Commit 076edefb authored by Randy Kunkee's avatar Randy Kunkee
Browse files

Update to latest version (see CHANGES file). Docs may not be totally

up to date.
parent 1ce2f091
Package version 1.2:
- Filter no longer a required controlArray member, defaults to objectclass=*.
- Sets errorCode with LDAP macro string value (better to test than the more
human readable values).
- Shorten minimum required characters for search scope definitions: now allows
"base", "one", and "sub". For the latter two, additional characters are
ignored.
- Now compiles successfully with -devel branch.
- Client cache management code enabled for OpenLDAP versions <= 1.2.4. (This
code is relatively untested and feedback is welcome.)
......@@ -21,24 +21,24 @@ exec_prefix = @exec_prefix@
# The following definition can be set to non-null for special systems
# like AFS with replication. It allows the pathnames used for installation
# to be different than those used for actually reference files at
# run-time. INSTALL_ROOT is prepended to $prefix and $exec_prefix
# run-time. DESTDIR is prepended to $prefix and $exec_prefix
# when installing files.
INSTALL_ROOT =
DESTDIR =
# Directory in which to search for tcl libraries
NEO_LIBRARY = $(exec_prefix)/lib/ldaptcl$(VERSION)
# Directory in which to install the ldaptcl binary:
BIN_INSTALL_DIR = $(INSTALL_ROOT)$(exec_prefix)/bin
BIN_INSTALL_DIR = $(DESTDIR)$(exec_prefix)/bin
# Directory in which to install the .a or .so binary for the Neo library:
LIB_INSTALL_DIR = $(INSTALL_ROOT)$(exec_prefix)/lib
LIB_INSTALL_DIR = $(DESTDIR)$(exec_prefix)/lib
# Path to use at runtime to refer to LIB_INSTALL_DIR:
LIB_RUNTIME_DIR = $(exec_prefix)/lib
# Top-level directory for man entries:
MANN_INSTALL_DIR = $(INSTALL_ROOT)$(prefix)/man/mann
MANN_INSTALL_DIR = $(DESTDIR)$(prefix)/man/mann
# The symbols below provide support for dynamic loading and shared
......@@ -85,6 +85,7 @@ SHLIB_LD = @SHLIB_LD@
LDAP_LIBFLAGS = @ldaplibflags@
LDAP_CFLAGS = @ldapinclude@
LDAP_INCDIR = @ldapincdir@
LDAP_BUILD = @ldapbuild@
LDAP_DIR = @ldapdir@
......@@ -120,13 +121,11 @@ LIBS= @LIBS@ @TCLX_LIB_SPEC@ @TCL_LIB_SPEC@ @TCL_LIBS@ $(LDAP_LIBFLAGS) -lc
TK_LIBS=@TKX_LIB_SPEC@ @TK_LIB_SPEC@ @TK_LIBS@
TK_VERSION=@TK_VERSION@
LDAPINCDIR=/usr/local/include
CC = @CC@
CC_SWITCHES = ${CFLAGS} @NEO_SHLIB_CFLAGS@ -I. \
-I@prefix@/include ${AC_FLAGS} ${PROTO_FLAGS} \
${SECURITY_FLAGS} ${MEM_DEBUG_FLAGS} ${KEYSYM_FLAGS} \
-DNEO_LIBRARY=\"${NEO_LIBRARY}\"
-DNEO_LIBRARY=\"${NEO_LIBRARY}\" -DVERSION=\"${VERSION}\"
TK_SWITCHES = ${CC_SWITCHES} @TK_XINCLUDES@
......@@ -140,15 +139,20 @@ all: @NEO_LIB_FILE@ ldaptclsh @LDAPWISH@
@MAKE_LIB@
$(RANLIB) @NEO_LIB_FILE@
neoXldap.o: neoXldap.c
neoXldap.o: neoXldap.c ldaptclerr.h
$(CC) -c $(LDAP_CFLAGS) $(CC_SWITCHES) $<
ldaptclerr.h: ldaperr.tcl
tcl ldaperr.tcl $(LDAP_INCDIR)/ldap.h > ldaptclerr.h
clean:
-rm -f ldaptclsh ldapwish
-rm -f *.o *.a *.so*
distclean: clean
rm -f Makefile pkgIndex.tcl config.cache config.log config.status
rm -f Makefile pkgIndex.tcl config.cache config.log config.status \
ldaptclerr.h
install: install-binaries install-man
......
Copyright (c) 1998-1999 NeoSoft, Inc.
For licensing information, see the file neoXldap.c and the COPYRIGHT
file contains in the directory you found this file.
For licensing information, see the file neoXldap.c and/or the COPYRIGHT
file contained in the directory you found this file.
This directory contains an extension to Tcl to interface with an
LDAP server. While this software is being released to the OpenLDAP
......@@ -10,7 +10,8 @@ be added) for other client libraries as well. As time goes on, it
is expected that code will converge rather than diverge.
Support is provided for University of Michigan LDAP version 3.3,
OpenLDAP, and Netscape.
OpenLDAP, and Netscape. The default configuration supports
OpenLDAP 1.2.4. OpenLDAP 2.x is not yet supported.
It uses GNU autoconf. It builds and installs without requiring
parallel directories, but it does require that Tcl and Extended Tcl
......@@ -21,8 +22,8 @@ For further info, try "./configure --help".
For example, I run:
./configure --prefix=/opt/neosoft97 --enable-shared \
--with-ldap=/usr/isp2000/ldap
./configure --prefix=/opt/neotcl --enable-shared \
--with-ldap=/usr/local/ldap
Remember that --prefix must be the same prefix used when building
and installint Tcl.
......@@ -36,30 +37,24 @@ This module will install a regular shell (ldaptclsh) a windowing
shell (ldapwish) a library, a pkgIndex.tcl, and a manpage (ldap.n).
If your Tcl installation has been configured with --enable-shared,
then it is highly recommended that you also use --enable-shared
here.
then you must also use --enable-shared here.
Shared libraries and Tcl packages.
If Tcl is built with --enable-shared, and OpenLDAP (or another version
If Tcl is built with --enable-shared, AND OpenLDAP (or another version
for that matter) has been build to create -llber and -lldap as shared
libaries, and you build ldaptcl with --enable-shared, it should be
libaries, AND you build ldaptcl with --enable-shared, it should be
possible to run a plain Tcl interpreter (eg. tclsh8.0) and do
package require Ldaptcl
which will install the "ldap" command into the interpreter.
This may require that you set the LD_LIBRARY_PATH environment variable
appropriately, or use -R or -W,-rpath ld command options.
It also may require that you modify the
If you configure with --enable-shared, and you have shared libraries
for -lldap and -llber, then you might be able to
"package require Ldaptcl", provided that everything is set up
exactly right, ie. -R ld flags, LD_LIBRARY_PATH environment variables,
etc.
You may need to set the LD_LIBRARY_PATH environment variable appropriately,
or use -R or -W,-rpath ld command options to resolve the search for ldap
and lber libraries.
This package was test built on a Sparc Solaris 2.5 using the SUN Pro C
This package was test built on a Alpha OSF4.0e with the native C
compiler.
You may email comments or bug fixes to openldap-devel@OpenLDAP.org,
......
This diff is collapsed.
......@@ -2,11 +2,11 @@ dnl This file is an input file used by the GNU "autoconf" program to
dnl generate the file "configure", which is run during Tk installation
dnl to configure the system for the local environment.
AC_INIT(neoXldap.c)
# $Id: configure.in,v 1.1 1999/02/10 22:56:49 kunkee Exp $
# $Id: configure.in,v 1.3 1999/08/03 05:23:03 kunkee Exp $
NEO_VERSION=1.0
NEO_VERSION=1.2
NEO_MAJOR_VERSION=1
NEO_MINOR_VERSION=0
NEO_MINOR_VERSION=2
VERSION=${NEO_VERSION}
if test "${prefix}" = "NONE"; then
......@@ -109,8 +109,8 @@ DL_LIBS=$TCL_DL_LIBS
LD_FLAGS=$TCL_LD_FLAGS
NEO_LD_SEARCH_FLAGS=$TCL_LD_SEARCH_FLAGS
eval "NEO_SHARED_LIB_FILE=libldap${TCL_SHARED_LIB_SUFFIX}"
eval "NEO_UNSHARED_LIB_FILE=libldap${TCL_UNSHARED_LIB_SUFFIX}"
eval "NEO_SHARED_LIB_FILE=libldaptcl${TCL_SHARED_LIB_SUFFIX}"
eval "NEO_UNSHARED_LIB_FILE=libldaptcl${TCL_UNSHARED_LIB_SUFFIX}"
#--------------------------------------------------------------------
# The statements below define a collection of symbols related to
......@@ -126,7 +126,7 @@ AC_ARG_ENABLE(shared,
if test "$ok" = "yes" -a "${SHLIB_SUFFIX}" != ""; then
NEO_SHLIB_CFLAGS="${SHLIB_CFLAGS}"
eval "NEO_LIB_FILE=libldaptcl${TCL_SHARED_LIB_SUFFIX}"
MAKE_LIB="\${SHLIB_LD} $TCL_LIB_HNAME -o ${NEO_LIB_FILE} \${OBJS}"
MAKE_LIB="\${SHLIB_LD} $TCL_LIB_HNAME -o ${NEO_LIB_FILE} \${OBJS} \${LDAP_LIBFLAGS}"
RANLIB=":"
else
NEO_SHLIB_CFLAGS=""
......@@ -169,6 +169,7 @@ AC_SUBST(ldaplibflags)
AC_SUBST(ldapinclude)
AC_SUBST(ldapbuild)
AC_SUBST(ldapdir)
AC_SUBST(ldapincdir)
VERSION=${NEO_VERSION}
......
......@@ -26,7 +26,7 @@ A new command by the name of \fIcommand\fR will be created to access
the LDAP database at \fIhostlist\fR. \fIhostlist\fR may contain elements
of the format \fBhost:port\fR if a port other than the default LDAP port
of 389 is required. The LDAP library will attempt to connect to each
host in turn until it succeeds.
host in turn until it succeeds or exhausts the list.
.PP
The \fBexplode\fR form provides a means (via ldap_explode(3)) to explode a DN
into its component parts. \fB-nonames\fR strips off the attribute names,
......@@ -64,9 +64,6 @@ deferred until we actually try to do something.
For the purposes of this example, we're going to assume that "foo" is the
command created by opening a connection using "ldap open".
Note: Karl is particularly dissatisfied with the syntax of this option,
so it is one of the most likely things to change in a subsequent release.
.SH BINDING
After a connection is made to an LDAP server, an LDAP bind operation must
......@@ -74,11 +71,10 @@ be performed before other operations can be attempted over the connection.
Both simple authentication and kerberos authentication are available.
LDAP version 3 supports many new "SSL"-style authentication and encryption
systems, which are not currently supported by the UMich server, and hence
by this interface package.
systems, which are not currently supported by the OpenLDAP v1.2 server, and
hence by this interface package.
Currently simple authentication, and kerberos-based authentication, are
supported.
Currently simple and kerberos-based authentication, are supported.
To use LDAP and still have reasonable security in a networked,
Internet/Intranet environment, secure shell can be used to setup
......@@ -140,17 +136,19 @@ This creates a new distinguished name and defines zero or more attributes.
"attributePairList" is a list of key-value pairs, the same as would
be returned by "array get" if an array had been set up containing the
key-value pairs. Note that, right now, the sort of lowest-level pair
of the DN must also appear in the attributePairList, as in:
key-value pairs.
foo add "cn=karl, ou=People, o=NeoSoft Inc, c=US" {cn karl ...}
Some directory servers and/or their client SDKs will automatically
add the leaf attribute value for you.
Here is a more precise description of how an attributePairList looks:
{cn {karl {Karl Lehenbauer}} telephone 713-968-5800}
Note here that two cn values, "karl" and "Karl Lehenbauer", are added.
A command error is to write
Is it an error to write:
{cn {Karl Lehenbauer}}
......@@ -161,11 +159,11 @@ typing hard-coded lists.
We have noticed that the Netscape server will automatically add the
left-most rdn portion of the DN (ie. cn=karl), whereas the University
of Michigan version does not.
of Michigan and OpenLDAP 1.2 versions do not.
.SH ADDING, DELETING, AND REPLACING OBJECT ATTRIBUTES
You can have multiple occurrences of the same attribute in a record.
You can have multiple values for a given attribute in an LDAP object.
These are represented in search results, through the Tcl interface,
as a list.
......@@ -173,21 +171,23 @@ as a list.
This adds key-value pairs to an existing DN. If an attribute being
added already exists, the new value will be appended to the list.
If a particular value being added to an attribute already exists in
the object a Tcl error is raised.
foo replace_attributes dn attributePairList
This replaces specified key-value pairs in an existing DN, leaving
unnamed ones untouched.
This replaces the specified attributes in an existing DN, leaving
unnamed ones untouched. Any previous values for the supplied attributes
(if any) are discarded.
foo delete_attributes dn attributePairList
This deletes attributes in the list. If a pair is "foo {bar snap}" and
you delete "foo bar", "foo" will still have "snap".
This deletes attributes in the list. If an attribute "foo" has the
value list {bar snap}, and you delete using the attributePairList "foo bar",
"foo" will still have "snap".
If you provide an empty string ("") for the value part of the key-value
pair, the entire attribute will be deleted. To reiterate, if you provide
a non-empty string for the value part, only that value will be removed
from the value list.
If you provide an empty string ("") for the value list,
the entire attribute will be deleted.
.SH SEARCHING
......@@ -219,6 +219,10 @@ search criteria.
controlArray(attributes) is a list of attributes to be fetched.
If not specified, all attributes are fetched.
controlArray(timeout) a timeout value in seconds (may contain
fractional values -- extremely very small values are useful
for forcing timeout conditions to test timeouts).
For each matching record, destArray is populated with none,
some or all attribute-value pairs.
......@@ -229,8 +233,8 @@ version.
.SH CACHING (Note: Netscape clients do not have caching interfaces).
The UMich LDAP library offers the client application fairly fine-
grained control of caching of results retrieved from searches,
The UMich and OpenLDAP client libraries offers the client application fairly
fine-grained control of caching of results retrieved from searches,
offering significant performance improvement and reduced
network traffic.
......@@ -241,7 +245,7 @@ To enable caching of data received from an LDAP connection,
foo cache enable timeout maxmem
...where timeout is specified in seconds, and maxmem is the
maximum memory to be used fo caching, in bytes.
maximum memory to be used for caching, in bytes.
If maxmem is 0, the cache size is restricted only by the timeout.
......@@ -268,7 +272,10 @@ To enable caching of data received from an LDAP connection,
This should be used, for example, after doing an add_attributes,
delete_attributes, or replace_attributes (ldap_modify(3))
involving the requested DN.
involving the requested DN. Generally this should not be needed,
as the Tcl interface automatically performs this operation on
any dn that is modified (add,replace,delete) while caching is
enabled.
foo cache no_errors
......@@ -291,7 +298,8 @@ Because we used the new "Tcl object" C interfaces, this package only works
with Tcl 8.0 or above.
This package interfaces with the University of Michigan LDAP protocol
package, version 3.3, an implementation of version 2 of the LDAP protocol.
package, version 3.3, and OpenLDAP version 1.2, both of which are
implementations of version 2 of the LDAP protocol.
Although an LDAP client (or server) could be written in native Tcl 8.0,
as Tcl 8.0 and above can do binary I/O, and Tcl 8 and above have strings
......@@ -330,8 +338,8 @@ related to LDAP services.
.SH AUTHORS
It was written by Karl Lehenbauer, of NeoSoft, Inc., in August and
September of 1997. Ldap explode, and numerous bug fixes by Randy
Kunkee, also of NeoSoft, Inc., in 1998.
September of 1997. Ldap explode, and numerous bug fixes and extensions
by Randy Kunkee, also of NeoSoft, Inc., in 1998-1999.
.SH KEYWORDS
element, join, list, separator
......
#
# ldaperr.tcl: scan ldap.h for error return codes for initializing
# errorCode table.
#
proc genstrings {path} {
set fp [open $path]
while {[gets $fp line] != -1 &&
![string match "#define LDAP_SUCCESS*" $line]} { }
puts "/* This file automatically generated, hand edit at your own risk! */"
puts -nonewline "char *ldaptclerrorcode\[\] = {
NULL"
set lasterr 0
while {[gets $fp line] != -1} {
if {[clength $line] == 0 || [ctype space $line]} continue
if {![string match #define* $line]} break
if {![string match "#define LDAP_*" $line]} continue
lassign $line define macro value
incr lasterr
while {$lasterr < $value} {
puts -nonewline ",\n\tNULL"
incr lasterr
}
puts -nonewline ",\n\t\"$macro\""
}
puts "\n};"
puts "#define LDAPTCL_MAXERR\t$value"
}
#cmdtrace on
if !$tcl_interactive {
genstrings [lindex $argv 0]
}
This diff is collapsed.
package ifneeded Neo @NEO_VERSION@ "package require Tclx 8.0; load [file join $dir .. @NEO_SHARED_LIB_FILE@] Ldaptcl"
package ifneeded Ldaptcl @NEO_VERSION@ "package require Tclx 8.0; load [file join $dir .. @NEO_SHARED_LIB_FILE@] Ldaptcl"
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment