was given

(but mainly commiting because of the gserver switch)

under "auto" selection.  If not auto, just warn.
Rebuild configure using appropriate tools.

simple bind via:
	{KERBEROS}principal
Code is disabled by default (for security reasons).  Use
--enable-kpasswd to enable.  Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support.  Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.

Imported <ldap.h> in <ldap_pvt.h> so ldap_pvt_sasl_bind() has necessary
types. Changed const sasl_callback_t * to LDAP_CONST sasl_callback_t *.