openldap-2.5.16+dfsg/0000755000175000017500000000000014461774414013704 5ustar sergiosergioopenldap-2.5.16+dfsg/clients/0000755000175000017500000000000014461774414015345 5ustar sergiosergioopenldap-2.5.16+dfsg/clients/Makefile.in0000644000175000017500000000104214461774414017407 0ustar sergiosergio# Clients Makefile.in for OpenLDAP # $OpenLDAP$ ## This work is part of OpenLDAP Software . ## ## Copyright 1998-2022 The OpenLDAP Foundation. ## All rights reserved. ## ## Redistribution and use in source and binary forms, with or without ## modification, are permitted only as authorized by the OpenLDAP ## Public License. ## ## A copy of this license is available in the file LICENSE in the ## top-level directory of the distribution or, alternatively, at ## . SUBDIRS = tools openldap-2.5.16+dfsg/clients/tools/0000755000175000017500000000000014461774414016505 5ustar sergiosergioopenldap-2.5.16+dfsg/clients/tools/ldapsearch.c0000644000175000017500000016423514461774414020772 0ustar sergiosergio/* ldapsearch -- a tool for searching LDAP directories */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * Portions Copyright 1998-2003 Kurt D. Zeilenga. * Portions Copyright 1998-2001 Net Boolean Incorporated. * Portions Copyright 2001-2003 IBM Corporation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in the file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Portions Copyright (c) 1992-1996 Regents of the University of Michigan. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and that due credit is given * to the University of Michigan at Ann Arbor. The name of the * University may not be used to endorse or promote products derived * from this software without specific prior written permission. This * software is provided ``as is'' without express or implied warranty. */ /* ACKNOWLEDGEMENTS: * This work was originally developed by the University of Michigan * (as part of U-MICH LDAP). Additional significant contributors * include: * Jong Hyuk Choi * Lynn Moss * Mikhail Sahalaev * Kurt D. Zeilenga */ #include "portable.h" #include #include #include #include #include #include #include #include #include #ifdef HAVE_FCNTL_H #include #endif #ifdef HAVE_SYS_TYPES_H #include #endif #ifdef HAVE_IO_H #include #endif #include #include "ldif.h" #include "lutil.h" #include "lutil_ldap.h" #include "ldap_defaults.h" #include "ldap_pvt.h" #include "common.h" #if !LDAP_DEPRECATED /* * NOTE: we use this deprecated function only because * we want ldapsearch to provide some client-side sorting * capability. */ /* from ldap.h */ typedef int (LDAP_SORT_AD_CMP_PROC) LDAP_P(( /* deprecated */ LDAP_CONST char *left, LDAP_CONST char *right )); LDAP_F( int ) /* deprecated */ ldap_sort_entries LDAP_P(( LDAP *ld, LDAPMessage **chain, LDAP_CONST char *attr, LDAP_SORT_AD_CMP_PROC *cmp )); #endif static int scope = LDAP_SCOPE_SUBTREE; static int deref = -1; static int attrsonly; static int timelimit = -1; static int sizelimit = -1; static char *control; static char *def_tmpdir; static char *def_urlpre; #if defined(__CYGWIN__) || defined(__MINGW32__) /* Turn off commandline globbing, otherwise you cannot search for * attribute '*' */ int _CRT_glob = 0; #endif void usage( void ) { fprintf( stderr, _("usage: %s [options] [filter [attributes...]]\nwhere:\n"), prog); fprintf( stderr, _(" filter\tRFC 4515 compliant LDAP search filter\n")); fprintf( stderr, _(" attributes\twhitespace-separated list of attribute descriptions\n")); fprintf( stderr, _(" which may include:\n")); fprintf( stderr, _(" 1.1 no attributes\n")); fprintf( stderr, _(" * all user attributes\n")); fprintf( stderr, _(" + all operational attributes\n")); fprintf( stderr, _("Search options:\n")); fprintf( stderr, _(" -a deref one of never (default), always, search, or find\n")); fprintf( stderr, _(" -A retrieve attribute names only (no values)\n")); fprintf( stderr, _(" -b basedn base dn for search\n")); fprintf( stderr, _(" -c continuous operation mode (do not stop on errors)\n")); fprintf( stderr, _(" -E [!][=] search extensions (! indicates criticality)\n")); #ifdef LDAP_CONTROL_X_ACCOUNT_USABILITY fprintf( stderr, _(" [!]accountUsability (NetScape Account usability)\n")); #endif fprintf( stderr, _(" [!]domainScope (domain scope)\n")); fprintf( stderr, _(" !dontUseCopy (Don't Use Copy)\n")); fprintf( stderr, _(" [!]mv= (RFC 3876 matched values filter)\n")); fprintf( stderr, _(" [!]pr=[/prompt|noprompt] (RFC 2696 paged results/prompt)\n")); fprintf( stderr, _(" [!]ps=// (draft persistent search)\n")); fprintf( stderr, _(" [!]sss=[-][/[-]...]\n")); fprintf( stderr, _(" (RFC 2891 server side sorting)\n")); fprintf( stderr, _(" [!]subentries[=true|false] (RFC 3672 subentries)\n")); fprintf( stderr, _(" [!]sync=ro[/] (RFC 4533 LDAP Sync refreshOnly)\n")); fprintf( stderr, _(" rp[/][/] (refreshAndPersist)\n")); fprintf( stderr, _(" [!]vlv=/(//|:)\n")); fprintf( stderr, _(" (ldapv3-vlv-09 virtual list views)\n")); #ifdef LDAP_CONTROL_X_DEREF fprintf( stderr, _(" [!]deref=derefAttr:attr[,...][;derefAttr:attr[,...][;...]]\n")); #endif #ifdef LDAP_CONTROL_X_DIRSYNC fprintf( stderr, _(" !dirSync=/[/]\n")); fprintf( stderr, _(" (MS AD DirSync)\n")); #endif #ifdef LDAP_CONTROL_X_EXTENDED_DN fprintf( stderr, _(" [!]extendedDn= (MS AD Extended DN\n")); #endif #ifdef LDAP_CONTROL_X_SHOW_DELETED fprintf( stderr, _(" [!]showDeleted (MS AD Show Deleted)\n")); #endif #ifdef LDAP_CONTROL_X_SERVER_NOTIFICATION fprintf( stderr, _(" [!]serverNotif (MS AD Server Notification)\n")); #endif fprintf( stderr, _(" [!][=:|::] (generic control; no response handling)\n")); fprintf( stderr, _(" -f file read operations from `file'\n")); fprintf( stderr, _(" -F prefix URL prefix for files (default: %s)\n"), def_urlpre); fprintf( stderr, _(" -l limit time limit (in seconds, or \"none\" or \"max\") for search\n")); fprintf( stderr, _(" -L print responses in LDIFv1 format\n")); fprintf( stderr, _(" -LL print responses in LDIF format without comments\n")); fprintf( stderr, _(" -LLL print responses in LDIF format without comments\n")); fprintf( stderr, _(" and version\n")); fprintf( stderr, _(" -M enable Manage DSA IT control (-MM to make critical)\n")); fprintf( stderr, _(" -P version protocol version (default: 3)\n")); fprintf( stderr, _(" -s scope one of base, one, sub or children (search scope)\n")); fprintf( stderr, _(" -S attr sort the results by attribute `attr'\n")); fprintf( stderr, _(" -t write binary values to files in temporary directory\n")); fprintf( stderr, _(" -tt write all values to files in temporary directory\n")); fprintf( stderr, _(" -T path write files to directory specified by path (default: %s)\n"), def_tmpdir); fprintf( stderr, _(" -u include User Friendly entry names in the output\n")); fprintf( stderr, _(" -z limit size limit (in entries, or \"none\" or \"max\") for search\n")); tool_common_usage(); exit( EXIT_FAILURE ); } static void print_entry LDAP_P(( LDAP *ld, LDAPMessage *entry, int attrsonly)); static void print_reference( LDAP *ld, LDAPMessage *reference ); static void print_extended( LDAP *ld, LDAPMessage *extended ); static void print_syncinfo( BerValue *info ); static void print_partial( LDAP *ld, LDAPMessage *partial ); static int print_result( LDAP *ld, LDAPMessage *result, int search ); static int dosearch LDAP_P(( LDAP *ld, char *base, int scope, char *filtpatt, char *value, char **attrs, int attrsonly, LDAPControl **sctrls, LDAPControl **cctrls, struct timeval *timeout, int sizelimit )); static char *tmpdir = NULL; static char *urlpre = NULL; static char *base = NULL; static char *sortattr = NULL; static int includeufn, vals2tmp = 0; static int subentries = 0, valuesReturnFilter = 0; static char *vrFilter = NULL; #ifdef LDAP_CONTROL_X_ACCOUNT_USABILITY static int accountUsability = 0; #endif #ifdef LDAP_CONTROL_DONTUSECOPY static int dontUseCopy = 0; #endif static int domainScope = 0; static int sss = 0; static LDAPSortKey **sss_keys = NULL; static int vlv = 0; static LDAPVLVInfo vlvInfo; static struct berval vlvValue; static int ldapsync = 0; static struct berval sync_cookie = { 0, NULL }; static int sync_slimit = -1; static int psearch = 0; static int ps_chgtypes, ps_chgsonly, ps_echg_ctrls; /* cookie and morePagedResults moved to common.c */ static int pagedResults = 0; static int pagePrompt = 1; static ber_int_t pageSize = 0; static ber_int_t entriesLeft = 0; static int npagedresponses; static int npagedentries; static int npagedreferences; static int npagedextended; static int npagedpartial; static LDAPControl *c = NULL; static int nctrls = 0; static int save_nctrls = 0; #ifdef LDAP_CONTROL_X_DEREF static int derefcrit; static LDAPDerefSpec *ds; static struct berval derefval; #endif #ifdef LDAP_CONTROL_X_DIRSYNC static int dirSync; static int dirSyncFlags; static int dirSyncMaxAttrCount; static struct berval dirSyncCookie; #endif #ifdef LDAP_CONTROL_X_EXTENDED_DN static int extendedDn; static int extendedDnFlag; #endif #ifdef LDAP_CONTROL_X_SHOW_DELETED static int showDeleted; #endif #ifdef LDAP_CONTROL_X_SERVER_NOTIFICATION static int serverNotif; #endif static int ctrl_add( void ) { LDAPControl *tmpc; nctrls++; tmpc = realloc( c, sizeof( LDAPControl ) * nctrls ); if ( tmpc == NULL ) { nctrls--; fprintf( stderr, _("unable to make room for control; out of memory?\n")); return -1; } c = tmpc; return 0; } static void urlize(char *url) { char *p; if (*LDAP_DIRSEP != '/') { for (p = url; *p; p++) { if (*p == *LDAP_DIRSEP) *p = '/'; } } } static int parse_vlv(char *cvalue) { char *keyp, *key2; int num1, num2; keyp = cvalue; if ( sscanf( keyp, "%d/%d", &num1, &num2 ) != 2 ) { fprintf( stderr, _("VLV control value \"%s\" invalid\n"), cvalue ); return -1; } vlvInfo.ldvlv_before_count = num1; vlvInfo.ldvlv_after_count = num2; keyp = strchr( keyp, '/' ) + 1; key2 = strchr( keyp, '/' ); if ( key2 ) { keyp = key2 + 1; if ( sscanf( keyp, "%d/%d", &num1, &num2 ) != 2 ) { fprintf( stderr, _("VLV control value \"%s\" invalid\n"), cvalue ); return -1; } vlvInfo.ldvlv_offset = num1; vlvInfo.ldvlv_count = num2; vlvInfo.ldvlv_attrvalue = NULL; } else { key2 = strchr( keyp, ':' ); if ( !key2 ) { fprintf( stderr, _("VLV control value \"%s\" invalid\n"), cvalue ); return -1; } ber_str2bv( key2+1, 0, 0, &vlvValue ); vlvInfo.ldvlv_attrvalue = &vlvValue; } return 0; } const char options[] = "a:Ab:cE:F:l:Ls:S:tT:uz:" "Cd:D:e:f:H:IMnNO:o:P:QR:U:vVw:WxX:y:Y:Z"; int handle_private_option( int i ) { int crit, ival; char *cvalue, *next; switch ( i ) { case 'a': /* set alias deref option */ if ( strcasecmp( optarg, "never" ) == 0 ) { deref = LDAP_DEREF_NEVER; } else if ( strncasecmp( optarg, "search", sizeof("search")-1 ) == 0 ) { deref = LDAP_DEREF_SEARCHING; } else if ( strncasecmp( optarg, "find", sizeof("find")-1 ) == 0 ) { deref = LDAP_DEREF_FINDING; } else if ( strcasecmp( optarg, "always" ) == 0 ) { deref = LDAP_DEREF_ALWAYS; } else { fprintf( stderr, _("alias deref should be never, search, find, or always\n") ); usage(); } break; case 'A': /* retrieve attribute names only -- no values */ ++attrsonly; break; case 'b': /* search base */ base = optarg; break; case 'E': /* search extensions */ if( protocol == LDAP_VERSION2 ) { fprintf( stderr, _("%s: -E incompatible with LDAPv%d\n"), prog, protocol ); exit( EXIT_FAILURE ); } /* should be extended to support comma separated list of * [!]key[=value] parameters, e.g. -E !foo,bar=567 */ crit = 0; cvalue = NULL; while ( optarg[0] == '!' ) { crit++; optarg++; } control = optarg; if ( (cvalue = strchr( control, '=' )) != NULL ) { *cvalue++ = '\0'; } if ( strcasecmp( control, "mv" ) == 0 ) { /* ValuesReturnFilter control */ if( valuesReturnFilter ) { fprintf( stderr, _("ValuesReturnFilter previously specified\n")); exit( EXIT_FAILURE ); } valuesReturnFilter= 1 + crit; if ( cvalue == NULL ) { fprintf( stderr, _("missing filter in ValuesReturnFilter control\n")); exit( EXIT_FAILURE ); } vrFilter = cvalue; protocol = LDAP_VERSION3; } else if ( strcasecmp( control, "pr" ) == 0 ) { int num, tmp; /* PagedResults control */ if ( pagedResults != 0 ) { fprintf( stderr, _("PagedResultsControl previously specified\n") ); exit( EXIT_FAILURE ); } if ( vlv != 0 ) { fprintf( stderr, _("PagedResultsControl incompatible with VLV\n") ); exit( EXIT_FAILURE ); } if( cvalue != NULL ) { char *promptp; promptp = strchr( cvalue, '/' ); if ( promptp != NULL ) { *promptp++ = '\0'; if ( strcasecmp( promptp, "prompt" ) == 0 ) { pagePrompt = 1; } else if ( strcasecmp( promptp, "noprompt" ) == 0) { pagePrompt = 0; } else { fprintf( stderr, _("Invalid value for PagedResultsControl," " %s/%s.\n"), cvalue, promptp ); exit( EXIT_FAILURE ); } } num = sscanf( cvalue, "%d", &tmp ); if ( num != 1 ) { fprintf( stderr, _("Invalid value for PagedResultsControl, %s.\n"), cvalue ); exit( EXIT_FAILURE ); } } else { fprintf(stderr, _("Invalid value for PagedResultsControl.\n")); exit( EXIT_FAILURE ); } pageSize = (ber_int_t) tmp; pagedResults = 1 + crit; } else if ( strcasecmp( control, "ps" ) == 0 ) { int num; /* PersistentSearch control */ if ( psearch != 0 ) { fprintf( stderr, _("PersistentSearch previously specified\n") ); exit( EXIT_FAILURE ); } if( cvalue != NULL ) { num = sscanf( cvalue, "%i/%d/%d", &ps_chgtypes, &ps_chgsonly, &ps_echg_ctrls ); if ( num != 3 ) { fprintf( stderr, _("Invalid value for PersistentSearch, %s.\n"), cvalue ); exit( EXIT_FAILURE ); } } else { fprintf(stderr, _("Invalid value for PersistentSearch.\n")); exit( EXIT_FAILURE ); } psearch = 1 + crit; #ifdef LDAP_CONTROL_DONTUSECOPY } else if ( strcasecmp( control, "dontUseCopy" ) == 0 ) { if( dontUseCopy ) { fprintf( stderr, _("dontUseCopy control previously specified\n")); exit( EXIT_FAILURE ); } if( cvalue != NULL ) { fprintf( stderr, _("dontUseCopy: no control value expected\n") ); usage(); } if( !crit ) { fprintf( stderr, _("dontUseCopy: critical flag required\n") ); usage(); } dontUseCopy = 1 + crit; #endif } else if ( strcasecmp( control, "domainScope" ) == 0 ) { if( domainScope ) { fprintf( stderr, _("domainScope control previously specified\n")); exit( EXIT_FAILURE ); } if( cvalue != NULL ) { fprintf( stderr, _("domainScope: no control value expected\n") ); usage(); } domainScope = 1 + crit; } else if ( strcasecmp( control, "sss" ) == 0 ) { char *keyp; if( sss ) { fprintf( stderr, _("server side sorting control previously specified\n")); exit( EXIT_FAILURE ); } if( cvalue == NULL ) { fprintf( stderr, _("missing specification of sss control\n") ); exit( EXIT_FAILURE ); } keyp = cvalue; while ( ( keyp = strchr(keyp, '/') ) != NULL ) { *keyp++ = ' '; } if ( ldap_create_sort_keylist( &sss_keys, cvalue )) { fprintf( stderr, _("server side sorting control value \"%s\" invalid\n"), cvalue ); exit( EXIT_FAILURE ); } sss = 1 + crit; } else if ( strcasecmp( control, "subentries" ) == 0 ) { if( subentries ) { fprintf( stderr, _("subentries control previously specified\n")); exit( EXIT_FAILURE ); } if( cvalue == NULL || strcasecmp( cvalue, "true") == 0 ) { subentries = 2; } else if ( strcasecmp( cvalue, "false") == 0 ) { subentries = 1; } else { fprintf( stderr, _("subentries control value \"%s\" invalid\n"), cvalue ); exit( EXIT_FAILURE ); } if( crit ) subentries *= -1; } else if ( strcasecmp( control, "sync" ) == 0 ) { char *cookiep; char *slimitp; if ( ldapsync ) { fprintf( stderr, _("sync control previously specified\n") ); exit( EXIT_FAILURE ); } if ( cvalue == NULL ) { fprintf( stderr, _("missing specification of sync control\n")); exit( EXIT_FAILURE ); } if ( strncasecmp( cvalue, "ro", 2 ) == 0 ) { ldapsync = LDAP_SYNC_REFRESH_ONLY; cookiep = strchr( cvalue, '/' ); if ( cookiep != NULL ) { cookiep++; if ( *cookiep != '\0' ) { ber_str2bv( cookiep, 0, 0, &sync_cookie ); } } } else if ( strncasecmp( cvalue, "rp", 2 ) == 0 ) { ldapsync = LDAP_SYNC_REFRESH_AND_PERSIST; cookiep = strchr( cvalue, '/' ); if ( cookiep != NULL ) { *cookiep++ = '\0'; cvalue = cookiep; } slimitp = strchr( cvalue, '/' ); if ( slimitp != NULL ) { *slimitp++ = '\0'; } if ( cookiep != NULL && *cookiep != '\0' ) ber_str2bv( cookiep, 0, 0, &sync_cookie ); if ( slimitp != NULL && *slimitp != '\0' ) { ival = strtol( slimitp, &next, 10 ); if ( next == NULL || next[0] != '\0' ) { fprintf( stderr, _("Unable to parse sync control value \"%s\"\n"), slimitp ); exit( EXIT_FAILURE ); } sync_slimit = ival; } } else { fprintf( stderr, _("sync control value \"%s\" invalid\n"), cvalue ); exit( EXIT_FAILURE ); } if ( crit ) ldapsync *= -1; } else if ( strcasecmp( control, "vlv" ) == 0 ) { if( vlv ) { fprintf( stderr, _("virtual list view control previously specified\n")); exit( EXIT_FAILURE ); } if ( pagedResults != 0 ) { fprintf( stderr, _("PagedResultsControl incompatible with VLV\n") ); exit( EXIT_FAILURE ); } if( cvalue == NULL ) { fprintf( stderr, _("missing specification of vlv control\n") ); exit( EXIT_FAILURE ); } if ( parse_vlv( cvalue )) exit( EXIT_FAILURE ); vlv = 1 + crit; #ifdef LDAP_CONTROL_X_DEREF } else if ( strcasecmp( control, "deref" ) == 0 ) { int ispecs; char **specs; /* cvalue is something like * * derefAttr:attr[,attr[...]][;derefAttr:attr[,attr[...]]]" */ specs = ldap_str2charray( cvalue, ";" ); if ( specs == NULL ) { fprintf( stderr, _("deref specs \"%s\" invalid\n"), cvalue ); exit( EXIT_FAILURE ); } for ( ispecs = 0; specs[ ispecs ] != NULL; ispecs++ ) /* count'em */ ; ds = ldap_memcalloc( ispecs + 1, sizeof( LDAPDerefSpec ) ); if ( ds == NULL ) { perror( "malloc" ); exit( EXIT_FAILURE ); } for ( ispecs = 0; specs[ ispecs ] != NULL; ispecs++ ) { char *ptr; ptr = strchr( specs[ ispecs ], ':' ); if ( ptr == NULL ) { fprintf( stderr, _("deref specs \"%s\" invalid\n"), cvalue ); exit( EXIT_FAILURE ); } ds[ ispecs ].derefAttr = specs[ ispecs ]; *ptr++ = '\0'; ds[ ispecs ].attributes = ldap_str2charray( ptr, "," ); } derefcrit = 1 + crit; ldap_memfree( specs ); #endif /* LDAP_CONTROL_X_DEREF */ #ifdef LDAP_CONTROL_X_DIRSYNC } else if ( strcasecmp( control, "dirSync" ) == 0 ) { char *maxattrp; char *cookiep; int num, tmp; if( dirSync ) { fprintf( stderr, _("dirSync control previously specified\n")); exit( EXIT_FAILURE ); } if ( cvalue == NULL ) { fprintf( stderr, _("missing specification of dirSync control\n")); exit( EXIT_FAILURE ); } if( !crit ) { fprintf( stderr, _("dirSync: critical flag required\n") ); usage(); } maxattrp = strchr( cvalue, '/' ); if ( maxattrp == NULL ) { fprintf( stderr, _("dirSync control value \"%s\" invalid\n"), cvalue ); exit( EXIT_FAILURE ); } *maxattrp++ = '\0'; cookiep = strchr( maxattrp, '/' ); if ( cookiep != NULL ) { if ( cookiep[1] != '\0' ) { struct berval type; int freeval; char save1, save2; /* dummy type "x" * to use ldif_parse_line2() */ save1 = cookiep[ -1 ]; save2 = cookiep[ -2 ]; cookiep[ -2 ] = 'x'; cookiep[ -1 ] = ':'; cookiep[ 0 ] = ':'; ldif_parse_line2( &cookiep[ -2 ], &type, &dirSyncCookie, &freeval ); cookiep[ -1 ] = save1; cookiep[ -2 ] = save2; } *cookiep = '\0'; } num = sscanf( cvalue, "%i", &tmp ); if ( num != 1 ) { fprintf( stderr, _("Invalid value for dirSync, %s.\n"), cvalue ); exit( EXIT_FAILURE ); } dirSyncFlags = tmp; num = sscanf( maxattrp, "%d", &tmp ); if ( num != 1 ) { fprintf( stderr, _("Invalid value for dirSync, %s.\n"), maxattrp ); exit( EXIT_FAILURE ); } dirSyncMaxAttrCount = tmp; dirSync = 1 + crit; #endif /* LDAP_CONTROL_X_DIRSYNC */ #ifdef LDAP_CONTROL_X_EXTENDED_DN } else if ( strcasecmp( control, "extendedDn" ) == 0 ) { int num, tmp; if( extendedDn ) { fprintf( stderr, _("extendedDn control previously specified\n")); exit( EXIT_FAILURE ); } if ( cvalue == NULL ) { fprintf( stderr, _("missing specification of extendedDn control\n")); exit( EXIT_FAILURE ); } num = sscanf( cvalue, "%d", &tmp ); if ( num != 1 ) { fprintf( stderr, _("Invalid value for extendedDn, %s.\n"), cvalue ); exit( EXIT_FAILURE ); } extendedDnFlag = tmp; extendedDn = 1 + crit; #endif /* LDAP_CONTROL_X_EXTENDED_DN */ #ifdef LDAP_CONTROL_X_SHOW_DELETED } else if ( strcasecmp( control, "showDeleted" ) == 0 ) { if( showDeleted ) { fprintf( stderr, _("showDeleted control previously specified\n")); exit( EXIT_FAILURE ); } if ( cvalue != NULL ) { fprintf( stderr, _("showDeleted: no control value expected\n") ); usage(); } showDeleted = 1 + crit; #endif /* LDAP_CONTROL_X_SHOW_DELETED */ #ifdef LDAP_CONTROL_X_SERVER_NOTIFICATION } else if ( strcasecmp( control, "serverNotif" ) == 0 ) { if( serverNotif ) { fprintf( stderr, _("serverNotif control previously specified\n")); exit( EXIT_FAILURE ); } if ( cvalue != NULL ) { fprintf( stderr, _("serverNotif: no control value expected\n") ); usage(); } serverNotif = 1 + crit; #endif /* LDAP_CONTROL_X_SERVER_NOTIFICATION */ #ifdef LDAP_CONTROL_X_ACCOUNT_USABILITY } else if ( strcasecmp( control, "accountUsability" ) == 0 ) { if( accountUsability ) { fprintf( stderr, _("accountUsability control previously specified\n")); exit( EXIT_FAILURE ); } if( cvalue != NULL ) { fprintf( stderr, _("accountUsability: no control value expected\n") ); usage(); } accountUsability = 1 + crit; #endif /* LDAP_CONTROL_X_ACCOUNT_USABILITY */ } else if ( tool_is_oid( control ) ) { if ( c != NULL ) { int i; for ( i = 0; i < nctrls; i++ ) { if ( strcmp( control, c[ i ].ldctl_oid ) == 0 ) { fprintf( stderr, "%s control previously specified\n", control ); exit( EXIT_FAILURE ); } } } if ( ctrl_add() ) { exit( EXIT_FAILURE ); } /* OID */ c[ nctrls - 1 ].ldctl_oid = control; /* value */ if ( cvalue == NULL ) { c[ nctrls - 1 ].ldctl_value.bv_val = NULL; c[ nctrls - 1 ].ldctl_value.bv_len = 0; } else if ( cvalue[ 0 ] == ':' ) { struct berval type; struct berval value; int freeval; char save_c; cvalue++; /* dummy type "x" * to use ldif_parse_line2() */ save_c = cvalue[ -2 ]; cvalue[ -2 ] = 'x'; ldif_parse_line2( &cvalue[ -2 ], &type, &value, &freeval ); cvalue[ -2 ] = save_c; if ( freeval ) { c[ nctrls - 1 ].ldctl_value = value; } else { ber_dupbv( &c[ nctrls - 1 ].ldctl_value, &value ); } } else { fprintf( stderr, "unable to parse %s control value\n", control ); exit( EXIT_FAILURE ); } /* criticality */ c[ nctrls - 1 ].ldctl_iscritical = crit; } else { fprintf( stderr, _("Invalid search extension name: %s\n"), control ); usage(); } break; case 'F': /* uri prefix */ if( urlpre ) free( urlpre ); urlpre = optarg; break; case 'l': /* time limit */ if ( strcasecmp( optarg, "none" ) == 0 ) { timelimit = 0; } else if ( strcasecmp( optarg, "max" ) == 0 ) { timelimit = LDAP_MAXINT; } else { ival = strtol( optarg, &next, 10 ); if ( next == NULL || next[0] != '\0' ) { fprintf( stderr, _("Unable to parse time limit \"%s\"\n"), optarg ); exit( EXIT_FAILURE ); } timelimit = ival; } if( timelimit < 0 || timelimit > LDAP_MAXINT ) { fprintf( stderr, _("%s: invalid timelimit (%d) specified\n"), prog, timelimit ); exit( EXIT_FAILURE ); } break; case 'L': /* print entries in LDIF format */ ++ldif; break; case 's': /* search scope */ if ( strncasecmp( optarg, "base", sizeof("base")-1 ) == 0 ) { scope = LDAP_SCOPE_BASE; } else if ( strncasecmp( optarg, "one", sizeof("one")-1 ) == 0 ) { scope = LDAP_SCOPE_ONELEVEL; } else if (( strcasecmp( optarg, "subordinate" ) == 0 ) || ( strcasecmp( optarg, "children" ) == 0 )) { scope = LDAP_SCOPE_SUBORDINATE; } else if ( strncasecmp( optarg, "sub", sizeof("sub")-1 ) == 0 ) { scope = LDAP_SCOPE_SUBTREE; } else { fprintf( stderr, _("scope should be base, one, or sub\n") ); usage(); } break; case 'S': /* sort attribute */ sortattr = optarg; break; case 't': /* write attribute values to TMPDIR files */ ++vals2tmp; break; case 'T': /* tmpdir */ if( tmpdir ) free( tmpdir ); tmpdir = optarg; break; case 'u': /* include UFN */ ++includeufn; break; case 'z': /* size limit */ if ( strcasecmp( optarg, "none" ) == 0 ) { sizelimit = 0; } else if ( strcasecmp( optarg, "max" ) == 0 ) { sizelimit = LDAP_MAXINT; } else { ival = strtol( optarg, &next, 10 ); if ( next == NULL || next[0] != '\0' ) { fprintf( stderr, _("Unable to parse size limit \"%s\"\n"), optarg ); exit( EXIT_FAILURE ); } sizelimit = ival; } if( sizelimit < 0 || sizelimit > LDAP_MAXINT ) { fprintf( stderr, _("%s: invalid sizelimit (%d) specified\n"), prog, sizelimit ); exit( EXIT_FAILURE ); } break; default: return 0; } return 1; } static void private_conn_setup( LDAP *ld ) { if (deref != -1 && ldap_set_option( ld, LDAP_OPT_DEREF, (void *) &deref ) != LDAP_OPT_SUCCESS ) { fprintf( stderr, _("Could not set LDAP_OPT_DEREF %d\n"), deref ); tool_exit( ld, EXIT_FAILURE ); } } int main( int argc, char **argv ) { char *filtpattern, **attrs = NULL, line[BUFSIZ]; FILE *fp = NULL; int rc, rc1, i, first; LDAP *ld = NULL; BerElement *ber = NULL; int err; tool_init( TOOL_SEARCH ); npagedresponses = npagedentries = npagedreferences = npagedextended = npagedpartial = 0; prog = lutil_progname( "ldapsearch", argc, argv ); if((def_tmpdir = getenv("TMPDIR")) == NULL && (def_tmpdir = getenv("TMP")) == NULL && (def_tmpdir = getenv("TEMP")) == NULL ) { def_tmpdir = LDAP_TMPDIR; } if ( !*def_tmpdir ) def_tmpdir = LDAP_TMPDIR; def_urlpre = malloc( sizeof("file:////") + strlen(def_tmpdir) ); if( def_urlpre == NULL ) { perror( "malloc" ); return EXIT_FAILURE; } sprintf( def_urlpre, "file:///%s/", def_tmpdir[0] == *LDAP_DIRSEP ? &def_tmpdir[1] : def_tmpdir ); urlize( def_urlpre ); tool_args( argc, argv ); if ( vlv && !sss ) { fprintf( stderr, _("VLV control requires server side sort control\n" )); return EXIT_FAILURE; } if (( argc - optind < 1 ) || ( *argv[optind] != '(' /*')'*/ && ( strchr( argv[optind], '=' ) == NULL ) ) ) { filtpattern = "(objectclass=*)"; } else { filtpattern = argv[optind++]; } if ( argv[optind] != NULL ) { attrs = &argv[optind]; } if ( infile != NULL ) { int percent = 0; if ( infile[0] == '-' && infile[1] == '\0' ) { fp = stdin; } else if (( fp = fopen( infile, "r" )) == NULL ) { perror( infile ); return EXIT_FAILURE; } for( i=0 ; filtpattern[i] ; i++ ) { if( filtpattern[i] == '%' ) { if( percent ) { fprintf( stderr, _("Bad filter pattern \"%s\"\n"), filtpattern ); return EXIT_FAILURE; } percent++; if( filtpattern[i+1] != 's' ) { fprintf( stderr, _("Bad filter pattern \"%s\"\n"), filtpattern ); return EXIT_FAILURE; } } } } if ( tmpdir == NULL ) { tmpdir = def_tmpdir; if ( urlpre == NULL ) urlpre = def_urlpre; } if( urlpre == NULL ) { urlpre = malloc( sizeof("file:////") + strlen(tmpdir) ); if( urlpre == NULL ) { perror( "malloc" ); return EXIT_FAILURE; } sprintf( urlpre, "file:///%s/", tmpdir[0] == *LDAP_DIRSEP ? &tmpdir[1] : tmpdir ); urlize( urlpre ); } if ( debug ) ldif_debug = debug; ld = tool_conn_setup( 0, &private_conn_setup ); tool_bind( ld ); getNextPage: /* fp may have been closed, need to reopen if code jumps * back here to getNextPage. */ if ( !fp && infile ) { if (( fp = fopen( infile, "r" )) == NULL ) { perror( infile ); tool_exit( ld, EXIT_FAILURE ); } } save_nctrls = nctrls; i = nctrls; if ( nctrls > 0 #ifdef LDAP_CONTROL_X_ACCOUNT_USABILITY || accountUsability #endif #ifdef LDAP_CONTROL_DONTUSECOPY || dontUseCopy #endif #ifdef LDAP_CONTROL_X_DEREF || derefcrit #endif #ifdef LDAP_CONTROL_X_DIRSYNC || dirSync #endif #ifdef LDAP_CONTROL_X_EXTENDED_DN || extendedDn #endif #ifdef LDAP_CONTROL_X_SHOW_DELETED || showDeleted #endif #ifdef LDAP_CONTROL_X_SERVER_NOTIFICATION || serverNotif #endif || domainScope || pagedResults || psearch || ldapsync || sss || subentries || valuesReturnFilter || vlv ) { #ifdef LDAP_CONTROL_X_ACCOUNT_USABILITY if ( accountUsability ) { if ( ctrl_add() ) { tool_exit( ld, EXIT_FAILURE ); } c[i].ldctl_oid = LDAP_CONTROL_X_ACCOUNT_USABILITY; c[i].ldctl_value.bv_val = NULL; c[i].ldctl_value.bv_len = 0; c[i].ldctl_iscritical = accountUsability == 2; i++; } #endif #ifdef LDAP_CONTROL_DONTUSECOPY if ( dontUseCopy ) { if ( ctrl_add() ) { tool_exit( ld, EXIT_FAILURE ); } c[i].ldctl_oid = LDAP_CONTROL_DONTUSECOPY; c[i].ldctl_value.bv_val = NULL; c[i].ldctl_value.bv_len = 0; c[i].ldctl_iscritical = dontUseCopy == 2; i++; } #endif if ( domainScope ) { if ( ctrl_add() ) { tool_exit( ld, EXIT_FAILURE ); } c[i].ldctl_oid = LDAP_CONTROL_X_DOMAIN_SCOPE; c[i].ldctl_value.bv_val = NULL; c[i].ldctl_value.bv_len = 0; c[i].ldctl_iscritical = domainScope > 1; i++; } if ( subentries ) { if ( ctrl_add() ) { tool_exit( ld, EXIT_FAILURE ); } if (( ber = ber_alloc_t(LBER_USE_DER)) == NULL ) { tool_exit( ld, EXIT_FAILURE ); } err = ber_printf( ber, "b", abs(subentries) == 1 ? 0 : 1 ); if ( err == -1 ) { ber_free( ber, 1 ); fprintf( stderr, _("Subentries control encoding error!\n") ); tool_exit( ld, EXIT_FAILURE ); } err = ber_flatten2( ber, &c[i].ldctl_value, 1 ); ber_free( ber, 1 ); if ( err == -1 ) tool_exit( ld, EXIT_FAILURE ); c[i].ldctl_oid = LDAP_CONTROL_SUBENTRIES; c[i].ldctl_iscritical = subentries < 1; i++; } if ( ldapsync ) { if ( ctrl_add() ) { tool_exit( ld, EXIT_FAILURE ); } if (( ber = ber_alloc_t(LBER_USE_DER)) == NULL ) { tool_exit( ld, EXIT_FAILURE ); } if ( sync_cookie.bv_len == 0 ) { err = ber_printf( ber, "{e}", abs(ldapsync) ); } else { err = ber_printf( ber, "{eO}", abs(ldapsync), &sync_cookie ); } if ( err == -1 ) { ber_free( ber, 1 ); fprintf( stderr, _("ldap sync control encoding error!\n") ); tool_exit( ld, EXIT_FAILURE ); } err = ber_flatten2( ber, &c[i].ldctl_value, 1 ); ber_free( ber, 1 ); if ( err == -1 ) tool_exit( ld, EXIT_FAILURE ); c[i].ldctl_oid = LDAP_CONTROL_SYNC; c[i].ldctl_iscritical = ldapsync < 0; i++; } if ( valuesReturnFilter ) { if ( ctrl_add() ) { tool_exit( ld, EXIT_FAILURE ); } if (( ber = ber_alloc_t(LBER_USE_DER)) == NULL ) { tool_exit( ld, EXIT_FAILURE ); } if ( ( err = ldap_put_vrFilter( ber, vrFilter ) ) == -1 ) { ber_free( ber, 1 ); fprintf( stderr, _("Bad ValuesReturnFilter: %s\n"), vrFilter ); tool_exit( ld, EXIT_FAILURE ); } err = ber_flatten2( ber, &c[i].ldctl_value, 1 ); ber_free( ber, 1 ); if ( err == -1 ) tool_exit( ld, EXIT_FAILURE ); c[i].ldctl_oid = LDAP_CONTROL_VALUESRETURNFILTER; c[i].ldctl_iscritical = valuesReturnFilter > 1; i++; } if ( pagedResults ) { if ( ctrl_add() ) { tool_exit( ld, EXIT_FAILURE ); } if ( ldap_create_page_control_value( ld, pageSize, &pr_cookie, &c[i].ldctl_value ) ) { tool_exit( ld, EXIT_FAILURE ); } if ( pr_cookie.bv_val != NULL ) { ber_memfree( pr_cookie.bv_val ); pr_cookie.bv_val = NULL; pr_cookie.bv_len = 0; } c[i].ldctl_oid = LDAP_CONTROL_PAGEDRESULTS; c[i].ldctl_iscritical = pagedResults > 1; i++; } if ( psearch ) { if ( ctrl_add() ) { tool_exit( ld, EXIT_FAILURE ); } if ( ldap_create_persistentsearch_control_value( ld, ps_chgtypes, ps_chgsonly, ps_echg_ctrls, &c[i].ldctl_value ) ) { tool_exit( ld, EXIT_FAILURE ); } c[i].ldctl_oid = LDAP_CONTROL_PERSIST_REQUEST; c[i].ldctl_iscritical = psearch > 1; i++; } if ( sss ) { if ( ctrl_add() ) { tool_exit( ld, EXIT_FAILURE ); } if ( ldap_create_sort_control_value( ld, sss_keys, &c[i].ldctl_value ) ) { tool_exit( ld, EXIT_FAILURE ); } c[i].ldctl_oid = LDAP_CONTROL_SORTREQUEST; c[i].ldctl_iscritical = sss > 1; i++; } if ( vlv ) { if ( ctrl_add() ) { tool_exit( ld, EXIT_FAILURE ); } if ( ldap_create_vlv_control_value( ld, &vlvInfo, &c[i].ldctl_value ) ) { tool_exit( ld, EXIT_FAILURE ); } c[i].ldctl_oid = LDAP_CONTROL_VLVREQUEST; c[i].ldctl_iscritical = vlv > 1; i++; } #ifdef LDAP_CONTROL_X_DEREF if ( derefcrit ) { if ( derefval.bv_val == NULL ) { int i; assert( ds != NULL ); if ( ldap_create_deref_control_value( ld, ds, &derefval ) != LDAP_SUCCESS ) { tool_exit( ld, EXIT_FAILURE ); } for ( i = 0; ds[ i ].derefAttr != NULL; i++ ) { ldap_memfree( ds[ i ].derefAttr ); ldap_charray_free( ds[ i ].attributes ); } ldap_memfree( ds ); ds = NULL; } if ( ctrl_add() ) { tool_exit( ld, EXIT_FAILURE ); } c[ i ].ldctl_iscritical = derefcrit > 1; c[ i ].ldctl_oid = LDAP_CONTROL_X_DEREF; c[ i ].ldctl_value = derefval; i++; } #endif /* LDAP_CONTROL_X_DEREF */ #ifdef LDAP_CONTROL_X_DIRSYNC if ( dirSync ) { if ( ctrl_add() ) { tool_exit( ld, EXIT_FAILURE ); } if ( ldap_create_dirsync_value( ld, dirSyncFlags, dirSyncMaxAttrCount, &dirSyncCookie, &c[i].ldctl_value ) ) { tool_exit( ld, EXIT_FAILURE ); } c[i].ldctl_oid = LDAP_CONTROL_X_DIRSYNC; c[i].ldctl_iscritical = dirSync > 1; i++; } #endif #ifdef LDAP_CONTROL_X_EXTENDED_DN if ( extendedDn ) { if ( ctrl_add() ) { tool_exit( ld, EXIT_FAILURE ); } if ( ldap_create_extended_dn_value( ld, extendedDnFlag, &c[i].ldctl_value ) ) { tool_exit( ld, EXIT_FAILURE ); } c[i].ldctl_oid = LDAP_CONTROL_X_EXTENDED_DN; c[i].ldctl_iscritical = extendedDn > 1; i++; } #endif #ifdef LDAP_CONTROL_X_SHOW_DELETED if ( showDeleted ) { if ( ctrl_add() ) { tool_exit( ld, EXIT_FAILURE ); } c[i].ldctl_oid = LDAP_CONTROL_X_SHOW_DELETED; c[i].ldctl_value.bv_val = NULL; c[i].ldctl_value.bv_len = 0; c[i].ldctl_iscritical = showDeleted > 1; i++; } #endif #ifdef LDAP_CONTROL_X_SERVER_NOTIFICATION if ( serverNotif ) { if ( ctrl_add() ) { tool_exit( ld, EXIT_FAILURE ); } c[i].ldctl_oid = LDAP_CONTROL_X_SERVER_NOTIFICATION; c[i].ldctl_value.bv_val = NULL; c[i].ldctl_value.bv_len = 0; c[i].ldctl_iscritical = serverNotif > 1; i++; } #endif } tool_server_controls( ld, c, i ); /* free any controls we added */ for ( ; nctrls-- > save_nctrls; ) { if ( c[nctrls].ldctl_value.bv_val != derefval.bv_val ) ber_memfree( c[nctrls].ldctl_value.bv_val ); } /* step back to the original number of controls, so that * those set while parsing args are preserved */ nctrls = save_nctrls; if ( verbose ) { fprintf( stderr, _("filter%s: %s\nrequesting: "), infile != NULL ? _(" pattern") : "", filtpattern ); if ( attrs == NULL ) { fprintf( stderr, _("All userApplication attributes") ); } else { for ( i = 0; attrs[ i ] != NULL; ++i ) { fprintf( stderr, "%s ", attrs[ i ] ); } } fprintf( stderr, "\n" ); } if ( ldif == 0 ) { printf( _("# extended LDIF\n") ); } else if ( ldif < 3 ) { printf( _("version: %d\n\n"), 1 ); } if (ldif < 2 ) { char *realbase = base; if ( realbase == NULL ) { ldap_get_option( ld, LDAP_OPT_DEFBASE, (void **)(char *)&realbase ); } printf( "#\n" ); printf(_("# LDAPv%d\n"), protocol); printf(_("# base <%s>%s with scope %s\n"), realbase ? realbase : "", ( realbase == NULL || realbase != base ) ? " (default)" : "", ((scope == LDAP_SCOPE_BASE) ? "baseObject" : ((scope == LDAP_SCOPE_ONELEVEL) ? "oneLevel" : ((scope == LDAP_SCOPE_SUBORDINATE) ? "children" : "subtree" )))); printf(_("# filter%s: %s\n"), infile != NULL ? _(" pattern") : "", filtpattern); printf(_("# requesting: ")); if ( attrs == NULL ) { printf( _("ALL") ); } else { for ( i = 0; attrs[ i ] != NULL; ++i ) { printf( "%s ", attrs[ i ] ); } } if ( manageDSAit ) { printf(_("\n# with manageDSAit %scontrol"), manageDSAit > 1 ? _("critical ") : "" ); } if ( noop ) { printf(_("\n# with noop %scontrol"), noop > 1 ? _("critical ") : "" ); } if ( subentries ) { printf(_("\n# with subentries %scontrol: %s"), subentries < 0 ? _("critical ") : "", abs(subentries) == 1 ? "false" : "true" ); } if ( valuesReturnFilter ) { printf(_("\n# with valuesReturnFilter %scontrol: %s"), valuesReturnFilter > 1 ? _("critical ") : "", vrFilter ); } if ( pagedResults ) { printf(_("\n# with pagedResults %scontrol: size=%d"), (pagedResults > 1) ? _("critical ") : "", pageSize ); } if ( sss ) { printf(_("\n# with server side sorting %scontrol"), sss > 1 ? _("critical ") : "" ); } if ( vlv ) { printf(_("\n# with virtual list view %scontrol: %d/%d"), vlv > 1 ? _("critical ") : "", vlvInfo.ldvlv_before_count, vlvInfo.ldvlv_after_count); if ( vlvInfo.ldvlv_attrvalue ) printf(":%s", vlvInfo.ldvlv_attrvalue->bv_val ); else printf("/%d/%d", vlvInfo.ldvlv_offset, vlvInfo.ldvlv_count ); } #ifdef LDAP_CONTROL_X_DEREF if ( derefcrit ) { printf(_("\n# with dereference %scontrol"), derefcrit > 1 ? _("critical ") : "" ); } #endif printf( _("\n#\n\n") ); if ( realbase && realbase != base ) { ldap_memfree( realbase ); } } if ( infile == NULL ) { rc = dosearch( ld, base, scope, NULL, filtpattern, attrs, attrsonly, NULL, NULL, NULL, sizelimit ); } else { rc = 0; first = 1; while ( fgets( line, sizeof( line ), fp ) != NULL ) { line[ strlen( line ) - 1 ] = '\0'; if ( !first ) { putchar( '\n' ); } else { first = 0; } rc1 = dosearch( ld, base, scope, filtpattern, line, attrs, attrsonly, NULL, NULL, NULL, sizelimit ); if ( rc1 != 0 ) { rc = rc1; if ( !contoper ) break; } } if ( fp != stdin ) { fclose( fp ); fp = NULL; } } if (( rc == LDAP_SUCCESS ) && pageSize && pr_morePagedResults ) { char buf[12]; int i, moreEntries, tmpSize; /* Loop to get the next pages when * enter is pressed on the terminal. */ if ( pagePrompt != 0 ) { if ( entriesLeft > 0 ) { printf( _("Estimate entries: %d\n"), entriesLeft ); } printf( _("Press [size] Enter for the next {%d|size} entries.\n"), (int)pageSize ); i = 0; moreEntries = getchar(); while ( moreEntries != EOF && moreEntries != '\n' ) { if ( i < (int)sizeof(buf) - 1 ) { buf[i] = moreEntries; i++; } moreEntries = getchar(); } buf[i] = '\0'; if ( i > 0 && isdigit( (unsigned char)buf[0] ) ) { int num = sscanf( buf, "%d", &tmpSize ); if ( num != 1 ) { fprintf( stderr, _("Invalid value for PagedResultsControl, %s.\n"), buf); tool_exit( ld, EXIT_FAILURE ); } pageSize = (ber_int_t)tmpSize; } } goto getNextPage; } if (( rc == LDAP_SUCCESS ) && vlv ) { char buf[BUFSIZ]; int i, moreEntries; /* Loop to get the next window when * enter is pressed on the terminal. */ printf( _("Press [before/after(/offset/count|:value)] Enter for the next window.\n")); i = 0; moreEntries = getchar(); while ( moreEntries != EOF && moreEntries != '\n' ) { if ( i < (int)sizeof(buf) - 1 ) { buf[i] = moreEntries; i++; } moreEntries = getchar(); } buf[i] = '\0'; if ( buf[0] ) { i = parse_vlv( strdup( buf )); if ( i ) tool_exit( ld, EXIT_FAILURE ); } else { vlvInfo.ldvlv_attrvalue = NULL; vlvInfo.ldvlv_count = vlvCount; vlvInfo.ldvlv_offset += vlvInfo.ldvlv_after_count; } if ( vlvInfo.ldvlv_context ) ber_bvfree( vlvInfo.ldvlv_context ); vlvInfo.ldvlv_context = vlvContext; goto getNextPage; } if ( sss_keys != NULL ) { ldap_free_sort_keylist( sss_keys ); } if ( derefval.bv_val != NULL ) { ldap_memfree( derefval.bv_val ); } if ( urlpre != NULL ) { if ( def_urlpre != urlpre ) free( def_urlpre ); free( urlpre ); } if ( c ) { for ( ; save_nctrls-- > 0; ) { ber_memfree( c[ save_nctrls ].ldctl_value.bv_val ); } free( c ); c = NULL; } tool_exit( ld, rc ); } static int dosearch( LDAP *ld, char *base, int scope, char *filtpatt, char *value, char **attrs, int attrsonly, LDAPControl **sctrls, LDAPControl **cctrls, struct timeval *timeout, int sizelimit ) { char *filter; int rc, rc2 = LDAP_OTHER; int nresponses; int nentries; int nreferences; int nextended; int npartial; LDAPMessage *res, *msg; ber_int_t msgid; char *retoid = NULL; struct berval *retdata = NULL; int nresponses_psearch = -1; int cancel_msgid = -1; struct timeval tv, *tvp = NULL; struct timeval tv_timelimit, *tv_timelimitp = NULL; if( filtpatt != NULL ) { size_t max_fsize = strlen( filtpatt ) + strlen( value ) + 1, outlen; filter = malloc( max_fsize ); if( filter == NULL ) { perror( "malloc" ); return EXIT_FAILURE; } outlen = snprintf( filter, max_fsize, filtpatt, value ); if( outlen >= max_fsize ) { fprintf( stderr, "Bad filter pattern: \"%s\"\n", filtpatt ); free( filter ); return EXIT_FAILURE; } if ( verbose ) { fprintf( stderr, _("filter: %s\n"), filter ); } if( ldif < 2 ) { printf( _("#\n# filter: %s\n#\n"), filter ); } } else { filter = value; } if ( dont ) { if ( filtpatt != NULL ) { free( filter ); } return LDAP_SUCCESS; } if ( timelimit > 0 ) { tv_timelimit.tv_sec = timelimit; tv_timelimit.tv_usec = 0; tv_timelimitp = &tv_timelimit; } again: rc = ldap_search_ext( ld, base, scope, filter, attrs, attrsonly, sctrls, cctrls, tv_timelimitp, sizelimit, &msgid ); if ( filtpatt != NULL ) { free( filter ); } if( rc != LDAP_SUCCESS ) { tool_perror( "ldap_search_ext", rc, NULL, NULL, NULL, NULL ); return( rc ); } nresponses = nentries = nreferences = nextended = npartial = 0; res = NULL; if ( timelimit > 0 ) { /* disable timeout */ tv.tv_sec = -1; tv.tv_usec = 0; tvp = &tv; } if ( backlog == 1 ) { printf( _("\nWaiting for responses to accumulate, press Enter to continue: ")); fflush( stdout ); getchar(); printf( _("Abandoning msgid %d\n"), msgid ); ldap_abandon_ext( ld, msgid, NULL, NULL ); /* turn off syncrepl control */ ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, NULL ); backlog = 2; scope = LDAP_SCOPE_BASE; goto again; } else if ( backlog == 2 ) { tv.tv_sec = timelimit; } while ((rc = ldap_result( ld, LDAP_RES_ANY, sortattr ? LDAP_MSG_ALL : LDAP_MSG_ONE, tvp, &res )) > 0 ) { if ( tool_check_abandon( ld, msgid ) ) { return -1; } if( sortattr ) { (void) ldap_sort_entries( ld, &res, ( *sortattr == '\0' ) ? NULL : sortattr, strcasecmp ); } for ( msg = ldap_first_message( ld, res ); msg != NULL; msg = ldap_next_message( ld, msg ) ) { if ( nresponses++ ) putchar('\n'); if ( nresponses_psearch >= 0 ) nresponses_psearch++; switch( ldap_msgtype( msg ) ) { case LDAP_RES_SEARCH_ENTRY: nentries++; print_entry( ld, msg, attrsonly ); break; case LDAP_RES_SEARCH_REFERENCE: nreferences++; print_reference( ld, msg ); break; case LDAP_RES_EXTENDED: nextended++; print_extended( ld, msg ); if ( ldap_msgid( msg ) == 0 ) { /* unsolicited extended operation */ goto done; } if ( cancel_msgid != -1 && cancel_msgid == ldap_msgid( msg ) ) { printf(_("Cancelled \n")); printf(_("cancel_msgid = %d\n"), cancel_msgid); goto done; } break; case LDAP_RES_SEARCH_RESULT: /* pagedResults stuff is dealt with * in tool_print_ctrls(), called by * print_results(). */ rc2 = print_result( ld, msg, 1 ); if ( ldapsync == LDAP_SYNC_REFRESH_AND_PERSIST ) { break; } goto done; case LDAP_RES_INTERMEDIATE: npartial++; ldap_parse_intermediate( ld, msg, &retoid, &retdata, NULL, 0 ); nresponses_psearch = 0; if ( strcmp( retoid, LDAP_SYNC_INFO ) == 0 ) { if ( ldif < 1 ) { print_syncinfo( retdata ); } else if ( ldif < 2 ) { printf(_("# SyncInfo Received\n")); } ldap_memfree( retoid ); ber_bvfree( retdata ); break; } print_partial( ld, msg ); ldap_memfree( retoid ); ber_bvfree( retdata ); goto done; } if ( ldapsync && sync_slimit != -1 && nresponses_psearch >= sync_slimit ) { BerElement *msgidber = NULL; struct berval msgidval; msgidber = ber_alloc_t(LBER_USE_DER); ber_printf(msgidber, "{i}", msgid); ber_flatten2( msgidber, &msgidval, 0 ); ldap_extended_operation(ld, LDAP_EXOP_CANCEL, &msgidval, NULL, NULL, &cancel_msgid); ber_free( msgidber, 1 ); nresponses_psearch = -1; } } ldap_msgfree( res ); fflush( stdout ); } done: if ( tvp == NULL && rc != LDAP_RES_SEARCH_RESULT ) { ldap_get_option( ld, LDAP_OPT_RESULT_CODE, (void *)&rc2 ); } ldap_msgfree( res ); if ( pagedResults ) { npagedresponses += nresponses; npagedentries += nentries; npagedextended += nextended; npagedpartial += npartial; npagedreferences += nreferences; if ( ( pr_morePagedResults == 0 ) && ( ldif < 2 ) ) { printf( _("\n# numResponses: %d\n"), npagedresponses ); if( npagedentries ) { printf( _("# numEntries: %d\n"), npagedentries ); } if( npagedextended ) { printf( _("# numExtended: %d\n"), npagedextended ); } if( npagedpartial ) { printf( _("# numPartial: %d\n"), npagedpartial ); } if( npagedreferences ) { printf( _("# numReferences: %d\n"), npagedreferences ); } } } else if ( ldif < 2 ) { printf( _("\n# numResponses: %d\n"), nresponses ); if( nentries ) printf( _("# numEntries: %d\n"), nentries ); if( nextended ) printf( _("# numExtended: %d\n"), nextended ); if( npartial ) printf( _("# numPartial: %d\n"), npartial ); if( nreferences ) printf( _("# numReferences: %d\n"), nreferences ); } if ( rc != LDAP_RES_SEARCH_RESULT ) { tool_perror( "ldap_result", rc2, NULL, NULL, NULL, NULL ); } return( rc2 ); } /* This is the proposed new way of doing things. * It is more efficient, but the API is non-standard. */ static void print_entry( LDAP *ld, LDAPMessage *entry, int attrsonly) { char *ufn = NULL; char tmpfname[ 256 ]; char url[ 256 ]; int i, rc; BerElement *ber = NULL; struct berval bv, *bvals, **bvp = &bvals; LDAPControl **ctrls = NULL; FILE *tmpfp; rc = ldap_get_dn_ber( ld, entry, &ber, &bv ); if ( ldif < 2 ) { ufn = ldap_dn2ufn( bv.bv_val ); tool_write_ldif( LDIF_PUT_COMMENT, NULL, ufn, ufn ? strlen( ufn ) : 0 ); } tool_write_ldif( LDIF_PUT_VALUE, "dn", bv.bv_val, bv.bv_len ); rc = ldap_get_entry_controls( ld, entry, &ctrls ); if( rc != LDAP_SUCCESS ) { fprintf(stderr, _("print_entry: %d\n"), rc ); tool_perror( "ldap_get_entry_controls", rc, NULL, NULL, NULL, NULL ); tool_exit( ld, EXIT_FAILURE ); } if( ctrls ) { tool_print_ctrls( ld, ctrls ); ldap_controls_free( ctrls ); } if ( includeufn ) { if( ufn == NULL ) { ufn = ldap_dn2ufn( bv.bv_val ); } tool_write_ldif( LDIF_PUT_VALUE, "ufn", ufn, ufn ? strlen( ufn ) : 0 ); } if( ufn != NULL ) ldap_memfree( ufn ); if ( attrsonly ) bvp = NULL; for ( rc = ldap_get_attribute_ber( ld, entry, ber, &bv, bvp ); rc == LDAP_SUCCESS; rc = ldap_get_attribute_ber( ld, entry, ber, &bv, bvp ) ) { if (bv.bv_val == NULL) break; if ( attrsonly ) { tool_write_ldif( LDIF_PUT_NOVALUE, bv.bv_val, NULL, 0 ); } else if ( bvals ) { for ( i = 0; bvals[i].bv_val != NULL; i++ ) { if ( vals2tmp > 1 || ( vals2tmp && ldif_is_not_printable( bvals[i].bv_val, bvals[i].bv_len ))) { int tmpfd; /* write value to file */ snprintf( tmpfname, sizeof tmpfname, "%s" LDAP_DIRSEP "ldapsearch-%s-XXXXXX", tmpdir, bv.bv_val ); tmpfp = NULL; tmpfd = mkstemp( tmpfname ); if ( tmpfd < 0 ) { perror( tmpfname ); continue; } if (( tmpfp = fdopen( tmpfd, "w")) == NULL ) { perror( tmpfname ); continue; } if ( fwrite( bvals[ i ].bv_val, bvals[ i ].bv_len, 1, tmpfp ) == 0 ) { perror( tmpfname ); fclose( tmpfp ); continue; } fclose( tmpfp ); snprintf( url, sizeof url, "%s%s", urlpre, &tmpfname[strlen(tmpdir) + sizeof(LDAP_DIRSEP) - 1] ); urlize( url ); tool_write_ldif( LDIF_PUT_URL, bv.bv_val, url, strlen( url )); } else { tool_write_ldif( LDIF_PUT_VALUE, bv.bv_val, bvals[ i ].bv_val, bvals[ i ].bv_len ); } } ber_memfree( bvals ); } } if( ber != NULL ) { ber_free( ber, 0 ); } } static void print_reference( LDAP *ld, LDAPMessage *reference ) { int rc; char **refs = NULL; LDAPControl **ctrls; if( ldif < 2 ) { printf(_("# search reference\n")); } rc = ldap_parse_reference( ld, reference, &refs, &ctrls, 0 ); if( rc != LDAP_SUCCESS ) { tool_perror( "ldap_parse_reference", rc, NULL, NULL, NULL, NULL ); tool_exit( ld, EXIT_FAILURE ); } if( refs ) { int i; for( i=0; refs[i] != NULL; i++ ) { tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, "ref", refs[i], strlen(refs[i]) ); } ber_memvfree( (void **) refs ); } if( ctrls ) { tool_print_ctrls( ld, ctrls ); ldap_controls_free( ctrls ); } } static void print_extended( LDAP *ld, LDAPMessage *extended ) { int rc; char *retoid = NULL; struct berval *retdata = NULL; if( ldif < 2 ) { printf(_("# extended result response\n")); } rc = ldap_parse_extended_result( ld, extended, &retoid, &retdata, 0 ); if( rc != LDAP_SUCCESS ) { tool_perror( "ldap_parse_extended_result", rc, NULL, NULL, NULL, NULL ); tool_exit( ld, EXIT_FAILURE ); } if ( ldif < 2 ) { tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, "extended", retoid, retoid ? strlen(retoid) : 0 ); } ber_memfree( retoid ); if(retdata) { if ( ldif < 2 ) { tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_BINARY, "data", retdata->bv_val, retdata->bv_len ); } ber_bvfree( retdata ); } print_result( ld, extended, 0 ); } static void print_syncinfo( BerValue *data ) { BerElement *syncinfo; struct berval bv, cookie; ber_tag_t tag; ber_len_t len; if ( (syncinfo = ber_alloc()) == NULL ) { return; } ber_init2( syncinfo, data, 0 ); printf(_("# SyncInfo Received: ")); tag = ber_peek_tag( syncinfo, &len ); switch (tag) { case LDAP_TAG_SYNC_NEW_COOKIE: { printf(_("new cookie\n")); ber_scanf( syncinfo, "m", &cookie ); if ( ldif_is_not_printable( cookie.bv_val, cookie.bv_len ) ) { bv.bv_len = LUTIL_BASE64_ENCODE_LEN( cookie.bv_len ) + 1; bv.bv_val = ber_memalloc( bv.bv_len + 1 ); bv.bv_len = lutil_b64_ntop( (unsigned char *) cookie.bv_val, cookie.bv_len, bv.bv_val, bv.bv_len ); printf(_("# cookie:: %s\n"), bv.bv_val ); ber_memfree( bv.bv_val ); } else { printf(_("# cookie: %s\n"), cookie.bv_val ); } } break; case LDAP_TAG_SYNC_REFRESH_DELETE: { ber_int_t done = 1; printf(_("refresh delete\n")); /* Skip sequence tag first */ ber_skip_tag( syncinfo, &len ); tag = ber_peek_tag( syncinfo, &len ); if ( tag == LDAP_TAG_SYNC_COOKIE ) { ber_scanf( syncinfo, "m", &cookie ); if ( ldif_is_not_printable( cookie.bv_val, cookie.bv_len ) ) { bv.bv_len = LUTIL_BASE64_ENCODE_LEN( cookie.bv_len ) + 1; bv.bv_val = ber_memalloc( bv.bv_len + 1 ); bv.bv_len = lutil_b64_ntop( (unsigned char *) cookie.bv_val, cookie.bv_len, bv.bv_val, bv.bv_len ); printf(_("# cookie:: %s\n"), bv.bv_val ); ber_memfree( bv.bv_val ); } else { printf(_("# cookie: %s\n"), cookie.bv_val ); } tag = ber_peek_tag( syncinfo, &len ); } if ( tag == LDAP_TAG_REFRESHDONE ) { ber_get_boolean( syncinfo, &done ); } if ( done ) printf(_("# refresh done, switching to persist stage\n")); } break; case LDAP_TAG_SYNC_REFRESH_PRESENT: { ber_int_t done = 1; printf(_("refresh present\n")); /* Skip sequence tag first */ ber_skip_tag( syncinfo, &len ); tag = ber_peek_tag( syncinfo, &len ); if ( tag == LDAP_TAG_SYNC_COOKIE ) { ber_scanf( syncinfo, "m", &cookie ); if ( ldif_is_not_printable( cookie.bv_val, cookie.bv_len ) ) { bv.bv_len = LUTIL_BASE64_ENCODE_LEN( cookie.bv_len ) + 1; bv.bv_val = ber_memalloc( bv.bv_len + 1 ); bv.bv_len = lutil_b64_ntop( (unsigned char *) cookie.bv_val, cookie.bv_len, bv.bv_val, bv.bv_len ); printf(_("# cookie:: %s\n"), bv.bv_val ); ber_memfree( bv.bv_val ); } else { printf(_("# cookie: %s\n"), cookie.bv_val ); } tag = ber_peek_tag( syncinfo, &len ); } if ( tag == LDAP_TAG_REFRESHDONE ) { ber_get_boolean( syncinfo, &done ); } if ( done ) printf(_("# refresh done, switching to persist stage\n")); } break; case LDAP_TAG_SYNC_ID_SET: { ber_int_t refreshDeletes = 0; BerVarray uuids; printf(_("ID Set\n")); /* Skip sequence tag first */ ber_skip_tag( syncinfo, &len ); tag = ber_peek_tag( syncinfo, &len ); if ( tag == LDAP_TAG_SYNC_COOKIE ) { ber_scanf( syncinfo, "m", &cookie ); if ( ldif_is_not_printable( cookie.bv_val, cookie.bv_len ) ) { bv.bv_len = LUTIL_BASE64_ENCODE_LEN( cookie.bv_len ) + 1; bv.bv_val = ber_memalloc( bv.bv_len + 1 ); bv.bv_len = lutil_b64_ntop( (unsigned char *) cookie.bv_val, cookie.bv_len, bv.bv_val, bv.bv_len ); printf(_("# cookie:: %s\n"), bv.bv_val ); ber_memfree( bv.bv_val ); } else { printf(_("# cookie: %s\n"), cookie.bv_val ); } tag = ber_peek_tag( syncinfo, &len ); } if ( tag == LDAP_TAG_REFRESHDELETES ) { ber_get_boolean( syncinfo, &refreshDeletes ); tag = ber_peek_tag( syncinfo, &len ); } if ( refreshDeletes ) { printf(_("# following UUIDs no longer match the search\n")); } printf(_("# syncUUIDs:\n")); ber_scanf( syncinfo, "[W]", &uuids ); if ( uuids ) { char buf[LDAP_LUTIL_UUIDSTR_BUFSIZE]; int i; for ( i=0; !BER_BVISNULL( &uuids[i] ); i++ ) { int rc = lutil_uuidstr_from_normalized( uuids[i].bv_val, uuids[i].bv_len, buf, LDAP_LUTIL_UUIDSTR_BUFSIZE ); if ( rc <= 0 || rc >= LDAP_LUTIL_UUIDSTR_BUFSIZE ) { printf(_("#\t(UUID malformed)\n")); } else { printf(_("#\t%s\n"), buf); } } ber_bvarray_free( uuids ); } } break; case LBER_DEFAULT: printf(_("empty SyncInfoValue\n")); default: printf(_("SyncInfoValue unknown\n")); break; } ber_free( syncinfo, 0 ); } static void print_partial( LDAP *ld, LDAPMessage *partial ) { int rc; char *retoid = NULL; struct berval *retdata = NULL; LDAPControl **ctrls = NULL; if( ldif < 2 ) { printf(_("# extended partial response\n")); } rc = ldap_parse_intermediate( ld, partial, &retoid, &retdata, &ctrls, 0 ); if( rc != LDAP_SUCCESS ) { tool_perror( "ldap_parse_intermediate", rc, NULL, NULL, NULL, NULL ); tool_exit( ld, EXIT_FAILURE ); } if ( ldif < 2 ) { tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, "partial", retoid, retoid ? strlen(retoid) : 0 ); } ber_memfree( retoid ); if( retdata ) { if ( ldif < 2 ) { tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_BINARY, "data", retdata->bv_val, retdata->bv_len ); } ber_bvfree( retdata ); } if( ctrls ) { tool_print_ctrls( ld, ctrls ); ldap_controls_free( ctrls ); } } static int print_result( LDAP *ld, LDAPMessage *result, int search ) { int rc; int err; char *matcheddn = NULL; char *text = NULL; char **refs = NULL; LDAPControl **ctrls = NULL; if( search ) { if ( ldif < 2 ) { printf(_("# search result\n")); } if ( ldif < 1 ) { printf("%s: %d\n", _("search"), ldap_msgid(result) ); } } rc = ldap_parse_result( ld, result, &err, &matcheddn, &text, &refs, &ctrls, 0 ); if( rc != LDAP_SUCCESS ) { tool_perror( "ldap_parse_result", rc, NULL, NULL, NULL, NULL ); tool_exit( ld, EXIT_FAILURE ); } if( !ldif ) { printf( _("result: %d %s\n"), err, ldap_err2string(err) ); } else if ( err != LDAP_SUCCESS ) { fprintf( stderr, "%s (%d)\n", ldap_err2string(err), err ); } if( matcheddn ) { if( *matcheddn ) { if( !ldif ) { tool_write_ldif( LDIF_PUT_VALUE, "matchedDN", matcheddn, strlen(matcheddn) ); } else { fprintf( stderr, _("Matched DN: %s\n"), matcheddn ); } } ber_memfree( matcheddn ); } if( text ) { if( *text ) { if( !ldif ) { if ( err == LDAP_PARTIAL_RESULTS ) { char *line; for ( line = text; line != NULL; ) { char *next = strchr( line, '\n' ); tool_write_ldif( LDIF_PUT_TEXT, "text", line, next ? (size_t) (next - line) : strlen( line )); line = next ? next + 1 : NULL; } } else { tool_write_ldif( LDIF_PUT_TEXT, "text", text, strlen(text) ); } } else { fprintf( stderr, _("Additional information: %s\n"), text ); } } ber_memfree( text ); } if( refs ) { int i; for( i=0; refs[i] != NULL; i++ ) { if( !ldif ) { tool_write_ldif( LDIF_PUT_VALUE, "ref", refs[i], strlen(refs[i]) ); } else { fprintf( stderr, _("Referral: %s\n"), refs[i] ); } } ber_memvfree( (void **) refs ); } pr_morePagedResults = 0; if( ctrls ) { tool_print_ctrls( ld, ctrls ); ldap_controls_free( ctrls ); } return err; } openldap-2.5.16+dfsg/clients/tools/ldappasswd.c0000644000175000017500000002211714461774414021016 0ustar sergiosergio/* ldappasswd -- a tool for change LDAP passwords */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * Portions Copyright 1998-2003 Kurt D. Zeilenga. * Portions Copyright 1998-2001 Net Boolean Incorporated. * Portions Copyright 2001-2003 IBM Corporation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in the file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Portions Copyright (c) 1992-1996 Regents of the University of Michigan. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and that due credit is given * to the University of Michigan at Ann Arbor. The name of the * University may not be used to endorse or promote products derived * from this software without specific prior written permission. This * software is provided ``as is'' without express or implied warranty. */ /* ACKNOWLEDGEMENTS: * The original ldappasswd(1) tool was developed by Dave Storey (F5 * Network), based on other OpenLDAP client tools (which are, of * course, based on U-MICH LDAP). This version was rewritten * by Kurt D. Zeilenga (based on other OpenLDAP client tools). */ #include "portable.h" #include #include #include #include #include #include #include #include #include "lutil.h" #include "lutil_ldap.h" #include "ldap_defaults.h" #include "common.h" static struct berval newpw = { 0, NULL }; static struct berval oldpw = { 0, NULL }; static int want_newpw = 0; static int want_oldpw = 0; static char *oldpwfile = NULL; static char *newpwfile = NULL; void usage( void ) { fprintf( stderr, _("Change password of an LDAP user\n\n")); fprintf( stderr,_("usage: %s [options] [user]\n"), prog); fprintf( stderr, _(" user: the authentication identity, commonly a DN\n")); fprintf( stderr, _("Password change options:\n")); fprintf( stderr, _(" -a secret old password\n")); fprintf( stderr, _(" -A prompt for old password\n")); fprintf( stderr, _(" -t file read file for old password\n")); fprintf( stderr, _(" -s secret new password\n")); fprintf( stderr, _(" -S prompt for new password\n")); fprintf( stderr, _(" -T file read file for new password\n")); tool_common_usage(); exit( EXIT_FAILURE ); } const char options[] = "a:As:St:T:" "d:D:e:H:InNO:o:QR:U:vVw:WxX:y:Y:Z"; int handle_private_option( int i ) { switch ( i ) { #if 0 case 'E': /* passwd extensions */ { int crit; char *control, *cvalue; if( protocol == LDAP_VERSION2 ) { fprintf( stderr, _("%s: -E incompatible with LDAPv%d\n"), prog, protocol ); exit( EXIT_FAILURE ); } /* should be extended to support comma separated list of * [!]key[=value] parameters, e.g. -E !foo,bar=567 */ crit = 0; cvalue = NULL; if( optarg[0] == '!' ) { crit = 1; optarg++; } control = optarg; if ( (cvalue = strchr( control, '=' )) != NULL ) { *cvalue++ = '\0'; } fprintf( stderr, _("Invalid passwd extension name: %s\n"), control ); usage(); } #endif case 'a': /* old password (secret) */ oldpw.bv_val = strdup( optarg ); { char* p; for( p = optarg; *p != '\0'; p++ ) { *p = '\0'; } } oldpw.bv_len = strlen( oldpw.bv_val ); break; case 'A': /* prompt for old password */ want_oldpw++; break; case 's': /* new password (secret) */ newpw.bv_val = strdup( optarg ); { char* p; for( p = optarg; *p != '\0'; p++ ) { *p = '\0'; } } newpw.bv_len = strlen( newpw.bv_val ); break; case 'S': /* prompt for user password */ want_newpw++; break; case 't': oldpwfile = optarg; break; case 'T': newpwfile = optarg; break; default: return 0; } return 1; } int main( int argc, char *argv[] ) { int rc; char *user = NULL; LDAP *ld = NULL; struct berval bv = {0, NULL}; BerElement *ber = NULL; int id, code = LDAP_OTHER; LDAPMessage *res; char *matcheddn = NULL, *text = NULL, **refs = NULL; char *retoid = NULL; struct berval *retdata = NULL; LDAPControl **ctrls = NULL; tool_init( TOOL_PASSWD ); prog = lutil_progname( "ldappasswd", argc, argv ); /* LDAPv3 only */ protocol = LDAP_VERSION3; tool_args( argc, argv ); if( argc - optind > 1 ) { usage(); } else if ( argc - optind == 1 ) { user = strdup( argv[optind] ); } else { user = NULL; } if( oldpwfile ) { rc = lutil_get_filed_password( oldpwfile, &oldpw ); if( rc ) { rc = EXIT_FAILURE; goto done; } } if( want_oldpw && oldpw.bv_val == NULL ) { /* prompt for old password */ char *ckoldpw; oldpw.bv_val = strdup(getpassphrase(_("Old password: "))); ckoldpw = getpassphrase(_("Re-enter old password: ")); if( oldpw.bv_val == NULL || ckoldpw == NULL || strcmp( oldpw.bv_val, ckoldpw )) { fprintf( stderr, _("passwords do not match\n") ); rc = EXIT_FAILURE; goto done; } oldpw.bv_len = strlen( oldpw.bv_val ); } if( newpwfile ) { rc = lutil_get_filed_password( newpwfile, &newpw ); if( rc ) { rc = EXIT_FAILURE; goto done; } } if( want_newpw && newpw.bv_val == NULL ) { /* prompt for new password */ char *cknewpw; newpw.bv_val = strdup(getpassphrase(_("New password: "))); cknewpw = getpassphrase(_("Re-enter new password: ")); if( newpw.bv_val == NULL || cknewpw == NULL || strcmp( newpw.bv_val, cknewpw )) { fprintf( stderr, _("passwords do not match\n") ); rc = EXIT_FAILURE; goto done; } newpw.bv_len = strlen( newpw.bv_val ); } ld = tool_conn_setup( 0, 0 ); tool_bind( ld ); if( user != NULL || oldpw.bv_val != NULL || newpw.bv_val != NULL ) { /* build the password modify request data */ ber = ber_alloc_t( LBER_USE_DER ); if( ber == NULL ) { perror( "ber_alloc_t" ); rc = EXIT_FAILURE; goto done; } ber_printf( ber, "{" /*}*/ ); if( user != NULL ) { ber_printf( ber, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_ID, user ); free(user); } if( oldpw.bv_val != NULL ) { ber_printf( ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_OLD, &oldpw ); free(oldpw.bv_val); } if( newpw.bv_val != NULL ) { ber_printf( ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, &newpw ); free(newpw.bv_val); } ber_printf( ber, /*{*/ "N}" ); rc = ber_flatten2( ber, &bv, 0 ); if( rc < 0 ) { perror( "ber_flatten2" ); rc = EXIT_FAILURE; goto done; } } if ( dont ) { rc = LDAP_SUCCESS; goto done; } tool_server_controls( ld, NULL, 0); rc = ldap_extended_operation( ld, LDAP_EXOP_MODIFY_PASSWD, bv.bv_val ? &bv : NULL, NULL, NULL, &id ); ber_free( ber, 1 ); if( rc != LDAP_SUCCESS ) { tool_perror( "ldap_extended_operation", rc, NULL, NULL, NULL, NULL ); rc = EXIT_FAILURE; goto done; } for ( ; ; ) { struct timeval tv; if ( tool_check_abandon( ld, id ) ) { tool_exit( ld, LDAP_CANCELLED ); } tv.tv_sec = 0; tv.tv_usec = 100000; rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ALL, &tv, &res ); if ( rc < 0 ) { tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL ); tool_exit( ld, rc ); } if ( rc != 0 ) { break; } } rc = ldap_parse_result( ld, res, &code, &matcheddn, &text, &refs, &ctrls, 0 ); if( rc != LDAP_SUCCESS ) { tool_perror( "ldap_parse_result", rc, NULL, NULL, NULL, NULL ); rc = EXIT_FAILURE; goto done; } rc = ldap_parse_extended_result( ld, res, &retoid, &retdata, 1 ); if( rc != LDAP_SUCCESS ) { tool_perror( "ldap_parse_extended_result", rc, NULL, NULL, NULL, NULL ); rc = EXIT_FAILURE; goto done; } if( retdata != NULL ) { ber_tag_t tag; char *s; ber = ber_init( retdata ); if( ber == NULL ) { perror( "ber_init" ); rc = EXIT_FAILURE; goto done; } /* we should check the tag */ tag = ber_scanf( ber, "{a}", &s); if( tag == LBER_ERROR ) { perror( "ber_scanf" ); } else { printf(_("New password: %s\n"), s); ber_memfree( s ); } ber_free( ber, 1 ); } else if ( code == LDAP_SUCCESS && newpw.bv_val == NULL ) { tool_perror( "ldap_parse_extended_result", LDAP_DECODING_ERROR, " new password expected", NULL, NULL, NULL ); } if( verbose || code != LDAP_SUCCESS || ( matcheddn && *matcheddn ) || ( text && *text ) || refs || ctrls ) { printf( _("Result: %s (%d)\n"), ldap_err2string( code ), code ); if( text && *text ) { printf( _("Additional info: %s\n"), text ); } if( matcheddn && *matcheddn ) { printf( _("Matched DN: %s\n"), matcheddn ); } if( refs ) { int i; for( i=0; refs[i]; i++ ) { printf(_("Referral: %s\n"), refs[i] ); } } if( ctrls ) { tool_print_ctrls( ld, ctrls ); ldap_controls_free( ctrls ); } } ber_memfree( text ); ber_memfree( matcheddn ); ber_memvfree( (void **) refs ); ber_memfree( retoid ); ber_bvfree( retdata ); rc = ( code == LDAP_SUCCESS ) ? EXIT_SUCCESS : EXIT_FAILURE; done: /* disconnect from server */ tool_exit( ld, rc ); } openldap-2.5.16+dfsg/clients/tools/ldapexop.c0000644000175000017500000001665214461774414020477 0ustar sergiosergio/* ldapexop.c -- a tool for performing well-known extended operations */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 2005-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in the file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* ACKNOWLEDGEMENTS: * This work was originally developed by Pierangelo Masarati for inclusion * in OpenLDAP Software based, in part, on other client tools. */ #include "portable.h" #include #include #include #include #include #include #include #include #include "ldif.h" #include "lutil.h" #include "lutil_ldap.h" #include "ldap_defaults.h" #include "common.h" void usage( void ) { fprintf( stderr, _("Issue LDAP extended operations\n\n")); fprintf( stderr, _("usage: %s [options] \n"), prog); fprintf( stderr, _(" %s [options] whoami\n"), prog); fprintf( stderr, _(" %s [options] cancel \n"), prog); fprintf( stderr, _(" %s [options] refresh []\n"), prog); tool_common_usage(); exit( EXIT_FAILURE ); } const char options[] = "" "d:D:e:H:InNO:o:QR:U:vVw:WxX:y:Y:Z"; int handle_private_option( int i ) { switch ( i ) { default: return 0; } return 1; } int main( int argc, char *argv[] ) { int rc; LDAP *ld = NULL; char *matcheddn = NULL, *text = NULL, **refs = NULL; LDAPControl **ctrls = NULL; int id, code; LDAPMessage *res = NULL; tool_init( TOOL_EXOP ); prog = lutil_progname( "ldapexop", argc, argv ); /* LDAPv3 only */ protocol = LDAP_VERSION3; tool_args( argc, argv ); if ( argc - optind < 1 ) { usage(); } ld = tool_conn_setup( 0, 0 ); tool_bind( ld ); argv += optind; argc -= optind; if ( strcasecmp( argv[ 0 ], "whoami" ) == 0 ) { tool_server_controls( ld, NULL, 0 ); rc = ldap_whoami( ld, NULL, NULL, &id ); if ( rc != LDAP_SUCCESS ) { tool_perror( "ldap_extended_operation", rc, NULL, NULL, NULL, NULL ); rc = EXIT_FAILURE; goto skip; } } else if ( strcasecmp( argv[ 0 ], "cancel" ) == 0 ) { int cancelid; switch ( argc ) { case 2: if ( lutil_atoi( &cancelid, argv[ 1 ] ) != 0 || cancelid < 0 ) { fprintf( stderr, "invalid cancelid=%s\n\n", argv[ 1 ] ); usage(); } break; default: fprintf( stderr, "need cancelid\n\n" ); usage(); } rc = ldap_cancel( ld, cancelid, NULL, NULL, &id ); if ( rc != LDAP_SUCCESS ) { tool_perror( "ldap_cancel", rc, NULL, NULL, NULL, NULL ); rc = EXIT_FAILURE; goto skip; } } else if ( strcasecmp( argv[ 0 ], "passwd" ) == 0 ) { fprintf( stderr, "use ldappasswd(1) instead.\n\n" ); usage(); /* TODO? */ } else if ( strcasecmp( argv[ 0 ], "refresh" ) == 0 ) { int ttl = 3600; struct berval dn; switch ( argc ) { case 3: ttl = atoi( argv[ 2 ] ); case 2: dn.bv_val = argv[ 1 ]; dn.bv_len = strlen( dn.bv_val ); break; default: fprintf( stderr, _("need DN [ttl]\n\n") ); usage(); } tool_server_controls( ld, NULL, 0 ); rc = ldap_refresh( ld, &dn, ttl, NULL, NULL, &id ); if ( rc != LDAP_SUCCESS ) { tool_perror( "ldap_extended_operation", rc, NULL, NULL, NULL, NULL ); rc = EXIT_FAILURE; goto skip; } } else { char *p; if ( argc != 1 ) { usage(); } p = strchr( argv[ 0 ], ':' ); if ( p == argv[ 0 ] ) { usage(); } if ( p != NULL ) *p++ = '\0'; if ( tool_is_oid( argv[ 0 ] ) ) { struct berval reqdata; struct berval type; struct berval value; int freeval; if ( p != NULL ) { p[ -1 ] = ':'; ldif_parse_line2( argv[ 0 ], &type, &value, &freeval ); p[ -1 ] = '\0'; if ( freeval ) { reqdata = value; } else { ber_dupbv( &reqdata, &value ); } } tool_server_controls( ld, NULL, 0 ); rc = ldap_extended_operation( ld, argv[ 0 ], p ? &reqdata : NULL, NULL, NULL, &id ); if ( rc != LDAP_SUCCESS ) { tool_perror( "ldap_extended_operation", rc, NULL, NULL, NULL, NULL ); rc = EXIT_FAILURE; goto skip; } } else { fprintf( stderr, "unknown exop \"%s\"\n\n", argv[ 0 ] ); usage(); } } for ( ; ; ) { struct timeval tv; if ( tool_check_abandon( ld, id ) ) { tool_exit( ld, LDAP_CANCELLED ); } tv.tv_sec = 0; tv.tv_usec = 100000; rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ALL, &tv, &res ); if ( rc < 0 ) { tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL ); rc = EXIT_FAILURE; goto skip; } if ( rc != 0 ) { break; } } rc = ldap_parse_result( ld, res, &code, &matcheddn, &text, &refs, &ctrls, 0 ); if ( rc == LDAP_SUCCESS ) { rc = code; } if ( rc != LDAP_SUCCESS ) { tool_perror( "ldap_parse_result", rc, NULL, matcheddn, text, refs ); rc = EXIT_FAILURE; goto skip; } if ( strcasecmp( argv[ 0 ], "whoami" ) == 0 ) { char *retoid = NULL; struct berval *retdata = NULL; rc = ldap_parse_extended_result( ld, res, &retoid, &retdata, 0 ); if ( rc != LDAP_SUCCESS ) { tool_perror( "ldap_parse_extended_result", rc, NULL, NULL, NULL, NULL ); rc = EXIT_FAILURE; goto skip; } if ( retdata != NULL ) { if ( retdata->bv_len == 0 ) { printf(_("anonymous\n") ); } else { printf("%s\n", retdata->bv_val ); } } ber_memfree( retoid ); ber_bvfree( retdata ); } else if ( strcasecmp( argv[ 0 ], "cancel" ) == 0 ) { /* no extended response; returns specific errors */ assert( 0 ); } else if ( strcasecmp( argv[ 0 ], "passwd" ) == 0 ) { /* TODO */ } else if ( strcasecmp( argv[ 0 ], "refresh" ) == 0 ) { int newttl; rc = ldap_parse_refresh( ld, res, &newttl ); if ( rc != LDAP_SUCCESS ) { tool_perror( "ldap_parse_refresh", rc, NULL, NULL, NULL, NULL ); rc = EXIT_FAILURE; goto skip; } printf( "newttl=%d\n", newttl ); } else if ( tool_is_oid( argv[ 0 ] ) ) { char *retoid = NULL; struct berval *retdata = NULL; if( ldif < 2 ) { printf(_("# extended operation response\n")); } rc = ldap_parse_extended_result( ld, res, &retoid, &retdata, 0 ); if ( rc != LDAP_SUCCESS ) { tool_perror( "ldap_parse_extended_result", rc, NULL, NULL, NULL, NULL ); rc = EXIT_FAILURE; goto skip; } if ( ldif < 2 && retoid != NULL ) { tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, "oid", retoid, strlen(retoid) ); } ber_memfree( retoid ); if( retdata != NULL ) { if ( ldif < 2 ) { tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_BINARY, "data", retdata->bv_val, retdata->bv_len ); } ber_bvfree( retdata ); } } if( verbose || code != LDAP_SUCCESS || ( matcheddn && *matcheddn ) || ( text && *text ) || refs ) { printf( _("Result: %s (%d)\n"), ldap_err2string( code ), code ); if( text && *text ) { printf( _("Additional info: %s\n"), text ); } if( matcheddn && *matcheddn ) { printf( _("Matched DN: %s\n"), matcheddn ); } if( refs ) { int i; for( i=0; refs[i]; i++ ) { printf(_("Referral: %s\n"), refs[i] ); } } } if (ctrls) { tool_print_ctrls( ld, ctrls ); ldap_controls_free( ctrls ); } ber_memfree( text ); ber_memfree( matcheddn ); ber_memvfree( (void **) refs ); skip: /* disconnect from server */ if ( res ) ldap_msgfree( res ); tool_exit( ld, rc ); } openldap-2.5.16+dfsg/clients/tools/ldapmodrdn.c0000644000175000017500000001766514461774414021014 0ustar sergiosergio/* ldapmodrdn.c - generic program to modify an entry's RDN using LDAP */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * Portions Copyright 1998-2003 Kurt D. Zeilenga. * Portions Copyright 1998-2001 Net Boolean Incorporated. * Portions Copyright 2001-2003 IBM Corporation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in the file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Portions Copyright 1999, Juan C. Gomez, All rights reserved. * This software is not subject to any license of Silicon Graphics * Inc. or Purdue University. * * Redistribution and use in source and binary forms are permitted * without restriction or fee of any kind as long as this notice * is preserved. */ /* Portions Copyright (c) 1992-1996 Regents of the University of Michigan. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and that due credit is given * to the University of Michigan at Ann Arbor. The name of the * University may not be used to endorse or promote products derived * from this software without specific prior written permission. This * software is provided ``as is'' without express or implied warranty. */ /* ACKNOWLEDGEMENTS: * This work was originally developed by the University of Michigan * (as part of U-MICH LDAP). Additional significant contributors * include: * Kurt D. Zeilenga * Juan C Gomez */ #include "portable.h" #include #include #include #include #include #include #include #include #include "lutil.h" #include "lutil_ldap.h" #include "ldap_defaults.h" #include "common.h" static char *newSuperior = NULL; static int remove_old_RDN = 0; static int domodrdn( LDAP *ld, char *dn, char *rdn, char *newSuperior, int remove ); /* flag: remove old RDN */ void usage( void ) { fprintf( stderr, _("Rename LDAP entries\n\n")); fprintf( stderr, _("usage: %s [options] [dn rdn]\n"), prog); fprintf( stderr, _(" dn rdn: If given, rdn will replace the RDN of the entry specified by DN\n")); fprintf( stderr, _(" If not given, the list of modifications is read from stdin or\n")); fprintf( stderr, _(" from the file specified by \"-f file\" (see man page).\n")); fprintf( stderr, _("Rename options:\n")); fprintf( stderr, _(" -c continuous operation mode (do not stop on errors)\n")); fprintf( stderr, _(" -f file read operations from `file'\n")); fprintf( stderr, _(" -M enable Manage DSA IT control (-MM to make critical)\n")); fprintf( stderr, _(" -P version protocol version (default: 3)\n")); fprintf( stderr, _(" -r remove old RDN\n")); fprintf( stderr, _(" -s newsup new superior entry\n")); tool_common_usage(); exit( EXIT_FAILURE ); } const char options[] = "rs:" "cd:D:e:f:H:IMnNO:o:P:QR:U:vVw:WxX:y:Y:Z"; int handle_private_option( int i ) { switch ( i ) { #if 0 int crit; char *control, *cvalue; case 'E': /* modrdn extensions */ if( protocol == LDAP_VERSION2 ) { fprintf( stderr, _("%s: -E incompatible with LDAPv%d\n"), prog, version ); exit( EXIT_FAILURE ); } /* should be extended to support comma separated list of * [!]key[=value] parameters, e.g. -E !foo,bar=567 */ crit = 0; cvalue = NULL; if( optarg[0] == '!' ) { crit = 1; optarg++; } control = optarg; if ( (cvalue = strchr( control, '=' )) != NULL ) { *cvalue++ = '\0'; } fprintf( stderr, _("Invalid modrdn extension name: %s\n"), control ); usage(); #endif case 'r': /* remove old RDN */ remove_old_RDN++; break; case 's': /* newSuperior */ if( protocol == LDAP_VERSION2 ) { fprintf( stderr, _("%s: -X incompatible with LDAPv%d\n"), prog, protocol ); exit( EXIT_FAILURE ); } newSuperior = optarg; protocol = LDAP_VERSION3; break; default: return 0; } return 1; } int main(int argc, char **argv) { char *entrydn = NULL, *rdn = NULL, buf[ 4096 ]; FILE *fp = NULL; LDAP *ld = NULL; int rc, retval, havedn; tool_init( TOOL_MODRDN ); prog = lutil_progname( "ldapmodrdn", argc, argv ); tool_args( argc, argv ); havedn = 0; if (argc - optind == 2) { if (( rdn = strdup( argv[argc - 1] )) == NULL ) { perror( "strdup" ); retval = EXIT_FAILURE; goto fail; } if (( entrydn = strdup( argv[argc - 2] )) == NULL ) { perror( "strdup" ); retval = EXIT_FAILURE; goto fail; } ++havedn; } else if ( argc - optind != 0 ) { fprintf( stderr, _("%s: invalid number of arguments (%d), only two allowed\n"), prog, argc-optind ); usage(); } if ( infile != NULL ) { if (( fp = fopen( infile, "r" )) == NULL ) { perror( infile ); retval = EXIT_FAILURE; goto fail; } } else { fp = stdin; } ld = tool_conn_setup( 0, 0 ); tool_bind( ld ); tool_server_controls( ld, NULL, 0 ); retval = rc = 0; if (havedn) retval = domodrdn( ld, entrydn, rdn, newSuperior, remove_old_RDN ); else while ((rc == 0 || contoper) && fgets(buf, sizeof(buf), fp) != NULL) { if ( *buf != '\n' ) { /* blank lines optional, skip */ buf[ strlen( buf ) - 1 ] = '\0'; /* remove nl */ if ( havedn ) { /* have DN, get RDN */ if (( rdn = strdup( buf )) == NULL ) { perror( "strdup" ); retval = EXIT_FAILURE; goto fail; } rc = domodrdn(ld, entrydn, rdn, newSuperior, remove_old_RDN ); if ( rc != 0 ) retval = rc; havedn = 0; free( rdn ); rdn = NULL; free( entrydn ); entrydn = NULL; } else if ( !havedn ) { /* don't have DN yet */ if (( entrydn = strdup( buf )) == NULL ) { retval = EXIT_FAILURE; goto fail; } ++havedn; } } } fail: if ( fp && fp != stdin ) fclose( fp ); if ( entrydn ) free( entrydn ); if ( rdn ) free( rdn ); tool_exit( ld, retval ); } static int domodrdn( LDAP *ld, char *dn, char *rdn, char *newSuperior, int remove ) /* flag: remove old RDN */ { int rc, code, id; char *matcheddn=NULL, *text=NULL, **refs=NULL; LDAPControl **ctrls = NULL; LDAPMessage *res; if ( verbose ) { printf( _("Renaming \"%s\"\n"), dn ); printf( _("\tnew rdn=\"%s\" (%s old rdn)\n"), rdn, remove ? _("delete") : _("keep") ); if( newSuperior != NULL ) { printf(_("\tnew parent=\"%s\"\n"), newSuperior); } } if( dont ) return LDAP_SUCCESS; rc = ldap_rename( ld, dn, rdn, newSuperior, remove, NULL, NULL, &id ); if ( rc != LDAP_SUCCESS ) { fprintf( stderr, "%s: ldap_rename: %s (%d)\n", prog, ldap_err2string( rc ), rc ); return rc; } for ( ; ; ) { struct timeval tv = { 0, 0 }; if ( tool_check_abandon( ld, id ) ) { return LDAP_CANCELLED; } tv.tv_sec = 0; tv.tv_usec = 100000; rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ALL, &tv, &res ); if ( rc < 0 ) { tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL ); return rc; } if ( rc != 0 ) { break; } } rc = ldap_parse_result( ld, res, &code, &matcheddn, &text, &refs, &ctrls, 1 ); if( rc != LDAP_SUCCESS ) { fprintf( stderr, "%s: ldap_parse_result: %s (%d)\n", prog, ldap_err2string( rc ), rc ); return rc; } if( verbose || code != LDAP_SUCCESS || (matcheddn && *matcheddn) || (text && *text) || (refs && *refs) ) { printf( _("Rename Result: %s (%d)\n"), ldap_err2string( code ), code ); if( text && *text ) { printf( _("Additional info: %s\n"), text ); } if( matcheddn && *matcheddn ) { printf( _("Matched DN: %s\n"), matcheddn ); } if( refs ) { int i; for( i=0; refs[i]; i++ ) { printf(_("Referral: %s\n"), refs[i] ); } } } if (ctrls) { tool_print_ctrls( ld, ctrls ); ldap_controls_free( ctrls ); } ber_memfree( text ); ber_memfree( matcheddn ); ber_memvfree( (void **) refs ); return code; } openldap-2.5.16+dfsg/clients/tools/ldapvc.c0000644000175000017500000003162314461774414020127 0ustar sergiosergio/* ldapvc.c -- a tool for verifying credentials */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * Portions Copyright 2010 Kurt D. Zeilenga. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in the file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Portions Copyright (c) 1992-1996 Regents of the University of Michigan. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and that due credit is given * to the University of Michigan at Ann Arbor. The name of the * University may not be used to endorse or promote products derived * from this software without specific prior written permission. This * software is provided ``as is'' without express or implied warranty. */ /* ACKNOWLEDGEMENTS: * This work was originally developed by Kurt D. Zeilenga for inclusion * in OpenLDAP Software based, in part, on other client tools. */ #include "portable.h" #include #include #include #include #include #include #include #include #include "lutil.h" #include "lutil_ldap.h" #include "ldap_defaults.h" #include "common.h" static int req_authzid = 0; static int req_pp = 0; #if defined(LDAP_API_FEATURES_VERIFY_CREDENTIALS_INTERACTIVE) && defined(HAVE_CYRUS_SASL) #define LDAP_SASL_NONE (~0U) static unsigned vc_sasl = LDAP_SASL_NONE; static char *vc_sasl_realm = NULL; static char *vc_sasl_authcid = NULL; static char *vc_sasl_authzid = NULL; static char *vc_sasl_mech = NULL; static char *vc_sasl_secprops = NULL; #endif static char * dn = NULL; static struct berval cred = {0, NULL}; void usage( void ) { fprintf( stderr, _("Issue LDAP Verify Credentials operation to verify a user's credentials\n\n")); fprintf( stderr, _("usage: %s [options] [DN [cred]])\n"), prog); fprintf( stderr, _("where:\n")); fprintf( stderr, _(" DN\tDistinguished Name\n")); fprintf( stderr, _(" cred\tCredentials (prompt if not present)\n")); fprintf( stderr, _("options:\n")); fprintf( stderr, _(" -a\tRequest AuthzId\n")); fprintf( stderr, _(" -b\tRequest Password Policy Information\n")); fprintf( stderr, _(" -E sasl=(a[utomatic]|i[nteractive]|q[uiet]>\tSASL mode (defaults to automatic if any other -E option provided, otherwise none))\n")); fprintf( stderr, _(" -E mech=\tSASL mechanism (default "" e.g. Simple)\n")); fprintf( stderr, _(" -E realm=\tSASL Realm (defaults to none)\n")); fprintf( stderr, _(" -E authcid=\tSASL Authentication Identity (defaults to USER)\n")); fprintf( stderr, _(" -E authzid=\tSASL Authorization Identity (defaults to none)\n")); fprintf( stderr, _(" -E secprops=\tSASL Security Properties (defaults to none)\n")); tool_common_usage(); exit( EXIT_FAILURE ); } const char options[] = "abE:" "d:D:e:H:InNO:o:QR:U:vVw:WxX:y:Y:Z"; int handle_private_option( int i ) { switch ( i ) { char *control, *cvalue; case 'E': /* vc extension */ if( protocol == LDAP_VERSION2 ) { fprintf( stderr, _("%s: -E incompatible with LDAPv%d\n"), prog, protocol ); exit( EXIT_FAILURE ); } /* should be extended to support comma separated list of * [!]key[=value] parameters, e.g. -E !foo,bar=567 */ cvalue = NULL; if( optarg[0] == '!' ) { optarg++; } control = optarg; if ( (cvalue = strchr( control, '=' )) != NULL ) { *cvalue++ = '\0'; } if (strcasecmp(control, "sasl") == 0) { #if defined(LDAP_API_FEATURES_VERIFY_CREDENTIALS_INTERACTIVE) && defined(HAVE_CYRUS_SASL) if (vc_sasl != LDAP_SASL_NONE) { fprintf(stderr, _("SASL option previously specified\n")); exit(EXIT_FAILURE); } if (cvalue == NULL) { fprintf(stderr, _("missing mode in SASL option\n")); exit(EXIT_FAILURE); } switch (*cvalue) { case 'a': case 'A': vc_sasl = LDAP_SASL_AUTOMATIC; break; case 'i': case 'I': vc_sasl = LDAP_SASL_INTERACTIVE; break; case 'q': case 'Q': vc_sasl = LDAP_SASL_QUIET; break; default: fprintf(stderr, _("unknown mode %s in SASL option\n"), cvalue); exit(EXIT_FAILURE); } #else fprintf(stderr, _("%s: not compiled with SASL support\n"), prog); exit(EXIT_FAILURE); #endif } else if (strcasecmp(control, "mech") == 0) { #if defined(LDAP_API_FEATURES_VERIFY_CREDENTIALS_INTERACTIVE) && defined(HAVE_CYRUS_SASL) if (vc_sasl_mech) { fprintf(stderr, _("SASL mech previously specified\n")); exit(EXIT_FAILURE); } if (cvalue == NULL) { fprintf(stderr, _("missing mech in SASL option\n")); exit(EXIT_FAILURE); } vc_sasl_mech = ber_strdup(cvalue); #else #endif } else if (strcasecmp(control, "realm") == 0) { #if defined(LDAP_API_FEATURES_VERIFY_CREDENTIALS_INTERACTIVE) && defined(HAVE_CYRUS_SASL) if (vc_sasl_realm) { fprintf(stderr, _("SASL realm previously specified\n")); exit(EXIT_FAILURE); } if (cvalue == NULL) { fprintf(stderr, _("missing realm in SASL option\n")); exit(EXIT_FAILURE); } vc_sasl_realm = ber_strdup(cvalue); #else fprintf(stderr, _("%s: not compiled with SASL support\n"), prog); exit(EXIT_FAILURE); #endif } else if (strcasecmp(control, "authcid") == 0) { #if defined(LDAP_API_FEATURES_VERIFY_CREDENTIALS_INTERACTIVE) && defined(HAVE_CYRUS_SASL) if (vc_sasl_authcid) { fprintf(stderr, _("SASL authcid previously specified\n")); exit(EXIT_FAILURE); } if (cvalue == NULL) { fprintf(stderr, _("missing authcid in SASL option\n")); exit(EXIT_FAILURE); } vc_sasl_authcid = ber_strdup(cvalue); #else fprintf(stderr, _("%s: not compiled with SASL support\n"), prog); exit(EXIT_FAILURE); #endif } else if (strcasecmp(control, "authzid") == 0) { #if defined(LDAP_API_FEATURES_VERIFY_CREDENTIALS_INTERACTIVE) && defined(HAVE_CYRUS_SASL) if (vc_sasl_authzid) { fprintf(stderr, _("SASL authzid previously specified\n")); exit(EXIT_FAILURE); } if (cvalue == NULL) { fprintf(stderr, _("missing authzid in SASL option\n")); exit(EXIT_FAILURE); } vc_sasl_authzid = ber_strdup(cvalue); #else fprintf(stderr, _("%s: not compiled with SASL support\n"), prog); exit(EXIT_FAILURE); #endif } else if (strcasecmp(control, "secprops") == 0) { #if defined(LDAP_API_FEATURES_VERIFY_CREDENTIALS_INTERACTIVE) && defined(HAVE_CYRUS_SASL) if (vc_sasl_secprops) { fprintf(stderr, _("SASL secprops previously specified\n")); exit(EXIT_FAILURE); } if (cvalue == NULL) { fprintf(stderr, _("missing secprops in SASL option\n")); exit(EXIT_FAILURE); } vc_sasl_secprops = ber_strdup(cvalue); #else fprintf(stderr, _("%s: not compiled with SASL support\n"), prog); exit(EXIT_FAILURE); #endif } else { fprintf( stderr, _("Invalid Verify Credentials extension name: %s\n"), control ); usage(); } break; case 'a': /* request authzid */ req_authzid++; break; case 'b': /* request authzid */ req_pp++; break; default: return 0; } return 1; } int main( int argc, char *argv[] ) { int rc; LDAP *ld = NULL; char *matcheddn = NULL, *text = NULL, **refs = NULL; int rcode; char * diag = NULL; struct berval *scookie = NULL; struct berval *scred = NULL; int id, code = 0; LDAPMessage *res; LDAPControl **ctrls = NULL; LDAPControl **vcctrls = NULL; int nvcctrls = 0; tool_init( TOOL_VC ); prog = lutil_progname( "ldapvc", argc, argv ); /* LDAPv3 only */ protocol = LDAP_VERSION3; tool_args( argc, argv ); if (argc - optind > 0) { dn = argv[optind++]; } if (argc - optind > 0) { cred.bv_val = strdup(argv[optind++]); cred.bv_len = strlen(cred.bv_val); } if (argc - optind > 0) { usage(); } if (dn #ifdef LDAP_API_FEATURE_VERIFY_CREDENTIALS_INTERACTIVE && !vc_sasl_mech #endif && !cred.bv_val) { cred.bv_val = strdup(getpassphrase(_("User's password: "))); cred.bv_len = strlen(cred.bv_val); } #ifdef LDAP_API_FEATURE_VERIFY_CREDENTIALS_INTERACTIVE if (vc_sasl_mech && (vc_sasl == LDAP_SASL_NONE)) { vc_sasl = LDAP_SASL_AUTOMATIC; } #endif ld = tool_conn_setup( 0, 0 ); tool_bind( ld ); if ( dont ) { rc = LDAP_SUCCESS; goto skip; } tool_server_controls( ld, NULL, 0 ); if (req_authzid) { vcctrls = (LDAPControl **) malloc(3*sizeof(LDAPControl *)); vcctrls[nvcctrls] = (LDAPControl *) malloc(sizeof(LDAPControl)); vcctrls[nvcctrls]->ldctl_oid = ldap_strdup(LDAP_CONTROL_AUTHZID_REQUEST); vcctrls[nvcctrls]->ldctl_iscritical = 0; vcctrls[nvcctrls]->ldctl_value.bv_val = NULL; vcctrls[nvcctrls]->ldctl_value.bv_len = 0; vcctrls[++nvcctrls] = NULL; } if (req_pp) { if (!vcctrls) vcctrls = (LDAPControl **) malloc(3*sizeof(LDAPControl *)); vcctrls[nvcctrls] = (LDAPControl *) malloc(sizeof(LDAPControl)); vcctrls[nvcctrls]->ldctl_oid = ldap_strdup(LDAP_CONTROL_PASSWORDPOLICYREQUEST); vcctrls[nvcctrls]->ldctl_iscritical = 0; vcctrls[nvcctrls]->ldctl_value.bv_val = NULL; vcctrls[nvcctrls]->ldctl_value.bv_len = 0; vcctrls[++nvcctrls] = NULL; } #ifdef LDAP_API_FEATURE_VERIFY_CREDENTIALS_INTERACTIVE #ifdef HAVE_CYRUS_SASL if (vc_sasl_mech) { int msgid; void * defaults; void * context = NULL; const char *rmech = NULL; defaults = lutil_sasl_defaults(ld, vc_sasl_mech, vc_sasl_realm, vc_sasl_authcid, cred.bv_val, sasl_authz_id); do { rc = ldap_verify_credentials_interactive(ld, dn, vc_sasl_mech, vcctrls, NULL, NULL, vc_sasl, lutil_sasl_interact, defaults, context, res, &rmech, &msgid); if (rc != LDAP_SASL_BIND_IN_PROGRESS) break; ldap_msgfree(res); if (ldap_result(ld, msgid, LDAP_MSG_ALL, NULL, &res) == -1 || !res) { ldap_get_option(ld, LDAP_OPT_RESULT_CODE, (void*) &rc); ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, (void*) &text); tool_perror( "ldap_verify_credentials_interactive", rc, NULL, NULL, text, NULL); ldap_memfree(text); tool_exit(ld, rc); } } while (rc == LDAP_SASL_BIND_IN_PROGRESS); lutil_sasl_freedefs(defaults); if( rc != LDAP_SUCCESS ) { ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, (void*) &text); tool_perror( "ldap_verify_credentials", rc, NULL, NULL, text, NULL ); rc = EXIT_FAILURE; goto skip; } } else #endif #endif { rc = ldap_verify_credentials( ld, NULL, dn, NULL, cred.bv_val ? &cred: NULL, vcctrls, NULL, NULL, &id ); if( rc != LDAP_SUCCESS ) { ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, (void*) &text); tool_perror( "ldap_verify_credentials", rc, NULL, NULL, text, NULL ); rc = EXIT_FAILURE; goto skip; } for ( ; ; ) { struct timeval tv; if ( tool_check_abandon( ld, id ) ) { tool_exit( ld, LDAP_CANCELLED ); } tv.tv_sec = 0; tv.tv_usec = 100000; rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ALL, &tv, &res ); if ( rc < 0 ) { tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL ); tool_exit( ld, rc ); } if ( rc != 0 ) { break; } } } ldap_controls_free(vcctrls); vcctrls = NULL; rc = ldap_parse_result( ld, res, &code, &matcheddn, &text, &refs, &ctrls, 0 ); if (rc == LDAP_SUCCESS) rc = code; if (rc != LDAP_SUCCESS) { tool_perror( "ldap_parse_result", rc, NULL, matcheddn, text, refs ); rc = EXIT_FAILURE; goto skip; } rc = ldap_parse_verify_credentials( ld, res, &rcode, &diag, &scookie, &scred, &vcctrls ); ldap_msgfree(res); if (rc != LDAP_SUCCESS) { tool_perror( "ldap_parse_verify_credentials", rc, NULL, NULL, NULL, NULL ); rc = EXIT_FAILURE; goto skip; } if (rcode != LDAP_SUCCESS) { printf(_("Failed: %s (%d)\n"), ldap_err2string(rcode), rcode); } if (diag && *diag) { printf(_("Diagnostic: %s\n"), diag); } if (vcctrls) { tool_print_ctrls( ld, vcctrls ); } skip: if ( verbose || code != LDAP_SUCCESS || ( matcheddn && *matcheddn ) || ( text && *text ) || refs || ctrls ) { printf( _("Result: %s (%d)\n"), ldap_err2string( code ), code ); if( text && *text ) { printf( _("Additional info: %s\n"), text ); } if( matcheddn && *matcheddn ) { printf( _("Matched DN: %s\n"), matcheddn ); } if( refs ) { int i; for( i=0; refs[i]; i++ ) { printf(_("Referral: %s\n"), refs[i] ); } } if (ctrls) { tool_print_ctrls( ld, ctrls ); ldap_controls_free( ctrls ); } } ber_memfree( text ); ber_memfree( matcheddn ); ber_memvfree( (void **) refs ); ber_bvfree( scookie ); ber_bvfree( scred ); ber_memfree( diag ); free( cred.bv_val ); /* disconnect from server */ tool_exit( ld, code == LDAP_SUCCESS ? EXIT_SUCCESS : EXIT_FAILURE ); } openldap-2.5.16+dfsg/clients/tools/ldapwhoami.c0000644000175000017500000001204614461774414021001 0ustar sergiosergio/* ldapwhoami.c -- a tool for asking the directory "Who Am I?" */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * Portions Copyright 1998-2003 Kurt D. Zeilenga. * Portions Copyright 1998-2001 Net Boolean Incorporated. * Portions Copyright 2001-2003 IBM Corporation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in the file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Portions Copyright (c) 1992-1996 Regents of the University of Michigan. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and that due credit is given * to the University of Michigan at Ann Arbor. The name of the * University may not be used to endorse or promote products derived * from this software without specific prior written permission. This * software is provided ``as is'' without express or implied warranty. */ /* ACKNOWLEDGEMENTS: * This work was originally developed by Kurt D. Zeilenga for inclusion * in OpenLDAP Software based, in part, on other client tools. */ #include "portable.h" #include #include #include #include #include #include #include #include #include "lutil.h" #include "lutil_ldap.h" #include "ldap_defaults.h" #include "common.h" void usage( void ) { fprintf( stderr, _("Issue LDAP Who am I? operation to request user's authzid\n\n")); fprintf( stderr, _("usage: %s [options]\n"), prog); tool_common_usage(); exit( EXIT_FAILURE ); } const char options[] = "" "d:D:e:H:InNO:o:QR:U:vVw:WxX:y:Y:Z"; int handle_private_option( int i ) { switch ( i ) { #if 0 char *control, *cvalue; int crit; case 'E': /* whoami extension */ if( protocol == LDAP_VERSION2 ) { fprintf( stderr, _("%s: -E incompatible with LDAPv%d\n"), prog, protocol ); exit( EXIT_FAILURE ); } /* should be extended to support comma separated list of * [!]key[=value] parameters, e.g. -E !foo,bar=567 */ crit = 0; cvalue = NULL; if( optarg[0] == '!' ) { crit = 1; optarg++; } control = optarg; if ( (cvalue = strchr( control, '=' )) != NULL ) { *cvalue++ = '\0'; } fprintf( stderr, _("Invalid whoami extension name: %s\n"), control ); usage(); #endif default: return 0; } return 1; } int main( int argc, char *argv[] ) { int rc; LDAP *ld = NULL; char *matcheddn = NULL, *text = NULL, **refs = NULL; struct berval *authzid = NULL; int id, code = 0; LDAPMessage *res = NULL; LDAPControl **ctrls = NULL; tool_init( TOOL_WHOAMI ); prog = lutil_progname( "ldapwhoami", argc, argv ); /* LDAPv3 only */ protocol = LDAP_VERSION3; tool_args( argc, argv ); if( argc - optind > 0 ) { usage(); } ld = tool_conn_setup( 0, 0 ); tool_bind( ld ); if ( dont ) { rc = LDAP_SUCCESS; goto skip; } tool_server_controls( ld, NULL, 0 ); rc = ldap_whoami( ld, NULL, NULL, &id ); if( rc != LDAP_SUCCESS ) { tool_perror( "ldap_whoami", rc, NULL, NULL, NULL, NULL ); rc = EXIT_FAILURE; goto skip; } for ( ; ; ) { struct timeval tv; if ( tool_check_abandon( ld, id ) ) { tool_exit( ld, LDAP_CANCELLED ); } tv.tv_sec = 0; tv.tv_usec = 100000; rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ALL, &tv, &res ); if ( rc < 0 ) { tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL ); tool_exit( ld, rc ); } if ( rc != 0 ) { break; } } rc = ldap_parse_result( ld, res, &code, &matcheddn, &text, &refs, &ctrls, 0 ); if ( rc == LDAP_SUCCESS ) { rc = code; } if ( rc != LDAP_SUCCESS ) { tool_perror( "ldap_parse_result", rc, NULL, matcheddn, text, refs ); rc = EXIT_FAILURE; goto skip; } rc = ldap_parse_whoami( ld, res, &authzid ); if( rc != LDAP_SUCCESS ) { tool_perror( "ldap_parse_whoami", rc, NULL, NULL, NULL, NULL ); rc = EXIT_FAILURE; goto skip; } if( authzid != NULL ) { if( authzid->bv_len == 0 ) { printf(_("anonymous\n") ); } else { printf("%s\n", authzid->bv_val ); } } skip: ldap_msgfree(res); if ( verbose || code != LDAP_SUCCESS || ( matcheddn && *matcheddn ) || ( text && *text ) || refs || ctrls ) { printf( _("Result: %s (%d)\n"), ldap_err2string( code ), code ); if( text && *text ) { printf( _("Additional info: %s\n"), text ); } if( matcheddn && *matcheddn ) { printf( _("Matched DN: %s\n"), matcheddn ); } if( refs ) { int i; for( i=0; refs[i]; i++ ) { printf(_("Referral: %s\n"), refs[i] ); } } if (ctrls) { tool_print_ctrls( ld, ctrls ); ldap_controls_free( ctrls ); } } ber_memfree( text ); ber_memfree( matcheddn ); ber_memvfree( (void **) refs ); ber_bvfree( authzid ); /* disconnect from server */ tool_exit( ld, code == LDAP_SUCCESS ? EXIT_SUCCESS : EXIT_FAILURE ); } openldap-2.5.16+dfsg/clients/tools/common.h0000644000175000017500000000707314461774414020155 0ustar sergiosergio/* common.h - common definitions for the ldap client tools */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in the file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* ACKNOWLEDGEMENTS: * This file was initially created by Hallvard B. Furuseth based (in * part) upon argument parsing code for individual tools located in * this directory. */ #ifndef _CLIENT_TOOLS_COMMON_H_ #define _CLIENT_TOOLS_COMMON_H_ LDAP_BEGIN_DECL typedef enum tool_type_t { TOOL_SEARCH = 0x01U, TOOL_COMPARE = 0x02U, TOOL_ADD = 0x04U, TOOL_DELETE = 0x08U, TOOL_MODIFY = 0x10U, TOOL_MODRDN = 0x20U, TOOL_EXOP = 0x40U, TOOL_WHOAMI = TOOL_EXOP | 0x100U, TOOL_PASSWD = TOOL_EXOP | 0x200U, TOOL_VC = TOOL_EXOP | 0x400U, TOOL_WRITE = (TOOL_ADD|TOOL_DELETE|TOOL_MODIFY|TOOL_MODRDN), TOOL_READ = (TOOL_SEARCH|TOOL_COMPARE), TOOL_ALL = 0xFFU } tool_type_t; /* input-related vars */ /* misc. parameters */ extern tool_type_t tool_type; extern int contoper; extern int debug; extern char *infile; extern int dont; extern int referrals; extern int verbose; extern int ldif; extern ber_len_t ldif_wrap; extern char *prog; /* connection */ extern char *ldapuri; extern int use_tls; extern int protocol; extern int version; /* authc/authz */ extern int authmethod; extern char *binddn; extern int want_bindpw; extern struct berval passwd; extern char *pw_file; #ifdef HAVE_CYRUS_SASL extern unsigned sasl_flags; extern char *sasl_realm; extern char *sasl_authc_id; extern char *sasl_authz_id; extern char *sasl_mech; extern char *sasl_secprops; #endif /* controls */ extern char *assertion; extern char *authzid; extern int manageDIT; extern int manageDSAit; extern int noop; extern int ppolicy; extern int preread, postread; extern ber_int_t pr_morePagedResults; extern struct berval pr_cookie; #ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR extern int chaining; #endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */ extern ber_int_t vlvPos; extern ber_int_t vlvCount; extern struct berval *vlvContext; /* features */ extern int backlog; /* options */ extern struct timeval nettimeout; /* Defined in common.c, set in main() */ extern const char __Version[]; /* Defined in main program */ extern const char options[]; void usage LDAP_P(( void )) LDAP_GCCATTR((noreturn)); int handle_private_option LDAP_P(( int i )); /* Defined in common.c */ void tool_init LDAP_P(( tool_type_t type )); void tool_common_usage LDAP_P(( void )); void tool_args LDAP_P(( int, char ** )); LDAP *tool_conn_setup LDAP_P(( int dont, void (*private_setup)( LDAP * ) )); void tool_bind LDAP_P(( LDAP * )); void tool_unbind LDAP_P(( LDAP * )); void tool_destroy LDAP_P(( void )); void tool_exit LDAP_P(( LDAP *ld, int status )) LDAP_GCCATTR((noreturn)); void tool_server_controls LDAP_P(( LDAP *, LDAPControl *, int )); int tool_check_abandon LDAP_P(( LDAP *ld, int msgid )); void tool_perror LDAP_P(( const char *func, int err, const char *extra, const char *matched, const char *info, char **refs )); void tool_print_ctrls LDAP_P(( LDAP *ld, LDAPControl **ctrls )); int tool_write_ldif LDAP_P(( int type, char *name, char *value, ber_len_t vallen )); int tool_is_oid LDAP_P(( const char *s )); LDAP_END_DECL #endif /* _CLIENT_TOOLS_COMMON_H_ */ openldap-2.5.16+dfsg/clients/tools/ldapdelete.c0000644000175000017500000002315014461774414020755 0ustar sergiosergio/* ldapdelete.c - simple program to delete an entry using LDAP */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * Portions Copyright 1998-2003 Kurt D. Zeilenga. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in the file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Portions Copyright (c) 1992-1996 Regents of the University of Michigan. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and that due credit is given * to the University of Michigan at Ann Arbor. The name of the * University may not be used to endorse or promote products derived * from this software without specific prior written permission. This * software is provided ``as is'' without express or implied warranty. */ /* ACKNOWLEDGEMENTS: * This work was originally developed by the University of Michigan * (as part of U-MICH LDAP). Additional significant contributors * include: * Kurt D. Zeilenga */ #include "portable.h" #include #include #include #include #include #include #include #include #include "lutil.h" #include "lutil_ldap.h" #include "ldap_defaults.h" #include "common.h" static int prune = 0; static int sizelimit = -1; static int dodelete LDAP_P(( LDAP *ld, const char *dn)); static int deletechildren LDAP_P(( LDAP *ld, const char *dn, int subentries )); void usage( void ) { fprintf( stderr, _("Delete entries from an LDAP server\n\n")); fprintf( stderr, _("usage: %s [options] [dn]...\n"), prog); fprintf( stderr, _(" dn: list of DNs to delete. If not given, it will be read from stdin\n")); fprintf( stderr, _(" or from the file specified with \"-f file\".\n")); fprintf( stderr, _("Delete Options:\n")); fprintf( stderr, _(" -c continuous operation mode (do not stop on errors)\n")); fprintf( stderr, _(" -f file read operations from `file'\n")); fprintf( stderr, _(" -M enable Manage DSA IT control (-MM to make critical)\n")); fprintf( stderr, _(" -P version protocol version (default: 3)\n")); fprintf( stderr, _(" -r delete recursively\n")); tool_common_usage(); exit( EXIT_FAILURE ); } const char options[] = "r" "cd:D:e:f:H:IMnNO:o:P:QR:U:vVw:WxX:y:Y:z:Z"; int handle_private_option( int i ) { int ival; char *next; switch ( i ) { #if 0 int crit; char *control, *cvalue; case 'E': /* delete extensions */ if( protocol == LDAP_VERSION2 ) { fprintf( stderr, _("%s: -E incompatible with LDAPv%d\n"), prog, protocol ); exit( EXIT_FAILURE ); } /* should be extended to support comma separated list of * [!]key[=value] parameters, e.g. -E !foo,bar=567 */ crit = 0; cvalue = NULL; if( optarg[0] == '!' ) { crit = 1; optarg++; } control = optarg; if ( (cvalue = strchr( control, '=' )) != NULL ) { *cvalue++ = '\0'; } fprintf( stderr, _("Invalid delete extension name: %s\n"), control ); usage(); #endif case 'r': prune = 1; break; case 'z': /* size limit */ if ( strcasecmp( optarg, "none" ) == 0 ) { sizelimit = 0; } else if ( strcasecmp( optarg, "max" ) == 0 ) { sizelimit = LDAP_MAXINT; } else { ival = strtol( optarg, &next, 10 ); if ( next == NULL || next[0] != '\0' ) { fprintf( stderr, _("Unable to parse size limit \"%s\"\n"), optarg ); exit( EXIT_FAILURE ); } sizelimit = ival; } if( sizelimit < 0 || sizelimit > LDAP_MAXINT ) { fprintf( stderr, _("%s: invalid sizelimit (%d) specified\n"), prog, sizelimit ); exit( EXIT_FAILURE ); } break; default: return 0; } return 1; } static void private_conn_setup( LDAP *ld ) { /* this seems prudent for searches below */ int deref = LDAP_DEREF_NEVER; ldap_set_option( ld, LDAP_OPT_DEREF, &deref ); } int main( int argc, char **argv ) { char buf[ 4096 ]; FILE *fp = NULL; LDAP *ld; int rc, retval; tool_init( TOOL_DELETE ); prog = lutil_progname( "ldapdelete", argc, argv ); tool_args( argc, argv ); if ( infile != NULL ) { if (( fp = fopen( infile, "r" )) == NULL ) { perror( optarg ); exit( EXIT_FAILURE ); } } else { if ( optind >= argc ) { fp = stdin; } } ld = tool_conn_setup( 0, &private_conn_setup ); tool_bind( ld ); tool_server_controls( ld, NULL, 0 ); retval = rc = 0; if ( fp == NULL ) { for ( ; optind < argc; ++optind ) { rc = dodelete( ld, argv[ optind ] ); /* Stop on error and no -c option */ if( rc != 0 ) { retval = rc; if( contoper == 0 ) break; } } } else { while ((rc == 0 || contoper) && fgets(buf, sizeof(buf), fp) != NULL) { buf[ strlen( buf ) - 1 ] = '\0'; /* remove trailing newline */ if ( *buf != '\0' ) { rc = dodelete( ld, buf ); if ( rc != 0 ) retval = rc; } } if ( fp != stdin ) fclose( fp ); } tool_exit( ld, retval ); } static int dodelete( LDAP *ld, const char *dn) { int id; int rc, code; char *matcheddn = NULL, *text = NULL, **refs = NULL; LDAPControl **ctrls = NULL; LDAPMessage *res; int subentries = 0; if ( verbose ) { printf( _("%sdeleting entry \"%s\"\n"), (dont ? "!" : ""), dn ); } if ( dont ) { return LDAP_SUCCESS; } /* If prune is on, remove a whole subtree. Delete the children of the * DN recursively, then the DN requested. */ if ( prune ) { retry:; deletechildren( ld, dn, subentries ); } rc = ldap_delete_ext( ld, dn, NULL, NULL, &id ); if ( rc != LDAP_SUCCESS ) { fprintf( stderr, "%s: ldap_delete_ext: %s (%d)\n", prog, ldap_err2string( rc ), rc ); return rc; } for ( ; ; ) { struct timeval tv; if ( tool_check_abandon( ld, id ) ) { return LDAP_CANCELLED; } tv.tv_sec = 0; tv.tv_usec = 100000; rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ALL, &tv, &res ); if ( rc < 0 ) { tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL ); return rc; } if ( rc != 0 ) { break; } } rc = ldap_parse_result( ld, res, &code, &matcheddn, &text, &refs, &ctrls, 1 ); switch ( rc ) { case LDAP_SUCCESS: break; case LDAP_NOT_ALLOWED_ON_NONLEAF: if ( prune && !subentries ) { subentries = 1; goto retry; } /* fallthru */ default: fprintf( stderr, "%s: ldap_parse_result: %s (%d)\n", prog, ldap_err2string( rc ), rc ); return rc; } if( code != LDAP_SUCCESS ) { tool_perror( "ldap_delete", code, NULL, matcheddn, text, refs ); } else if ( verbose && ((matcheddn && *matcheddn) || (text && *text) || (refs && *refs) )) { printf( _("Delete Result: %s (%d)\n"), ldap_err2string( code ), code ); if( text && *text ) { printf( _("Additional info: %s\n"), text ); } if( matcheddn && *matcheddn ) { printf( _("Matched DN: %s\n"), matcheddn ); } if( refs ) { int i; for( i=0; refs[i]; i++ ) { printf(_("Referral: %s\n"), refs[i] ); } } } if (ctrls) { tool_print_ctrls( ld, ctrls ); ldap_controls_free( ctrls ); } ber_memfree( text ); ber_memfree( matcheddn ); ber_memvfree( (void **) refs ); return code; } /* * Delete all the children of an entry recursively until leaf nodes are reached. */ static int deletechildren( LDAP *ld, const char *base, int subentries ) { LDAPMessage *res, *e; int entries; int rc = LDAP_SUCCESS, srch_rc; static char *attrs[] = { LDAP_NO_ATTRS, NULL }; LDAPControl c, *ctrls[2], **ctrlsp = NULL; BerElement *ber = NULL; if ( verbose ) printf ( _("deleting children of: %s\n"), base ); if ( subentries ) { /* * Do a one level search at base for subentry children. */ if ((ber = ber_alloc_t(LBER_USE_DER)) == NULL) { return EXIT_FAILURE; } rc = ber_printf( ber, "b", 1 ); if ( rc == -1 ) { ber_free( ber, 1 ); fprintf( stderr, _("Subentries control encoding error!\n")); return EXIT_FAILURE; } if ( ber_flatten2( ber, &c.ldctl_value, 0 ) == -1 ) { return EXIT_FAILURE; } c.ldctl_oid = LDAP_CONTROL_SUBENTRIES; c.ldctl_iscritical = 1; ctrls[0] = &c; ctrls[1] = NULL; ctrlsp = ctrls; } /* * Do a one level search at base for children. For each, delete its children. */ more:; srch_rc = ldap_search_ext_s( ld, base, LDAP_SCOPE_ONELEVEL, NULL, attrs, 1, ctrlsp, NULL, NULL, sizelimit, &res ); switch ( srch_rc ) { case LDAP_SUCCESS: case LDAP_SIZELIMIT_EXCEEDED: break; default: tool_perror( "ldap_search", srch_rc, NULL, NULL, NULL, NULL ); rc = srch_rc; srch_rc = 0; goto leave; } entries = ldap_count_entries( ld, res ); if ( entries > 0 ) { int i; for (e = ldap_first_entry( ld, res ), i = 0; e != NULL; e = ldap_next_entry( ld, e ), i++ ) { char *dn = ldap_get_dn( ld, e ); if( dn == NULL ) { ldap_get_option( ld, LDAP_OPT_RESULT_CODE, &rc ); tool_perror( "ldap_prune", rc, NULL, NULL, NULL, NULL ); goto leave; } rc = deletechildren( ld, dn, 0 ); if ( rc != LDAP_SUCCESS ) { tool_perror( "ldap_prune", rc, NULL, NULL, NULL, NULL ); ber_memfree( dn ); goto leave; } if ( verbose ) { printf( _("\tremoving %s\n"), dn ); } rc = ldap_delete_ext_s( ld, dn, NULL, NULL ); if ( rc != LDAP_SUCCESS ) { tool_perror( "ldap_delete", rc, NULL, NULL, NULL, NULL ); ber_memfree( dn ); goto leave; } if ( verbose ) { printf( _("\t%s removed\n"), dn ); } ber_memfree( dn ); } } leave: ldap_msgfree( res ); if ( srch_rc == LDAP_SIZELIMIT_EXCEEDED ) { goto more; } return rc; } openldap-2.5.16+dfsg/clients/tools/ldapurl.c0000644000175000017500000001540014461774414020314 0ustar sergiosergio/* ldapurl -- a tool for generating LDAP URLs */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 2008-2022 The OpenLDAP Foundation. * Portions Copyright 2008 Pierangelo Masarati, SysNet * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in the file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Portions Copyright (c) 1992-1996 Regents of the University of Michigan. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and that due credit is given * to the University of Michigan at Ann Arbor. The name of the * University may not be used to endorse or promote products derived * from this software without specific prior written permission. This * software is provided ``as is'' without express or implied warranty. */ /* ACKNOWLEDGEMENTS: * This work was originally developed by Pierangelo Masarati * for inclusion in OpenLDAP software. */ #include "portable.h" #include #include #include #include #include "ldap.h" #include "ldap_pvt.h" #include "lutil.h" static int usage(void) { fprintf( stderr, _("usage: %s [options]\n\n"), "ldapurl" ); fprintf( stderr, _("generates RFC 4516 LDAP URL with extensions\n\n" ) ); fprintf( stderr, _("URL options:\n")); fprintf( stderr, _(" -a attrs comma separated list of attributes\n" ) ); fprintf( stderr, _(" -b base (RFC 4514 LDAP DN)\n" ) ); fprintf( stderr, _(" -E ext (format: \"ext=value\"; multiple occurrences allowed)\n" ) ); fprintf( stderr, _(" -f filter (RFC 4515 LDAP filter)\n" ) ); fprintf( stderr, _(" -h host \n" ) ); fprintf( stderr, _(" -p port (default: 389 for ldap, 636 for ldaps)\n" ) ); fprintf( stderr, _(" -s scope (RFC 4511 searchScope and extensions)\n" ) ); fprintf( stderr, _(" -S scheme (RFC 4516 LDAP URL scheme and extensions)\n" ) ); exit( EXIT_FAILURE ); } static int do_uri_create( LDAPURLDesc *lud ) { char *uri; if ( lud->lud_scheme == NULL ) { lud->lud_scheme = "ldap"; } if ( lud->lud_port == -1 ) { if ( strcasecmp( lud->lud_scheme, "ldap" ) == 0 ) { lud->lud_port = LDAP_PORT; } else if ( strcasecmp( lud->lud_scheme, "ldaps" ) == 0 ) { lud->lud_port = LDAPS_PORT; } else if ( strcasecmp( lud->lud_scheme, "ldapi" ) == 0 ) { lud->lud_port = 0; } else { /* forgiving... */ lud->lud_port = 0; } } if ( lud->lud_scope == -1 ) { lud->lud_scope = LDAP_SCOPE_DEFAULT; } uri = ldap_url_desc2str( lud ); if ( lud->lud_attrs != NULL ) { ldap_charray_free( lud->lud_attrs ); lud->lud_attrs = NULL; } if ( lud->lud_exts != NULL ) { free( lud->lud_exts ); lud->lud_exts = NULL; } if ( uri == NULL ) { fprintf( stderr, "unable to generate URI\n" ); exit( EXIT_FAILURE ); } printf( "%s\n", uri ); free( uri ); return 0; } static int do_uri_explode( const char *uri ) { LDAPURLDesc *lud; int rc; rc = ldap_url_parse( uri, &lud ); if ( rc != LDAP_URL_SUCCESS ) { fprintf( stderr, "unable to parse URI \"%s\"\n", uri ); return 1; } if ( lud->lud_scheme != NULL && lud->lud_scheme[0] != '\0' ) { printf( "scheme: %s\n", lud->lud_scheme ); } if ( lud->lud_host != NULL && lud->lud_host[0] != '\0' ) { printf( "host: %s\n", lud->lud_host ); } if ( lud->lud_port != 0 ) { printf( "port: %d\n", lud->lud_port ); } if ( lud->lud_dn != NULL && lud->lud_dn[0] != '\0' ) { printf( "dn: %s\n", lud->lud_dn ); } if ( lud->lud_attrs != NULL ) { int i; for ( i = 0; lud->lud_attrs[i] != NULL; i++ ) { printf( "selector: %s\n", lud->lud_attrs[i] ); } } if ( lud->lud_scope != LDAP_SCOPE_DEFAULT ) { printf( "scope: %s\n", ldap_pvt_scope2str( lud->lud_scope ) ); } if ( lud->lud_filter != NULL && lud->lud_filter[0] != '\0' ) { printf( "filter: %s\n", lud->lud_filter ); } if ( lud->lud_exts != NULL ) { int i; for ( i = 0; lud->lud_exts[i] != NULL; i++ ) { printf( "extension: %s\n", lud->lud_exts[i] ); } } ldap_free_urldesc( lud ); return 0; } int main( int argc, char *argv[]) { LDAPURLDesc lud = { 0 }; char *uri = NULL; int gotlud = 0; int nexts = 0; lud.lud_port = -1; lud.lud_scope = -1; while ( 1 ) { int opt = getopt( argc, argv, "S:h:p:b:a:s:f:E:H:" ); if ( opt == EOF ) { break; } if ( opt == 'H' ) { if ( gotlud ) { fprintf( stderr, "option -H incompatible with previous options\n" ); usage(); } if ( uri != NULL ) { fprintf( stderr, "URI already provided\n" ); usage(); } uri = optarg; continue; } switch ( opt ) { case 'S': case 'h': case 'p': case 'b': case 'a': case 's': case 'f': case 'E': if ( uri != NULL ) { fprintf( stderr, "option -%c incompatible with -H\n", opt ); usage(); } gotlud++; } switch ( opt ) { case 'S': if ( lud.lud_scheme != NULL ) { fprintf( stderr, "scheme already provided\n" ); usage(); } lud.lud_scheme = optarg; break; case 'h': if ( lud.lud_host != NULL ) { fprintf( stderr, "host already provided\n" ); usage(); } lud.lud_host = optarg; break; case 'p': if ( lud.lud_port != -1 ) { fprintf( stderr, "port already provided\n" ); usage(); } if ( lutil_atoi( &lud.lud_port, optarg ) ) { fprintf( stderr, "unable to parse port \"%s\"\n", optarg ); usage(); } break; case 'b': if ( lud.lud_dn != NULL ) { fprintf( stderr, "base already provided\n" ); usage(); } lud.lud_dn = optarg; break; case 'a': if ( lud.lud_attrs != NULL ) { fprintf( stderr, "attrs already provided\n" ); usage(); } lud.lud_attrs = ldap_str2charray( optarg, "," ); if ( lud.lud_attrs == NULL ) { fprintf( stderr, "unable to parse attrs list \"%s\"\n", optarg ); usage(); } break; case 's': if ( lud.lud_scope != -1 ) { fprintf( stderr, "scope already provided\n" ); usage(); } lud.lud_scope = ldap_pvt_str2scope( optarg ); if ( lud.lud_scope == -1 ) { fprintf( stderr, "unable to parse scope \"%s\"\n", optarg ); usage(); } break; case 'f': if ( lud.lud_filter != NULL ) { fprintf( stderr, "filter already provided\n" ); usage(); } lud.lud_filter = optarg; break; case 'E': lud.lud_exts = (char **)realloc( lud.lud_exts, sizeof( char * ) * ( nexts + 2 ) ); lud.lud_exts[ nexts++ ] = optarg; lud.lud_exts[ nexts ] = NULL; break; default: assert( opt != 'H' ); usage(); } } if ( uri != NULL ) { return do_uri_explode( uri ); } return do_uri_create( &lud ); } openldap-2.5.16+dfsg/clients/tools/ldapmodify.c0000644000175000017500000004125014461774414021003 0ustar sergiosergio/* ldapmodify.c - generic program to modify or add entries using LDAP */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * Portions Copyright 2006 Howard Chu. * Portions Copyright 1998-2003 Kurt D. Zeilenga. * Portions Copyright 1998-2001 Net Boolean Incorporated. * Portions Copyright 2001-2003 IBM Corporation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in the file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Portions Copyright (c) 1992-1996 Regents of the University of Michigan. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and that due credit is given * to the University of Michigan at Ann Arbor. The name of the * University may not be used to endorse or promote products derived * from this software without specific prior written permission. This * software is provided ``as is'' without express or implied warranty. */ /* ACKNOWLEDGEMENTS: * This work was originally developed by the University of Michigan * (as part of U-MICH LDAP). Additional significant contributors * include: * Kurt D. Zeilenga * Norbert Klasen * Howard Chu */ #include "portable.h" #include #include #include #include #include #include #include #ifdef HAVE_SYS_STAT_H #include #endif #ifdef HAVE_SYS_FILE_H #include #endif #ifdef HAVE_FCNTL_H #include #endif #include #include "lutil.h" #include "lutil_ldap.h" #include "ldif.h" #include "ldap_defaults.h" #include "ldap_pvt.h" #include "lber_pvt.h" #include "common.h" static int ldapadd; static char *rejfile = NULL; static LDAP *ld = NULL; static int process_ldif_rec LDAP_P(( char *rbuf, unsigned long lineno )); static int domodify LDAP_P(( const struct berval *dn, LDAPMod **pmods, LDAPControl **pctrls, int newentry )); static int dodelete LDAP_P(( const struct berval *dn, LDAPControl **pctrls )); static int dorename LDAP_P(( const struct berval *dn, const struct berval *newrdn, const struct berval *newsup, int deleteoldrdn, LDAPControl **pctrls )); static int process_response( LDAP *ld, int msgid, int res, const struct berval *dn ); static int txn = 0; static int txnabort = 0; struct berval *txn_id = NULL; void usage( void ) { fprintf( stderr, _("Add or modify entries from an LDAP server\n\n")); fprintf( stderr, _("usage: %s [options]\n"), prog); fprintf( stderr, _(" The list of desired operations are read from stdin" " or from the file\n")); fprintf( stderr, _(" specified by \"-f file\".\n")); fprintf( stderr, _("Add or modify options:\n")); fprintf( stderr, _(" -a add values (%s)\n"), (ldapadd ? _("default") : _("default is to replace"))); fprintf( stderr, _(" -c continuous operation mode (do not stop on errors)\n")); fprintf( stderr, _(" -E [!]ext=extparam modify extensions" " (! indicate s criticality)\n")); fprintf( stderr, _(" -f file read operations from `file'\n")); fprintf( stderr, _(" -M enable Manage DSA IT control (-MM to make critical)\n")); fprintf( stderr, _(" -P version protocol version (default: 3)\n")); fprintf( stderr, _(" [!]txn= (transaction)\n")); fprintf( stderr, _(" -S file write skipped modifications to `file'\n")); tool_common_usage(); exit( EXIT_FAILURE ); } const char options[] = "aE:rS:" "cd:D:e:f:H:IMnNO:o:P:QR:U:vVw:WxX:y:Y:Z"; int handle_private_option( int i ) { char *control, *cvalue; int crit; switch ( i ) { case 'E': /* modify extensions */ if( protocol == LDAP_VERSION2 ) { fprintf( stderr, _("%s: -E incompatible with LDAPv%d\n"), prog, protocol ); exit( EXIT_FAILURE ); } /* should be extended to support comma separated list of * [!]key[=value] parameters, e.g. -E !foo,bar=567 */ crit = 0; cvalue = NULL; if( optarg[0] == '!' ) { crit = 1; optarg++; } control = optarg; if ( (cvalue = strchr( control, '=' )) != NULL ) { *cvalue++ = '\0'; } if( strcasecmp( control, "txn" ) == 0 ) { /* Transaction */ if( txn ) { fprintf( stderr, _("txn control previously specified\n")); exit( EXIT_FAILURE ); } if( cvalue != NULL ) { if( strcasecmp( cvalue, "abort" ) == 0 ) { txnabort=1; } else if( strcasecmp( cvalue, "commit" ) != 0 ) { fprintf( stderr, _("Invalid value for txn control, %s\n"), cvalue ); exit( EXIT_FAILURE ); } } txn = 1 + crit; } else { fprintf( stderr, _("Invalid modify extension name: %s\n"), control ); usage(); } break; case 'a': /* add */ ldapadd = 1; break; case 'r': /* replace (obsolete) */ break; case 'S': /* skipped modifications to file */ if( rejfile != NULL ) { fprintf( stderr, _("%s: -S previously specified\n"), prog ); exit( EXIT_FAILURE ); } rejfile = optarg; break; default: return 0; } return 1; } int main( int argc, char **argv ) { char *rbuf = NULL, *rejbuf = NULL; FILE *rejfp; struct LDIFFP *ldiffp = NULL, ldifdummy = {0}; char *matched_msg, *error_msg; int rc, retval, ldifrc; int len; int i = 0, lmax = 0; unsigned long lineno, nextline = 0; LDAPControl c[1]; prog = lutil_progname( "ldapmodify", argc, argv ); /* strncmp instead of strcmp since NT binaries carry .exe extension */ ldapadd = ( strncasecmp( prog, "ldapadd", sizeof("ldapadd")-1 ) == 0 ); tool_init( ldapadd ? TOOL_ADD : TOOL_MODIFY ); tool_args( argc, argv ); if ( argc != optind ) usage(); if ( rejfile != NULL ) { if (( rejfp = fopen( rejfile, "w" )) == NULL ) { perror( rejfile ); retval = EXIT_FAILURE; goto fail; } } else { rejfp = NULL; } if ( infile != NULL ) { if (( ldiffp = ldif_open( infile, "r" )) == NULL ) { perror( infile ); retval = EXIT_FAILURE; goto fail; } } else { ldifdummy.fp = stdin; ldiffp = &ldifdummy; } if ( debug ) ldif_debug = debug; ld = tool_conn_setup( dont, 0 ); if ( !dont ) { tool_bind( ld ); } if( txn ) { /* start transaction */ rc = ldap_txn_start_s( ld, NULL, NULL, &txn_id ); if( rc != LDAP_SUCCESS || !txn_id ) { tool_perror( "ldap_txn_start_s", rc, NULL, NULL, NULL, NULL ); if( txn > 1 ) { retval = EXIT_FAILURE; goto fail; } txn = 0; } } if( txn ) { c[i].ldctl_oid = LDAP_CONTROL_TXN_SPEC; c[i].ldctl_value = *txn_id; c[i].ldctl_iscritical = 1; i++; } tool_server_controls( ld, c, i ); rc = 0; retval = 0; lineno = 1; while (( rc == 0 || contoper ) && ( ldifrc = ldif_read_record( ldiffp, &nextline, &rbuf, &lmax )) > 0 ) { if ( rejfp ) { len = strlen( rbuf ); if (( rejbuf = (char *)ber_memalloc( len+1 )) == NULL ) { perror( "malloc" ); retval = EXIT_FAILURE; goto fail; } memcpy( rejbuf, rbuf, len+1 ); } rc = process_ldif_rec( rbuf, lineno ); lineno = nextline+1; if ( rc ) retval = rc; if ( rc && rejfp ) { fprintf(rejfp, _("# Error: %s (%d)"), ldap_err2string(rc), rc); matched_msg = NULL; ldap_get_option(ld, LDAP_OPT_MATCHED_DN, &matched_msg); if ( matched_msg != NULL ) { if ( *matched_msg != '\0' ) { fprintf( rejfp, _(", matched DN: %s"), matched_msg ); } ldap_memfree( matched_msg ); } error_msg = NULL; ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, &error_msg); if ( error_msg != NULL ) { if ( *error_msg != '\0' ) { fprintf( rejfp, _(", additional info: %s"), error_msg ); } ldap_memfree( error_msg ); } fprintf( rejfp, "\n%s\n", rejbuf ); } if (rejfp) ber_memfree( rejbuf ); } ber_memfree( rbuf ); if ( ldifrc < 0 ) retval = LDAP_OTHER; if( retval == 0 && txn ) { rc = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, NULL ); if ( rc != LDAP_OPT_SUCCESS ) { fprintf( stderr, "Could not unset controls for ldap_txn_end\n"); } /* create transaction */ rc = ldap_txn_end_s( ld, !txnabort, txn_id, NULL, NULL, NULL ); if( rc != LDAP_SUCCESS ) { tool_perror( "ldap_txn_end_s", rc, NULL, NULL, NULL, NULL ); retval = rc; } } fail:; if ( rejfp != NULL ) { fclose( rejfp ); } if ( ldiffp != NULL && ldiffp != &ldifdummy ) { ldif_close( ldiffp ); } tool_exit( ld, retval ); } static int process_ldif_rec( char *rbuf, unsigned long linenum ) { LDIFRecord lr; int lrflags = ldapadd ? LDIF_DEFAULT_ADD : 0; int rc; struct berval rbuf_bv; #ifdef TEST_LDIF_API if ( getenv( "LDIF_ENTRIES_ONLY" ) ) { lrflags |= LDIF_ENTRIES_ONLY; } if ( getenv( "LDIF_NO_CONTROLS" ) ) { lrflags |= LDIF_NO_CONTROLS; } #endif /* TEST_LDIF_API */ rbuf_bv.bv_val = rbuf; rbuf_bv.bv_len = 0; /* not used */ rc = ldap_parse_ldif_record( &rbuf_bv, linenum, &lr, prog, lrflags ); /* If default controls are set (as with -M option) and controls are specified in the LDIF file, we must add the default controls to the list of controls sent with the ldap operation. */ if ( rc == 0 ) { if (lr.lr_ctrls) { LDAPControl **defctrls = NULL; /* Default server controls */ LDAPControl **newctrls = NULL; ldap_get_option(ld, LDAP_OPT_SERVER_CONTROLS, &defctrls); if (defctrls) { int npc=0; /* Num of LDIF controls */ int ndefc=0; /* Num of default controls */ while (lr.lr_ctrls[npc]) npc++; /* Count LDIF controls */ while (defctrls[ndefc]) ndefc++; /* Count default controls */ newctrls = ber_memrealloc(lr.lr_ctrls, (npc+ndefc+1)*sizeof(LDAPControl*)); if (newctrls == NULL) { rc = LDAP_NO_MEMORY; } else { int i; lr.lr_ctrls = newctrls; for (i=npc; ibv_val == NULL ) ) { fprintf( stderr, _("%s: no DN specified\n"), prog ); return( LDAP_PARAM_ERROR ); } if ( pmods == NULL ) { /* implement "touch" (empty sequence) * modify operation (note that there * is no symmetry with the UNIX command, * since \"touch\" on a non-existent entry * will fail)*/ printf( "warning: no attributes to %sadd (entry=\"%s\")\n", newentry ? "" : "change or ", dn->bv_val ); } else { for ( i = 0; pmods[ i ] != NULL; ++i ) { op = pmods[ i ]->mod_op & ~LDAP_MOD_BVALUES; if( op == LDAP_MOD_ADD && ( pmods[i]->mod_bvalues == NULL )) { fprintf( stderr, _("%s: attribute \"%s\" has no values (entry=\"%s\")\n"), prog, pmods[i]->mod_type, dn->bv_val ); return LDAP_PARAM_ERROR; } } if ( verbose ) { for ( i = 0; pmods[ i ] != NULL; ++i ) { op = pmods[ i ]->mod_op & ~LDAP_MOD_BVALUES; printf( "%s %s:\n", op == LDAP_MOD_REPLACE ? _("replace") : op == LDAP_MOD_ADD ? _("add") : op == LDAP_MOD_INCREMENT ? _("increment") : op == LDAP_MOD_DELETE ? _("delete") : _("unknown"), pmods[ i ]->mod_type ); if ( pmods[ i ]->mod_bvalues != NULL ) { for ( j = 0; pmods[ i ]->mod_bvalues[ j ] != NULL; ++j ) { bvp = pmods[ i ]->mod_bvalues[ j ]; notascii = 0; for ( k = 0; (unsigned long) k < bvp->bv_len; ++k ) { if ( !isascii( bvp->bv_val[ k ] )) { notascii = 1; break; } } if ( notascii ) { printf( _("\tNOT ASCII (%ld bytes)\n"), bvp->bv_len ); } else { printf( "\t%s\n", bvp->bv_val ); } } } } } } if ( newentry ) { printf( "%sadding new entry \"%s\"\n", dont ? "!" : "", dn->bv_val ); } else { printf( "%smodifying entry \"%s\"\n", dont ? "!" : "", dn->bv_val ); } if ( !dont ) { int msgid; if ( newentry ) { rc = ldap_add_ext( ld, dn->bv_val, pmods, pctrls, NULL, &msgid ); } else { rc = ldap_modify_ext( ld, dn->bv_val, pmods, pctrls, NULL, &msgid ); } if ( rc != LDAP_SUCCESS ) { /* print error message about failed update including DN */ fprintf( stderr, _("%s: update failed: %s\n"), prog, dn->bv_val ); tool_perror( newentry ? "ldap_add" : "ldap_modify", rc, NULL, NULL, NULL, NULL ); goto done; } rc = process_response( ld, msgid, newentry ? LDAP_RES_ADD : LDAP_RES_MODIFY, dn ); if ( verbose && rc == LDAP_SUCCESS ) { printf( _("modify complete\n") ); } } else { rc = LDAP_SUCCESS; } done: putchar( '\n' ); return rc; } static int dodelete( const struct berval *dn, LDAPControl **pctrls ) { int rc; int msgid; assert( dn != NULL ); assert( dn->bv_val != NULL ); printf( _("%sdeleting entry \"%s\"\n"), dont ? "!" : "", dn->bv_val ); if ( !dont ) { rc = ldap_delete_ext( ld, dn->bv_val, pctrls, NULL, &msgid ); if ( rc != LDAP_SUCCESS ) { fprintf( stderr, _("%s: delete failed: %s\n"), prog, dn->bv_val ); tool_perror( "ldap_delete", rc, NULL, NULL, NULL, NULL ); goto done; } rc = process_response( ld, msgid, LDAP_RES_DELETE, dn ); if ( verbose && rc == LDAP_SUCCESS ) { printf( _("delete complete\n") ); } } else { rc = LDAP_SUCCESS; } done: putchar( '\n' ); return( rc ); } static int dorename( const struct berval *dn, const struct berval *newrdn, const struct berval *newsup, int deleteoldrdn, LDAPControl **pctrls ) { int rc; int msgid; assert( dn != NULL ); assert( dn->bv_val != NULL ); assert( newrdn != NULL ); assert( newrdn->bv_val != NULL ); printf( _("%smodifying rdn of entry \"%s\"\n"), dont ? "!" : "", dn->bv_val ); if ( verbose ) { printf( _("\tnew RDN: \"%s\" (%skeep existing values)\n"), newrdn->bv_val, deleteoldrdn ? _("do not ") : "" ); } if ( !dont ) { rc = ldap_rename( ld, dn->bv_val, newrdn->bv_val, ( newsup && newsup->bv_val ) ? newsup->bv_val : NULL, deleteoldrdn, pctrls, NULL, &msgid ); if ( rc != LDAP_SUCCESS ) { fprintf( stderr, _("%s: rename failed: %s\n"), prog, dn->bv_val ); tool_perror( "ldap_rename", rc, NULL, NULL, NULL, NULL ); goto done; } rc = process_response( ld, msgid, LDAP_RES_RENAME, dn ); if ( verbose && rc == LDAP_SUCCESS ) { printf( _("rename complete\n") ); } } else { rc = LDAP_SUCCESS; } done: putchar( '\n' ); return( rc ); } static const char * res2str( int res ) { switch ( res ) { case LDAP_RES_ADD: return "ldap_add"; case LDAP_RES_DELETE: return "ldap_delete"; case LDAP_RES_MODIFY: return "ldap_modify"; case LDAP_RES_MODRDN: return "ldap_rename"; default: assert( 0 ); } return "ldap_unknown"; } static int process_response( LDAP *ld, int msgid, int op, const struct berval *dn ) { LDAPMessage *res; int rc = LDAP_OTHER, msgtype; struct timeval tv = { 0, 0 }; int err; char *text = NULL, *matched = NULL, **refs = NULL; LDAPControl **ctrls = NULL; assert( dn != NULL ); for ( ; ; ) { tv.tv_sec = 0; tv.tv_usec = 100000; rc = ldap_result( ld, msgid, LDAP_MSG_ALL, &tv, &res ); if ( tool_check_abandon( ld, msgid ) ) { return LDAP_CANCELLED; } if ( rc == -1 ) { ldap_get_option( ld, LDAP_OPT_RESULT_CODE, &rc ); tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL ); return rc; } if ( rc != 0 ) { break; } } msgtype = ldap_msgtype( res ); rc = ldap_parse_result( ld, res, &err, &matched, &text, &refs, &ctrls, 1 ); if ( rc == LDAP_SUCCESS ) rc = err; if ( rc == LDAP_TXN_SPECIFY_OKAY ) { rc = LDAP_SUCCESS; } else if ( rc != LDAP_SUCCESS ) { tool_perror( res2str( op ), rc, NULL, matched, text, refs ); } else if ( msgtype != op ) { fprintf( stderr, "%s: msgtype: expected %d got %d\n", res2str( op ), op, msgtype ); rc = LDAP_OTHER; } if ( text ) ldap_memfree( text ); if ( matched ) ldap_memfree( matched ); if ( refs ) ber_memvfree( (void **)refs ); if ( ctrls ) { tool_print_ctrls( ld, ctrls ); ldap_controls_free( ctrls ); } return rc; } openldap-2.5.16+dfsg/clients/tools/Makefile.in0000644000175000017500000000704614461774414020561 0ustar sergiosergio# Makefile for LDAP tools # $OpenLDAP$ ## This work is part of OpenLDAP Software . ## ## Copyright 1998-2022 The OpenLDAP Foundation. ## All rights reserved. ## ## Redistribution and use in source and binary forms, with or without ## modification, are permitted only as authorized by the OpenLDAP ## Public License. ## ## A copy of this license is available in the file LICENSE in the ## top-level directory of the distribution or, alternatively, at ## . SRCS = ldapsearch.c ldapmodify.c ldapdelete.c ldapmodrdn.c \ ldappasswd.c ldapwhoami.c ldapvc.c ldapcompare.c \ ldapexop.c ldapurl.c common.c OBJS = ldapsearch.o ldapmodify.o ldapdelete.o ldapmodrdn.o \ ldappasswd.o ldapwhoami.o ldapvc.o ldapcompare.o \ ldapexop.o ldapurl.o common.o LDAP_INCDIR= ../../include LDAP_LIBDIR= ../../libraries MKVOPTS = -s XLIBS = $(LDAP_L) XXLIBS = $(SECURITY_LIBS) $(LUTIL_LIBS) $(CLIENT_LIBS) XSRCS = ldsversion.c ldmversion.c lddversion.c ldrversion.c ldpversion.c \ ldwversion.c ldvversion.c ldcversion.c ldeversion.c lduversion.c PROGRAMS = ldapsearch ldapmodify ldapdelete ldapmodrdn \ ldappasswd ldapwhoami ldapvc ldapcompare ldapexop ldapurl ldapsearch: ldsversion.o $(LTLINK) -o $@ ldapsearch.o common.o ldsversion.o $(LIBS) ldapmodify: ldmversion.o $(LTLINK) -o $@ ldapmodify.o common.o ldmversion.o $(LIBS) ldapdelete: lddversion.o $(LTLINK) -o $@ ldapdelete.o common.o lddversion.o $(LIBS) ldapmodrdn: ldrversion.o $(LTLINK) -o $@ ldapmodrdn.o common.o ldrversion.o $(LIBS) ldappasswd: ldpversion.o $(LTLINK) -o $@ ldappasswd.o common.o ldpversion.o $(LIBS) ldapwhoami: ldwversion.o $(LTLINK) -o $@ ldapwhoami.o common.o ldwversion.o $(LIBS) ldapvc: ldvversion.o $(LTLINK) -o $@ ldapvc.o common.o ldvversion.o $(LIBS) ldapcompare: ldcversion.o $(LTLINK) -o $@ ldapcompare.o common.o ldcversion.o $(LIBS) ldapexop: ldeversion.o $(LTLINK) -o $@ ldapexop.o common.o ldeversion.o $(LIBS) ldapurl: lduversion.o $(LTLINK) -o $@ ldapurl.o lduversion.o $(LIBS) ldsversion.c: Makefile @-$(RM) $@ $(MKVERSION) $(MKVOPTS) ldapsearch > $@ ldsversion.o: ldapsearch.o common.o $(XLIBS) ldmversion.c: Makefile @-$(RM) $@ $(MKVERSION) $(MKVOPTS) ldapmodify > $@ ldmversion.o: ldapmodify.o common.o $(XLIBS) lddversion.c: Makefile @-$(RM) $@ $(MKVERSION) $(MKVOPTS) ldapdelete > $@ lddversion.o: ldapdelete.o common.o $(XLIBS) ldpversion.c: Makefile @-$(RM) $@ $(MKVERSION) $(MKVOPTS) ldappasswd > $@ ldpversion.o: ldappasswd.o common.o $(XLIBS) ldrversion.c: Makefile @-$(RM) $@ $(MKVERSION) $(MKVOPTS) ldapmodrdn > $@ ldrversion.o: ldapmodrdn.o common.o $(XLIBS) ldwversion.c: Makefile @-$(RM) $@ $(MKVERSION) $(MKVOPTS) ldapwhoami > $@ ldwversion.o: ldapwhoami.o common.o $(XLIBS) ldvversion.c: Makefile @-$(RM) $@ $(MKVERSION) $(MKVOPTS) ldapvc > $@ ldvversion.o: ldapvc.o common.o $(XLIBS) ldcversion.c: Makefile @-$(RM) $@ $(MKVERSION) $(MKVOPTS) ldapcompare > $@ ldcversion.o: ldapcompare.o common.o $(XLIBS) ldeversion.c: Makefile @-$(RM) $@ $(MKVERSION) $(MKVOPTS) ldapexop > $@ ldeversion.o: ldapexop.o common.o $(XLIBS) lduversion.c: Makefile @-$(RM) $@ $(MKVERSION) $(MKVOPTS) ldapurl > $@ lduversion.o: ldapurl.o $(XLIBS) install-local: FORCE -$(MKDIR) $(DESTDIR)$(bindir) @( \ for prg in $(PROGRAMS); do \ $(LTINSTALL) $(INSTALLFLAGS) $(STRIP_OPTS) -m 755 $$prg$(EXEEXT) \ $(DESTDIR)$(bindir); \ done \ ) $(RM) $(DESTDIR)$(bindir)/ldapadd$(EXEEXT) $(LN_S) $(DESTDIR)$(bindir)/ldapmodify$(EXEEXT) $(DESTDIR)$(bindir)/ldapadd$(EXEEXT) openldap-2.5.16+dfsg/clients/tools/ldapcompare.c0000644000175000017500000001764314461774414021153 0ustar sergiosergio/* ldapcompare.c -- LDAP compare tool */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * Portions Copyright 1998-2003 Kurt D. Zeilenga. * Portions Copyright 1998-2001 Net Boolean Incorporated. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in the file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Portions Copyright (c) 1992-1996 Regents of the University of Michigan. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and that due credit is given * to the University of Michigan at Ann Arbor. The name of the * University may not be used to endorse or promote products derived * from this software without specific prior written permission. This * software is provided ``as is'' without express or implied warranty. */ /* Portions Copyright 2002, F5 Networks, Inc, All rights reserved. * This software is not subject to any license of F5 Networks. * This is free software; you can redistribute and use it * under the same terms as OpenLDAP itself. */ /* ACKNOWLEDGEMENTS: * This work was originally developed by Jeff Costlow (F5 Networks) * based, in part, on existing LDAP tools and adapted for inclusion * into OpenLDAP Software by Kurt D. Zeilenga. */ #include "portable.h" #include #include #include #include #include #include #include #include #include #ifdef HAVE_FCNTL_H #include #endif #ifdef HAVE_SYS_TYPES_H #include #endif #ifdef HAVE_IO_H #include #endif #include #include "lutil.h" #include "lutil_ldap.h" #include "ldap_defaults.h" #include "common.h" static int quiet = 0; void usage( void ) { fprintf( stderr, _("usage: %s [options] DN \n"), prog); fprintf( stderr, _("where:\n")); fprintf( stderr, _(" DN\tDistinguished Name\n")); fprintf( stderr, _(" attr\tassertion attribute\n")); fprintf( stderr, _(" value\tassertion value\n")); fprintf( stderr, _(" b64value\tbase64 encoding of assertion value\n")); fprintf( stderr, _("Compare options:\n")); fprintf( stderr, _(" -E [!][=] compare extensions (! indicates criticality)\n")); fprintf( stderr, _(" !dontUseCopy (Don't Use Copy)\n")); fprintf( stderr, _(" -M enable Manage DSA IT control (-MM to make critical)\n")); fprintf( stderr, _(" -P version protocol version (default: 3)\n")); fprintf( stderr, _(" -z Quiet mode," " don't print anything, use return values\n")); tool_common_usage(); exit( EXIT_FAILURE ); } static int docompare LDAP_P(( LDAP *ld, char *dn, char *attr, struct berval *bvalue, int quiet, LDAPControl **sctrls, LDAPControl **cctrls)); const char options[] = "z" "Cd:D:e:H:IMnNO:o:P:QR:U:vVw:WxX:y:Y:Z"; #ifdef LDAP_CONTROL_DONTUSECOPY int dontUseCopy = 0; #endif int handle_private_option( int i ) { char *control, *cvalue; int crit; switch ( i ) { case 'E': /* compare extensions */ if( protocol == LDAP_VERSION2 ) { fprintf( stderr, _("%s: -E incompatible with LDAPv%d\n"), prog, protocol ); exit( EXIT_FAILURE ); } /* should be extended to support comma separated list of * [!]key[=value] parameters, e.g. -E !foo,bar=567 */ crit = 0; cvalue = NULL; if( optarg[0] == '!' ) { crit = 1; optarg++; } control = optarg; if ( (cvalue = strchr( control, '=' )) != NULL ) { *cvalue++ = '\0'; } #ifdef LDAP_CONTROL_DONTUSECOPY if ( strcasecmp( control, "dontUseCopy" ) == 0 ) { if( dontUseCopy ) { fprintf( stderr, _("dontUseCopy control previously specified\n")); exit( EXIT_FAILURE ); } if( cvalue != NULL ) { fprintf( stderr, _("dontUseCopy: no control value expected\n") ); usage(); } if( !crit ) { fprintf( stderr, _("dontUseCopy: critical flag required\n") ); usage(); } dontUseCopy = 1 + crit; } else #endif { fprintf( stderr, _("Invalid compare extension name: %s\n"), control ); usage(); } break; case 'z': quiet = 1; break; default: return 0; } return 1; } int main( int argc, char **argv ) { char *compdn = NULL, *attrs = NULL; char *sep; int rc; LDAP *ld = NULL; struct berval bvalue = { 0, NULL }; int i = 0; LDAPControl c[1]; tool_init( TOOL_COMPARE ); prog = lutil_progname( "ldapcompare", argc, argv ); tool_args( argc, argv ); if ( argc - optind != 2 ) { usage(); } compdn = argv[optind++]; attrs = argv[optind++]; /* user passed in only 2 args, the last one better be in * the form attr:value or attr::b64value */ sep = strchr(attrs, ':'); if (!sep) { usage(); } *sep++='\0'; if ( *sep != ':' ) { bvalue.bv_val = strdup( sep ); bvalue.bv_len = strlen( bvalue.bv_val ); } else { /* it's base64 encoded. */ bvalue.bv_val = malloc( strlen( &sep[1] )); bvalue.bv_len = lutil_b64_pton( &sep[1], (unsigned char *) bvalue.bv_val, strlen( &sep[1] )); if (bvalue.bv_len == (ber_len_t)-1) { fprintf(stderr, _("base64 decode error\n")); exit(-1); } } ld = tool_conn_setup( 0, 0 ); tool_bind( ld ); if ( 0 #ifdef LDAP_CONTROL_DONTUSECOPY || dontUseCopy #endif ) { #ifdef LDAP_CONTROL_DONTUSECOPY if ( dontUseCopy ) { c[i].ldctl_oid = LDAP_CONTROL_DONTUSECOPY; c[i].ldctl_value.bv_val = NULL; c[i].ldctl_value.bv_len = 0; c[i].ldctl_iscritical = dontUseCopy > 1; i++; } #endif } tool_server_controls( ld, c, i ); if ( verbose ) { fprintf( stderr, _("DN:%s, attr:%s, value:%s\n"), compdn, attrs, sep ); } rc = docompare( ld, compdn, attrs, &bvalue, quiet, NULL, NULL ); free( bvalue.bv_val ); tool_exit( ld, rc ); } static int docompare( LDAP *ld, char *dn, char *attr, struct berval *bvalue, int quiet, LDAPControl **sctrls, LDAPControl **cctrls ) { int rc, msgid, code; LDAPMessage *res; char *matcheddn; char *text; char **refs; LDAPControl **ctrls = NULL; if ( dont ) { return LDAP_SUCCESS; } rc = ldap_compare_ext( ld, dn, attr, bvalue, sctrls, cctrls, &msgid ); if ( rc == -1 ) { return( rc ); } for ( ; ; ) { struct timeval tv; tv.tv_sec = 0; tv.tv_usec = 100000; if ( tool_check_abandon( ld, msgid ) ) { return LDAP_CANCELLED; } rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ALL, &tv, &res ); if ( rc < 0 ) { tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL ); return rc; } if ( rc != 0 ) { break; } } rc = ldap_parse_result( ld, res, &code, &matcheddn, &text, &refs, &ctrls, 1 ); if( rc != LDAP_SUCCESS ) { fprintf( stderr, "%s: ldap_parse_result: %s (%d)\n", prog, ldap_err2string( rc ), rc ); return rc; } if ( !quiet && ( verbose || ( code != LDAP_SUCCESS && code != LDAP_COMPARE_TRUE && code != LDAP_COMPARE_FALSE )|| (matcheddn && *matcheddn) || (text && *text) || (refs && *refs) ) ) { printf( _("Compare Result: %s (%d)\n"), ldap_err2string( code ), code ); if( text && *text ) { printf( _("Additional info: %s\n"), text ); } if( matcheddn && *matcheddn ) { printf( _("Matched DN: %s\n"), matcheddn ); } if( refs ) { int i; for( i=0; refs[i]; i++ ) { printf(_("Referral: %s\n"), refs[i] ); } } } /* if we were told to be quiet, use the return value. */ if ( !quiet ) { if ( code == LDAP_COMPARE_TRUE ) { printf(_("TRUE\n")); } else if ( code == LDAP_COMPARE_FALSE ) { printf(_("FALSE\n")); } else { printf(_("UNDEFINED\n")); } } if ( ctrls ) { tool_print_ctrls( ld, ctrls ); ldap_controls_free( ctrls ); } ber_memfree( text ); ber_memfree( matcheddn ); ber_memvfree( (void **) refs ); return( code ); } openldap-2.5.16+dfsg/clients/tools/common.c0000644000175000017500000020706114461774414020147 0ustar sergiosergio/* common.c - common routines for the ldap client tools */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * Portions Copyright 2003 Kurt D. Zeilenga. * Portions Copyright 2003 IBM Corporation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in the file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* ACKNOWLEDGEMENTS: * This file was initially created by Hallvard B. Furuseth based (in * part) upon argument parsing code for individual tools located in * this directory. Additional contributors include: * Kurt D. Zeilenga (additional common argument and control support) */ #include "portable.h" #include #include #include #include #include #include #include #include #include #ifdef HAVE_CYRUS_SASL #ifdef HAVE_SASL_SASL_H #include #else #include #endif #endif #include #include "ldif.h" #include "lutil.h" #include "lutil_ldap.h" #include "ldap_defaults.h" #include "ldap_pvt.h" #include "lber_pvt.h" #include "common.h" /* input-related vars */ /* misc. parameters */ tool_type_t tool_type; int contoper = 0; int debug = 0; char *infile = NULL; int dont = 0; int nocanon = 0; int referrals = 0; int verbose = 0; int ldif = 0; ber_len_t ldif_wrap = 0; char *prog = NULL; /* connection */ char *ldapuri = NULL; int use_tls = 0; int protocol = -1; int version = 0; /* authc/authz */ int authmethod = -1; char *binddn = NULL; int want_bindpw = 0; struct berval passwd = { 0, NULL }; char *pw_file = NULL; #ifdef HAVE_CYRUS_SASL unsigned sasl_flags = LDAP_SASL_AUTOMATIC; char *sasl_realm = NULL; char *sasl_authc_id = NULL; char *sasl_authz_id = NULL; char *sasl_mech = NULL; char *sasl_secprops = NULL; #endif /* controls */ int assertctl; char *assertion = NULL; struct berval assertionvalue = BER_BVNULL; char *authzid = NULL; int authzcrit = 1; /* support deprecated early version of proxyAuthz */ #define LDAP_CONTROL_OBSOLETE_PROXY_AUTHZ "2.16.840.1.113730.3.4.12" #ifdef LDAP_CONTROL_OBSOLETE_PROXY_AUTHZ char *proxydn = NULL; #endif /* LDAP_CONTROL_OBSOLETE_PROXY_AUTHZ */ int manageDIT = 0; int manageDSAit = 0; int noop = 0; int ppolicy = 0; int preread = 0; static char *preread_attrs = NULL; int postread = 0; static char *postread_attrs = NULL; ber_int_t pr_morePagedResults = 1; struct berval pr_cookie = { 0, NULL }; #ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR int chaining = 0; static int chainingResolve = -1; static int chainingContinuation = -1; #endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */ #ifdef LDAP_CONTROL_X_SESSION_TRACKING static int sessionTracking = 0; static char *sessionTrackingName; struct berval stValue; #endif /* LDAP_CONTROL_X_SESSION_TRACKING */ ber_int_t vlvPos; ber_int_t vlvCount; struct berval *vlvContext; static int bauthzid; LDAPControl *unknown_ctrls = NULL; int unknown_ctrls_num = 0; /* options */ struct timeval nettimeout = { -1 , 0 }; typedef int (*print_ctrl_fn)( LDAP *ld, LDAPControl *ctrl ); static int print_preread( LDAP *ld, LDAPControl *ctrl ); static int print_postread( LDAP *ld, LDAPControl *ctrl ); static int print_paged_results( LDAP *ld, LDAPControl *ctrl ); static int print_psearch( LDAP *ld, LDAPControl *ctrl ); #ifdef LDAP_CONTROL_AUTHZID_RESPONSE static int print_authzid( LDAP *ld, LDAPControl *ctrl ); #endif #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST static int print_ppolicy( LDAP *ld, LDAPControl *ctrl ); #endif static int print_sss( LDAP *ld, LDAPControl *ctrl ); static int print_vlv( LDAP *ld, LDAPControl *ctrl ); #ifdef LDAP_CONTROL_X_DEREF static int print_deref( LDAP *ld, LDAPControl *ctrl ); #endif #ifdef LDAP_CONTROL_X_WHATFAILED static int print_whatfailed( LDAP *ld, LDAPControl *ctrl ); #endif static int print_syncstate( LDAP *ld, LDAPControl *ctrl ); static int print_syncdone( LDAP *ld, LDAPControl *ctrl ); #ifdef LDAP_CONTROL_X_DIRSYNC static int print_dirsync( LDAP *ld, LDAPControl *ctrl ); #endif #ifdef LDAP_CONTROL_X_ACCOUNT_USABILITY static int print_account_usability( LDAP *ld, LDAPControl *ctrl ); #endif #ifdef LDAP_CONTROL_X_PASSWORD_EXPIRED static int print_netscape_pwexpired( LDAP *ld, LDAPControl *ctrl ); static int print_netscape_pwexpiring( LDAP *ld, LDAPControl *ctrl ); #endif static struct tool_ctrls_t { const char *oid; unsigned mask; print_ctrl_fn func; } tool_ctrl_response[] = { { LDAP_CONTROL_PRE_READ, TOOL_ALL, print_preread }, { LDAP_CONTROL_POST_READ, TOOL_ALL, print_postread }, { LDAP_CONTROL_PAGEDRESULTS, TOOL_SEARCH, print_paged_results }, { LDAP_CONTROL_PERSIST_ENTRY_CHANGE_NOTICE, TOOL_SEARCH, print_psearch }, #ifdef LDAP_CONTROL_AUTHZID_RESPONSE /* this is generally deprecated in favor of LDAP WhoAmI? operation, hence only supported as a VC inner control */ { LDAP_CONTROL_AUTHZID_RESPONSE, TOOL_VC, print_authzid }, #endif #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST { LDAP_CONTROL_PASSWORDPOLICYRESPONSE, TOOL_ALL, print_ppolicy }, #endif { LDAP_CONTROL_SORTRESPONSE, TOOL_SEARCH, print_sss }, { LDAP_CONTROL_VLVRESPONSE, TOOL_SEARCH, print_vlv }, #ifdef LDAP_CONTROL_X_DEREF { LDAP_CONTROL_X_DEREF, TOOL_SEARCH, print_deref }, #endif #ifdef LDAP_CONTROL_X_WHATFAILED { LDAP_CONTROL_X_WHATFAILED, TOOL_ALL, print_whatfailed }, #endif { LDAP_CONTROL_SYNC_STATE, TOOL_SEARCH, print_syncstate }, { LDAP_CONTROL_SYNC_DONE, TOOL_SEARCH, print_syncdone }, #ifdef LDAP_CONTROL_X_DIRSYNC { LDAP_CONTROL_X_DIRSYNC, TOOL_SEARCH, print_dirsync }, #endif #ifdef LDAP_CONTROL_X_ACCOUNT_USABILITY { LDAP_CONTROL_X_ACCOUNT_USABILITY, TOOL_SEARCH, print_account_usability }, #endif #ifdef LDAP_CONTROL_X_PASSWORD_EXPIRED { LDAP_CONTROL_X_PASSWORD_EXPIRED, TOOL_ALL, print_netscape_pwexpired }, { LDAP_CONTROL_X_PASSWORD_EXPIRING, TOOL_ALL, print_netscape_pwexpiring }, #endif { NULL, 0, NULL } }; /* "features" */ enum { Intr_None = 0, Intr_Abandon, Intr_Cancel, Intr_Ignore }; static volatile sig_atomic_t gotintr, abcan; int backlog; #ifdef LDAP_CONTROL_X_SESSION_TRACKING static int st_value( LDAP *ld, struct berval *value ) { char *ip = NULL, *name = NULL; struct berval id = { 0 }; char namebuf[ MAXHOSTNAMELEN ]; if ( gethostname( namebuf, sizeof( namebuf ) ) == 0 ) { struct hostent *h; struct in_addr addr; name = namebuf; h = gethostbyname( name ); if ( h != NULL ) { AC_MEMCPY( &addr, h->h_addr, sizeof( addr ) ); ip = inet_ntoa( addr ); } } if ( sessionTrackingName != NULL ) { ber_str2bv( sessionTrackingName , 0, 0, &id ); } else #ifdef HAVE_CYRUS_SASL if ( sasl_authz_id != NULL ) { ber_str2bv( sasl_authz_id, 0, 0, &id ); } else if ( sasl_authc_id != NULL ) { ber_str2bv( sasl_authc_id, 0, 0, &id ); } else #endif /* HAVE_CYRUS_SASL */ if ( binddn != NULL ) { ber_str2bv( binddn, 0, 0, &id ); } if ( ldap_create_session_tracking_value( ld, ip, name, LDAP_CONTROL_X_SESSION_TRACKING_USERNAME, &id, &stValue ) ) { fprintf( stderr, _("Session tracking control encoding error!\n") ); return -1; } return 0; } #endif /* LDAP_CONTROL_X_SESSION_TRACKING */ RETSIGTYPE do_sig( int sig ) { gotintr = abcan; } void tool_init( tool_type_t type ) { tool_type = type; ldap_pvt_setlocale(LC_MESSAGES, ""); ldap_pvt_bindtextdomain(OPENLDAP_PACKAGE, LDAP_LOCALEDIR); ldap_pvt_textdomain(OPENLDAP_PACKAGE); } void tool_destroy( void ) { static int destroyed; if ( destroyed++ ) return; #ifdef HAVE_CYRUS_SASL sasl_done(); #endif #ifdef HAVE_TLS ldap_pvt_tls_destroy(); #endif if ( ldapuri != NULL ) { ber_memfree( ldapuri ); ldapuri = NULL; } if ( pr_cookie.bv_val != NULL ) { ber_memfree( pr_cookie.bv_val ); BER_BVZERO( &pr_cookie ); } if ( passwd.bv_val != NULL ) { ber_memfree( passwd.bv_val ); BER_BVZERO( &passwd ); } #ifdef LDAP_CONTROL_X_SESSION_TRACKING if ( !BER_BVISNULL( &stValue ) ) { ber_memfree( stValue.bv_val ); BER_BVZERO( &stValue ); } #endif /* LDAP_CONTROL_X_SESSION_TRACKING */ } void tool_common_usage( void ) { static const char *const descriptions[] = { N_(" -d level set LDAP debugging level to `level'\n"), N_(" -D binddn bind DN\n"), N_(" -e [!][=] general extensions (! indicates criticality)\n") N_(" [!]assert= (RFC 4528; a RFC 4515 Filter string)\n") N_(" [!]authzid= (RFC 4370; \"dn:\" or \"u:\")\n") N_(" [!]bauthzid (RFC 3829)\n") #ifdef LDAP_CONTROL_OBSOLETE_PROXY_AUTHZ #if 0 /* non-advertized support for proxyDN */ N_(" [!]proxydn= (a RFC 4514 DN string)\n") #endif #endif #ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR N_(" [!]chaining[=[/]]\n") N_(" one of \"chainingPreferred\", \"chainingRequired\",\n") N_(" \"referralsPreferred\", \"referralsRequired\"\n") #endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */ N_(" [!]manageDSAit (RFC 3296)\n") N_(" [!]noop\n") #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST N_(" ppolicy\n") #endif N_(" [!]postread[=] (RFC 4527; comma-separated attr list)\n") N_(" [!]preread[=] (RFC 4527; comma-separated attr list)\n") N_(" [!]relax\n") #ifdef LDAP_CONTROL_X_SESSION_TRACKING N_(" [!]sessiontracking[=]\n") #endif /* LDAP_CONTROL_X_SESSION_TRACKING */ N_(" abandon, cancel, ignore (SIGINT sends abandon/cancel,\n" " or ignores response; if critical, doesn't wait for SIGINT.\n" " not really controls)\n") N_(" -H URI LDAP Uniform Resource Identifier(s)\n"), N_(" -I use SASL Interactive mode\n"), N_(" -n show what would be done but don't actually do it\n"), N_(" -N do not use reverse DNS to canonicalize SASL host name\n"), N_(" -O props SASL security properties\n"), N_(" -o [=] any libldap ldap.conf options, plus\n"), N_(" ldif_wrap= (in columns, or \"no\" for no wrapping)\n"), N_(" nettimeout= (in seconds, or \"none\" or \"max\")\n"), N_(" -Q use SASL Quiet mode\n"), N_(" -R realm SASL realm\n"), N_(" -U authcid SASL authentication identity\n"), N_(" -v run in verbose mode (diagnostics to standard output)\n"), N_(" -V print version info (-VV only)\n"), N_(" -w passwd bind password (for simple authentication)\n"), N_(" -W prompt for bind password\n"), N_(" -x Simple authentication\n"), N_(" -X authzid SASL authorization identity (\"dn:\" or \"u:\")\n"), N_(" -y file Read password from file\n"), N_(" -Y mech SASL mechanism\n"), N_(" -Z Start TLS request (-ZZ to require successful response)\n"), NULL }; const char *const *cpp; fputs( _("Common options:\n"), stderr ); for( cpp = descriptions; *cpp != NULL; cpp++ ) { if( strchr( options, (*cpp)[3] ) || (*cpp)[3] == ' ' ) { fputs( _(*cpp), stderr ); } } tool_destroy(); } void tool_perror( const char *func, int err, const char *extra, const char *matched, const char *info, char **refs ) { fprintf( stderr, "%s: %s (%d)%s\n", func, ldap_err2string( err ), err, extra ? extra : "" ); if ( matched && *matched ) { fprintf( stderr, _("\tmatched DN: %s\n"), matched ); } if ( info && *info ) { fprintf( stderr, _("\tadditional info: %s\n"), info ); } if ( refs && *refs ) { int i; fprintf( stderr, _("\treferrals:\n") ); for( i=0; refs[i]; i++ ) { fprintf( stderr, "\t\t%s\n", refs[i] ); } } } void tool_args( int argc, char **argv ) { int i; while (( i = getopt( argc, argv, options )) != EOF ) { int crit, ival; char *control, *cvalue, *next; switch( i ) { case 'c': /* continuous operation mode */ contoper++; break; case 'C': /* referrals: obsolete */ referrals++; break; case 'd': ival = strtol( optarg, &next, 10 ); if (next == NULL || next[0] != '\0') { fprintf( stderr, "%s: unable to parse debug value \"%s\"\n", prog, optarg); exit(EXIT_FAILURE); } debug |= ival; break; case 'D': /* bind DN */ if( binddn != NULL ) { fprintf( stderr, "%s: -D previously specified\n", prog ); exit( EXIT_FAILURE ); } binddn = optarg; break; case 'e': /* general extensions (controls and such) */ /* should be extended to support comma separated list of * [!]key[=value] parameters, e.g. -e !foo,bar=567 */ crit = 0; cvalue = NULL; while ( optarg[0] == '!' ) { crit++; optarg++; } control = optarg; if ( (cvalue = strchr( control, '=' )) != NULL ) { *cvalue++ = '\0'; } if ( strcasecmp( control, "assert" ) == 0 ) { if( assertctl ) { fprintf( stderr, "assert control previously specified\n"); exit( EXIT_FAILURE ); } if( cvalue == NULL ) { fprintf( stderr, "assert: control value expected\n" ); usage(); } assertctl = 1 + crit; assert( assertion == NULL ); assertion = cvalue; } else if ( strcasecmp( control, "authzid" ) == 0 ) { if( authzid != NULL ) { fprintf( stderr, "authzid control previously specified\n"); exit( EXIT_FAILURE ); } #ifdef LDAP_CONTROL_OBSOLETE_PROXY_AUTHZ if( proxydn != NULL ) { fprintf( stderr, "authzid control incompatible with proxydn\n"); exit( EXIT_FAILURE ); } #endif /* LDAP_CONTROL_OBSOLETE_PROXY_AUTHZ */ if( cvalue == NULL ) { fprintf( stderr, "authzid: control value expected\n" ); usage(); } if( !crit ) { fprintf( stderr, "authzid: must be marked critical\n" ); usage(); } else if ( crit > 1 ) { /* purposely flag proxied authorization * as non-critical, to test DSA */ authzcrit = 0; } assert( authzid == NULL ); authzid = cvalue; #ifdef LDAP_CONTROL_OBSOLETE_PROXY_AUTHZ } else if ( strcasecmp( control, "proxydn" ) == 0 ) { if( proxydn != NULL ) { fprintf( stderr, "proxydn control previously specified\n"); exit( EXIT_FAILURE ); } if( authzid != NULL ) { fprintf( stderr, "proxydn control incompatible with authzid\n"); exit( EXIT_FAILURE ); } if( cvalue == NULL ) { fprintf( stderr, "proxydn: control value expected\n" ); usage(); } if( !crit ) { fprintf( stderr, "proxydn: must be marked critical\n" ); usage(); } else if ( crit > 1 ) { /* purposely flag proxied authorization * as non-critical, to test DSA */ authzcrit = 0; } assert( proxydn == NULL ); proxydn = cvalue; #endif /* LDAP_CONTROL_OBSOLETE_PROXY_AUTHZ */ } else if ( strcasecmp( control, "bauthzid" ) == 0 ) { if( bauthzid ) { fprintf( stderr, "bauthzid control previously specified\n"); exit( EXIT_FAILURE ); } if( cvalue != NULL ) { fprintf( stderr, "bauthzid: no control value expected\n" ); usage(); } bauthzid = 1 + crit; } else if ( ( strcasecmp( control, "relax" ) == 0 ) || ( strcasecmp( control, "manageDIT" ) == 0 ) ) { if( manageDIT ) { fprintf( stderr, "relax control previously specified\n"); exit( EXIT_FAILURE ); } if( cvalue != NULL ) { fprintf( stderr, "relax: no control value expected\n" ); usage(); } manageDIT = 1 + crit; } else if ( strcasecmp( control, "manageDSAit" ) == 0 ) { if( manageDSAit ) { fprintf( stderr, "manageDSAit control previously specified\n"); exit( EXIT_FAILURE ); } if( cvalue != NULL ) { fprintf( stderr, "manageDSAit: no control value expected\n" ); usage(); } manageDSAit = 1 + crit; } else if ( strcasecmp( control, "noop" ) == 0 ) { if( noop ) { fprintf( stderr, "noop control previously specified\n"); exit( EXIT_FAILURE ); } if( cvalue != NULL ) { fprintf( stderr, "noop: no control value expected\n" ); usage(); } noop = 1 + crit; #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST } else if ( strcasecmp( control, "ppolicy" ) == 0 ) { if( ppolicy ) { fprintf( stderr, "ppolicy control previously specified\n"); exit( EXIT_FAILURE ); } if( cvalue != NULL ) { fprintf( stderr, "ppolicy: no control value expected\n" ); usage(); } if( crit ) { fprintf( stderr, "ppolicy: critical flag not allowed\n" ); usage(); } ppolicy = 1; #endif } else if ( strcasecmp( control, "preread" ) == 0 ) { if( preread ) { fprintf( stderr, "preread control previously specified\n"); exit( EXIT_FAILURE ); } preread = 1 + crit; preread_attrs = cvalue; } else if ( strcasecmp( control, "postread" ) == 0 ) { if( postread ) { fprintf( stderr, "postread control previously specified\n"); exit( EXIT_FAILURE ); } postread = 1 + crit; postread_attrs = cvalue; #ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR } else if ( strcasecmp( control, "chaining" ) == 0 ) { if ( chaining ) { fprintf( stderr, "chaining control previously specified\n"); exit( EXIT_FAILURE ); } chaining = 1 + crit; if ( cvalue != NULL ) { char *continuation; continuation = strchr( cvalue, '/' ); if ( continuation ) { /* FIXME: this makes sense only in searches */ *continuation++ = '\0'; if ( strcasecmp( continuation, "chainingPreferred" ) == 0 ) { chainingContinuation = LDAP_CHAINING_PREFERRED; } else if ( strcasecmp( continuation, "chainingRequired" ) == 0 ) { chainingContinuation = LDAP_CHAINING_REQUIRED; } else if ( strcasecmp( continuation, "referralsPreferred" ) == 0 ) { chainingContinuation = LDAP_REFERRALS_PREFERRED; } else if ( strcasecmp( continuation, "referralsRequired" ) == 0 ) { chainingContinuation = LDAP_REFERRALS_REQUIRED; } else { fprintf( stderr, "chaining behavior control " "continuation value \"%s\" invalid\n", continuation ); exit( EXIT_FAILURE ); } } if ( strcasecmp( cvalue, "chainingPreferred" ) == 0 ) { chainingResolve = LDAP_CHAINING_PREFERRED; } else if ( strcasecmp( cvalue, "chainingRequired" ) == 0 ) { chainingResolve = LDAP_CHAINING_REQUIRED; } else if ( strcasecmp( cvalue, "referralsPreferred" ) == 0 ) { chainingResolve = LDAP_REFERRALS_PREFERRED; } else if ( strcasecmp( cvalue, "referralsRequired" ) == 0 ) { chainingResolve = LDAP_REFERRALS_REQUIRED; } else { fprintf( stderr, "chaining behavior control " "resolve value \"%s\" invalid\n", cvalue); exit( EXIT_FAILURE ); } } #endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */ #ifdef LDAP_CONTROL_X_SESSION_TRACKING } else if ( strcasecmp( control, "sessiontracking" ) == 0 ) { if ( sessionTracking ) { fprintf( stderr, "%s: session tracking can be only specified once\n", prog ); exit( EXIT_FAILURE ); } sessionTracking = 1; if ( crit ) { fprintf( stderr, "sessiontracking: critical flag not allowed\n" ); usage(); } if ( cvalue ) { sessionTrackingName = cvalue; } #endif /* LDAP_CONTROL_X_SESSION_TRACKING */ /* this shouldn't go here, really; but it's a feature... */ } else if ( strcasecmp( control, "abandon" ) == 0 ) { abcan = Intr_Abandon; if ( crit ) { gotintr = abcan; } } else if ( strcasecmp( control, "cancel" ) == 0 ) { abcan = Intr_Cancel; if ( crit ) { gotintr = abcan; } } else if ( strcasecmp( control, "ignore" ) == 0 ) { abcan = Intr_Ignore; if ( crit ) { gotintr = abcan; } } else if ( strcasecmp( control, "backlog" ) == 0 ) { /* special search: accumulate lots of responses * but don't read any, force slapd writer to wait. * Then abandon the search and issue a new one. */ backlog = 1; } else if ( tool_is_oid( control ) ) { LDAPControl *tmpctrls, ctrl; if ( unknown_ctrls != NULL ) { int i; for ( i = 0; unknown_ctrls[ i ].ldctl_oid != NULL; i++ ) { if ( strcmp( control, unknown_ctrls[ i ].ldctl_oid ) == 0 ) { fprintf( stderr, "%s control previously specified\n", control ); exit( EXIT_FAILURE ); } } } tmpctrls = (LDAPControl *)ber_memrealloc( unknown_ctrls, (unknown_ctrls_num + 1)*sizeof( LDAPControl ) ); if ( tmpctrls == NULL ) { fprintf( stderr, "%s: no memory?\n", prog ); exit( EXIT_FAILURE ); } unknown_ctrls = tmpctrls; ctrl.ldctl_oid = control; ctrl.ldctl_value.bv_val = NULL; ctrl.ldctl_value.bv_len = 0; ctrl.ldctl_iscritical = crit; if ( cvalue != NULL ) { struct berval bv; size_t len = strlen( cvalue ); int retcode; bv.bv_len = LUTIL_BASE64_DECODE_LEN( len ); bv.bv_val = ber_memalloc( bv.bv_len + 1 ); retcode = lutil_b64_pton( cvalue, (unsigned char *)bv.bv_val, bv.bv_len ); if ( retcode == -1 || (unsigned) retcode > bv.bv_len ) { fprintf( stderr, "Unable to parse value of general control %s\n", control ); usage(); } bv.bv_len = retcode; ctrl.ldctl_value = bv; } /* don't free it */ control = NULL; unknown_ctrls[ unknown_ctrls_num ] = ctrl; unknown_ctrls_num++; } else { fprintf( stderr, "Invalid general control name: %s\n", control ); usage(); } break; case 'f': /* read from file */ if( infile != NULL ) { fprintf( stderr, "%s: -f previously specified\n", prog ); exit( EXIT_FAILURE ); } infile = optarg; break; case 'H': /* ldap URI */ if( ldapuri != NULL ) { fprintf( stderr, "%s: -H previously specified\n", prog ); exit( EXIT_FAILURE ); } ldapuri = ber_strdup( optarg ); break; case 'I': #ifdef HAVE_CYRUS_SASL if( authmethod != -1 && authmethod != LDAP_AUTH_SASL ) { fprintf( stderr, "%s: incompatible previous " "authentication choice\n", prog ); exit( EXIT_FAILURE ); } authmethod = LDAP_AUTH_SASL; sasl_flags = LDAP_SASL_INTERACTIVE; break; #else fprintf( stderr, "%s: was not compiled with SASL support\n", prog ); exit( EXIT_FAILURE ); #endif case 'M': /* enable Manage DSA IT */ manageDSAit++; break; case 'n': /* print operations, don't actually do them */ dont++; break; case 'N': nocanon++; break; case 'o': control = optarg; if ( (cvalue = strchr( control, '=' )) != NULL ) { *cvalue++ = '\0'; } for ( next=control; *next; next++ ) { if ( *next == '-' ) { *next = '_'; } } if ( strcasecmp( control, "nettimeout" ) == 0 ) { if( nettimeout.tv_sec != -1 ) { fprintf( stderr, "nettimeout option previously specified\n"); exit( EXIT_FAILURE ); } if( cvalue == NULL || cvalue[0] == '\0' ) { fprintf( stderr, "nettimeout: option value expected\n" ); usage(); } if ( strcasecmp( cvalue, "none" ) == 0 ) { nettimeout.tv_sec = 0; } else if ( strcasecmp( cvalue, "max" ) == 0 ) { nettimeout.tv_sec = LDAP_MAXINT; } else { ival = strtol( cvalue, &next, 10 ); if ( next == NULL || next[0] != '\0' ) { fprintf( stderr, _("Unable to parse network timeout \"%s\"\n"), cvalue ); exit( EXIT_FAILURE ); } nettimeout.tv_sec = ival; } if( nettimeout.tv_sec < 0 || nettimeout.tv_sec > LDAP_MAXINT ) { fprintf( stderr, _("%s: invalid network timeout (%ld) specified\n"), prog, (long)nettimeout.tv_sec ); exit( EXIT_FAILURE ); } } else if ( strcasecmp( control, "ldif_wrap" ) == 0 ) { if ( cvalue == 0 ) { ldif_wrap = LDIF_LINE_WIDTH; } else if ( strcasecmp( cvalue, "no" ) == 0 ) { ldif_wrap = LDIF_LINE_WIDTH_MAX; } else { unsigned int u; if ( lutil_atou( &u, cvalue ) ) { fprintf( stderr, _("Unable to parse ldif_wrap=\"%s\"\n"), cvalue ); exit( EXIT_FAILURE ); } ldif_wrap = (ber_len_t)u; } } else if ( ldap_pvt_conf_option( control, cvalue, 1 ) ) { fprintf( stderr, "Invalid general option name: %s\n", control ); usage(); } break; case 'O': #ifdef HAVE_CYRUS_SASL if( sasl_secprops != NULL ) { fprintf( stderr, "%s: -O previously specified\n", prog ); exit( EXIT_FAILURE ); } if( authmethod != -1 && authmethod != LDAP_AUTH_SASL ) { fprintf( stderr, "%s: incompatible previous " "authentication choice\n", prog ); exit( EXIT_FAILURE ); } authmethod = LDAP_AUTH_SASL; sasl_secprops = optarg; #else fprintf( stderr, "%s: not compiled with SASL support\n", prog ); exit( EXIT_FAILURE ); #endif break; case 'P': ival = strtol( optarg, &next, 10 ); if ( next == NULL || next[0] != '\0' ) { fprintf( stderr, "%s: unable to parse protocol version \"%s\"\n", prog, optarg ); exit( EXIT_FAILURE ); } switch( ival ) { case 2: if( protocol == LDAP_VERSION3 ) { fprintf( stderr, "%s: -P 2 incompatible with version %d\n", prog, protocol ); exit( EXIT_FAILURE ); } protocol = LDAP_VERSION2; break; case 3: if( protocol == LDAP_VERSION2 ) { fprintf( stderr, "%s: -P 2 incompatible with version %d\n", prog, protocol ); exit( EXIT_FAILURE ); } protocol = LDAP_VERSION3; break; default: fprintf( stderr, "%s: protocol version should be 2 or 3\n", prog ); usage(); } break; case 'Q': #ifdef HAVE_CYRUS_SASL if( authmethod != -1 && authmethod != LDAP_AUTH_SASL ) { fprintf( stderr, "%s: incompatible previous " "authentication choice\n", prog ); exit( EXIT_FAILURE ); } authmethod = LDAP_AUTH_SASL; sasl_flags = LDAP_SASL_QUIET; break; #else fprintf( stderr, "%s: not compiled with SASL support\n", prog ); exit( EXIT_FAILURE ); #endif case 'R': #ifdef HAVE_CYRUS_SASL if( sasl_realm != NULL ) { fprintf( stderr, "%s: -R previously specified\n", prog ); exit( EXIT_FAILURE ); } if( authmethod != -1 && authmethod != LDAP_AUTH_SASL ) { fprintf( stderr, "%s: incompatible previous " "authentication choice\n", prog ); exit( EXIT_FAILURE ); } authmethod = LDAP_AUTH_SASL; sasl_realm = optarg; #else fprintf( stderr, "%s: not compiled with SASL support\n", prog ); exit( EXIT_FAILURE ); #endif break; case 'U': #ifdef HAVE_CYRUS_SASL if( sasl_authc_id != NULL ) { fprintf( stderr, "%s: -U previously specified\n", prog ); exit( EXIT_FAILURE ); } if( authmethod != -1 && authmethod != LDAP_AUTH_SASL ) { fprintf( stderr, "%s: incompatible previous " "authentication choice\n", prog ); exit( EXIT_FAILURE ); } authmethod = LDAP_AUTH_SASL; sasl_authc_id = optarg; #else fprintf( stderr, "%s: not compiled with SASL support\n", prog ); exit( EXIT_FAILURE ); #endif break; case 'v': /* verbose mode */ verbose++; break; case 'V': /* version */ version++; break; case 'w': /* password */ passwd.bv_val = ber_strdup( optarg ); { char* p; for( p = optarg; *p != '\0'; p++ ) { *p = '\0'; } } passwd.bv_len = strlen( passwd.bv_val ); break; case 'W': want_bindpw++; break; case 'y': pw_file = optarg; break; case 'Y': #ifdef HAVE_CYRUS_SASL if( sasl_mech != NULL ) { fprintf( stderr, "%s: -Y previously specified\n", prog ); exit( EXIT_FAILURE ); } if( authmethod != -1 && authmethod != LDAP_AUTH_SASL ) { fprintf( stderr, "%s: incompatible with authentication choice\n", prog ); exit( EXIT_FAILURE ); } authmethod = LDAP_AUTH_SASL; sasl_mech = optarg; #else fprintf( stderr, "%s: not compiled with SASL support\n", prog ); exit( EXIT_FAILURE ); #endif break; case 'x': if( authmethod != -1 && authmethod != LDAP_AUTH_SIMPLE ) { fprintf( stderr, "%s: incompatible with previous " "authentication choice\n", prog ); exit( EXIT_FAILURE ); } authmethod = LDAP_AUTH_SIMPLE; break; case 'X': #ifdef HAVE_CYRUS_SASL if( sasl_authz_id != NULL ) { fprintf( stderr, "%s: -X previously specified\n", prog ); exit( EXIT_FAILURE ); } if( authmethod != -1 && authmethod != LDAP_AUTH_SASL ) { fprintf( stderr, "%s: -X incompatible with " "authentication choice\n", prog ); exit( EXIT_FAILURE ); } authmethod = LDAP_AUTH_SASL; sasl_authz_id = optarg; #else fprintf( stderr, "%s: not compiled with SASL support\n", prog ); exit( EXIT_FAILURE ); #endif break; case 'Z': #ifdef HAVE_TLS use_tls++; #else fprintf( stderr, "%s: not compiled with TLS support\n", prog ); exit( EXIT_FAILURE ); #endif break; default: if( handle_private_option( i ) ) break; fprintf( stderr, "%s: unrecognized option -%c\n", prog, optopt ); usage(); } } { /* prevent bad linking */ LDAPAPIInfo api; api.ldapai_info_version = LDAP_API_INFO_VERSION; if ( ldap_get_option(NULL, LDAP_OPT_API_INFO, &api) != LDAP_OPT_SUCCESS ) { fprintf( stderr, "%s: ldap_get_option(API_INFO) failed\n", prog ); exit( EXIT_FAILURE ); } if (api.ldapai_info_version != LDAP_API_INFO_VERSION) { fprintf( stderr, "LDAP APIInfo version mismatch: " "library %d, header %d\n", api.ldapai_info_version, LDAP_API_INFO_VERSION ); exit( EXIT_FAILURE ); } if( api.ldapai_api_version != LDAP_API_VERSION ) { fprintf( stderr, "LDAP API version mismatch: " "library %d, header %d\n", api.ldapai_api_version, LDAP_API_VERSION ); exit( EXIT_FAILURE ); } if( strcmp(api.ldapai_vendor_name, LDAP_VENDOR_NAME ) != 0 ) { fprintf( stderr, "LDAP vendor name mismatch: " "library %s, header %s\n", api.ldapai_vendor_name, LDAP_VENDOR_NAME ); exit( EXIT_FAILURE ); } if( api.ldapai_vendor_version != LDAP_VENDOR_VERSION ) { fprintf( stderr, "LDAP vendor version mismatch: " "library %d, header %d\n", api.ldapai_vendor_version, LDAP_VENDOR_VERSION ); exit( EXIT_FAILURE ); } if (version) { fprintf( stderr, "%s: %s\t(LDAP library: %s %d)\n", prog, __Version, LDAP_VENDOR_NAME, LDAP_VENDOR_VERSION ); if (version > 1) exit( EXIT_SUCCESS ); } ldap_memfree( api.ldapai_vendor_name ); ber_memvfree( (void **)api.ldapai_extensions ); } if (protocol == -1) protocol = LDAP_VERSION3; if (authmethod == -1 && protocol > LDAP_VERSION2) { #ifdef HAVE_CYRUS_SASL if ( binddn != NULL ) { authmethod = LDAP_AUTH_SIMPLE; } else { authmethod = LDAP_AUTH_SASL; } #else authmethod = LDAP_AUTH_SIMPLE; #endif } if( protocol == LDAP_VERSION2 ) { if( assertctl || authzid || manageDIT || manageDSAit || #ifdef LDAP_CONTROL_OBSOLETE_PROXY_AUTHZ proxydn || #endif /* LDAP_CONTROL_OBSOLETE_PROXY_AUTHZ */ #ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR chaining || #endif #ifdef LDAP_CONTROL_X_SESSION_TRACKING sessionTracking || #endif /* LDAP_CONTROL_X_SESSION_TRACKING */ noop || ppolicy || preread || postread ) { fprintf( stderr, "%s: -e/-M incompatible with LDAPv2\n", prog ); exit( EXIT_FAILURE ); } #ifdef HAVE_TLS if( use_tls ) { fprintf( stderr, "%s: -Z incompatible with LDAPv2\n", prog ); exit( EXIT_FAILURE ); } #endif #ifdef HAVE_CYRUS_SASL if( authmethod == LDAP_AUTH_SASL ) { fprintf( stderr, "%s: -[IOQRUXY] incompatible with LDAPv2\n", prog ); exit( EXIT_FAILURE ); } #endif } if ( ( pw_file || want_bindpw ) && !BER_BVISNULL( &passwd ) ) { fprintf( stderr, "%s: -%c incompatible with -w\n", prog, ( pw_file ? 'y' : 'W' ) ); exit( EXIT_FAILURE ); } } LDAP * tool_conn_setup( int dont, void (*private_setup)( LDAP * ) ) { LDAP *ld = NULL; if ( debug ) { if( ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &debug ) != LBER_OPT_SUCCESS ) { fprintf( stderr, "Could not set LBER_OPT_DEBUG_LEVEL %d\n", debug ); } if( ldap_set_option( NULL, LDAP_OPT_DEBUG_LEVEL, &debug ) != LDAP_OPT_SUCCESS ) { fprintf( stderr, "Could not set LDAP_OPT_DEBUG_LEVEL %d\n", debug ); } } #ifdef SIGPIPE (void) SIGNAL( SIGPIPE, SIG_IGN ); #endif if ( abcan ) { SIGNAL( SIGINT, do_sig ); } if ( !dont ) { int rc; if ( ldapuri != NULL ) { LDAPURLDesc *ludlist, **ludp; char **urls = NULL; int nurls = 0; rc = ldap_url_parselist( &ludlist, ldapuri ); if ( rc != LDAP_URL_SUCCESS ) { fprintf( stderr, "Could not parse LDAP URI(s)=%s (%d)\n", ldapuri, rc ); exit( EXIT_FAILURE ); } for ( ludp = &ludlist; *ludp != NULL; ) { LDAPURLDesc *lud = *ludp; char **tmp; if ( lud->lud_dn != NULL && lud->lud_dn[ 0 ] != '\0' && ( lud->lud_host == NULL || lud->lud_host[0] == '\0' ) ) { /* if no host but a DN is provided, * use DNS SRV to gather the host list * and turn it into a list of URIs * using the scheme provided */ char *domain = NULL, *hostlist = NULL, **hosts = NULL; int i, len_proto = strlen( lud->lud_scheme ); if ( ldap_dn2domain( lud->lud_dn, &domain ) || domain == NULL ) { fprintf( stderr, "DNS SRV: Could not turn " "DN=\"%s\" into a domain\n", lud->lud_dn ); goto dnssrv_free; } rc = ldap_domain2hostlist( domain, &hostlist ); if ( rc ) { fprintf( stderr, "DNS SRV: Could not turn " "domain=%s into a hostlist\n", domain ); goto dnssrv_free; } hosts = ldap_str2charray( hostlist, " " ); if ( hosts == NULL ) { fprintf( stderr, "DNS SRV: Could not parse " "hostlist=\"%s\"\n", hostlist ); goto dnssrv_free; } for ( i = 0; hosts[ i ] != NULL; i++ ) /* count'em */ ; tmp = (char **)ber_memrealloc( urls, sizeof( char * ) * ( nurls + i + 1 ) ); if ( tmp == NULL ) { fprintf( stderr, "DNS SRV: out of memory?\n" ); goto dnssrv_free; } urls = tmp; urls[ nurls ] = NULL; for ( i = 0; hosts[ i ] != NULL; i++ ) { size_t len = len_proto + STRLENOF( "://" ) + strlen( hosts[ i ] ) + 1; urls[ nurls + i + 1 ] = NULL; urls[ nurls + i ] = (char *)malloc( sizeof( char ) * len ); if ( urls[ nurls + i ] == NULL ) { fprintf( stderr, "DNS SRV: out of memory?\n" ); goto dnssrv_free; } snprintf( urls[ nurls + i ], len, "%s://%s", lud->lud_scheme, hosts[ i ] ); } nurls += i; dnssrv_free:; ber_memvfree( (void **)hosts ); ber_memfree( hostlist ); ber_memfree( domain ); } else { tmp = (char **)ber_memrealloc( urls, sizeof( char * ) * ( nurls + 2 ) ); if ( tmp == NULL ) { fprintf( stderr, "DNS SRV: out of memory?\n" ); break; } urls = tmp; urls[ nurls + 1 ] = NULL; urls[ nurls ] = ldap_url_desc2str( lud ); if ( urls[ nurls ] == NULL ) { fprintf( stderr, "DNS SRV: out of memory?\n" ); break; } nurls++; } *ludp = lud->lud_next; lud->lud_next = NULL; ldap_free_urldesc( lud ); } if ( ludlist != NULL ) { ldap_free_urllist( ludlist ); exit( EXIT_FAILURE ); } else if ( urls == NULL ) { exit( EXIT_FAILURE ); } ldap_memfree( ldapuri ); ldapuri = ldap_charray2str( urls, " " ); ber_memvfree( (void **)urls ); } if ( verbose ) { fprintf( stderr, "ldap_initialize( %s )\n", ldapuri != NULL ? ldapuri : "" ); } rc = ldap_initialize( &ld, ldapuri ); if( rc != LDAP_SUCCESS ) { fprintf( stderr, "Could not create LDAP session handle for URI=%s (%d): %s\n", ldapuri, rc, ldap_err2string(rc) ); exit( EXIT_FAILURE ); } if( private_setup ) private_setup( ld ); /* referrals: obsolete */ if( ldap_set_option( ld, LDAP_OPT_REFERRALS, referrals ? LDAP_OPT_ON : LDAP_OPT_OFF ) != LDAP_OPT_SUCCESS ) { fprintf( stderr, "Could not set LDAP_OPT_REFERRALS %s\n", referrals ? "on" : "off" ); tool_exit( ld, EXIT_FAILURE ); } #ifdef HAVE_CYRUS_SASL /* canon */ if( nocanon ) { if( ldap_set_option( ld, LDAP_OPT_X_SASL_NOCANON, LDAP_OPT_ON ) != LDAP_OPT_SUCCESS ) { fprintf( stderr, "Could not set LDAP_OPT_X_SASL_NOCANON on\n" ); tool_exit( ld, EXIT_FAILURE ); } } #endif if( ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &protocol ) != LDAP_OPT_SUCCESS ) { fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", protocol ); tool_exit( ld, EXIT_FAILURE ); } if ( use_tls ) { rc = ldap_start_tls_s( ld, NULL, NULL ); if ( rc != LDAP_SUCCESS ) { char *msg=NULL; ldap_get_option( ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, (void*)&msg); tool_perror( "ldap_start_tls", rc, NULL, NULL, msg, NULL ); ldap_memfree(msg); if ( use_tls > 1 || rc < 0 ) { tool_exit( ld, EXIT_FAILURE ); } } } if ( nettimeout.tv_sec > 0 ) { if ( ldap_set_option( ld, LDAP_OPT_NETWORK_TIMEOUT, (void *) &nettimeout ) != LDAP_OPT_SUCCESS ) { fprintf( stderr, "Could not set LDAP_OPT_NETWORK_TIMEOUT %ld\n", (long)nettimeout.tv_sec ); tool_exit( ld, EXIT_FAILURE ); } } } return ld; } void tool_bind( LDAP *ld ) { LDAPControl **sctrlsp = NULL; LDAPControl *sctrls[4]; LDAPControl sctrl[3]; int nsctrls = 0; int rc, msgid; LDAPMessage *result = NULL; int err; char *matched = NULL; char *info = NULL; char **refs = NULL; LDAPControl **ctrls = NULL; char msgbuf[256]; msgbuf[0] = 0; #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST if ( ppolicy ) { LDAPControl c; c.ldctl_oid = LDAP_CONTROL_PASSWORDPOLICYREQUEST; c.ldctl_value.bv_val = NULL; c.ldctl_value.bv_len = 0; c.ldctl_iscritical = 0; sctrl[nsctrls] = c; sctrls[nsctrls] = &sctrl[nsctrls]; sctrls[++nsctrls] = NULL; } #endif if ( bauthzid ) { LDAPControl c; c.ldctl_oid = LDAP_CONTROL_AUTHZID_REQUEST; c.ldctl_iscritical = bauthzid > 1; BER_BVZERO( &c.ldctl_value ); sctrl[nsctrls] = c; sctrls[nsctrls] = &sctrl[nsctrls]; sctrls[++nsctrls] = NULL; } #ifdef LDAP_CONTROL_X_SESSION_TRACKING if ( sessionTracking ) { LDAPControl c; if ( BER_BVISNULL( &stValue) && st_value( ld, &stValue ) ) { tool_exit( ld, EXIT_FAILURE ); } c.ldctl_oid = LDAP_CONTROL_X_SESSION_TRACKING; c.ldctl_iscritical = 0; c.ldctl_value = stValue; sctrl[nsctrls] = c; sctrls[nsctrls] = &sctrl[nsctrls]; sctrls[++nsctrls] = NULL; } #endif /* LDAP_CONTROL_X_SESSION_TRACKING */ if ( nsctrls ) { sctrlsp = sctrls; } assert( nsctrls < (int) (sizeof(sctrls)/sizeof(sctrls[0])) ); if ( pw_file || want_bindpw ) { assert( passwd.bv_val == NULL && passwd.bv_len == 0 ); if ( pw_file ) { if ( lutil_get_filed_password( pw_file, &passwd ) ) { tool_exit( ld, EXIT_FAILURE ); } } else { char *pw = getpassphrase( _("Enter LDAP Password: ") ); if ( pw ) { passwd.bv_val = ber_strdup( pw ); passwd.bv_len = strlen( passwd.bv_val ); } } } if ( authmethod == LDAP_AUTH_SASL ) { #ifdef HAVE_CYRUS_SASL void *defaults; const char *rmech = NULL; if( sasl_secprops != NULL ) { rc = ldap_set_option( ld, LDAP_OPT_X_SASL_SECPROPS, (void *) sasl_secprops ); if( rc != LDAP_OPT_SUCCESS ) { fprintf( stderr, "Could not set LDAP_OPT_X_SASL_SECPROPS: %s\n", sasl_secprops ); tool_exit( ld, LDAP_LOCAL_ERROR ); } } defaults = lutil_sasl_defaults( ld, sasl_mech, sasl_realm, sasl_authc_id, passwd.bv_val, sasl_authz_id ); do { rc = ldap_sasl_interactive_bind( ld, binddn, sasl_mech, sctrlsp, NULL, sasl_flags, lutil_sasl_interact, defaults, result, &rmech, &msgid ); if ( rc != LDAP_SASL_BIND_IN_PROGRESS ) break; ldap_msgfree( result ); if ( ldap_result( ld, msgid, LDAP_MSG_ALL, NULL, &result ) == -1 || !result ) { ldap_get_option( ld, LDAP_OPT_RESULT_CODE, (void*)&err ); ldap_get_option( ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, (void*)&info ); tool_perror( "ldap_sasl_interactive_bind", err, NULL, NULL, info, NULL ); ldap_memfree( info ); tool_exit( ld, err ); } } while ( rc == LDAP_SASL_BIND_IN_PROGRESS ); lutil_sasl_freedefs( defaults ); if ( rc != LDAP_SUCCESS ) { ldap_get_option( ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, (void*)&info ); tool_perror( "ldap_sasl_interactive_bind", rc, NULL, NULL, info, NULL ); ldap_memfree( info ); tool_exit( ld, rc ); } #else fprintf( stderr, "%s: not compiled with SASL support\n", prog ); tool_exit( ld, LDAP_NOT_SUPPORTED ); #endif } else { /* simple bind */ rc = ldap_sasl_bind( ld, binddn, LDAP_SASL_SIMPLE, &passwd, sctrlsp, NULL, &msgid ); if ( msgid == -1 ) { tool_perror( "ldap_sasl_bind(SIMPLE)", rc, NULL, NULL, NULL, NULL ); tool_exit( ld, rc ); } rc = ldap_result( ld, msgid, LDAP_MSG_ALL, NULL, &result ); if ( rc == -1 ) { tool_perror( "ldap_result", -1, NULL, NULL, NULL, NULL ); tool_exit( ld, LDAP_LOCAL_ERROR ); } if ( rc == 0 ) { tool_perror( "ldap_result", LDAP_TIMEOUT, NULL, NULL, NULL, NULL ); tool_exit( ld, LDAP_LOCAL_ERROR ); } } if ( result ) { rc = ldap_parse_result( ld, result, &err, &matched, &info, &refs, &ctrls, 1 ); if ( rc != LDAP_SUCCESS ) { tool_perror( "ldap_bind parse result", rc, NULL, matched, info, refs ); tool_exit( ld, LDAP_LOCAL_ERROR ); } } #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST if ( ctrls && ppolicy ) { LDAPControl *ctrl; int expire, grace, len = 0; LDAPPasswordPolicyError pErr = -1; ctrl = ldap_control_find( LDAP_CONTROL_PASSWORDPOLICYRESPONSE, ctrls, NULL ); if ( ctrl && ldap_parse_passwordpolicy_control( ld, ctrl, &expire, &grace, &pErr ) == LDAP_SUCCESS ) { if ( pErr != PP_noError ){ msgbuf[0] = ';'; msgbuf[1] = ' '; strcpy( msgbuf+2, ldap_passwordpolicy_err2txt( pErr )); len = strlen( msgbuf ); } if ( expire >= 0 ) { sprintf( msgbuf+len, " (Password expires in %d seconds)", expire ); } else if ( grace >= 0 ) { sprintf( msgbuf+len, " (Password expired, %d grace logins remain)", grace ); } } } #endif if ( ctrls && bauthzid ) { LDAPControl *ctrl; ctrl = ldap_control_find( LDAP_CONTROL_AUTHZID_RESPONSE, ctrls, NULL ); if ( ctrl ) { LDAPControl *ctmp[2]; ctmp[0] = ctrl; ctmp[1] = NULL; tool_print_ctrls( ld, ctmp ); } } #ifdef LDAP_CONTROL_X_PASSWORD_EXPIRED if ( ctrls ) { LDAPControl *ctrl; ctrl = ldap_control_find( LDAP_CONTROL_X_PASSWORD_EXPIRED, ctrls, NULL ); if ( !ctrl ) ctrl = ldap_control_find( LDAP_CONTROL_X_PASSWORD_EXPIRING, ctrls, NULL ); if ( ctrl ) { LDAPControl *ctmp[2]; ctmp[0] = ctrl; ctmp[1] = NULL; tool_print_ctrls( ld, ctmp ); } } #endif if ( ctrls ) { ldap_controls_free( ctrls ); } if ( err != LDAP_SUCCESS || msgbuf[0] || ( matched && matched[ 0 ] ) || ( info && info[ 0 ] ) || refs ) { tool_perror( "ldap_bind", err, msgbuf, matched, info, refs ); if( matched ) ber_memfree( matched ); if( info ) ber_memfree( info ); if( refs ) ber_memvfree( (void **)refs ); if ( err != LDAP_SUCCESS ) tool_exit( ld, err ); } } void tool_unbind( LDAP *ld ) { int err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, NULL ); if ( err != LDAP_OPT_SUCCESS ) { fprintf( stderr, "Could not unset controls\n"); } (void) ldap_unbind_ext( ld, NULL, NULL ); } void tool_exit( LDAP *ld, int status ) { if ( ld != NULL ) { tool_unbind( ld ); } tool_destroy(); exit( status ); } /* Set server controls. Add controls extra_c[0..count-1], if set. */ void tool_server_controls( LDAP *ld, LDAPControl *extra_c, int count ) { int i = 0, j, crit = 0, err; LDAPControl c[16], **ctrls; if ( ! ( assertctl || authzid #ifdef LDAP_CONTROL_OBSOLETE_PROXY_AUTHZ || proxydn #endif /* LDAP_CONTROL_OBSOLETE_PROXY_AUTHZ */ || manageDIT || manageDSAit || noop #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST || ppolicy #endif || preread || postread #ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR || chaining #endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */ #ifdef LDAP_CONTROL_X_SESSION_TRACKING || sessionTracking #endif /* LDAP_CONTROL_X_SESSION_TRACKING */ || count || unknown_ctrls_num ) ) { return; } ctrls = (LDAPControl**) malloc(sizeof(c) + (count + unknown_ctrls_num + 1)*sizeof(LDAPControl*)); if ( ctrls == NULL ) { fprintf( stderr, "No memory\n" ); tool_exit( ld, EXIT_FAILURE ); } if ( assertctl ) { if ( BER_BVISNULL( &assertionvalue ) ) { err = ldap_create_assertion_control_value( ld, assertion, &assertionvalue ); if ( err ) { fprintf( stderr, "Unable to create assertion value " "\"%s\" (%d)\n", assertion, err ); } } c[i].ldctl_oid = LDAP_CONTROL_ASSERT; c[i].ldctl_value = assertionvalue; c[i].ldctl_iscritical = assertctl > 1; ctrls[i] = &c[i]; i++; } if ( authzid ) { c[i].ldctl_value.bv_val = authzid; c[i].ldctl_value.bv_len = strlen( authzid ); c[i].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ; c[i].ldctl_iscritical = authzcrit; ctrls[i] = &c[i]; i++; } #ifdef LDAP_CONTROL_OBSOLETE_PROXY_AUTHZ /* NOTE: doesn't need an extra count because it's incompatible * with authzid */ if ( proxydn ) { BerElementBuffer berbuf; BerElement *ber = (BerElement *)&berbuf; ber_init2( ber, NULL, LBER_USE_DER ); if ( ber_printf( ber, "s", proxydn ) == -1 ) { tool_exit( ld, EXIT_FAILURE ); } if ( ber_flatten2( ber, &c[i].ldctl_value, 0 ) == -1 ) { tool_exit( ld, EXIT_FAILURE ); } c[i].ldctl_oid = LDAP_CONTROL_OBSOLETE_PROXY_AUTHZ; c[i].ldctl_iscritical = authzcrit; ctrls[i] = &c[i]; i++; } #endif /* LDAP_CONTROL_OBSOLETE_PROXY_AUTHZ */ if ( manageDIT ) { c[i].ldctl_oid = LDAP_CONTROL_MANAGEDIT; BER_BVZERO( &c[i].ldctl_value ); c[i].ldctl_iscritical = manageDIT > 1; ctrls[i] = &c[i]; i++; } if ( manageDSAit ) { c[i].ldctl_oid = LDAP_CONTROL_MANAGEDSAIT; BER_BVZERO( &c[i].ldctl_value ); c[i].ldctl_iscritical = manageDSAit > 1; ctrls[i] = &c[i]; i++; } if ( noop ) { c[i].ldctl_oid = LDAP_CONTROL_NOOP; BER_BVZERO( &c[i].ldctl_value ); c[i].ldctl_iscritical = noop > 1; ctrls[i] = &c[i]; i++; } #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST if ( ppolicy ) { c[i].ldctl_oid = LDAP_CONTROL_PASSWORDPOLICYREQUEST; BER_BVZERO( &c[i].ldctl_value ); c[i].ldctl_iscritical = 0; ctrls[i] = &c[i]; i++; } #endif if ( preread ) { BerElementBuffer berbuf; BerElement *ber = (BerElement *)&berbuf; char **attrs = NULL; if( preread_attrs ) { attrs = ldap_str2charray( preread_attrs, "," ); } ber_init2( ber, NULL, LBER_USE_DER ); if( ber_printf( ber, "{v}", attrs ) == -1 ) { fprintf( stderr, "preread attrs encode failed.\n" ); tool_exit( ld, EXIT_FAILURE ); } err = ber_flatten2( ber, &c[i].ldctl_value, 0 ); if( err < 0 ) { fprintf( stderr, "preread flatten failed (%d)\n", err ); tool_exit( ld, EXIT_FAILURE ); } c[i].ldctl_oid = LDAP_CONTROL_PRE_READ; c[i].ldctl_iscritical = preread > 1; ctrls[i] = &c[i]; i++; if( attrs ) ldap_charray_free( attrs ); } if ( postread ) { BerElementBuffer berbuf; BerElement *ber = (BerElement *)&berbuf; char **attrs = NULL; if( postread_attrs ) { attrs = ldap_str2charray( postread_attrs, "," ); } ber_init2( ber, NULL, LBER_USE_DER ); if( ber_printf( ber, "{v}", attrs ) == -1 ) { fprintf( stderr, "postread attrs encode failed.\n" ); tool_exit( ld, EXIT_FAILURE ); } err = ber_flatten2( ber, &c[i].ldctl_value, 0 ); if( err < 0 ) { fprintf( stderr, "postread flatten failed (%d)\n", err ); tool_exit( ld, EXIT_FAILURE ); } c[i].ldctl_oid = LDAP_CONTROL_POST_READ; c[i].ldctl_iscritical = postread > 1; ctrls[i] = &c[i]; i++; if( attrs ) ldap_charray_free( attrs ); } #ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR if ( chaining ) { if ( chainingResolve > -1 ) { BerElementBuffer berbuf; BerElement *ber = (BerElement *)&berbuf; ber_init2( ber, NULL, LBER_USE_DER ); err = ber_printf( ber, "{e" /* } */, chainingResolve ); if ( err == -1 ) { ber_free( ber, 1 ); fprintf( stderr, _("Chaining behavior control encoding error!\n") ); tool_exit( ld, EXIT_FAILURE ); } if ( chainingContinuation > -1 ) { err = ber_printf( ber, "e", chainingContinuation ); if ( err == -1 ) { ber_free( ber, 1 ); fprintf( stderr, _("Chaining behavior control encoding error!\n") ); tool_exit( ld, EXIT_FAILURE ); } } err = ber_printf( ber, /* { */ "N}" ); if ( err == -1 ) { ber_free( ber, 1 ); fprintf( stderr, _("Chaining behavior control encoding error!\n") ); tool_exit( ld, EXIT_FAILURE ); } if ( ber_flatten2( ber, &c[i].ldctl_value, 0 ) == -1 ) { tool_exit( ld, EXIT_FAILURE ); } } else { BER_BVZERO( &c[i].ldctl_value ); } c[i].ldctl_oid = LDAP_CONTROL_X_CHAINING_BEHAVIOR; c[i].ldctl_iscritical = chaining > 1; ctrls[i] = &c[i]; i++; } #endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */ #ifdef LDAP_CONTROL_X_SESSION_TRACKING if ( sessionTracking ) { if ( BER_BVISNULL( &stValue ) && st_value( ld, &stValue ) ) { tool_exit( ld, EXIT_FAILURE ); } c[i].ldctl_oid = LDAP_CONTROL_X_SESSION_TRACKING; c[i].ldctl_iscritical = 0; c[i].ldctl_value = stValue; ctrls[i] = &c[i]; i++; } #endif /* LDAP_CONTROL_X_SESSION_TRACKING */ while ( count-- ) { ctrls[i++] = extra_c++; } for ( count = 0; count < unknown_ctrls_num; count++ ) { ctrls[i++] = &unknown_ctrls[count]; } ctrls[i] = NULL; err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, ctrls ); if ( err != LDAP_OPT_SUCCESS ) { for ( j = 0; j < i; j++ ) { if ( ctrls[j]->ldctl_iscritical ) crit = 1; } fprintf( stderr, "Could not set %scontrols\n", crit ? "critical " : "" ); } free( ctrls ); if ( crit ) { tool_exit( ld, EXIT_FAILURE ); } } int tool_check_abandon( LDAP *ld, int msgid ) { int rc; LDAPControl *sctrls[1] = { NULL }; switch ( gotintr ) { case Intr_Cancel: rc = ldap_cancel_s( ld, msgid, sctrls, NULL ); fprintf( stderr, "got interrupt, cancel got %d: %s\n", rc, ldap_err2string( rc ) ); return -1; case Intr_Abandon: rc = ldap_abandon_ext( ld, msgid, sctrls, NULL ); fprintf( stderr, "got interrupt, abandon got %d: %s\n", rc, ldap_err2string( rc ) ); return -1; case Intr_Ignore: /* just unbind, ignoring the request */ return -1; } return 0; } static int print_prepostread( LDAP *ld, LDAPControl *ctrl, struct berval *what) { BerElement *ber; struct berval bv; tool_write_ldif( LDIF_PUT_COMMENT, "==> ", what->bv_val, what->bv_len ); ber = ber_init( &ctrl->ldctl_value ); if ( ber == NULL ) { /* error? */ return 1; } else if ( ber_scanf( ber, "{m{" /*}}*/, &bv ) == LBER_ERROR ) { /* error? */ return 1; } else { tool_write_ldif( LDIF_PUT_VALUE, "dn", bv.bv_val, bv.bv_len ); while ( ber_scanf( ber, "{m" /*}*/, &bv ) != LBER_ERROR ) { int i; BerVarray vals = NULL; char *str = NULL; if ( ber_scanf( ber, "[W]", &vals ) == LBER_ERROR || vals == NULL ) { /* error? */ return 1; } if ( ldif ) { char *ptr; str = malloc( bv.bv_len + STRLENOF(": ") + 1 ); ptr = str; ptr = lutil_strncopy( ptr, bv.bv_val, bv.bv_len ); ptr = lutil_strcopy( ptr, ": " ); } for ( i = 0; vals[ i ].bv_val != NULL; i++ ) { tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, ldif ? str : bv.bv_val, vals[ i ].bv_val, vals[ i ].bv_len ); } ber_bvarray_free( vals ); if ( str ) free( str ); } } if ( ber != NULL ) { ber_free( ber, 1 ); } tool_write_ldif( LDIF_PUT_COMMENT, "<== ", what->bv_val, what->bv_len ); return 0; } static int print_preread( LDAP *ld, LDAPControl *ctrl ) { static struct berval what = BER_BVC( "preread" ); return print_prepostread( ld, ctrl, &what ); } static int print_postread( LDAP *ld, LDAPControl *ctrl ) { static struct berval what = BER_BVC( "postread" ); return print_prepostread( ld, ctrl, &what ); } static int print_paged_results( LDAP *ld, LDAPControl *ctrl ) { ber_int_t estimate; /* note: pr_cookie is being malloced; it's freed * the next time the control is sent, but the last * time it's not; we don't care too much, because * the last time an empty value is returned... */ if ( ldap_parse_pageresponse_control( ld, ctrl, &estimate, &pr_cookie ) != LDAP_SUCCESS ) { /* error? */ return 1; } else { char buf[ BUFSIZ ], *ptr = buf; int plen; if ( estimate > 0 ) { plen = sprintf( buf, "estimate=%d cookie=", estimate ); } else { plen = sprintf( buf, "cookie=" ); } if ( pr_cookie.bv_len > 0 ) { struct berval bv; bv.bv_len = LUTIL_BASE64_ENCODE_LEN( pr_cookie.bv_len ) + 1; ptr = ber_memalloc( bv.bv_len + 1 + plen ); bv.bv_val = ptr + plen; strcpy( ptr, buf ); bv.bv_len = lutil_b64_ntop( (unsigned char *) pr_cookie.bv_val, pr_cookie.bv_len, bv.bv_val, bv.bv_len ); pr_morePagedResults = 1; plen += bv.bv_len; } tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, ldif ? "pagedresults: " : "pagedresults", ptr, plen ); if ( ptr != buf ) ber_memfree( ptr ); } return 0; } static int print_psearch( LDAP *ld, LDAPControl *ctrl ) { int rc; int chgtype; int chgpres; long chgnum; struct berval prevdn; rc = ldap_parse_entrychange_control( ld, ctrl, &chgtype, &prevdn, &chgpres, &chgnum ); if ( rc == LDAP_SUCCESS ) { char buf[ BUFSIZ ]; char *ptr = buf; int blen = sizeof(buf), len; switch( chgtype ) { case LDAP_CONTROL_PERSIST_ENTRY_CHANGE_ADD: len = snprintf( ptr, blen, "add" ); ptr += len; blen -= len; break; case LDAP_CONTROL_PERSIST_ENTRY_CHANGE_DELETE: len = snprintf( ptr, blen, "delete" ); ptr += len; blen -= len; break; case LDAP_CONTROL_PERSIST_ENTRY_CHANGE_MODIFY: len = snprintf( ptr, blen, "modify" ); ptr += len; blen -= len; break; case LDAP_CONTROL_PERSIST_ENTRY_CHANGE_RENAME: len = snprintf( ptr, blen, "moddn" ); ptr += len; blen -= len; if ( prevdn.bv_val != NULL ) { len = snprintf( ptr, blen, " prevdn %s", prevdn.bv_val ); ptr += len; blen -= len; } break; } if ( chgpres ) { len = snprintf( ptr, blen, " changeNumber %ld", chgnum) ; ptr += len; blen -= len; } tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, ldif ? "persistentSearch: " : "persistentSearch", buf, len ); } return rc; } static int print_sss( LDAP *ld, LDAPControl *ctrl ) { int rc; ber_int_t err; char *attr; rc = ldap_parse_sortresponse_control( ld, ctrl, &err, &attr ); if ( rc == LDAP_SUCCESS ) { char buf[ BUFSIZ ]; rc = snprintf( buf, sizeof(buf), "(%d) %s%s%s", err, ldap_err2string(err), attr ? " " : "", attr ? attr : "" ); tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, ldif ? "sortResult: " : "sortResult", buf, rc ); } return rc; } static int print_vlv( LDAP *ld, LDAPControl *ctrl ) { int rc; ber_int_t err; struct berval bv; rc = ldap_parse_vlvresponse_control( ld, ctrl, &vlvPos, &vlvCount, &vlvContext, &err ); if ( rc == LDAP_SUCCESS ) { char buf[ BUFSIZ ]; if ( vlvContext && vlvContext->bv_len > 0 ) { bv.bv_len = LUTIL_BASE64_ENCODE_LEN( vlvContext->bv_len ) + 1; bv.bv_val = ber_memalloc( bv.bv_len + 1 ); bv.bv_len = lutil_b64_ntop( (unsigned char *) vlvContext->bv_val, vlvContext->bv_len, bv.bv_val, bv.bv_len ); } else { bv.bv_val = ""; bv.bv_len = 0; } rc = snprintf( buf, sizeof(buf), "pos=%d count=%d context=%s (%d) %s", vlvPos, vlvCount, bv.bv_val, err, ldap_err2string(err)); if ( bv.bv_len ) ber_memfree( bv.bv_val ); tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, ldif ? "vlvResult" : "vlvResult", buf, rc ); } return rc; } #ifdef LDAP_CONTROL_X_DEREF static int print_deref( LDAP *ld, LDAPControl *ctrl ) { LDAPDerefRes *drhead = NULL, *dr; int rc; rc = ldap_parse_derefresponse_control( ld, ctrl, &drhead ); if ( rc != LDAP_SUCCESS ) { return rc; } for ( dr = drhead; dr != NULL; dr = dr->next ) { LDAPDerefVal *dv; ber_len_t len; char *buf, *ptr; len = strlen( dr->derefAttr ) + STRLENOF(": "); for ( dv = dr->attrVals; dv != NULL; dv = dv->next ) { if ( dv->vals != NULL ) { int j; ber_len_t tlen = strlen(dv->type); for ( j = 0; dv->vals[ j ].bv_val != NULL; j++ ) { len += STRLENOF("<:=>;") + tlen + 4*((dv->vals[ j ].bv_len - 1)/3 + 1); } } } len += dr->derefVal.bv_len + STRLENOF("\n"); buf = ldap_memalloc( len + 1 ); if ( buf == NULL ) { rc = LDAP_NO_MEMORY; goto done; } ptr = buf; ptr = lutil_strcopy( ptr, dr->derefAttr ); *ptr++ = ':'; *ptr++ = ' '; for ( dv = dr->attrVals; dv != NULL; dv = dv->next ) { if ( dv->vals != NULL ) { int j; for ( j = 0; dv->vals[ j ].bv_val != NULL; j++ ) { int k = ldif_is_not_printable( dv->vals[ j ].bv_val, dv->vals[ j ].bv_len ); *ptr++ = '<'; ptr = lutil_strcopy( ptr, dv->type ); if ( k ) { *ptr++ = ':'; } *ptr++ = '='; if ( k ) { k = lutil_b64_ntop( (unsigned char *) dv->vals[ j ].bv_val, dv->vals[ j ].bv_len, ptr, buf + len - ptr ); assert( k >= 0 ); ptr += k; } else { ptr = lutil_memcopy( ptr, dv->vals[ j ].bv_val, dv->vals[ j ].bv_len ); } *ptr++ = '>'; *ptr++ = ';'; } } } ptr = lutil_strncopy( ptr, dr->derefVal.bv_val, dr->derefVal.bv_len ); *ptr = '\0'; assert( ptr <= buf + len ); tool_write_ldif( LDIF_PUT_COMMENT, NULL, buf, ptr - buf); ldap_memfree( buf ); } rc = LDAP_SUCCESS; done:; ldap_derefresponse_free( drhead ); return rc; } #endif #ifdef LDAP_CONTROL_X_WHATFAILED static int print_whatfailed( LDAP *ld, LDAPControl *ctrl ) { BerElement *ber; ber_tag_t tag; ber_len_t siz; BerVarray bva = NULL; /* Create a BerElement from the berval returned in the control. */ ber = ber_init( &ctrl->ldctl_value ); if ( ber == NULL ) { return LDAP_NO_MEMORY; } siz = sizeof(struct berval); tag = ber_scanf( ber, "[M]", &bva, &siz, 0 ); if ( tag != LBER_ERROR ) { int i; tool_write_ldif( LDIF_PUT_COMMENT, " what failed:", NULL, 0 ); for ( i = 0; bva[i].bv_val != NULL; i++ ) { tool_write_ldif( LDIF_PUT_COMMENT, NULL, bva[i].bv_val, bva[i].bv_len ); } ldap_memfree( bva ); } ber_free( ber, 1 ); return 0; } #endif static int print_syncstate( LDAP *ld, LDAPControl *ctrl ) { struct berval syncUUID, syncCookie = BER_BVNULL; char buf[LDAP_LUTIL_UUIDSTR_BUFSIZE], *uuidstr = "(UUID malformed)"; BerElement *ber; ber_tag_t tag; ber_int_t state; int rc; if ( ldif ) { return 0; } /* Create a BerElement from the berval returned in the control. */ ber = ber_init( &ctrl->ldctl_value ); if ( ber == NULL ) { return LDAP_NO_MEMORY; } if ( ber_scanf( ber, "{em", &state, &syncUUID ) == LBER_ERROR ) { ber_free( ber, 1 ); return 1; } tag = ber_get_stringbv( ber, &syncCookie, 0 ); rc = lutil_uuidstr_from_normalized( syncUUID.bv_val, syncUUID.bv_len, buf, LDAP_LUTIL_UUIDSTR_BUFSIZE ); if ( rc > 0 && rc < LDAP_LUTIL_UUIDSTR_BUFSIZE ) { uuidstr = buf; } switch ( state ) { case LDAP_SYNC_PRESENT: printf(_("# SyncState control, UUID %s present\n"), uuidstr); break; case LDAP_SYNC_ADD: printf(_("# SyncState control, UUID %s added\n"), uuidstr); break; case LDAP_SYNC_MODIFY: printf(_("# SyncState control, UUID %s modified\n"), uuidstr); break; case LDAP_SYNC_DELETE: printf(_("# SyncState control, UUID %s deleted\n"), uuidstr); break; default: ber_free( ber, 1 ); return 1; } if ( tag != LBER_ERROR ) { if ( ldif_is_not_printable( syncCookie.bv_val, syncCookie.bv_len ) ) { struct berval bv; bv.bv_len = LUTIL_BASE64_ENCODE_LEN( syncCookie.bv_len ) + 1; bv.bv_val = ber_memalloc( bv.bv_len + 1 ); bv.bv_len = lutil_b64_ntop( (unsigned char *) syncCookie.bv_val, syncCookie.bv_len, bv.bv_val, bv.bv_len ); printf(_("# cookie:: %s\n"), bv.bv_val ); ber_memfree( bv.bv_val ); } else { printf(_("# cookie: %s\n"), syncCookie.bv_val ); } } ber_free( ber, 1 ); return 0; } static int print_syncdone( LDAP *ld, LDAPControl *ctrl ) { BerElement *ber; struct berval cookie = BER_BVNULL; ber_len_t len; ber_int_t refreshDeletes = 0; if ( ldif ) { return 0; } /* Create a BerElement from the berval returned in the control. */ ber = ber_init( &ctrl->ldctl_value ); if ( ber == NULL ) { return LDAP_NO_MEMORY; } ber_skip_tag( ber, &len ); if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) { ber_scanf( ber, "m", &cookie ); } if ( ber_peek_tag( ber, &len ) == LDAP_TAG_REFRESHDELETES ) { ber_scanf( ber, "b", &refreshDeletes ); } printf(_("# SyncDone control refreshDeletes=%d\n"), refreshDeletes ? 1 : 0 ); if ( !BER_BVISNULL( &cookie ) ) { if ( ldif_is_not_printable( cookie.bv_val, cookie.bv_len ) ) { struct berval bv; bv.bv_len = LUTIL_BASE64_ENCODE_LEN( cookie.bv_len ) + 1; bv.bv_val = ber_memalloc( bv.bv_len + 1 ); bv.bv_len = lutil_b64_ntop( (unsigned char *) cookie.bv_val, cookie.bv_len, bv.bv_val, bv.bv_len ); printf(_("# cookie:: %s\n"), bv.bv_val ); ber_memfree( bv.bv_val ); } else { printf(_("# cookie: %s\n"), cookie.bv_val ); } } ber_free( ber, 1 ); return 0; } #ifdef LDAP_CONTROL_X_DIRSYNC static int print_dirsync( LDAP *ld, LDAPControl *ctrl ) { int rc, continueFlag; struct berval cookie; rc = ldap_parse_dirsync_control( ld, ctrl, &continueFlag, &cookie ); if ( rc == LDAP_SUCCESS ) { printf(_("# DirSync control continueFlag=%d\n"), continueFlag ); if ( !BER_BVISNULL( &cookie )) { if ( ldif_is_not_printable( cookie.bv_val, cookie.bv_len ) ) { struct berval bv; bv.bv_len = LUTIL_BASE64_ENCODE_LEN( cookie.bv_len ) + 1; bv.bv_val = ber_memalloc( bv.bv_len + 1 ); bv.bv_len = lutil_b64_ntop( (unsigned char *) cookie.bv_val, cookie.bv_len, bv.bv_val, bv.bv_len ); printf(_("# cookie:: %s\n"), bv.bv_val ); ber_memfree( bv.bv_val ); } else { printf(_("# cookie: %s\n"), cookie.bv_val ); } } } return rc; } #endif #ifdef LDAP_CONTROL_AUTHZID_RESPONSE static int print_authzid( LDAP *ld, LDAPControl *ctrl ) { if ( ctrl->ldctl_value.bv_len ) { tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, ldif ? "authzid: " : "authzid", ctrl->ldctl_value.bv_val, ctrl->ldctl_value.bv_len ); } else { tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, ldif ? "authzid: " : "authzid", "anonymous", STRLENOF("anonymous") ); } return 0; } #endif #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST static int print_ppolicy( LDAP *ld, LDAPControl *ctrl ) { int expire = 0, grace = 0, rc; LDAPPasswordPolicyError pperr; rc = ldap_parse_passwordpolicy_control( ld, ctrl, &expire, &grace, &pperr ); if ( rc == LDAP_SUCCESS ) { char buf[ BUFSIZ ], *ptr = buf; if ( expire != -1 ) { ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "expire=%d", expire ); } if ( grace != -1 ) { ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "%sgrace=%d", ptr == buf ? "" : " ", grace ); } if ( pperr != PP_noError ) { ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "%serror=%d (%s)", ptr == buf ? "" : " ", pperr, ldap_passwordpolicy_err2txt( pperr ) ); } tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, ldif ? "ppolicy: " : "ppolicy", buf, ptr - buf ); } return rc; } #endif #ifdef LDAP_CONTROL_X_PASSWORD_EXPIRED static int print_netscape_pwexpired( LDAP *ld, LDAPControl *ctrl ) { printf(_("# PasswordExpired control\n") ); return 0; } static int print_netscape_pwexpiring( LDAP *ld, LDAPControl *ctrl ) { long expiring = 0; int rc; rc = ldap_parse_password_expiring_control( ld, ctrl, &expiring ); if ( rc == LDAP_SUCCESS ) { printf(_("# PasswordExpiring control seconds=%ld\n"), expiring ); } return rc; } #endif #ifdef LDAP_CONTROL_X_ACCOUNT_USABILITY static int print_account_usability( LDAP *ld, LDAPControl *ctrl ) { LDAPAccountUsability usability; ber_int_t available = 0; int rc; rc = ldap_parse_accountusability_control( ld, ctrl, &available, &usability ); if ( rc == LDAP_SUCCESS ) { char buf[ BUFSIZ ], *ptr = buf; ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "%savailable", available ? "" : "not " ); if ( available ) { if ( usability.seconds_remaining == -1 ) { ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), " and does not expire" ); } else { ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), " expire=%d", usability.seconds_remaining ); } } else { int added = 0; ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), " (" /* ')' */ ); if ( usability.more_info.inactive ) { ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "inactive " ); added++; } if ( usability.more_info.reset ) { ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "reset " ); added++; } if ( usability.more_info.expired ) { ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "expired " ); added++; } if ( added ) { ptr[-1] = ')'; *ptr++ = ' '; } else { *(--ptr) = '\0'; } if ( usability.more_info.remaining_grace != -1 ) { ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "grace=%d ", usability.more_info.remaining_grace ); } if ( usability.more_info.seconds_before_unlock != -1 ) { ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "seconds_before_unlock=%d ", usability.more_info.seconds_before_unlock ); } *(--ptr) = '\0'; } tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, ldif ? "accountUsability: " : "accountUsability", buf, ptr - buf ); } return rc; } #endif void tool_print_ctrls( LDAP *ld, LDAPControl **ctrls ) { int i; char *ptr; for ( i = 0; ctrls[i] != NULL; i++ ) { /* control: OID criticality base64value */ struct berval b64 = BER_BVNULL; ber_len_t len; char *str; int j; /* FIXME: there might be cases where a control has NULL OID; * this makes little sense, especially when returned by the * server, but libldap happily allows it */ if ( ctrls[i]->ldctl_oid == NULL ) { continue; } len = ldif ? 2 : 0; len += strlen( ctrls[i]->ldctl_oid ); /* add enough for space after OID and the critical value itself */ len += ctrls[i]->ldctl_iscritical ? sizeof("true") : sizeof("false"); /* convert to base64 */ if ( !BER_BVISNULL( &ctrls[i]->ldctl_value ) ) { b64.bv_len = LUTIL_BASE64_ENCODE_LEN( ctrls[i]->ldctl_value.bv_len ) + 1; b64.bv_val = ber_memalloc( b64.bv_len + 1 ); b64.bv_len = lutil_b64_ntop( (unsigned char *) ctrls[i]->ldctl_value.bv_val, ctrls[i]->ldctl_value.bv_len, b64.bv_val, b64.bv_len ); } if ( b64.bv_len ) { len += 1 + b64.bv_len; } ptr = str = malloc( len + 1 ); if ( ldif ) { ptr = lutil_strcopy( ptr, ": " ); } ptr = lutil_strcopy( ptr, ctrls[i]->ldctl_oid ); ptr = lutil_strcopy( ptr, ctrls[i]->ldctl_iscritical ? " true" : " false" ); if ( b64.bv_len ) { ptr = lutil_strcopy( ptr, " " ); ptr = lutil_strcopy( ptr, b64.bv_val ); } if ( ldif < 2 ) { tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, "control", str, len ); } free( str ); if ( b64.bv_len ) { ber_memfree( b64.bv_val ); } /* known controls */ for ( j = 0; tool_ctrl_response[j].oid != NULL; j++ ) { if ( strcmp( tool_ctrl_response[j].oid, ctrls[i]->ldctl_oid ) == 0 ) { if ( !(tool_ctrl_response[j].mask & tool_type )) { /* this control should not appear * with this tool; warning? */ } break; } } if ( tool_ctrl_response[j].oid != NULL && tool_ctrl_response[j].func ) { (void)tool_ctrl_response[j].func( ld, ctrls[i] ); } } } int tool_write_ldif( int type, char *name, char *value, ber_len_t vallen ) { char *ldif; if (( ldif = ldif_put_wrap( type, name, value, vallen, ldif_wrap )) == NULL ) { return( -1 ); } fputs( ldif, stdout ); ber_memfree( ldif ); return( 0 ); } int tool_is_oid( const char *s ) { int first = 1; if ( !isdigit( (unsigned char) s[ 0 ] ) ) { return 0; } for ( ; s[ 0 ]; s++ ) { if ( s[ 0 ] == '.' ) { if ( s[ 1 ] == '\0' ) { return 0; } first = 1; continue; } if ( !isdigit( (unsigned char) s[ 0 ] ) ) { return 0; } if ( first == 1 && s[ 0 ] == '0' && s[ 1 ] != '.' ) { return 0; } first = 0; } return 1; } openldap-2.5.16+dfsg/include/0000755000175000017500000000000014461774414015327 5ustar sergiosergioopenldap-2.5.16+dfsg/include/ldap_schema.h0000644000175000017500000002235214461774414017744 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* ldap-schema.h - Header for basic schema handling functions that can be * used by both clients and servers. * these routines should be renamed ldap_x_... */ #ifndef _LDAP_SCHEMA_H #define _LDAP_SCHEMA_H 1 #include LDAP_BEGIN_DECL /* Codes for parsing errors */ #define LDAP_SCHERR_OUTOFMEM 1 #define LDAP_SCHERR_UNEXPTOKEN 2 #define LDAP_SCHERR_NOLEFTPAREN 3 #define LDAP_SCHERR_NORIGHTPAREN 4 #define LDAP_SCHERR_NODIGIT 5 #define LDAP_SCHERR_BADNAME 6 #define LDAP_SCHERR_BADDESC 7 #define LDAP_SCHERR_BADSUP 8 #define LDAP_SCHERR_DUPOPT 9 #define LDAP_SCHERR_EMPTY 10 #define LDAP_SCHERR_MISSING 11 #define LDAP_SCHERR_OUT_OF_ORDER 12 typedef struct ldap_schema_extension_item { char *lsei_name; char **lsei_values; } LDAPSchemaExtensionItem; typedef struct ldap_syntax { char *syn_oid; /* REQUIRED */ char **syn_names; /* OPTIONAL */ char *syn_desc; /* OPTIONAL */ LDAPSchemaExtensionItem **syn_extensions; /* OPTIONAL */ } LDAPSyntax; typedef struct ldap_matchingrule { char *mr_oid; /* REQUIRED */ char **mr_names; /* OPTIONAL */ char *mr_desc; /* OPTIONAL */ int mr_obsolete; /* OPTIONAL */ char *mr_syntax_oid; /* REQUIRED */ LDAPSchemaExtensionItem **mr_extensions; /* OPTIONAL */ } LDAPMatchingRule; typedef struct ldap_matchingruleuse { char *mru_oid; /* REQUIRED */ char **mru_names; /* OPTIONAL */ char *mru_desc; /* OPTIONAL */ int mru_obsolete; /* OPTIONAL */ char **mru_applies_oids; /* REQUIRED */ LDAPSchemaExtensionItem **mru_extensions; /* OPTIONAL */ } LDAPMatchingRuleUse; typedef struct ldap_attributetype { char *at_oid; /* REQUIRED */ char **at_names; /* OPTIONAL */ char *at_desc; /* OPTIONAL */ int at_obsolete; /* 0=no, 1=yes */ char *at_sup_oid; /* OPTIONAL */ char *at_equality_oid; /* OPTIONAL */ char *at_ordering_oid; /* OPTIONAL */ char *at_substr_oid; /* OPTIONAL */ char *at_syntax_oid; /* OPTIONAL */ int at_syntax_len; /* OPTIONAL */ int at_single_value; /* 0=no, 1=yes */ int at_collective; /* 0=no, 1=yes */ int at_no_user_mod; /* 0=no, 1=yes */ int at_usage; /* 0=userApplications, 1=directoryOperation, 2=distributedOperation, 3=dSAOperation */ LDAPSchemaExtensionItem **at_extensions; /* OPTIONAL */ } LDAPAttributeType; typedef struct ldap_objectclass { char *oc_oid; /* REQUIRED */ char **oc_names; /* OPTIONAL */ char *oc_desc; /* OPTIONAL */ int oc_obsolete; /* 0=no, 1=yes */ char **oc_sup_oids; /* OPTIONAL */ int oc_kind; /* 0=ABSTRACT, 1=STRUCTURAL, 2=AUXILIARY */ char **oc_at_oids_must; /* OPTIONAL */ char **oc_at_oids_may; /* OPTIONAL */ LDAPSchemaExtensionItem **oc_extensions; /* OPTIONAL */ } LDAPObjectClass; typedef struct ldap_contentrule { char *cr_oid; /* REQUIRED */ char **cr_names; /* OPTIONAL */ char *cr_desc; /* OPTIONAL */ char **cr_sup_oids; /* OPTIONAL */ int cr_obsolete; /* 0=no, 1=yes */ char **cr_oc_oids_aux; /* OPTIONAL */ char **cr_at_oids_must; /* OPTIONAL */ char **cr_at_oids_may; /* OPTIONAL */ char **cr_at_oids_not; /* OPTIONAL */ LDAPSchemaExtensionItem **cr_extensions; /* OPTIONAL */ } LDAPContentRule; typedef struct ldap_nameform { char *nf_oid; /* REQUIRED */ char **nf_names; /* OPTIONAL */ char *nf_desc; /* OPTIONAL */ int nf_obsolete; /* 0=no, 1=yes */ char *nf_objectclass; /* REQUIRED */ char **nf_at_oids_must; /* REQUIRED */ char **nf_at_oids_may; /* OPTIONAL */ LDAPSchemaExtensionItem **nf_extensions; /* OPTIONAL */ } LDAPNameForm; typedef struct ldap_structurerule { int sr_ruleid; /* REQUIRED */ char **sr_names; /* OPTIONAL */ char *sr_desc; /* OPTIONAL */ int sr_obsolete; /* 0=no, 1=yes */ char *sr_nameform; /* REQUIRED */ int sr_nsup_ruleids;/* number of sr_sup_ruleids */ int *sr_sup_ruleids;/* OPTIONAL */ LDAPSchemaExtensionItem **sr_extensions; /* OPTIONAL */ } LDAPStructureRule; /* * Misc macros */ #define LDAP_SCHEMA_NO 0 #define LDAP_SCHEMA_YES 1 #define LDAP_SCHEMA_USER_APPLICATIONS 0 #define LDAP_SCHEMA_DIRECTORY_OPERATION 1 #define LDAP_SCHEMA_DISTRIBUTED_OPERATION 2 #define LDAP_SCHEMA_DSA_OPERATION 3 #define LDAP_SCHEMA_ABSTRACT 0 #define LDAP_SCHEMA_STRUCTURAL 1 #define LDAP_SCHEMA_AUXILIARY 2 /* * Flags that control how liberal the parsing routines are. */ #define LDAP_SCHEMA_ALLOW_NONE 0x00U /* Strict parsing */ #define LDAP_SCHEMA_ALLOW_NO_OID 0x01U /* Allow missing oid */ #define LDAP_SCHEMA_ALLOW_QUOTED 0x02U /* Allow bogus extra quotes */ #define LDAP_SCHEMA_ALLOW_DESCR 0x04U /* Allow descr instead of OID */ #define LDAP_SCHEMA_ALLOW_DESCR_PREFIX 0x08U /* Allow descr as OID prefix */ #define LDAP_SCHEMA_ALLOW_OID_MACRO 0x10U /* Allow OID macros in slapd */ #define LDAP_SCHEMA_ALLOW_OUT_OF_ORDER_FIELDS 0x20U /* Allow fields in most any order */ #define LDAP_SCHEMA_ALLOW_ALL 0x3fU /* Be very liberal in parsing */ #define LDAP_SCHEMA_SKIP 0x80U /* Don't malloc any result */ LDAP_F( LDAP_CONST char * ) ldap_syntax2name LDAP_P(( LDAPSyntax * syn )); LDAP_F( LDAP_CONST char * ) ldap_matchingrule2name LDAP_P(( LDAPMatchingRule * mr )); LDAP_F( LDAP_CONST char * ) ldap_matchingruleuse2name LDAP_P(( LDAPMatchingRuleUse * mru )); LDAP_F( LDAP_CONST char * ) ldap_attributetype2name LDAP_P(( LDAPAttributeType * at )); LDAP_F( LDAP_CONST char * ) ldap_objectclass2name LDAP_P(( LDAPObjectClass * oc )); LDAP_F( LDAP_CONST char * ) ldap_contentrule2name LDAP_P(( LDAPContentRule * cr )); LDAP_F( LDAP_CONST char * ) ldap_nameform2name LDAP_P(( LDAPNameForm * nf )); LDAP_F( LDAP_CONST char * ) ldap_structurerule2name LDAP_P(( LDAPStructureRule * sr )); LDAP_F( void ) ldap_syntax_free LDAP_P(( LDAPSyntax * syn )); LDAP_F( void ) ldap_matchingrule_free LDAP_P(( LDAPMatchingRule * mr )); LDAP_F( void ) ldap_matchingruleuse_free LDAP_P(( LDAPMatchingRuleUse * mr )); LDAP_F( void ) ldap_attributetype_free LDAP_P(( LDAPAttributeType * at )); LDAP_F( void ) ldap_objectclass_free LDAP_P(( LDAPObjectClass * oc )); LDAP_F( void ) ldap_contentrule_free LDAP_P(( LDAPContentRule * cr )); LDAP_F( void ) ldap_nameform_free LDAP_P(( LDAPNameForm * nf )); LDAP_F( void ) ldap_structurerule_free LDAP_P(( LDAPStructureRule * sr )); LDAP_F( LDAPStructureRule * ) ldap_str2structurerule LDAP_P(( LDAP_CONST char * s, int * code, LDAP_CONST char ** errp, LDAP_CONST unsigned flags )); LDAP_F( LDAPNameForm * ) ldap_str2nameform LDAP_P(( LDAP_CONST char * s, int * code, LDAP_CONST char ** errp, LDAP_CONST unsigned flags )); LDAP_F( LDAPContentRule * ) ldap_str2contentrule LDAP_P(( LDAP_CONST char * s, int * code, LDAP_CONST char ** errp, LDAP_CONST unsigned flags )); LDAP_F( LDAPObjectClass * ) ldap_str2objectclass LDAP_P(( LDAP_CONST char * s, int * code, LDAP_CONST char ** errp, LDAP_CONST unsigned flags )); LDAP_F( LDAPAttributeType * ) ldap_str2attributetype LDAP_P(( LDAP_CONST char * s, int * code, LDAP_CONST char ** errp, LDAP_CONST unsigned flags )); LDAP_F( LDAPSyntax * ) ldap_str2syntax LDAP_P(( LDAP_CONST char * s, int * code, LDAP_CONST char ** errp, LDAP_CONST unsigned flags )); LDAP_F( LDAPMatchingRule * ) ldap_str2matchingrule LDAP_P(( LDAP_CONST char * s, int * code, LDAP_CONST char ** errp, LDAP_CONST unsigned flags )); LDAP_F( LDAPMatchingRuleUse * ) ldap_str2matchingruleuse LDAP_P(( LDAP_CONST char * s, int * code, LDAP_CONST char ** errp, LDAP_CONST unsigned flags )); LDAP_F( char * ) ldap_structurerule2str LDAP_P(( LDAPStructureRule * sr )); LDAP_F( struct berval * ) ldap_structurerule2bv LDAP_P(( LDAPStructureRule * sr, struct berval *bv )); LDAP_F( char * ) ldap_nameform2str LDAP_P(( LDAPNameForm * nf )); LDAP_F( struct berval * ) ldap_nameform2bv LDAP_P(( LDAPNameForm * nf, struct berval *bv )); LDAP_F( char * ) ldap_contentrule2str LDAP_P(( LDAPContentRule * cr )); LDAP_F( struct berval * ) ldap_contentrule2bv LDAP_P(( LDAPContentRule * cr, struct berval *bv )); LDAP_F( char * ) ldap_objectclass2str LDAP_P(( LDAPObjectClass * oc )); LDAP_F( struct berval * ) ldap_objectclass2bv LDAP_P(( LDAPObjectClass * oc, struct berval *bv )); LDAP_F( char * ) ldap_attributetype2str LDAP_P(( LDAPAttributeType * at )); LDAP_F( struct berval * ) ldap_attributetype2bv LDAP_P(( LDAPAttributeType * at, struct berval *bv )); LDAP_F( char * ) ldap_syntax2str LDAP_P(( LDAPSyntax * syn )); LDAP_F( struct berval * ) ldap_syntax2bv LDAP_P(( LDAPSyntax * syn, struct berval *bv )); LDAP_F( char * ) ldap_matchingrule2str LDAP_P(( LDAPMatchingRule * mr )); LDAP_F( struct berval * ) ldap_matchingrule2bv LDAP_P(( LDAPMatchingRule * mr, struct berval *bv )); LDAP_F( char * ) ldap_matchingruleuse2str LDAP_P(( LDAPMatchingRuleUse * mru )); LDAP_F( struct berval * ) ldap_matchingruleuse2bv LDAP_P(( LDAPMatchingRuleUse * mru, struct berval *bv )); LDAP_F( char * ) ldap_scherr2str LDAP_P(( int code )) LDAP_GCCATTR((const)); LDAP_END_DECL #endif openldap-2.5.16+dfsg/include/lber_pvt.h0000644000175000017500000001250714461774414017322 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* * lber_pvt.h - Header for ber_pvt_ functions. * These are meant to be internal to OpenLDAP Software. */ #ifndef _LBER_PVT_H #define _LBER_PVT_H 1 #include LDAP_BEGIN_DECL /* for allocating aligned buffers (on the stack) */ #define LBER_ALIGNED_BUFFER(uname,size) \ union uname { \ char buffer[size]; \ /* force alignment */ \ int ialign; \ long lalign; \ float falign; \ double dalign; \ char* palign; \ } #define LBER_ELEMENT_SIZEOF (256) /* must be >= sizeof(BerElement) */ typedef LBER_ALIGNED_BUFFER(lber_berelement_u,LBER_ELEMENT_SIZEOF) BerElementBuffer; typedef struct sockbuf_buf { ber_len_t buf_size; ber_len_t buf_ptr; ber_len_t buf_end; char *buf_base; } Sockbuf_Buf; /* * bprint.c */ LBER_V( BER_LOG_PRINT_FN ) ber_pvt_log_print; LBER_F( int ) ber_pvt_log_printf LDAP_P(( int errlvl, int loglvl, const char *fmt, ... )) LDAP_GCCATTR((format(printf, 3, 4))); /* * sockbuf.c */ LBER_F( ber_slen_t ) ber_pvt_sb_do_write LDAP_P(( Sockbuf_IO_Desc *sbiod, Sockbuf_Buf *buf_out )); LBER_F( void ) ber_pvt_sb_buf_init LDAP_P(( Sockbuf_Buf *buf )); LBER_F( void ) ber_pvt_sb_buf_destroy LDAP_P(( Sockbuf_Buf *buf )); LBER_F( int ) ber_pvt_sb_grow_buffer LDAP_P(( Sockbuf_Buf *buf, ber_len_t minsize )); LBER_F( ber_len_t ) ber_pvt_sb_copy_out LDAP_P(( Sockbuf_Buf *sbb, char *buf, ber_len_t len )); LBER_F( int ) ber_pvt_socket_set_nonblock LDAP_P(( ber_socket_t sd, int nb )); /* * memory.c */ LBER_F( void * ) ber_memalloc_x LDAP_P(( ber_len_t s, void *ctx)); LBER_F( void * ) ber_memrealloc_x LDAP_P(( void* p, ber_len_t s, void *ctx )); LBER_F( void * ) ber_memcalloc_x LDAP_P(( ber_len_t n, ber_len_t s, void *ctx )); LBER_F( void ) ber_memfree_x LDAP_P(( void* p, void *ctx )); LBER_F( void ) ber_memvfree_x LDAP_P(( void** vector, void *ctx )); LBER_F( void ) ber_bvfree_x LDAP_P(( struct berval *bv, void *ctx )); LBER_F( void ) ber_bvecfree_x LDAP_P(( struct berval **bv, void *ctx )); LBER_F( int ) ber_bvecadd_x LDAP_P(( struct berval ***bvec, struct berval *bv, void *ctx )); LBER_F( struct berval * ) ber_dupbv_x LDAP_P(( struct berval *dst, struct berval *src, void *ctx )); LBER_F( struct berval * ) ber_str2bv_x LDAP_P(( LDAP_CONST char *, ber_len_t len, int dup, struct berval *bv, void *ctx)); LBER_F( struct berval * ) ber_mem2bv_x LDAP_P(( LDAP_CONST char *, ber_len_t len, int dup, struct berval *bv, void *ctx)); LBER_F( char * ) ber_strdup_x LDAP_P(( LDAP_CONST char *, void *ctx )); LBER_F( struct berval * ) ber_bvreplace_x LDAP_P(( struct berval *dst, LDAP_CONST struct berval *src, void *ctx )); LBER_F( void ) ber_bvarray_free_x LDAP_P(( BerVarray p, void *ctx )); LBER_F( int ) ber_bvarray_add_x LDAP_P(( BerVarray *p, BerValue *bv, void *ctx )); LBER_F( int ) ber_bvarray_dup_x LDAP_P(( BerVarray *dst, BerVarray src, void *ctx )); #if 0 #define ber_bvstrcmp(v1,v2) \ ((v1)->bv_len < (v2)->bv_len \ ? -1 : ((v1)->bv_len > (v2)->bv_len \ ? 1 : strncmp((v1)->bv_val, (v2)->bv_val, (v1)->bv_len) )) #else /* avoid strncmp() */ #define ber_bvstrcmp(v1,v2) ber_bvcmp((v1),(v2)) #endif #define ber_bvstrcasecmp(v1,v2) \ ((v1)->bv_len < (v2)->bv_len \ ? -1 : ((v1)->bv_len > (v2)->bv_len \ ? 1 : strncasecmp((v1)->bv_val, (v2)->bv_val, (v1)->bv_len) )) #define ber_bvccmp(v1,c) \ ( (v1)->bv_len == 1 && (v1)->bv_val[0] == (c) ) #define ber_strccmp(s,c) \ ( (s)[0] == (c) && (s)[1] == '\0' ) #define ber_bvchr(bv,c) \ ((char *) memchr( (bv)->bv_val, (c), (bv)->bv_len )) #define ber_bvrchr(bv,c) \ ((char *) lutil_memrchr( (bv)->bv_val, (c), (bv)->bv_len )) #define ber_bvchr_post(dst,bv,c) \ do { \ (dst)->bv_val = memchr( (bv)->bv_val, (c), (bv)->bv_len ); \ (dst)->bv_len = (dst)->bv_val ? (bv)->bv_len - ((dst)->bv_val - (bv)->bv_val) : 0; \ } while (0) #define ber_bvchr_pre(dst,bv,c) \ do { \ (dst)->bv_val = memchr( (bv)->bv_val, (c), (bv)->bv_len ); \ (dst)->bv_len = (dst)->bv_val ? ((dst)->bv_val - (bv)->bv_val) : (bv)->bv_len; \ (dst)->bv_val = (bv)->bv_val; \ } while (0) #define ber_bvrchr_post(dst,bv,c) \ do { \ (dst)->bv_val = lutil_memrchr( (bv)->bv_val, (c), (bv)->bv_len ); \ (dst)->bv_len = (dst)->bv_val ? (bv)->bv_len - ((dst)->bv_val - (bv)->bv_val) : 0; \ } while (0) #define ber_bvrchr_pre(dst,bv,c) \ do { \ (dst)->bv_val = lutil_memrchr( (bv)->bv_val, (c), (bv)->bv_len ); \ (dst)->bv_len = (dst)->bv_val ? ((dst)->bv_val - (bv)->bv_val) : (bv)->bv_len; \ (dst)->bv_val = (bv)->bv_val; \ } while (0) #define BER_STRLENOF(s) (sizeof(s)-1) #define BER_BVC(s) { BER_STRLENOF(s), (char *)(s) } #define BER_BVNULL { 0L, NULL } #define BER_BVZERO(bv) \ do { \ (bv)->bv_len = 0; \ (bv)->bv_val = NULL; \ } while (0) #define BER_BVSTR(bv,s) \ do { \ (bv)->bv_len = BER_STRLENOF(s); \ (bv)->bv_val = (s); \ } while (0) #define BER_BVISNULL(bv) ((bv)->bv_val == NULL) #define BER_BVISEMPTY(bv) ((bv)->bv_len == 0) LDAP_END_DECL #endif openldap-2.5.16+dfsg/include/ldap_utf8.h0000644000175000017500000000661414461774414017375 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* This notice applies to changes, created by or for Novell, Inc., * to preexisting works for which notices appear elsewhere in this file. * * Copyright (C) 2000 Novell, Inc. All Rights Reserved. * * THIS WORK IS SUBJECT TO U.S. AND INTERNATIONAL COPYRIGHT LAWS AND TREATIES. * USE, MODIFICATION, AND REDISTRIBUTION OF THIS WORK IS SUBJECT TO VERSION * 2.0.1 OF THE OPENLDAP PUBLIC LICENSE, A COPY OF WHICH IS AVAILABLE AT * HTTP://WWW.OPENLDAP.ORG/LICENSE.HTML OR IN THE FILE "LICENSE" IN THE * TOP-LEVEL DIRECTORY OF THE DISTRIBUTION. ANY USE OR EXPLOITATION OF THIS * WORK OTHER THAN AS AUTHORIZED IN VERSION 2.0.1 OF THE OPENLDAP PUBLIC * LICENSE, OR OTHER PRIOR WRITTEN CONSENT FROM NOVELL, COULD SUBJECT THE * PERPETRATOR TO CRIMINAL AND CIVIL LIABILITY. */ /* Note: A verbatim copy of version 2.0.1 of the OpenLDAP Public License * can be found in the file "build/LICENSE-2.0.1" in this distribution * of OpenLDAP Software. */ #ifndef _LDAP_UTF8_H #define _LDAP_UTF8_H #include /* get ber_*_t */ /* * UTF-8 Utility Routines */ LDAP_BEGIN_DECL #define LDAP_UCS4_INVALID (0x80000000U) typedef ber_int_t ldap_ucs4_t; /* LDAP_MAX_UTF8_LEN is 3 or 6 depending on size of wchar_t */ #define LDAP_MAX_UTF8_LEN ( sizeof(wchar_t) * 3/2 ) /* Unicode conversion routines */ LDAP_F( ldap_ucs4_t ) ldap_x_utf8_to_ucs4( LDAP_CONST char * p ); LDAP_F( int ) ldap_x_ucs4_to_utf8( ldap_ucs4_t c, char *buf ); /* * Wide Char / UTF-8 Conversion Routines */ /* UTF-8 character to Wide Char */ LDAP_F(int) ldap_x_utf8_to_wc LDAP_P(( wchar_t *wchar, LDAP_CONST char *utf8char )); /* UTF-8 string to Wide Char string */ LDAP_F(int) ldap_x_utf8s_to_wcs LDAP_P(( wchar_t *wcstr, LDAP_CONST char *utf8str, size_t count )); /* Wide Char to UTF-8 character */ LDAP_F(int) ldap_x_wc_to_utf8 LDAP_P(( char *utf8char, wchar_t wchar, size_t count )); /* Wide Char string to UTF-8 string */ LDAP_F(int) ldap_x_wcs_to_utf8s LDAP_P(( char *utf8str, LDAP_CONST wchar_t *wcstr, size_t count )); /* * MultiByte Char / UTF-8 Conversion Routines */ /* UTF-8 character to MultiByte character */ LDAP_F(int) ldap_x_utf8_to_mb LDAP_P(( char *mbchar, LDAP_CONST char *utf8char, int (*ldap_f_wctomb)( char *mbchar, wchar_t wchar ))); /* UTF-8 string to MultiByte string */ LDAP_F(int) ldap_x_utf8s_to_mbs LDAP_P(( char *mbstr, LDAP_CONST char *utf8str, size_t count, size_t (*ldap_f_wcstombs)( char *mbstr, LDAP_CONST wchar_t *wcstr, size_t count) )); /* MultiByte character to UTF-8 character */ LDAP_F(int) ldap_x_mb_to_utf8 LDAP_P(( char *utf8char, LDAP_CONST char *mbchar, size_t mbsize, int (*ldap_f_mbtowc)( wchar_t *wchar, LDAP_CONST char *mbchar, size_t count) )); /* MultiByte string to UTF-8 string */ LDAP_F(int) ldap_x_mbs_to_utf8s LDAP_P(( char *utf8str, LDAP_CONST char *mbstr, size_t count, size_t (*ldap_f_mbstowcs)( wchar_t *wcstr, LDAP_CONST char *mbstr, size_t count) )); LDAP_END_DECL #endif /* _LDAP_UTF8_H */ openldap-2.5.16+dfsg/include/getopt-compat.h0000644000175000017500000000203414461774414020262 0ustar sergiosergio/* getopt-compat.h -- getopt(3) compatibility header */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* * getopt(3) declarations */ #ifndef _GETOPT_COMPAT_H #define _GETOPT_COMPAT_H #include LDAP_BEGIN_DECL /* change symbols to avoid clashing */ #define optarg lutil_optarg #define optind lutil_optind #define opterr lutil_opterr #define optopt lutil_optopt #define getopt lutil_getopt LDAP_LUTIL_V (char *) optarg; LDAP_LUTIL_V (int) optind, opterr, optopt; LDAP_LUTIL_F (int) getopt LDAP_P(( int, char * const [], const char *)); LDAP_END_DECL #endif /* _GETOPT_COMPAT_H */ openldap-2.5.16+dfsg/include/ldap_features.hin0000644000175000017500000000270514461774414020651 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* * LDAP Features */ #ifndef _LDAP_FEATURES_H #define _LDAP_FEATURES_H 1 /* OpenLDAP API version macros */ #undef LDAP_VENDOR_VERSION #undef LDAP_VENDOR_VERSION_MAJOR #undef LDAP_VENDOR_VERSION_MINOR #undef LDAP_VENDOR_VERSION_PATCH /* ** WORK IN PROGRESS! ** ** OpenLDAP reentrancy/thread-safeness should be dynamically ** checked using ldap_get_option(). ** ** If built with thread support, the -lldap implementation is: ** LDAP_API_FEATURE_THREAD_SAFE (basic thread safety) ** LDAP_API_FEATURE_SESSION_THREAD_SAFE ** LDAP_API_FEATURE_OPERATION_THREAD_SAFE ** ** The preprocessor flag LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE ** can be used to determine if -lldap is thread safe at compile ** time. ** */ /* is -lldap reentrant or not */ #undef LDAP_API_FEATURE_X_OPENLDAP_REENTRANT /* is -lldap thread safe or not */ #undef LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE /* LDAP v2 Referrals */ #undef LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS #endif /* LDAP_FEATURES */ openldap-2.5.16+dfsg/include/lutil_lockf.h0000644000175000017500000000145514461774414020014 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* File locking methods * * lutil_lockf() will block until an exclusive lock is acquired. */ #ifndef _LUTIL_LOCKF_H_ #define _LUTIL_LOCKF_H_ LDAP_BEGIN_DECL LDAP_LUTIL_F( int ) lutil_lockf LDAP_P(( int fd )); LDAP_LUTIL_F( int ) lutil_unlockf LDAP_P(( int fd )); LDAP_END_DECL #endif /* _LUTIL_LOCKF_H_ */ openldap-2.5.16+dfsg/include/openldap.h0000644000175000017500000000170414461774414017304 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 2019-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* openldap.h - Header for openldap specific interfaces. */ #ifndef _OPENLDAP_H #define _OPENLDAP_H 1 #include LDAP_BEGIN_DECL #define LDAP_PROTO_TCP 1 /* ldap:// */ #define LDAP_PROTO_UDP 2 /* reserved */ #define LDAP_PROTO_IPC 3 /* ldapi:// */ #define LDAP_PROTO_EXT 4 /* user-defined socket/sockbuf */ LDAP_F( int ) ldap_init_fd LDAP_P(( ber_socket_t fd, int proto, LDAP_CONST char *url, LDAP **ldp )); LDAP_END_DECL #endif /* _OPENLDAP_H */ openldap-2.5.16+dfsg/include/slapi-plugin.h0000644000175000017500000011272014461774414020107 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * Portions Copyright 1997,2002,2003 IBM Corporation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* * This header is used in development of SLAPI plugins for * OpenLDAP slapd(8) and other directory servers supporting * this interface. Your portability mileage may vary. */ #ifndef _SLAPI_PLUGIN_H #define _SLAPI_PLUGIN_H #include typedef struct slapi_pblock Slapi_PBlock; typedef struct slapi_entry Slapi_Entry; typedef struct slapi_attr Slapi_Attr; typedef struct slapi_value Slapi_Value; typedef struct slapi_valueset Slapi_ValueSet; typedef struct slapi_filter Slapi_Filter; typedef struct BackendDB Slapi_Backend; typedef struct Operation Slapi_Operation; typedef struct Connection Slapi_Connection; typedef struct slapi_dn Slapi_DN; typedef struct slapi_rdn Slapi_RDN; typedef struct slapi_mod Slapi_Mod; typedef struct slapi_mods Slapi_Mods; typedef struct slapi_componentid Slapi_ComponentId; #define SLAPI_ATTR_UNIQUEID "entryUUID" #define SLAPI_ATTR_OBJECTCLASS "objectClass" /* pblock routines */ int slapi_pblock_get( Slapi_PBlock *pb, int arg, void *value ); int slapi_pblock_set( Slapi_PBlock *pb, int arg, void *value ); Slapi_PBlock *slapi_pblock_new( void ); void slapi_pblock_destroy( Slapi_PBlock *pb ); /* entry/attr/dn routines */ Slapi_Entry *slapi_str2entry( char *s, int flags ); #define SLAPI_STR2ENTRY_REMOVEDUPVALS 1 #define SLAPI_STR2ENTRY_ADDRDNVALS 2 #define SLAPI_STR2ENTRY_BIGENTRY 4 #define SLAPI_STR2ENTRY_TOMBSTONE_CHECK 8 #define SLAPI_STR2ENTRY_IGNORE_STATE 16 #define SLAPI_STR2ENTRY_INCLUDE_VERSION_STR 32 #define SLAPI_STR2ENTRY_EXPAND_OBJECTCLASSES 64 #define SLAPI_STR2ENTRY_NOT_WELL_FORMED_LDIF 128 char *slapi_entry2str( Slapi_Entry *e, int *len ); char *slapi_entry_get_dn( Slapi_Entry *e ); int slapi_x_entry_get_id( Slapi_Entry *e ); void slapi_entry_set_dn( Slapi_Entry *e, char *dn ); Slapi_Entry *slapi_entry_dup( Slapi_Entry *e ); int slapi_entry_attr_delete( Slapi_Entry *e, char *type ); Slapi_Entry *slapi_entry_alloc(); void slapi_entry_free( Slapi_Entry *e ); int slapi_entry_attr_merge( Slapi_Entry *e, char *type, struct berval **vals ); int slapi_entry_attr_find( Slapi_Entry *e, char *type, Slapi_Attr **attr ); char *slapi_entry_attr_get_charptr( const Slapi_Entry *e, const char *type ); int slapi_entry_attr_get_int( const Slapi_Entry *e, const char *type ); long slapi_entry_attr_get_long( const Slapi_Entry *e, const char *type ); unsigned int slapi_entry_attr_get_uint( const Slapi_Entry *e, const char *type ); unsigned long slapi_entry_attr_get_ulong( const Slapi_Entry *e, const char *type ); int slapi_attr_get_values( Slapi_Attr *attr, struct berval ***vals ); char *slapi_dn_normalize( char *dn ); char *slapi_dn_normalize_case( char *dn ); int slapi_dn_issuffix( char *dn, char *suffix ); char *slapi_dn_beparent( Slapi_PBlock *pb, const char *dn ); int slapi_dn_isbesuffix( Slapi_PBlock *pb, char *dn ); char *slapi_dn_parent( const char *dn ); int slapi_dn_isparent( const char *parentdn, const char *childdn ); char *slapi_dn_ignore_case( char *dn ); int slapi_rdn2typeval( char *rdn, char **type, struct berval *bv ); char *slapi_dn_plus_rdn(const char *dn, const char *rdn); /* DS 5.x SLAPI */ int slapi_access_allowed( Slapi_PBlock *pb, Slapi_Entry *e, char *attr, struct berval *val, int access ); int slapi_acl_check_mods( Slapi_PBlock *pb, Slapi_Entry *e, LDAPMod **mods, char **errbuf ); Slapi_Attr *slapi_attr_new( void ); Slapi_Attr *slapi_attr_init( Slapi_Attr *a, const char *type ); void slapi_attr_free( Slapi_Attr **a ); Slapi_Attr *slapi_attr_dup( const Slapi_Attr *attr ); int slapi_attr_add_value( Slapi_Attr *a, const Slapi_Value *v ); int slapi_attr_type2plugin( const char *type, void **pi ); int slapi_attr_get_type( const Slapi_Attr *attr, char **type ); int slapi_attr_get_oid_copy( const Slapi_Attr *attr, char **oidp ); int slapi_attr_get_flags( const Slapi_Attr *attr, unsigned long *flags ); int slapi_attr_flag_is_set( const Slapi_Attr *attr, unsigned long flag ); int slapi_attr_value_cmp( const Slapi_Attr *attr, const struct berval *v1, const struct berval *v2 ); int slapi_attr_value_find( const Slapi_Attr *a, struct berval *v ); #define SLAPI_TYPE_CMP_EXACT 0 #define SLAPI_TYPE_CMP_BASE 1 #define SLAPI_TYPE_CMP_SUBTYPE 2 int slapi_attr_type_cmp( const char *t1, const char *t2, int opt ); int slapi_attr_types_equivalent( const char *t1, const char *t2 ); int slapi_attr_first_value( Slapi_Attr *a, Slapi_Value **v ); int slapi_attr_next_value( Slapi_Attr *a, int hint, Slapi_Value **v ); int slapi_attr_get_numvalues( const Slapi_Attr *a, int *numValues ); int slapi_attr_get_valueset( const Slapi_Attr *a, Slapi_ValueSet **vs ); int slapi_attr_get_bervals_copy( Slapi_Attr *a, struct berval ***vals ); int slapi_entry_attr_hasvalue( Slapi_Entry *e, const char *type, const char *value ); int slapi_entry_attr_merge_sv( Slapi_Entry *e, const char *type, Slapi_Value **vals ); void slapi_entry_attr_set_charptr(Slapi_Entry* e, const char *type, const char *value); void slapi_entry_attr_set_int( Slapi_Entry* e, const char *type, int l); void slapi_entry_attr_set_uint( Slapi_Entry* e, const char *type, unsigned int l); void slapi_entry_attr_set_long(Slapi_Entry* e, const char *type, long l); void slapi_entry_attr_set_ulong(Slapi_Entry* e, const char *type, unsigned long l); int slapi_entry_has_children(const Slapi_Entry *e); size_t slapi_entry_size(Slapi_Entry *e); int slapi_is_rootdse( const char *dn ); int slapi_entry_attr_merge_sv( Slapi_Entry *e, const char *type, Slapi_Value **vals ); int slapi_entry_add_values_sv( Slapi_Entry *e, const char *type, Slapi_Value **vals ); int slapi_entry_add_valueset(Slapi_Entry *e, const char *type, Slapi_ValueSet *vs); int slapi_entry_delete_values_sv( Slapi_Entry *e, const char *type, Slapi_Value **vals ); int slapi_entry_merge_values_sv( Slapi_Entry *e, const char *type, Slapi_Value **vals ); int slapi_entry_attr_replace_sv( Slapi_Entry *e, const char *type, Slapi_Value **vals ); int slapi_entry_add_value(Slapi_Entry *e, const char *type, const Slapi_Value *value); int slapi_entry_add_string(Slapi_Entry *e, const char *type, const char *value); int slapi_entry_delete_string(Slapi_Entry *e, const char *type, const char *value); int slapi_entry_first_attr( const Slapi_Entry *e, Slapi_Attr **attr ); int slapi_entry_next_attr( const Slapi_Entry *e, Slapi_Attr *prevattr, Slapi_Attr **attr ); const char *slapi_entry_get_uniqueid( const Slapi_Entry *e ); void slapi_entry_set_uniqueid( Slapi_Entry *e, char *uniqueid ); int slapi_entry_schema_check( Slapi_PBlock *pb, Slapi_Entry *e ); int slapi_entry_rdn_values_present( const Slapi_Entry *e ); int slapi_entry_add_rdn_values( Slapi_Entry *e ); char *slapi_attr_syntax_normalize( const char *s ); Slapi_Value *slapi_value_new( void ); Slapi_Value *slapi_value_new_berval(const struct berval *bval); Slapi_Value *slapi_value_new_value(const Slapi_Value *v); Slapi_Value *slapi_value_new_string(const char *s); Slapi_Value *slapi_value_init(Slapi_Value *v); Slapi_Value *slapi_value_init_berval(Slapi_Value *v, struct berval *bval); Slapi_Value *slapi_value_init_string(Slapi_Value *v, const char *s); Slapi_Value *slapi_value_dup(const Slapi_Value *v); void slapi_value_free(Slapi_Value **value); const struct berval *slapi_value_get_berval( const Slapi_Value *value ); Slapi_Value *slapi_value_set_berval( Slapi_Value *value, const struct berval *bval ); Slapi_Value *slapi_value_set_value( Slapi_Value *value, const Slapi_Value *vfrom); Slapi_Value *slapi_value_set( Slapi_Value *value, void *val, unsigned long len); int slapi_value_set_string(Slapi_Value *value, const char *strVal); int slapi_value_set_int(Slapi_Value *value, int intVal); const char*slapi_value_get_string(const Slapi_Value *value); int slapi_value_get_int(const Slapi_Value *value); unsigned int slapi_value_get_uint(const Slapi_Value *value); long slapi_value_get_long(const Slapi_Value *value); unsigned long slapi_value_get_ulong(const Slapi_Value *value); size_t slapi_value_get_length(const Slapi_Value *value); int slapi_value_compare(const Slapi_Attr *a, const Slapi_Value *v1, const Slapi_Value *v2); Slapi_ValueSet *slapi_valueset_new( void ); void slapi_valueset_free(Slapi_ValueSet *vs); void slapi_valueset_init(Slapi_ValueSet *vs); void slapi_valueset_done(Slapi_ValueSet *vs); void slapi_valueset_add_value(Slapi_ValueSet *vs, const Slapi_Value *addval); int slapi_valueset_first_value( Slapi_ValueSet *vs, Slapi_Value **v ); int slapi_valueset_next_value( Slapi_ValueSet *vs, int index, Slapi_Value **v); int slapi_valueset_count( const Slapi_ValueSet *vs); void slapi_valueset_set_valueset(Slapi_ValueSet *vs1, const Slapi_ValueSet *vs2); /* DNs */ Slapi_DN *slapi_sdn_new( void ); Slapi_DN *slapi_sdn_new_dn_byval( const char *dn ); Slapi_DN *slapi_sdn_new_ndn_byval( const char *ndn ); Slapi_DN *slapi_sdn_new_dn_byref( const char *dn ); Slapi_DN *slapi_sdn_new_ndn_byref( const char *ndn ); Slapi_DN *slapi_sdn_new_dn_passin( const char *dn ); Slapi_DN *slapi_sdn_set_dn_byval( Slapi_DN *sdn, const char *dn ); Slapi_DN *slapi_sdn_set_dn_byref( Slapi_DN *sdn, const char *dn ); Slapi_DN *slapi_sdn_set_dn_passin( Slapi_DN *sdn, const char *dn ); Slapi_DN *slapi_sdn_set_ndn_byval( Slapi_DN *sdn, const char *ndn ); Slapi_DN *slapi_sdn_set_ndn_byref( Slapi_DN *sdn, const char *ndn ); void slapi_sdn_done( Slapi_DN *sdn ); void slapi_sdn_free( Slapi_DN **sdn ); const char * slapi_sdn_get_dn( const Slapi_DN *sdn ); const char * slapi_sdn_get_ndn( const Slapi_DN *sdn ); void slapi_sdn_get_parent( const Slapi_DN *sdn,Slapi_DN *sdn_parent ); void slapi_sdn_get_backend_parent( const Slapi_DN *sdn, Slapi_DN *sdn_parent, const Slapi_Backend *backend ); Slapi_DN * slapi_sdn_dup( const Slapi_DN *sdn ); void slapi_sdn_copy( const Slapi_DN *from, Slapi_DN *to ); int slapi_sdn_compare( const Slapi_DN *sdn1, const Slapi_DN *sdn2 ); int slapi_sdn_isempty( const Slapi_DN *sdn ); int slapi_sdn_issuffix(const Slapi_DN *sdn, const Slapi_DN *suffixsdn ); int slapi_sdn_isparent( const Slapi_DN *parent, const Slapi_DN *child ); int slapi_sdn_isgrandparent( const Slapi_DN *parent, const Slapi_DN *child ); int slapi_sdn_get_ndn_len( const Slapi_DN *sdn ); int slapi_sdn_scope_test( const Slapi_DN *dn, const Slapi_DN *base, int scope ); void slapi_sdn_get_rdn( const Slapi_DN *sdn,Slapi_RDN *rdn ); Slapi_DN *slapi_sdn_set_rdn( Slapi_DN *sdn, const Slapi_RDN *rdn ); Slapi_DN *slapi_sdn_set_parent( Slapi_DN *sdn, const Slapi_DN *parentdn ); int slapi_sdn_is_rdn_component( const Slapi_DN *rdn, const Slapi_Attr *a, const Slapi_Value *v ); char * slapi_moddn_get_newdn( Slapi_DN *dn_olddn, char *newrdn, char *newsuperiordn ); /* RDNs */ Slapi_RDN *slapi_rdn_new( void ); Slapi_RDN *slapi_rdn_new_dn( const char *dn ); Slapi_RDN *slapi_rdn_new_sdn( const Slapi_DN *sdn ); Slapi_RDN *slapi_rdn_new_rdn( const Slapi_RDN *fromrdn ); void slapi_rdn_init( Slapi_RDN *rdn ); void slapi_rdn_init_dn( Slapi_RDN *rdn, const char *dn ); void slapi_rdn_init_sdn( Slapi_RDN *rdn, const Slapi_DN *sdn ); void slapi_rdn_init_rdn( Slapi_RDN *rdn, const Slapi_RDN *fromrdn ); void slapi_rdn_set_dn( Slapi_RDN *rdn, const char *dn ); void slapi_rdn_set_sdn( Slapi_RDN *rdn, const Slapi_DN *sdn ); void slapi_rdn_set_rdn( Slapi_RDN *rdn, const Slapi_RDN *fromrdn ); void slapi_rdn_free( Slapi_RDN **rdn ); void slapi_rdn_done( Slapi_RDN *rdn ); int slapi_rdn_get_first( Slapi_RDN *rdn, char **type, char **value ); int slapi_rdn_get_next( Slapi_RDN *rdn, int index, char **type, char **value ); int slapi_rdn_get_index( Slapi_RDN *rdn, const char *type, const char *value, size_t length ); int slapi_rdn_get_index_attr( Slapi_RDN *rdn, const char *type, char **value ); int slapi_rdn_contains( Slapi_RDN *rdn, const char *type, const char *value,size_t length ); int slapi_rdn_contains_attr( Slapi_RDN *rdn, const char *type, char **value ); int slapi_rdn_add( Slapi_RDN *rdn, const char *type, const char *value ); int slapi_rdn_remove_index( Slapi_RDN *rdn, int atindex ); int slapi_rdn_remove( Slapi_RDN *rdn, const char *type, const char *value, size_t length ); int slapi_rdn_remove_attr( Slapi_RDN *rdn, const char *type ); int slapi_rdn_isempty( const Slapi_RDN *rdn ); int slapi_rdn_get_num_components( Slapi_RDN *rdn ); int slapi_rdn_compare( Slapi_RDN *rdn1, Slapi_RDN *rdn2 ); const char *slapi_rdn_get_rdn( const Slapi_RDN *rdn ); const char *slapi_rdn_get_nrdn( const Slapi_RDN *rdn ); Slapi_DN *slapi_sdn_add_rdn( Slapi_DN *sdn, const Slapi_RDN *rdn ); /* locks and synchronization */ typedef struct slapi_mutex Slapi_Mutex; typedef struct slapi_condvar Slapi_CondVar; Slapi_Mutex *slapi_new_mutex( void ); void slapi_destroy_mutex( Slapi_Mutex *mutex ); void slapi_lock_mutex( Slapi_Mutex *mutex ); int slapi_unlock_mutex( Slapi_Mutex *mutex ); Slapi_CondVar *slapi_new_condvar( Slapi_Mutex *mutex ); void slapi_destroy_condvar( Slapi_CondVar *cvar ); int slapi_wait_condvar( Slapi_CondVar *cvar, struct timeval *timeout ); int slapi_notify_condvar( Slapi_CondVar *cvar, int notify_all ); /* thread-safe LDAP connections */ LDAP *slapi_ldap_init( char *ldaphost, int ldapport, int secure, int shared ); void slapi_ldap_unbind( LDAP *ld ); char *slapi_ch_malloc( unsigned long size ); void slapi_ch_free( void **ptr ); void slapi_ch_free_string( char **ptr ); char *slapi_ch_calloc( unsigned long nelem, unsigned long size ); char *slapi_ch_realloc( char *block, unsigned long size ); char *slapi_ch_strdup( const char *s ); void slapi_ch_array_free( char **arrayp ); struct berval *slapi_ch_bvdup(const struct berval *v); struct berval **slapi_ch_bvecdup(const struct berval **v); /* LDAP V3 routines */ int slapi_control_present( LDAPControl **controls, char *oid, struct berval **val, int *iscritical); void slapi_register_supported_control(char *controloid, unsigned long controlops); #define SLAPI_OPERATION_BIND 0x00000001L #define SLAPI_OPERATION_UNBIND 0x00000002L #define SLAPI_OPERATION_SEARCH 0x00000004L #define SLAPI_OPERATION_MODIFY 0x00000008L #define SLAPI_OPERATION_ADD 0x00000010L #define SLAPI_OPERATION_DELETE 0x00000020L #define SLAPI_OPERATION_MODDN 0x00000040L #define SLAPI_OPERATION_MODRDN SLAPI_OPERATION_MODDN #define SLAPI_OPERATION_COMPARE 0x00000080L #define SLAPI_OPERATION_ABANDON 0x00000100L #define SLAPI_OPERATION_EXTENDED 0x00000200L #define SLAPI_OPERATION_ANY 0xFFFFFFFFL #define SLAPI_OPERATION_NONE 0x00000000L int slapi_get_supported_controls(char ***ctrloidsp, unsigned long **ctrlopsp); LDAPControl *slapi_dup_control(LDAPControl *ctrl); void slapi_register_supported_saslmechanism(char *mechanism); char **slapi_get_supported_saslmechanisms(); char **slapi_get_supported_extended_ops(void); /* operation */ int slapi_op_abandoned( Slapi_PBlock *pb ); unsigned long slapi_op_get_type(Slapi_Operation * op); void slapi_operation_set_flag(Slapi_Operation *op, unsigned long flag); void slapi_operation_clear_flag(Slapi_Operation *op, unsigned long flag); int slapi_operation_is_flag_set(Slapi_Operation *op, unsigned long flag); char *slapi_op_type_to_string(unsigned long type); /* send ldap result back */ void slapi_send_ldap_result( Slapi_PBlock *pb, int err, char *matched, char *text, int nentries, struct berval **urls ); int slapi_send_ldap_search_entry( Slapi_PBlock *pb, Slapi_Entry *e, LDAPControl **ectrls, char **attrs, int attrsonly ); int slapi_send_ldap_search_reference( Slapi_PBlock *pb, Slapi_Entry *e, struct berval **urls, LDAPControl **ectrls, struct berval **v2refs ); /* filter routines */ Slapi_Filter *slapi_str2filter( char *str ); Slapi_Filter *slapi_filter_dup( Slapi_Filter *f ); void slapi_filter_free( Slapi_Filter *f, int recurse ); int slapi_filter_get_choice( Slapi_Filter *f); int slapi_filter_get_ava( Slapi_Filter *f, char **type, struct berval **bval ); Slapi_Filter *slapi_filter_list_first( Slapi_Filter *f ); Slapi_Filter *slapi_filter_list_next( Slapi_Filter *f, Slapi_Filter *fprev ); int slapi_filter_get_attribute_type( Slapi_Filter *f, char **type ); int slapi_x_filter_set_attribute_type( Slapi_Filter *f, const char *type ); int slapi_filter_get_subfilt( Slapi_Filter *f, char **type, char **initial, char ***any, char **final ); Slapi_Filter *slapi_filter_join( int ftype, Slapi_Filter *f1, Slapi_Filter *f2); int slapi_x_filter_append( int choice, Slapi_Filter **pContainingFilter, Slapi_Filter **pNextFilter, Slapi_Filter *filterToAppend ); int slapi_filter_test( Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Filter *f, int verify_access ); int slapi_filter_test_simple( Slapi_Entry *e, Slapi_Filter *f ); typedef int (*FILTER_APPLY_FN)( Slapi_Filter *f, void *arg ); int slapi_filter_apply( Slapi_Filter *f, FILTER_APPLY_FN fn, void *arg, int *error_code ); #define SLAPI_FILTER_SCAN_STOP -1 /* set by callback */ #define SLAPI_FILTER_SCAN_ERROR -2 /* set by callback */ #define SLAPI_FILTER_SCAN_NOMORE 0 /* set by callback */ #define SLAPI_FILTER_SCAN_CONTINUE 1 /* set by callback */ #define SLAPI_FILTER_UNKNOWN_FILTER_TYPE 2 /* set by slapi_filter_apply() */ /* internal add/delete/search/modify routines */ Slapi_PBlock *slapi_search_internal( char *base, int scope, char *filter, LDAPControl **controls, char **attrs, int attrsonly ); Slapi_PBlock *slapi_modify_internal( char *dn, LDAPMod **mods, LDAPControl **controls, int log_change ); Slapi_PBlock *slapi_add_internal( char * dn, LDAPMod **attrs, LDAPControl **controls, int log_changes ); Slapi_PBlock *slapi_add_entry_internal( Slapi_Entry * e, LDAPControl **controls, int log_change ); Slapi_PBlock *slapi_delete_internal( char * dn, LDAPControl **controls, int log_change ); Slapi_PBlock *slapi_modrdn_internal( char * olddn, char * newrdn, int deloldrdn, LDAPControl **controls, int log_change ); Slapi_PBlock *slapi_rename_internal( const char * olddn, const char *newrdn, const char *newsuperior, int deloldrdn, LDAPControl **controls, int log_change ); void slapi_free_search_results_internal(Slapi_PBlock *pb); /* new internal add/delete/search/modify routines */ typedef void (*plugin_result_callback)( int rc, void *callback_data ); typedef int (*plugin_referral_entry_callback)( char * referral, void *callback_data ); typedef int (*plugin_search_entry_callback)( Slapi_Entry *e, void *callback_data ); void slapi_free_search_results_internal( Slapi_PBlock *pb ); #define SLAPI_OP_FLAG_NEVER_CHAIN 0x0800 int slapi_search_internal_pb( Slapi_PBlock *pb ); int slapi_search_internal_callback_pb( Slapi_PBlock *pb, void *callback_data, plugin_result_callback prc, plugin_search_entry_callback psec, plugin_referral_entry_callback prec ); int slapi_add_internal_pb( Slapi_PBlock *pb ); int slapi_modify_internal_pb( Slapi_PBlock *pb ); int slapi_modrdn_internal_pb( Slapi_PBlock *pb ); int slapi_delete_internal_pb( Slapi_PBlock *pb ); int slapi_seq_internal_callback_pb(Slapi_PBlock *pb, void *callback_data, plugin_result_callback res_callback, plugin_search_entry_callback srch_callback, plugin_referral_entry_callback ref_callback); void slapi_search_internal_set_pb( Slapi_PBlock *pb, const char *base, int scope, const char *filter, char **attrs, int attrsonly, LDAPControl **controls, const char *uniqueid, Slapi_ComponentId *plugin_identity, int operation_flags ); void slapi_add_entry_internal_set_pb( Slapi_PBlock *pb, Slapi_Entry *e, LDAPControl **controls, Slapi_ComponentId *plugin_identity, int operation_flags ); int slapi_add_internal_set_pb( Slapi_PBlock *pb, const char *dn, LDAPMod **attrs, LDAPControl **controls, Slapi_ComponentId *plugin_identity, int operation_flags ); void slapi_modify_internal_set_pb( Slapi_PBlock *pb, const char *dn, LDAPMod **mods, LDAPControl **controls, const char *uniqueid, Slapi_ComponentId *plugin_identity, int operation_flags ); void slapi_rename_internal_set_pb( Slapi_PBlock *pb, const char *olddn, const char *newrdn, const char *newsuperior, int deloldrdn, LDAPControl **controls, const char *uniqueid, Slapi_ComponentId *plugin_identity, int operation_flags ); void slapi_delete_internal_set_pb( Slapi_PBlock *pb, const char *dn, LDAPControl **controls, const char *uniqueid, Slapi_ComponentId *plugin_identity, int operation_flags ); void slapi_seq_internal_set_pb( Slapi_PBlock *pb, char *ibase, int type, char *attrname, char *val, char **attrs, int attrsonly, LDAPControl **controls, Slapi_ComponentId *plugin_identity, int operation_flags ); /* connection related routines */ int slapi_is_connection_ssl(Slapi_PBlock *pPB, int *isSSL); int slapi_get_client_port(Slapi_PBlock *pPB, int *fromPort); int slapi_get_client_ip(Slapi_PBlock *pb, char **clientIP); void slapi_free_client_ip(char **clientIP); /* computed attributes */ typedef struct _computed_attr_context computed_attr_context; typedef int (*slapi_compute_output_t)(computed_attr_context *c, Slapi_Attr *a, Slapi_Entry *e); typedef int (*slapi_compute_callback_t)(computed_attr_context *c, char *type, Slapi_Entry *e, slapi_compute_output_t outputfn); typedef int (*slapi_search_rewrite_callback_t)(Slapi_PBlock *pb); int slapi_compute_add_evaluator(slapi_compute_callback_t function); int slapi_compute_add_search_rewriter(slapi_search_rewrite_callback_t function); int compute_rewrite_search_filter(Slapi_PBlock *pb); int compute_evaluator(computed_attr_context *c, char *type, Slapi_Entry *e, slapi_compute_output_t outputfn); int slapi_x_compute_get_pblock(computed_attr_context *c, Slapi_PBlock **pb); /* backend routines */ void slapi_be_set_readonly( Slapi_Backend *be, int readonly ); int slapi_be_get_readonly( Slapi_Backend *be ); const char *slapi_x_be_get_updatedn( Slapi_Backend *be ); Slapi_Backend *slapi_be_select( const Slapi_DN *sdn ); /* ACL plugins; only SLAPI_PLUGIN_ACL_ALLOW_ACCESS supported now */ typedef int (*slapi_acl_callback_t)(Slapi_PBlock *pb, Slapi_Entry *e, const char *attr, struct berval *berval, int access, void *state); /* object extensions */ typedef void *(*slapi_extension_constructor_fnptr)(void *object, void *parent); typedef void (*slapi_extension_destructor_fnptr)(void *extension, void *object, void *parent); int slapi_register_object_extension( const char *pluginname, const char *objectname, slapi_extension_constructor_fnptr constructor, slapi_extension_destructor_fnptr destructor, int *objecttype, int *extensionhandle); #define SLAPI_EXT_CONNECTION "Connection" #define SLAPI_EXT_OPERATION "Operation" #define SLAPI_EXT_ENTRY "Entry" #define SLAPI_EXT_MTNODE "Mapping Tree Node" void *slapi_get_object_extension(int objecttype, void *object, int extensionhandle); void slapi_set_object_extension(int objecttype, void *object, int extensionhandle, void *extension); int slapi_x_backend_get_flags( const Slapi_Backend *be, unsigned long *flags ); /* parameters currently supported */ /* * Attribute flags returned by slapi_attr_get_flags() */ #define SLAPI_ATTR_FLAG_SINGLE 0x0001 #define SLAPI_ATTR_FLAG_OPATTR 0x0002 #define SLAPI_ATTR_FLAG_READONLY 0x0004 #define SLAPI_ATTR_FLAG_STD_ATTR SLAPI_ATTR_FLAG_READONLY #define SLAPI_ATTR_FLAG_OBSOLETE 0x0040 #define SLAPI_ATTR_FLAG_COLLECTIVE 0x0080 #define SLAPI_ATTR_FLAG_NOUSERMOD 0x0100 /* * Backend flags returned by slapi_x_backend_get_flags() */ #define SLAPI_BACKEND_FLAG_NOLASTMOD 0x0001U #define SLAPI_BACKEND_FLAG_NO_SCHEMA_CHECK 0x0002U #define SLAPI_BACKEND_FLAG_GLUE_INSTANCE 0x0010U /* a glue backend */ #define SLAPI_BACKEND_FLAG_GLUE_SUBORDINATE 0x0020U /* child of a glue hierarchy */ #define SLAPI_BACKEND_FLAG_GLUE_LINKED 0x0040U /* child is connected to parent */ #define SLAPI_BACKEND_FLAG_OVERLAY 0x0080U /* this db struct is an overlay */ #define SLAPI_BACKEND_FLAG_GLOBAL_OVERLAY 0x0100U /* this db struct is a global overlay */ #define SLAPI_BACKEND_FLAG_SHADOW 0x8000U /* a shadow */ #define SLAPI_BACKEND_FLAG_SYNC_SHADOW 0x1000U /* a sync shadow */ #define SLAPI_BACKEND_FLAG_SLURP_SHADOW 0x2000U /* a slurp shadow */ /* * ACL levels */ #define SLAPI_ACL_COMPARE 0x01 #define SLAPI_ACL_SEARCH 0x02 #define SLAPI_ACL_READ 0x04 #define SLAPI_ACL_WRITE 0x08 #define SLAPI_ACL_DELETE 0x10 #define SLAPI_ACL_ADD 0x20 #define SLAPI_ACL_SELF 0x40 #define SLAPI_ACL_PROXY 0x80 #define SLAPI_ACL_ALL 0x7f /* plugin types supported */ #define SLAPI_PLUGIN_DATABASE 1 #define SLAPI_PLUGIN_EXTENDEDOP 2 #define SLAPI_PLUGIN_PREOPERATION 3 #define SLAPI_PLUGIN_POSTOPERATION 4 #define SLAPI_PLUGIN_MATCHINGRULE 5 #define SLAPI_PLUGIN_SYNTAX 6 #define SLAPI_PLUGIN_AUDIT 7 /* misc params */ #define SLAPI_BACKEND 130 #define SLAPI_CONNECTION 131 #define SLAPI_OPERATION 132 #define SLAPI_REQUESTOR_ISROOT 133 #define SLAPI_BE_MONITORDN 134 #define SLAPI_BE_TYPE 135 #define SLAPI_BE_READONLY 136 #define SLAPI_BE_LASTMOD 137 #define SLAPI_CONN_ID 139 /* operation params */ #define SLAPI_OPINITIATED_TIME 140 #define SLAPI_REQUESTOR_DN 141 #define SLAPI_IS_REPLICATED_OPERATION 142 #define SLAPI_REQUESTOR_ISUPDATEDN SLAPI_IS_REPLICATED_OPERATION /* connection structure params*/ #define SLAPI_CONN_DN 143 #define SLAPI_CONN_AUTHTYPE 144 #define SLAPI_CONN_CLIENTIP 145 #define SLAPI_CONN_SERVERIP 146 /* OpenLDAP extensions */ #define SLAPI_X_CONN_CLIENTPATH 1300 #define SLAPI_X_CONN_SERVERPATH 1301 #define SLAPI_X_CONN_IS_UDP 1302 #define SLAPI_X_CONN_SSF 1303 #define SLAPI_X_CONN_SASL_CONTEXT 1304 #define SLAPI_X_OPERATION_DELETE_GLUE_PARENT 1305 #define SLAPI_X_RELAX 1306 #define SLAPI_X_MANAGEDIT SLAPI_X_RELAX #define SLAPI_X_OPERATION_NO_SCHEMA_CHECK 1307 #define SLAPI_X_ADD_STRUCTURAL_CLASS 1308 #define SLAPI_X_OPERATION_NO_SUBORDINATE_GLUE 1309 /* Authentication types */ #define SLAPD_AUTH_NONE "none" #define SLAPD_AUTH_SIMPLE "simple" #define SLAPD_AUTH_SSL "SSL" #define SLAPD_AUTH_SASL "SASL " /* plugin configuration parmams */ #define SLAPI_PLUGIN 3 #define SLAPI_PLUGIN_PRIVATE 4 #define SLAPI_PLUGIN_TYPE 5 #define SLAPI_PLUGIN_ARGV 6 #define SLAPI_PLUGIN_ARGC 7 #define SLAPI_PLUGIN_VERSION 8 #define SLAPI_PLUGIN_OPRETURN 9 #define SLAPI_PLUGIN_OBJECT 10 #define SLAPI_PLUGIN_DESTROY_FN 11 #define SLAPI_PLUGIN_DESCRIPTION 12 #define SLAPI_PLUGIN_IDENTITY 13 /* internal operations params */ #define SLAPI_PLUGIN_INTOP_RESULT 15 #define SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES 16 #define SLAPI_PLUGIN_INTOP_SEARCH_REFERRALS 17 /* transaction arguments */ #define SLAPI_PARENT_TXN 190 #define SLAPI_TXN 191 /* function pointer params for backends */ #define SLAPI_PLUGIN_DB_BIND_FN 200 #define SLAPI_PLUGIN_DB_UNBIND_FN 201 #define SLAPI_PLUGIN_DB_SEARCH_FN 202 #define SLAPI_PLUGIN_DB_COMPARE_FN 203 #define SLAPI_PLUGIN_DB_MODIFY_FN 204 #define SLAPI_PLUGIN_DB_MODRDN_FN 205 #define SLAPI_PLUGIN_DB_ADD_FN 206 #define SLAPI_PLUGIN_DB_DELETE_FN 207 #define SLAPI_PLUGIN_DB_ABANDON_FN 208 #define SLAPI_PLUGIN_DB_CONFIG_FN 209 #define SLAPI_PLUGIN_CLOSE_FN 210 #define SLAPI_PLUGIN_DB_FLUSH_FN 211 #define SLAPI_PLUGIN_START_FN 212 #define SLAPI_PLUGIN_DB_SEQ_FN 213 #define SLAPI_PLUGIN_DB_ENTRY_FN 214 #define SLAPI_PLUGIN_DB_REFERRAL_FN 215 #define SLAPI_PLUGIN_DB_RESULT_FN 216 #define SLAPI_PLUGIN_DB_LDIF2DB_FN 217 #define SLAPI_PLUGIN_DB_DB2LDIF_FN 218 #define SLAPI_PLUGIN_DB_BEGIN_FN 219 #define SLAPI_PLUGIN_DB_COMMIT_FN 220 #define SLAPI_PLUGIN_DB_ABORT_FN 221 #define SLAPI_PLUGIN_DB_ARCHIVE2DB_FN 222 #define SLAPI_PLUGIN_DB_DB2ARCHIVE_FN 223 #define SLAPI_PLUGIN_DB_NEXT_SEARCH_ENTRY_FN 224 #define SLAPI_PLUGIN_DB_FREE_RESULT_SET_FN 225 #define SLAPI_PLUGIN_DB_SIZE_FN 226 #define SLAPI_PLUGIN_DB_TEST_FN 227 /* functions pointers for LDAP V3 extended ops */ #define SLAPI_PLUGIN_EXT_OP_FN 300 #define SLAPI_PLUGIN_EXT_OP_OIDLIST 301 /* preoperation */ #define SLAPI_PLUGIN_PRE_BIND_FN 401 #define SLAPI_PLUGIN_PRE_UNBIND_FN 402 #define SLAPI_PLUGIN_PRE_SEARCH_FN 403 #define SLAPI_PLUGIN_PRE_COMPARE_FN 404 #define SLAPI_PLUGIN_PRE_MODIFY_FN 405 #define SLAPI_PLUGIN_PRE_MODRDN_FN 406 #define SLAPI_PLUGIN_PRE_ADD_FN 407 #define SLAPI_PLUGIN_PRE_DELETE_FN 408 #define SLAPI_PLUGIN_PRE_ABANDON_FN 409 #define SLAPI_PLUGIN_PRE_ENTRY_FN 410 #define SLAPI_PLUGIN_PRE_REFERRAL_FN 411 #define SLAPI_PLUGIN_PRE_RESULT_FN 412 /* internal preoperation */ #define SLAPI_PLUGIN_INTERNAL_PRE_ADD_FN 420 #define SLAPI_PLUGIN_INTERNAL_PRE_MODIFY_FN 421 #define SLAPI_PLUGIN_INTERNAL_PRE_MODRDN_FN 422 #define SLAPI_PLUGIN_INTERNAL_PRE_DELETE_FN 423 /* backend preoperation */ #define SLAPI_PLUGIN_BE_PRE_ADD_FN 450 #define SLAPI_PLUGIN_BE_PRE_MODIFY_FN 451 #define SLAPI_PLUGIN_BE_PRE_MODRDN_FN 452 #define SLAPI_PLUGIN_BE_PRE_DELETE_FN 453 /* postoperation */ #define SLAPI_PLUGIN_POST_BIND_FN 501 #define SLAPI_PLUGIN_POST_UNBIND_FN 502 #define SLAPI_PLUGIN_POST_SEARCH_FN 503 #define SLAPI_PLUGIN_POST_COMPARE_FN 504 #define SLAPI_PLUGIN_POST_MODIFY_FN 505 #define SLAPI_PLUGIN_POST_MODRDN_FN 506 #define SLAPI_PLUGIN_POST_ADD_FN 507 #define SLAPI_PLUGIN_POST_DELETE_FN 508 #define SLAPI_PLUGIN_POST_ABANDON_FN 509 #define SLAPI_PLUGIN_POST_ENTRY_FN 510 #define SLAPI_PLUGIN_POST_REFERRAL_FN 511 #define SLAPI_PLUGIN_POST_RESULT_FN 512 /* internal postoperation */ #define SLAPI_PLUGIN_INTERNAL_POST_ADD_FN 520 #define SLAPI_PLUGIN_INTERNAL_POST_MODIFY_FN 521 #define SLAPI_PLUGIN_INTERNAL_POST_MODRDN_FN 522 #define SLAPI_PLUGIN_INTERNAL_POST_DELETE_FN 523 /* backend postoperation */ #define SLAPI_PLUGIN_BE_POST_ADD_FN 550 #define SLAPI_PLUGIN_BE_POST_MODIFY_FN 551 #define SLAPI_PLUGIN_BE_POST_MODRDN_FN 552 #define SLAPI_PLUGIN_BE_POST_DELETE_FN 553 #define SLAPI_OPERATION_TYPE 590 #define SLAPI_OPERATION_MSGID 591 #define SLAPI_PLUGIN_MR_FILTER_CREATE_FN 600 #define SLAPI_PLUGIN_MR_INDEXER_CREATE_FN 601 #define SLAPI_PLUGIN_MR_FILTER_MATCH_FN 602 #define SLAPI_PLUGIN_MR_FILTER_INDEX_FN 603 #define SLAPI_PLUGIN_MR_FILTER_RESET_FN 604 #define SLAPI_PLUGIN_MR_INDEX_FN 605 #define SLAPI_PLUGIN_MR_OID 610 #define SLAPI_PLUGIN_MR_TYPE 611 #define SLAPI_PLUGIN_MR_VALUE 612 #define SLAPI_PLUGIN_MR_VALUES 613 #define SLAPI_PLUGIN_MR_KEYS 614 #define SLAPI_PLUGIN_MR_FILTER_REUSABLE 615 #define SLAPI_PLUGIN_MR_QUERY_OPERATOR 616 #define SLAPI_PLUGIN_MR_USAGE 617 #define SLAPI_MATCHINGRULE_NAME 1 #define SLAPI_MATCHINGRULE_OID 2 #define SLAPI_MATCHINGRULE_DESC 3 #define SLAPI_MATCHINGRULE_SYNTAX 4 #define SLAPI_MATCHINGRULE_OBSOLETE 5 #define SLAPI_OP_LESS 1 #define SLAPI_OP_LESS_OR_EQUAL 2 #define SLAPI_OP_EQUAL 3 #define SLAPI_OP_GREATER_OR_EQUAL 4 #define SLAPI_OP_GREATER 5 #define SLAPI_OP_SUBSTRING 6 #define SLAPI_PLUGIN_MR_USAGE_INDEX 0 #define SLAPI_PLUGIN_MR_USAGE_SORT 1 #define SLAPI_PLUGIN_SYNTAX_FILTER_AVA 700 #define SLAPI_PLUGIN_SYNTAX_FILTER_SUB 701 #define SLAPI_PLUGIN_SYNTAX_VALUES2KEYS 702 #define SLAPI_PLUGIN_SYNTAX_ASSERTION2KEYS_AVA 703 #define SLAPI_PLUGIN_SYNTAX_ASSERTION2KEYS_SUB 704 #define SLAPI_PLUGIN_SYNTAX_NAMES 705 #define SLAPI_PLUGIN_SYNTAX_OID 706 #define SLAPI_PLUGIN_SYNTAX_FLAGS 707 #define SLAPI_PLUGIN_SYNTAX_COMPARE 708 #define SLAPI_PLUGIN_SYNTAX_FLAG_ORKEYS 1 #define SLAPI_PLUGIN_SYNTAX_FLAG_ORDERING 2 #define SLAPI_PLUGIN_ACL_INIT 730 #define SLAPI_PLUGIN_ACL_SYNTAX_CHECK 731 #define SLAPI_PLUGIN_ACL_ALLOW_ACCESS 732 #define SLAPI_PLUGIN_ACL_MODS_ALLOWED 733 #define SLAPI_PLUGIN_ACL_MODS_UPDATE 734 #define SLAPI_OPERATION_AUTHTYPE 741 #define SLAPI_OPERATION_ID 742 #define SLAPI_CONN_CERT 743 #define SLAPI_CONN_AUTHMETHOD 746 #define SLAPI_IS_INTERNAL_OPERATION 748 #define SLAPI_RESULT_CODE 881 #define SLAPI_RESULT_TEXT 882 #define SLAPI_RESULT_MATCHED 883 /* managedsait control */ #define SLAPI_MANAGEDSAIT 1000 /* audit plugin defines */ #define SLAPI_PLUGIN_AUDIT_DATA 1100 #define SLAPI_PLUGIN_AUDIT_FN 1101 /* backend_group extension */ #define SLAPI_X_PLUGIN_PRE_GROUP_FN 1202 #define SLAPI_X_PLUGIN_POST_GROUP_FN 1203 #define SLAPI_X_GROUP_ENTRY 1250 /* group entry */ #define SLAPI_X_GROUP_ATTRIBUTE 1251 /* member attribute */ #define SLAPI_X_GROUP_OPERATION_DN 1252 /* asserted value */ #define SLAPI_X_GROUP_TARGET_ENTRY 1253 /* target entry */ /* internal preoperation extensions */ #define SLAPI_PLUGIN_INTERNAL_PRE_BIND_FN 1260 #define SLAPI_PLUGIN_INTERNAL_PRE_UNBIND_FN 1261 #define SLAPI_PLUGIN_INTERNAL_PRE_SEARCH_FN 1262 #define SLAPI_PLUGIN_INTERNAL_PRE_COMPARE_FN 1263 #define SLAPI_PLUGIN_INTERNAL_PRE_ABANDON_FN 1264 /* internal postoperation extensions */ #define SLAPI_PLUGIN_INTERNAL_POST_BIND_FN 1270 #define SLAPI_PLUGIN_INTERNAL_POST_UNBIND_FN 1271 #define SLAPI_PLUGIN_INTERNAL_POST_SEARCH_FN 1272 #define SLAPI_PLUGIN_INTERNAL_POST_COMPARE_FN 1273 #define SLAPI_PLUGIN_INTERNAL_POST_ABANDON_FN 1274 /* config stuff */ #define SLAPI_CONFIG_FILENAME 40 #define SLAPI_CONFIG_LINENO 41 #define SLAPI_CONFIG_ARGC 42 #define SLAPI_CONFIG_ARGV 43 /* operational params */ #define SLAPI_TARGET_ADDRESS 48 #define SLAPI_TARGET_UNIQUEID 49 #define SLAPI_TARGET_DN 50 /* server LDAPv3 controls */ #define SLAPI_REQCONTROLS 51 #define SLAPI_RESCONTROLS 55 #define SLAPI_ADD_RESCONTROL 56 #define SLAPI_CONTROLS_ARG 58 /* add params */ #define SLAPI_ADD_TARGET SLAPI_TARGET_DN #define SLAPI_ADD_ENTRY 60 #define SLAPI_ADD_EXISTING_DN_ENTRY 61 #define SLAPI_ADD_PARENT_ENTRY 62 #define SLAPI_ADD_PARENT_UNIQUEID 63 #define SLAPI_ADD_EXISTING_UNIQUEID_ENTRY 64 /* bind params */ #define SLAPI_BIND_TARGET SLAPI_TARGET_DN #define SLAPI_BIND_METHOD 70 #define SLAPI_BIND_CREDENTIALS 71 #define SLAPI_BIND_SASLMECHANISM 72 #define SLAPI_BIND_RET_SASLCREDS 73 /* compare params */ #define SLAPI_COMPARE_TARGET SLAPI_TARGET_DN #define SLAPI_COMPARE_TYPE 80 #define SLAPI_COMPARE_VALUE 81 /* delete params */ #define SLAPI_DELETE_TARGET SLAPI_TARGET_DN #define SLAPI_DELETE_EXISTING_ENTRY SLAPI_ADD_EXISTING_DN_ENTRY /* modify params */ #define SLAPI_MODIFY_TARGET SLAPI_TARGET_DN #define SLAPI_MODIFY_MODS 90 #define SLAPI_MODIFY_EXISTING_ENTRY SLAPI_ADD_EXISTING_DN_ENTRY /* modrdn params */ #define SLAPI_MODRDN_TARGET SLAPI_TARGET_DN #define SLAPI_MODRDN_NEWRDN 100 #define SLAPI_MODRDN_DELOLDRDN 101 #define SLAPI_MODRDN_NEWSUPERIOR 102 /* v3 only */ #define SLAPI_MODRDN_EXISTING_ENTRY SLAPI_ADD_EXISTING_DN_ENTRY #define SLAPI_MODRDN_PARENT_ENTRY 104 #define SLAPI_MODRDN_NEWPARENT_ENTRY 105 #define SLAPI_MODRDN_TARGET_ENTRY 106 #define SLAPI_MODRDN_NEWSUPERIOR_ADDRESS 107 /* search params */ #define SLAPI_SEARCH_TARGET SLAPI_TARGET_DN #define SLAPI_SEARCH_SCOPE 110 #define SLAPI_SEARCH_DEREF 111 #define SLAPI_SEARCH_SIZELIMIT 112 #define SLAPI_SEARCH_TIMELIMIT 113 #define SLAPI_SEARCH_FILTER 114 #define SLAPI_SEARCH_STRFILTER 115 #define SLAPI_SEARCH_ATTRS 116 #define SLAPI_SEARCH_ATTRSONLY 117 /* abandon params */ #define SLAPI_ABANDON_MSGID 120 /* extended operation params */ #define SLAPI_EXT_OP_REQ_OID 160 #define SLAPI_EXT_OP_REQ_VALUE 161 /* extended operation return codes */ #define SLAPI_EXT_OP_RET_OID 162 #define SLAPI_EXT_OP_RET_VALUE 163 #define SLAPI_PLUGIN_EXTENDED_SENT_RESULT -1 #define SLAPI_FAIL_DISKFULL -2 #define SLAPI_FAIL_GENERAL -1 #define SLAPI_PLUGIN_EXTENDED_NOT_HANDLED -2 #define SLAPI_BIND_SUCCESS 0 #define SLAPI_BIND_FAIL 2 #define SLAPI_BIND_ANONYMOUS 3 /* Search result params */ #define SLAPI_SEARCH_RESULT_SET 193 #define SLAPI_SEARCH_RESULT_ENTRY 194 #define SLAPI_NENTRIES 195 #define SLAPI_SEARCH_REFERRALS 196 /* filter types */ #ifndef LDAP_FILTER_AND #define LDAP_FILTER_AND 0xa0L #endif #ifndef LDAP_FILTER_OR #define LDAP_FILTER_OR 0xa1L #endif #ifndef LDAP_FILTER_NOT #define LDAP_FILTER_NOT 0xa2L #endif #ifndef LDAP_FILTER_EQUALITY #define LDAP_FILTER_EQUALITY 0xa3L #endif #ifndef LDAP_FILTER_SUBSTRINGS #define LDAP_FILTER_SUBSTRINGS 0xa4L #endif #ifndef LDAP_FILTER_GE #define LDAP_FILTER_GE 0xa5L #endif #ifndef LDAP_FILTER_LE #define LDAP_FILTER_LE 0xa6L #endif #ifndef LDAP_FILTER_PRESENT #define LDAP_FILTER_PRESENT 0x87L #endif #ifndef LDAP_FILTER_APPROX #define LDAP_FILTER_APPROX 0xa8L #endif #ifndef LDAP_FILTER_EXT_MATCH #define LDAP_FILTER_EXT_MATCH 0xa9L #endif int slapi_log_error( int severity, char *subsystem, char *fmt, ... ); #define SLAPI_LOG_FATAL 0 #define SLAPI_LOG_TRACE 1 #define SLAPI_LOG_PACKETS 2 #define SLAPI_LOG_ARGS 3 #define SLAPI_LOG_CONNS 4 #define SLAPI_LOG_BER 5 #define SLAPI_LOG_FILTER 6 #define SLAPI_LOG_CONFIG 7 #define SLAPI_LOG_ACL 8 #define SLAPI_LOG_SHELL 9 #define SLAPI_LOG_PARSE 10 #define SLAPI_LOG_HOUSE 11 #define SLAPI_LOG_REPL 12 #define SLAPI_LOG_CACHE 13 #define SLAPI_LOG_PLUGIN 14 #define SLAPI_LOG_TIMING 15 #define SLAPI_PLUGIN_DESCRIPTION 12 typedef struct slapi_plugindesc { char *spd_id; char *spd_vendor; char *spd_version; char *spd_description; } Slapi_PluginDesc; #define SLAPI_PLUGIN_VERSION_01 "01" #define SLAPI_PLUGIN_VERSION_02 "02" #define SLAPI_PLUGIN_VERSION_03 "03" #define SLAPI_PLUGIN_CURRENT_VERSION SLAPI_PLUGIN_VERSION_03 #endif /* _SLAPI_PLUGIN_H */ openldap-2.5.16+dfsg/include/ldap_rq.h0000644000175000017500000000365514461774414017133 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef LDAP_RQ_H #define LDAP_RQ_H 1 #include LDAP_BEGIN_DECL typedef struct re_s { struct timeval next_sched; struct timeval interval; LDAP_STAILQ_ENTRY(re_s) tnext; /* it includes running */ LDAP_STAILQ_ENTRY(re_s) rnext; ldap_pvt_thread_start_t *routine; void *arg; char *tname; char *tspec; void *pool_cookie; } re_t; typedef struct runqueue_s { LDAP_STAILQ_HEAD(l, re_s) task_list; LDAP_STAILQ_HEAD(rl, re_s) run_list; ldap_pvt_thread_mutex_t rq_mutex; } runqueue_t; LDAP_F( struct re_s* ) ldap_pvt_runqueue_insert( struct runqueue_s* rq, time_t interval, ldap_pvt_thread_start_t* routine, void *arg, char *tname, char *tspec ); LDAP_F( struct re_s* ) ldap_pvt_runqueue_find( struct runqueue_s* rq, ldap_pvt_thread_start_t* routine, void *arg ); LDAP_F( void ) ldap_pvt_runqueue_remove( struct runqueue_s* rq, struct re_s* entry ); LDAP_F( struct re_s* ) ldap_pvt_runqueue_next_sched( struct runqueue_s* rq, struct timeval* next_run ); LDAP_F( void ) ldap_pvt_runqueue_runtask( struct runqueue_s* rq, struct re_s* entry ); LDAP_F( void ) ldap_pvt_runqueue_stoptask( struct runqueue_s* rq, struct re_s* entry ); LDAP_F( int ) ldap_pvt_runqueue_isrunning( struct runqueue_s* rq, struct re_s* entry ); LDAP_F( void ) ldap_pvt_runqueue_resched( struct runqueue_s* rq, struct re_s* entry, int defer ); LDAP_F( int ) ldap_pvt_runqueue_persistent_backload( struct runqueue_s* rq ); LDAP_END_DECL #endif openldap-2.5.16+dfsg/include/ldap_defaults.h0000644000175000017500000000462714461774414020320 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Portions Copyright (c) 1994 Regents of the University of Michigan. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and that due credit is given * to the University of Michigan at Ann Arbor. The name of the University * may not be used to endorse or promote products derived from this * software without specific prior written permission. This software * is provided ``as is'' without express or implied warranty. */ /* * This file controls defaults for OpenLDAP package. * You probably do not need to edit the defaults provided by this file. */ #ifndef _LDAP_DEFAULTS_H #define _LDAP_DEFAULTS_H #include #define LDAP_CONF_FILE LDAP_SYSCONFDIR LDAP_DIRSEP "ldap.conf" #define LDAP_USERRC_FILE "ldaprc" #define LDAP_ENV_PREFIX "LDAP" /* default ldapi:// socket */ #define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi" /* * SLAPD DEFINITIONS */ /* location of the default slapd config file */ #define SLAPD_DEFAULT_CONFIGFILE LDAP_SYSCONFDIR LDAP_DIRSEP "slapd.conf" #define SLAPD_DEFAULT_CONFIGDIR LDAP_SYSCONFDIR LDAP_DIRSEP "slapd.d" #define SLAPD_DEFAULT_DB_DIR LDAP_RUNDIR LDAP_DIRSEP "openldap-data" #define SLAPD_DEFAULT_DB_MODE 0600 #define SLAPD_DEFAULT_UCDATA LDAP_DATADIR LDAP_DIRSEP "ucdata" /* default max deref depth for aliases */ #define SLAPD_DEFAULT_MAXDEREFDEPTH 15 /* default sizelimit on number of entries from a search */ #define SLAPD_DEFAULT_SIZELIMIT 500 /* default timelimit to spend on a search */ #define SLAPD_DEFAULT_TIMELIMIT 3600 /* the following DNs must be normalized! */ /* dn of the default subschema subentry */ #define SLAPD_SCHEMA_DN "cn=Subschema" /* dn of the default "monitor" subentry */ #define SLAPD_MONITOR_DN "cn=Monitor" /* * LLOADD DEFINITIONS */ #define LLOADD_DEFAULT_CONFIGFILE LDAP_SYSCONFDIR LDAP_DIRSEP "lloadd.conf" #endif /* _LDAP_CONFIG_H */ openldap-2.5.16+dfsg/include/lutil.h0000644000175000017500000002241614461774414016636 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _LUTIL_H #define _LUTIL_H 1 #include #include #include #ifdef HAVE_TCPD # include # define LUTIL_STRING_UNKNOWN STRING_UNKNOWN #else /* ! TCP Wrappers */ # define LUTIL_STRING_UNKNOWN "unknown" #endif /* ! TCP Wrappers */ /* * Include file for LDAP utility routine */ LDAP_BEGIN_DECL /* n octets encode into ceiling(n/3) * 4 bytes */ /* Avoid floating point math through extra padding */ #define LUTIL_BASE64_ENCODE_LEN(n) (((n)+2)/3 * 4) #define LUTIL_BASE64_DECODE_LEN(n) ((n)/4*3) /* ISC Base64 Routines */ /* base64.c */ LDAP_LUTIL_F( int ) lutil_b64_ntop LDAP_P(( unsigned char const *, size_t, char *, size_t)); LDAP_LUTIL_F( int ) lutil_b64_pton LDAP_P(( char const *, unsigned char *, size_t)); /* detach.c */ LDAP_LUTIL_F( int ) lutil_detach LDAP_P(( int debug, int do_close)); /* entropy.c */ LDAP_LUTIL_F( int ) lutil_entropy LDAP_P(( unsigned char *buf, ber_len_t nbytes )); /* passfile.c */ struct berval; /* avoid pulling in lber.h */ LDAP_LUTIL_F( int ) lutil_get_filed_password LDAP_P(( const char *filename, struct berval * )); /* passwd.c */ struct lutil_pw_scheme; #define LUTIL_PASSWD_OK (0) #define LUTIL_PASSWD_ERR (-1) typedef int (LUTIL_PASSWD_CHK_FUNC)( const struct berval *scheme, const struct berval *passwd, const struct berval *cred, const char **text ); typedef int (LUTIL_PASSWD_HASH_FUNC) ( const struct berval *scheme, const struct berval *passwd, struct berval *hash, const char **text ); LDAP_LUTIL_F( int ) lutil_passwd_add LDAP_P(( struct berval *scheme, LUTIL_PASSWD_CHK_FUNC *chk_fn, LUTIL_PASSWD_HASH_FUNC *hash_fn )); LDAP_LUTIL_F( void ) lutil_passwd_init LDAP_P(( void )); LDAP_LUTIL_F( void ) lutil_passwd_destroy LDAP_P(( void )); LDAP_LUTIL_F( int ) lutil_authpasswd LDAP_P(( const struct berval *passwd, /* stored password */ const struct berval *cred, /* user supplied value */ const char **methods )); LDAP_LUTIL_F( int ) lutil_authpasswd_hash LDAP_P(( const struct berval *cred, struct berval **passwd, /* password to store */ struct berval **salt, /* salt to store */ const char *method )); #ifdef SLAPD_CRYPT typedef int (lutil_cryptfunc) LDAP_P(( const char *key, const char *salt, char **hash )); LDAP_LUTIL_V (lutil_cryptfunc *) lutil_cryptptr; #endif LDAP_LUTIL_F( int ) lutil_passwd LDAP_P(( const struct berval *passwd, /* stored password */ const struct berval *cred, /* user supplied value */ const char **methods, const char **text )); /* error message */ LDAP_LUTIL_F( int ) lutil_passwd_generate LDAP_P(( struct berval *pw, ber_len_t )); LDAP_LUTIL_F( int ) lutil_passwd_hash LDAP_P(( const struct berval *passwd, const char *method, struct berval *hash, const char **text )); LDAP_LUTIL_F( int ) lutil_passwd_scheme LDAP_P(( const char *scheme )); LDAP_LUTIL_F( int ) lutil_salt_format LDAP_P(( const char *format )); LDAP_LUTIL_F( int ) lutil_passwd_string64 LDAP_P(( const struct berval *sc, const struct berval *hash, struct berval *b64, const struct berval *salt )); /* utils.c */ LDAP_LUTIL_F( char* ) lutil_progname LDAP_P(( const char* name, int argc, char *argv[] )); typedef struct lutil_tm { int tm_sec; /* seconds 0-60 (1 leap second) */ int tm_min; /* minutes 0-59 */ int tm_hour; /* hours 0-23 */ int tm_mday; /* day 1-31 */ int tm_mon; /* month 0-11 */ int tm_year; /* year - 1900 */ int tm_nsec; /* nanoseconds */ int tm_usub; /* submicro */ } lutil_tm; typedef struct lutil_timet { unsigned int tt_sec; /* seconds since epoch, 0000 or 1970 */ int tt_gsec; /* seconds since epoch, high 7 bits, maybe sign-flipped */ /* sign flipped to sort properly as unsigned ints */ unsigned int tt_nsec; /* nanoseconds */ } lutil_timet; /* Parse a timestamp string into a structure */ LDAP_LUTIL_F( int ) lutil_parsetime LDAP_P(( char *atm, struct lutil_tm * )); /* Convert structured time to time in seconds since 1970 (Unix epoch) */ LDAP_LUTIL_F( int ) lutil_tm2time LDAP_P(( struct lutil_tm *, struct lutil_timet * )); /* Convert structured time to time in seconds since 0000 (Proleptic Gregorian) */ LDAP_LUTIL_F( int ) lutil_tm2gtime LDAP_P(( struct lutil_tm *, struct lutil_timet * )); #ifdef _WIN32 LDAP_LUTIL_F( void ) lutil_slashpath LDAP_P(( char* path )); #define LUTIL_SLASHPATH(p) lutil_slashpath(p) #else #define LUTIL_SLASHPATH(p) #endif LDAP_LUTIL_F( char* ) lutil_strcopy LDAP_P(( char *dst, const char *src )); LDAP_LUTIL_F( char* ) lutil_strncopy LDAP_P(( char *dst, const char *src, size_t n )); LDAP_LUTIL_F( char* ) lutil_memcopy LDAP_P(( char *dst, const char *src, size_t n )); #define lutil_strbvcopy(a, bv) lutil_memcopy((a),(bv)->bv_val,(bv)->bv_len) struct tm; /* use this macro to statically allocate buffer for lutil_gentime */ #define LDAP_LUTIL_GENTIME_BUFSIZE 22 #define lutil_gentime(s,m,t) lutil_localtime((s),(m),(t),0) LDAP_LUTIL_F( size_t ) lutil_localtime LDAP_P(( char *s, size_t smax, const struct tm *tm, long delta )); #ifndef HAVE_MKSTEMP LDAP_LUTIL_F( int ) mkstemp LDAP_P (( char * template )); #endif /* sockpair.c */ LDAP_LUTIL_F( int ) lutil_pair( ber_socket_t sd[2] ); /* uuid.c */ /* use this macro to allocate buffer for lutil_uuidstr */ #define LDAP_LUTIL_UUIDSTR_BUFSIZE 40 LDAP_LUTIL_F( size_t ) lutil_uuidstr( char *buf, size_t len ); LDAP_LUTIL_F( int ) lutil_uuidstr_from_normalized( char *uuid, size_t uuidlen, char *buf, size_t buflen ); /* * Sometimes not all declarations in a header file are needed. * An indicator to this is whether or not the symbol's type has * been defined. Thus, we don't need to include a symbol if * its type has not been defined through another header file. */ #ifdef HAVE_NT_SERVICE_MANAGER LDAP_LUTIL_V (int) is_NT_Service; #ifdef _LDAP_PVT_THREAD_H LDAP_LUTIL_V (ldap_pvt_thread_cond_t) started_event; #endif /* _LDAP_PVT_THREAD_H */ /* macros are different between Windows and Mingw */ #if defined(_WINSVC_H) || defined(_WINSVC_) LDAP_LUTIL_V (SERVICE_STATUS) lutil_ServiceStatus; LDAP_LUTIL_V (SERVICE_STATUS_HANDLE) hlutil_ServiceStatus; #endif /* _WINSVC_H */ LDAP_LUTIL_F (void) lutil_CommenceStartupProcessing( char *serverName, void (*stopper)(int)) ; LDAP_LUTIL_F (void) lutil_ReportShutdownComplete( void ); LDAP_LUTIL_F (void *) lutil_getRegParam( char *svc, char *value ); LDAP_LUTIL_F (int) lutil_srv_install( char* service, char * displayName, char* filename, int auto_start ); LDAP_LUTIL_F (int) lutil_srv_remove ( char* service, char* filename ); #endif /* HAVE_NT_SERVICE_MANAGER */ #ifdef HAVE_NT_EVENT_LOG LDAP_LUTIL_F (void) lutil_LogStartedEvent( char *svc, int slap_debug, char *configfile, char *urls ); LDAP_LUTIL_F (void) lutil_LogStoppedEvent( char *svc ); #endif #ifdef HAVE_EBCDIC /* Generally this has only been used to put '\n' to stdout. We need to * make sure it is output in EBCDIC. */ #undef putchar #undef putc #define putchar(c) putc((c), stdout) #define putc(c,fp) do { char x=(c); __atoe_l(&x,1); putc(x,fp); } while(0) #endif LDAP_LUTIL_F (int) lutil_atoix( int *v, const char *s, int x ); LDAP_LUTIL_F (int) lutil_atoux( unsigned *v, const char *s, int x ); LDAP_LUTIL_F (int) lutil_atolx( long *v, const char *s, int x ); LDAP_LUTIL_F (int) lutil_atoulx( unsigned long *v, const char *s, int x ); #define lutil_atoi(v, s) lutil_atoix((v), (s), 10) #define lutil_atou(v, s) lutil_atoux((v), (s), 10) #define lutil_atol(v, s) lutil_atolx((v), (s), 10) #define lutil_atoul(v, s) lutil_atoulx((v), (s), 10) #ifdef HAVE_LONG_LONG #if defined(HAVE_STRTOLL) || defined(HAVE_STRTOQ) LDAP_LUTIL_F (int) lutil_atollx( long long *v, const char *s, int x ); #define lutil_atoll(v, s) lutil_atollx((v), (s), 10) #endif /* HAVE_STRTOLL || HAVE_STRTOQ */ #if defined(HAVE_STRTOULL) || defined(HAVE_STRTOUQ) LDAP_LUTIL_F (int) lutil_atoullx( unsigned long long *v, const char *s, int x ); #define lutil_atoull(v, s) lutil_atoullx((v), (s), 10) #endif /* HAVE_STRTOULL || HAVE_STRTOUQ */ #endif /* HAVE_LONG_LONG */ LDAP_LUTIL_F (int) lutil_str2bin( struct berval *in, struct berval *out, void *ctx ); /* Parse and unparse time intervals */ LDAP_LUTIL_F (int) lutil_parse_time( const char *in, unsigned long *tp ); LDAP_LUTIL_F (int) lutil_unparse_time( char *buf, size_t buflen, unsigned long t ); #ifdef timerdiv #define lutil_timerdiv timerdiv #else /* ! timerdiv */ /* works inplace (x == t) */ #define lutil_timerdiv(t,d,x) \ do { \ time_t s = (t)->tv_sec; \ assert( d > 0 ); \ (x)->tv_sec = s / d; \ (x)->tv_usec = ( (t)->tv_usec + 1000000 * ( s % d ) ) / d; \ } while ( 0 ) #endif /* ! timerdiv */ #ifdef timermul #define lutil_timermul timermul #else /* ! timermul */ /* works inplace (x == t) */ #define lutil_timermul(t,m,x) \ do { \ time_t u = (t)->tv_usec * m; \ assert( m > 0 ); \ (x)->tv_sec = (t)->tv_sec * m + u / 1000000; \ (x)->tv_usec = u % 1000000; \ } while ( 0 ); #endif /* ! timermul */ LDAP_END_DECL #endif /* _LUTIL_H */ openldap-2.5.16+dfsg/include/portable.hin0000644000175000017500000007152514461774414017651 0ustar sergiosergio/* include/portable.hin. Generated from configure.ac by autoheader. */ /* begin of portable.h.pre */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in the file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _LDAP_PORTABLE_H #define _LDAP_PORTABLE_H /* define this if needed to get reentrant functions */ #ifndef REENTRANT #undef REENTRANT #endif #ifndef _REENTRANT #undef _REENTRANT #endif /* define this if needed to get threadsafe functions */ #ifndef THREADSAFE #undef THREADSAFE #endif #ifndef _THREADSAFE #undef _THREADSAFE #endif #ifndef THREAD_SAFE #undef THREAD_SAFE #endif #ifndef _THREAD_SAFE #undef _THREAD_SAFE #endif #ifndef _SGI_MP_SOURCE #undef _SGI_MP_SOURCE #endif /* end of portable.h.pre */ /* Define if building universal (internal helper macro) */ #undef AC_APPLE_UNIVERSAL_BUILD /* define to use both and */ #undef BOTH_STRINGS_H /* define if cross compiling */ #undef CROSS_COMPILING /* set to the number of arguments ctime_r() expects */ #undef CTIME_R_NARGS /* define if toupper() requires islower() */ #undef C_UPPER_LOWER /* define if sys_errlist is not declared in stdio.h or errno.h */ #undef DECL_SYS_ERRLIST /* define to enable slapi library */ #undef ENABLE_SLAPI /* defined to be the EXE extension */ #undef EXEEXT /* set to the number of arguments gethostbyaddr_r() expects */ #undef GETHOSTBYADDR_R_NARGS /* set to the number of arguments gethostbyname_r() expects */ #undef GETHOSTBYNAME_R_NARGS /* Define to 1 if `TIOCGWINSZ' requires . */ #undef GWINSZ_IN_SYS_IOCTL /* define if you have AIX security lib */ #undef HAVE_AIX_SECURITY /* Define to 1 if you have the header file. */ #undef HAVE_ARGON2_H /* Define to 1 if you have the header file. */ #undef HAVE_ARPA_INET_H /* Define to 1 if you have the header file. */ #undef HAVE_ARPA_NAMESER_H /* Define to 1 if you have the header file. */ #undef HAVE_ASSERT_H /* Define to 1 if you have the `bcopy' function. */ #undef HAVE_BCOPY /* Define to 1 if you have the header file. */ #undef HAVE_BITS_TYPES_H /* Define to 1 if you have the `chroot' function. */ #undef HAVE_CHROOT /* Define to 1 if you have the `clock_gettime' function. */ #undef HAVE_CLOCK_GETTIME /* Define to 1 if you have the `closesocket' function. */ #undef HAVE_CLOSESOCKET /* Define to 1 if you have the header file. */ #undef HAVE_CONIO_H /* define if crypt(3) is available */ #undef HAVE_CRYPT /* Define to 1 if you have the header file. */ #undef HAVE_CRYPT_H /* define if crypt_r() is also available */ #undef HAVE_CRYPT_R /* Define to 1 if you have the `ctime_r' function. */ #undef HAVE_CTIME_R /* define if you have Cyrus SASL */ #undef HAVE_CYRUS_SASL /* define if your system supports /dev/poll */ #undef HAVE_DEVPOLL /* Define to 1 if you have the header file. */ #undef HAVE_DIRECT_H /* Define to 1 if you have the header file, and it defines `DIR'. */ #undef HAVE_DIRENT_H /* Define to 1 if you have the header file. */ #undef HAVE_DLFCN_H /* Define to 1 if you don't have `vprintf' but do have `_doprnt.' */ #undef HAVE_DOPRNT /* define if system uses EBCDIC instead of ASCII */ #undef HAVE_EBCDIC /* Define to 1 if you have the `endgrent' function. */ #undef HAVE_ENDGRENT /* Define to 1 if you have the `endpwent' function. */ #undef HAVE_ENDPWENT /* define if your system supports epoll */ #undef HAVE_EPOLL /* Define to 1 if you have the header file. */ #undef HAVE_ERRNO_H /* Define to 1 if you have the `fcntl' function. */ #undef HAVE_FCNTL /* Define to 1 if you have the header file. */ #undef HAVE_FCNTL_H /* define if you actually have FreeBSD fetch(3) */ #undef HAVE_FETCH /* Define to 1 if you have the header file. */ #undef HAVE_FILIO_H /* Define to 1 if you have the `flock' function. */ #undef HAVE_FLOCK /* Define to 1 if you have the `fmemopen' function. */ #undef HAVE_FMEMOPEN /* Define to 1 if you have the `fstat' function. */ #undef HAVE_FSTAT /* Define to 1 if you have the `gai_strerror' function. */ #undef HAVE_GAI_STRERROR /* Define to 1 if you have the `getaddrinfo' function. */ #undef HAVE_GETADDRINFO /* Define to 1 if you have the `getdtablesize' function. */ #undef HAVE_GETDTABLESIZE /* Define to 1 if you have the `geteuid' function. */ #undef HAVE_GETEUID /* Define to 1 if you have the `getgrgid' function. */ #undef HAVE_GETGRGID /* Define to 1 if you have the `gethostbyaddr_r' function. */ #undef HAVE_GETHOSTBYADDR_R /* Define to 1 if you have the `gethostbyname_r' function. */ #undef HAVE_GETHOSTBYNAME_R /* Define to 1 if you have the `gethostname' function. */ #undef HAVE_GETHOSTNAME /* Define to 1 if you have the `getnameinfo' function. */ #undef HAVE_GETNAMEINFO /* Define to 1 if you have the `getopt' function. */ #undef HAVE_GETOPT /* Define to 1 if you have the header file. */ #undef HAVE_GETOPT_H /* Define to 1 if you have the `getpassphrase' function. */ #undef HAVE_GETPASSPHRASE /* Define to 1 if you have the `getpeereid' function. */ #undef HAVE_GETPEEREID /* Define to 1 if you have the `getpeerucred' function. */ #undef HAVE_GETPEERUCRED /* Define to 1 if you have the `getpwnam' function. */ #undef HAVE_GETPWNAM /* Define to 1 if you have the `getpwuid' function. */ #undef HAVE_GETPWUID /* Define to 1 if you have the `getspnam' function. */ #undef HAVE_GETSPNAM /* Define to 1 if you have the `gettimeofday' function. */ #undef HAVE_GETTIMEOFDAY /* Define to 1 if you have the header file. */ #undef HAVE_GMP_H /* Define to 1 if you have the `gmtime_r' function. */ #undef HAVE_GMTIME_R /* define if you have GNUtls */ #undef HAVE_GNUTLS /* Define to 1 if you have the header file. */ #undef HAVE_GNUTLS_GNUTLS_H /* if you have GNU Pth */ #undef HAVE_GNU_PTH /* Define to 1 if you have the header file. */ #undef HAVE_GRP_H /* Define to 1 if you have the `hstrerror' function. */ #undef HAVE_HSTRERROR /* define to you inet_aton(3) is available */ #undef HAVE_INET_ATON /* Define to 1 if you have the `inet_ntoa_b' function. */ #undef HAVE_INET_NTOA_B /* Define to 1 if you have the `inet_ntop' function. */ #undef HAVE_INET_NTOP /* Define to 1 if you have the `initgroups' function. */ #undef HAVE_INITGROUPS /* Define to 1 if you have the header file. */ #undef HAVE_INTTYPES_H /* Define to 1 if you have the `ioctl' function. */ #undef HAVE_IOCTL /* Define to 1 if you have the header file. */ #undef HAVE_IO_H /* define if your system supports kqueue */ #undef HAVE_KQUEUE /* define if you have libargon2 */ #undef HAVE_LIBARGON2 /* define if you have -levent */ #undef HAVE_LIBEVENT /* Define to 1 if you have the `gen' library (-lgen). */ #undef HAVE_LIBGEN /* Define to 1 if you have the `gmp' library (-lgmp). */ #undef HAVE_LIBGMP /* Define to 1 if you have the `inet' library (-linet). */ #undef HAVE_LIBINET /* define if you have libtool -ltdl */ #undef HAVE_LIBLTDL /* Define to 1 if you have the `net' library (-lnet). */ #undef HAVE_LIBNET /* Define to 1 if you have the `nsl' library (-lnsl). */ #undef HAVE_LIBNSL /* Define to 1 if you have the `nsl_s' library (-lnsl_s). */ #undef HAVE_LIBNSL_S /* Define to 1 if you have the `socket' library (-lsocket). */ #undef HAVE_LIBSOCKET /* define if you have libsodium */ #undef HAVE_LIBSODIUM /* Define to 1 if you have the header file. */ #undef HAVE_LIBUTIL_H /* Define to 1 if you have the `V3' library (-lV3). */ #undef HAVE_LIBV3 /* Define to 1 if you have the header file. */ #undef HAVE_LIMITS_H /* if you have LinuxThreads */ #undef HAVE_LINUX_THREADS /* Define to 1 if you have the header file. */ #undef HAVE_LOCALE_H /* Define to 1 if you have the `localtime_r' function. */ #undef HAVE_LOCALTIME_R /* Define to 1 if you have the `lockf' function. */ #undef HAVE_LOCKF /* Define to 1 if the system has the type `long long'. */ #undef HAVE_LONG_LONG /* Define to 1 if you have the header file. */ #undef HAVE_LTDL_H /* Define to 1 if you have the header file. */ #undef HAVE_MALLOC_H /* Define to 1 if you have the `memcpy' function. */ #undef HAVE_MEMCPY /* Define to 1 if you have the `memmove' function. */ #undef HAVE_MEMMOVE /* Define to 1 if you have the header file. */ #undef HAVE_MEMORY_H /* Define to 1 if you have the `memrchr' function. */ #undef HAVE_MEMRCHR /* Define to 1 if you have the `mkstemp' function. */ #undef HAVE_MKSTEMP /* Define to 1 if you have the `mktemp' function. */ #undef HAVE_MKTEMP /* define this if you have mkversion */ #undef HAVE_MKVERSION /* Define to 1 if you have the header file, and it defines `DIR'. */ #undef HAVE_NDIR_H /* Define to 1 if you have the header file. */ #undef HAVE_NETINET_TCP_H /* define if strerror_r returns char* instead of int */ #undef HAVE_NONPOSIX_STRERROR_R /* if you have NT Event Log */ #undef HAVE_NT_EVENT_LOG /* if you have NT Service Manager */ #undef HAVE_NT_SERVICE_MANAGER /* if you have NT Threads */ #undef HAVE_NT_THREADS /* define if you have OpenSSL */ #undef HAVE_OPENSSL /* Define to 1 if you have the header file. */ #undef HAVE_OPENSSL_BN_H /* Define to 1 if you have the header file. */ #undef HAVE_OPENSSL_CRYPTO_H /* Define to 1 if you have the header file. */ #undef HAVE_OPENSSL_SSL_H /* Define to 1 if you have the `pipe' function. */ #undef HAVE_PIPE /* Define to 1 if you have the `poll' function. */ #undef HAVE_POLL /* Define to 1 if you have the header file. */ #undef HAVE_POLL_H /* Define to 1 if you have the header file. */ #undef HAVE_PROCESS_H /* Define to 1 if you have the header file. */ #undef HAVE_PSAP_H /* define to pthreads API spec revision */ #undef HAVE_PTHREADS /* define if you have pthread_detach function */ #undef HAVE_PTHREAD_DETACH /* Define to 1 if you have the `pthread_getconcurrency' function. */ #undef HAVE_PTHREAD_GETCONCURRENCY /* Define to 1 if you have the header file. */ #undef HAVE_PTHREAD_H /* Define to 1 if you have the `pthread_kill' function. */ #undef HAVE_PTHREAD_KILL /* Define to 1 if you have the `pthread_kill_other_threads_np' function. */ #undef HAVE_PTHREAD_KILL_OTHER_THREADS_NP /* define if you have pthread_rwlock_destroy function */ #undef HAVE_PTHREAD_RWLOCK_DESTROY /* Define to 1 if you have the `pthread_setconcurrency' function. */ #undef HAVE_PTHREAD_SETCONCURRENCY /* Define to 1 if you have the `pthread_yield' function. */ #undef HAVE_PTHREAD_YIELD /* Define to 1 if you have the header file. */ #undef HAVE_PTH_H /* Define to 1 if the system has the type `ptrdiff_t'. */ #undef HAVE_PTRDIFF_T /* Define to 1 if you have the header file. */ #undef HAVE_PWD_H /* Define to 1 if you have the `read' function. */ #undef HAVE_READ /* Define to 1 if you have the `recv' function. */ #undef HAVE_RECV /* Define to 1 if you have the `recvfrom' function. */ #undef HAVE_RECVFROM /* Define to 1 if you have the header file. */ #undef HAVE_REGEX_H /* Define to 1 if you have the header file. */ #undef HAVE_RESOLV_H /* define if you have res_query() */ #undef HAVE_RES_QUERY /* Define to 1 if you have the header file. */ #undef HAVE_SASL_H /* Define to 1 if you have the header file. */ #undef HAVE_SASL_SASL_H /* define if your SASL library has sasl_version() */ #undef HAVE_SASL_VERSION /* Define to 1 if you have the header file. */ #undef HAVE_SCHED_H /* Define to 1 if you have the `sched_yield' function. */ #undef HAVE_SCHED_YIELD /* Define to 1 if you have the `send' function. */ #undef HAVE_SEND /* Define to 1 if you have the `sendmsg' function. */ #undef HAVE_SENDMSG /* Define to 1 if you have the `sendto' function. */ #undef HAVE_SENDTO /* Define to 1 if you have the `setegid' function. */ #undef HAVE_SETEGID /* Define to 1 if you have the `seteuid' function. */ #undef HAVE_SETEUID /* Define to 1 if you have the `setgid' function. */ #undef HAVE_SETGID /* Define to 1 if you have the `setpwfile' function. */ #undef HAVE_SETPWFILE /* Define to 1 if you have the `setsid' function. */ #undef HAVE_SETSID /* Define to 1 if you have the `setuid' function. */ #undef HAVE_SETUID /* Define to 1 if you have the header file. */ #undef HAVE_SGTTY_H /* Define to 1 if you have the header file. */ #undef HAVE_SHADOW_H /* Define to 1 if you have the `sigaction' function. */ #undef HAVE_SIGACTION /* Define to 1 if you have the `signal' function. */ #undef HAVE_SIGNAL /* Define to 1 if you have the `sigset' function. */ #undef HAVE_SIGSET /* define if you have -lslp */ #undef HAVE_SLP /* Define to 1 if you have the header file. */ #undef HAVE_SLP_H /* Define to 1 if you have the `snprintf' function. */ #undef HAVE_SNPRINTF /* Define to 1 if you have the header file. */ #undef HAVE_SODIUM_H /* if you have spawnlp() */ #undef HAVE_SPAWNLP /* Define to 1 if you have the header file. */ #undef HAVE_SQLEXT_H /* Define to 1 if you have the header file. */ #undef HAVE_SQL_H /* Define to 1 if you have the header file. */ #undef HAVE_STDDEF_H /* Define to 1 if you have the header file. */ #undef HAVE_STDINT_H /* Define to 1 if you have the header file. */ #undef HAVE_STDLIB_H /* Define to 1 if you have the `strdup' function. */ #undef HAVE_STRDUP /* Define to 1 if you have the `strerror' function. */ #undef HAVE_STRERROR /* Define to 1 if you have the `strerror_r' function. */ #undef HAVE_STRERROR_R /* Define to 1 if you have the `strftime' function. */ #undef HAVE_STRFTIME /* Define to 1 if you have the header file. */ #undef HAVE_STRINGS_H /* Define to 1 if you have the header file. */ #undef HAVE_STRING_H /* Define to 1 if you have the `strpbrk' function. */ #undef HAVE_STRPBRK /* Define to 1 if you have the `strrchr' function. */ #undef HAVE_STRRCHR /* Define to 1 if you have the `strsep' function. */ #undef HAVE_STRSEP /* Define to 1 if you have the `strspn' function. */ #undef HAVE_STRSPN /* Define to 1 if you have the `strstr' function. */ #undef HAVE_STRSTR /* Define to 1 if you have the `strtol' function. */ #undef HAVE_STRTOL /* Define to 1 if you have the `strtoll' function. */ #undef HAVE_STRTOLL /* Define to 1 if you have the `strtoq' function. */ #undef HAVE_STRTOQ /* Define to 1 if you have the `strtoul' function. */ #undef HAVE_STRTOUL /* Define to 1 if you have the `strtoull' function. */ #undef HAVE_STRTOULL /* Define to 1 if you have the `strtouq' function. */ #undef HAVE_STRTOUQ /* Define to 1 if `msg_accrightslen' is a member of `struct msghdr'. */ #undef HAVE_STRUCT_MSGHDR_MSG_ACCRIGHTSLEN /* Define to 1 if `msg_control' is a member of `struct msghdr'. */ #undef HAVE_STRUCT_MSGHDR_MSG_CONTROL /* Define to 1 if `pw_gecos' is a member of `struct passwd'. */ #undef HAVE_STRUCT_PASSWD_PW_GECOS /* Define to 1 if `pw_passwd' is a member of `struct passwd'. */ #undef HAVE_STRUCT_PASSWD_PW_PASSWD /* Define to 1 if `st_blksize' is a member of `struct stat'. */ #undef HAVE_STRUCT_STAT_ST_BLKSIZE /* Define to 1 if `st_fstype' is a member of `struct stat'. */ #undef HAVE_STRUCT_STAT_ST_FSTYPE /* define to 1 if st_fstype is char * */ #undef HAVE_STRUCT_STAT_ST_FSTYPE_CHAR /* define to 1 if st_fstype is int */ #undef HAVE_STRUCT_STAT_ST_FSTYPE_INT /* Define to 1 if `st_vfstype' is a member of `struct stat'. */ #undef HAVE_STRUCT_STAT_ST_VFSTYPE /* Define to 1 if you have the header file. */ #undef HAVE_SYNCH_H /* Define to 1 if you have the `sysconf' function. */ #undef HAVE_SYSCONF /* Define to 1 if you have the header file. */ #undef HAVE_SYSEXITS_H /* Define to 1 if you have the header file. */ #undef HAVE_SYSLOG_H /* define if you have systemd */ #undef HAVE_SYSTEMD /* Define to 1 if you have the header file. */ #undef HAVE_SYSTEMD_SD_DAEMON_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_DEVPOLL_H /* Define to 1 if you have the header file, and it defines `DIR'. */ #undef HAVE_SYS_DIR_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_EPOLL_H /* define if you actually have sys_errlist in your libs */ #undef HAVE_SYS_ERRLIST /* Define to 1 if you have the header file. */ #undef HAVE_SYS_ERRNO_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_EVENT_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_FILE_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_FILIO_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_FSTYP_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_IOCTL_H /* Define to 1 if you have the header file, and it defines `DIR'. */ #undef HAVE_SYS_NDIR_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_PARAM_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_POLL_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_PRIVGRP_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_RESOURCE_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_SELECT_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_SOCKET_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_STAT_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_SYSLOG_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_TIME_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_TYPES_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_UCRED_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_UIO_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_UN_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_UUID_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_VMOUNT_H /* Define to 1 if you have that is POSIX.1 compatible. */ #undef HAVE_SYS_WAIT_H /* define if you have -lwrap */ #undef HAVE_TCPD /* Define to 1 if you have the header file. */ #undef HAVE_TCPD_H /* Define to 1 if you have the header file. */ #undef HAVE_TERMIOS_H /* if you have Solaris LWP (thr) package */ #undef HAVE_THR /* Define to 1 if you have the header file. */ #undef HAVE_THREAD_H /* Define to 1 if you have the `thr_getconcurrency' function. */ #undef HAVE_THR_GETCONCURRENCY /* Define to 1 if you have the `thr_setconcurrency' function. */ #undef HAVE_THR_SETCONCURRENCY /* Define to 1 if you have the `thr_yield' function. */ #undef HAVE_THR_YIELD /* define if you have TLS */ #undef HAVE_TLS /* Define to 1 if you have the header file. */ #undef HAVE_UNISTD_H /* Define to 1 if you have the header file. */ #undef HAVE_UTIME_H /* define if you have uuid_generate() */ #undef HAVE_UUID_GENERATE /* define if you have uuid_to_str() */ #undef HAVE_UUID_TO_STR /* Define to 1 if you have the header file. */ #undef HAVE_UUID_UUID_H /* Define to 1 if you have the `vprintf' function. */ #undef HAVE_VPRINTF /* Define to 1 if you have the `vsnprintf' function. */ #undef HAVE_VSNPRINTF /* Define to 1 if you have the `wait4' function. */ #undef HAVE_WAIT4 /* Define to 1 if you have the `waitpid' function. */ #undef HAVE_WAITPID /* define if you have winsock */ #undef HAVE_WINSOCK /* define if you have winsock2 */ #undef HAVE_WINSOCK2 /* Define to 1 if you have the header file. */ #undef HAVE_WINSOCK2_H /* Define to 1 if you have the header file. */ #undef HAVE_WINSOCK_H /* Define to 1 if you have the `write' function. */ #undef HAVE_WRITE /* define if select implicitly yields */ #undef HAVE_YIELDING_SELECT /* Define to 1 if you have the `_vsnprintf' function. */ #undef HAVE__VSNPRINTF /* define to 32-bit or greater integer type */ #undef LBER_INT_T /* define to large integer type */ #undef LBER_LEN_T /* define to socket descriptor type */ #undef LBER_SOCKET_T /* define to large integer type */ #undef LBER_TAG_T /* define to 1 if library is reentrant */ #undef LDAP_API_FEATURE_X_OPENLDAP_REENTRANT /* define to 1 if library is thread safe */ #undef LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE /* define to LDAP VENDOR VERSION */ #undef LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS /* define this to add debugging code */ #undef LDAP_DEBUG /* define if LDAP libs are dynamic */ #undef LDAP_LIBS_DYNAMIC /* define to support PF_INET6 */ #undef LDAP_PF_INET6 /* define to support PF_LOCAL */ #undef LDAP_PF_LOCAL /* define this to add SLAPI code */ #undef LDAP_SLAPI /* define this to add syslog code */ #undef LDAP_SYSLOG /* Version */ #undef LDAP_VENDOR_VERSION /* Major */ #undef LDAP_VENDOR_VERSION_MAJOR /* Minor */ #undef LDAP_VENDOR_VERSION_MINOR /* Patch */ #undef LDAP_VENDOR_VERSION_PATCH /* Define to the sub-directory where libtool stores uninstalled libraries. */ #undef LT_OBJDIR /* define if memcmp is not 8-bit clean or is otherwise broken */ #undef NEED_MEMCMP_REPLACEMENT /* define if you have (or want) no threads */ #undef NO_THREADS /* define to use the original debug style */ #undef OLD_DEBUG /* Package */ #undef OPENLDAP_PACKAGE /* Version */ #undef OPENLDAP_VERSION /* Define to the address where bug reports for this package should be sent. */ #undef PACKAGE_BUGREPORT /* Define to the full name of this package. */ #undef PACKAGE_NAME /* Define to the full name and version of this package. */ #undef PACKAGE_STRING /* Define to the one symbol short name of this package. */ #undef PACKAGE_TARNAME /* Define to the home page for this package. */ #undef PACKAGE_URL /* Define to the version of this package. */ #undef PACKAGE_VERSION /* define if sched_yield yields the entire process */ #undef REPLACE_BROKEN_YIELD /* Define as the return type of signal handlers (`int' or `void'). */ #undef RETSIGTYPE /* Define to the type of arg 1 for `select'. */ #undef SELECT_TYPE_ARG1 /* Define to the type of args 2, 3 and 4 for `select'. */ #undef SELECT_TYPE_ARG234 /* Define to the type of arg 5 for `select'. */ #undef SELECT_TYPE_ARG5 /* The size of `int', as computed by sizeof. */ #undef SIZEOF_INT /* The size of `long', as computed by sizeof. */ #undef SIZEOF_LONG /* The size of `long long', as computed by sizeof. */ #undef SIZEOF_LONG_LONG /* The size of `short', as computed by sizeof. */ #undef SIZEOF_SHORT /* The size of `wchar_t', as computed by sizeof. */ #undef SIZEOF_WCHAR_T /* define to support per-object ACIs */ #undef SLAPD_ACI_ENABLED /* define to support LDAP Async Metadirectory backend */ #undef SLAPD_ASYNCMETA /* define to support cleartext passwords */ #undef SLAPD_CLEARTEXT /* define to support crypt(3) passwords */ #undef SLAPD_CRYPT /* define to support DNS SRV backend */ #undef SLAPD_DNSSRV /* define to support LDAP backend */ #undef SLAPD_LDAP /* define to support MDB backend */ #undef SLAPD_MDB /* define to support LDAP Metadirectory backend */ #undef SLAPD_META /* define to support modules */ #undef SLAPD_MODULES /* dynamically linked module */ #undef SLAPD_MOD_DYNAMIC /* statically linked module */ #undef SLAPD_MOD_STATIC /* define to support NDB backend */ #undef SLAPD_NDB /* define to support NULL backend */ #undef SLAPD_NULL /* define for In-Directory Access Logging overlay */ #undef SLAPD_OVER_ACCESSLOG /* define for Audit Logging overlay */ #undef SLAPD_OVER_AUDITLOG /* define for Automatic Certificate Authority overlay */ #undef SLAPD_OVER_AUTOCA /* define for Collect overlay */ #undef SLAPD_OVER_COLLECT /* define for Attribute Constraint overlay */ #undef SLAPD_OVER_CONSTRAINT /* define for Dynamic Directory Services overlay */ #undef SLAPD_OVER_DDS /* define for Dynamic Directory Services overlay */ #undef SLAPD_OVER_DEREF /* define for Dynamic Group overlay */ #undef SLAPD_OVER_DYNGROUP /* define for Dynamic List overlay */ #undef SLAPD_OVER_DYNLIST /* define for Home Directory Management overlay */ #undef SLAPD_OVER_HOMEDIR /* define for Reverse Group Membership overlay */ #undef SLAPD_OVER_MEMBEROF /* define for OTP 2-factor Authentication overlay */ #undef SLAPD_OVER_OTP /* define for Password Policy overlay */ #undef SLAPD_OVER_PPOLICY /* define for Proxy Cache overlay */ #undef SLAPD_OVER_PROXYCACHE /* define for Referential Integrity overlay */ #undef SLAPD_OVER_REFINT /* define for Deferred Authentication overlay */ #undef SLAPD_OVER_REMOTEAUTH /* define for Return Code overlay */ #undef SLAPD_OVER_RETCODE /* define for Rewrite/Remap overlay */ #undef SLAPD_OVER_RWM /* define for Sequential Modify overlay */ #undef SLAPD_OVER_SEQMOD /* define for ServerSideSort/VLV overlay */ #undef SLAPD_OVER_SSSVLV /* define for Syncrepl Provider overlay */ #undef SLAPD_OVER_SYNCPROV /* define for Translucent Proxy overlay */ #undef SLAPD_OVER_TRANSLUCENT /* define for Attribute Uniqueness overlay */ #undef SLAPD_OVER_UNIQUE /* define for Value Sorting overlay */ #undef SLAPD_OVER_VALSORT /* define to support PASSWD backend */ #undef SLAPD_PASSWD /* define to support PERL backend */ #undef SLAPD_PERL /* define for Argon2 Password hashing module */ #undef SLAPD_PWMOD_PW_ARGON2 /* define to support relay backend */ #undef SLAPD_RELAY /* define to support reverse lookups */ #undef SLAPD_RLOOKUPS /* define to support SOCK backend */ #undef SLAPD_SOCK /* define to support SASL passwords */ #undef SLAPD_SPASSWD /* define to support SQL backend */ #undef SLAPD_SQL /* define to support WiredTiger backend */ #undef SLAPD_WT /* define to support run-time loadable ACL */ #undef SLAP_DYNACL /* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS /* Define to 1 if you can safely include both and . */ #undef TIME_WITH_SYS_TIME /* Define to 1 if your declares `struct tm'. */ #undef TM_IN_SYS_TIME /* set to urandom device */ #undef URANDOM_DEVICE /* define to use OpenSSL BIGNUM for MP */ #undef USE_MP_BIGNUM /* define to use GMP for MP */ #undef USE_MP_GMP /* define to use 'long' for MP */ #undef USE_MP_LONG /* define to use 'long long' for MP */ #undef USE_MP_LONG_LONG /* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most significant byte first (like Motorola and SPARC, unlike Intel). */ #if defined AC_APPLE_UNIVERSAL_BUILD # if defined __BIG_ENDIAN__ # define WORDS_BIGENDIAN 1 # endif #else # ifndef WORDS_BIGENDIAN # undef WORDS_BIGENDIAN # endif #endif /* Define to the type of arg 3 for `accept'. */ #undef ber_socklen_t /* Define to `char *' if does not define. */ #undef caddr_t /* Define to empty if `const' does not conform to ANSI C. */ #undef const /* Define to `int' if doesn't define. */ #undef gid_t /* Define to `int' if does not define. */ #undef mode_t /* Define to `long' if does not define. */ #undef off_t /* Define to `int' if does not define. */ #undef pid_t /* Define to `int' if does not define. */ #undef sig_atomic_t /* Define to `unsigned' if does not define. */ #undef size_t /* define to snprintf routine */ #undef snprintf /* Define like ber_socklen_t if does not define. */ #undef socklen_t /* Define to `signed int' if does not define. */ #undef ssize_t /* Define to `int' if doesn't define. */ #undef uid_t /* define as empty if volatile is not supported */ #undef volatile /* define to snprintf routine */ #undef vsnprintf /* begin of portable.h.post */ #ifdef _WIN32 /* don't suck in all of the win32 api */ # define WIN32_LEAN_AND_MEAN 1 #endif #ifndef LDAP_NEEDS_PROTOTYPES /* force LDAP_P to always include prototypes */ #define LDAP_NEEDS_PROTOTYPES 1 #endif #ifndef LDAP_REL_ENG #if (LDAP_VENDOR_VERSION == 000000) && !defined(LDAP_DEVEL) #define LDAP_DEVEL #endif #if defined(LDAP_DEVEL) && !defined(LDAP_TEST) #define LDAP_TEST #endif #endif #ifdef HAVE_STDDEF_H # include #endif #ifdef HAVE_EBCDIC /* ASCII/EBCDIC converting replacements for stdio funcs * vsnprintf and snprintf are used too, but they are already * checked by the configure script */ #define fputs ber_pvt_fputs #define fgets ber_pvt_fgets #define printf ber_pvt_printf #define fprintf ber_pvt_fprintf #define vfprintf ber_pvt_vfprintf #define vsprintf ber_pvt_vsprintf #endif #include "ac/fdset.h" #include "ldap_cdefs.h" #include "ldap_features.h" #include "ac/assert.h" #include "ac/localize.h" #endif /* _LDAP_PORTABLE_H */ /* end of portable.h.post */ openldap-2.5.16+dfsg/include/sysexits-compat.h0000644000175000017500000001171714461774414020663 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Portions Copyright (c) 1987 Regents of the University of California. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that the above copyright notice and this paragraph are * duplicated in all such forms and that any documentation, * advertising materials, and other materials related to such * distribution and use acknowledge that the software was developed * by the University of California, Berkeley. The name of the * University may not be used to endorse or promote products derived * from this software without specific prior written permission. * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * * @(#)sysexits.h 4.5 (Berkeley) 7/6/88 */ /* ** SYSEXITS.H -- Exit status codes for system programs. ** ** This include file attempts to categorize possible error ** exit statuses for system programs, notably delivermail ** and the Berkeley network. ** ** Error numbers begin at EX__BASE to reduce the possibility of ** clashing with other exit statuses that random programs may ** already return. The meaning of the codes is approximately ** as follows: ** ** EX_USAGE -- The command was used incorrectly, e.g., with ** the wrong number of arguments, a bad flag, a bad ** syntax in a parameter, or whatever. ** EX_DATAERR -- The input data was incorrect in some way. ** This should only be used for user's data & not ** system files. ** EX_NOINPUT -- An input file (not a system file) did not ** exist or was not readable. This could also include ** errors like "No message" to a mailer (if it cared ** to catch it). ** EX_NOUSER -- The user specified did not exist. This might ** be used for mail addresses or remote logins. ** EX_NOHOST -- The host specified did not exist. This is used ** in mail addresses or network requests. ** EX_UNAVAILABLE -- A service is unavailable. This can occur ** if a support program or file does not exist. This ** can also be used as a catchall message when something ** you wanted to do doesn't work, but you don't know ** why. ** EX_SOFTWARE -- An internal software error has been detected. ** This should be limited to non-operating system related ** errors as possible. ** EX_OSERR -- An operating system error has been detected. ** This is intended to be used for such things as "cannot ** fork", "cannot create pipe", or the like. It includes ** things like getuid returning a user that does not ** exist in the passwd file. ** EX_OSFILE -- Some system file (e.g., /etc/passwd, /etc/utmp, ** etc.) does not exist, cannot be opened, or has some ** sort of error (e.g., syntax error). ** EX_CANTCREAT -- A (user specified) output file cannot be ** created. ** EX_IOERR -- An error occurred while doing I/O on some file. ** EX_TEMPFAIL -- temporary failure, indicating something that ** is not really an error. In sendmail, this means ** that a mailer (e.g.) could not create a connection, ** and the request should be reattempted later. ** EX_PROTOCOL -- the remote system returned something that ** was "not possible" during a protocol exchange. ** EX_NOPERM -- You did not have sufficient permission to ** perform the operation. This is not intended for ** file system problems, which should use NOINPUT or ** CANTCREAT, but rather for higher level permissions. ** For example, kre uses this to restrict who students ** can send mail to. ** ** Maintained by Eric Allman (eric@berkeley, ucbvax!eric) -- ** please mail changes to me. ** ** @(#)sysexits.h 4.5 7/6/88 */ # define EX_OK 0 /* successful termination */ # define EX__BASE 64 /* base value for error messages */ # define EX_USAGE 64 /* command line usage error */ # define EX_DATAERR 65 /* data format error */ # define EX_NOINPUT 66 /* cannot open input */ # define EX_NOUSER 67 /* addressee unknown */ # define EX_NOHOST 68 /* host name unknown */ # define EX_UNAVAILABLE 69 /* service unavailable */ # define EX_SOFTWARE 70 /* internal software error */ # define EX_OSERR 71 /* system error (e.g., can't fork) */ # define EX_OSFILE 72 /* critical OS file missing */ # define EX_CANTCREAT 73 /* can't create (user) output file */ # define EX_IOERR 74 /* input/output error */ # define EX_TEMPFAIL 75 /* temp failure; user is invited to retry */ # define EX_PROTOCOL 76 /* remote error in protocol */ # define EX_NOPERM 77 /* permission denied */ # define EX_CONFIG 78 /* configuration error */ openldap-2.5.16+dfsg/include/ldif.h0000644000175000017500000001127114461774414016420 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Portions Copyright (c) 1996 Regents of the University of Michigan. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and that due credit is given * to the University of Michigan at Ann Arbor. The name of the University * may not be used to endorse or promote products derived from this * software without specific prior written permission. This software * is provided ``as is'' without express or implied warranty. */ #ifndef _LDIF_H #define _LDIF_H #include LDAP_BEGIN_DECL /* This is NOT a bogus extern declaration (unlike ldap_debug) */ LDAP_LDIF_V (int) ldif_debug; #define LDIF_LINE_WIDTH 78 /* default maximum length of LDIF lines */ #define LDIF_LINE_WIDTH_MAX ((ber_len_t)-1) /* maximum length of LDIF lines */ #define LDIF_LINE_WIDTH_WRAP(wrap) ((wrap) == 0 ? LDIF_LINE_WIDTH : (wrap)) /* * Macro to calculate maximum number of bytes that the base64 equivalent * of an item that is "len" bytes long will take up. Base64 encoding * uses one byte for every six bits in the value plus up to two pad bytes. */ #define LDIF_BASE64_LEN(len) (((len) * 4 / 3 ) + 3) /* * Macro to calculate maximum size that an LDIF-encoded type (length * tlen) and value (length vlen) will take up: room for type + ":: " + * first newline + base64 value + continued lines. Each continued line * needs room for a newline and a leading space character. */ #define LDIF_SIZE_NEEDED(nlen,vlen) LDIF_SIZE_NEEDED_WRAP(nlen, vlen, 0) #define LDIF_SIZE_NEEDED_WRAP(nlen,vlen,wrap) \ ((nlen) + 4 + LDIF_BASE64_LEN(vlen) \ + ((wrap) == 0 ? ((LDIF_BASE64_LEN(vlen) + (nlen) + 3) / ( LDIF_LINE_WIDTH-1 ) * 2 ) : \ ((wrap) == LDIF_LINE_WIDTH_MAX ? 0 : ((LDIF_BASE64_LEN(vlen) + (nlen) + 3) / (wrap-1) * 2 )))) LDAP_LDIF_F( int ) ldif_parse_line LDAP_P(( LDAP_CONST char *line, char **name, char **value, ber_len_t *vlen )); LDAP_LDIF_F( int ) ldif_parse_line2 LDAP_P(( char *line, struct berval *type, struct berval *value, int *freeval )); LDAP_LDIF_F( FILE * ) ldif_open_url LDAP_P(( LDAP_CONST char *urlstr )); LDAP_LDIF_F( int ) ldif_fetch_url LDAP_P(( LDAP_CONST char *line, char **value, ber_len_t *vlen )); LDAP_LDIF_F( char * ) ldif_getline LDAP_P(( char **next )); LDAP_LDIF_F( int ) ldif_countlines LDAP_P(( LDAP_CONST char *line )); /* ldif_ropen, rclose, read_record - just for reading LDIF files, * no special open/close needed to write LDIF files. */ typedef struct LDIFFP { FILE *fp; struct LDIFFP *prev; } LDIFFP; LDAP_LDIF_F( LDIFFP * ) ldif_open LDAP_P(( LDAP_CONST char *file, LDAP_CONST char *mode )); /* ldif_open equivalent that opens ldif stream in memory rather than from file */ LDAP_LDIF_F( LDIFFP * ) ldif_open_mem LDAP_P(( char *ldif, size_t size, LDAP_CONST char *mode )); LDAP_LDIF_F( void ) ldif_close LDAP_P(( LDIFFP * )); LDAP_LDIF_F( int ) ldif_read_record LDAP_P(( LDIFFP *fp, unsigned long *lineno, char **bufp, int *buflen )); LDAP_LDIF_F( int ) ldif_must_b64_encode_register LDAP_P(( LDAP_CONST char *name, LDAP_CONST char *oid )); LDAP_LDIF_F( void ) ldif_must_b64_encode_release LDAP_P(( void )); #define LDIF_PUT_NOVALUE 0x0000 /* no value */ #define LDIF_PUT_VALUE 0x0001 /* value w/ auto detection */ #define LDIF_PUT_TEXT 0x0002 /* assume text */ #define LDIF_PUT_BINARY 0x0004 /* assume binary (convert to base64) */ #define LDIF_PUT_B64 0x0008 /* pre-converted base64 value */ #define LDIF_PUT_COMMENT 0x0010 /* comment */ #define LDIF_PUT_URL 0x0020 /* url */ #define LDIF_PUT_SEP 0x0040 /* separator */ LDAP_LDIF_F( void ) ldif_sput LDAP_P(( char **out, int type, LDAP_CONST char *name, LDAP_CONST char *val, ber_len_t vlen )); LDAP_LDIF_F( void ) ldif_sput_wrap LDAP_P(( char **out, int type, LDAP_CONST char *name, LDAP_CONST char *val, ber_len_t vlen, ber_len_t wrap )); LDAP_LDIF_F( char * ) ldif_put LDAP_P(( int type, LDAP_CONST char *name, LDAP_CONST char *val, ber_len_t vlen )); LDAP_LDIF_F( char * ) ldif_put_wrap LDAP_P(( int type, LDAP_CONST char *name, LDAP_CONST char *val, ber_len_t vlen, ber_len_t wrap )); LDAP_LDIF_F( int ) ldif_is_not_printable LDAP_P(( LDAP_CONST char *val, ber_len_t vlen )); LDAP_END_DECL #endif /* _LDIF_H */ openldap-2.5.16+dfsg/include/ldap_cdefs.h0000644000175000017500000002237214461774414017572 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* LDAP C Defines */ #ifndef _LDAP_CDEFS_H #define _LDAP_CDEFS_H #if defined(__cplusplus) || defined(c_plusplus) # define LDAP_BEGIN_DECL extern "C" { # define LDAP_END_DECL } #else # define LDAP_BEGIN_DECL /* begin declarations */ # define LDAP_END_DECL /* end declarations */ #endif #if !defined(LDAP_NO_PROTOTYPES) && ( defined(LDAP_NEEDS_PROTOTYPES) || \ defined(__STDC__) || defined(__cplusplus) || defined(c_plusplus) ) /* ANSI C or C++ */ # define LDAP_P(protos) protos # define LDAP_CONCAT1(x,y) x ## y # define LDAP_CONCAT(x,y) LDAP_CONCAT1(x,y) # define LDAP_STRING(x) #x /* stringify without expanding x */ # define LDAP_XSTRING(x) LDAP_STRING(x) /* expand x, then stringify */ #ifndef LDAP_CONST # define LDAP_CONST const #endif #else /* no prototypes */ /* traditional C */ # define LDAP_P(protos) () # define LDAP_CONCAT(x,y) x/**/y # define LDAP_STRING(x) "x" #ifndef LDAP_CONST # define LDAP_CONST /* no const */ #endif #endif /* no prototypes */ #if (__GNUC__) * 1000 + (__GNUC_MINOR__) >= 2006 # define LDAP_GCCATTR(attrs) __attribute__(attrs) #else # define LDAP_GCCATTR(attrs) #endif /* * Support for Windows DLLs. * * When external source code includes header files for dynamic libraries, * the external source code is "importing" DLL symbols into its resulting * object code. On Windows, symbols imported from DLLs must be explicitly * indicated in header files with the __declspec(dllimport) directive. * This is not totally necessary for functions because the compiler * (gcc or MSVC) will generate stubs when this directive is absent. * However, this is required for imported variables. * * The LDAP libraries, i.e. liblber and libldap, can be built as * static or shared, based on configuration. Just about all other source * code in OpenLDAP use these libraries. If the LDAP libraries * are configured as shared, 'configure' defines the LDAP_LIBS_DYNAMIC * macro. When other source files include LDAP library headers, the * LDAP library symbols will automatically be marked as imported. When * the actual LDAP libraries are being built, the symbols will not * be marked as imported because the LBER_LIBRARY or LDAP_LIBRARY macros * will be respectively defined. * * Any project outside of OpenLDAP with source code wanting to use * LDAP dynamic libraries should explicitly define LDAP_LIBS_DYNAMIC. * This will ensure that external source code appropriately marks symbols * that will be imported. * * The slapd executable, itself, can be used as a dynamic library. * For example, if a backend module is compiled as shared, it will * import symbols from slapd. When this happens, the slapd symbols * must be marked as imported in header files that the backend module * includes. Remember that slapd links with various static libraries. * If the LDAP libraries were configured as static, their object * code is also part of the monolithic slapd executable. Thus, when * a backend module imports symbols from slapd, it imports symbols from * all of the static libraries in slapd as well. Thus, the SLAP_IMPORT * macro, when defined, will appropriately mark symbols as imported. * This macro should be used by shared backend modules as well as any * other external source code that imports symbols from the slapd * executable as if it were a DLL. * * Note that we don't actually have to worry about using the * __declspec(dllexport) directive anywhere. This is because both * MSVC and Mingw provide alternate (more effective) methods for exporting * symbols out of binaries, i.e. the use of a DEF file. * * NOTE ABOUT BACKENDS: Backends can be configured as static or dynamic. * When a backend is configured as dynamic, slapd will load the backend * explicitly and populate function pointer structures by calling * the backend's well-known initialization function. Because of this * procedure, slapd never implicitly imports symbols from dynamic backends. * This makes it unnecessary to tag various backend functions with the * __declspec(dllimport) directive. This is because neither slapd nor * any other external binary should ever be implicitly loading a backend * dynamic module. * * Backends are supposed to be self-contained. However, it appears that * back-meta DOES implicitly import symbols from back-ldap. This means * that the __declspec(dllimport) directive should be marked on back-ldap * functions (in its header files) if and only if we're compiling for * windows AND back-ldap has been configured as dynamic AND back-meta * is the client of back-ldap. When client is slapd, there is no effect * since slapd does not implicitly import symbols. * * TODO(?): Currently, back-meta nor back-ldap is supported for Mingw32. * Thus, there's no need to worry about this right now. This is something that * may or may not have to be addressed in the future. */ /* LBER library */ #if defined(_WIN32) && \ ((defined(LDAP_LIBS_DYNAMIC) && !defined(LBER_LIBRARY)) || \ (!defined(LDAP_LIBS_DYNAMIC) && defined(SLAPD_IMPORT))) # define LBER_F(type) extern __declspec(dllimport) type # define LBER_V(type) extern __declspec(dllimport) type #else # define LBER_F(type) extern type # define LBER_V(type) extern type #endif /* LDAP library */ #if defined(_WIN32) && \ ((defined(LDAP_LIBS_DYNAMIC) && !defined(LDAP_LIBRARY)) || \ (!defined(LDAP_LIBS_DYNAMIC) && defined(SLAPD_IMPORT))) # define LDAP_F(type) extern __declspec(dllimport) type # define LDAP_V(type) extern __declspec(dllimport) type #else # define LDAP_F(type) extern type # define LDAP_V(type) extern type #endif /* AVL library */ #if defined(_WIN32) && defined(SLAPD_IMPORT) # define LDAP_AVL_F(type) extern __declspec(dllimport) type # define LDAP_AVL_V(type) extern __declspec(dllimport) type #else # define LDAP_AVL_F(type) extern type # define LDAP_AVL_V(type) extern type #endif /* LDIF library */ #if defined(_WIN32) && defined(SLAPD_IMPORT) # define LDAP_LDIF_F(type) extern __declspec(dllimport) type # define LDAP_LDIF_V(type) extern __declspec(dllimport) type #else # define LDAP_LDIF_F(type) extern type # define LDAP_LDIF_V(type) extern type #endif /* LUNICODE library */ #if defined(_WIN32) && defined(SLAPD_IMPORT) # define LDAP_LUNICODE_F(type) extern __declspec(dllimport) type # define LDAP_LUNICODE_V(type) extern __declspec(dllimport) type #else # define LDAP_LUNICODE_F(type) extern type # define LDAP_LUNICODE_V(type) extern type #endif /* LUTIL library */ #if defined(_WIN32) && defined(SLAPD_IMPORT) # define LDAP_LUTIL_F(type) extern __declspec(dllimport) type # define LDAP_LUTIL_V(type) extern __declspec(dllimport) type #else # define LDAP_LUTIL_F(type) extern type # define LDAP_LUTIL_V(type) extern type #endif /* REWRITE library */ #if defined(_WIN32) && defined(SLAPD_IMPORT) # define LDAP_REWRITE_F(type) extern __declspec(dllimport) type # define LDAP_REWRITE_V(type) extern __declspec(dllimport) type #else # define LDAP_REWRITE_F(type) extern type # define LDAP_REWRITE_V(type) extern type #endif /* SLAPD (as a dynamic library exporting symbols) */ #if defined(_WIN32) && defined(SLAPD_IMPORT) # define LDAP_SLAPD_F(type) extern __declspec(dllimport) type # define LDAP_SLAPD_V(type) extern __declspec(dllimport) type #else # define LDAP_SLAPD_F(type) extern type # define LDAP_SLAPD_V(type) extern type #endif /* SLAPD (as a dynamic library exporting symbols) */ #if defined(_WIN32) && defined(SLAPD_IMPORT) # define LDAP_SLAPI_F(type) extern __declspec(dllimport) type # define LDAP_SLAPI_V(type) extern __declspec(dllimport) type #else # define LDAP_SLAPI_F(type) extern type # define LDAP_SLAPI_V(type) extern type #endif /* SLAPD (as a dynamic library exporting symbols) */ #if defined(_WIN32) && defined(SLAPD_IMPORT) # define SLAPI_F(type) extern __declspec(dllimport) type # define SLAPI_V(type) extern __declspec(dllimport) type #else # define SLAPI_F(type) extern type # define SLAPI_V(type) extern type #endif /* * C library. Mingw32 links with the dynamic C run-time library by default, * so the explicit definition of CSTATIC will keep dllimport from * being defined, if desired. * * MSVC defines the _DLL macro when the compiler is invoked with /MD or /MDd, * which means the resulting object code will be linked with the dynamic * C run-time library. * * Technically, it shouldn't be necessary to redefine any functions that * the headers for the C library should already contain. Nevertheless, this * is here as a safe-guard. * * TODO: Determine if these macros ever get expanded for Windows. If not, * the declspec expansion can probably be removed. */ #if (defined(__MINGW32__) && !defined(CSTATIC)) || \ (defined(_MSC_VER) && defined(_DLL)) # define LDAP_LIBC_F(type) extern __declspec(dllimport) type # define LDAP_LIBC_V(type) extern __declspec(dllimport) type #else # define LDAP_LIBC_F(type) extern type # define LDAP_LIBC_V(type) extern type #endif #endif /* _LDAP_CDEFS_H */ openldap-2.5.16+dfsg/include/lutil_md5.h0000644000175000017500000000313714461774414017402 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _LUTIL_MD5_H_ #define _LUTIL_MD5_H_ #include LDAP_BEGIN_DECL /* Unlike previous versions of this code, ber_int_t need not be exactly 32 bits, merely 32 bits or more. Choosing a data type which is 32 bits instead of 64 is not important; speed is considerably more important. ANSI guarantees that "unsigned long" will be big enough, and always using it seems to have few disadvantages. */ #define LUTIL_MD5_BYTES 16 struct lutil_MD5Context { ber_uint_t buf[4]; ber_uint_t bits[2]; unsigned char in[64]; }; LDAP_LUTIL_F( void ) lutil_MD5Init LDAP_P(( struct lutil_MD5Context *context)); LDAP_LUTIL_F( void ) lutil_MD5Update LDAP_P(( struct lutil_MD5Context *context, unsigned char const *buf, ber_len_t len)); LDAP_LUTIL_F( void ) lutil_MD5Final LDAP_P(( unsigned char digest[16], struct lutil_MD5Context *context)); LDAP_LUTIL_F( void ) lutil_MD5Transform LDAP_P(( ber_uint_t buf[4], const unsigned char in[64])); /* * This is needed to make RSAREF happy on some MS-DOS compilers. */ typedef struct lutil_MD5Context lutil_MD5_CTX; LDAP_END_DECL #endif /* _LUTIL_MD5_H_ */ openldap-2.5.16+dfsg/include/lber.h0000644000175000017500000003617014461774414016433 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Portions Copyright (c) 1990 Regents of the University of Michigan. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and that due credit is given * to the University of Michigan at Ann Arbor. The name of the University * may not be used to endorse or promote products derived from this * software without specific prior written permission. This software * is provided ``as is'' without express or implied warranty. */ #ifndef _LBER_H #define _LBER_H #include #include LDAP_BEGIN_DECL /* * ber_tag_t represents the identifier octets at the beginning of BER * elements. OpenLDAP treats them as mere big-endian unsigned integers. * * Actually the BER identifier octets look like this: * * Bits of 1st octet: * ______ * 8 7 | CLASS * 0 0 = UNIVERSAL * 0 1 = APPLICATION * 1 0 = CONTEXT-SPECIFIC * 1 1 = PRIVATE * _____ * | 6 | DATA-TYPE * 0 = PRIMITIVE * 1 = CONSTRUCTED * ___________ * | 5 ... 1 | TAG-NUMBER * * For ASN.1 tag numbers >= 0x1F, TAG-NUMBER above is 0x1F and the next * BER octets contain the actual ASN.1 tag number: Big-endian, base * 128, 8.bit = 1 in all but the last octet, minimum number of octets. */ /* BER classes and mask (in 1st identifier octet) */ #define LBER_CLASS_UNIVERSAL ((ber_tag_t) 0x00U) #define LBER_CLASS_APPLICATION ((ber_tag_t) 0x40U) #define LBER_CLASS_CONTEXT ((ber_tag_t) 0x80U) #define LBER_CLASS_PRIVATE ((ber_tag_t) 0xc0U) #define LBER_CLASS_MASK ((ber_tag_t) 0xc0U) /* BER encoding type and mask (in 1st identifier octet) */ #define LBER_PRIMITIVE ((ber_tag_t) 0x00U) #define LBER_CONSTRUCTED ((ber_tag_t) 0x20U) #define LBER_ENCODING_MASK ((ber_tag_t) 0x20U) #define LBER_BIG_TAG_MASK ((ber_tag_t) 0x1fU) #define LBER_MORE_TAG_MASK ((ber_tag_t) 0x80U) /* * LBER_ERROR and LBER_DEFAULT are values that can never appear * as valid BER tags, so it is safe to use them to report errors. * Valid tags have (tag & (ber_tag_t) 0xFF) != 0xFF. */ #define LBER_ERROR ((ber_tag_t) -1) #define LBER_DEFAULT ((ber_tag_t) -1) /* general BER types we know about */ #define LBER_BOOLEAN ((ber_tag_t) 0x01UL) #define LBER_INTEGER ((ber_tag_t) 0x02UL) #define LBER_BITSTRING ((ber_tag_t) 0x03UL) #define LBER_OCTETSTRING ((ber_tag_t) 0x04UL) #define LBER_NULL ((ber_tag_t) 0x05UL) #define LBER_ENUMERATED ((ber_tag_t) 0x0aUL) #define LBER_SEQUENCE ((ber_tag_t) 0x30UL) /* constructed */ #define LBER_SET ((ber_tag_t) 0x31UL) /* constructed */ /* LBER BerElement options */ #define LBER_USE_DER 0x01 /* get/set options for BerElement */ #define LBER_OPT_BER_OPTIONS 0x01 #define LBER_OPT_BER_DEBUG 0x02 #define LBER_OPT_BER_REMAINING_BYTES 0x03 #define LBER_OPT_BER_TOTAL_BYTES 0x04 #define LBER_OPT_BER_BYTES_TO_WRITE 0x05 #define LBER_OPT_BER_MEMCTX 0x06 #define LBER_OPT_DEBUG_LEVEL LBER_OPT_BER_DEBUG #define LBER_OPT_REMAINING_BYTES LBER_OPT_BER_REMAINING_BYTES #define LBER_OPT_TOTAL_BYTES LBER_OPT_BER_TOTAL_BYTES #define LBER_OPT_BYTES_TO_WRITE LBER_OPT_BER_BYTES_TO_WRITE #define LBER_OPT_LOG_PRINT_FN 0x8001 #define LBER_OPT_MEMORY_FNS 0x8002 #define LBER_OPT_ERROR_FN 0x8003 #define LBER_OPT_LOG_PRINT_FILE 0x8004 /* get/set Memory Debug options */ #define LBER_OPT_MEMORY_INUSE 0x8005 /* for memory debugging */ #define LBER_OPT_LOG_PROC 0x8006 /* for external logging function */ typedef int* (*BER_ERRNO_FN) LDAP_P(( void )); typedef void (*BER_LOG_PRINT_FN) LDAP_P(( LDAP_CONST char *buf )); typedef void* (BER_MEMALLOC_FN) LDAP_P(( ber_len_t size, void *ctx )); typedef void* (BER_MEMCALLOC_FN) LDAP_P(( ber_len_t n, ber_len_t size, void *ctx )); typedef void* (BER_MEMREALLOC_FN) LDAP_P(( void *p, ber_len_t size, void *ctx )); typedef void (BER_MEMFREE_FN) LDAP_P(( void *p, void *ctx )); typedef struct lber_memory_fns { BER_MEMALLOC_FN *bmf_malloc; BER_MEMCALLOC_FN *bmf_calloc; BER_MEMREALLOC_FN *bmf_realloc; BER_MEMFREE_FN *bmf_free; } BerMemoryFunctions; /* LBER Sockbuf_IO options */ #define LBER_SB_OPT_GET_FD 1 #define LBER_SB_OPT_SET_FD 2 #define LBER_SB_OPT_HAS_IO 3 #define LBER_SB_OPT_SET_NONBLOCK 4 #define LBER_SB_OPT_GET_SSL 7 #define LBER_SB_OPT_DATA_READY 8 #define LBER_SB_OPT_SET_READAHEAD 9 #define LBER_SB_OPT_DRAIN 10 #define LBER_SB_OPT_NEEDS_READ 11 #define LBER_SB_OPT_NEEDS_WRITE 12 #define LBER_SB_OPT_GET_MAX_INCOMING 13 #define LBER_SB_OPT_SET_MAX_INCOMING 14 /* Only meaningful ifdef LDAP_PF_LOCAL_SENDMSG */ #define LBER_SB_OPT_UNGET_BUF 15 /* Largest option used by the library */ #define LBER_SB_OPT_OPT_MAX 15 /* LBER IO operations stacking levels */ #define LBER_SBIOD_LEVEL_PROVIDER 10 #define LBER_SBIOD_LEVEL_TRANSPORT 20 #define LBER_SBIOD_LEVEL_APPLICATION 30 /* get/set options for Sockbuf */ #define LBER_OPT_SOCKBUF_DESC 0x1000 #define LBER_OPT_SOCKBUF_OPTIONS 0x1001 #define LBER_OPT_SOCKBUF_DEBUG 0x1002 /* on/off values */ LBER_V( char ) ber_pvt_opt_on; #define LBER_OPT_ON ((void *) &ber_pvt_opt_on) #define LBER_OPT_OFF ((void *) 0) #define LBER_OPT_SUCCESS (0) #define LBER_OPT_ERROR (-1) typedef struct berelement BerElement; typedef struct sockbuf Sockbuf; typedef struct sockbuf_io Sockbuf_IO; /* Structure for LBER IO operation descriptor */ typedef struct sockbuf_io_desc { int sbiod_level; Sockbuf *sbiod_sb; Sockbuf_IO *sbiod_io; void *sbiod_pvt; struct sockbuf_io_desc *sbiod_next; } Sockbuf_IO_Desc; /* Structure for LBER IO operation functions */ struct sockbuf_io { int (*sbi_setup)( Sockbuf_IO_Desc *sbiod, void *arg ); int (*sbi_remove)( Sockbuf_IO_Desc *sbiod ); int (*sbi_ctrl)( Sockbuf_IO_Desc *sbiod, int opt, void *arg); ber_slen_t (*sbi_read)( Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len ); ber_slen_t (*sbi_write)( Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len ); int (*sbi_close)( Sockbuf_IO_Desc *sbiod ); }; /* Helper macros for LBER IO functions */ #define LBER_SBIOD_READ_NEXT( sbiod, buf, len ) \ ( (sbiod)->sbiod_next->sbiod_io->sbi_read( (sbiod)->sbiod_next, \ buf, len ) ) #define LBER_SBIOD_WRITE_NEXT( sbiod, buf, len ) \ ( (sbiod)->sbiod_next->sbiod_io->sbi_write( (sbiod)->sbiod_next, \ buf, len ) ) #define LBER_SBIOD_CTRL_NEXT( sbiod, opt, arg ) \ ( (sbiod)->sbiod_next ? \ ( (sbiod)->sbiod_next->sbiod_io->sbi_ctrl( \ (sbiod)->sbiod_next, opt, arg ) ) : 0 ) /* structure for returning a sequence of octet strings + length */ typedef struct berval { ber_len_t bv_len; char *bv_val; } BerValue; typedef BerValue *BerVarray; /* To distinguish from a single bv */ /* this should be moved to lber-int.h */ /* * in bprint.c: */ LBER_F( void ) ber_error_print LDAP_P(( LDAP_CONST char *data )); LBER_F( void ) ber_bprint LDAP_P(( LDAP_CONST char *data, ber_len_t len )); LBER_F( void ) ber_dump LDAP_P(( BerElement *ber, int inout )); /* * in decode.c: */ typedef int (*BERDecodeCallback) LDAP_P(( BerElement *ber, void *data, int mode )); LBER_F( ber_tag_t ) ber_get_tag LDAP_P(( BerElement *ber )); LBER_F( ber_tag_t ) ber_skip_tag LDAP_P(( BerElement *ber, ber_len_t *len )); LBER_F( ber_tag_t ) ber_peek_tag LDAP_P(( BerElement *ber, ber_len_t *len )); LBER_F( ber_tag_t ) ber_skip_raw LDAP_P(( BerElement *ber, struct berval *bv )); LBER_F( ber_tag_t ) ber_skip_element LDAP_P(( BerElement *ber, struct berval *bv )); LBER_F( ber_tag_t ) ber_peek_element LDAP_P(( LDAP_CONST BerElement *ber, struct berval *bv )); LBER_F( ber_tag_t ) ber_get_int LDAP_P(( BerElement *ber, ber_int_t *num )); LBER_F( ber_tag_t ) ber_get_enum LDAP_P(( BerElement *ber, ber_int_t *num )); LBER_F( int ) ber_decode_int LDAP_P(( const struct berval *bv, ber_int_t *num )); LBER_F( ber_tag_t ) ber_get_stringb LDAP_P(( BerElement *ber, char *buf, ber_len_t *len )); #define LBER_BV_ALLOC 0x01 /* allocate/copy result, otherwise in-place */ #define LBER_BV_NOTERM 0x02 /* omit NUL-terminator if parsing in-place */ #define LBER_BV_STRING 0x04 /* fail if berval contains embedded \0 */ /* LBER_BV_STRING currently accepts a terminating \0 in the berval, because * Active Directory sends that in at least the diagonsticMessage field. */ LBER_F( ber_tag_t ) ber_get_stringbv LDAP_P(( BerElement *ber, struct berval *bv, int options )); LBER_F( ber_tag_t ) ber_get_stringa LDAP_P(( BerElement *ber, char **buf )); LBER_F( ber_tag_t ) ber_get_stringal LDAP_P(( BerElement *ber, struct berval **bv )); LBER_F( ber_tag_t ) ber_get_bitstringa LDAP_P(( BerElement *ber, char **buf, ber_len_t *len )); LBER_F( ber_tag_t ) ber_get_null LDAP_P(( BerElement *ber )); LBER_F( ber_tag_t ) ber_get_boolean LDAP_P(( BerElement *ber, ber_int_t *boolval )); LBER_F( ber_tag_t ) ber_first_element LDAP_P(( BerElement *ber, ber_len_t *len, char **last )); LBER_F( ber_tag_t ) ber_next_element LDAP_P(( BerElement *ber, ber_len_t *len, LDAP_CONST char *last )); LBER_F( ber_tag_t ) ber_scanf LDAP_P(( BerElement *ber, LDAP_CONST char *fmt, ... )); LBER_F( int ) ber_decode_oid LDAP_P(( struct berval *in, struct berval *out )); /* * in encode.c */ LBER_F( int ) ber_encode_oid LDAP_P(( struct berval *in, struct berval *out )); typedef int (*BEREncodeCallback) LDAP_P(( BerElement *ber, void *data )); LBER_F( int ) ber_put_enum LDAP_P(( BerElement *ber, ber_int_t num, ber_tag_t tag )); LBER_F( int ) ber_put_int LDAP_P(( BerElement *ber, ber_int_t num, ber_tag_t tag )); LBER_F( int ) ber_put_ostring LDAP_P(( BerElement *ber, LDAP_CONST char *str, ber_len_t len, ber_tag_t tag )); LBER_F( int ) ber_put_berval LDAP_P(( BerElement *ber, struct berval *bv, ber_tag_t tag )); LBER_F( int ) ber_put_string LDAP_P(( BerElement *ber, LDAP_CONST char *str, ber_tag_t tag )); LBER_F( int ) ber_put_bitstring LDAP_P(( BerElement *ber, LDAP_CONST char *str, ber_len_t bitlen, ber_tag_t tag )); LBER_F( int ) ber_put_null LDAP_P(( BerElement *ber, ber_tag_t tag )); LBER_F( int ) ber_put_boolean LDAP_P(( BerElement *ber, ber_int_t boolval, ber_tag_t tag )); LBER_F( int ) ber_start_seq LDAP_P(( BerElement *ber, ber_tag_t tag )); LBER_F( int ) ber_start_set LDAP_P(( BerElement *ber, ber_tag_t tag )); LBER_F( int ) ber_put_seq LDAP_P(( BerElement *ber )); LBER_F( int ) ber_put_set LDAP_P(( BerElement *ber )); LBER_F( int ) ber_printf LDAP_P(( BerElement *ber, LDAP_CONST char *fmt, ... )); /* * in io.c: */ LBER_F( ber_slen_t ) ber_skip_data LDAP_P(( BerElement *ber, ber_len_t len )); LBER_F( ber_slen_t ) ber_read LDAP_P(( BerElement *ber, char *buf, ber_len_t len )); LBER_F( ber_slen_t ) ber_write LDAP_P(( BerElement *ber, LDAP_CONST char *buf, ber_len_t len, int zero )); /* nonzero is unsupported from OpenLDAP 2.4.18 */ LBER_F( void ) ber_free LDAP_P(( BerElement *ber, int freebuf )); LBER_F( void ) ber_free_buf LDAP_P(( BerElement *ber )); LBER_F( int ) ber_flush2 LDAP_P(( Sockbuf *sb, BerElement *ber, int freeit )); #define LBER_FLUSH_FREE_NEVER (0x0) /* traditional behavior */ #define LBER_FLUSH_FREE_ON_SUCCESS (0x1) /* traditional behavior */ #define LBER_FLUSH_FREE_ON_ERROR (0x2) #define LBER_FLUSH_FREE_ALWAYS (LBER_FLUSH_FREE_ON_SUCCESS|LBER_FLUSH_FREE_ON_ERROR) LBER_F( int ) ber_flush LDAP_P(( Sockbuf *sb, BerElement *ber, int freeit )); /* DEPRECATED */ LBER_F( BerElement * ) ber_alloc LDAP_P(( void )); /* DEPRECATED */ LBER_F( BerElement * ) der_alloc LDAP_P(( void )); /* DEPRECATED */ LBER_F( BerElement * ) ber_alloc_t LDAP_P(( int beroptions )); LBER_F( BerElement * ) ber_dup LDAP_P(( BerElement *ber )); LBER_F( ber_tag_t ) ber_get_next LDAP_P(( Sockbuf *sb, ber_len_t *len, BerElement *ber )); LBER_F( void ) ber_init2 LDAP_P(( BerElement *ber, struct berval *bv, int options )); LBER_F( void ) ber_init_w_nullc LDAP_P(( /* DEPRECATED */ BerElement *ber, int options )); LBER_F( void ) ber_reset LDAP_P(( BerElement *ber, int was_writing )); LBER_F( BerElement * ) ber_init LDAP_P(( struct berval *bv )); LBER_F( int ) ber_flatten LDAP_P(( BerElement *ber, struct berval **bvPtr )); LBER_F( int ) ber_flatten2 LDAP_P(( BerElement *ber, struct berval *bv, int alloc )); LBER_F( int ) ber_remaining LDAP_P(( BerElement *ber )); /* * LBER ber accessor functions */ LBER_F( int ) ber_get_option LDAP_P(( void *item, int option, void *outvalue)); LBER_F( int ) ber_set_option LDAP_P(( void *item, int option, LDAP_CONST void *invalue)); /* * LBER sockbuf.c */ LBER_F( Sockbuf * ) ber_sockbuf_alloc LDAP_P(( void )); LBER_F( void ) ber_sockbuf_free LDAP_P(( Sockbuf *sb )); LBER_F( int ) ber_sockbuf_add_io LDAP_P(( Sockbuf *sb, Sockbuf_IO *sbio, int layer, void *arg )); LBER_F( int ) ber_sockbuf_remove_io LDAP_P(( Sockbuf *sb, Sockbuf_IO *sbio, int layer )); LBER_F( int ) ber_sockbuf_ctrl LDAP_P(( Sockbuf *sb, int opt, void *arg )); LBER_V( Sockbuf_IO ) ber_sockbuf_io_tcp; LBER_V( Sockbuf_IO ) ber_sockbuf_io_readahead; LBER_V( Sockbuf_IO ) ber_sockbuf_io_fd; LBER_V( Sockbuf_IO ) ber_sockbuf_io_debug; LBER_V( Sockbuf_IO ) ber_sockbuf_io_udp; /* * LBER memory.c */ LBER_F( void * ) ber_memalloc LDAP_P(( ber_len_t s )); LBER_F( void * ) ber_memrealloc LDAP_P(( void* p, ber_len_t s )); LBER_F( void * ) ber_memcalloc LDAP_P(( ber_len_t n, ber_len_t s )); LBER_F( void ) ber_memfree LDAP_P(( void* p )); LBER_F( void ) ber_memvfree LDAP_P(( void** vector )); LBER_F( void ) ber_bvfree LDAP_P(( struct berval *bv )); LBER_F( void ) ber_bvecfree LDAP_P(( struct berval **bv )); LBER_F( int ) ber_bvecadd LDAP_P(( struct berval ***bvec, struct berval *bv )); LBER_F( struct berval * ) ber_dupbv LDAP_P(( struct berval *dst, struct berval *src )); LBER_F( struct berval * ) ber_bvdup LDAP_P(( struct berval *src )); LBER_F( struct berval * ) ber_mem2bv LDAP_P(( LDAP_CONST char *, ber_len_t len, int duplicate, struct berval *bv)); LBER_F( struct berval * ) ber_str2bv LDAP_P(( LDAP_CONST char *, ber_len_t len, int duplicate, struct berval *bv)); #define ber_bvstr(a) ((ber_str2bv)((a), 0, 0, NULL)) #define ber_bvstrdup(a) ((ber_str2bv)((a), 0, 1, NULL)) LBER_F( char * ) ber_strdup LDAP_P(( LDAP_CONST char * )); LBER_F( ber_len_t ) ber_strnlen LDAP_P(( LDAP_CONST char *s, ber_len_t len )); LBER_F( char * ) ber_strndup LDAP_P(( LDAP_CONST char *s, ber_len_t l )); LBER_F( struct berval * ) ber_bvreplace LDAP_P(( struct berval *dst, LDAP_CONST struct berval *src )); LBER_F( void ) ber_bvarray_free LDAP_P(( BerVarray p )); LBER_F( int ) ber_bvarray_add LDAP_P(( BerVarray *p, BerValue *bv )); #define ber_bvcmp(v1,v2) \ ((v1)->bv_len < (v2)->bv_len \ ? -1 : ((v1)->bv_len > (v2)->bv_len \ ? 1 : memcmp((v1)->bv_val, (v2)->bv_val, (v1)->bv_len) )) /* * error.c */ LBER_F( int * ) ber_errno_addr LDAP_P((void)); #define ber_errno (*(ber_errno_addr)()) #define LBER_ERROR_NONE 0 #define LBER_ERROR_PARAM 0x1 #define LBER_ERROR_MEMORY 0x2 LDAP_END_DECL #endif /* _LBER_H */ openldap-2.5.16+dfsg/include/ac/0000755000175000017500000000000014461774414015712 5ustar sergiosergioopenldap-2.5.16+dfsg/include/ac/alloca.h0000644000175000017500000000177614461774414017331 0ustar sergiosergio/* Generic alloca.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_ALLOCA_H #define _AC_ALLOCA_H /* * use of alloca is disallowed as it is machine dependent */ #error "alloca() not supported, use malloc()" /* AIX requires this to be the first thing in the file. */ #ifdef __GNUC__ # define alloca __builtin_alloca #else # ifdef HAVE_ALLOCA_H # include # else # ifdef _AIX #pragma alloca # else # ifndef alloca /* predefined by HP cc +Olibcalls */ extern char *(alloca)(); # endif # endif # endif #endif #endif /* _AC_ALLOCA_H */ openldap-2.5.16+dfsg/include/ac/unistd.h0000644000175000017500000000334014461774414017371 0ustar sergiosergio/* Generic unistd.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_UNISTD_H #define _AC_UNISTD_H #ifdef HAVE_SYS_TYPES_H # include #endif #ifdef HAVE_UNISTD_H # include #endif #ifdef HAVE_PROCESS_H # include #endif /* note: callers of crypt(3) should include */ #if defined(HAVE_GETPASSPHRASE) LDAP_LIBC_F(char*)(getpassphrase)(); #else #define getpassphrase(p) lutil_getpass(p) LDAP_LUTIL_F(char*)(lutil_getpass) LDAP_P((const char *getpass)); #endif /* getopt() defines may be in separate include file */ #ifdef HAVE_GETOPT_H # include #elif !defined(HAVE_GETOPT) /* no getopt, assume we need getopt-compat.h */ # include #else /* assume we need to declare these externs */ LDAP_LIBC_V (char *) optarg; LDAP_LIBC_V (int) optind, opterr, optopt; #endif /* use lutil file locking */ #define ldap_lockf(x) lutil_lockf(x) #define ldap_unlockf(x) lutil_unlockf(x) #include /* * Windows: although sleep() will be resolved by both MSVC and Mingw GCC * linkers, the function is not declared in header files. This is * because Windows' version of the function is called _sleep(), and it * is declared in stdlib.h */ #ifdef _WIN32 #define sleep _sleep #endif #endif /* _AC_UNISTD_H */ openldap-2.5.16+dfsg/include/ac/regex.h0000644000175000017500000000176014461774414017201 0ustar sergiosergio/* Generic Regex */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_REGEX_H_ #define _AC_REGEX_H_ #ifdef HAVE_SYS_TYPES_H #include #endif #ifndef HAVE_REGEX_H /* NO POSIX REGEX!! * You'll need to install a POSIX compatible REGEX library. * Either Henry Spencer's or GNU regex will do. */ #error "No POSIX REGEX available." #elif HAVE_GNUREGEX_H /* system has GNU gnuregex.h */ # include #else /* have regex.h, assume it's POSIX compliant */ # include #endif /* regex.h */ #endif /* _AC_REGEX_H_ */ openldap-2.5.16+dfsg/include/ac/termios.h0000644000175000017500000000260614461774414017551 0ustar sergiosergio/* Generic termios.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_TERMIOS_H #define _AC_TERMIOS_H #ifdef HAVE_TERMIOS_H #include #ifdef GCWINSZ_IN_SYS_IOCTL #include #endif #define TERMIO_TYPE struct termios #define TERMFLAG_TYPE tcflag_t #define GETATTR( fd, tiop ) tcgetattr((fd), (tiop)) #define SETATTR( fd, tiop ) tcsetattr((fd), TCSANOW /* 0 */, (tiop)) #define GETFLAGS( tio ) ((tio).c_lflag) #define SETFLAGS( tio, flags ) ((tio).c_lflag = (flags)) #elif defined( HAVE_SGTTY_H ) #include #ifdef HAVE_SYS_IOCTL_H #include #endif #define TERMIO_TYPE struct sgttyb #define TERMFLAG_TYPE int #define GETATTR( fd, tiop ) ioctl((fd), TIOCGETP, (caddr_t)(tiop)) #define SETATTR( fd, tiop ) ioctl((fd), TIOCSETP, (caddr_t)(tiop)) #define GETFLAGS( tio ) ((tio).sg_flags) #define SETFLAGS( tio, flags ) ((tio).sg_flags = (flags)) #endif /* HAVE_SGTTY_H */ #endif /* _AC_TERMIOS_H */ openldap-2.5.16+dfsg/include/ac/errno.h0000644000175000017500000000156714461774414017221 0ustar sergiosergio/* Generic errno.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_ERRNO_H #define _AC_ERRNO_H #if defined( HAVE_ERRNO_H ) # include #elif defined( HAVE_SYS_ERRNO_H ) # include #endif #if defined( HAVE_SYS_ERRLIST ) && defined( DECL_SYS_ERRLIST ) /* have sys_errlist but need declaration */ LDAP_LIBC_V(int) sys_nerr; LDAP_LIBC_V(char) *sys_errlist[]; #endif #endif /* _AC_ERRNO_H */ openldap-2.5.16+dfsg/include/ac/param.h0000644000175000017500000000157214461774414017170 0ustar sergiosergio/* Generic param.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_PARAM_H #define _AC_PARAM_H #ifdef HAVE_SYS_PARAM_H #include #endif /* MAXPATHLEN should come from */ #include #ifndef MAXPATHLEN # if defined(PATH_MAX) # define MAXPATHLEN PATH_MAX # elif defined(_MAX_PATH) # define MAXPATHLEN _MAX_PATH # else # define MAXPATHLEN 4096 # endif #endif #endif /* _AC_PARAM_H */ openldap-2.5.16+dfsg/include/ac/crypt.h0000644000175000017500000000135114461774414017224 0ustar sergiosergio/* Generic crypt.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_CRYPT_H #define _AC_CRYPT_H #include /* crypt() may be defined in a separate include file */ #ifdef HAVE_CRYPT_H # include #else extern char *(crypt)(); #endif #endif /* _AC_CRYPT_H */ openldap-2.5.16+dfsg/include/ac/signal.h0000644000175000017500000000365114461774414017345 0ustar sergiosergio/* Generic signal.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_SIGNAL_H #define _AC_SIGNAL_H #include #undef SIGNAL #if defined( HAVE_SIGACTION ) #define SIGNAL lutil_sigaction typedef void (*lutil_sig_t)(int); LDAP_LUTIL_F(lutil_sig_t) lutil_sigaction( int sig, lutil_sig_t func ); #define SIGNAL_REINSTALL(sig,act) (void)0 #elif defined( HAVE_SIGSET ) #define SIGNAL sigset #define SIGNAL_REINSTALL sigset #else #define SIGNAL signal #define SIGNAL_REINSTALL signal #endif #if !defined( LDAP_SIGUSR1 ) || !defined( LDAP_SIGUSR2 ) #undef LDAP_SIGUSR1 #undef LDAP_SIGUSR2 # if defined(WINNT) || defined(_WINNT) || defined(_WIN32) # define LDAP_SIGUSR1 SIGILL # define LDAP_SIGUSR2 SIGTERM # elif !defined(HAVE_LINUX_THREADS) # define LDAP_SIGUSR1 SIGUSR1 # define LDAP_SIGUSR2 SIGUSR2 # else /* * Some versions of LinuxThreads unfortunately uses the only * two signals reserved for user applications. This forces * OpenLDAP to use other signals reserved for other uses. */ # if defined( SIGSTKFLT ) # define LDAP_SIGUSR1 SIGSTKFLT # elif defined ( SIGSYS ) # define LDAP_SIGUSR1 SIGSYS # endif # if defined( SIGUNUSED ) # define LDAP_SIGUSR2 SIGUNUSED # elif defined ( SIGINFO ) # define LDAP_SIGUSR2 SIGINFO # elif defined ( SIGEMT ) # define LDAP_SIGUSR2 SIGEMT # endif # endif #endif #ifndef LDAP_SIGCHLD #ifdef SIGCHLD #define LDAP_SIGCHLD SIGCHLD #elif SIGCLD #define LDAP_SIGCHLD SIGCLD #endif #endif #endif /* _AC_SIGNAL_H */ openldap-2.5.16+dfsg/include/ac/string.h0000644000175000017500000000630514461774414017375 0ustar sergiosergio/* Generic string.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_STRING_H #define _AC_STRING_H #ifdef STDC_HEADERS # include #else # ifdef HAVE_STRING_H # include # endif # if defined(HAVE_STRINGS_H) && (!defined(HAVE_STRING_H) || defined(BOTH_STRINGS_H)) # include # endif # ifdef HAVE_MEMORY_H # include # endif # ifndef HAVE_STRRCHR # undef strchr # define strchr index # undef strrchr # define strrchr rindex # endif # ifndef HAVE_MEMCPY # undef memcpy # define memcpy(d, s, n) ((void) bcopy ((s), (d), (n))) # undef memmove # define memmove(d, s, n) ((void) bcopy ((s), (d), (n))) # endif #endif /* use ldap_pvt_strtok instead of strtok or strtok_r! */ LDAP_F(char *) ldap_pvt_strtok LDAP_P(( char *str, const char *delim, char **pos )); #ifndef HAVE_STRDUP /* strdup() is missing, declare our own version */ # undef strdup # define strdup(s) ber_strdup(s) #elif !defined(_WIN32) /* some systems fail to declare strdup */ /* Windows does not require this declaration */ LDAP_LIBC_F(char *) (strdup)(); #endif /* * some systems fail to declare strcasecmp() and strncasecmp() * we need them declared so we can obtain pointers to them */ /* we don't want these declared for Windows or Mingw */ #ifndef _WIN32 int (strcasecmp)(); int (strncasecmp)(); #endif #ifndef SAFEMEMCPY # if defined( HAVE_MEMMOVE ) # define SAFEMEMCPY( d, s, n ) memmove((d), (s), (n)) # elif defined( HAVE_BCOPY ) # define SAFEMEMCPY( d, s, n ) bcopy((s), (d), (n)) # else /* nothing left but memcpy() */ # define SAFEMEMCPY( d, s, n ) memcpy((d), (s), (n)) # endif #endif #define AC_MEMCPY( d, s, n ) (SAFEMEMCPY((d),(s),(n))) #define AC_FMEMCPY( d, s, n ) do { \ if((n) == 1) *((char*)(d)) = *((char*)(s)); \ else AC_MEMCPY( (d), (s), (n) ); \ } while(0) #ifdef NEED_MEMCMP_REPLACEMENT int (lutil_memcmp)(const void *b1, const void *b2, size_t len); #define memcmp lutil_memcmp #endif void *(lutil_memrchr)(const void *b, int c, size_t n); /* GNU extension (glibc >= 2.1.91), only declared when defined(_GNU_SOURCE) */ #if defined(HAVE_MEMRCHR) && defined(_GNU_SOURCE) #define lutil_memrchr(b, c, n) memrchr(b, c, n) #endif /* ! HAVE_MEMRCHR */ #define STRLENOF(s) (sizeof(s)-1) #if defined( HAVE_NONPOSIX_STRERROR_R ) # define AC_STRERROR_R(e,b,l) (strerror_r((e), (b), (l))) #elif defined( HAVE_STRERROR_R ) # define AC_STRERROR_R(e,b,l) (strerror_r((e), (b), (l)) == 0 ? (b) : "Unknown error") #elif defined( HAVE_SYS_ERRLIST ) # define AC_STRERROR_R(e,b,l) ((e) > -1 && (e) < sys_nerr \ ? sys_errlist[(e)] : "Unknown error" ) #elif defined( HAVE_STRERROR ) # define AC_STRERROR_R(e,b,l) (strerror(e)) /* NOTE: may be NULL */ #else # define AC_STRERROR_R(e,b,l) ("Unknown error") #endif #endif /* _AC_STRING_H */ openldap-2.5.16+dfsg/include/ac/stdarg.h0000644000175000017500000000130614461774414017347 0ustar sergiosergio/* Generic stdarg.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_STDARG_H #define _AC_STDARG_H 1 /* require STDC variable argument support */ #include #ifndef HAVE_STDARG # define HAVE_STDARG 1 #endif #endif /* _AC_STDARG_H */ openldap-2.5.16+dfsg/include/ac/ctype.h0000644000175000017500000000150614461774414017211 0ustar sergiosergio/* Generic ctype.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_CTYPE_H #define _AC_CTYPE_H #include #undef TOUPPER #undef TOLOWER #ifdef C_UPPER_LOWER # define TOUPPER(c) (islower(c) ? toupper(c) : (c)) # define TOLOWER(c) (isupper(c) ? tolower(c) : (c)) #else # define TOUPPER(c) toupper(c) # define TOLOWER(c) tolower(c) #endif #endif /* _AC_CTYPE_H */ openldap-2.5.16+dfsg/include/ac/sysexits.h0000644000175000017500000000126114461774414017756 0ustar sergiosergio/* Generic sysexits */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_SYSEXITS_H_ #define _AC_SYSEXITS_H_ #ifdef HAVE_SYSEXITS_H # include #else # include #endif #endif /* _AC_SYSEXITS_H_ */ openldap-2.5.16+dfsg/include/ac/localize.h0000644000175000017500000000224214461774414017665 0ustar sergiosergio/* localize.h (i18n/l10n) */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_LOCALIZE_H #define _AC_LOCALIZE_H #ifdef LDAP_LOCALIZE # include # include /* enable i18n/l10n */ # define gettext_noop(s) s # define _(s) gettext(s) # define N_(s) gettext_noop(s) # define ldap_pvt_setlocale(c,l) ((void) setlocale(c, l)) # define ldap_pvt_textdomain(d) ((void) textdomain(d)) # define ldap_pvt_bindtextdomain(p,d) ((void) bindtextdomain(p, d)) #else /* disable i18n/l10n */ # define _(s) s # define N_(s) s # define ldap_pvt_setlocale(c,l) ((void) 0) # define ldap_pvt_textdomain(d) ((void) 0) # define ldap_pvt_bindtextdomain(p,d) ((void) 0) #endif #endif /* _AC_LOCALIZE_H */ openldap-2.5.16+dfsg/include/ac/syslog.h0000644000175000017500000000210114461774414017375 0ustar sergiosergio/* Generic syslog.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_SYSLOG_H_ #define _AC_SYSLOG_H_ #if defined( HAVE_SYSLOG_H ) #include #elif defined ( HAVE_SYS_SYSLOG_H ) #include #endif #if defined( LOG_NDELAY ) && defined( LOG_NOWAIT ) # define OPENLOG_OPTIONS ( LOG_PID | LOG_NDELAY | LOG_NOWAIT ) #elif defined( LOG_NDELAY ) # define OPENLOG_OPTIONS ( LOG_PID | LOG_NDELAY ) #elif defined( LOG_NOWAIT ) # define OPENLOG_OPTIONS ( LOG_PID | LOG_NOWAIT ) #elif defined( LOG_PID ) # define OPENLOG_OPTIONS ( LOG_PID ) #else # define OPENLOG_OPTIONS ( 0 ) #endif #endif /* _AC_SYSLOG_H_ */ openldap-2.5.16+dfsg/include/ac/bytes.h0000644000175000017500000000401514461774414017211 0ustar sergiosergio/* Generic bytes.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_BYTES_H #define _AC_BYTES_H /* cross compilers should define both AC_INT{2,4}_TYPE in CPPFLAGS */ #if !defined( AC_INT4_TYPE ) /* use autoconf defines to provide sized typedefs */ # if SIZEOF_LONG == 4 # define AC_INT4_TYPE long # elif SIZEOF_INT == 4 # define AC_INT4_TYPE int # elif SIZEOF_SHORT == 4 # define AC_INT4_TYPE short # else # error "AC_INT4_TYPE?" # endif #endif typedef AC_INT4_TYPE ac_int4; typedef signed AC_INT4_TYPE ac_sint4; typedef unsigned AC_INT4_TYPE ac_uint4; #if !defined( AC_INT2_TYPE ) # if SIZEOF_SHORT == 2 # define AC_INT2_TYPE short # elif SIZEOF_INT == 2 # define AC_INT2_TYPE int # elif SIZEOF_LONG == 2 # define AC_INT2_TYPE long # else # error "AC_INT2_TYPE?" # endif #endif #if defined( AC_INT2_TYPE ) typedef AC_INT2_TYPE ac_int2; typedef signed AC_INT2_TYPE ac_sint2; typedef unsigned AC_INT2_TYPE ac_uint2; #endif #ifndef BYTE_ORDER /* cross compilers should define BYTE_ORDER in CPPFLAGS */ /* * Definitions for byte order, according to byte significance from low * address to high. */ #define LITTLE_ENDIAN 1234 /* LSB first: i386, vax */ #define BIG_ENDIAN 4321 /* MSB first: 68000, ibm, net */ #define PDP_ENDIAN 3412 /* LSB first in word, MSW first in long */ /* assume autoconf's AC_C_BIGENDIAN has been ran */ /* if it hasn't, we assume (maybe falsely) the order is LITTLE ENDIAN */ # ifdef WORDS_BIGENDIAN # define BYTE_ORDER BIG_ENDIAN # else # define BYTE_ORDER LITTLE_ENDIAN # endif #endif /* BYTE_ORDER */ #endif /* _AC_BYTES_H */ openldap-2.5.16+dfsg/include/ac/time.h0000644000175000017500000000161714461774414017026 0ustar sergiosergio/* Generic time.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_TIME_H #define _AC_TIME_H #ifdef TIME_WITH_SYS_TIME # include # include #elif defined(HAVE_SYS_TIME_H) # include # ifdef HAVE_SYS_TIMEB_H # include # endif #else # include #endif #if defined(_WIN32) && !defined(HAVE_CLOCK_GETTIME) struct timespec { time_t tv_sec; int tv_nsec; }; #endif #endif /* _AC_TIME_H */ openldap-2.5.16+dfsg/include/ac/assert.h0000644000175000017500000000261314461774414017366 0ustar sergiosergio/* Generic assert.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_ASSERT_H #define _AC_ASSERT_H #undef assert #ifdef LDAP_DEBUG #if defined( HAVE_ASSERT_H ) || defined( STDC_HEADERS ) #undef NDEBUG #include #else /* !(HAVE_ASSERT_H || STDC_HEADERS) */ #define LDAP_NEED_ASSERT 1 /* * no assert()... must be a very old compiler. * create a replacement and hope it works */ LBER_F (void) ber_pvt_assert LDAP_P(( const char *file, int line, const char *test )); /* Can't use LDAP_STRING(test), that'd expand to "test" */ #if defined(__STDC__) || defined(__cplusplus) #define assert(test) \ ((test) ? (void)0 : ber_pvt_assert( __FILE__, __LINE__, #test ) ) #else #define assert(test) \ ((test) ? (void)0 : ber_pvt_assert( __FILE__, __LINE__, "test" ) ) #endif #endif /* (HAVE_ASSERT_H || STDC_HEADERS) */ #else /* !LDAP_DEBUG */ /* no asserts */ #define assert(test) ((void)0) #endif /* LDAP_DEBUG */ #endif /* _AC_ASSERT_H */ openldap-2.5.16+dfsg/include/ac/fdset.h0000644000175000017500000000214314461774414017170 0ustar sergiosergio/* redefine FD_SET */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* * This header is to be included by portable.h to ensure * tweaking of FD_SETSIZE is done early enough to be effective. */ #ifndef _AC_FDSET_H #define _AC_FDSET_H #if !defined( OPENLDAP_FD_SETSIZE ) && !defined( FD_SETSIZE ) # define OPENLDAP_FD_SETSIZE 4096 #endif #ifdef OPENLDAP_FD_SETSIZE /* assume installer desires to enlarge fd_set */ # ifdef HAVE_BITS_TYPES_H # include # endif # ifdef __FD_SETSIZE # undef __FD_SETSIZE # define __FD_SETSIZE OPENLDAP_FD_SETSIZE # else # define FD_SETSIZE OPENLDAP_FD_SETSIZE # endif #endif #endif /* _AC_FDSET_H */ openldap-2.5.16+dfsg/include/ac/stdlib.h0000644000175000017500000000206414461774414017346 0ustar sergiosergio/* Generic stdlib.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_STDLIB_H #define _AC_STDLIB_H #if defined( HAVE_CSRIMALLOC ) #include #define MALLOC_TRACE #include #endif #include /* Ignore malloc.h if we have STDC_HEADERS */ #if defined(HAVE_MALLOC_H) && !defined(STDC_HEADERS) # include #endif #ifndef EXIT_SUCCESS # define EXIT_SUCCESS 0 # define EXIT_FAILURE 1 #endif #ifdef HAVE_LIMITS_H #include #endif #if defined(LINE_MAX) # define AC_LINE_MAX LINE_MAX #else # define AC_LINE_MAX 2048 /* POSIX MIN */ #endif #endif /* _AC_STDLIB_H */ openldap-2.5.16+dfsg/include/ac/socket.h0000644000175000017500000001446414461774414017364 0ustar sergiosergio/* Generic socket.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_SOCKET_H_ #define _AC_SOCKET_H_ #ifdef HAVE_SYS_TYPES_H #include #endif #ifdef HAVE_POLL_H #include #elif defined(HAVE_SYS_POLL_H) #include #endif #ifdef HAVE_SYS_SOCKET_H #include #ifdef HAVE_SYS_UN_H #include #endif #ifdef HAVE_SYS_SELECT_H #include #endif #include #ifdef HAVE_NETINET_TCP_H #include #endif #ifdef HAVE_ARPA_INET_H #include #endif #ifdef HAVE_ARPA_NAMESER_H #include #endif #include #ifdef HAVE_RESOLV_H #include #endif #endif /* HAVE_SYS_SOCKET_H */ #ifdef HAVE_WINSOCK2 #include #include #elif defined(HAVE_WINSOCK) #include #endif #ifdef HAVE_PCNFS #include #endif /* HAVE_PCNFS */ #ifndef INADDR_LOOPBACK #define INADDR_LOOPBACK (0x7f000001UL) #endif #ifndef MAXHOSTNAMELEN #define MAXHOSTNAMELEN 64 #endif #undef sock_errno #undef sock_errstr #define sock_errno() errno #define sock_errstr(e, b, l) AC_STRERROR_R(e, b, l) #define sock_errset(e) ((void) (errno = (e))) #ifdef HAVE_WINSOCK # define tcp_read( s, buf, len ) recv( s, buf, len, 0 ) # define tcp_write( s, buf, len ) send( s, buf, len, 0 ) # define ioctl( s, c, a ) ioctlsocket( (s), (c), (a) ) # define ioctl_t u_long # define AC_SOCKET_INVALID ((unsigned int) -1) # ifdef SD_BOTH # define tcp_close( s ) (shutdown( s, SD_BOTH ), closesocket( s )) # else # define tcp_close( s ) closesocket( s ) # endif #define EWOULDBLOCK WSAEWOULDBLOCK #define EINPROGRESS WSAEINPROGRESS #define ETIMEDOUT WSAETIMEDOUT #undef sock_errno #undef sock_errstr #undef sock_errset #define sock_errno() WSAGetLastError() #define sock_errstr(e, b, l) ber_pvt_wsa_err2string(e) #define sock_errset(e) WSASetLastError(e) LBER_F( char * ) ber_pvt_wsa_err2string LDAP_P((int)); #elif defined(MACOS) # define tcp_close( s ) tcpclose( s ) # define tcp_read( s, buf, len ) tcpread( s, buf, len ) # define tcp_write( s, buf, len ) tcpwrite( s, buf, len ) #elif defined(HAVE_PCNFS) # define tcp_close( s ) close( s ) # define tcp_read( s, buf, len ) recv( s, buf, len, 0 ) # define tcp_write( s, buf, len ) send( s, buf, len, 0 ) #elif defined(HAVE_NCSA) # define tcp_close( s ) do { netclose( s ); netshut() } while(0) # define tcp_read( s, buf, len ) nread( s, buf, len ) # define tcp_write( s, buf, len ) netwrite( s, buf, len ) #elif defined(HAVE_CLOSESOCKET) # define tcp_close( s ) closesocket( s ) # ifdef __BEOS__ # define tcp_read( s, buf, len ) recv( s, buf, len, 0 ) # define tcp_write( s, buf, len ) send( s, buf, len, 0 ) # endif #else # define tcp_read( s, buf, len) read( s, buf, len ) # define tcp_write( s, buf, len) write( s, buf, len ) # ifdef SHUT_RDWR # define tcp_close( s ) (shutdown( s, SHUT_RDWR ), close( s )) # else # define tcp_close( s ) close( s ) # endif #ifdef HAVE_PIPE /* * Only use pipe() on systems where file and socket descriptors * are interchangeable */ # define USE_PIPE HAVE_PIPE #endif #endif /* MACOS */ #ifndef ioctl_t # define ioctl_t int #endif #ifndef AC_SOCKET_INVALID # define AC_SOCKET_INVALID (-1) #endif #ifndef AC_SOCKET_ERROR # define AC_SOCKET_ERROR (-1) #endif #if !defined( HAVE_INET_ATON ) && !defined( inet_aton ) # define inet_aton ldap_pvt_inet_aton struct in_addr; LDAP_F (int) ldap_pvt_inet_aton LDAP_P(( const char *, struct in_addr * )); #endif #if defined(__WIN32) && defined(_ALPHA) /* NT on Alpha is hosed. */ # define AC_HTONL( l ) \ ((((l)&0xffU)<<24) + (((l)&0xff00U)<<8) + \ (((l)&0xff0000U)>>8) + (((l)&0xff000000U)>>24)) # define AC_NTOHL(l) AC_HTONL(l) #else # define AC_HTONL( l ) htonl( l ) # define AC_NTOHL( l ) ntohl( l ) #endif /* htons()/ntohs() may be broken much like htonl()/ntohl() */ #define AC_HTONS( s ) htons( s ) #define AC_NTOHS( s ) ntohs( s ) #ifdef LDAP_PF_LOCAL # if !defined( AF_LOCAL ) && defined( AF_UNIX ) # define AF_LOCAL AF_UNIX # endif # if !defined( PF_LOCAL ) && defined( PF_UNIX ) # define PF_LOCAL PF_UNIX # endif #endif #ifndef INET_ADDRSTRLEN # define INET_ADDRSTRLEN 16 #endif #ifndef INET6_ADDRSTRLEN # define INET6_ADDRSTRLEN 46 #endif #if defined( HAVE_GETADDRINFO ) || defined( HAVE_GETNAMEINFO ) # ifdef HAVE_GAI_STRERROR # define AC_GAI_STRERROR(x) (gai_strerror((x))) # else # define AC_GAI_STRERROR(x) (ldap_pvt_gai_strerror((x))) LDAP_F (char *) ldap_pvt_gai_strerror( int ); # endif #endif #if defined(LDAP_PF_LOCAL) && \ !defined(HAVE_GETPEEREID) && \ !defined(HAVE_GETPEERUCRED) && \ !defined(SO_PEERCRED) && !defined(LOCAL_PEERCRED) && \ defined(HAVE_SENDMSG) && (defined(HAVE_STRUCT_MSGHDR_MSG_ACCRIGHTSLEN) || \ defined(HAVE_STRUCT_MSGHDR_MSG_CONTROL)) # define LDAP_PF_LOCAL_SENDMSG 1 #endif #ifdef HAVE_GETPEEREID #define LUTIL_GETPEEREID( s, uid, gid, bv ) getpeereid( s, uid, gid ) #elif defined(LDAP_PF_LOCAL_SENDMSG) struct berval; LDAP_LUTIL_F( int ) lutil_getpeereid( int s, uid_t *, gid_t *, struct berval *bv ); #define LUTIL_GETPEEREID( s, uid, gid, bv ) lutil_getpeereid( s, uid, gid, bv ) #else LDAP_LUTIL_F( int ) lutil_getpeereid( int s, uid_t *, gid_t * ); #define LUTIL_GETPEEREID( s, uid, gid, bv ) lutil_getpeereid( s, uid, gid ) #endif typedef union Sockaddr { struct sockaddr sa_addr; struct sockaddr_in sa_in_addr; #ifdef LDAP_PF_INET6 struct sockaddr_storage sa_storage; struct sockaddr_in6 sa_in6_addr; #endif #ifdef LDAP_PF_LOCAL struct sockaddr_un sa_un_addr; #endif } Sockaddr; /* DNS RFC defines max host name as 255. New systems seem to use 1024 */ #ifndef NI_MAXHOST #define NI_MAXHOST 256 #endif #ifdef HAVE_POLL # ifndef INFTIM # define INFTIM (-1) # endif #undef POLL_OTHER #define POLL_OTHER (POLLERR|POLLHUP) #undef POLL_READ #define POLL_READ (POLLIN|POLLPRI|POLL_OTHER) #undef POLL_WRITE #define POLL_WRITE (POLLOUT|POLL_OTHER) #endif #endif /* _AC_SOCKET_H_ */ openldap-2.5.16+dfsg/include/ac/wait.h0000644000175000017500000000256314461774414017035 0ustar sergiosergio/* Generic wait.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_WAIT_H #define _AC_WAIT_H #include #ifdef HAVE_SYS_WAIT_H # include #endif #define LDAP_HI(s) (((s) >> 8) & 0377) #define LDAP_LO(s) ((s) & 0377) /* These should work on non-POSIX UNIX platforms, all bets on off on non-POSIX non-UNIX platforms... */ #ifndef WIFEXITED # define WIFEXITED(s) (LDAP_LO(s) == 0) #endif #ifndef WEXITSTATUS # define WEXITSTATUS(s) LDAP_HI(s) #endif #ifndef WIFSIGNALED # define WIFSIGNALED(s) (LDAP_LO(s) > 0 && LDAP_HI(s) == 0) #endif #ifndef WTERMSIG # define WTERMSIG(s) (LDAP_LO(s) & 0177) #endif #ifndef WIFSTOPPED # define WIFSTOPPED(s) (LDAP_LO(s) == 0177 && LDAP_HI(s) != 0) #endif #ifndef WSTOPSIG # define WSTOPSIG(s) LDAP_HI(s) #endif #ifdef WCONTINUED # define WAIT_FLAGS ( WNOHANG | WUNTRACED | WCONTINUED ) #else # define WAIT_FLAGS ( WNOHANG | WUNTRACED ) #endif #endif /* _AC_WAIT_H */ openldap-2.5.16+dfsg/include/ac/dirent.h0000644000175000017500000000231614461774414017352 0ustar sergiosergio/* Generic dirent.h */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _AC_DIRENT_H #define _AC_DIRENT_H #ifdef HAVE_DIRENT_H # include # define NAMLEN(dirent) strlen((dirent)->d_name) #elif defined(_MSC_VER) #include #ifndef MAX_PATH #define MAX_PATH 260 #endif struct dirent { char *d_name; }; typedef struct DIR { HANDLE dir; struct dirent data; int first; char buf[MAX_PATH+1]; } DIR; DIR *opendir(const char *name); struct dirent *readdir(DIR *dir); int closedir(DIR *dir); #else # define dirent direct # define NAMLEN(dirent) (dirent)->d_namlen # ifdef HAVE_SYS_NDIR_H # include # endif # ifdef HAVE_SYS_DIR_H # include # endif # ifdef HAVE_NDIR_H # include # endif #endif #endif /* _AC_DIRENT_H */ openldap-2.5.16+dfsg/include/lutil_ldap.h0000644000175000017500000000177214461774414017640 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _LUTIL_LDAP_H #define _LUTIL_LDAP_H 1 #include #include /* * Include file for lutil LDAP routines */ LDAP_BEGIN_DECL LDAP_LUTIL_F( void ) lutil_sasl_freedefs LDAP_P(( void *defaults )); LDAP_LUTIL_F( void * ) lutil_sasl_defaults LDAP_P(( LDAP *ld, char *mech, char *realm, char *authcid, char *passwd, char *authzid )); LDAP_LUTIL_F( int ) lutil_sasl_interact LDAP_P(( LDAP *ld, unsigned flags, void *defaults, void *p )); LDAP_END_DECL #endif /* _LUTIL_LDAP_H */ openldap-2.5.16+dfsg/include/ldap_avl.h0000644000175000017500000001024614461774414017265 0ustar sergiosergio/* ldap_avl.h - avl tree definitions */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Portions Copyright (c) 1993 Regents of the University of Michigan. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and that due credit is given * to the University of Michigan at Ann Arbor. The name of the University * may not be used to endorse or promote products derived from this * software without specific prior written permission. This software * is provided ``as is'' without express or implied warranty. */ #ifndef _AVL #define _AVL #include /* * this structure represents a generic avl tree node. */ LDAP_BEGIN_DECL typedef struct avlnode Avlnode; struct avlnode { void* avl_data; struct avlnode *avl_link[2]; char avl_bits[2]; signed char avl_bf; }; #define avl_left avl_link[0] #define avl_right avl_link[1] #define avl_lbit avl_bits[0] #define avl_rbit avl_bits[1] typedef struct tavlnode TAvlnode; struct tavlnode { void* avl_data; struct tavlnode *avl_link[2]; char avl_bits[2]; signed char avl_bf; }; #ifdef AVL_INTERNAL /* balance factor values */ #define LH (-1) #define EH 0 #define RH 1 #define avl_bf2str(bf) ((bf) == -1 ? "LH" : (bf) == 0 ? "EH" : (bf) == 1 ? "RH" : "(unknown)" ) /* thread bits */ #define AVL_CHILD 0 #define AVL_THREAD 1 /* avl routines */ #define ldap_avl_getone(x) ((x) == 0 ? 0 : (x)->avl_data) #define ldap_avl_onenode(x) ((x) == 0 || ((x)->avl_left == 0 && (x)->avl_right == 0)) #endif /* AVL_INTERNALS */ #define ldap_avl_child(x,dir) ((x)->avl_bits[dir]) == AVL_CHILD ? \ (x)->avl_link[dir] : NULL #define ldap_avl_lchild(x) ldap_avl_child(x,0) #define ldap_avl_rchild(x) ldap_avl_child(x,1) typedef int (*AVL_APPLY) LDAP_P((void *, void*)); typedef int (*AVL_CMP) LDAP_P((const void*, const void*)); typedef int (*AVL_DUP) LDAP_P((void*, void*)); typedef void (*AVL_FREE) LDAP_P((void*)); LDAP_AVL_F( int ) ldap_avl_free LDAP_P(( Avlnode *root, AVL_FREE dfree )); LDAP_AVL_F( int ) ldap_avl_insert LDAP_P((Avlnode **, void*, AVL_CMP, AVL_DUP)); LDAP_AVL_F( void* ) ldap_avl_delete LDAP_P((Avlnode **, void*, AVL_CMP)); LDAP_AVL_F( void* ) ldap_avl_find LDAP_P((Avlnode *, const void*, AVL_CMP)); LDAP_AVL_F( Avlnode* ) ldap_avl_find2 LDAP_P((Avlnode *, const void*, AVL_CMP)); LDAP_AVL_F( void* ) ldap_avl_find_lin LDAP_P((Avlnode *, const void*, AVL_CMP)); #ifdef AVL_NONREENTRANT LDAP_AVL_F( void* ) ldap_avl_getfirst LDAP_P((Avlnode *)); LDAP_AVL_F( void* ) ldap_avl_getnext LDAP_P((void)); #endif LDAP_AVL_F( int ) ldap_avl_dup_error LDAP_P((void*, void*)); LDAP_AVL_F( int ) ldap_avl_dup_ok LDAP_P((void*, void*)); LDAP_AVL_F( int ) ldap_avl_apply LDAP_P((Avlnode *, AVL_APPLY, void*, int, int)); LDAP_AVL_F( int ) ldap_avl_prefixapply LDAP_P((Avlnode *, void*, AVL_CMP, void*, AVL_CMP, void*, int)); LDAP_AVL_F( int ) ldap_tavl_free LDAP_P(( TAvlnode *root, AVL_FREE dfree )); LDAP_AVL_F( int ) ldap_tavl_insert LDAP_P((TAvlnode **, void*, AVL_CMP, AVL_DUP)); LDAP_AVL_F( void* ) ldap_tavl_delete LDAP_P((TAvlnode **, void*, AVL_CMP)); LDAP_AVL_F( void* ) ldap_tavl_find LDAP_P((TAvlnode *, const void*, AVL_CMP)); LDAP_AVL_F( TAvlnode* ) ldap_tavl_find2 LDAP_P((TAvlnode *, const void*, AVL_CMP)); LDAP_AVL_F( TAvlnode* ) ldap_tavl_find3 LDAP_P((TAvlnode *, const void*, AVL_CMP, int *ret)); #define TAVL_DIR_LEFT 0 #define TAVL_DIR_RIGHT 1 LDAP_AVL_F( TAvlnode* ) ldap_tavl_end LDAP_P((TAvlnode *, int direction)); LDAP_AVL_F( TAvlnode* ) ldap_tavl_next LDAP_P((TAvlnode *, int direction)); /* apply traversal types */ #define AVL_PREORDER 1 #define AVL_INORDER 2 #define AVL_POSTORDER 3 /* what apply returns if it ran out of nodes */ #define AVL_NOMORE (-6) LDAP_END_DECL #endif /* _AVL */ openldap-2.5.16+dfsg/include/rewrite.h0000644000175000017500000001600714461774414017165 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 2000-2022 The OpenLDAP Foundation. * Portions Copyright 2000-2003 Pierangelo Masarati. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* ACKNOWLEDGEMENT: * This work was initially developed by Pierangelo Masarati for * inclusion in OpenLDAP Software. */ #ifndef REWRITE_H #define REWRITE_H /* * Default rewrite context */ #define REWRITE_DEFAULT_CONTEXT "default" /* * Rewrite engine states */ #define REWRITE_OFF 0x0000 #define REWRITE_ON 0x0001 #define REWRITE_DEFAULT REWRITE_OFF /* * Rewrite internal status returns */ #define REWRITE_SUCCESS LDAP_SUCCESS #define REWRITE_ERR LDAP_OTHER /* * Rewrite modes (input values for rewrite_info_init); determine the * behavior in case a null or non existent context is required: * * REWRITE_MODE_ERR error * REWRITE_MODE_OK no error but no rewrite * REWRITE_MODE_COPY_INPUT a copy of the input is returned * REWRITE_MODE_USE_DEFAULT the default context is used. */ #define REWRITE_MODE_ERR 0x0010 #define REWRITE_MODE_OK 0x0011 #define REWRITE_MODE_COPY_INPUT 0x0012 #define REWRITE_MODE_USE_DEFAULT 0x0013 /* * Rewrite status returns * * REWRITE_REGEXEC_OK success (result may be empty in case * of no match) * REWRITE_REGEXEC_ERR error (internal error, * misconfiguration, map not working ...) * REWRITE_REGEXEC_STOP internal use; never returned * REWRITE_REGEXEC_UNWILLING the server should issue an 'unwilling * to perform' error */ #define REWRITE_REGEXEC_OK (0) #define REWRITE_REGEXEC_ERR (-1) #define REWRITE_REGEXEC_STOP (-2) #define REWRITE_REGEXEC_UNWILLING (-3) #define REWRITE_REGEXEC_USER (1) /* and above: LDAP errors */ /* * Rewrite variable flags * REWRITE_VAR_INSERT insert mode (default) when adding * a variable; if not set during value * update, the variable is not inserted * if not present * REWRITE_VAR_UPDATE update mode (default) when updating * a variable; if not set during insert, * the value is not updated if the * variable already exists * REWRITE_VAR_COPY_NAME copy the variable name; if not set, * the name is not copied; be sure the * referenced string is available for * the entire life scope of the variable. * REWRITE_VAR_COPY_VALUE copy the variable value; if not set, * the value is not copied; be sure the * referenced string is available for * the entire life scope of the variable. */ #define REWRITE_VAR_NONE 0x0000 #define REWRITE_VAR_INSERT 0x0001 #define REWRITE_VAR_UPDATE 0x0002 #define REWRITE_VAR_COPY_NAME 0x0004 #define REWRITE_VAR_COPY_VALUE 0x0008 /* * Rewrite info */ struct rewrite_info; struct berval; /* avoid include */ LDAP_BEGIN_DECL /* * Inits the info */ LDAP_REWRITE_F (struct rewrite_info *) rewrite_info_init( int mode ); /* * Cleans up the info structure */ LDAP_REWRITE_F (int) rewrite_info_delete( struct rewrite_info **info ); /* * Parses a config line and takes actions to fit content in rewrite structure; * lines handled are of the form: * * rewriteEngine {on|off} * rewriteMaxPasses numPasses * rewriteContext contextName [alias aliasedRewriteContex] * rewriteRule pattern substPattern [ruleFlags] * rewriteMap mapType mapName [mapArgs] * rewriteParam paramName paramValue */ LDAP_REWRITE_F (int) rewrite_parse( struct rewrite_info *info, const char *fname, int lineno, int argc, char **argv ); /* * process a config file that was already opened. Uses rewrite_parse. */ LDAP_REWRITE_F (int) rewrite_read( FILE *fin, struct rewrite_info *info ); /* * Rewrites a string according to context. * If the engine is off, OK is returned, but the return string will be NULL. * In case of 'unwilling to perform', UNWILLING is returned, and the * return string will also be null. The same in case of error. * Otherwise, OK is returned, and result will hold a newly allocated string * with the rewriting. * * What to do in case of non-existing rewrite context is still an issue. * Four possibilities: * - error, * - ok with NULL result, * - ok with copy of string as result, * - use the default rewrite context. */ LDAP_REWRITE_F (int) rewrite( struct rewrite_info *info, const char *rewriteContext, const char *string, char **result ); /* * Same as above; the cookie relates the rewrite to a session */ LDAP_REWRITE_F (int) rewrite_session( struct rewrite_info *info, const char *rewriteContext, const char *string, const void *cookie, char **result ); /* * Inits a session */ LDAP_REWRITE_F (struct rewrite_session *) rewrite_session_init( struct rewrite_info *info, const void *cookie ); /* * Defines and inits a variable with session scope */ LDAP_REWRITE_F (int) rewrite_session_var_set_f( struct rewrite_info *info, const void *cookie, const char *name, const char *value, int flags ); #define rewrite_session_var_set(info, cookie, name, value) \ rewrite_session_var_set_f((info), (cookie), (name), (value), \ REWRITE_VAR_INSERT|REWRITE_VAR_UPDATE|REWRITE_VAR_COPY_NAME|REWRITE_VAR_COPY_VALUE) /* * Deletes a session */ LDAP_REWRITE_F (int) rewrite_session_delete( struct rewrite_info *info, const void *cookie ); /* * Params */ /* * Defines and inits a variable with global scope */ LDAP_REWRITE_F (int) rewrite_param_set( struct rewrite_info *info, const char *name, const char *value ); /* * Gets a var with global scope */ LDAP_REWRITE_F (int) rewrite_param_get( struct rewrite_info *info, const char *name, struct berval *value ); /* * Destroys the parameter tree */ LDAP_REWRITE_F (int) rewrite_param_destroy( struct rewrite_info *info ); /* * Mapping implementations */ struct rewrite_mapper; typedef void * (rewrite_mapper_config)( const char *fname, int lineno, int argc, char **argv ); typedef int (rewrite_mapper_apply)( void *ctx, const char *arg, struct berval *retval ); typedef int (rewrite_mapper_destroy)( void *ctx ); typedef struct rewrite_mapper { char *rm_name; rewrite_mapper_config *rm_config; rewrite_mapper_apply *rm_apply; rewrite_mapper_destroy *rm_destroy; } rewrite_mapper; /* For dynamic loading and unloading of mappers */ LDAP_REWRITE_F (int) rewrite_mapper_register( const rewrite_mapper *map ); LDAP_REWRITE_F (int) rewrite_mapper_unregister( const rewrite_mapper *map ); LDAP_REWRITE_F (const rewrite_mapper *) rewrite_mapper_find( const char *name ); LDAP_END_DECL #endif /* REWRITE_H */ openldap-2.5.16+dfsg/include/lutil_sha1.h0000644000175000017500000000324314461774414017547 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* This version is based on: * $OpenBSD: sha1.h,v 1.8 1997/07/15 01:54:23 millert Exp $ */ #ifndef _LUTIL_SHA1_H_ #define _LUTIL_SHA1_H_ #include #include #ifdef AC_INT4_TYPE LDAP_BEGIN_DECL /* * SHA-1 in C * By Steve Reid */ #define LUTIL_SHA1_BYTES 20 /* This code assumes char are 8-bits and uint32 are 32-bits */ typedef ac_uint4 uint32; typedef struct { uint32 state[5]; uint32 count[2]; unsigned char buffer[64]; } lutil_SHA1_CTX; LDAP_LUTIL_F( void ) lutil_SHA1Transform LDAP_P((uint32 state[5], const unsigned char buffer[64])); LDAP_LUTIL_F( void ) lutil_SHA1Init LDAP_P((lutil_SHA1_CTX *context)); LDAP_LUTIL_F( void ) lutil_SHA1Update LDAP_P((lutil_SHA1_CTX *context, const unsigned char *data, uint32 len)); LDAP_LUTIL_F( void ) lutil_SHA1Final LDAP_P((unsigned char digest[20], lutil_SHA1_CTX *context)); LDAP_LUTIL_F( char * ) lutil_SHA1End LDAP_P((lutil_SHA1_CTX *, char *)); LDAP_LUTIL_F( char * ) lutil_SHA1File LDAP_P((char *, char *)); LDAP_LUTIL_F( char * ) lutil_SHA1Data LDAP_P((const unsigned char *, size_t, char *)); LDAP_END_DECL #endif /* AC_INT4_TYPE */ #endif /* _LUTIL_SHA1_H_ */ openldap-2.5.16+dfsg/include/ldap_queue.h0000644000175000017500000004767314461774414017645 0ustar sergiosergio/* ldap_queue.h -- queue macros */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 2001-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Copyright (c) 1991, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * @(#)queue.h 8.5 (Berkeley) 8/20/94 * $FreeBSD: src/sys/sys/queue.h,v 1.32.2.5 2001/09/30 21:12:54 luigi Exp $ * * See also: ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change */ /* ACKNOWLEDGEMENTS: * This work is derived from FreeBSD queue.h work. Adapted for use in * OpenLDAP Software by Kurt D. Zeilenga. */ #ifndef _LDAP_QUEUE_H_ #define _LDAP_QUEUE_H_ /* * This file defines five types of data structures: singly-linked lists, * singly-linked tail queues, lists, tail queues, and circular queues. * * A singly-linked list is headed by a single forward pointer. The elements * are singly linked for minimum space and pointer manipulation overhead at * the expense of O(n) removal for arbitrary elements. New elements can be * added to the list after an existing element or at the head of the list. * Elements being removed from the head of the list should use the explicit * macro for this purpose for optimum efficiency. A singly-linked list may * only be traversed in the forward direction. Singly-linked lists are ideal * for applications with large datasets and few or no removals or for * implementing a LIFO queue. * * A singly-linked tail queue is headed by a pair of pointers, one to the * head of the list and the other to the tail of the list. The elements are * singly linked for minimum space and pointer manipulation overhead at the * expense of O(n) removal for arbitrary elements. New elements can be added * to the list after an existing element, at the head of the list, or at the * end of the list. Elements being removed from the head of the tail queue * should use the explicit macro for this purpose for optimum efficiency. * A singly-linked tail queue may only be traversed in the forward direction. * Singly-linked tail queues are ideal for applications with large datasets * and few or no removals or for implementing a FIFO queue. * * A list is headed by a single forward pointer (or an array of forward * pointers for a hash table header). The elements are doubly linked * so that an arbitrary element can be removed without a need to * traverse the list. New elements can be added to the list before * or after an existing element or at the head of the list. A list * may only be traversed in the forward direction. * * A tail queue is headed by a pair of pointers, one to the head of the * list and the other to the tail of the list. The elements are doubly * linked so that an arbitrary element can be removed without a need to * traverse the list. New elements can be added to the list before or * after an existing element, at the head of the list, or at the end of * the list. A tail queue may be traversed in either direction. * * A circle queue is headed by a pair of pointers, one to the head of the * list and the other to the tail of the list. The elements are doubly * linked so that an arbitrary element can be removed without a need to * traverse the list. New elements can be added to the list before or after * an existing element, at the head of the list, or at the end of the list. * A circle queue may be traversed in either direction, but has a more * complex end of list detection. Also, it is possible to rotate the queue, * rejoining the ends and splitting it so that a given element becomes the * new head or tail. * * For details on the use of these macros, see the queue(3) manual page. * All macros are prefixed with LDAP_. * * SLIST_ LIST_ STAILQ_ TAILQ_ CIRCLEQ_ * _HEAD + + + + + * _ENTRY + + + + + * _INIT + + + + + * _ENTRY_INIT + + + + + * _EMPTY + + + + + * _FIRST + + + + + * _NEXT + + + + + * _PREV - - - + + * _LAST - - + + + * _FOREACH + + + + + * _FOREACH_REVERSE - - - + + * _INSERT_HEAD + + + + + * _INSERT_BEFORE - + - + + * _INSERT_AFTER + + + + + * _INSERT_TAIL - - + + + * _REMOVE_HEAD + - + - - * _REMOVE + + + + + * */ /* * Singly-linked List definitions. */ #define LDAP_SLIST_HEAD(name, type) \ struct name { \ struct type *slh_first; /* first element */ \ } #define LDAP_SLIST_HEAD_INITIALIZER(head) \ { NULL } #define LDAP_SLIST_ENTRY(type) \ struct { \ struct type *sle_next; /* next element */ \ } #define LDAP_SLIST_ENTRY_INITIALIZER(entry) \ { NULL } /* * Singly-linked List functions. */ #define LDAP_SLIST_EMPTY(head) ((head)->slh_first == NULL) #define LDAP_SLIST_FIRST(head) ((head)->slh_first) #define LDAP_SLIST_FOREACH(var, head, field) \ for((var) = (head)->slh_first; (var); (var) = (var)->field.sle_next) #define LDAP_SLIST_INIT(head) { \ (head)->slh_first = NULL; \ } #define LDAP_SLIST_ENTRY_INIT(var, field) { \ (var)->field.sle_next = NULL; \ } #define LDAP_SLIST_INSERT_AFTER(slistelm, elm, field) do { \ (elm)->field.sle_next = (slistelm)->field.sle_next; \ (slistelm)->field.sle_next = (elm); \ } while (0) #define LDAP_SLIST_INSERT_HEAD(head, elm, field) do { \ (elm)->field.sle_next = (head)->slh_first; \ (head)->slh_first = (elm); \ } while (0) #define LDAP_SLIST_NEXT(elm, field) ((elm)->field.sle_next) #define LDAP_SLIST_REMOVE_HEAD(head, field) do { \ (head)->slh_first = (head)->slh_first->field.sle_next; \ } while (0) #define LDAP_SLIST_REMOVE(head, elm, type, field) do { \ if ((head)->slh_first == (elm)) { \ LDAP_SLIST_REMOVE_HEAD((head), field); \ } \ else { \ struct type *curelm = (head)->slh_first; \ while( curelm->field.sle_next != (elm) ) \ curelm = curelm->field.sle_next; \ curelm->field.sle_next = \ curelm->field.sle_next->field.sle_next; \ } \ } while (0) /* * Singly-linked Tail queue definitions. */ #define LDAP_STAILQ_HEAD(name, type) \ struct name { \ struct type *stqh_first;/* first element */ \ struct type **stqh_last;/* addr of last next element */ \ } #define LDAP_STAILQ_HEAD_INITIALIZER(head) \ { NULL, &(head).stqh_first } #define LDAP_STAILQ_ENTRY(type) \ struct { \ struct type *stqe_next; /* next element */ \ } #define LDAP_STAILQ_ENTRY_INITIALIZER(entry) \ { NULL } /* * Singly-linked Tail queue functions. */ #define LDAP_STAILQ_EMPTY(head) ((head)->stqh_first == NULL) #define LDAP_STAILQ_INIT(head) do { \ (head)->stqh_first = NULL; \ (head)->stqh_last = &(head)->stqh_first; \ } while (0) #define LDAP_STAILQ_ENTRY_INIT(var, field) { \ (var)->field.stqe_next = NULL; \ } #define LDAP_STAILQ_FIRST(head) ((head)->stqh_first) #define LDAP_STAILQ_LAST(head, type, field) \ (LDAP_STAILQ_EMPTY(head) ? \ NULL : \ ((struct type *) \ ((char *)((head)->stqh_last) - offsetof(struct type, field)))) #define LDAP_STAILQ_FOREACH(var, head, field) \ for((var) = (head)->stqh_first; (var); (var) = (var)->field.stqe_next) #define LDAP_STAILQ_INSERT_HEAD(head, elm, field) do { \ if (((elm)->field.stqe_next = (head)->stqh_first) == NULL) \ (head)->stqh_last = &(elm)->field.stqe_next; \ (head)->stqh_first = (elm); \ } while (0) #define LDAP_STAILQ_INSERT_TAIL(head, elm, field) do { \ (elm)->field.stqe_next = NULL; \ *(head)->stqh_last = (elm); \ (head)->stqh_last = &(elm)->field.stqe_next; \ } while (0) #define LDAP_STAILQ_INSERT_AFTER(head, tqelm, elm, field) do { \ if (((elm)->field.stqe_next = (tqelm)->field.stqe_next) == NULL)\ (head)->stqh_last = &(elm)->field.stqe_next; \ (tqelm)->field.stqe_next = (elm); \ } while (0) #define LDAP_STAILQ_NEXT(elm, field) ((elm)->field.stqe_next) #define LDAP_STAILQ_REMOVE_HEAD(head, field) do { \ if (((head)->stqh_first = \ (head)->stqh_first->field.stqe_next) == NULL) \ (head)->stqh_last = &(head)->stqh_first; \ } while (0) #define LDAP_STAILQ_REMOVE_HEAD_UNTIL(head, elm, field) do { \ if (((head)->stqh_first = (elm)->field.stqe_next) == NULL) \ (head)->stqh_last = &(head)->stqh_first; \ } while (0) #define LDAP_STAILQ_REMOVE(head, elm, type, field) do { \ if ((head)->stqh_first == (elm)) { \ LDAP_STAILQ_REMOVE_HEAD(head, field); \ } \ else { \ struct type *curelm = (head)->stqh_first; \ while( curelm->field.stqe_next != (elm) ) \ curelm = curelm->field.stqe_next; \ if((curelm->field.stqe_next = \ curelm->field.stqe_next->field.stqe_next) == NULL) \ (head)->stqh_last = &(curelm)->field.stqe_next; \ } \ } while (0) /* * List definitions. */ #define LDAP_LIST_HEAD(name, type) \ struct name { \ struct type *lh_first; /* first element */ \ } #define LDAP_LIST_HEAD_INITIALIZER(head) \ { NULL } #define LDAP_LIST_ENTRY(type) \ struct { \ struct type *le_next; /* next element */ \ struct type **le_prev; /* address of previous next element */ \ } #define LDAP_LIST_ENTRY_INITIALIZER(entry) \ { NULL, NULL } /* * List functions. */ #define LDAP_LIST_EMPTY(head) ((head)->lh_first == NULL) #define LDAP_LIST_FIRST(head) ((head)->lh_first) #define LDAP_LIST_FOREACH(var, head, field) \ for((var) = (head)->lh_first; (var); (var) = (var)->field.le_next) #define LDAP_LIST_INIT(head) do { \ (head)->lh_first = NULL; \ } while (0) #define LDAP_LIST_ENTRY_INIT(var, field) do { \ (var)->field.le_next = NULL; \ (var)->field.le_prev = NULL; \ } while (0) #define LDAP_LIST_INSERT_AFTER(listelm, elm, field) do { \ if (((elm)->field.le_next = (listelm)->field.le_next) != NULL) \ (listelm)->field.le_next->field.le_prev = \ &(elm)->field.le_next; \ (listelm)->field.le_next = (elm); \ (elm)->field.le_prev = &(listelm)->field.le_next; \ } while (0) #define LDAP_LIST_INSERT_BEFORE(listelm, elm, field) do { \ (elm)->field.le_prev = (listelm)->field.le_prev; \ (elm)->field.le_next = (listelm); \ *(listelm)->field.le_prev = (elm); \ (listelm)->field.le_prev = &(elm)->field.le_next; \ } while (0) #define LDAP_LIST_INSERT_HEAD(head, elm, field) do { \ if (((elm)->field.le_next = (head)->lh_first) != NULL) \ (head)->lh_first->field.le_prev = &(elm)->field.le_next;\ (head)->lh_first = (elm); \ (elm)->field.le_prev = &(head)->lh_first; \ } while (0) #define LDAP_LIST_NEXT(elm, field) ((elm)->field.le_next) #define LDAP_LIST_REMOVE(elm, field) do { \ if ((elm)->field.le_next != NULL) \ (elm)->field.le_next->field.le_prev = \ (elm)->field.le_prev; \ *(elm)->field.le_prev = (elm)->field.le_next; \ } while (0) /* * Tail queue definitions. */ #define LDAP_TAILQ_HEAD(name, type) \ struct name { \ struct type *tqh_first; /* first element */ \ struct type **tqh_last; /* addr of last next element */ \ } #define LDAP_TAILQ_HEAD_INITIALIZER(head) \ { NULL, &(head).tqh_first } #define LDAP_TAILQ_ENTRY(type) \ struct { \ struct type *tqe_next; /* next element */ \ struct type **tqe_prev; /* address of previous next element */ \ } #define LDAP_TAILQ_ENTRY_INITIALIZER(entry) \ { NULL, NULL } /* * Tail queue functions. */ #define LDAP_TAILQ_EMPTY(head) ((head)->tqh_first == NULL) #define LDAP_TAILQ_FOREACH(var, head, field) \ for (var = LDAP_TAILQ_FIRST(head); var; var = LDAP_TAILQ_NEXT(var, field)) #define LDAP_TAILQ_FOREACH_REVERSE(var, head, headname, field) \ for ((var) = LDAP_TAILQ_LAST((head), headname); \ (var); \ (var) = LDAP_TAILQ_PREV((var), headname, field)) #define LDAP_TAILQ_FIRST(head) ((head)->tqh_first) #define LDAP_TAILQ_LAST(head, headname) \ (*(((struct headname *)((head)->tqh_last))->tqh_last)) #define LDAP_TAILQ_NEXT(elm, field) ((elm)->field.tqe_next) #define LDAP_TAILQ_PREV(elm, headname, field) \ (*(((struct headname *)((elm)->field.tqe_prev))->tqh_last)) #define LDAP_TAILQ_INIT(head) do { \ (head)->tqh_first = NULL; \ (head)->tqh_last = &(head)->tqh_first; \ } while (0) #define LDAP_TAILQ_ENTRY_INIT(var, field) do { \ (var)->field.tqe_next = NULL; \ (var)->field.tqe_prev = NULL; \ } while (0) #define LDAP_TAILQ_INSERT_HEAD(head, elm, field) do { \ if (((elm)->field.tqe_next = (head)->tqh_first) != NULL) \ (head)->tqh_first->field.tqe_prev = \ &(elm)->field.tqe_next; \ else \ (head)->tqh_last = &(elm)->field.tqe_next; \ (head)->tqh_first = (elm); \ (elm)->field.tqe_prev = &(head)->tqh_first; \ } while (0) #define LDAP_TAILQ_INSERT_TAIL(head, elm, field) do { \ (elm)->field.tqe_next = NULL; \ (elm)->field.tqe_prev = (head)->tqh_last; \ *(head)->tqh_last = (elm); \ (head)->tqh_last = &(elm)->field.tqe_next; \ } while (0) #define LDAP_TAILQ_INSERT_AFTER(head, listelm, elm, field) do { \ if (((elm)->field.tqe_next = (listelm)->field.tqe_next) != NULL)\ (elm)->field.tqe_next->field.tqe_prev = \ &(elm)->field.tqe_next; \ else \ (head)->tqh_last = &(elm)->field.tqe_next; \ (listelm)->field.tqe_next = (elm); \ (elm)->field.tqe_prev = &(listelm)->field.tqe_next; \ } while (0) #define LDAP_TAILQ_INSERT_BEFORE(listelm, elm, field) do { \ (elm)->field.tqe_prev = (listelm)->field.tqe_prev; \ (elm)->field.tqe_next = (listelm); \ *(listelm)->field.tqe_prev = (elm); \ (listelm)->field.tqe_prev = &(elm)->field.tqe_next; \ } while (0) #define LDAP_TAILQ_REMOVE(head, elm, field) do { \ if (((elm)->field.tqe_next) != NULL) \ (elm)->field.tqe_next->field.tqe_prev = \ (elm)->field.tqe_prev; \ else \ (head)->tqh_last = (elm)->field.tqe_prev; \ *(elm)->field.tqe_prev = (elm)->field.tqe_next; \ } while (0) /* * Circular queue definitions. */ #define LDAP_CIRCLEQ_HEAD(name, type) \ struct name { \ struct type *cqh_first; /* first element */ \ struct type *cqh_last; /* last element */ \ } #define LDAP_CIRCLEQ_HEAD_INITIALIZER(head) \ { (void *)&(head), (void *)&(head) } #define LDAP_CIRCLEQ_ENTRY(type) \ struct { \ struct type *cqe_next; /* next element */ \ struct type *cqe_prev; /* previous element */ \ } /* * Circular queue functions. */ #define LDAP_CIRCLEQ_EMPTY(head) ((head)->cqh_first == (void *)(head)) #define LDAP_CIRCLEQ_FIRST(head) ((head)->cqh_first) #define LDAP_CIRCLEQ_FOREACH(var, head, field) \ for((var) = (head)->cqh_first; \ (var) != (void *)(head); \ (var) = (var)->field.cqe_next) #define LDAP_CIRCLEQ_FOREACH_REVERSE(var, head, field) \ for((var) = (head)->cqh_last; \ (var) != (void *)(head); \ (var) = (var)->field.cqe_prev) #define LDAP_CIRCLEQ_INIT(head) do { \ (head)->cqh_first = (void *)(head); \ (head)->cqh_last = (void *)(head); \ } while (0) #define LDAP_CIRCLEQ_ENTRY_INIT(var, field) do { \ (var)->field.cqe_next = NULL; \ (var)->field.cqe_prev = NULL; \ } while (0) #define LDAP_CIRCLEQ_INSERT_AFTER(head, listelm, elm, field) do { \ (elm)->field.cqe_next = (listelm)->field.cqe_next; \ (elm)->field.cqe_prev = (listelm); \ if ((listelm)->field.cqe_next == (void *)(head)) \ (head)->cqh_last = (elm); \ else \ (listelm)->field.cqe_next->field.cqe_prev = (elm); \ (listelm)->field.cqe_next = (elm); \ } while (0) #define LDAP_CIRCLEQ_INSERT_BEFORE(head, listelm, elm, field) do { \ (elm)->field.cqe_next = (listelm); \ (elm)->field.cqe_prev = (listelm)->field.cqe_prev; \ if ((listelm)->field.cqe_prev == (void *)(head)) \ (head)->cqh_first = (elm); \ else \ (listelm)->field.cqe_prev->field.cqe_next = (elm); \ (listelm)->field.cqe_prev = (elm); \ } while (0) #define LDAP_CIRCLEQ_INSERT_HEAD(head, elm, field) do { \ (elm)->field.cqe_next = (head)->cqh_first; \ (elm)->field.cqe_prev = (void *)(head); \ if ((head)->cqh_last == (void *)(head)) \ (head)->cqh_last = (elm); \ else \ (head)->cqh_first->field.cqe_prev = (elm); \ (head)->cqh_first = (elm); \ } while (0) #define LDAP_CIRCLEQ_INSERT_TAIL(head, elm, field) do { \ (elm)->field.cqe_next = (void *)(head); \ (elm)->field.cqe_prev = (head)->cqh_last; \ if ((head)->cqh_first == (void *)(head)) \ (head)->cqh_first = (elm); \ else \ (head)->cqh_last->field.cqe_next = (elm); \ (head)->cqh_last = (elm); \ } while (0) #define LDAP_CIRCLEQ_LAST(head) ((head)->cqh_last) #define LDAP_CIRCLEQ_NEXT(elm,field) ((elm)->field.cqe_next) #define LDAP_CIRCLEQ_PREV(elm,field) ((elm)->field.cqe_prev) #define LDAP_CIRCLEQ_REMOVE(head, elm, field) do { \ if ((elm)->field.cqe_next == (void *)(head)) \ (head)->cqh_last = (elm)->field.cqe_prev; \ else \ (elm)->field.cqe_next->field.cqe_prev = \ (elm)->field.cqe_prev; \ if ((elm)->field.cqe_prev == (void *)(head)) \ (head)->cqh_first = (elm)->field.cqe_next; \ else \ (elm)->field.cqe_prev->field.cqe_next = \ (elm)->field.cqe_next; \ } while (0) #define LDAP_CIRCLEQ_LOOP_NEXT(head, elm, field) \ (((elm)->field.cqe_next == (void *)(head)) \ ? ((head)->cqh_first) \ : ((elm)->field.cqe_next)) #define LDAP_CIRCLEQ_LOOP_PREV(head, elm, field) \ (((elm)->field.cqe_prev == (void *)(head)) \ ? ((head)->cqh_last) \ : ((elm)->field.cqe_prev)) #define LDAP_CIRCLEQ_MAKE_HEAD(head, elm, field) do { \ if ((elm)->field.cqe_prev != (void *)(head)) { \ (head)->cqh_first->field.cqe_prev = (head)->cqh_last; \ (head)->cqh_last->field.cqe_next = (head)->cqh_first; \ (head)->cqh_first = elm; \ (head)->cqh_last = (elm)->field.cqe_prev; \ (elm)->field.cqe_prev->field.cqe_next = (void *)(head); \ (elm)->field.cqe_prev = (void *)(head); \ } \ } while (0) #define LDAP_CIRCLEQ_MAKE_TAIL(head, elm, field) do { \ if ((elm)->field.cqe_next != (void *)(head)) { \ (head)->cqh_first->field.cqe_prev = (head)->cqh_last; \ (head)->cqh_last->field.cqe_next = (head)->cqh_first; \ (head)->cqh_first = (elm)->field.cqe_next; \ (head)->cqh_last = elm; \ (elm)->field.cqe_next->field.cqe_prev = (void *)(head); \ (elm)->field.cqe_next = (void *)(head); \ } \ } while (0) #endif /* !_LDAP_QUEUE_H_ */ openldap-2.5.16+dfsg/include/lutil_meter.h0000644000175000017500000000372014461774414020027 0ustar sergiosergio/* lutil_meter.h - progress meters */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright (c) 2009 by Emily Backes, Symas Corp. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in the file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* ACKNOWLEDGEMENTS: * This work was initially developed by Emily Backes for inclusion * in OpenLDAP software. */ #ifndef _LUTIL_METER_H #define _LUTIL_METER_H #include "portable.h" #include #include #include #include #include typedef struct { int (*display_open) (void **datap); int (*display_update) (void **datap, double frac, time_t remaining_time, time_t elapsed, double byte_rate); int (*display_close) (void **datap); } lutil_meter_display_t; typedef struct { int (*estimator_open) (void **datap); int (*estimator_update) (void **datap, double start, double frac, time_t *remaining_time); int (*estimator_close) (void **datap); } lutil_meter_estimator_t; typedef struct { const lutil_meter_display_t *display; void * display_data; const lutil_meter_estimator_t *estimator; void * estimator_data; double start_time; double last_update; size_t goal_value; size_t last_position; } lutil_meter_t; extern const lutil_meter_display_t lutil_meter_text_display; extern const lutil_meter_estimator_t lutil_meter_linear_estimator; extern int lutil_meter_open ( lutil_meter_t *lutil_meter, const lutil_meter_display_t *display, const lutil_meter_estimator_t *estimator, size_t goal_value); extern int lutil_meter_update ( lutil_meter_t *lutil_meter, size_t position, int force); extern int lutil_meter_close (lutil_meter_t *lutil_meter); #endif /* _LUTIL_METER_H */ openldap-2.5.16+dfsg/include/Makefile.in0000644000175000017500000000515514461774414017402 0ustar sergiosergio# include Makefile.in for OpenLDAP # $OpenLDAP$ ## This work is part of OpenLDAP Software . ## ## Copyright 1998-2022 The OpenLDAP Foundation. ## All rights reserved. ## ## Redistribution and use in source and binary forms, with or without ## modification, are permitted only as authorized by the OpenLDAP ## Public License. ## ## A copy of this license is available in the file LICENSE in the ## top-level directory of the distribution or, alternatively, at ## . all-local: ldap_config.h FORCE install-local: FORCE -$(MKDIR) $(DESTDIR)$(includedir) for header in $(srcdir)/lber.h lber_types.h \ $(srcdir)/ldap.h $(srcdir)/ldap_cdefs.h \ $(srcdir)/ldap_schema.h $(srcdir)/ldap_utf8.h \ $(srcdir)/slapi-plugin.h ldap_features.h \ $(srcdir)/ldif.h $(srcdir)/openldap.h ; \ do \ $(INSTALL) $(INSTALLFLAGS) -m 644 $$header $(DESTDIR)$(includedir); \ done clean-local: FORCE $(RM) ldap_config.h veryclean-local: clean-local FORCE $(RM) portable.h lber_types.h ldap_features.h depend-local: ldap_config.h FORCE LDAP_CONFIG=$(srcdir)/ldap_config.hin ldap_config.h: $(LDAP_CONFIG) Makefile @$(RM) $@ @echo "Making $@" @echo "/* Generated from $(LDAP_CONFIG) on `date` */" > $@; \ if test $(PLAT) = NT; then \ sysconfdir=`cygpath -w $(sysconfdir) | \ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \ datadir=`cygpath -w $(datadir) | \ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \ bindir=`cygpath -w $(bindir) | \ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \ sbindir=`cygpath -w $(sbindir) | \ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \ libexecdir=`cygpath -w $(libexecdir) | \ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \ moduledir=`cygpath -w $(moduledir) | \ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \ localstatedir=`cygpath -w $(localstatedir) | \ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \ else \ sysconfdir=$(sysconfdir); \ datadir=$(datadir); \ bindir=$(bindir); \ sbindir=$(sbindir); \ libexecdir=$(libexecdir); \ moduledir=$(moduledir); \ localstatedir=$(localstatedir); \ localedir=$(localedir); \ fi; \ $(SED) \ -e "s;%SYSCONFDIR%;$$sysconfdir;" \ -e "s;%DATADIR%;$$datadir;" \ -e "s;%BINDIR%;$$bindir;" \ -e "s;%SBINDIR%;$$sbindir;" \ -e "s;%LIBEXECDIR%;$$libexecdir;" \ -e "s;%MODULEDIR%;$$moduledir;" \ -e "s;%RUNDIR%;$$localstatedir;" \ -e "s;%LOCALEDIR%;$$localedir;" \ $(LDAP_CONFIG) >> $@; \ $(CHMOD) 444 $@ all-common: all-local install-common: all-common install-local clean-common: clean-local veryclean-common: veryclean-local depend-common: depend-local openldap-2.5.16+dfsg/include/ldap_pvt_thread.h0000644000175000017500000002220514461774414020641 0ustar sergiosergio/* ldap_pvt_thread.h - ldap threads header file */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _LDAP_PVT_THREAD_H #define _LDAP_PVT_THREAD_H /* libldap/ldap_thr_debug.h #undefines this */ #include "ldap_cdefs.h" #include "ldap_int_thread.h" LDAP_BEGIN_DECL #ifndef LDAP_PVT_THREAD_H_DONE typedef ldap_int_thread_t ldap_pvt_thread_t; #ifdef LDAP_THREAD_DEBUG_WRAP typedef ldap_debug_thread_mutex_t ldap_pvt_thread_mutex_t; typedef ldap_debug_thread_cond_t ldap_pvt_thread_cond_t; typedef ldap_debug_thread_rdwr_t ldap_pvt_thread_rdwr_t; #define LDAP_PVT_MUTEX_FIRSTCREATE LDAP_DEBUG_MUTEX_FIRSTCREATE #define LDAP_PVT_MUTEX_NULL LDAP_DEBUG_MUTEX_NULL #else typedef ldap_int_thread_mutex_t ldap_pvt_thread_mutex_t; typedef ldap_int_thread_cond_t ldap_pvt_thread_cond_t; typedef ldap_int_thread_rdwr_t ldap_pvt_thread_rdwr_t; #define LDAP_PVT_MUTEX_FIRSTCREATE LDAP_INT_MUTEX_FIRSTCREATE #define LDAP_PVT_MUTEX_NULL LDAP_INT_MUTEX_NULL #endif typedef ldap_int_thread_key_t ldap_pvt_thread_key_t; #endif /* !LDAP_PVT_THREAD_H_DONE */ #define ldap_pvt_thread_equal ldap_int_thread_equal LDAP_F( int ) ldap_pvt_thread_initialize LDAP_P(( void )); LDAP_F( int ) ldap_pvt_thread_destroy LDAP_P(( void )); LDAP_F( unsigned int ) ldap_pvt_thread_sleep LDAP_P(( unsigned int s )); LDAP_F( int ) ldap_pvt_thread_get_concurrency LDAP_P(( void )); LDAP_F( int ) ldap_pvt_thread_set_concurrency LDAP_P(( int )); #define LDAP_PVT_THREAD_CREATE_JOINABLE 0 #define LDAP_PVT_THREAD_CREATE_DETACHED 1 #ifndef LDAP_PVT_THREAD_H_DONE #define LDAP_PVT_THREAD_SET_STACK_SIZE /* The size may be explicitly #defined to zero to disable it. */ #if defined( LDAP_PVT_THREAD_STACK_SIZE ) && LDAP_PVT_THREAD_STACK_SIZE == 0 # undef LDAP_PVT_THREAD_SET_STACK_SIZE #elif !defined( LDAP_PVT_THREAD_STACK_SIZE ) /* LARGE stack. Will be twice as large on 64 bit machine. */ # define LDAP_PVT_THREAD_STACK_SIZE ( 1 * 1024 * 1024 * sizeof(void *) ) #endif #endif /* !LDAP_PVT_THREAD_H_DONE */ LDAP_F( int ) ldap_pvt_thread_create LDAP_P(( ldap_pvt_thread_t * thread, int detach, void *(*start_routine)( void * ), void *arg)); LDAP_F( void ) ldap_pvt_thread_exit LDAP_P(( void *retval )); LDAP_F( int ) ldap_pvt_thread_join LDAP_P(( ldap_pvt_thread_t thread, void **status )); LDAP_F( int ) ldap_pvt_thread_kill LDAP_P(( ldap_pvt_thread_t thread, int signo )); LDAP_F( int ) ldap_pvt_thread_yield LDAP_P(( void )); LDAP_F( int ) ldap_pvt_thread_cond_init LDAP_P(( ldap_pvt_thread_cond_t *cond )); LDAP_F( int ) ldap_pvt_thread_cond_destroy LDAP_P(( ldap_pvt_thread_cond_t *cond )); LDAP_F( int ) ldap_pvt_thread_cond_signal LDAP_P(( ldap_pvt_thread_cond_t *cond )); LDAP_F( int ) ldap_pvt_thread_cond_broadcast LDAP_P(( ldap_pvt_thread_cond_t *cond )); LDAP_F( int ) ldap_pvt_thread_cond_wait LDAP_P(( ldap_pvt_thread_cond_t *cond, ldap_pvt_thread_mutex_t *mutex )); LDAP_F( int ) ldap_pvt_thread_mutex_init LDAP_P(( ldap_pvt_thread_mutex_t *mutex )); LDAP_F( int ) ldap_pvt_thread_mutex_recursive_init LDAP_P(( ldap_pvt_thread_mutex_t *mutex )); LDAP_F( int ) ldap_pvt_thread_mutex_destroy LDAP_P(( ldap_pvt_thread_mutex_t *mutex )); LDAP_F( int ) ldap_pvt_thread_mutex_lock LDAP_P(( ldap_pvt_thread_mutex_t *mutex )); LDAP_F( int ) ldap_pvt_thread_mutex_trylock LDAP_P(( ldap_pvt_thread_mutex_t *mutex )); LDAP_F( int ) ldap_pvt_thread_mutex_unlock LDAP_P(( ldap_pvt_thread_mutex_t *mutex )); LDAP_F( ldap_pvt_thread_t ) ldap_pvt_thread_self LDAP_P(( void )); #ifdef LDAP_INT_THREAD_ASSERT_MUTEX_OWNER #define LDAP_PVT_THREAD_ASSERT_MUTEX_OWNER LDAP_INT_THREAD_ASSERT_MUTEX_OWNER #else #define LDAP_PVT_THREAD_ASSERT_MUTEX_OWNER(mutex) ((void) 0) #endif LDAP_F( int ) ldap_pvt_thread_rdwr_init LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); LDAP_F( int ) ldap_pvt_thread_rdwr_destroy LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); LDAP_F( int ) ldap_pvt_thread_rdwr_rlock LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); LDAP_F( int ) ldap_pvt_thread_rdwr_rtrylock LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); LDAP_F( int ) ldap_pvt_thread_rdwr_runlock LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); LDAP_F( int ) ldap_pvt_thread_rdwr_wlock LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); LDAP_F( int ) ldap_pvt_thread_rdwr_wtrylock LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); LDAP_F( int ) ldap_pvt_thread_rdwr_wunlock LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); LDAP_F( int ) ldap_pvt_thread_key_create LDAP_P((ldap_pvt_thread_key_t *keyp)); LDAP_F( int ) ldap_pvt_thread_key_destroy LDAP_P((ldap_pvt_thread_key_t key)); LDAP_F( int ) ldap_pvt_thread_key_setdata LDAP_P((ldap_pvt_thread_key_t key, void *data)); LDAP_F( int ) ldap_pvt_thread_key_getdata LDAP_P((ldap_pvt_thread_key_t key, void **data)); #ifdef LDAP_DEBUG LDAP_F( int ) ldap_pvt_thread_rdwr_readers LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); LDAP_F( int ) ldap_pvt_thread_rdwr_writers LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); LDAP_F( int ) ldap_pvt_thread_rdwr_active LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); #endif /* LDAP_DEBUG */ #define LDAP_PVT_THREAD_EINVAL EINVAL #define LDAP_PVT_THREAD_EBUSY EINVAL #ifndef LDAP_PVT_THREAD_H_DONE typedef ldap_int_thread_pool_t ldap_pvt_thread_pool_t; typedef void * (ldap_pvt_thread_start_t) LDAP_P((void *ctx, void *arg)); typedef int (ldap_pvt_thread_walk_t) LDAP_P((ldap_pvt_thread_start_t *start, void *start_arg, void *arg)); typedef void (ldap_pvt_thread_pool_keyfree_t) LDAP_P((void *key, void *data)); #endif /* !LDAP_PVT_THREAD_H_DONE */ LDAP_F( int ) ldap_pvt_thread_pool_init LDAP_P(( ldap_pvt_thread_pool_t *pool_out, int max_threads, int max_pending )); LDAP_F( int ) ldap_pvt_thread_pool_init_q LDAP_P(( ldap_pvt_thread_pool_t *pool_out, int max_threads, int max_pending, int num_qs )); LDAP_F( int ) ldap_pvt_thread_pool_submit LDAP_P(( ldap_pvt_thread_pool_t *pool, ldap_pvt_thread_start_t *start, void *arg )); LDAP_F( int ) ldap_pvt_thread_pool_submit2 LDAP_P(( ldap_pvt_thread_pool_t *pool, ldap_pvt_thread_start_t *start, void *arg, void **cookie )); LDAP_F( int ) ldap_pvt_thread_pool_retract LDAP_P(( void *cookie )); LDAP_F( int ) ldap_pvt_thread_pool_walk LDAP_P(( ldap_pvt_thread_pool_t *pool, ldap_pvt_thread_start_t *start, ldap_pvt_thread_walk_t *cb, void *arg )); LDAP_F( int ) ldap_pvt_thread_pool_maxthreads LDAP_P(( ldap_pvt_thread_pool_t *pool, int max_threads )); LDAP_F( int ) ldap_pvt_thread_pool_queues LDAP_P(( ldap_pvt_thread_pool_t *pool, int numqs )); #ifndef LDAP_PVT_THREAD_H_DONE typedef enum { LDAP_PVT_THREAD_POOL_PARAM_UNKNOWN = -1, LDAP_PVT_THREAD_POOL_PARAM_MAX, LDAP_PVT_THREAD_POOL_PARAM_MAX_PENDING, LDAP_PVT_THREAD_POOL_PARAM_OPEN, LDAP_PVT_THREAD_POOL_PARAM_STARTING, LDAP_PVT_THREAD_POOL_PARAM_ACTIVE, LDAP_PVT_THREAD_POOL_PARAM_PAUSING, LDAP_PVT_THREAD_POOL_PARAM_PENDING, LDAP_PVT_THREAD_POOL_PARAM_BACKLOAD, LDAP_PVT_THREAD_POOL_PARAM_ACTIVE_MAX, LDAP_PVT_THREAD_POOL_PARAM_PENDING_MAX, LDAP_PVT_THREAD_POOL_PARAM_BACKLOAD_MAX, LDAP_PVT_THREAD_POOL_PARAM_STATE, LDAP_PVT_THREAD_POOL_PARAM_PAUSED } ldap_pvt_thread_pool_param_t; #endif /* !LDAP_PVT_THREAD_H_DONE */ LDAP_F( int ) ldap_pvt_thread_pool_query LDAP_P(( ldap_pvt_thread_pool_t *pool, ldap_pvt_thread_pool_param_t param, void *value )); LDAP_F( int ) ldap_pvt_thread_pool_pausing LDAP_P(( ldap_pvt_thread_pool_t *pool )); LDAP_F( int ) ldap_pvt_thread_pool_backload LDAP_P(( ldap_pvt_thread_pool_t *pool )); LDAP_F( void ) ldap_pvt_thread_pool_idle LDAP_P(( ldap_pvt_thread_pool_t *pool )); LDAP_F( void ) ldap_pvt_thread_pool_unidle LDAP_P(( ldap_pvt_thread_pool_t *pool )); LDAP_F( int ) ldap_pvt_thread_pool_pausecheck LDAP_P(( ldap_pvt_thread_pool_t *pool )); LDAP_F( int ) ldap_pvt_thread_pool_pausecheck_native LDAP_P(( ldap_pvt_thread_pool_t *pool )); LDAP_F( int ) ldap_pvt_thread_pool_pause LDAP_P(( ldap_pvt_thread_pool_t *pool )); LDAP_F( int ) ldap_pvt_thread_pool_resume LDAP_P(( ldap_pvt_thread_pool_t *pool )); LDAP_F( int ) ldap_pvt_thread_pool_destroy LDAP_P(( ldap_pvt_thread_pool_t *pool, int run_pending )); LDAP_F( int ) ldap_pvt_thread_pool_close LDAP_P(( ldap_pvt_thread_pool_t *pool, int run_pending )); LDAP_F( int ) ldap_pvt_thread_pool_free LDAP_P(( ldap_pvt_thread_pool_t *pool )); LDAP_F( int ) ldap_pvt_thread_pool_getkey LDAP_P(( void *ctx, void *key, void **data, ldap_pvt_thread_pool_keyfree_t **kfree )); LDAP_F( int ) ldap_pvt_thread_pool_setkey LDAP_P(( void *ctx, void *key, void *data, ldap_pvt_thread_pool_keyfree_t *kfree, void **olddatap, ldap_pvt_thread_pool_keyfree_t **oldkfreep )); LDAP_F( void ) ldap_pvt_thread_pool_purgekey LDAP_P(( void *key )); LDAP_F( void *) ldap_pvt_thread_pool_context LDAP_P(( void )); LDAP_F( void ) ldap_pvt_thread_pool_context_reset LDAP_P(( void *key )); LDAP_F( ldap_pvt_thread_t ) ldap_pvt_thread_pool_tid LDAP_P(( void *ctx )); LDAP_END_DECL #define LDAP_PVT_THREAD_H_DONE #endif /* _LDAP_PVT_THREAD_H */ openldap-2.5.16+dfsg/include/ldap_pvt.h0000644000175000017500000003601314461774414017314 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* ldap-pvt.h - Header for ldap_pvt_ functions. * These are meant to be internal to OpenLDAP Software. */ #ifndef _LDAP_PVT_H #define _LDAP_PVT_H 1 #include /* get public interfaces */ #include /* get ber_slen_t */ #include /* get Sockbuf_Buf */ LDAP_BEGIN_DECL LDAP_F ( int ) ldap_pvt_url_scheme2proto LDAP_P(( const char * )); LDAP_F ( int ) ldap_pvt_url_scheme2tls LDAP_P(( const char * )); LDAP_F ( int ) ldap_pvt_url_scheme2proxied LDAP_P(( const char * )); LDAP_F ( int ) ldap_pvt_url_scheme_port LDAP_P(( const char *, int )); struct ldap_url_desc; /* avoid pulling in */ #define LDAP_PVT_URL_PARSE_NONE (0x00U) #define LDAP_PVT_URL_PARSE_NOEMPTY_HOST (0x01U) #define LDAP_PVT_URL_PARSE_DEF_PORT (0x02U) #define LDAP_PVT_URL_PARSE_NOEMPTY_DN (0x04U) #define LDAP_PVT_URL_PARSE_NODEF_SCOPE (0x08U) #define LDAP_PVT_URL_PARSE_HISTORIC (LDAP_PVT_URL_PARSE_NODEF_SCOPE | \ LDAP_PVT_URL_PARSE_NOEMPTY_HOST | \ LDAP_PVT_URL_PARSE_DEF_PORT) LDAP_F( int ) ldap_url_parse_ext LDAP_P(( LDAP_CONST char *url, struct ldap_url_desc **ludpp, unsigned flags )); LDAP_F (int) ldap_url_parselist LDAP_P(( /* deprecated, use ldap_url_parselist_ext() */ struct ldap_url_desc **ludlist, const char *url )); LDAP_F (int) ldap_url_parselist_ext LDAP_P(( struct ldap_url_desc **ludlist, const char *url, const char *sep, unsigned flags )); LDAP_F (char *) ldap_url_list2urls LDAP_P(( struct ldap_url_desc *ludlist )); LDAP_F (void) ldap_free_urllist LDAP_P(( struct ldap_url_desc *ludlist )); LDAP_F (int) ldap_pvt_scope2bv LDAP_P (( int scope, struct berval *bv )); LDAP_F (LDAP_CONST char *) ldap_pvt_scope2str LDAP_P (( int scope )); LDAP_F (int) ldap_pvt_bv2scope LDAP_P (( struct berval *bv )); LDAP_F (int) ldap_pvt_str2scope LDAP_P (( LDAP_CONST char * )); LDAP_F( char * ) ldap_pvt_ctime LDAP_P(( const time_t *tp, char *buf )); # if defined( HAVE_GMTIME_R ) # define USE_GMTIME_R # define ldap_pvt_gmtime(timep, result) gmtime_r((timep), (result)) # else LDAP_F( struct tm * ) ldap_pvt_gmtime LDAP_P(( LDAP_CONST time_t *timep, struct tm *result )); #endif # if defined( HAVE_LOCALTIME_R ) # define USE_LOCALTIME_R # define ldap_pvt_localtime(timep, result) localtime_r((timep), (result)) # else LDAP_F( struct tm * ) ldap_pvt_localtime LDAP_P(( LDAP_CONST time_t *timep, struct tm *result )); # endif #if defined( USE_GMTIME_R ) && defined( USE_LOCALTIME_R ) # define ldap_pvt_gmtime_lock() (0) # define ldap_pvt_gmtime_unlock() (0) #else LDAP_F( int ) ldap_pvt_gmtime_lock LDAP_P(( void )); LDAP_F( int ) ldap_pvt_gmtime_unlock LDAP_P(( void )); #endif /* USE_GMTIME_R && USE_LOCALTIME_R */ /* Get current time as a structured time */ struct lutil_tm; LDAP_F( void ) ldap_pvt_gettime LDAP_P(( struct lutil_tm * )); #ifdef _WIN32 #define gettimeofday(tv,tz) ldap_pvt_gettimeofday(tv,tz) struct timeval; LDAP_F( int ) ldap_pvt_gettimeofday LDAP_P(( struct timeval *tv, void *unused )); #ifndef CLOCK_REALTIME #define CLOCK_REALTIME 0 #endif #define clock_gettime(clkid,tv) ldap_pvt_clock_gettime(clkid,tv) struct timespec; LDAP_F( int ) ldap_pvt_clock_gettime LDAP_P(( int clkid, struct timespec *tv )); #endif /* use this macro to allocate buffer for ldap_pvt_csnstr */ #define LDAP_PVT_CSNSTR_BUFSIZE 64 LDAP_F( size_t ) ldap_pvt_csnstr( char *buf, size_t len, unsigned int replica, unsigned int mod ); LDAP_F( char *) ldap_pvt_get_fqdn LDAP_P(( char * )); struct hostent; /* avoid pulling in */ LDAP_F( int ) ldap_pvt_gethostbyname_a LDAP_P(( const char *name, struct hostent *resbuf, char **buf, struct hostent **result, int *herrno_ptr )); LDAP_F( int ) ldap_pvt_gethostbyaddr_a LDAP_P(( const char *addr, int len, int type, struct hostent *resbuf, char **buf, struct hostent **result, int *herrno_ptr )); struct sockaddr; LDAP_F( int ) ldap_pvt_get_hname LDAP_P(( const struct sockaddr * sa, int salen, char *name, int namelen, char **herr )); #ifdef LDAP_PF_LOCAL #define LDAP_IPADDRLEN (MAXPATHLEN + sizeof("PATH=")) #elif defined(LDAP_PF_INET6) #define LDAP_IPADDRLEN sizeof("IP=[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff]:65535") #else #define LDAP_IPADDRLEN sizeof("IP=255.255.255.255:65336") #endif union Sockaddr; LDAP_F (void) ldap_pvt_sockaddrstr LDAP_P(( union Sockaddr *sa, struct berval * )); /* charray.c */ LDAP_F( int ) ldap_charray_add LDAP_P(( char ***a, const char *s )); LDAP_F( int ) ldap_charray_merge LDAP_P(( char ***a, char **s )); LDAP_F( void ) ldap_charray_free LDAP_P(( char **a )); LDAP_F( int ) ldap_charray_inlist LDAP_P(( char **a, const char *s )); LDAP_F( char ** ) ldap_charray_dup LDAP_P(( char **a )); LDAP_F( char ** ) ldap_str2charray LDAP_P(( const char *str, const char *brkstr )); LDAP_F( char * ) ldap_charray2str LDAP_P(( char **array, const char* sep )); /* getdn.c */ #ifdef LDAP_AVA_NULL /* in ldap.h */ LDAP_F( void ) ldap_rdnfree_x LDAP_P(( LDAPRDN rdn, void *ctx )); LDAP_F( void ) ldap_dnfree_x LDAP_P(( LDAPDN dn, void *ctx )); LDAP_F( int ) ldap_bv2dn_x LDAP_P(( struct berval *bv, LDAPDN *dn, unsigned flags, void *ctx )); LDAP_F( int ) ldap_dn2bv_x LDAP_P(( LDAPDN dn, struct berval *bv, unsigned flags, void *ctx )); LDAP_F( int ) ldap_bv2rdn_x LDAP_P(( struct berval *, LDAPRDN *, char **, unsigned flags, void *ctx )); LDAP_F( int ) ldap_rdn2bv_x LDAP_P(( LDAPRDN rdn, struct berval *bv, unsigned flags, void *ctx )); #endif /* LDAP_AVA_NULL */ /* url.c */ LDAP_F (void) ldap_pvt_hex_unescape LDAP_P(( char *s )); /* * these macros assume 'x' is an ASCII x * and assume the "C" locale */ #define LDAP_ASCII(c) (!((c) & 0x80)) #define LDAP_SPACE(c) ((c) == ' ' || (c) == '\t' || (c) == '\n') #define LDAP_DIGIT(c) ((c) >= '0' && (c) <= '9') #define LDAP_LOWER(c) ((c) >= 'a' && (c) <= 'z') #define LDAP_UPPER(c) ((c) >= 'A' && (c) <= 'Z') #define LDAP_ALPHA(c) (LDAP_LOWER(c) || LDAP_UPPER(c)) #define LDAP_ALNUM(c) (LDAP_ALPHA(c) || LDAP_DIGIT(c)) #define LDAP_LDH(c) (LDAP_ALNUM(c) || (c) == '-') #define LDAP_HEXLOWER(c) ((c) >= 'a' && (c) <= 'f') #define LDAP_HEXUPPER(c) ((c) >= 'A' && (c) <= 'F') #define LDAP_HEX(c) (LDAP_DIGIT(c) || \ LDAP_HEXLOWER(c) || LDAP_HEXUPPER(c)) /* controls.c */ struct ldapcontrol; LDAP_F (int) ldap_pvt_put_control LDAP_P(( const struct ldapcontrol *c, BerElement *ber )); LDAP_F (int) ldap_pvt_get_controls LDAP_P(( BerElement *be, struct ldapcontrol ***ctrlsp)); #ifdef HAVE_CYRUS_SASL /* cyrus.c */ struct sasl_security_properties; /* avoid pulling in */ LDAP_F (int) ldap_pvt_sasl_secprops LDAP_P(( const char *in, struct sasl_security_properties *secprops )); LDAP_F (void) ldap_pvt_sasl_secprops_unparse LDAP_P(( struct sasl_security_properties *secprops, struct berval *out )); LDAP_F (void *) ldap_pvt_sasl_mutex_new LDAP_P((void)); LDAP_F (int) ldap_pvt_sasl_mutex_lock LDAP_P((void *mutex)); LDAP_F (int) ldap_pvt_sasl_mutex_unlock LDAP_P((void *mutex)); LDAP_F (void) ldap_pvt_sasl_mutex_dispose LDAP_P((void *mutex)); LDAP_F (int) ldap_pvt_sasl_cbinding_parse LDAP_P(( const char *arg )); LDAP_F (void *) ldap_pvt_sasl_cbinding LDAP_P(( void *ssl, int type, int is_server )); #endif /* HAVE_CYRUS_SASL */ struct sockbuf; /* avoid pulling in */ LDAP_F (int) ldap_pvt_sasl_install LDAP_P(( struct sockbuf *, void * )); LDAP_F (void) ldap_pvt_sasl_remove LDAP_P(( struct sockbuf * )); /* * SASL encryption support for LBER Sockbufs */ struct sb_sasl_generic_data; struct sb_sasl_generic_ops { void (*init)(struct sb_sasl_generic_data *p, ber_len_t *min_send, ber_len_t *max_send, ber_len_t *max_recv); ber_int_t (*encode)(struct sb_sasl_generic_data *p, unsigned char *buf, ber_len_t len, Sockbuf_Buf *dst); ber_int_t (*decode)(struct sb_sasl_generic_data *p, const Sockbuf_Buf *src, Sockbuf_Buf *dst); void (*reset_buf)(struct sb_sasl_generic_data *p, Sockbuf_Buf *buf); void (*fini)(struct sb_sasl_generic_data *p); }; struct sb_sasl_generic_install { const struct sb_sasl_generic_ops *ops; void *ops_private; }; struct sb_sasl_generic_data { const struct sb_sasl_generic_ops *ops; void *ops_private; Sockbuf_IO_Desc *sbiod; ber_len_t min_send; ber_len_t max_send; ber_len_t max_recv; Sockbuf_Buf sec_buf_in; Sockbuf_Buf buf_in; Sockbuf_Buf buf_out; unsigned int flags; #define LDAP_PVT_SASL_PARTIAL_WRITE 1 }; #ifndef LDAP_PVT_SASL_LOCAL_SSF #define LDAP_PVT_SASL_LOCAL_SSF 71 /* SSF for Unix Domain Sockets */ #endif /* ! LDAP_PVT_SASL_LOCAL_SSF */ struct ldap; struct ldapmsg; struct ldifrecord; /* abandon */ LDAP_F ( int ) ldap_pvt_discard LDAP_P(( struct ldap *ld, ber_int_t msgid )); /* init.c */ LDAP_F( int ) ldap_pvt_conf_option LDAP_P(( char *cmd, char *opt, int userconf )); /* ldifutil.c */ LDAP_F( int ) ldap_parse_ldif_record_x LDAP_P(( struct berval *rbuf, unsigned long linenum, struct ldifrecord *lr, const char *errstr, unsigned int flags, void *ctx )); /* messages.c */ LDAP_F( BerElement * ) ldap_get_message_ber LDAP_P(( struct ldapmsg * )); /* open */ LDAP_F (int) ldap_open_internal_connection LDAP_P(( struct ldap **ldp, ber_socket_t *fdp )); /* sasl.c */ LDAP_F (int) ldap_pvt_sasl_generic_install LDAP_P(( Sockbuf *sb, struct sb_sasl_generic_install *install_arg )); LDAP_F (void) ldap_pvt_sasl_generic_remove LDAP_P(( Sockbuf *sb )); /* search.c */ LDAP_F( int ) ldap_pvt_put_filter LDAP_P(( BerElement *ber, const char *str )); LDAP_F( char * ) ldap_pvt_find_wildcard LDAP_P(( const char *s )); LDAP_F( ber_slen_t ) ldap_pvt_filter_value_unescape LDAP_P(( char *filter )); LDAP_F( ber_len_t ) ldap_bv2escaped_filter_value_len LDAP_P(( struct berval *in )); LDAP_F( int ) ldap_bv2escaped_filter_value_x LDAP_P(( struct berval *in, struct berval *out, int inplace, void *ctx )); LDAP_F (int) ldap_pvt_search LDAP_P(( struct ldap *ld, LDAP_CONST char *base, int scope, LDAP_CONST char *filter, char **attrs, int attrsonly, struct ldapcontrol **sctrls, struct ldapcontrol **cctrls, struct timeval *timeout, int sizelimit, int deref, int *msgidp )); LDAP_F(int) ldap_pvt_search_s LDAP_P(( struct ldap *ld, LDAP_CONST char *base, int scope, LDAP_CONST char *filter, char **attrs, int attrsonly, struct ldapcontrol **sctrls, struct ldapcontrol **cctrls, struct timeval *timeout, int sizelimit, int deref, struct ldapmsg **res )); /* string.c */ LDAP_F( char * ) ldap_pvt_str2upper LDAP_P(( char *str )); LDAP_F( char * ) ldap_pvt_str2lower LDAP_P(( char *str )); LDAP_F( struct berval * ) ldap_pvt_str2upperbv LDAP_P(( char *str, struct berval *bv )); LDAP_F( struct berval * ) ldap_pvt_str2lowerbv LDAP_P(( char *str, struct berval *bv )); /* tls.c */ LDAP_F (int) ldap_pvt_tls_config LDAP_P(( struct ldap *ld, int option, const char *arg )); LDAP_F (int) ldap_pvt_tls_get_option LDAP_P(( struct ldap *ld, int option, void *arg )); LDAP_F (int) ldap_pvt_tls_set_option LDAP_P(( struct ldap *ld, int option, void *arg )); LDAP_F (void) ldap_pvt_tls_destroy LDAP_P(( void )); LDAP_F (int) ldap_pvt_tls_init LDAP_P(( int do_threads )); LDAP_F (int) ldap_pvt_tls_init_def_ctx LDAP_P(( int is_server )); LDAP_F (int) ldap_pvt_tls_accept LDAP_P(( Sockbuf *sb, void *ctx_arg )); LDAP_F (int) ldap_pvt_tls_connect LDAP_P(( struct ldap *ld, Sockbuf *sb, const char *host )); LDAP_F (int) ldap_pvt_tls_inplace LDAP_P(( Sockbuf *sb )); LDAP_F (void *) ldap_pvt_tls_sb_ctx LDAP_P(( Sockbuf *sb )); LDAP_F (void) ldap_pvt_tls_ctx_free LDAP_P(( void * )); typedef int LDAPDN_rewrite_dummy LDAP_P (( void *dn, unsigned flags )); typedef int (LDAP_TLS_CONNECT_CB) LDAP_P (( struct ldap *ld, void *ssl, void *ctx, void *arg )); LDAP_F (int) ldap_pvt_tls_get_my_dn LDAP_P(( void *ctx, struct berval *dn, LDAPDN_rewrite_dummy *func, unsigned flags )); LDAP_F (int) ldap_pvt_tls_get_peer_dn LDAP_P(( void *ctx, struct berval *dn, LDAPDN_rewrite_dummy *func, unsigned flags )); LDAP_F (int) ldap_pvt_tls_get_strength LDAP_P(( void *ctx )); LDAP_F (int) ldap_pvt_tls_get_unique LDAP_P(( void *ctx, struct berval *buf, int is_server )); LDAP_F (int) ldap_pvt_tls_get_endpoint LDAP_P(( void *ctx, struct berval *buf, int is_server )); LDAP_F (const char *) ldap_pvt_tls_get_version LDAP_P(( void *ctx )); LDAP_F (const char *) ldap_pvt_tls_get_cipher LDAP_P(( void *ctx )); LDAP_END_DECL /* * Multiple precision stuff * * May use OpenSSL's BIGNUM if built with TLS, * or GNU's multiple precision library. But if * long long is available, that's big enough * and much more efficient. * * If none is available, unsigned long data is used. */ LDAP_BEGIN_DECL #ifdef USE_MP_BIGNUM /* * Use OpenSSL's BIGNUM */ #include #include typedef BIGNUM* ldap_pvt_mp_t; #define LDAP_PVT_MP_INIT (NULL) #define ldap_pvt_mp_init(mp) \ do { (mp) = BN_new(); } while (0) /* FIXME: we rely on mpr being initialized */ #define ldap_pvt_mp_init_set(mpr,mpv) \ do { ldap_pvt_mp_init((mpr)); BN_add((mpr), (mpr), (mpv)); } while (0) #define ldap_pvt_mp_add(mpr,mpv) \ BN_add((mpr), (mpr), (mpv)) #define ldap_pvt_mp_add_ulong(mp,v) \ BN_add_word((mp), (v)) #define ldap_pvt_mp_clear(mp) \ do { BN_free((mp)); (mp) = 0; } while (0) #elif defined(USE_MP_GMP) /* * Use GNU's multiple precision library */ #include typedef mpz_t ldap_pvt_mp_t; #define LDAP_PVT_MP_INIT { 0 } #define ldap_pvt_mp_init(mp) \ mpz_init((mp)) #define ldap_pvt_mp_init_set(mpr,mpv) \ mpz_init_set((mpr), (mpv)) #define ldap_pvt_mp_add(mpr,mpv) \ mpz_add((mpr), (mpr), (mpv)) #define ldap_pvt_mp_add_ulong(mp,v) \ mpz_add_ui((mp), (mp), (v)) #define ldap_pvt_mp_clear(mp) \ mpz_clear((mp)) #else /* * Use unsigned long long */ #ifdef USE_MP_LONG_LONG typedef unsigned long long ldap_pvt_mp_t; #define LDAP_PVT_MP_INIT (0LL) #elif defined(USE_MP_LONG) typedef unsigned long ldap_pvt_mp_t; #define LDAP_PVT_MP_INIT (0L) #elif defined(HAVE_LONG_LONG) typedef unsigned long long ldap_pvt_mp_t; #define LDAP_PVT_MP_INIT (0LL) #else typedef unsigned long ldap_pvt_mp_t; #define LDAP_PVT_MP_INIT (0L) #endif #define ldap_pvt_mp_init(mp) \ do { (mp) = 0; } while (0) #define ldap_pvt_mp_init_set(mpr,mpv) \ do { (mpr) = (mpv); } while (0) #define ldap_pvt_mp_add(mpr,mpv) \ do { (mpr) += (mpv); } while (0) #define ldap_pvt_mp_add_ulong(mp,v) \ do { (mp) += (v); } while (0) #define ldap_pvt_mp_clear(mp) \ do { (mp) = 0; } while (0) #endif /* MP */ #include "ldap_pvt_uc.h" LDAP_END_DECL LDAP_BEGIN_DECL #include /* get CHAR_BIT */ /* Buffer space for sign, decimal digits and \0. Note: log10(2) < 146/485. */ #define LDAP_PVT_INTTYPE_CHARS(type) (((sizeof(type)*CHAR_BIT-1)*146)/485 + 3) LDAP_END_DECL #endif /* _LDAP_PVT_H */ openldap-2.5.16+dfsg/include/ldap_int_thread.h0000644000175000017500000001645514461774414020634 0ustar sergiosergio/* ldap_int_thread.h - ldap internal thread wrappers header file */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ LDAP_BEGIN_DECL /* Can be done twice. See libldap/ldap_thr_debug.h. */ LDAP_F(int) ldap_int_thread_initialize LDAP_P(( void )); LDAP_F(int) ldap_int_thread_destroy LDAP_P(( void )); LDAP_END_DECL #ifndef _LDAP_INT_THREAD_H #define _LDAP_INT_THREAD_H #if defined( HAVE_PTHREADS ) /********************************** * * * definitions for POSIX Threads * * * **********************************/ #include #ifdef HAVE_SCHED_H #include #endif LDAP_BEGIN_DECL typedef pthread_t ldap_int_thread_t; typedef pthread_mutex_t ldap_int_thread_mutex_t; typedef pthread_cond_t ldap_int_thread_cond_t; typedef pthread_key_t ldap_int_thread_key_t; #define ldap_int_thread_equal(a, b) pthread_equal((a), (b)) #if defined( _POSIX_REENTRANT_FUNCTIONS ) || \ defined( _POSIX_THREAD_SAFE_FUNCTIONS ) || \ defined( _POSIX_THREADSAFE_FUNCTIONS ) #define HAVE_REENTRANT_FUNCTIONS 1 #endif #if defined( HAVE_PTHREAD_GETCONCURRENCY ) || \ defined( HAVE_THR_GETCONCURRENCY ) #define LDAP_THREAD_HAVE_GETCONCURRENCY 1 #endif #if defined( HAVE_PTHREAD_SETCONCURRENCY ) || \ defined( HAVE_THR_SETCONCURRENCY ) #define LDAP_THREAD_HAVE_SETCONCURRENCY 1 #endif #if defined( HAVE_PTHREAD_RWLOCK_DESTROY ) #define LDAP_THREAD_HAVE_RDWR 1 typedef pthread_rwlock_t ldap_int_thread_rdwr_t; #endif #ifndef LDAP_INT_MUTEX_NULL #define LDAP_INT_MUTEX_NULL PTHREAD_MUTEX_INITIALIZER #define LDAP_INT_MUTEX_FIRSTCREATE(m) ((void) 0) #endif LDAP_END_DECL #elif defined( HAVE_GNU_PTH ) /*********************************** * * * thread definitions for GNU Pth * * * ***********************************/ #define PTH_SYSCALL_SOFT 1 #include LDAP_BEGIN_DECL typedef pth_t ldap_int_thread_t; typedef pth_mutex_t ldap_int_thread_mutex_t; typedef pth_cond_t ldap_int_thread_cond_t; typedef pth_key_t ldap_int_thread_key_t; #if 0 #define LDAP_THREAD_HAVE_RDWR 1 typedef pth_rwlock_t ldap_int_thread_rdwr_t; #endif #ifndef LDAP_INT_MUTEX_NULL #define LDAP_INT_MUTEX_NULL PTH_MUTEX_INIT #define LDAP_INT_MUTEX_FIRSTCREATE(m) ((void) 0) #endif LDAP_END_DECL #elif defined( HAVE_THR ) /******************************************** * * * thread definitions for Solaris LWP (THR) * * * ********************************************/ #include #include LDAP_BEGIN_DECL typedef thread_t ldap_int_thread_t; typedef mutex_t ldap_int_thread_mutex_t; typedef cond_t ldap_int_thread_cond_t; typedef thread_key_t ldap_int_thread_key_t; #define HAVE_REENTRANT_FUNCTIONS 1 #ifdef HAVE_THR_GETCONCURRENCY #define LDAP_THREAD_HAVE_GETCONCURRENCY 1 #endif #ifdef HAVE_THR_SETCONCURRENCY #define LDAP_THREAD_HAVE_SETCONCURRENCY 1 #endif #ifndef LDAP_INT_MUTEX_NULL #define LDAP_INT_MUTEX_NULL DEFAULTMUTEX #define LDAP_INT_MUTEX_FIRSTCREATE(m) ((void) 0) #endif #elif defined(HAVE_NT_THREADS) /************************************* * * * thread definitions for NT threads * * * *************************************/ #include #include LDAP_BEGIN_DECL typedef unsigned long ldap_int_thread_t; typedef HANDLE ldap_int_thread_mutex_t; typedef HANDLE ldap_int_thread_cond_t; typedef DWORD ldap_int_thread_key_t; LDAP_F( int ) ldap_int_mutex_firstcreate LDAP_P(( ldap_int_thread_mutex_t *mutex )); #ifndef LDAP_INT_MUTEX_NULL #define LDAP_INT_MUTEX_NULL ((HANDLE)0) #define LDAP_INT_MUTEX_FIRSTCREATE(m) \ ldap_int_mutex_firstcreate(&(m)) #endif LDAP_END_DECL #else /*********************************** * * * thread definitions for no * * underlying library support * * * ***********************************/ #ifndef NO_THREADS #define NO_THREADS 1 #endif LDAP_BEGIN_DECL typedef int ldap_int_thread_t; typedef int ldap_int_thread_mutex_t; typedef int ldap_int_thread_cond_t; typedef int ldap_int_thread_key_t; #define LDAP_THREAD_HAVE_TPOOL 1 typedef int ldap_int_thread_pool_t; #ifndef LDAP_INT_MUTEX_NULL #define LDAP_INT_MUTEX_NULL 0 #define LDAP_INT_MUTEX_FIRSTCREATE(m) ((void) 0) #endif LDAP_END_DECL #endif /* no threads support */ LDAP_BEGIN_DECL #ifndef ldap_int_thread_equal #define ldap_int_thread_equal(a, b) ((a) == (b)) #endif #ifndef LDAP_THREAD_HAVE_RDWR typedef struct ldap_int_thread_rdwr_s * ldap_int_thread_rdwr_t; #endif LDAP_F(int) ldap_int_thread_pool_startup ( void ); LDAP_F(int) ldap_int_thread_pool_shutdown ( void ); #ifndef LDAP_THREAD_HAVE_TPOOL typedef struct ldap_int_thread_pool_s * ldap_int_thread_pool_t; #endif LDAP_END_DECL #if defined(LDAP_THREAD_DEBUG) && !((LDAP_THREAD_DEBUG +0) & 2U) #define LDAP_THREAD_DEBUG_WRAP 1 #endif #ifdef LDAP_THREAD_DEBUG_WRAP /************************************** * * * definitions for type-wrapped debug * * * **************************************/ LDAP_BEGIN_DECL #ifndef LDAP_UINTPTR_T /* May be configured in CPPFLAGS */ #define LDAP_UINTPTR_T unsigned long #endif typedef enum { ldap_debug_magic = -(int) (((unsigned)-1)/19) } ldap_debug_magic_t; typedef enum { /* Could fill in "locked" etc here later */ ldap_debug_state_inited = (int) (((unsigned)-1)/11), ldap_debug_state_destroyed } ldap_debug_state_t; typedef struct { /* Enclosed in magic numbers in the hope of catching overwrites */ ldap_debug_magic_t magic; /* bit pattern to recognize usages */ LDAP_UINTPTR_T self; /* ~(LDAP_UINTPTR_T)&(this struct) */ union ldap_debug_mem_u { /* Dummy memory reference */ unsigned char *ptr; LDAP_UINTPTR_T num; } mem; ldap_debug_state_t state; /* doubles as another magic number */ } ldap_debug_usage_info_t; typedef struct { ldap_int_thread_mutex_t wrapped; ldap_debug_usage_info_t usage; ldap_int_thread_t owner; } ldap_debug_thread_mutex_t; #define LDAP_DEBUG_MUTEX_NULL {LDAP_INT_MUTEX_NULL, {0,0,{0},0} /*,owner*/} #define LDAP_DEBUG_MUTEX_FIRSTCREATE(m) \ ((void) ((m).usage.state || ldap_pvt_thread_mutex_init(&(m)))) typedef struct { ldap_int_thread_cond_t wrapped; ldap_debug_usage_info_t usage; } ldap_debug_thread_cond_t; typedef struct { ldap_int_thread_rdwr_t wrapped; ldap_debug_usage_info_t usage; } ldap_debug_thread_rdwr_t; #ifndef NDEBUG #define LDAP_INT_THREAD_ASSERT_MUTEX_OWNER(mutex) \ ldap_debug_thread_assert_mutex_owner( \ __FILE__, __LINE__, "owns(" #mutex ")", mutex ) LDAP_F(void) ldap_debug_thread_assert_mutex_owner LDAP_P(( LDAP_CONST char *file, int line, LDAP_CONST char *msg, ldap_debug_thread_mutex_t *mutex )); #endif /* NDEBUG */ LDAP_END_DECL #endif /* LDAP_THREAD_DEBUG_WRAP */ #endif /* _LDAP_INT_THREAD_H */ openldap-2.5.16+dfsg/include/ldap.h0000644000175000017500000022056414461774414016431 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Portions Copyright (c) 1990 Regents of the University of Michigan. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and that due credit is given * to the University of Michigan at Ann Arbor. The name of the University * may not be used to endorse or promote products derived from this * software without specific prior written permission. This software * is provided ``as is'' without express or implied warranty. */ #ifndef _LDAP_H #define _LDAP_H /* pull in lber */ #include /* include version and API feature defines */ #include LDAP_BEGIN_DECL #define LDAP_VERSION1 1 #define LDAP_VERSION2 2 #define LDAP_VERSION3 3 #define LDAP_VERSION_MIN LDAP_VERSION2 #define LDAP_VERSION LDAP_VERSION2 #define LDAP_VERSION_MAX LDAP_VERSION3 /* * We use 3000+n here because it is above 1823 (for RFC 1823), * above 2000+rev of IETF LDAPEXT draft (now quite dated), * yet below allocations for new RFCs (just in case there is * someday an RFC produced). */ #define LDAP_API_VERSION 3001 #define LDAP_VENDOR_NAME "OpenLDAP" /* OpenLDAP API Features */ #define LDAP_API_FEATURE_X_OPENLDAP LDAP_VENDOR_VERSION #if defined( LDAP_API_FEATURE_X_OPENLDAP_REENTRANT ) # define LDAP_API_FEATURE_THREAD_SAFE 1 #endif #if defined( LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE ) # define LDAP_API_FEATURE_SESSION_THREAD_SAFE 1 # define LDAP_API_FEATURE_OPERATION_THREAD_SAFE 1 #endif #define LDAP_PORT 389 /* ldap:/// default LDAP port */ #define LDAPS_PORT 636 /* ldaps:/// default LDAP over TLS port */ #define LDAP_ROOT_DSE "" #define LDAP_NO_ATTRS "1.1" #define LDAP_ALL_USER_ATTRIBUTES "*" #define LDAP_ALL_OPERATIONAL_ATTRIBUTES "+" /* RFC 3673 */ /* RFC 4511: maxInt INTEGER ::= 2147483647 -- (2^^31 - 1) -- */ #define LDAP_MAXINT (2147483647) /* * LDAP_OPTions * 0x0000 - 0x0fff reserved for api options * 0x1000 - 0x3fff reserved for api extended options * 0x4000 - 0x7fff reserved for private and experimental options */ #define LDAP_OPT_API_INFO 0x0000 #define LDAP_OPT_DESC 0x0001 /* historic */ #define LDAP_OPT_DEREF 0x0002 #define LDAP_OPT_SIZELIMIT 0x0003 #define LDAP_OPT_TIMELIMIT 0x0004 /* 0x05 - 0x07 not defined */ #define LDAP_OPT_REFERRALS 0x0008 #define LDAP_OPT_RESTART 0x0009 /* 0x0a - 0x10 not defined */ #define LDAP_OPT_PROTOCOL_VERSION 0x0011 #define LDAP_OPT_SERVER_CONTROLS 0x0012 #define LDAP_OPT_CLIENT_CONTROLS 0x0013 /* 0x14 not defined */ #define LDAP_OPT_API_FEATURE_INFO 0x0015 /* 0x16 - 0x2f not defined */ #define LDAP_OPT_HOST_NAME 0x0030 #define LDAP_OPT_RESULT_CODE 0x0031 #define LDAP_OPT_ERROR_NUMBER LDAP_OPT_RESULT_CODE #define LDAP_OPT_DIAGNOSTIC_MESSAGE 0x0032 #define LDAP_OPT_ERROR_STRING LDAP_OPT_DIAGNOSTIC_MESSAGE #define LDAP_OPT_MATCHED_DN 0x0033 /* 0x0034 - 0x3fff not defined */ /* 0x0091 used by Microsoft for LDAP_OPT_AUTO_RECONNECT */ #define LDAP_OPT_SSPI_FLAGS 0x0092 /* 0x0093 used by Microsoft for LDAP_OPT_SSL_INFO */ /* 0x0094 used by Microsoft for LDAP_OPT_REF_DEREF_CONN_PER_MSG */ #define LDAP_OPT_SIGN 0x0095 #define LDAP_OPT_ENCRYPT 0x0096 #define LDAP_OPT_SASL_METHOD 0x0097 /* 0x0098 used by Microsoft for LDAP_OPT_AREC_EXCLUSIVE */ #define LDAP_OPT_SECURITY_CONTEXT 0x0099 /* 0x009A used by Microsoft for LDAP_OPT_ROOTDSE_CACHE */ /* 0x009B - 0x3fff not defined */ /* API Extensions */ #define LDAP_OPT_API_EXTENSION_BASE 0x4000 /* API extensions */ /* private and experimental options */ /* OpenLDAP specific options */ #define LDAP_OPT_DEBUG_LEVEL 0x5001 /* debug level */ #define LDAP_OPT_TIMEOUT 0x5002 /* default timeout */ #define LDAP_OPT_REFHOPLIMIT 0x5003 /* ref hop limit */ #define LDAP_OPT_NETWORK_TIMEOUT 0x5005 /* socket level timeout */ #define LDAP_OPT_URI 0x5006 #define LDAP_OPT_REFERRAL_URLS 0x5007 /* Referral URLs */ #define LDAP_OPT_SOCKBUF 0x5008 /* sockbuf */ #define LDAP_OPT_DEFBASE 0x5009 /* searchbase */ #define LDAP_OPT_CONNECT_ASYNC 0x5010 /* create connections asynchronously */ #define LDAP_OPT_CONNECT_CB 0x5011 /* connection callbacks */ #define LDAP_OPT_SESSION_REFCNT 0x5012 /* session reference count */ #define LDAP_OPT_KEEPCONN 0x5013 /* keep the connection on read error or NoD */ #define LDAP_OPT_SOCKET_BIND_ADDRESSES 0x5014 /* user configured bind IPs */ #define LDAP_OPT_TCP_USER_TIMEOUT 0x5015 /* set TCP_USER_TIMEOUT if the OS supports it, ignored otherwise */ /* OpenLDAP TLS options */ #define LDAP_OPT_X_TLS 0x6000 #define LDAP_OPT_X_TLS_CTX 0x6001 /* OpenSSL CTX* */ #define LDAP_OPT_X_TLS_CACERTFILE 0x6002 #define LDAP_OPT_X_TLS_CACERTDIR 0x6003 #define LDAP_OPT_X_TLS_CERTFILE 0x6004 #define LDAP_OPT_X_TLS_KEYFILE 0x6005 #define LDAP_OPT_X_TLS_REQUIRE_CERT 0x6006 #define LDAP_OPT_X_TLS_PROTOCOL_MIN 0x6007 #define LDAP_OPT_X_TLS_CIPHER_SUITE 0x6008 #define LDAP_OPT_X_TLS_RANDOM_FILE 0x6009 #define LDAP_OPT_X_TLS_SSL_CTX 0x600a /* OpenSSL SSL* */ #define LDAP_OPT_X_TLS_CRLCHECK 0x600b #define LDAP_OPT_X_TLS_CONNECT_CB 0x600c #define LDAP_OPT_X_TLS_CONNECT_ARG 0x600d #define LDAP_OPT_X_TLS_DHFILE 0x600e #define LDAP_OPT_X_TLS_NEWCTX 0x600f #define LDAP_OPT_X_TLS_CRLFILE 0x6010 /* GNUtls only */ #define LDAP_OPT_X_TLS_PACKAGE 0x6011 #define LDAP_OPT_X_TLS_ECNAME 0x6012 #define LDAP_OPT_X_TLS_VERSION 0x6013 /* read-only */ #define LDAP_OPT_X_TLS_CIPHER 0x6014 /* read-only */ #define LDAP_OPT_X_TLS_PEERCERT 0x6015 /* read-only */ #define LDAP_OPT_X_TLS_CACERT 0x6016 #define LDAP_OPT_X_TLS_CERT 0x6017 #define LDAP_OPT_X_TLS_KEY 0x6018 #define LDAP_OPT_X_TLS_PEERKEY_HASH 0x6019 #define LDAP_OPT_X_TLS_REQUIRE_SAN 0x601a #define LDAP_OPT_X_TLS_PROTOCOL_MAX 0x601b #define LDAP_OPT_X_TLS_NEVER 0 #define LDAP_OPT_X_TLS_HARD 1 #define LDAP_OPT_X_TLS_DEMAND 2 #define LDAP_OPT_X_TLS_ALLOW 3 #define LDAP_OPT_X_TLS_TRY 4 #define LDAP_OPT_X_TLS_CRL_NONE 0 #define LDAP_OPT_X_TLS_CRL_PEER 1 #define LDAP_OPT_X_TLS_CRL_ALL 2 /* for LDAP_OPT_X_TLS_PROTOCOL_MIN/MAX */ #define LDAP_OPT_X_TLS_PROTOCOL(maj,min) (((maj) << 8) + (min)) #define LDAP_OPT_X_TLS_PROTOCOL_SSL2 (2 << 8) #define LDAP_OPT_X_TLS_PROTOCOL_SSL3 (3 << 8) #define LDAP_OPT_X_TLS_PROTOCOL_TLS1_0 ((3 << 8) + 1) #define LDAP_OPT_X_TLS_PROTOCOL_TLS1_1 ((3 << 8) + 2) #define LDAP_OPT_X_TLS_PROTOCOL_TLS1_2 ((3 << 8) + 3) #define LDAP_OPT_X_TLS_PROTOCOL_TLS1_3 ((3 << 8) + 4) #define LDAP_OPT_X_SASL_CBINDING_NONE 0 #define LDAP_OPT_X_SASL_CBINDING_TLS_UNIQUE 1 #define LDAP_OPT_X_SASL_CBINDING_TLS_ENDPOINT 2 /* OpenLDAP SASL options */ #define LDAP_OPT_X_SASL_MECH 0x6100 #define LDAP_OPT_X_SASL_REALM 0x6101 #define LDAP_OPT_X_SASL_AUTHCID 0x6102 #define LDAP_OPT_X_SASL_AUTHZID 0x6103 #define LDAP_OPT_X_SASL_SSF 0x6104 /* read-only */ #define LDAP_OPT_X_SASL_SSF_EXTERNAL 0x6105 /* write-only */ #define LDAP_OPT_X_SASL_SECPROPS 0x6106 /* write-only */ #define LDAP_OPT_X_SASL_SSF_MIN 0x6107 #define LDAP_OPT_X_SASL_SSF_MAX 0x6108 #define LDAP_OPT_X_SASL_MAXBUFSIZE 0x6109 #define LDAP_OPT_X_SASL_MECHLIST 0x610a /* read-only */ #define LDAP_OPT_X_SASL_NOCANON 0x610b #define LDAP_OPT_X_SASL_USERNAME 0x610c /* read-only */ #define LDAP_OPT_X_SASL_GSS_CREDS 0x610d #define LDAP_OPT_X_SASL_CBINDING 0x610e /* * OpenLDAP per connection tcp-keepalive settings * (Linux only, ignored where unsupported) */ #define LDAP_OPT_X_KEEPALIVE_IDLE 0x6300 #define LDAP_OPT_X_KEEPALIVE_PROBES 0x6301 #define LDAP_OPT_X_KEEPALIVE_INTERVAL 0x6302 /* Private API Extensions -- reserved for application use */ #define LDAP_OPT_PRIVATE_EXTENSION_BASE 0x7000 /* Private API inclusive */ /* * ldap_get_option() and ldap_set_option() return values. * As later versions may return other values indicating * failure, current applications should only compare returned * value against LDAP_OPT_SUCCESS. */ #define LDAP_OPT_SUCCESS 0 #define LDAP_OPT_ERROR (-1) /* option on/off values */ #define LDAP_OPT_ON ((void *) &ber_pvt_opt_on) #define LDAP_OPT_OFF ((void *) 0) typedef struct ldapapiinfo { int ldapai_info_version; /* version of LDAPAPIInfo */ #define LDAP_API_INFO_VERSION (1) int ldapai_api_version; /* revision of API supported */ int ldapai_protocol_version; /* highest LDAP version supported */ char **ldapai_extensions; /* names of API extensions */ char *ldapai_vendor_name; /* name of supplier */ int ldapai_vendor_version; /* supplier-specific version * 100 */ } LDAPAPIInfo; typedef struct ldap_apifeature_info { int ldapaif_info_version; /* version of LDAPAPIFeatureInfo */ #define LDAP_FEATURE_INFO_VERSION (1) /* apifeature_info struct version */ char* ldapaif_name; /* LDAP_API_FEATURE_* (less prefix) */ int ldapaif_version; /* value of LDAP_API_FEATURE_... */ } LDAPAPIFeatureInfo; /* * LDAP Control structure */ typedef struct ldapcontrol { char * ldctl_oid; /* numericoid of control */ struct berval ldctl_value; /* encoded value of control */ char ldctl_iscritical; /* criticality */ } LDAPControl; /* LDAP Controls */ /* standard track controls */ #define LDAP_CONTROL_MANAGEDSAIT "2.16.840.1.113730.3.4.2" /* RFC 3296 */ #define LDAP_CONTROL_PROXY_AUTHZ "2.16.840.1.113730.3.4.18" /* RFC 4370 */ #define LDAP_CONTROL_SUBENTRIES "1.3.6.1.4.1.4203.1.10.1" /* RFC 3672 */ #define LDAP_CONTROL_VALUESRETURNFILTER "1.2.826.0.1.3344810.2.3"/* RFC 3876 */ #define LDAP_CONTROL_ASSERT "1.3.6.1.1.12" /* RFC 4528 */ #define LDAP_CONTROL_PRE_READ "1.3.6.1.1.13.1" /* RFC 4527 */ #define LDAP_CONTROL_POST_READ "1.3.6.1.1.13.2" /* RFC 4527 */ #define LDAP_CONTROL_SORTREQUEST "1.2.840.113556.1.4.473" /* RFC 2891 */ #define LDAP_CONTROL_SORTRESPONSE "1.2.840.113556.1.4.474" /* RFC 2891 */ /* non-standard track controls */ #define LDAP_CONTROL_PAGEDRESULTS "1.2.840.113556.1.4.319" /* RFC 2696 */ #define LDAP_CONTROL_AUTHZID_REQUEST "2.16.840.1.113730.3.4.16" /* RFC 3829 */ #define LDAP_CONTROL_AUTHZID_RESPONSE "2.16.840.1.113730.3.4.15" /* RFC 3829 */ /* LDAP Content Synchronization Operation -- RFC 4533 */ #define LDAP_SYNC_OID "1.3.6.1.4.1.4203.1.9.1" #define LDAP_CONTROL_SYNC LDAP_SYNC_OID ".1" #define LDAP_CONTROL_SYNC_STATE LDAP_SYNC_OID ".2" #define LDAP_CONTROL_SYNC_DONE LDAP_SYNC_OID ".3" #define LDAP_SYNC_INFO LDAP_SYNC_OID ".4" #define LDAP_SYNC_NONE 0x00 #define LDAP_SYNC_REFRESH_ONLY 0x01 #define LDAP_SYNC_RESERVED 0x02 #define LDAP_SYNC_REFRESH_AND_PERSIST 0x03 #define LDAP_SYNC_REFRESH_PRESENTS 0 #define LDAP_SYNC_REFRESH_DELETES 1 #define LDAP_TAG_SYNC_NEW_COOKIE ((ber_tag_t) 0x80U) #define LDAP_TAG_SYNC_REFRESH_DELETE ((ber_tag_t) 0xa1U) #define LDAP_TAG_SYNC_REFRESH_PRESENT ((ber_tag_t) 0xa2U) #define LDAP_TAG_SYNC_ID_SET ((ber_tag_t) 0xa3U) #define LDAP_TAG_SYNC_COOKIE ((ber_tag_t) 0x04U) #define LDAP_TAG_REFRESHDELETES ((ber_tag_t) 0x01U) #define LDAP_TAG_REFRESHDONE ((ber_tag_t) 0x01U) #define LDAP_TAG_RELOAD_HINT ((ber_tag_t) 0x01U) #define LDAP_SYNC_PRESENT 0 #define LDAP_SYNC_ADD 1 #define LDAP_SYNC_MODIFY 2 #define LDAP_SYNC_DELETE 3 #define LDAP_SYNC_NEW_COOKIE 4 /* LDAP Don't Use Copy Control (RFC 6171) */ #define LDAP_CONTROL_DONTUSECOPY "1.3.6.1.1.22" /* Password policy Controls *//* work in progress */ /* ITS#3458: released; disabled by default */ #define LDAP_CONTROL_PASSWORDPOLICYREQUEST "1.3.6.1.4.1.42.2.27.8.5.1" #define LDAP_CONTROL_PASSWORDPOLICYRESPONSE "1.3.6.1.4.1.42.2.27.8.5.1" /* various works in progress */ #define LDAP_CONTROL_NOOP "1.3.6.1.4.1.4203.666.5.2" #define LDAP_CONTROL_NO_SUBORDINATES "1.3.6.1.4.1.4203.666.5.11" #define LDAP_CONTROL_RELAX "1.3.6.1.4.1.4203.666.5.12" #define LDAP_CONTROL_MANAGEDIT LDAP_CONTROL_RELAX #define LDAP_CONTROL_SLURP "1.3.6.1.4.1.4203.666.5.13" #define LDAP_CONTROL_VALSORT "1.3.6.1.4.1.4203.666.5.14" #define LDAP_CONTROL_X_DEREF "1.3.6.1.4.1.4203.666.5.16" #define LDAP_CONTROL_X_WHATFAILED "1.3.6.1.4.1.4203.666.5.17" /* LDAP Chaining Behavior Control *//* work in progress */ /* ; * see also LDAP_NO_REFERRALS_FOUND, LDAP_CANNOT_CHAIN */ #define LDAP_CONTROL_X_CHAINING_BEHAVIOR "1.3.6.1.4.1.4203.666.11.3" #define LDAP_CHAINING_PREFERRED 0 #define LDAP_CHAINING_REQUIRED 1 #define LDAP_REFERRALS_PREFERRED 2 #define LDAP_REFERRALS_REQUIRED 3 /* MS Active Directory controls (for compatibility) */ #define LDAP_CONTROL_X_LAZY_COMMIT "1.2.840.113556.1.4.619" #define LDAP_CONTROL_X_INCREMENTAL_VALUES "1.2.840.113556.1.4.802" #define LDAP_CONTROL_X_DOMAIN_SCOPE "1.2.840.113556.1.4.1339" #define LDAP_CONTROL_X_PERMISSIVE_MODIFY "1.2.840.113556.1.4.1413" #define LDAP_CONTROL_X_SEARCH_OPTIONS "1.2.840.113556.1.4.1340" #define LDAP_SEARCH_FLAG_DOMAIN_SCOPE 1 /* do not generate referrals */ #define LDAP_SEARCH_FLAG_PHANTOM_ROOT 2 /* search all subordinate NCs */ #define LDAP_CONTROL_X_TREE_DELETE "1.2.840.113556.1.4.805" /* MS Active Directory controls - not implemented in slapd(8) */ #define LDAP_CONTROL_X_SERVER_NOTIFICATION "1.2.840.113556.1.4.528" #define LDAP_CONTROL_X_EXTENDED_DN "1.2.840.113556.1.4.529" #define LDAP_CONTROL_X_SHOW_DELETED "1.2.840.113556.1.4.417" #define LDAP_CONTROL_X_DIRSYNC "1.2.840.113556.1.4.841" #define LDAP_CONTROL_X_DIRSYNC_OBJECT_SECURITY 0x00000001 #define LDAP_CONTROL_X_DIRSYNC_ANCESTORS_FIRST 0x00000800 #define LDAP_CONTROL_X_DIRSYNC_PUBLIC_DATA_ONLY 0x00002000 #define LDAP_CONTROL_X_DIRSYNC_INCREMENTAL_VALUES 0x80000000 /* */ #define LDAP_CONTROL_X_SESSION_TRACKING "1.3.6.1.4.1.21008.108.63.1" #define LDAP_CONTROL_X_SESSION_TRACKING_RADIUS_ACCT_SESSION_ID \ LDAP_CONTROL_X_SESSION_TRACKING ".1" #define LDAP_CONTROL_X_SESSION_TRACKING_RADIUS_ACCT_MULTI_SESSION_ID \ LDAP_CONTROL_X_SESSION_TRACKING ".2" #define LDAP_CONTROL_X_SESSION_TRACKING_USERNAME \ LDAP_CONTROL_X_SESSION_TRACKING ".3" /* various expired works */ /* LDAP Duplicated Entry Control Extension *//* not implemented in slapd(8) */ #define LDAP_CONTROL_DUPENT_REQUEST "2.16.840.1.113719.1.27.101.1" #define LDAP_CONTROL_DUPENT_RESPONSE "2.16.840.1.113719.1.27.101.2" #define LDAP_CONTROL_DUPENT_ENTRY "2.16.840.1.113719.1.27.101.3" #define LDAP_CONTROL_DUPENT LDAP_CONTROL_DUPENT_REQUEST /* LDAP Persistent Search Control *//* not implemented in slapd(8) */ #define LDAP_CONTROL_PERSIST_REQUEST "2.16.840.1.113730.3.4.3" #define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_NOTICE "2.16.840.1.113730.3.4.7" #define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_ADD 0x1 #define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_DELETE 0x2 #define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_MODIFY 0x4 #define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_RENAME 0x8 /* LDAP VLV */ #define LDAP_CONTROL_VLVREQUEST "2.16.840.1.113730.3.4.9" #define LDAP_CONTROL_VLVRESPONSE "2.16.840.1.113730.3.4.10" /* Sun's analogue to ppolicy */ #define LDAP_CONTROL_X_ACCOUNT_USABILITY "1.3.6.1.4.1.42.2.27.9.5.8" #define LDAP_TAG_X_ACCOUNT_USABILITY_AVAILABLE ((ber_tag_t) 0x80U) /* primitive + 0 */ #define LDAP_TAG_X_ACCOUNT_USABILITY_NOT_AVAILABLE ((ber_tag_t) 0xA1U) /* constructed + 1 */ #define LDAP_TAG_X_ACCOUNT_USABILITY_INACTIVE ((ber_tag_t) 0x80U) /* primitive + 0 */ #define LDAP_TAG_X_ACCOUNT_USABILITY_RESET ((ber_tag_t) 0x81U) /* primitive + 1 */ #define LDAP_TAG_X_ACCOUNT_USABILITY_EXPIRED ((ber_tag_t) 0x82U) /* primitive + 2 */ #define LDAP_TAG_X_ACCOUNT_USABILITY_REMAINING_GRACE ((ber_tag_t) 0x83U) /* primitive + 3 */ #define LDAP_TAG_X_ACCOUNT_USABILITY_UNTIL_UNLOCK ((ber_tag_t) 0x84U) /* primitive + 4 */ /* Netscape Password policy response controls */ /* */ #define LDAP_CONTROL_X_PASSWORD_EXPIRED "2.16.840.1.113730.3.4.4" #define LDAP_CONTROL_X_PASSWORD_EXPIRING "2.16.840.1.113730.3.4.5" /* LDAP Unsolicited Notifications */ #define LDAP_NOTICE_OF_DISCONNECTION "1.3.6.1.4.1.1466.20036" /* RFC 4511 */ #define LDAP_NOTICE_DISCONNECT LDAP_NOTICE_OF_DISCONNECTION /* LDAP Extended Operations */ #define LDAP_EXOP_START_TLS "1.3.6.1.4.1.1466.20037" /* RFC 4511 */ #define LDAP_EXOP_MODIFY_PASSWD "1.3.6.1.4.1.4203.1.11.1" /* RFC 3062 */ #define LDAP_TAG_EXOP_MODIFY_PASSWD_ID ((ber_tag_t) 0x80U) #define LDAP_TAG_EXOP_MODIFY_PASSWD_OLD ((ber_tag_t) 0x81U) #define LDAP_TAG_EXOP_MODIFY_PASSWD_NEW ((ber_tag_t) 0x82U) #define LDAP_TAG_EXOP_MODIFY_PASSWD_GEN ((ber_tag_t) 0x80U) #define LDAP_EXOP_CANCEL "1.3.6.1.1.8" /* RFC 3909 */ #define LDAP_EXOP_X_CANCEL LDAP_EXOP_CANCEL #define LDAP_EXOP_REFRESH "1.3.6.1.4.1.1466.101.119.1" /* RFC 2589 */ #define LDAP_TAG_EXOP_REFRESH_REQ_DN ((ber_tag_t) 0x80U) #define LDAP_TAG_EXOP_REFRESH_REQ_TTL ((ber_tag_t) 0x81U) #define LDAP_TAG_EXOP_REFRESH_RES_TTL ((ber_tag_t) 0x81U) #define LDAP_EXOP_VERIFY_CREDENTIALS "1.3.6.1.4.1.4203.666.6.5" #define LDAP_EXOP_X_VERIFY_CREDENTIALS LDAP_EXOP_VERIFY_CREDENTIALS #define LDAP_TAG_EXOP_VERIFY_CREDENTIALS_COOKIE ((ber_tag_t) 0x80U) #define LDAP_TAG_EXOP_VERIFY_CREDENTIALS_SCREDS ((ber_tag_t) 0x81U) #define LDAP_TAG_EXOP_VERIFY_CREDENTIALS_CONTROLS ((ber_tag_t) 0xa2U) /* context specific + constructed + 2 */ #define LDAP_EXOP_WHO_AM_I "1.3.6.1.4.1.4203.1.11.3" /* RFC 4532 */ #define LDAP_EXOP_X_WHO_AM_I LDAP_EXOP_WHO_AM_I /* various works in progress */ #define LDAP_EXOP_TURN "1.3.6.1.1.19" /* RFC 4531 */ #define LDAP_EXOP_X_TURN LDAP_EXOP_TURN /* LDAP Distributed Procedures */ /* a work in progress */ #define LDAP_X_DISTPROC_BASE "1.3.6.1.4.1.4203.666.11.6" #define LDAP_EXOP_X_CHAINEDREQUEST LDAP_X_DISTPROC_BASE ".1" #define LDAP_FEATURE_X_CANCHAINOPS LDAP_X_DISTPROC_BASE ".2" #define LDAP_CONTROL_X_RETURNCONTREF LDAP_X_DISTPROC_BASE ".3" #define LDAP_URLEXT_X_LOCALREFOID LDAP_X_DISTPROC_BASE ".4" #define LDAP_URLEXT_X_REFTYPEOID LDAP_X_DISTPROC_BASE ".5" #define LDAP_URLEXT_X_SEARCHEDSUBTREEOID \ LDAP_X_DISTPROC_BASE ".6" #define LDAP_URLEXT_X_FAILEDNAMEOID LDAP_X_DISTPROC_BASE ".7" #define LDAP_URLEXT_X_LOCALREF "x-localReference" #define LDAP_URLEXT_X_REFTYPE "x-referenceType" #define LDAP_URLEXT_X_SEARCHEDSUBTREE "x-searchedSubtree" #define LDAP_URLEXT_X_FAILEDNAME "x-failedName" #define LDAP_TXN "1.3.6.1.1.21" /* RFC 5805 */ #define LDAP_EXOP_TXN_START LDAP_TXN ".1" #define LDAP_CONTROL_TXN_SPEC LDAP_TXN ".2" #define LDAP_EXOP_TXN_END LDAP_TXN ".3" #define LDAP_EXOP_TXN_ABORTED_NOTICE LDAP_TXN ".4" /* LDAP Features */ #define LDAP_FEATURE_ALL_OP_ATTRS "1.3.6.1.4.1.4203.1.5.1" /* RFC 3673 */ #define LDAP_FEATURE_OBJECTCLASS_ATTRS \ "1.3.6.1.4.1.4203.1.5.2" /* @objectClass - new number to be assigned */ #define LDAP_FEATURE_ABSOLUTE_FILTERS "1.3.6.1.4.1.4203.1.5.3" /* (&) (|) */ #define LDAP_FEATURE_LANGUAGE_TAG_OPTIONS "1.3.6.1.4.1.4203.1.5.4" #define LDAP_FEATURE_LANGUAGE_RANGE_OPTIONS "1.3.6.1.4.1.4203.1.5.5" #define LDAP_FEATURE_MODIFY_INCREMENT "1.3.6.1.1.14" /* LDAP Experimental (works in progress) Features */ #define LDAP_FEATURE_SUBORDINATE_SCOPE \ "1.3.6.1.4.1.4203.666.8.1" /* "children" */ #define LDAP_FEATURE_CHILDREN_SCOPE LDAP_FEATURE_SUBORDINATE_SCOPE /* * specific LDAP instantiations of BER types we know about */ /* Overview of LBER tag construction * * Bits * ______ * 8 7 | CLASS * 0 0 = UNIVERSAL * 0 1 = APPLICATION * 1 0 = CONTEXT-SPECIFIC * 1 1 = PRIVATE * _____ * | 6 | DATA-TYPE * 0 = PRIMITIVE * 1 = CONSTRUCTED * ___________ * | 5 ... 1 | TAG-NUMBER */ /* general stuff */ #define LDAP_TAG_MESSAGE ((ber_tag_t) 0x30U) /* constructed + 16 */ #define LDAP_TAG_MSGID ((ber_tag_t) 0x02U) /* integer */ #define LDAP_TAG_LDAPDN ((ber_tag_t) 0x04U) /* octet string */ #define LDAP_TAG_LDAPCRED ((ber_tag_t) 0x04U) /* octet string */ #define LDAP_TAG_CONTROLS ((ber_tag_t) 0xa0U) /* context specific + constructed + 0 */ #define LDAP_TAG_REFERRAL ((ber_tag_t) 0xa3U) /* context specific + constructed + 3 */ #define LDAP_TAG_NEWSUPERIOR ((ber_tag_t) 0x80U) /* context-specific + primitive + 0 */ #define LDAP_TAG_EXOP_REQ_OID ((ber_tag_t) 0x80U) /* context specific + primitive */ #define LDAP_TAG_EXOP_REQ_VALUE ((ber_tag_t) 0x81U) /* context specific + primitive */ #define LDAP_TAG_EXOP_RES_OID ((ber_tag_t) 0x8aU) /* context specific + primitive */ #define LDAP_TAG_EXOP_RES_VALUE ((ber_tag_t) 0x8bU) /* context specific + primitive */ #define LDAP_TAG_IM_RES_OID ((ber_tag_t) 0x80U) /* context specific + primitive */ #define LDAP_TAG_IM_RES_VALUE ((ber_tag_t) 0x81U) /* context specific + primitive */ #define LDAP_TAG_SASL_RES_CREDS ((ber_tag_t) 0x87U) /* context specific + primitive */ /* LDAP Request Messages */ #define LDAP_REQ_BIND ((ber_tag_t) 0x60U) /* application + constructed */ #define LDAP_REQ_UNBIND ((ber_tag_t) 0x42U) /* application + primitive */ #define LDAP_REQ_SEARCH ((ber_tag_t) 0x63U) /* application + constructed */ #define LDAP_REQ_MODIFY ((ber_tag_t) 0x66U) /* application + constructed */ #define LDAP_REQ_ADD ((ber_tag_t) 0x68U) /* application + constructed */ #define LDAP_REQ_DELETE ((ber_tag_t) 0x4aU) /* application + primitive */ #define LDAP_REQ_MODDN ((ber_tag_t) 0x6cU) /* application + constructed */ #define LDAP_REQ_MODRDN LDAP_REQ_MODDN #define LDAP_REQ_RENAME LDAP_REQ_MODDN #define LDAP_REQ_COMPARE ((ber_tag_t) 0x6eU) /* application + constructed */ #define LDAP_REQ_ABANDON ((ber_tag_t) 0x50U) /* application + primitive */ #define LDAP_REQ_EXTENDED ((ber_tag_t) 0x77U) /* application + constructed */ /* LDAP Response Messages */ #define LDAP_RES_BIND ((ber_tag_t) 0x61U) /* application + constructed */ #define LDAP_RES_SEARCH_ENTRY ((ber_tag_t) 0x64U) /* application + constructed */ #define LDAP_RES_SEARCH_REFERENCE ((ber_tag_t) 0x73U) /* V3: application + constructed */ #define LDAP_RES_SEARCH_RESULT ((ber_tag_t) 0x65U) /* application + constructed */ #define LDAP_RES_MODIFY ((ber_tag_t) 0x67U) /* application + constructed */ #define LDAP_RES_ADD ((ber_tag_t) 0x69U) /* application + constructed */ #define LDAP_RES_DELETE ((ber_tag_t) 0x6bU) /* application + constructed */ #define LDAP_RES_MODDN ((ber_tag_t) 0x6dU) /* application + constructed */ #define LDAP_RES_MODRDN LDAP_RES_MODDN /* application + constructed */ #define LDAP_RES_RENAME LDAP_RES_MODDN /* application + constructed */ #define LDAP_RES_COMPARE ((ber_tag_t) 0x6fU) /* application + constructed */ #define LDAP_RES_EXTENDED ((ber_tag_t) 0x78U) /* V3: application + constructed */ #define LDAP_RES_INTERMEDIATE ((ber_tag_t) 0x79U) /* V3+: application + constructed */ #define LDAP_RES_ANY (-1) #define LDAP_RES_UNSOLICITED (0) /* sasl methods */ #define LDAP_SASL_SIMPLE ((char*)0) #define LDAP_SASL_NULL ("") /* authentication methods available */ #define LDAP_AUTH_NONE ((ber_tag_t) 0x00U) /* no authentication */ #define LDAP_AUTH_SIMPLE ((ber_tag_t) 0x80U) /* context specific + primitive */ #define LDAP_AUTH_SASL ((ber_tag_t) 0xa3U) /* context specific + constructed */ #define LDAP_AUTH_KRBV4 ((ber_tag_t) 0xffU) /* means do both of the following */ #define LDAP_AUTH_KRBV41 ((ber_tag_t) 0x81U) /* context specific + primitive */ #define LDAP_AUTH_KRBV42 ((ber_tag_t) 0x82U) /* context specific + primitive */ /* used by the Windows API but not used on the wire */ #define LDAP_AUTH_NEGOTIATE ((ber_tag_t) 0x04FFU) /* filter types */ #define LDAP_FILTER_AND ((ber_tag_t) 0xa0U) /* context specific + constructed */ #define LDAP_FILTER_OR ((ber_tag_t) 0xa1U) /* context specific + constructed */ #define LDAP_FILTER_NOT ((ber_tag_t) 0xa2U) /* context specific + constructed */ #define LDAP_FILTER_EQUALITY ((ber_tag_t) 0xa3U) /* context specific + constructed */ #define LDAP_FILTER_SUBSTRINGS ((ber_tag_t) 0xa4U) /* context specific + constructed */ #define LDAP_FILTER_GE ((ber_tag_t) 0xa5U) /* context specific + constructed */ #define LDAP_FILTER_LE ((ber_tag_t) 0xa6U) /* context specific + constructed */ #define LDAP_FILTER_PRESENT ((ber_tag_t) 0x87U) /* context specific + primitive */ #define LDAP_FILTER_APPROX ((ber_tag_t) 0xa8U) /* context specific + constructed */ #define LDAP_FILTER_EXT ((ber_tag_t) 0xa9U) /* context specific + constructed */ /* extended filter component types */ #define LDAP_FILTER_EXT_OID ((ber_tag_t) 0x81U) /* context specific */ #define LDAP_FILTER_EXT_TYPE ((ber_tag_t) 0x82U) /* context specific */ #define LDAP_FILTER_EXT_VALUE ((ber_tag_t) 0x83U) /* context specific */ #define LDAP_FILTER_EXT_DNATTRS ((ber_tag_t) 0x84U) /* context specific */ /* substring filter component types */ #define LDAP_SUBSTRING_INITIAL ((ber_tag_t) 0x80U) /* context specific */ #define LDAP_SUBSTRING_ANY ((ber_tag_t) 0x81U) /* context specific */ #define LDAP_SUBSTRING_FINAL ((ber_tag_t) 0x82U) /* context specific */ /* search scopes */ #define LDAP_SCOPE_BASE ((ber_int_t) 0x0000) #define LDAP_SCOPE_BASEOBJECT LDAP_SCOPE_BASE #define LDAP_SCOPE_ONELEVEL ((ber_int_t) 0x0001) #define LDAP_SCOPE_ONE LDAP_SCOPE_ONELEVEL #define LDAP_SCOPE_SUBTREE ((ber_int_t) 0x0002) #define LDAP_SCOPE_SUB LDAP_SCOPE_SUBTREE #define LDAP_SCOPE_SUBORDINATE ((ber_int_t) 0x0003) /* OpenLDAP extension */ #define LDAP_SCOPE_CHILDREN LDAP_SCOPE_SUBORDINATE #define LDAP_SCOPE_DEFAULT ((ber_int_t) -1) /* OpenLDAP extension */ /* substring filter component types */ #define LDAP_SUBSTRING_INITIAL ((ber_tag_t) 0x80U) /* context specific */ #define LDAP_SUBSTRING_ANY ((ber_tag_t) 0x81U) /* context specific */ #define LDAP_SUBSTRING_FINAL ((ber_tag_t) 0x82U) /* context specific */ /* * LDAP Result Codes */ #define LDAP_SUCCESS 0x00 #define LDAP_RANGE(n,x,y) (((x) <= (n)) && ((n) <= (y))) #define LDAP_OPERATIONS_ERROR 0x01 #define LDAP_PROTOCOL_ERROR 0x02 #define LDAP_TIMELIMIT_EXCEEDED 0x03 #define LDAP_SIZELIMIT_EXCEEDED 0x04 #define LDAP_COMPARE_FALSE 0x05 #define LDAP_COMPARE_TRUE 0x06 #define LDAP_AUTH_METHOD_NOT_SUPPORTED 0x07 #define LDAP_STRONG_AUTH_NOT_SUPPORTED LDAP_AUTH_METHOD_NOT_SUPPORTED #define LDAP_STRONG_AUTH_REQUIRED 0x08 #define LDAP_STRONGER_AUTH_REQUIRED LDAP_STRONG_AUTH_REQUIRED #define LDAP_PARTIAL_RESULTS 0x09 /* LDAPv2+ (not LDAPv3) */ #define LDAP_REFERRAL 0x0a /* LDAPv3 */ #define LDAP_ADMINLIMIT_EXCEEDED 0x0b /* LDAPv3 */ #define LDAP_UNAVAILABLE_CRITICAL_EXTENSION 0x0c /* LDAPv3 */ #define LDAP_CONFIDENTIALITY_REQUIRED 0x0d /* LDAPv3 */ #define LDAP_SASL_BIND_IN_PROGRESS 0x0e /* LDAPv3 */ #define LDAP_ATTR_ERROR(n) LDAP_RANGE((n),0x10,0x15) /* 16-21 */ #define LDAP_NO_SUCH_ATTRIBUTE 0x10 #define LDAP_UNDEFINED_TYPE 0x11 #define LDAP_INAPPROPRIATE_MATCHING 0x12 #define LDAP_CONSTRAINT_VIOLATION 0x13 #define LDAP_TYPE_OR_VALUE_EXISTS 0x14 #define LDAP_INVALID_SYNTAX 0x15 #define LDAP_NAME_ERROR(n) LDAP_RANGE((n),0x20,0x24) /* 32-34,36 */ #define LDAP_NO_SUCH_OBJECT 0x20 #define LDAP_ALIAS_PROBLEM 0x21 #define LDAP_INVALID_DN_SYNTAX 0x22 #define LDAP_IS_LEAF 0x23 /* not LDAPv3 */ #define LDAP_ALIAS_DEREF_PROBLEM 0x24 #define LDAP_SECURITY_ERROR(n) LDAP_RANGE((n),0x2F,0x32) /* 47-50 */ #define LDAP_X_PROXY_AUTHZ_FAILURE 0x2F /* LDAPv3 proxy authorization */ #define LDAP_INAPPROPRIATE_AUTH 0x30 #define LDAP_INVALID_CREDENTIALS 0x31 #define LDAP_INSUFFICIENT_ACCESS 0x32 #define LDAP_SERVICE_ERROR(n) LDAP_RANGE((n),0x33,0x36) /* 51-54 */ #define LDAP_BUSY 0x33 #define LDAP_UNAVAILABLE 0x34 #define LDAP_UNWILLING_TO_PERFORM 0x35 #define LDAP_LOOP_DETECT 0x36 #define LDAP_UPDATE_ERROR(n) LDAP_RANGE((n),0x40,0x47) /* 64-69,71 */ #define LDAP_NAMING_VIOLATION 0x40 #define LDAP_OBJECT_CLASS_VIOLATION 0x41 #define LDAP_NOT_ALLOWED_ON_NONLEAF 0x42 #define LDAP_NOT_ALLOWED_ON_RDN 0x43 #define LDAP_ALREADY_EXISTS 0x44 #define LDAP_NO_OBJECT_CLASS_MODS 0x45 #define LDAP_RESULTS_TOO_LARGE 0x46 /* CLDAP */ #define LDAP_AFFECTS_MULTIPLE_DSAS 0x47 #define LDAP_VLV_ERROR 0x4C #define LDAP_OTHER 0x50 /* LCUP operation codes (113-117) - not implemented */ #define LDAP_CUP_RESOURCES_EXHAUSTED 0x71 #define LDAP_CUP_SECURITY_VIOLATION 0x72 #define LDAP_CUP_INVALID_DATA 0x73 #define LDAP_CUP_UNSUPPORTED_SCHEME 0x74 #define LDAP_CUP_RELOAD_REQUIRED 0x75 /* Cancel operation codes (118-121) */ #define LDAP_CANCELLED 0x76 #define LDAP_NO_SUCH_OPERATION 0x77 #define LDAP_TOO_LATE 0x78 #define LDAP_CANNOT_CANCEL 0x79 /* Assertion control (122) */ #define LDAP_ASSERTION_FAILED 0x7A /* Proxied Authorization Denied (123) */ #define LDAP_PROXIED_AUTHORIZATION_DENIED 0x7B /* Experimental result codes */ #define LDAP_E_ERROR(n) LDAP_RANGE((n),0x1000,0x3FFF) /* LDAP Sync (4096) */ #define LDAP_SYNC_REFRESH_REQUIRED 0x1000 /* Private Use result codes */ #define LDAP_X_ERROR(n) LDAP_RANGE((n),0x4000,0xFFFF) #define LDAP_X_SYNC_REFRESH_REQUIRED 0x4100 /* defunct */ #define LDAP_X_ASSERTION_FAILED 0x410f /* defunct */ /* for the LDAP No-Op control */ #define LDAP_X_NO_OPERATION 0x410e /* for the Chaining Behavior control (consecutive result codes requested; * see ) */ #ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR #define LDAP_X_NO_REFERRALS_FOUND 0x4110 #define LDAP_X_CANNOT_CHAIN 0x4111 #endif /* for Distributed Procedures (see ) */ #ifdef LDAP_X_DISTPROC_BASE #define LDAP_X_INVALIDREFERENCE 0x4112 #endif #define LDAP_TXN_SPECIFY_OKAY 0x4120 #define LDAP_TXN_ID_INVALID 0x4121 /* API Error Codes * * Based on draft-ietf-ldap-c-api-xx * but with new negative code values */ #define LDAP_API_ERROR(n) ((n)<0) #define LDAP_API_RESULT(n) ((n)<=0) #define LDAP_SERVER_DOWN (-1) #define LDAP_LOCAL_ERROR (-2) #define LDAP_ENCODING_ERROR (-3) #define LDAP_DECODING_ERROR (-4) #define LDAP_TIMEOUT (-5) #define LDAP_AUTH_UNKNOWN (-6) #define LDAP_FILTER_ERROR (-7) #define LDAP_USER_CANCELLED (-8) #define LDAP_PARAM_ERROR (-9) #define LDAP_NO_MEMORY (-10) #define LDAP_CONNECT_ERROR (-11) #define LDAP_NOT_SUPPORTED (-12) #define LDAP_CONTROL_NOT_FOUND (-13) #define LDAP_NO_RESULTS_RETURNED (-14) #define LDAP_MORE_RESULTS_TO_RETURN (-15) /* Obsolete */ #define LDAP_CLIENT_LOOP (-16) #define LDAP_REFERRAL_LIMIT_EXCEEDED (-17) #define LDAP_X_CONNECTING (-18) /* * This structure represents both ldap messages and ldap responses. * These are really the same, except in the case of search responses, * where a response has multiple messages. */ typedef struct ldapmsg LDAPMessage; /* for modifications */ typedef struct ldapmod { int mod_op; #define LDAP_MOD_OP (0x0007) #define LDAP_MOD_ADD (0x0000) #define LDAP_MOD_DELETE (0x0001) #define LDAP_MOD_REPLACE (0x0002) #define LDAP_MOD_INCREMENT (0x0003) /* OpenLDAP extension */ #define LDAP_MOD_BVALUES (0x0080) /* IMPORTANT: do not use code 0x1000 (or above), * it is used internally by the backends! * (see ldap/servers/slapd/slap.h) */ char *mod_type; union mod_vals_u { char **modv_strvals; struct berval **modv_bvals; } mod_vals; #define mod_values mod_vals.modv_strvals #define mod_bvalues mod_vals.modv_bvals } LDAPMod; /* * structure representing an ldap session which can * encompass connections to multiple servers (in the * face of referrals). */ typedef struct ldap LDAP; #define LDAP_DEREF_NEVER 0x00 #define LDAP_DEREF_SEARCHING 0x01 #define LDAP_DEREF_FINDING 0x02 #define LDAP_DEREF_ALWAYS 0x03 #define LDAP_NO_LIMIT 0 /* how many messages to retrieve results for */ #define LDAP_MSG_ONE 0x00 #define LDAP_MSG_ALL 0x01 #define LDAP_MSG_RECEIVED 0x02 /* * types for ldap URL handling */ typedef struct ldap_url_desc { struct ldap_url_desc *lud_next; char *lud_scheme; char *lud_host; int lud_port; char *lud_dn; char **lud_attrs; int lud_scope; char *lud_filter; char **lud_exts; int lud_crit_exts; } LDAPURLDesc; #define LDAP_URL_SUCCESS 0x00 /* Success */ #define LDAP_URL_ERR_MEM 0x01 /* can't allocate memory space */ #define LDAP_URL_ERR_PARAM 0x02 /* parameter is bad */ #define LDAP_URL_ERR_BADSCHEME 0x03 /* URL doesn't begin with "ldap[si]://" */ #define LDAP_URL_ERR_BADENCLOSURE 0x04 /* URL is missing trailing ">" */ #define LDAP_URL_ERR_BADURL 0x05 /* URL is bad */ #define LDAP_URL_ERR_BADHOST 0x06 /* host port is bad */ #define LDAP_URL_ERR_BADATTRS 0x07 /* bad (or missing) attributes */ #define LDAP_URL_ERR_BADSCOPE 0x08 /* scope string is invalid (or missing) */ #define LDAP_URL_ERR_BADFILTER 0x09 /* bad or missing filter */ #define LDAP_URL_ERR_BADEXTS 0x0a /* bad or missing extensions */ /* * LDAP sync (RFC4533) API */ typedef struct ldap_sync_t ldap_sync_t; typedef enum { /* these are private - the client should never see them */ LDAP_SYNC_CAPI_NONE = -1, LDAP_SYNC_CAPI_PHASE_FLAG = 0x10U, LDAP_SYNC_CAPI_IDSET_FLAG = 0x20U, LDAP_SYNC_CAPI_DONE_FLAG = 0x40U, /* these are passed to ls_search_entry() */ LDAP_SYNC_CAPI_PRESENT = LDAP_SYNC_PRESENT, LDAP_SYNC_CAPI_ADD = LDAP_SYNC_ADD, LDAP_SYNC_CAPI_MODIFY = LDAP_SYNC_MODIFY, LDAP_SYNC_CAPI_DELETE = LDAP_SYNC_DELETE, /* these are passed to ls_intermediate() */ LDAP_SYNC_CAPI_PRESENTS = ( LDAP_SYNC_CAPI_PHASE_FLAG | LDAP_SYNC_CAPI_PRESENT ), LDAP_SYNC_CAPI_DELETES = ( LDAP_SYNC_CAPI_PHASE_FLAG | LDAP_SYNC_CAPI_DELETE ), LDAP_SYNC_CAPI_PRESENTS_IDSET = ( LDAP_SYNC_CAPI_PRESENTS | LDAP_SYNC_CAPI_IDSET_FLAG ), LDAP_SYNC_CAPI_DELETES_IDSET = ( LDAP_SYNC_CAPI_DELETES | LDAP_SYNC_CAPI_IDSET_FLAG ), LDAP_SYNC_CAPI_DONE = ( LDAP_SYNC_CAPI_DONE_FLAG | LDAP_SYNC_CAPI_PRESENTS ) } ldap_sync_refresh_t; /* * Called when an entry is returned by ldap_result(). * If phase is LDAP_SYNC_CAPI_ADD or LDAP_SYNC_CAPI_MODIFY, * the entry has been either added or modified, and thus * the complete view of the entry should be in the LDAPMessage. * If phase is LDAP_SYNC_CAPI_PRESENT or LDAP_SYNC_CAPI_DELETE, * only the DN should be in the LDAPMessage. */ typedef int (*ldap_sync_search_entry_f) LDAP_P(( ldap_sync_t *ls, LDAPMessage *msg, struct berval *entryUUID, ldap_sync_refresh_t phase )); /* * Called when a reference is returned; the client should know * what to do with it. */ typedef int (*ldap_sync_search_reference_f) LDAP_P(( ldap_sync_t *ls, LDAPMessage *msg )); /* * Called when specific intermediate/final messages are returned. * If phase is LDAP_SYNC_CAPI_PRESENTS or LDAP_SYNC_CAPI_DELETES, * a "presents" or "deletes" phase begins. * If phase is LDAP_SYNC_CAPI_DONE, a special "presents" phase * with refreshDone set to "TRUE" has been returned, to indicate * that the refresh phase of a refreshAndPersist is complete. * In the above cases, syncUUIDs is NULL. * * If phase is LDAP_SYNC_CAPI_PRESENTS_IDSET or * LDAP_SYNC_CAPI_DELETES_IDSET, syncUUIDs is an array of UUIDs * that are either present or have been deleted. */ typedef int (*ldap_sync_intermediate_f) LDAP_P(( ldap_sync_t *ls, LDAPMessage *msg, BerVarray syncUUIDs, ldap_sync_refresh_t phase )); /* * Called when a searchResultDone is returned. In refreshAndPersist, * this can only occur if the search for any reason is being terminated * by the server. */ typedef int (*ldap_sync_search_result_f) LDAP_P(( ldap_sync_t *ls, LDAPMessage *msg, int refreshDeletes )); /* * This structure contains all information about the persistent search; * the caller is responsible for connecting, setting version, binding, tls... */ struct ldap_sync_t { /* conf search params */ char *ls_base; int ls_scope; char *ls_filter; char **ls_attrs; int ls_timelimit; int ls_sizelimit; /* poll timeout */ int ls_timeout; /* helpers - add as appropriate */ ldap_sync_search_entry_f ls_search_entry; ldap_sync_search_reference_f ls_search_reference; ldap_sync_intermediate_f ls_intermediate; ldap_sync_search_result_f ls_search_result; /* set by the caller as appropriate */ void *ls_private; /* conn stuff */ LDAP *ls_ld; /* --- the parameters below are private - do not modify --- */ /* FIXME: make the structure opaque, and provide an interface * to modify the public values? */ /* result stuff */ int ls_msgid; /* sync stuff */ /* needed by refreshOnly */ int ls_reloadHint; /* opaque - need to pass between sessions, updated by the API */ struct berval ls_cookie; /* state variable - do not modify */ ldap_sync_refresh_t ls_refreshPhase; }; /* * End of LDAP sync (RFC4533) API */ /* * Connection callbacks... */ struct ldap_conncb; struct sockaddr; /* Called after a connection is established */ typedef int (ldap_conn_add_f) LDAP_P(( LDAP *ld, Sockbuf *sb, LDAPURLDesc *srv, struct sockaddr *addr, struct ldap_conncb *ctx )); /* Called before a connection is closed */ typedef void (ldap_conn_del_f) LDAP_P(( LDAP *ld, Sockbuf *sb, struct ldap_conncb *ctx )); /* Callbacks are pushed on a stack. Last one pushed is first one executed. The * delete callback is called with a NULL Sockbuf just before freeing the LDAP handle. */ typedef struct ldap_conncb { ldap_conn_add_f *lc_add; ldap_conn_del_f *lc_del; void *lc_arg; } ldap_conncb; /* * The API draft spec says we should declare (or cause to be declared) * 'struct timeval'. We don't. See IETF LDAPext discussions. */ struct timeval; /* * in options.c: */ LDAP_F( int ) ldap_get_option LDAP_P(( LDAP *ld, int option, void *outvalue)); LDAP_F( int ) ldap_set_option LDAP_P(( LDAP *ld, int option, LDAP_CONST void *invalue)); /* V3 REBIND Function Callback Prototype */ typedef int (LDAP_REBIND_PROC) LDAP_P(( LDAP *ld, LDAP_CONST char *url, ber_tag_t request, ber_int_t msgid, void *params )); LDAP_F( int ) ldap_set_rebind_proc LDAP_P(( LDAP *ld, LDAP_REBIND_PROC *rebind_proc, void *params )); /* V3 referral selection Function Callback Prototype */ typedef int (LDAP_NEXTREF_PROC) LDAP_P(( LDAP *ld, char ***refsp, int *cntp, void *params )); LDAP_F( int ) ldap_set_nextref_proc LDAP_P(( LDAP *ld, LDAP_NEXTREF_PROC *nextref_proc, void *params )); /* V3 URLLIST Function Callback Prototype */ typedef int (LDAP_URLLIST_PROC) LDAP_P(( LDAP *ld, LDAPURLDesc **urllist, LDAPURLDesc **url, void *params )); LDAP_F( int ) ldap_set_urllist_proc LDAP_P(( LDAP *ld, LDAP_URLLIST_PROC *urllist_proc, void *params )); /* * in controls.c: */ #if LDAP_DEPRECATED LDAP_F( int ) ldap_create_control LDAP_P(( /* deprecated, use ldap_control_create */ LDAP_CONST char *requestOID, BerElement *ber, int iscritical, LDAPControl **ctrlp )); LDAP_F( LDAPControl * ) ldap_find_control LDAP_P(( /* deprecated, use ldap_control_find */ LDAP_CONST char *oid, LDAPControl **ctrls )); #endif LDAP_F( int ) ldap_control_create LDAP_P(( LDAP_CONST char *requestOID, int iscritical, struct berval *value, int dupval, LDAPControl **ctrlp )); LDAP_F( LDAPControl * ) ldap_control_find LDAP_P(( LDAP_CONST char *oid, LDAPControl **ctrls, LDAPControl ***nextctrlp )); LDAP_F( void ) ldap_control_free LDAP_P(( LDAPControl *ctrl )); LDAP_F( void ) ldap_controls_free LDAP_P(( LDAPControl **ctrls )); LDAP_F( LDAPControl ** ) ldap_controls_dup LDAP_P(( LDAPControl *LDAP_CONST *controls )); LDAP_F( LDAPControl * ) ldap_control_dup LDAP_P(( LDAP_CONST LDAPControl *c )); /* * in dnssrv.c: */ LDAP_F( int ) ldap_domain2dn LDAP_P(( LDAP_CONST char* domain, char** dn )); LDAP_F( int ) ldap_dn2domain LDAP_P(( LDAP_CONST char* dn, char** domain )); LDAP_F( int ) ldap_domain2hostlist LDAP_P(( LDAP_CONST char *domain, char** hostlist )); /* * in extended.c: */ LDAP_F( int ) ldap_extended_operation LDAP_P(( LDAP *ld, LDAP_CONST char *reqoid, struct berval *reqdata, LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp )); LDAP_F( int ) ldap_extended_operation_s LDAP_P(( LDAP *ld, LDAP_CONST char *reqoid, struct berval *reqdata, LDAPControl **serverctrls, LDAPControl **clientctrls, char **retoidp, struct berval **retdatap )); LDAP_F( int ) ldap_parse_extended_result LDAP_P(( LDAP *ld, LDAPMessage *res, char **retoidp, struct berval **retdatap, int freeit )); LDAP_F( int ) ldap_parse_intermediate LDAP_P(( LDAP *ld, LDAPMessage *res, char **retoidp, struct berval **retdatap, LDAPControl ***serverctrls, int freeit )); /* * in abandon.c: */ LDAP_F( int ) ldap_abandon_ext LDAP_P(( LDAP *ld, int msgid, LDAPControl **serverctrls, LDAPControl **clientctrls )); #if LDAP_DEPRECATED LDAP_F( int ) ldap_abandon LDAP_P(( /* deprecated, use ldap_abandon_ext */ LDAP *ld, int msgid )); #endif /* * in add.c: */ LDAP_F( int ) ldap_add_ext LDAP_P(( LDAP *ld, LDAP_CONST char *dn, LDAPMod **attrs, LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp )); LDAP_F( int ) ldap_add_ext_s LDAP_P(( LDAP *ld, LDAP_CONST char *dn, LDAPMod **attrs, LDAPControl **serverctrls, LDAPControl **clientctrls )); #if LDAP_DEPRECATED LDAP_F( int ) ldap_add LDAP_P(( /* deprecated, use ldap_add_ext */ LDAP *ld, LDAP_CONST char *dn, LDAPMod **attrs )); LDAP_F( int ) ldap_add_s LDAP_P(( /* deprecated, use ldap_add_ext_s */ LDAP *ld, LDAP_CONST char *dn, LDAPMod **attrs )); #endif /* * in sasl.c: */ LDAP_F( int ) ldap_sasl_bind LDAP_P(( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *mechanism, struct berval *cred, LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp )); /* Interaction flags (should be passed about in a control) * Automatic (default): use defaults, prompt otherwise * Interactive: prompt always * Quiet: never prompt */ #define LDAP_SASL_AUTOMATIC 0U #define LDAP_SASL_INTERACTIVE 1U #define LDAP_SASL_QUIET 2U /* * V3 SASL Interaction Function Callback Prototype * when using Cyrus SASL, interact is pointer to sasl_interact_t * should likely passed in a control (and provided controls) */ typedef int (LDAP_SASL_INTERACT_PROC) LDAP_P(( LDAP *ld, unsigned flags, void* defaults, void *interact )); LDAP_F( int ) ldap_sasl_interactive_bind LDAP_P(( LDAP *ld, LDAP_CONST char *dn, /* usually NULL */ LDAP_CONST char *saslMechanism, LDAPControl **serverControls, LDAPControl **clientControls, /* should be client controls */ unsigned flags, LDAP_SASL_INTERACT_PROC *proc, void *defaults, /* as obtained from ldap_result() */ LDAPMessage *result, /* returned during bind processing */ const char **rmech, int *msgid )); LDAP_F( int ) ldap_sasl_interactive_bind_s LDAP_P(( LDAP *ld, LDAP_CONST char *dn, /* usually NULL */ LDAP_CONST char *saslMechanism, LDAPControl **serverControls, LDAPControl **clientControls, /* should be client controls */ unsigned flags, LDAP_SASL_INTERACT_PROC *proc, void *defaults )); LDAP_F( int ) ldap_sasl_bind_s LDAP_P(( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *mechanism, struct berval *cred, LDAPControl **serverctrls, LDAPControl **clientctrls, struct berval **servercredp )); LDAP_F( int ) ldap_parse_sasl_bind_result LDAP_P(( LDAP *ld, LDAPMessage *res, struct berval **servercredp, int freeit )); #if LDAP_DEPRECATED /* * in bind.c: * (deprecated) */ LDAP_F( int ) ldap_bind LDAP_P(( /* deprecated, use ldap_sasl_bind */ LDAP *ld, LDAP_CONST char *who, LDAP_CONST char *passwd, int authmethod )); LDAP_F( int ) ldap_bind_s LDAP_P(( /* deprecated, use ldap_sasl_bind_s */ LDAP *ld, LDAP_CONST char *who, LDAP_CONST char *cred, int authmethod )); /* * in sbind.c: */ LDAP_F( int ) ldap_simple_bind LDAP_P(( /* deprecated, use ldap_sasl_bind */ LDAP *ld, LDAP_CONST char *who, LDAP_CONST char *passwd )); LDAP_F( int ) ldap_simple_bind_s LDAP_P(( /* deprecated, use ldap_sasl_bind_s */ LDAP *ld, LDAP_CONST char *who, LDAP_CONST char *passwd )); #endif /* * in compare.c: */ LDAP_F( int ) ldap_compare_ext LDAP_P(( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *attr, struct berval *bvalue, LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp )); LDAP_F( int ) ldap_compare_ext_s LDAP_P(( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *attr, struct berval *bvalue, LDAPControl **serverctrls, LDAPControl **clientctrls )); #if LDAP_DEPRECATED LDAP_F( int ) ldap_compare LDAP_P(( /* deprecated, use ldap_compare_ext */ LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *attr, LDAP_CONST char *value )); LDAP_F( int ) ldap_compare_s LDAP_P(( /* deprecated, use ldap_compare_ext_s */ LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *attr, LDAP_CONST char *value )); #endif /* * in delete.c: */ LDAP_F( int ) ldap_delete_ext LDAP_P(( LDAP *ld, LDAP_CONST char *dn, LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp )); LDAP_F( int ) ldap_delete_ext_s LDAP_P(( LDAP *ld, LDAP_CONST char *dn, LDAPControl **serverctrls, LDAPControl **clientctrls )); #if LDAP_DEPRECATED LDAP_F( int ) ldap_delete LDAP_P(( /* deprecated, use ldap_delete_ext */ LDAP *ld, LDAP_CONST char *dn )); LDAP_F( int ) ldap_delete_s LDAP_P(( /* deprecated, use ldap_delete_ext_s */ LDAP *ld, LDAP_CONST char *dn )); #endif /* * in error.c: */ LDAP_F( int ) ldap_parse_result LDAP_P(( LDAP *ld, LDAPMessage *res, int *errcodep, char **matcheddnp, char **diagmsgp, char ***referralsp, LDAPControl ***serverctrls, int freeit )); LDAP_F( char * ) ldap_err2string LDAP_P(( int err )); #if LDAP_DEPRECATED LDAP_F( int ) ldap_result2error LDAP_P(( /* deprecated, use ldap_parse_result */ LDAP *ld, LDAPMessage *r, int freeit )); LDAP_F( void ) ldap_perror LDAP_P(( /* deprecated, use ldap_err2string */ LDAP *ld, LDAP_CONST char *s )); #endif /* * in modify.c: */ LDAP_F( int ) ldap_modify_ext LDAP_P(( LDAP *ld, LDAP_CONST char *dn, LDAPMod **mods, LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp )); LDAP_F( int ) ldap_modify_ext_s LDAP_P(( LDAP *ld, LDAP_CONST char *dn, LDAPMod **mods, LDAPControl **serverctrls, LDAPControl **clientctrls )); #if LDAP_DEPRECATED LDAP_F( int ) ldap_modify LDAP_P(( /* deprecated, use ldap_modify_ext */ LDAP *ld, LDAP_CONST char *dn, LDAPMod **mods )); LDAP_F( int ) ldap_modify_s LDAP_P(( /* deprecated, use ldap_modify_ext_s */ LDAP *ld, LDAP_CONST char *dn, LDAPMod **mods )); #endif /* * in modrdn.c: */ LDAP_F( int ) ldap_rename LDAP_P(( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *newrdn, LDAP_CONST char *newSuperior, int deleteoldrdn, LDAPControl **sctrls, LDAPControl **cctrls, int *msgidp )); LDAP_F( int ) ldap_rename_s LDAP_P(( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *newrdn, LDAP_CONST char *newSuperior, int deleteoldrdn, LDAPControl **sctrls, LDAPControl **cctrls )); #if LDAP_DEPRECATED LDAP_F( int ) ldap_rename2 LDAP_P(( /* deprecated, use ldap_rename */ LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *newrdn, LDAP_CONST char *newSuperior, int deleteoldrdn )); LDAP_F( int ) ldap_rename2_s LDAP_P(( /* deprecated, use ldap_rename_s */ LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *newrdn, LDAP_CONST char *newSuperior, int deleteoldrdn )); LDAP_F( int ) ldap_modrdn LDAP_P(( /* deprecated, use ldap_rename */ LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *newrdn )); LDAP_F( int ) ldap_modrdn_s LDAP_P(( /* deprecated, use ldap_rename_s */ LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *newrdn )); LDAP_F( int ) ldap_modrdn2 LDAP_P(( /* deprecated, use ldap_rename */ LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *newrdn, int deleteoldrdn )); LDAP_F( int ) ldap_modrdn2_s LDAP_P(( /* deprecated, use ldap_rename_s */ LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *newrdn, int deleteoldrdn)); #endif /* * in open.c: */ #if LDAP_DEPRECATED LDAP_F( LDAP * ) ldap_init LDAP_P(( /* deprecated, use ldap_create or ldap_initialize */ LDAP_CONST char *host, int port )); LDAP_F( LDAP * ) ldap_open LDAP_P(( /* deprecated, use ldap_create or ldap_initialize */ LDAP_CONST char *host, int port )); #endif LDAP_F( int ) ldap_create LDAP_P(( LDAP **ldp )); LDAP_F( int ) ldap_initialize LDAP_P(( LDAP **ldp, LDAP_CONST char *url )); LDAP_F( LDAP * ) ldap_dup LDAP_P(( LDAP *old )); LDAP_F( int ) ldap_connect( LDAP *ld ); /* * in tls.c */ LDAP_F( int ) ldap_tls_inplace LDAP_P(( LDAP *ld )); LDAP_F( int ) ldap_start_tls LDAP_P(( LDAP *ld, LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp )); LDAP_F( int ) ldap_install_tls LDAP_P(( LDAP *ld )); LDAP_F( int ) ldap_start_tls_s LDAP_P(( LDAP *ld, LDAPControl **serverctrls, LDAPControl **clientctrls )); /* * in messages.c: */ LDAP_F( LDAPMessage * ) ldap_first_message LDAP_P(( LDAP *ld, LDAPMessage *chain )); LDAP_F( LDAPMessage * ) ldap_next_message LDAP_P(( LDAP *ld, LDAPMessage *msg )); LDAP_F( int ) ldap_count_messages LDAP_P(( LDAP *ld, LDAPMessage *chain )); /* * in references.c: */ LDAP_F( LDAPMessage * ) ldap_first_reference LDAP_P(( LDAP *ld, LDAPMessage *chain )); LDAP_F( LDAPMessage * ) ldap_next_reference LDAP_P(( LDAP *ld, LDAPMessage *ref )); LDAP_F( int ) ldap_count_references LDAP_P(( LDAP *ld, LDAPMessage *chain )); LDAP_F( int ) ldap_parse_reference LDAP_P(( LDAP *ld, LDAPMessage *ref, char ***referralsp, LDAPControl ***serverctrls, int freeit)); /* * in getentry.c: */ LDAP_F( LDAPMessage * ) ldap_first_entry LDAP_P(( LDAP *ld, LDAPMessage *chain )); LDAP_F( LDAPMessage * ) ldap_next_entry LDAP_P(( LDAP *ld, LDAPMessage *entry )); LDAP_F( int ) ldap_count_entries LDAP_P(( LDAP *ld, LDAPMessage *chain )); LDAP_F( int ) ldap_get_entry_controls LDAP_P(( LDAP *ld, LDAPMessage *entry, LDAPControl ***serverctrls)); /* * in addentry.c */ LDAP_F( LDAPMessage * ) ldap_delete_result_entry LDAP_P(( LDAPMessage **list, LDAPMessage *e )); LDAP_F( void ) ldap_add_result_entry LDAP_P(( LDAPMessage **list, LDAPMessage *e )); /* * in getdn.c */ LDAP_F( char * ) ldap_get_dn LDAP_P(( LDAP *ld, LDAPMessage *entry )); typedef struct ldap_ava { struct berval la_attr; struct berval la_value; unsigned la_flags; #define LDAP_AVA_NULL 0x0000U #define LDAP_AVA_STRING 0x0001U #define LDAP_AVA_BINARY 0x0002U #define LDAP_AVA_NONPRINTABLE 0x0004U #define LDAP_AVA_FREE_ATTR 0x0010U #define LDAP_AVA_FREE_VALUE 0x0020U void *la_private; } LDAPAVA; typedef LDAPAVA** LDAPRDN; typedef LDAPRDN* LDAPDN; /* DN formats */ #define LDAP_DN_FORMAT_LDAP 0x0000U #define LDAP_DN_FORMAT_LDAPV3 0x0010U #define LDAP_DN_FORMAT_LDAPV2 0x0020U #define LDAP_DN_FORMAT_DCE 0x0030U #define LDAP_DN_FORMAT_UFN 0x0040U /* dn2str only */ #define LDAP_DN_FORMAT_AD_CANONICAL 0x0050U /* dn2str only */ #define LDAP_DN_FORMAT_LBER 0x00F0U /* for testing only */ #define LDAP_DN_FORMAT_MASK 0x00F0U /* DN flags */ #define LDAP_DN_PRETTY 0x0100U #define LDAP_DN_SKIP 0x0200U #define LDAP_DN_P_NOLEADTRAILSPACES 0x1000U #define LDAP_DN_P_NOSPACEAFTERRDN 0x2000U #define LDAP_DN_PEDANTIC 0xF000U LDAP_F( void ) ldap_rdnfree LDAP_P(( LDAPRDN rdn )); LDAP_F( void ) ldap_dnfree LDAP_P(( LDAPDN dn )); LDAP_F( int ) ldap_bv2dn LDAP_P(( struct berval *bv, LDAPDN *dn, unsigned flags )); LDAP_F( int ) ldap_str2dn LDAP_P(( LDAP_CONST char *str, LDAPDN *dn, unsigned flags )); LDAP_F( int ) ldap_dn2bv LDAP_P(( LDAPDN dn, struct berval *bv, unsigned flags )); LDAP_F( int ) ldap_dn2str LDAP_P(( LDAPDN dn, char **str, unsigned flags )); LDAP_F( int ) ldap_bv2rdn LDAP_P(( struct berval *bv, LDAPRDN *rdn, char **next, unsigned flags )); LDAP_F( int ) ldap_str2rdn LDAP_P(( LDAP_CONST char *str, LDAPRDN *rdn, char **next, unsigned flags )); LDAP_F( int ) ldap_rdn2bv LDAP_P(( LDAPRDN rdn, struct berval *bv, unsigned flags )); LDAP_F( int ) ldap_rdn2str LDAP_P(( LDAPRDN rdn, char **str, unsigned flags )); LDAP_F( int ) ldap_dn_normalize LDAP_P(( LDAP_CONST char *in, unsigned iflags, char **out, unsigned oflags )); LDAP_F( char * ) ldap_dn2ufn LDAP_P(( /* deprecated, use ldap_str2dn/dn2str */ LDAP_CONST char *dn )); LDAP_F( char ** ) ldap_explode_dn LDAP_P(( /* deprecated, ldap_str2dn */ LDAP_CONST char *dn, int notypes )); LDAP_F( char ** ) ldap_explode_rdn LDAP_P(( /* deprecated, ldap_str2rdn */ LDAP_CONST char *rdn, int notypes )); typedef int LDAPDN_rewrite_func LDAP_P(( LDAPDN dn, unsigned flags, void *ctx )); LDAP_F( int ) ldap_X509dn2bv LDAP_P(( void *x509_name, struct berval *dn, LDAPDN_rewrite_func *func, unsigned flags )); LDAP_F( char * ) ldap_dn2dcedn LDAP_P(( /* deprecated, ldap_str2dn/dn2str */ LDAP_CONST char *dn )); LDAP_F( char * ) ldap_dcedn2dn LDAP_P(( /* deprecated, ldap_str2dn/dn2str */ LDAP_CONST char *dce )); LDAP_F( char * ) ldap_dn2ad_canonical LDAP_P(( /* deprecated, ldap_str2dn/dn2str */ LDAP_CONST char *dn )); LDAP_F( int ) ldap_get_dn_ber LDAP_P(( LDAP *ld, LDAPMessage *e, BerElement **berout, struct berval *dn )); LDAP_F( int ) ldap_get_attribute_ber LDAP_P(( LDAP *ld, LDAPMessage *e, BerElement *ber, struct berval *attr, struct berval **vals )); /* * in getattr.c */ LDAP_F( char * ) ldap_first_attribute LDAP_P(( LDAP *ld, LDAPMessage *entry, BerElement **ber )); LDAP_F( char * ) ldap_next_attribute LDAP_P(( LDAP *ld, LDAPMessage *entry, BerElement *ber )); /* * in getvalues.c */ LDAP_F( struct berval ** ) ldap_get_values_len LDAP_P(( LDAP *ld, LDAPMessage *entry, LDAP_CONST char *target )); LDAP_F( int ) ldap_count_values_len LDAP_P(( struct berval **vals )); LDAP_F( void ) ldap_value_free_len LDAP_P(( struct berval **vals )); #if LDAP_DEPRECATED LDAP_F( char ** ) ldap_get_values LDAP_P(( /* deprecated, use ldap_get_values_len */ LDAP *ld, LDAPMessage *entry, LDAP_CONST char *target )); LDAP_F( int ) ldap_count_values LDAP_P(( /* deprecated, use ldap_count_values_len */ char **vals )); LDAP_F( void ) ldap_value_free LDAP_P(( /* deprecated, use ldap_value_free_len */ char **vals )); #endif /* * in result.c: */ LDAP_F( int ) ldap_result LDAP_P(( LDAP *ld, int msgid, int all, struct timeval *timeout, LDAPMessage **result )); LDAP_F( int ) ldap_msgtype LDAP_P(( LDAPMessage *lm )); LDAP_F( int ) ldap_msgid LDAP_P(( LDAPMessage *lm )); LDAP_F( int ) ldap_msgfree LDAP_P(( LDAPMessage *lm )); LDAP_F( int ) ldap_msgdelete LDAP_P(( LDAP *ld, int msgid )); /* * in search.c: */ LDAP_F( int ) ldap_bv2escaped_filter_value LDAP_P(( struct berval *in, struct berval *out )); LDAP_F( int ) ldap_search_ext LDAP_P(( LDAP *ld, LDAP_CONST char *base, int scope, LDAP_CONST char *filter, char **attrs, int attrsonly, LDAPControl **serverctrls, LDAPControl **clientctrls, struct timeval *timeout, int sizelimit, int *msgidp )); LDAP_F( int ) ldap_search_ext_s LDAP_P(( LDAP *ld, LDAP_CONST char *base, int scope, LDAP_CONST char *filter, char **attrs, int attrsonly, LDAPControl **serverctrls, LDAPControl **clientctrls, struct timeval *timeout, int sizelimit, LDAPMessage **res )); #if LDAP_DEPRECATED LDAP_F( int ) ldap_search LDAP_P(( /* deprecated, use ldap_search_ext */ LDAP *ld, LDAP_CONST char *base, int scope, LDAP_CONST char *filter, char **attrs, int attrsonly )); LDAP_F( int ) ldap_search_s LDAP_P(( /* deprecated, use ldap_search_ext_s */ LDAP *ld, LDAP_CONST char *base, int scope, LDAP_CONST char *filter, char **attrs, int attrsonly, LDAPMessage **res )); LDAP_F( int ) ldap_search_st LDAP_P(( /* deprecated, use ldap_search_ext_s */ LDAP *ld, LDAP_CONST char *base, int scope, LDAP_CONST char *filter, char **attrs, int attrsonly, struct timeval *timeout, LDAPMessage **res )); #endif /* * in unbind.c */ LDAP_F( int ) ldap_unbind_ext LDAP_P(( LDAP *ld, LDAPControl **serverctrls, LDAPControl **clientctrls)); LDAP_F( int ) ldap_unbind_ext_s LDAP_P(( LDAP *ld, LDAPControl **serverctrls, LDAPControl **clientctrls)); LDAP_F( int ) ldap_destroy LDAP_P(( LDAP *ld)); #if LDAP_DEPRECATED LDAP_F( int ) ldap_unbind LDAP_P(( /* deprecated, use ldap_unbind_ext */ LDAP *ld )); LDAP_F( int ) ldap_unbind_s LDAP_P(( /* deprecated, use ldap_unbind_ext_s */ LDAP *ld )); #endif /* * in filter.c */ LDAP_F( int ) ldap_put_vrFilter LDAP_P(( BerElement *ber, const char *vrf )); /* * in free.c */ LDAP_F( void * ) ldap_memalloc LDAP_P(( ber_len_t s )); LDAP_F( void * ) ldap_memrealloc LDAP_P(( void* p, ber_len_t s )); LDAP_F( void * ) ldap_memcalloc LDAP_P(( ber_len_t n, ber_len_t s )); LDAP_F( void ) ldap_memfree LDAP_P(( void* p )); LDAP_F( void ) ldap_memvfree LDAP_P(( void** v )); LDAP_F( char * ) ldap_strdup LDAP_P(( LDAP_CONST char * )); LDAP_F( void ) ldap_mods_free LDAP_P(( LDAPMod **mods, int freemods )); #if LDAP_DEPRECATED /* * in sort.c (deprecated, use custom code instead) */ typedef int (LDAP_SORT_AD_CMP_PROC) LDAP_P(( /* deprecated */ LDAP_CONST char *left, LDAP_CONST char *right )); typedef int (LDAP_SORT_AV_CMP_PROC) LDAP_P(( /* deprecated */ LDAP_CONST void *left, LDAP_CONST void *right )); LDAP_F( int ) /* deprecated */ ldap_sort_entries LDAP_P(( LDAP *ld, LDAPMessage **chain, LDAP_CONST char *attr, LDAP_SORT_AD_CMP_PROC *cmp )); LDAP_F( int ) /* deprecated */ ldap_sort_values LDAP_P(( LDAP *ld, char **vals, LDAP_SORT_AV_CMP_PROC *cmp )); LDAP_F( int ) /* deprecated */ ldap_sort_strcasecmp LDAP_P(( LDAP_CONST void *a, LDAP_CONST void *b )); #endif /* * in url.c */ LDAP_F( int ) ldap_is_ldap_url LDAP_P(( LDAP_CONST char *url )); LDAP_F( int ) ldap_is_ldaps_url LDAP_P(( LDAP_CONST char *url )); LDAP_F( int ) ldap_is_ldapi_url LDAP_P(( LDAP_CONST char *url )); #ifdef LDAP_CONNECTIONLESS LDAP_F( int ) ldap_is_ldapc_url LDAP_P(( LDAP_CONST char *url )); #endif LDAP_F( int ) ldap_url_parse LDAP_P(( LDAP_CONST char *url, LDAPURLDesc **ludpp )); LDAP_F( char * ) ldap_url_desc2str LDAP_P(( LDAPURLDesc *ludp )); LDAP_F( void ) ldap_free_urldesc LDAP_P(( LDAPURLDesc *ludp )); /* * LDAP Cancel Extended Operation * in cancel.c */ #define LDAP_API_FEATURE_CANCEL 1000 LDAP_F( int ) ldap_cancel LDAP_P(( LDAP *ld, int cancelid, LDAPControl **sctrls, LDAPControl **cctrls, int *msgidp )); LDAP_F( int ) ldap_cancel_s LDAP_P(( LDAP *ld, int cancelid, LDAPControl **sctrl, LDAPControl **cctrl )); /* * LDAP Turn Extended Operation * in turn.c */ #define LDAP_API_FEATURE_TURN 1000 LDAP_F( int ) ldap_turn LDAP_P(( LDAP *ld, int mutual, LDAP_CONST char* identifier, LDAPControl **sctrls, LDAPControl **cctrls, int *msgidp )); LDAP_F( int ) ldap_turn_s LDAP_P(( LDAP *ld, int mutual, LDAP_CONST char* identifier, LDAPControl **sctrl, LDAPControl **cctrl )); /* * LDAP Paged Results * in pagectrl.c */ #define LDAP_API_FEATURE_PAGED_RESULTS 2000 LDAP_F( int ) ldap_create_page_control_value LDAP_P(( LDAP *ld, ber_int_t pagesize, struct berval *cookie, struct berval *value )); LDAP_F( int ) ldap_create_page_control LDAP_P(( LDAP *ld, ber_int_t pagesize, struct berval *cookie, int iscritical, LDAPControl **ctrlp )); #if LDAP_DEPRECATED LDAP_F( int ) ldap_parse_page_control LDAP_P(( /* deprecated, use ldap_parse_pageresponse_control */ LDAP *ld, LDAPControl **ctrls, ber_int_t *count, struct berval **cookie )); #endif LDAP_F( int ) ldap_parse_pageresponse_control LDAP_P(( LDAP *ld, LDAPControl *ctrl, ber_int_t *count, struct berval *cookie )); /* * LDAP Server Side Sort * in sortctrl.c */ #define LDAP_API_FEATURE_SERVER_SIDE_SORT 2000 /* structure for a sort-key */ typedef struct ldapsortkey { char *attributeType; char *orderingRule; int reverseOrder; } LDAPSortKey; LDAP_F( int ) ldap_create_sort_keylist LDAP_P(( LDAPSortKey ***sortKeyList, char *keyString )); LDAP_F( void ) ldap_free_sort_keylist LDAP_P(( LDAPSortKey **sortkeylist )); LDAP_F( int ) ldap_create_sort_control_value LDAP_P(( LDAP *ld, LDAPSortKey **keyList, struct berval *value )); LDAP_F( int ) ldap_create_sort_control LDAP_P(( LDAP *ld, LDAPSortKey **keyList, int iscritical, LDAPControl **ctrlp )); LDAP_F( int ) ldap_parse_sortresponse_control LDAP_P(( LDAP *ld, LDAPControl *ctrl, ber_int_t *result, char **attribute )); /* * LDAP Virtual List View * in vlvctrl.c */ #define LDAP_API_FEATURE_VIRTUAL_LIST_VIEW 2000 /* structure for virtual list */ typedef struct ldapvlvinfo { ber_int_t ldvlv_version; ber_int_t ldvlv_before_count; ber_int_t ldvlv_after_count; ber_int_t ldvlv_offset; ber_int_t ldvlv_count; struct berval * ldvlv_attrvalue; struct berval * ldvlv_context; void * ldvlv_extradata; } LDAPVLVInfo; LDAP_F( int ) ldap_create_vlv_control_value LDAP_P(( LDAP *ld, LDAPVLVInfo *ldvlistp, struct berval *value)); LDAP_F( int ) ldap_create_vlv_control LDAP_P(( LDAP *ld, LDAPVLVInfo *ldvlistp, LDAPControl **ctrlp )); LDAP_F( int ) ldap_parse_vlvresponse_control LDAP_P(( LDAP *ld, LDAPControl *ctrls, ber_int_t *target_posp, ber_int_t *list_countp, struct berval **contextp, int *errcodep )); /* * LDAP Verify Credentials */ #define LDAP_API_FEATURE_VERIFY_CREDENTIALS 1000 LDAP_F( int ) ldap_verify_credentials LDAP_P(( LDAP *ld, struct berval *cookie, LDAP_CONST char *dn, LDAP_CONST char *mechanism, struct berval *cred, LDAPControl **ctrls, LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp )); LDAP_F( int ) ldap_verify_credentials_s LDAP_P(( LDAP *ld, struct berval *cookie, LDAP_CONST char *dn, LDAP_CONST char *mechanism, struct berval *cred, LDAPControl **vcictrls, LDAPControl **serverctrls, LDAPControl **clientctrls, int *code, char **diagmsgp, struct berval **scookie, struct berval **servercredp, LDAPControl ***vcoctrls)); LDAP_F( int ) ldap_parse_verify_credentials LDAP_P(( LDAP *ld, LDAPMessage *res, int *code, char **diagmsgp, struct berval **cookie, struct berval **servercredp, LDAPControl ***vcctrls)); /* not yet implemented */ /* #define LDAP_API_FEATURE_VERIFY_CREDENTIALS_INTERACTIVE 1000 */ #ifdef LDAP_API_FEATURE_VERIFY_CREDENTIALS_INTERACTIVE LDAP_F( int ) ldap_verify_credentials_interactive LDAP_P(( LDAP *ld, LDAP_CONST char *dn, /* usually NULL */ LDAP_CONST char *saslMechanism, LDAPControl **vcControls, LDAPControl **serverControls, LDAPControl **clientControls, /* should be client controls */ unsigned flags, LDAP_SASL_INTERACT_PROC *proc, void *defaults, void *context, /* as obtained from ldap_result() */ LDAPMessage *result, /* returned during bind processing */ const char **rmech, int *msgid )); #endif /* * LDAP Who Am I? * in whoami.c */ #define LDAP_API_FEATURE_WHOAMI 1000 LDAP_F( int ) ldap_parse_whoami LDAP_P(( LDAP *ld, LDAPMessage *res, struct berval **authzid )); LDAP_F( int ) ldap_whoami LDAP_P(( LDAP *ld, LDAPControl **sctrls, LDAPControl **cctrls, int *msgidp )); LDAP_F( int ) ldap_whoami_s LDAP_P(( LDAP *ld, struct berval **authzid, LDAPControl **sctrls, LDAPControl **cctrls )); /* * LDAP Password Modify * in passwd.c */ #define LDAP_API_FEATURE_PASSWD_MODIFY 1000 LDAP_F( int ) ldap_parse_passwd LDAP_P(( LDAP *ld, LDAPMessage *res, struct berval *newpasswd )); LDAP_F( int ) ldap_passwd LDAP_P(( LDAP *ld, struct berval *user, struct berval *oldpw, struct berval *newpw, LDAPControl **sctrls, LDAPControl **cctrls, int *msgidp )); LDAP_F( int ) ldap_passwd_s LDAP_P(( LDAP *ld, struct berval *user, struct berval *oldpw, struct berval *newpw, struct berval *newpasswd, LDAPControl **sctrls, LDAPControl **cctrls )); #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST /* * LDAP Password Policy controls * in ppolicy.c */ #define LDAP_API_FEATURE_PASSWORD_POLICY 1000 typedef enum passpolicyerror_enum { PP_passwordExpired = 0, PP_accountLocked = 1, PP_changeAfterReset = 2, PP_passwordModNotAllowed = 3, PP_mustSupplyOldPassword = 4, PP_insufficientPasswordQuality = 5, PP_passwordTooShort = 6, PP_passwordTooYoung = 7, PP_passwordInHistory = 8, PP_passwordTooLong = 9, PP_noError = 65535 } LDAPPasswordPolicyError; LDAP_F( int ) ldap_create_passwordpolicy_control LDAP_P(( LDAP *ld, LDAPControl **ctrlp )); LDAP_F( int ) ldap_parse_passwordpolicy_control LDAP_P(( LDAP *ld, LDAPControl *ctrl, ber_int_t *expirep, ber_int_t *gracep, LDAPPasswordPolicyError *errorp )); LDAP_F( const char * ) ldap_passwordpolicy_err2txt LDAP_P(( LDAPPasswordPolicyError )); #endif /* LDAP_CONTROL_PASSWORDPOLICYREQUEST */ LDAP_F( int ) ldap_parse_password_expiring_control LDAP_P(( LDAP *ld, LDAPControl *ctrl, long *secondsp )); /* * LDAP Dynamic Directory Services Refresh -- RFC 2589 * in dds.c */ #define LDAP_API_FEATURE_REFRESH 1000 LDAP_F( int ) ldap_parse_refresh LDAP_P(( LDAP *ld, LDAPMessage *res, ber_int_t *newttl )); LDAP_F( int ) ldap_refresh LDAP_P(( LDAP *ld, struct berval *dn, ber_int_t ttl, LDAPControl **sctrls, LDAPControl **cctrls, int *msgidp )); LDAP_F( int ) ldap_refresh_s LDAP_P(( LDAP *ld, struct berval *dn, ber_int_t ttl, ber_int_t *newttl, LDAPControl **sctrls, LDAPControl **cctrls )); /* * LDAP Transactions */ LDAP_F( int ) ldap_txn_start LDAP_P(( LDAP *ld, LDAPControl **sctrls, LDAPControl **cctrls, int *msgidp )); LDAP_F( int ) ldap_txn_start_s LDAP_P(( LDAP *ld, LDAPControl **sctrl, LDAPControl **cctrl, struct berval **rettxnid )); LDAP_F( int ) ldap_txn_end LDAP_P(( LDAP *ld, int commit, struct berval *txnid, LDAPControl **sctrls, LDAPControl **cctrls, int *msgidp )); LDAP_F( int ) ldap_txn_end_s LDAP_P(( LDAP *ld, int commit, struct berval *txnid, LDAPControl **sctrl, LDAPControl **cctrl, int *retidp )); /* * in ldap_sync.c */ /* * initialize the persistent search structure */ LDAP_F( ldap_sync_t * ) ldap_sync_initialize LDAP_P(( ldap_sync_t *ls )); /* * destroy the persistent search structure */ LDAP_F( void ) ldap_sync_destroy LDAP_P(( ldap_sync_t *ls, int freeit )); /* * initialize a refreshOnly sync */ LDAP_F( int ) ldap_sync_init LDAP_P(( ldap_sync_t *ls, int mode )); /* * initialize a refreshOnly sync */ LDAP_F( int ) ldap_sync_init_refresh_only LDAP_P(( ldap_sync_t *ls )); /* * initialize a refreshAndPersist sync */ LDAP_F( int ) ldap_sync_init_refresh_and_persist LDAP_P(( ldap_sync_t *ls )); /* * poll for new responses */ LDAP_F( int ) ldap_sync_poll LDAP_P(( ldap_sync_t *ls )); #ifdef LDAP_CONTROL_X_SESSION_TRACKING /* * in stctrl.c */ LDAP_F( int ) ldap_create_session_tracking_value LDAP_P(( LDAP *ld, char *sessionSourceIp, char *sessionSourceName, char *formatOID, struct berval *sessionTrackingIdentifier, struct berval *value )); LDAP_F( int ) ldap_create_session_tracking_control LDAP_P(( LDAP *ld, char *sessionSourceIp, char *sessionSourceName, char *formatOID, struct berval *sessionTrackingIdentifier, LDAPControl **ctrlp )); LDAP_F( int ) ldap_parse_session_tracking_control LDAP_P(( LDAP *ld, LDAPControl *ctrl, struct berval *ip, struct berval *name, struct berval *oid, struct berval *id )); #endif /* LDAP_CONTROL_X_SESSION_TRACKING */ /* * in msctrl.c */ #ifdef LDAP_CONTROL_X_DIRSYNC LDAP_F( int ) ldap_create_dirsync_value LDAP_P(( LDAP *ld, int flags, int maxAttrCount, struct berval *cookie, struct berval *value )); LDAP_F( int ) ldap_create_dirsync_control LDAP_P(( LDAP *ld, int flags, int maxAttrCount, struct berval *cookie, LDAPControl **ctrlp )); LDAP_F( int ) ldap_parse_dirsync_control LDAP_P(( LDAP *ld, LDAPControl *ctrl, int *continueFlag, struct berval *cookie )); #endif /* LDAP_CONTROL_X_DIRSYNC */ #ifdef LDAP_CONTROL_X_EXTENDED_DN LDAP_F( int ) ldap_create_extended_dn_value LDAP_P(( LDAP *ld, int flag, struct berval *value )); LDAP_F( int ) ldap_create_extended_dn_control LDAP_P(( LDAP *ld, int flag, LDAPControl **ctrlp )); #endif /* LDAP_CONTROL_X_EXTENDED_DN */ #ifdef LDAP_CONTROL_X_SHOW_DELETED LDAP_F( int ) ldap_create_show_deleted_control LDAP_P(( LDAP *ld, LDAPControl **ctrlp )); #endif /* LDAP_CONTROL_X_SHOW_DELETED */ #ifdef LDAP_CONTROL_X_SERVER_NOTIFICATION LDAP_F( int ) ldap_create_server_notification_control LDAP_P(( LDAP *ld, LDAPControl **ctrlp )); #endif /* LDAP_CONTROL_X_SERVER_NOTIFICATION */ /* * in assertion.c */ LDAP_F (int) ldap_create_assertion_control_value LDAP_P(( LDAP *ld, char *assertion, struct berval *value )); LDAP_F( int ) ldap_create_assertion_control LDAP_P(( LDAP *ld, char *filter, int iscritical, LDAPControl **ctrlp )); /* * in deref.c */ typedef struct LDAPDerefSpec { char *derefAttr; char **attributes; } LDAPDerefSpec; typedef struct LDAPDerefVal { char *type; BerVarray vals; struct LDAPDerefVal *next; } LDAPDerefVal; typedef struct LDAPDerefRes { char *derefAttr; struct berval derefVal; LDAPDerefVal *attrVals; struct LDAPDerefRes *next; } LDAPDerefRes; LDAP_F( int ) ldap_create_deref_control_value LDAP_P(( LDAP *ld, LDAPDerefSpec *ds, struct berval *value )); LDAP_F( int ) ldap_create_deref_control LDAP_P(( LDAP *ld, LDAPDerefSpec *ds, int iscritical, LDAPControl **ctrlp )); LDAP_F( void ) ldap_derefresponse_free LDAP_P(( LDAPDerefRes *dr )); LDAP_F( int ) ldap_parse_derefresponse_control LDAP_P(( LDAP *ld, LDAPControl *ctrl, LDAPDerefRes **drp )); LDAP_F( int ) ldap_parse_deref_control LDAP_P(( LDAP *ld, LDAPControl **ctrls, LDAPDerefRes **drp )); /* * in psearch.c */ LDAP_F( int ) ldap_create_persistentsearch_control_value LDAP_P(( LDAP *ld, int changetypes, int changesonly, int return_echg_ctls, struct berval *value )); LDAP_F( int ) ldap_create_persistentsearch_control LDAP_P(( LDAP *ld, int changetypes, int changesonly, int return_echg_ctls, int isCritical, LDAPControl **ctrlp )); LDAP_F( int ) ldap_parse_entrychange_control LDAP_P(( LDAP *ld, LDAPControl *ctrl, int *chgtypep, struct berval *prevdnp, int *chgnumpresentp, long *chgnump )); /* in account_usability.c */ LDAP_F( int ) ldap_create_accountusability_control LDAP_P(( LDAP *ld, LDAPControl **ctrlp )); typedef struct LDAPAccountUsabilityMoreInfo { ber_int_t inactive; ber_int_t reset; ber_int_t expired; ber_int_t remaining_grace; ber_int_t seconds_before_unlock; } LDAPAccountUsabilityMoreInfo; typedef union LDAPAccountUsability { ber_int_t seconds_remaining; LDAPAccountUsabilityMoreInfo more_info; } LDAPAccountUsability; LDAP_F( int ) ldap_parse_accountusability_control LDAP_P(( LDAP *ld, LDAPControl *ctrl, int *availablep, LDAPAccountUsability *usabilityp )); /* * high level LDIF to LDAP structure support */ #define LDIF_DEFAULT_ADD 0x01 /* if changetype missing, assume LDAP_ADD */ #define LDIF_ENTRIES_ONLY 0x02 /* ignore changetypes other than add */ #define LDIF_NO_CONTROLS 0x04 /* ignore control specifications */ #define LDIF_MODS_ONLY 0x08 /* no changetypes, assume LDAP_MODIFY */ #define LDIF_NO_DN 0x10 /* dn is not present */ typedef struct ldifrecord { ber_tag_t lr_op; /* type of operation - LDAP_REQ_MODIFY, LDAP_REQ_ADD, etc. */ struct berval lr_dn; /* DN of operation */ LDAPControl **lr_ctrls; /* controls specified for operation */ /* some ops such as LDAP_REQ_DELETE require only a DN */ /* other ops require different data - the ldif_ops union is used to specify the data for each type of operation */ union ldif_ops_u { LDAPMod **lr_mods; /* list of mods for LDAP_REQ_MODIFY, LDAP_REQ_ADD */ #define lrop_mods ldif_ops.lr_mods struct ldif_op_rename_s { struct berval lr_newrdn; /* LDAP_REQ_MODDN, LDAP_REQ_MODRDN, LDAP_REQ_RENAME */ #define lrop_newrdn ldif_ops.ldif_op_rename.lr_newrdn struct berval lr_newsuperior; /* LDAP_REQ_MODDN, LDAP_REQ_MODRDN, LDAP_REQ_RENAME */ #define lrop_newsup ldif_ops.ldif_op_rename.lr_newsuperior int lr_deleteoldrdn; /* LDAP_REQ_MODDN, LDAP_REQ_MODRDN, LDAP_REQ_RENAME */ #define lrop_delold ldif_ops.ldif_op_rename.lr_deleteoldrdn } ldif_op_rename; /* rename/moddn/modrdn */ /* the following are for future support */ struct ldif_op_ext_s { struct berval lr_extop_oid; /* LDAP_REQ_EXTENDED */ #define lrop_extop_oid ldif_ops.ldif_op_ext.lr_extop_oid struct berval lr_extop_data; /* LDAP_REQ_EXTENDED */ #define lrop_extop_data ldif_ops.ldif_op_ext.lr_extop_data } ldif_op_ext; /* extended operation */ struct ldif_op_cmp_s { struct berval lr_cmp_attr; /* LDAP_REQ_COMPARE */ #define lrop_cmp_attr ldif_ops.ldif_op_cmp.lr_cmp_attr struct berval lr_cmp_bvalue; /* LDAP_REQ_COMPARE */ #define lrop_cmp_bval ldif_ops.ldif_op_cmp.lr_cmp_bvalue } ldif_op_cmp; /* compare operation */ } ldif_ops; /* PRIVATE STUFF - DO NOT TOUCH */ /* for efficiency, the implementation allocates memory */ /* in large blobs, and makes the above fields point to */ /* locations inside those blobs - one consequence is that */ /* you cannot simply free the above allocated fields, nor */ /* assign them to be owned by another memory context which */ /* might free them (unless providing your own mem ctx) */ /* we use the fields below to keep track of those blobs */ /* so we that we can free them later */ void *lr_ctx; /* the memory context or NULL */ int lr_lines; LDAPMod *lr_lm; unsigned char *lr_mops; char *lr_freeval; struct berval *lr_vals; struct berval *lr_btype; } LDIFRecord; /* free internal fields - does not free the LDIFRecord */ LDAP_F( void ) ldap_ldif_record_done LDAP_P(( LDIFRecord *lr )); LDAP_F( int ) ldap_parse_ldif_record LDAP_P(( struct berval *rbuf, unsigned long linenum, LDIFRecord *lr, const char *errstr, unsigned int flags )); LDAP_END_DECL #endif /* _LDAP_H */ openldap-2.5.16+dfsg/include/lber_types.hin0000644000175000017500000000253414461774414020203 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* * LBER types */ #ifndef _LBER_TYPES_H #define _LBER_TYPES_H #include LDAP_BEGIN_DECL /* LBER boolean, enum, integers (32 bits or larger) */ #undef LBER_INT_T /* LBER tags (32 bits or larger) */ #undef LBER_TAG_T /* LBER socket descriptor */ #undef LBER_SOCKET_T /* LBER lengths (32 bits or larger) */ #undef LBER_LEN_T /* ------------------------------------------------------------ */ /* booleans, enumerations, and integers */ typedef LBER_INT_T ber_int_t; /* signed and unsigned versions */ typedef signed LBER_INT_T ber_sint_t; typedef unsigned LBER_INT_T ber_uint_t; /* tags */ typedef unsigned LBER_TAG_T ber_tag_t; /* "socket" descriptors */ typedef LBER_SOCKET_T ber_socket_t; /* lengths */ typedef unsigned LBER_LEN_T ber_len_t; /* signed lengths */ typedef signed LBER_LEN_T ber_slen_t; LDAP_END_DECL #endif /* _LBER_TYPES_H */ openldap-2.5.16+dfsg/include/ldap_log.h0000644000175000017500000001411714461774414017265 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Portions Copyright (c) 1990 Regents of the University of Michigan. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and that due credit is given * to the University of Michigan at Ann Arbor. The name of the University * may not be used to endorse or promote products derived from this * software without specific prior written permission. This software * is provided ``as is'' without express or implied warranty. */ #ifndef LDAP_LOG_H #define LDAP_LOG_H #include #include LDAP_BEGIN_DECL /* * debug reporting levels. * * They start with the syslog levels, and * go down in importance. The normal * debugging levels begin with LDAP_LEVEL_ENTRY * */ /* * The "OLD_DEBUG" means that all logging occurs at LOG_DEBUG */ #ifdef OLD_DEBUG /* original behavior: all logging occurs at the same severity level */ #if defined(LDAP_DEBUG) && defined(LDAP_SYSLOG) #define LDAP_LEVEL_EMERG ldap_syslog_level #define LDAP_LEVEL_ALERT ldap_syslog_level #define LDAP_LEVEL_CRIT ldap_syslog_level #define LDAP_LEVEL_ERR ldap_syslog_level #define LDAP_LEVEL_WARNING ldap_syslog_level #define LDAP_LEVEL_NOTICE ldap_syslog_level #define LDAP_LEVEL_INFO ldap_syslog_level #define LDAP_LEVEL_DEBUG ldap_syslog_level #else /* !LDAP_DEBUG || !LDAP_SYSLOG */ #define LDAP_LEVEL_EMERG (7) #define LDAP_LEVEL_ALERT (7) #define LDAP_LEVEL_CRIT (7) #define LDAP_LEVEL_ERR (7) #define LDAP_LEVEL_WARNING (7) #define LDAP_LEVEL_NOTICE (7) #define LDAP_LEVEL_INFO (7) #define LDAP_LEVEL_DEBUG (7) #endif /* !LDAP_DEBUG || !LDAP_SYSLOG */ #else /* ! OLD_DEBUG */ /* map syslog onto LDAP severity levels */ #ifdef LOG_DEBUG #define LDAP_LEVEL_EMERG LOG_EMERG #define LDAP_LEVEL_ALERT LOG_ALERT #define LDAP_LEVEL_CRIT LOG_CRIT #define LDAP_LEVEL_ERR LOG_ERR #define LDAP_LEVEL_WARNING LOG_WARNING #define LDAP_LEVEL_NOTICE LOG_NOTICE #define LDAP_LEVEL_INFO LOG_INFO #define LDAP_LEVEL_DEBUG LOG_DEBUG #else /* ! LOG_DEBUG */ #define LDAP_LEVEL_EMERG (0) #define LDAP_LEVEL_ALERT (1) #define LDAP_LEVEL_CRIT (2) #define LDAP_LEVEL_ERR (3) #define LDAP_LEVEL_WARNING (4) #define LDAP_LEVEL_NOTICE (5) #define LDAP_LEVEL_INFO (6) #define LDAP_LEVEL_DEBUG (7) #endif /* ! LOG_DEBUG */ #endif /* ! OLD_DEBUG */ #if 0 /* in case we need to reuse the unused bits of severity */ #define LDAP_LEVEL_MASK(s) ((s) & 0x7) #else #define LDAP_LEVEL_MASK(s) (s) #endif /* (yet) unused */ #define LDAP_LEVEL_ENTRY (0x08) /* log function entry points */ #define LDAP_LEVEL_ARGS (0x10) /* log function call parameters */ #define LDAP_LEVEL_RESULTS (0x20) /* Log function results */ #define LDAP_LEVEL_DETAIL1 (0x40) /* log level 1 function operational details */ #define LDAP_LEVEL_DETAIL2 (0x80) /* Log level 2 function operational details */ /* end of (yet) unused */ /* original subsystem selection mechanism */ #define LDAP_DEBUG_TRACE 0x0001 #define LDAP_DEBUG_PACKETS 0x0002 #define LDAP_DEBUG_ARGS 0x0004 #define LDAP_DEBUG_CONNS 0x0008 #define LDAP_DEBUG_BER 0x0010 #define LDAP_DEBUG_FILTER 0x0020 #define LDAP_DEBUG_CONFIG 0x0040 #define LDAP_DEBUG_ACL 0x0080 #define LDAP_DEBUG_STATS 0x0100 #define LDAP_DEBUG_STATS2 0x0200 #define LDAP_DEBUG_SHELL 0x0400 #define LDAP_DEBUG_PARSE 0x0800 #if 0 /* no longer used (nor supported) */ #define LDAP_DEBUG_CACHE 0x1000 #define LDAP_DEBUG_INDEX 0x2000 #endif #define LDAP_DEBUG_SYNC 0x4000 #define LDAP_DEBUG_NONE 0x8000 #define LDAP_DEBUG_ANY (-1) /* debugging stuff */ #ifdef LDAP_DEBUG /* * This is a bogus extern declaration for the compiler. No need to ensure * a 'proper' dllimport. */ #ifndef ldap_debug extern int ldap_debug; #endif /* !ldap_debug */ #ifdef LDAP_SYSLOG extern int ldap_syslog; extern int ldap_syslog_level; #ifdef HAVE_EBCDIC #define syslog eb_syslog extern void eb_syslog(int pri, const char *fmt, ...); #endif /* HAVE_EBCDIC */ #endif /* LDAP_SYSLOG */ #endif /* LDAP_DEBUG */ /* we keep libldap working with preprocessors that can't do variadic macros */ #ifndef LDAP_INT_DEBUG /* this doesn't below as part of ldap.h */ #ifdef LDAP_DEBUG #ifdef LDAP_SYSLOG #define LogTest(level) ( ( ldap_debug | ldap_syslog ) & (level) ) #define Log(level, severity, ...) \ do { \ if ( ldap_debug & (level) ) \ lutil_debug( ldap_debug, (level), __VA_ARGS__ ); \ if ( ldap_syslog & (level) ) \ syslog( LDAP_LEVEL_MASK((severity)), __VA_ARGS__ ); \ } while ( 0 ) #else /* ! LDAP_SYSLOG */ #define LogTest(level) ( ldap_debug & (level) ) #define Log(level, severity, ...) \ do { \ if ( ldap_debug & (level) ) \ lutil_debug( ldap_debug, (level), __VA_ARGS__ ); \ } while ( 0 ) #endif /* ! LDAP_SYSLOG */ #else /* ! LDAP_DEBUG */ /* TODO: in case LDAP_DEBUG is undefined, make sure logs with appropriate * severity gets thru anyway */ #define LogTest(level) ( 0 ) #define Log(level, severity, ...) ((void) 0) #endif /* ! LDAP_DEBUG */ #define Debug(level, ...) \ Log((level), ldap_syslog_level, __VA_ARGS__ ) #endif /* ! LDAP_INT_DEBUG */ /* Actually now in liblber/debug.c */ LDAP_LUTIL_F(int) lutil_debug_file LDAP_P(( FILE *file )); LDAP_LUTIL_F(void) lutil_debug LDAP_P(( int debug, int level, const char* fmt, ... )) LDAP_GCCATTR((format(printf, 3, 4))); #ifdef LDAP_DEFINE_LDAP_DEBUG /* This struct matches the head of ldapoptions in */ struct ldapoptions_prefix { short ldo_valid; int ldo_debug; }; #define ldap_debug \ (*(int *) ((char *)&ldap_int_global_options \ + offsetof(struct ldapoptions_prefix, ldo_debug))) struct ldapoptions; LDAP_V ( struct ldapoptions ) ldap_int_global_options; #endif /* LDAP_DEFINE_LDAP_DEBUG */ LDAP_END_DECL #endif /* LDAP_LOG_H */ openldap-2.5.16+dfsg/include/ldap_pvt_uc.h0000644000175000017500000001163514461774414020006 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* * ldap_pvt_uc.h - Header for Unicode functions. * These are meant to be used by the OpenLDAP distribution only. * These should be named ldap_pvt_....() */ #ifndef _LDAP_PVT_UC_H #define _LDAP_PVT_UC_H 1 #include /* get ber_slen_t */ #include #include "../libraries/liblunicode/ucdata/ucdata.h" LDAP_BEGIN_DECL /* * UTF-8 (in utf-8.c) */ /* UCDATA uses UCS-2 passed in a 4 byte unsigned int */ typedef ac_uint4 ldap_unicode_t; /* Convert a string with csize octets per character to UTF-8 */ LDAP_F( int ) ldap_ucs_to_utf8s LDAP_P(( struct berval *ucs, int csize, struct berval *utf8s )); /* returns the number of bytes in the UTF-8 string */ LDAP_F (ber_len_t) ldap_utf8_bytes( const char * ); /* returns the number of UTF-8 characters in the string */ LDAP_F (ber_len_t) ldap_utf8_chars( const char * ); /* returns the length (in bytes) of the UTF-8 character */ LDAP_F (int) ldap_utf8_offset( const char * ); /* returns the length (in bytes) indicated by the UTF-8 character */ LDAP_F (int) ldap_utf8_charlen( const char * ); /* returns the length (in bytes) indicated by the UTF-8 character * also checks that shortest possible encoding was used */ LDAP_F (int) ldap_utf8_charlen2( const char * ); /* copies a UTF-8 character and returning number of bytes copied */ LDAP_F (int) ldap_utf8_copy( char *, const char *); /* returns pointer of next UTF-8 character in string */ LDAP_F (char*) ldap_utf8_next( const char * ); /* returns pointer of previous UTF-8 character in string */ LDAP_F (char*) ldap_utf8_prev( const char * ); /* primitive ctype routines -- not aware of non-ascii characters */ LDAP_F (int) ldap_utf8_isascii( const char * ); LDAP_F (int) ldap_utf8_isalpha( const char * ); LDAP_F (int) ldap_utf8_isalnum( const char * ); LDAP_F (int) ldap_utf8_isdigit( const char * ); LDAP_F (int) ldap_utf8_isxdigit( const char * ); LDAP_F (int) ldap_utf8_isspace( const char * ); /* span characters not in set, return bytes spanned */ LDAP_F (ber_len_t) ldap_utf8_strcspn( const char* str, const char *set); /* span characters in set, return bytes spanned */ LDAP_F (ber_len_t) ldap_utf8_strspn( const char* str, const char *set); /* return first occurrence of character in string */ LDAP_F (char *) ldap_utf8_strchr( const char* str, const char *chr); /* return first character of set in string */ LDAP_F (char *) ldap_utf8_strpbrk( const char* str, const char *set); /* reentrant tokenizer */ LDAP_F (char*) ldap_utf8_strtok( char* sp, const char* sep, char **last); /* Optimizations */ LDAP_V (const char) ldap_utf8_lentab[128]; LDAP_V (const char) ldap_utf8_mintab[32]; #define LDAP_UTF8_ISASCII(p) ( !(*(const unsigned char *)(p) & 0x80 ) ) #define LDAP_UTF8_CHARLEN(p) ( LDAP_UTF8_ISASCII(p) \ ? 1 : ldap_utf8_lentab[*(const unsigned char *)(p) ^ 0x80] ) /* This is like CHARLEN but additionally validates to make sure * the char used the shortest possible encoding. * 'l' is used to temporarily hold the result of CHARLEN. */ #define LDAP_UTF8_CHARLEN2(p, l) ( ( ( l = LDAP_UTF8_CHARLEN( p )) < 3 || \ ( ldap_utf8_mintab[*(const unsigned char *)(p) & 0x1f] & (p)[1] ) ) ? \ l : 0 ) #define LDAP_UTF8_OFFSET(p) ( LDAP_UTF8_ISASCII(p) \ ? 1 : ldap_utf8_offset((p)) ) #define LDAP_UTF8_COPY(d,s) ( LDAP_UTF8_ISASCII(s) \ ? (*(d) = *(s), 1) : ldap_utf8_copy((d),(s)) ) #define LDAP_UTF8_NEXT(p) ( LDAP_UTF8_ISASCII(p) \ ? (char *)(p)+1 : ldap_utf8_next((p)) ) #define LDAP_UTF8_INCR(p) ((p) = LDAP_UTF8_NEXT(p)) /* For symmetry */ #define LDAP_UTF8_PREV(p) (ldap_utf8_prev((p))) #define LDAP_UTF8_DECR(p) ((p)=LDAP_UTF8_PREV((p))) /* these probably should be renamed */ LDAP_LUNICODE_F(int) ucstrncmp( const ldap_unicode_t *, const ldap_unicode_t *, ber_len_t ); LDAP_LUNICODE_F(int) ucstrncasecmp( const ldap_unicode_t *, const ldap_unicode_t *, ber_len_t ); LDAP_LUNICODE_F(ldap_unicode_t *) ucstrnchr( const ldap_unicode_t *, ber_len_t, ldap_unicode_t ); LDAP_LUNICODE_F(ldap_unicode_t *) ucstrncasechr( const ldap_unicode_t *, ber_len_t, ldap_unicode_t ); LDAP_LUNICODE_F(void) ucstr2upper( ldap_unicode_t *, ber_len_t ); #define LDAP_UTF8_NOCASEFOLD 0x0U #define LDAP_UTF8_CASEFOLD 0x1U #define LDAP_UTF8_ARG1NFC 0x2U #define LDAP_UTF8_ARG2NFC 0x4U #define LDAP_UTF8_APPROX 0x8U LDAP_LUNICODE_F(struct berval *) UTF8bvnormalize( struct berval *, struct berval *, unsigned, void *memctx ); LDAP_LUNICODE_F(int) UTF8bvnormcmp( struct berval *, struct berval *, unsigned, void *memctx ); LDAP_END_DECL #endif openldap-2.5.16+dfsg/include/lutil_hash.h0000644000175000017500000000312214461774414017632 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ #ifndef _LUTIL_HASH_H_ #define _LUTIL_HASH_H_ #include LDAP_BEGIN_DECL #define LUTIL_HASH_BYTES 4 #ifdef HAVE_LONG_LONG typedef union lutil_HASHContext { ber_uint_t hash; unsigned long long hash64; } lutil_HASH_CTX; #else /* !HAVE_LONG_LONG */ typedef struct lutil_HASHContext { ber_uint_t hash; } lutil_HASH_CTX; #endif /* HAVE_LONG_LONG */ LDAP_LUTIL_F( void ) lutil_HASHInit LDAP_P(( lutil_HASH_CTX *context)); LDAP_LUTIL_F( void ) lutil_HASHUpdate LDAP_P(( lutil_HASH_CTX *context, unsigned char const *buf, ber_len_t len)); LDAP_LUTIL_F( void ) lutil_HASHFinal LDAP_P(( unsigned char digest[LUTIL_HASH_BYTES], lutil_HASH_CTX *context)); #ifdef HAVE_LONG_LONG #define LUTIL_HASH64_BYTES 8 LDAP_LUTIL_F( void ) lutil_HASH64Init LDAP_P(( lutil_HASH_CTX *context)); LDAP_LUTIL_F( void ) lutil_HASH64Update LDAP_P(( lutil_HASH_CTX *context, unsigned char const *buf, ber_len_t len)); LDAP_LUTIL_F( void ) lutil_HASH64Final LDAP_P(( unsigned char digest[LUTIL_HASH64_BYTES], lutil_HASH_CTX *context)); #endif /* HAVE_LONG_LONG */ LDAP_END_DECL #endif /* _LUTIL_HASH_H_ */ openldap-2.5.16+dfsg/include/ldap_config.hin0000644000175000017500000000331714461774414020300 0ustar sergiosergio/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2022 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* * This file works in conjunction with OpenLDAP configure system. * If you do no like the values below, adjust your configure options. */ #ifndef _LDAP_CONFIG_H #define _LDAP_CONFIG_H /* directory separator */ #ifndef LDAP_DIRSEP #ifndef _WIN32 #define LDAP_DIRSEP "/" #else #define LDAP_DIRSEP "\\" #endif #endif /* directory for temporary files */ #if defined(_WIN32) # define LDAP_TMPDIR "C:\\." /* we don't have much of a choice */ #elif defined( _P_tmpdir ) # define LDAP_TMPDIR _P_tmpdir #elif defined( P_tmpdir ) # define LDAP_TMPDIR P_tmpdir #elif defined( _PATH_TMPDIR ) # define LDAP_TMPDIR _PATH_TMPDIR #else # define LDAP_TMPDIR LDAP_DIRSEP "tmp" #endif /* directories */ #ifndef LDAP_BINDIR #define LDAP_BINDIR "%BINDIR%" #endif #ifndef LDAP_SBINDIR #define LDAP_SBINDIR "%SBINDIR%" #endif #ifndef LDAP_DATADIR #define LDAP_DATADIR "%DATADIR%" #endif #ifndef LDAP_SYSCONFDIR #define LDAP_SYSCONFDIR "%SYSCONFDIR%" #endif #ifndef LDAP_LIBEXECDIR #define LDAP_LIBEXECDIR "%LIBEXECDIR%" #endif #ifndef LDAP_MODULEDIR #define LDAP_MODULEDIR "%MODULEDIR%" #endif #ifndef LDAP_RUNDIR #define LDAP_RUNDIR "%RUNDIR%" #endif #ifndef LDAP_LOCALEDIR #define LDAP_LOCALEDIR "%LOCALEDIR%" #endif #endif /* _LDAP_CONFIG_H */ openldap-2.5.16+dfsg/README0000644000175000017500000000701214461774414014564 0ustar sergiosergioOpenLDAP 2.5 README For a description of what this distribution contains, see the ANNOUNCEMENT file in this directory. For a description of changes from previous releases, see the CHANGES file in this directory. This is 2.5 release, it includes significant changes from prior releases. REQUIRED SOFTWARE Building OpenLDAP Software requires a number of software packages to be preinstalled. Additional information regarding prerequisite software can be found in the OpenLDAP Administrator's Guide. Base system (libraries and tools): Standard C compiler (required) Cyrus SASL 2.1.27+ (recommended) OpenSSL 1.1.1+ (recommended) libevent 2.1.8+ (recommended) libargon2 or libsodium (recommended) Reentrant POSIX REGEX software (required) SLAPD: The ARGON2 password hashing module requires either libargon2 or libsodium LLOADD: The LLOADD daemon or integrated slapd module requires libevent 2.1.8 or later. CLIENTS/CONTRIB ware: Depends on package. See per package README. MAKING AND INSTALLING THE DISTRIBUTION Please see the INSTALL file for basic instructions. More detailed instructions can be found in the OpenLDAP Administrator's Guide (see DOCUMENTATION section). DOCUMENTATION The OpenLDAP Administrator's Guide is available in the guide.html file in the doc/guide/admin directory. The guide and a number of other documents are available at . The distribution also includes manual pages for most programs and library APIs. See ldap(3) for details. The OpenLDAP website is available and contains the latest LDAP news, releases announcements, pointers to other LDAP resources, etc.. It is located at . The OpenLDAP Software FAQ is available at . SUPPORT / FEEDBACK / PROBLEM REPORTS / DISCUSSIONS OpenLDAP Software is user supported. If you have problems, please review the OpenLDAP FAQ and archives of the OpenLDAP-software and OpenLDAP-bugs mailing lists . If you cannot find the answer, please enquire on the OpenLDAP-software list. Issues, such as bug reports, should be reported using our Issue Tracking System . Do not use this system for software enquiries. Please direct these to an appropriate mailing list. CONTRIBUTING See for information regarding how to contribute code or documentation to the OpenLDAP Project for inclusion in OpenLDAP Software. While you are encouraged to coordinate and discuss the development activities on the mailing list prior to submission, it is noted that contributions must be submitted using the Issue Tracking System to be considered. --- This work is part of OpenLDAP Software . Copyright 1998-2022 The OpenLDAP Foundation. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted only as authorized by the OpenLDAP Public License. A copy of this license is available in the file LICENSE in the top-level directory of the distribution or, alternatively, at . OpenLDAP is a registered trademark of the OpenLDAP Foundation. openldap-2.5.16+dfsg/doc/0000755000175000017500000000000014462026763014447 5ustar sergiosergioopenldap-2.5.16+dfsg/doc/man/0000755000175000017500000000000014461774414015224 5ustar sergiosergioopenldap-2.5.16+dfsg/doc/man/man3/0000755000175000017500000000000014461774414016062 5ustar sergiosergioopenldap-2.5.16+dfsg/doc/man/man3/ldap_sort.3.links0000644000175000017500000000007614461774414021257 0ustar sergiosergioldap_sort_entries.3 ldap_sort_values.3 ldap_sort_strcasecmp.3 openldap-2.5.16+dfsg/doc/man/man3/lber-decode.30000644000175000017500000003016714461774414020322 0ustar sergiosergio.TH LBER_DECODE 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ber_get_next, ber_skip_tag, ber_peek_tag, ber_scanf, ber_get_int, ber_get_enum, ber_get_stringb, ber_get_stringa, ber_get_stringal, ber_get_stringbv, ber_get_null, ber_get_boolean, ber_get_bitstring, ber_first_element, ber_next_element \- OpenLDAP LBER simplified Basic Encoding Rules library routines for decoding .SH LIBRARY OpenLDAP LBER (liblber, \-llber) .SH SYNOPSIS .B #include .LP .BI "ber_tag_t ber_get_next(Sockbuf *" sb ", ber_len_t *" len ", BerElement *" ber ");" .LP .BI "ber_tag_t ber_skip_tag(BerElement *" ber ", ber_len_t *" len ");" .LP .BI "ber_tag_t ber_peek_tag(BerElement *" ber ", ber_len_t *" len ");" .LP .BI "ber_tag_t ber_scanf(BerElement *" ber ", const char *" fmt ", ...);" .LP .BI "ber_tag_t ber_get_int(BerElement *" ber ", ber_int_t *" num ");" .LP .BI "ber_tag_t ber_get_enum(BerElement *" ber ", ber_int_t *" num ");" .LP .BI "ber_tag_t ber_get_stringb(BerElement *" ber ", char *" buf ", ber_len_t *" len ");" .LP .BI "ber_tag_t ber_get_stringa(BerElement *" ber ", char **" buf ");" .LP .BI "ber_tag_t ber_get_stringal(BerElement *" ber ", struct berval **" bv ");" .LP .BI "ber_tag_t ber_get_stringbv(BerElement *" ber ", struct berval *" bv ", int " alloc ");" .LP .BI "ber_tag_t ber_get_null(BerElement *" ber ");" .LP .BI "ber_tag_t ber_get_boolean(BerElement *" ber ", ber_int_t *" bool ");" .LP .BI "ber_tag_t ber_get_bitstringa(BerElement *" ber ", char **" buf ", ber_len_t *" blen ");" .LP .BI "ber_tag_t ber_first_element(BerElement *" ber ", ber_len_t *" len ", char **" cookie ");" .LP .BI "ber_tag_t ber_next_element(BerElement *" ber ", ber_len_t *" len ", const char *" cookie ");" .SH DESCRIPTION .LP These routines provide a subroutine interface to a simplified implementation of the Basic Encoding Rules of ASN.1. The version of BER these routines support is the one defined for the LDAP protocol. The encoding rules are the same as BER, except that only definite form lengths are used, and bitstrings and octet strings are always encoded in primitive form. This man page describes the decoding routines in the lber library. See .BR lber-encode (3) for details on the corresponding encoding routines. Consult .BR lber-types (3) for information about types, allocators, and deallocators. .LP Normally, the only routines that need to be called by an application are .BR ber_get_next () to get the next BER element and .BR ber_scanf () to do the actual decoding. In some cases, .BR ber_peek_tag () may also need to be called in normal usage. The other routines are provided for those applications that need more control than .BR ber_scanf () provides. In general, these routines return the tag of the element decoded, or LBER_ERROR if an error occurred. .LP The .BR ber_get_next () routine is used to read the next BER element from the given Sockbuf, \fIsb\fP. It strips off and returns the leading tag, strips off and returns the length of the entire element in \fIlen\fP, and sets up \fIber\fP for subsequent calls to .BR ber_scanf () et al to decode the element. See .BR lber-sockbuf (3) for details of the Sockbuf implementation of the \fIsb\fP parameter. .LP The .BR ber_scanf () routine is used to decode a BER element in much the same way that .BR scanf (3) works. It reads from \fIber\fP, a pointer to a BerElement such as returned by .BR ber_get_next (), interprets the bytes according to the format string \fIfmt\fP, and stores the results in its additional arguments. The format string contains conversion specifications which are used to direct the interpretation of the BER element. The format string can contain the following characters. .RS .LP .TP 3 .B a Octet string. A char ** should be supplied. Memory is allocated, filled with the contents of the octet string, null-terminated, and returned in the parameter. The caller should free the returned string using .BR ber_memfree (). .TP .B A Octet string. A variant of "\fBa\fP". A char ** should be supplied. Memory is allocated, filled with the contents of the octet string, null-terminated, and returned in the parameter, unless a zero-length string would result; in that case, the arg is set to NULL. The caller should free the returned string using .BR ber_memfree (). .TP .B s Octet string. A char * buffer should be supplied, followed by a pointer to a ber_len_t initialized to the size of the buffer. Upon return, the null-terminated octet string is put into the buffer, and the ber_len_t is set to the actual size of the octet string. .TP .B O Octet string. A struct ber_val ** should be supplied, which upon return points to a dynamically allocated struct berval containing the octet string and its length. The caller should free the returned structure using .BR ber_bvfree (). .TP .B o Octet string. A struct ber_val * should be supplied, which upon return contains the dynamically allocated octet string and its length. The caller should free the returned octet string using .BR ber_memfree (). .TP .B m Octet string. A struct ber_val * should be supplied, which upon return contains the octet string and its length. The string resides in memory assigned to the BerElement, and must not be freed by the caller. .TP .B b Boolean. A pointer to a ber_int_t should be supplied. .TP .B e Enumeration. A pointer to a ber_int_t should be supplied. .TP .B i Integer. A pointer to a ber_int_t should be supplied. .TP .B B Bitstring. A char ** should be supplied which will point to the dynamically allocated bits, followed by a ber_len_t *, which will point to the length (in bits) of the bitstring returned. .TP .B n Null. No parameter is required. The element is simply skipped if it is recognized. .TP .B v Sequence of octet strings. A char *** should be supplied, which upon return points to a dynamically allocated null-terminated array of char *'s containing the octet strings. NULL is returned if the sequence is empty. The caller should free the returned array and octet strings using .BR ber_memvfree (). .TP .B V Sequence of octet strings with lengths. A struct berval *** should be supplied, which upon return points to a dynamically allocated null-terminated array of struct berval *'s containing the octet strings and their lengths. NULL is returned if the sequence is empty. The caller should free the returned structures using .BR ber_bvecfree (). .TP .B W Sequence of octet strings with lengths. A BerVarray * should be supplied, which upon return points to a dynamically allocated array of struct berval's containing the octet strings and their lengths. The array is terminated by a struct berval with a NULL bv_val string pointer. NULL is returned if the sequence is empty. The caller should free the returned structures using .BR ber_bvarray_free (). .TP .B M Sequence of octet strings with lengths. This is a generalized form of the previous three formats. A void ** (ptr) should be supplied, followed by a ber_len_t * (len) and a ber_len_t (off). Upon return (ptr) will point to a dynamically allocated array whose elements are all of size (*len). A struct berval will be filled starting at offset (off) in each element. The strings in each struct berval reside in memory assigned to the BerElement and must not be freed by the caller. The array is terminated by a struct berval with a NULL bv_val string pointer. NULL is returned if the sequence is empty. The number of elements in the array is also stored in (*len) on return. The caller should free the returned array using .BR ber_memfree (). .TP .B l Length of the next element. A pointer to a ber_len_t should be supplied. .TP .B t Tag of the next element. A pointer to a ber_tag_t should be supplied. .TP .B T Skip element and return its tag. A pointer to a ber_tag_t should be supplied. .TP .B x Skip element. The next element is skipped. .TP .B { Begin sequence. No parameter is required. The initial sequence tag and length are skipped. .TP .B } End sequence. No parameter is required and no action is taken. .TP .B [ Begin set. No parameter is required. The initial set tag and length are skipped. .TP .B ] End set. No parameter is required and no action is taken. .RE .LP The .BR ber_get_int () routine tries to interpret the next element as an integer, returning the result in \fInum\fP. The tag of whatever it finds is returned on success, LBER_ERROR (\-1) on failure. .LP The .BR ber_get_stringb () routine is used to read an octet string into a preallocated buffer. The \fIlen\fP parameter should be initialized to the size of the buffer, and will contain the length of the octet string read upon return. The buffer should be big enough to take the octet string value plus a terminating NULL byte. .LP The .BR ber_get_stringa () routine is used to dynamically allocate space into which an octet string is read. The caller should free the returned string using .BR ber_memfree(). .LP The .BR ber_get_stringal () routine is used to dynamically allocate space into which an octet string and its length are read. It takes a struct berval **, and returns the result in this parameter. The caller should free the returned structure using .BR ber_bvfree(). .LP The .BR ber_get_stringbv () routine is used to read an octet string and its length into the provided struct berval *. If the \fIalloc\fP parameter is zero, the string will reside in memory assigned to the BerElement, and must not be freed by the caller. If the \fIalloc\fP parameter is non-zero, the string will be copied into dynamically allocated space which should be returned using .BR ber_memfree (). .LP The .BR ber_get_null () routine is used to read a NULL element. It returns the tag of the element it skips over. .LP The .BR ber_get_boolean () routine is used to read a boolean value. It is called the same way that .BR ber_get_int () is called. .LP The .BR ber_get_enum () routine is used to read a enumeration value. It is called the same way that .BR ber_get_int () is called. .LP The .BR ber_get_bitstringa () routine is used to read a bitstring value. It takes a char ** which will hold the dynamically allocated bits, followed by an ber_len_t *, which will point to the length (in bits) of the bitstring returned. The caller should free the returned string using .BR ber_memfree (). .LP The .BR ber_first_element () routine is used to return the tag and length of the first element in a set or sequence. It also returns in \fIcookie\fP a magic cookie parameter that should be passed to subsequent calls to ber_next_element(), which returns similar information. .SH EXAMPLES Assume the variable \fIber\fP contains a lightweight BER encoding of the following ASN.1 object: .LP .nf AlmostASearchRequest := SEQUENCE { baseObject DistinguishedName, scope ENUMERATED { baseObject (0), singleLevel (1), wholeSubtree (2) }, derefAliases ENUMERATED { neverDerefaliases (0), derefInSearching (1), derefFindingBaseObj (2), alwaysDerefAliases (3) }, sizelimit INTEGER (0 .. 65535), timelimit INTEGER (0 .. 65535), attrsOnly BOOLEAN, attributes SEQUENCE OF AttributeType } .fi .LP The element can be decoded using .BR ber_scanf () as follows. .LP .nf ber_int_t scope, deref, size, time, attrsonly; char *dn, **attrs; ber_tag_t tag; tag = ber_scanf( ber, "{aeeiib{v}}", &dn, &scope, &deref, &size, &time, &attrsonly, &attrs ); if( tag == LBER_ERROR ) { /* error */ } else { /* success */ } ber_memfree( dn ); ber_memvfree( attrs ); .fi .SH ERRORS If an error occurs during decoding, generally these routines return LBER_ERROR ((ber_tag_t)\-1). .LP .SH NOTES .LP The return values for all of these functions are declared in the .B header file. Some routines may dynamically allocate memory which must be freed by the caller using supplied deallocation routines. .SH SEE ALSO .BR lber-encode (3), .BR lber-memory (3), .BR lber-sockbuf (3), .BR lber-types (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_schema.30000644000175000017500000002104514461774414020410 0ustar sergiosergio.TH LDAP_SCHEMA 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 2000-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_str2syntax, ldap_syntax2str, ldap_syntax2name, ldap_syntax_free, ldap_str2matchingrule, ldap_matchingrule2str, ldap_matchingrule2name, ldap_matchingrule_free, ldap_str2attributetype, ldap_attributetype2str, ldap_attributetype2name, ldap_attributetype_free, ldap_str2objectclass, ldap_objectclass2str, ldap_objectclass2name, ldap_objectclass_free, ldap_scherr2str \- Schema definition handling routines .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include #include .LP .ft B LDAPSyntax * ldap_str2syntax(s, code, errp, flags) .ft const char * s; int * code; const char ** errp; const int flags; .LP .ft B char * ldap_syntax2str(syn) .ft const LDAPSyntax * syn; .LP .ft B const char * ldap_syntax2name(syn) .ft LDAPSyntax * syn; .LP .ft B ldap_syntax_free(syn) .ft LDAPSyntax * syn; .LP .ft B LDAPMatchingRule * ldap_str2matchingrule(s, code, errp, flags) .ft const char * s; int * code; const char ** errp; const int flags; .LP .ft B char * ldap_matchingrule2str(mr); .ft const LDAPMatchingRule * mr; .LP .ft B const char * ldap_matchingrule2name(mr) .ft LDAPMatchingRule * mr; .LP .ft B ldap_matchingrule_free(mr) .ft LDAPMatchingRule * mr; .LP .ft B LDAPAttributeType * ldap_str2attributetype(s, code, errp, flags) .ft const char * s; int * code; const char ** errp; const int flags; .LP .ft B char * ldap_attributetype2str(at) .ft const LDAPAttributeType * at; .LP .ft B const char * ldap_attributetype2name(at) .ft LDAPAttributeType * at; .LP .ft B ldap_attributetype_free(at) .ft LDAPAttributeType * at; .LP .ft B LDAPObjectClass * ldap_str2objectclass(s, code, errp, flags) .ft const char * s; int * code; const char ** errp; const int flags; .LP .ft B char * ldap_objectclass2str(oc) .ft const LDAPObjectClass * oc; .LP .ft B const char * ldap_objectclass2name(oc) .ft LDAPObjectClass * oc; .LP .ft B ldap_objectclass_free(oc) .ft LDAPObjectClass * oc; .LP .ft B char * ldap_scherr2str(code) .ft int code; .SH DESCRIPTION These routines are used to parse schema definitions in the syntax defined in RFC 4512 into structs and handle these structs. These routines handle four kinds of definitions: syntaxes, matching rules, attribute types and object classes. For each definition kind, four routines are provided. .LP .B ldap_str2xxx() takes a definition in RFC 4512 format in argument .IR s as a NUL-terminated string and returns, if possible, a pointer to a newly allocated struct of the appropriate kind. The caller is responsible for freeing the struct by calling .B ldap_xxx_free() when not needed any longer. The routine returns NULL if some problem happened. In this case, the integer pointed at by argument .IR code will receive an error code (see below the description of .B ldap_scherr2str() for an explanation of the values) and a pointer to a NUL-terminated string will be placed where requested by argument .IR errp , indicating where in argument .IR s the error happened, so it must not be freed by the caller. Argument .IR flags is a bit mask of parsing options controlling the relaxation of the syntax recognized. The following values are defined: .TP .B LDAP_SCHEMA_ALLOW_NONE strict parsing according to RFC 4512. .TP .B LDAP_SCHEMA_ALLOW_NO_OID permit definitions that do not contain an initial OID. .TP .B LDAP_SCHEMA_ALLOW_QUOTED permit quotes around some items that should not have them. .TP .B LDAP_SCHEMA_ALLOW_DESCR permit a .B descr instead of a numeric OID in places where the syntax expect the latter. .TP .B LDAP_SCHEMA_ALLOW_DESCR_PREFIX permit that the initial numeric OID contains a prefix in .B descr format. .TP .B LDAP_SCHEMA_ALLOW_ALL be very liberal, include all options. .LP The structures returned are as follows: .sp .RS .nf .ne 7 .ta 8n 16n 32n typedef struct ldap_schema_extension_item { char *lsei_name; /* Extension name */ char **lsei_values; /* Extension values */ } LDAPSchemaExtensionItem; typedef struct ldap_syntax { char *syn_oid; /* OID */ char **syn_names; /* Names */ char *syn_desc; /* Description */ LDAPSchemaExtensionItem **syn_extensions; /* Extension */ } LDAPSyntax; typedef struct ldap_matchingrule { char *mr_oid; /* OID */ char **mr_names; /* Names */ char *mr_desc; /* Description */ int mr_obsolete; /* Is obsolete? */ char *mr_syntax_oid; /* Syntax of asserted values */ LDAPSchemaExtensionItem **mr_extensions; /* Extensions */ } LDAPMatchingRule; typedef struct ldap_attributetype { char *at_oid; /* OID */ char **at_names; /* Names */ char *at_desc; /* Description */ int at_obsolete; /* Is obsolete? */ char *at_sup_oid; /* OID of superior type */ char *at_equality_oid; /* OID of equality matching rule */ char *at_ordering_oid; /* OID of ordering matching rule */ char *at_substr_oid; /* OID of substrings matching rule */ char *at_syntax_oid; /* OID of syntax of values */ int at_syntax_len; /* Suggested minimum maximum length */ int at_single_value; /* Is single-valued? */ int at_collective; /* Is collective? */ int at_no_user_mod; /* Are changes forbidden through LDAP? */ int at_usage; /* Usage, see below */ LDAPSchemaExtensionItem **at_extensions; /* Extensions */ } LDAPAttributeType; typedef struct ldap_objectclass { char *oc_oid; /* OID */ char **oc_names; /* Names */ char *oc_desc; /* Description */ int oc_obsolete; /* Is obsolete? */ char **oc_sup_oids; /* OIDs of superior classes */ int oc_kind; /* Kind, see below */ char **oc_at_oids_must; /* OIDs of required attribute types */ char **oc_at_oids_may; /* OIDs of optional attribute types */ LDAPSchemaExtensionItem **oc_extensions; /* Extensions */ } LDAPObjectClass; .ta .fi .RE .PP Some integer fields (those described with a question mark) have a truth value, for these fields the possible values are: .TP .B LDAP_SCHEMA_NO The answer to the question is no. .TP .B LDAP_SCHEMA_YES The answer to the question is yes. .LP For attribute types, the following usages are possible: .TP .B LDAP_SCHEMA_USER_APPLICATIONS the attribute type is non-operational. .TP .B LDAP_SCHEMA_DIRECTORY_OPERATION the attribute type is operational and is pertinent to the directory itself, i.e. it has the same value on all servers that provide the entry containing this attribute type. .TP .B LDAP_SCHEMA_DISTRIBUTED_OPERATION the attribute type is operational and is pertinent to replication, shadowing or other distributed directory aspect. TBC. .TP .B LDAP_SCHEMA_DSA_OPERATION the attribute type is operational and is pertinent to the directory server itself, i.e. it may have different values for the same entry when retrieved from different servers that provide the entry. .LP Object classes can be of three kinds: .TP .B LDAP_SCHEMA_ABSTRACT the object class is abstract, i.e. there cannot be entries of this class alone. .TP .B LDAP_SCHEMA_STRUCTURAL the object class is structural, i.e. it describes the main role of the entry. On some servers, once the entry is created the set of structural object classes assigned cannot be changed: none of those present can be removed and none other can be added. .TP .B LDAP_SCHEMA_AUXILIARY the object class is auxiliary, i.e. it is intended to go with other, structural, object classes. These can be added or removed at any time if attribute types are added or removed at the same time as needed by the set of object classes resulting from the operation. .LP Routines .B ldap_xxx2name() return a canonical name for the definition. .LP Routines .B ldap_xxx2str() return a string representation in the format described by RFC 4512 of the struct passed in the argument. The string is a newly allocated string that must be freed by the caller. These routines may return NULL if no memory can be allocated for the string. .LP .B ldap_scherr2str() returns a NUL-terminated string with a text description of the error found. This is a pointer to a static area, so it must not be freed by the caller. The argument .IR code comes from one of the parsing routines and can adopt the following values: .TP .B LDAP_SCHERR_OUTOFMEM Out of memory. .TP .B LDAP_SCHERR_UNEXPTOKEN Unexpected token. .TP .B LDAP_SCHERR_NOLEFTPAREN Missing opening parenthesis. .TP .B LDAP_SCHERR_NORIGHTPAREN Missing closing parenthesis. .TP .B LDAP_SCHERR_NODIGIT Expecting digit. .TP .B LDAP_SCHERR_BADNAME Expecting a name. .TP .B LDAP_SCHERR_BADDESC Bad description. .TP .B LDAP_SCHERR_BADSUP Bad superiors. .TP .B LDAP_SCHERR_DUPOPT Duplicate option. .TP .B LDAP_SCHERR_EMPTY Unexpected end of data. .SH SEE ALSO .BR ldap (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_first_attribute.3.links0000644000175000017500000000005714461774414023501 0ustar sergiosergioldap_next_attribute.3 ldap_get_attribute_ber.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_url.30000644000175000017500000000543314461774414017755 0ustar sergiosergio.TH LDAP_URL 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_is_ldap_url, ldap_url_parse, ldap_free_urldesc \- LDAP Uniform Resource Locator routines .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B int ldap_is_ldap_url( const char *url ) .LP .ft B int ldap_url_parse( const char *url, LDAPURLDesc **ludpp ) .LP typedef struct ldap_url_desc { char * lud_scheme; /* URI scheme */ char * lud_host; /* LDAP host to contact */ int lud_port; /* port on host */ char * lud_dn; /* base for search */ char ** lud_attrs; /* list of attributes */ int lud_scope; /* a LDAP_SCOPE_... value */ char * lud_filter; /* LDAP search filter */ char ** lud_exts; /* LDAP extensions */ int lud_crit_exts; /* true if any extension is critical */ /* may contain additional fields for internal use */ } LDAPURLDesc; .LP .ft B void ldap_free_urldesc( LDAPURLDesc *ludp ); .SH DESCRIPTION These routines support the use of LDAP URLs (Uniform Resource Locators) as detailed in RFC 4516. LDAP URLs look like this: .nf \fBldap://\fP\fIhostport\fP\fB/\fP\fIdn\fP[\fB?\fP\fIattrs\fP[\fB?\fP\fIscope\fP[\fB?\fP\fIfilter\fP[\fB?\fP\fIexts\fP]]]] where: \fIhostport\fP is a host name with an optional ":portnumber" \fIdn\fP is the search base \fIattrs\fP is a comma separated list of attributes to request \fIscope\fP is one of these three strings: base one sub (default=base) \fIfilter\fP is filter \fIexts\fP are recognized set of LDAP and/or API extensions. Example: ldap://ldap.example.net/dc=example,dc=net?cn,sn?sub?(cn=*) .fi .LP URLs that are wrapped in angle-brackets and/or preceded by "URL:" are also tolerated. Alternative LDAP schemes such as ldaps:// and ldapi:// may be parsed using the below routines as well. .LP .B ldap_is_ldap_url() returns a non-zero value if \fIurl\fP looks like an LDAP URL (as opposed to some other kind of URL). It can be used as a quick check for an LDAP URL; the .B ldap_url_parse() routine should be used if a more thorough check is needed. .LP .B ldap_url_parse() breaks down an LDAP URL passed in \fIurl\fP into its component pieces. If successful, zero is returned, an LDAP URL description is allocated, filled in, and \fIludpp\fP is set to point to it. If an error occurs, a non-zero URL error code is returned. .LP .B ldap_free_urldesc() should be called to free an LDAP URL description that was obtained from a call to .B ldap_url_parse(). .SH SEE ALSO .nf .BR ldap (3) .BR "RFC 4516" " " .SH ACKNOWLEDGEMENTS .fi .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_first_reference.30000644000175000017500000000405714461774414022321 0ustar sergiosergio.TH LDAP_FIRST_REFERENCE 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_first_reference, ldap_next_reference, ldap_count_references \- Stepping through continuation references in a result chain .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B int ldap_count_references( LDAP *ld, LDAPMessage *result ) .LP .ft B LDAPMessage *ldap_first_reference( LDAP *ld, LDAPMessage *result ) .LP .ft B LDAPMessage *ldap_next_reference( LDAP *ld, LDAPMessage *reference ) .SH DESCRIPTION .LP These routines are used to step through the continuation references in a result chain received from .BR ldap_result (3) or the synchronous LDAP search operation routines. .LP The .B ldap_first_reference() routine is used to retrieve the first reference message in a result chain. It takes the \fIresult\fP as returned by a call to .BR ldap_result (3) , .BR ldap_search_s (3) or .BR ldap_search_st (3) and returns a pointer to the first reference message in the result chain. .LP This pointer should be supplied on a subsequent call to .B ldap_next_reference() to get the next reference message, the result of which should be supplied to the next call to .BR ldap_next_reference() , etc. .B ldap_next_reference() will return NULL when there are no more reference messages. The reference messages returned from these calls are used by .BR ldap_parse_reference (3) to extract referrals and controls. .LP A count of the number of reference messages in the search result can be obtained by calling .BR ldap_count_references() . It can also be used to count the number of reference messages remaining in a result chain. .SH ERRORS If an error occurs in .B ldap_first_reference() or .BR ldap_next_reference() , NULL is returned. If an error occurs in .BR ldap_count_references() , -1 is returned. .SH SEE ALSO .BR ldap (3), .BR ldap_result (3), .BR ldap_search (3), .BR ldap_parse_reference (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_sort.30000644000175000017500000000103714461774414020136 0ustar sergiosergio.TH LDAP_SORT 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_sort_entries, ldap_sort_values, ldap_sort_strcasecmp \- LDAP sorting routines (deprecated) .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH DESCRIPTION The .BR ldap_sort_entries (), .BR ldap_sort_values (), and .BR ldap_sort_strcasecmp () are deprecated. .LP .so Deprecated .SH SEE ALSO .BR ldap (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_search.3.links0000644000175000017500000000010714461774414021530 0ustar sergiosergioldap_search_s.3 ldap_search_st.3 ldap_search_ext.3 ldap_search_ext_s.3 openldap-2.5.16+dfsg/doc/man/man3/lber-types.30000644000175000017500000001420714461774414020240 0ustar sergiosergio.TH LBER_TYPES 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ber_int_t, ber_uint_t, ber_len_t, ber_slen_t, ber_tag_t, struct berval, BerValue, BerVarray, BerElement, ber_bvfree, ber_bvecfree, ber_bvecadd, ber_bvarray_free, ber_bvarray_add, ber_bvdup, ber_dupbv, ber_bvstr, ber_bvstrdup, ber_str2bv, ber_alloc_t, ber_init, ber_init2, ber_free \- OpenLDAP LBER types and allocation functions .SH LIBRARY OpenLDAP LBER (liblber, \-llber) .SH SYNOPSIS .B #include .LP .nf .ft B typedef impl_tag_t ber_tag_t; typedef impl_int_t ber_int_t; typedef impl_uint_t ber_uint_t; typedef impl_len_t ber_len_t; typedef impl_slen_t ber_slen_t; typedef struct berval { ber_len_t bv_len; char *bv_val; } BerValue, *BerVarray; typedef struct berelement BerElement; .ft .fi .LP .BI "void ber_bvfree(struct berval *" bv ");" .LP .BI "void ber_bvecfree(struct berval **" bvec ");" .LP .BI "void ber_bvecadd(struct berval ***" bvec ", struct berval *" bv ");" .LP .BI "void ber_bvarray_free(struct berval *" bvarray ");" .LP .BI "void ber_bvarray_add(BerVarray *" bvarray ", BerValue *" bv ");" .LP .BI "struct berval *ber_bvdup(const struct berval *" bv ");" .LP .BI "struct berval *ber_dupbv(const struct berval *" dst ", struct berval *" src ");" .LP .BI "struct berval *ber_bvstr(const char *" str ");" .LP .BI "struct berval *ber_bvstrdup(const char *" str ");" .LP .BI "struct berval *ber_str2bv(const char *" str ", ber_len_t " len ", int " dup ", struct berval *" bv ");" .LP .BI "BerElement *ber_alloc_t(int " options ");" .LP .BI "BerElement *ber_init(struct berval *" bv ");" .LP .BI "void ber_init2(BerElement *" ber ", struct berval *" bv ", int " options ");" .LP .BI "void ber_free(BerElement *" ber ", int " freebuf ");" .SH DESCRIPTION .LP The following are the basic types and structures defined for use with the Lightweight BER library. .LP .B ber_int_t is a signed integer of at least 32 bits. It is commonly equivalent to .BR int . .B ber_uint_t is the unsigned variant of .BR ber_int_t . .LP .B ber_len_t is an unsigned integer of at least 32 bits used to represent a length. It is commonly equivalent to a .BR size_t . .B ber_slen_t is the signed variant to .BR ber_len_t . .LP .B ber_tag_t is an unsigned integer of at least 32 bits used to represent a BER tag. It is commonly equivalent to a .BR unsigned\ long . .LP The actual definitions of the integral impl_TYPE_t types are platform specific. .LP .BR BerValue , commonly used as .BR struct\ berval , is used to hold an arbitrary sequence of octets. .B bv_val points to .B bv_len octets. .B bv_val is not necessarily terminated by a NULL (zero) octet. .BR ber_bvfree () frees a BerValue, pointed to by \fIbv\fP, returned from this API. If \fIbv\fP is NULL, the routine does nothing. .LP .BR ber_bvecfree () frees an array of BerValues (and the array), pointed to by \fIbvec\fP, returned from this API. If \fIbvec\fP is NULL, the routine does nothing. .BR ber_bvecadd () appends the \fIbv\fP pointer to the \fIbvec\fP array. Space for the array is allocated as needed. The end of the array is marked by a NULL pointer. .LP .BR ber_bvarray_free () frees an array of BerValues (and the array), pointed to by \fIbvarray\fP, returned from this API. If \fIbvarray\fP is NULL, the routine does nothing. .BR ber_bvarray_add () appends the contents of the BerValue pointed to by \fIbv\fP to the \fIbvarray\fP array. Space for the new element is allocated as needed. The end of the array is marked by a BerValue with a NULL bv_val field. .LP .BR ber_bvdup () returns a copy of a BerValue. The routine returns NULL upon error (e.g. out of memory). The caller should use .BR ber_bvfree () to deallocate the resulting BerValue. .BR ber_dupbv () copies a BerValue from \fIsrc\fP to \fIdst\fP. If \fIdst\fP is NULL a new BerValue will be allocated to hold the copy. The routine returns NULL upon error, otherwise it returns a pointer to the copy. If \fIdst\fP is NULL the caller should use .BR ber_bvfree () to deallocate the resulting BerValue, otherwise .BR ber_memfree () should be used to deallocate the \fIdst->bv_val\fP. (The .BR ber_bvdup () function is internally implemented as ber_dupbv(NULL, bv). .BR ber_bvdup () is provided only for compatibility with an expired draft of the LDAP C API; .BR ber_dupbv () is the preferred interface.) .LP .BR ber_bvstr () returns a BerValue containing the string pointed to by \fIstr\fP. .BR ber_bvstrdup () returns a BerValue containing a copy of the string pointed to by \fIstr\fP. .BR ber_str2bv () returns a BerValue containing the string pointed to by \fIstr\fP, whose length may be optionally specified in \fIlen\fP. If \fIdup\fP is non-zero, the BerValue will contain a copy of \fIstr\fP. If \fIlen\fP is zero, the number of bytes to copy will be determined by .BR strlen (3), otherwise \fIlen\fP bytes will be copied. If \fIbv\fP is non-NULL, the result will be stored in the given BerValue, otherwise a new BerValue will be allocated to store the result. NOTE: Both .BR ber_bvstr () and .BR ber_bvstrdup () are implemented as macros using .BR ber_str2bv () in this version of the library. .LP .B BerElement is an opaque structure used to maintain state information used in encoding and decoding. .BR ber_alloc_t () is used to create an empty BerElement structure. If .B LBER_USE_DER is specified for the .I options parameter then data lengths for data written to the BerElement will be encoded in the minimal number of octets required, otherwise they will always be written as four byte values. .BR ber_init () creates a BerElement structure that is initialized with a copy of the data in its .I bv parameter. .BR ber_init2 () initializes an existing BerElement .I ber using the data in the .I bv parameter. The data is referenced directly, not copied. The .I options parameter is the same as for .BR ber_alloc_t (). .BR ber_free () frees a BerElement pointed to by \fIber\fP. If \fIber\fP is NULL, the routine does nothing. If \fIfreebuf\fP is zero, the internal buffer is not freed. .SH SEE ALSO .BR lber-encode (3), .BR lber-decode (3), .BR lber-memory (3) .LP .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_rename.3.links0000644000175000017500000000002014461774414021524 0ustar sergiosergioldap_rename_s.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_controls.3.links0000644000175000017500000000017214461774414022130 0ustar sergiosergioldap_control_create.3 ldap_control_find.3 ldap_control_dup.3 ldap_controls_dup.3 ldap_control_free.3 ldap_controls_free.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_error.30000644000175000017500000001353114461774414020302 0ustar sergiosergio.TH LDAP_ERROR 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_perror, ld_errno, ldap_result2error, ldap_errlist, ldap_err2string \- LDAP protocol error handling routines .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B char *ldap_err2string( int \fIerr\fB ); .SH DESCRIPTION The .B ldap_err2string() routine provides short description of the various codes returned by routines in this library. The returned string is a pointer to a static area that should not be modified. These codes are either negative, indicating an API error code; positive, indicating an LDAP resultCode other than \'success' (0), or - zero, indicating both successful use of the API and the LDAP resultCode \'success' (0). The code associated with an LDAP session is accessible using .BR ldap_get_option (3) and .BR ldap_set_option (3) with the .B LDAP_OPT_RESULT_CODE option (previously called .BR LDAP_OPT_ERROR_NUMBER ). .SH PROTOCOL RESULT CODES This section provides a partial list of protocol codes recognized by the library. As LDAP is extensible, additional values may be returned. A complete listing of \fIregistered\fP LDAP result codes can be obtained from the \fIInternet Assigned Numbers Authority\fP . .LP .TP 20 .SM LDAP_SUCCESS The request was successful. .TP .SM LDAP_OPERATIONS_ERROR An operations error occurred. .TP .SM LDAP_PROTOCOL_ERROR A protocol violation was detected. .TP .SM LDAP_TIMELIMIT_EXCEEDED An LDAP time limit was exceeded. .TP .SM LDAP_SIZELIMIT_EXCEEDED An LDAP size limit was exceeded. .TP .SM LDAP_COMPARE_FALSE A compare operation returned false. .TP .SM LDAP_COMPARE_TRUE A compare operation returned true. .TP .SM LDAP_STRONG_AUTH_NOT_SUPPORTED The LDAP server does not support strong authentication. .TP .SM LDAP_STRONG_AUTH_REQUIRED Strong authentication is required for the operation. .TP .SM LDAP_PARTIAL_RESULTS Partial results only returned. .TP .SM LDAP_NO_SUCH_ATTRIBUTE The attribute type specified does not exist in the entry. .TP .SM LDAP_UNDEFINED_TYPE The attribute type specified is invalid. .TP .SM LDAP_INAPPROPRIATE_MATCHING Filter type not supported for the specified attribute. .TP .SM LDAP_CONSTRAINT_VIOLATION An attribute value specified violates some constraint (e.g., a postalAddress has too many lines, or a line that is too long). .TP .SM LDAP_TYPE_OR_VALUE_EXISTS An attribute type or attribute value specified already exists in the entry. .TP .SM LDAP_INVALID_SYNTAX An invalid attribute value was specified. .TP .SM LDAP_NO_SUCH_OBJECT The specified object does not exist in The Directory. .TP .SM LDAP_ALIAS_PROBLEM An alias in The Directory points to a nonexistent entry. .TP .SM LDAP_INVALID_DN_SYNTAX A syntactically invalid DN was specified. .TP .SM LDAP_IS_LEAF The object specified is a leaf. .TP .SM LDAP_ALIAS_DEREF_PROBLEM A problem was encountered when dereferencing an alias. .TP .SM LDAP_INAPPROPRIATE_AUTH Inappropriate authentication was specified (e.g., LDAP_AUTH_SIMPLE was specified and the entry does not have a userPassword attribute). .TP .SM LDAP_INVALID_CREDENTIALS Invalid credentials were presented (e.g., the wrong password). .TP .SM LDAP_INSUFFICIENT_ACCESS The user has insufficient access to perform the operation. .TP .SM LDAP_BUSY The DSA is busy. .TP .SM LDAP_UNAVAILABLE The DSA is unavailable. .TP .SM LDAP_UNWILLING_TO_PERFORM The DSA is unwilling to perform the operation. .TP .SM LDAP_LOOP_DETECT A loop was detected. .TP .SM LDAP_NAMING_VIOLATION A naming violation occurred. .TP .SM LDAP_OBJECT_CLASS_VIOLATION An object class violation occurred (e.g., a "must" attribute was missing from the entry). .TP .SM LDAP_NOT_ALLOWED_ON_NONLEAF The operation is not allowed on a nonleaf object. .TP .SM LDAP_NOT_ALLOWED_ON_RDN The operation is not allowed on an RDN. .TP .SM LDAP_ALREADY_EXISTS The entry already exists. .TP .SM LDAP_NO_OBJECT_CLASS_MODS Object class modifications are not allowed. .TP .SM LDAP_OTHER An unknown error occurred. .SH API ERROR CODES This section provides a complete list of API error codes recognized by the library. Note that LDAP_SUCCESS indicates success of an API call in addition to representing the return of the LDAP \'success' resultCode. .LP .TP 20 .SM LDAP_SERVER_DOWN The LDAP library can't contact the LDAP server. .TP .SM LDAP_LOCAL_ERROR Some local error occurred. This is usually a failed dynamic memory allocation. .TP .SM LDAP_ENCODING_ERROR An error was encountered encoding parameters to send to the LDAP server. .TP .SM LDAP_DECODING_ERROR An error was encountered decoding a result from the LDAP server. .TP .SM LDAP_TIMEOUT A timelimit was exceeded while waiting for a result. .TP .SM LDAP_AUTH_UNKNOWN The authentication method specified to ldap_bind() is not known. .TP .SM LDAP_FILTER_ERROR An invalid filter was supplied to ldap_search() (e.g., unbalanced parentheses). .TP .SM LDAP_PARAM_ERROR An ldap routine was called with a bad parameter. .TP .SM LDAP_NO_MEMORY An memory allocation (e.g., malloc(3) or other dynamic memory allocator) call failed in an ldap library routine. .TP .SM LDAP_USER_CANCELED Indicates the user cancelled the operation. .TP .SM LDAP_CONNECT_ERROR Indicates a connection problem. .TP .SM LDAP_NOT_SUPPORTED Indicates the routine was called in a manner not supported by the library. .TP .SM LDAP_CONTROL_NOT_FOUND Indicates the control provided is unknown to the client library. .TP .SM LDAP_NO_RESULTS_RETURNED Indicates no results returned. .TP .SM LDAP_MORE_RESULTS_TO_RETURN Indicates more results could be returned. .TP .SM LDAP_CLIENT_LOOP Indicates the library has detected a loop in its processing. .TP .SM LDAP_REFERRAL_LIMIT_EXCEEDED Indicates the referral limit has been exceeded. .SH DEPRECATED .so Deprecated .SH SEE ALSO .BR ldap (3), .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/Makefile.in0000644000175000017500000000103014461774414020121 0ustar sergiosergio# man3 Makefile.in for OpenLDAP # $OpenLDAP$ ## This work is part of OpenLDAP Software . ## ## Copyright 1998-2022 The OpenLDAP Foundation. ## All rights reserved. ## ## Redistribution and use in source and binary forms, with or without ## modification, are permitted only as authorized by the OpenLDAP ## Public License. ## ## A copy of this license is available in the file LICENSE in the ## top-level directory of the distribution or, alternatively, at ## . MANSECT=3 openldap-2.5.16+dfsg/doc/man/man3/ldap_memory.3.links0000644000175000017500000000014014461774414021570 0ustar sergiosergioldap_memfree.3 ldap_memvfree.3 ldap_memalloc.3 ldap_memcalloc.3 ldap_memrealloc.3 ldap_strdup.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_add.30000644000175000017500000000372114461774414017701 0ustar sergiosergio.TH LDAP_ADD 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_add_ext, ldap_add_ext_s \- Perform an LDAP add operation .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .ft B #include .LP .ft B .nf int ldap_add_ext( .RS .ft B LDAP *\fIld, const char *\fIdn\fB, LDAPMod **\fIattrs\fB, LDAPControl **\fIsctrls\fB, LDAPControl **\fIcctrls\fB, int *\fImsgidp\fB ); .RE .LP .ft B .nf int ldap_add_ext_s( .RS LDAP *\fIld\fB, const char *\fIdn\fB, LDAPMod **\fIattrs\fB, LDAPControl *\fIsctrls\fB, LDAPControl *\fIcctrls\fB ); .RE .fi .SH DESCRIPTION The .B ldap_add_ext_s() routine is used to perform an LDAP add operation. It takes \fIdn\fP, the DN of the entry to add, and \fIattrs\fP, a null-terminated array of the entry's attributes. The LDAPMod structure is used to represent attributes, with the \fImod_type\fP and \fImod_values\fP fields being used as described under .BR ldap_modify_ext (3), and the \fIldap_op\fP field being used only if you need to specify the LDAP_MOD_BVALUES option. Otherwise, it should be set to zero. .LP Note that all entries except that specified by the last component in the given DN must already exist. .B ldap_add_ext_s() returns an code indicating success or, in the case of failure, indicating the nature of failure of the operation. See .BR ldap_error (3) for more details. .LP The .B ldap_add_ext() routine works just like .BR ldap_add_ext_s() , but it is asynchronous. It returns the message id of the request it initiated. The result of this operation can be obtained by calling .BR ldap_result (3). .SH DEPRECATED INTERFACES The .BR ldap_add () and .BR ldap_add_s () routines are deprecated in favor of the .BR ldap_add_ext () and .BR ldap_add_ext_s () routines, respectively. .LP .so Deprecated .SH SEE ALSO .BR ldap (3), .BR ldap_error (3), .BR ldap_modify (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_first_message.3.links0000644000175000017500000000005214461774414023115 0ustar sergiosergioldap_next_message.3 ldap_count_messages.3 openldap-2.5.16+dfsg/doc/man/man3/lber-encode.30000644000175000017500000002151414461774414020330 0ustar sergiosergio.TH LBER_ENCODE 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ber_alloc_t, ber_flush, ber_flush2, ber_printf, ber_put_int, ber_put_enum, ber_put_ostring, ber_put_string, ber_put_null, ber_put_boolean, ber_put_bitstring, ber_start_seq, ber_start_set, ber_put_seq, ber_put_set \- OpenLDAP LBER simplified Basic Encoding Rules library routines for encoding .SH LIBRARY OpenLDAP LBER (liblber, \-llber) .SH SYNOPSIS .B #include .LP .BI "BerElement *ber_alloc_t(int " options ");" .LP .BI "int ber_flush(Sockbuf *" sb ", BerElement *" ber ", int " freeit ");" .LP .BI "int ber_flush2(Sockbuf *" sb ", BerElement *" ber ", int " freeit ");" .LP .BI "int ber_printf(BerElement *" ber ", const char *" fmt ", ...);" .LP .BI "int ber_put_int(BerElement *" ber ", ber_int_t " num ", ber_tag_t " tag ");" .LP .BI "int ber_put_enum(BerElement *" ber ", ber_int_t " num ", ber_tag_t " tag ");" .LP .BI "int ber_put_ostring(BerElement *" ber ", const char *" str ", ber_len_t " len ", ber_tag_t " tag ");" .LP .BI "int ber_put_string(BerElement *" ber ", const char *" str ", ber_tag_t " tag ");" .LP .BI "int ber_put_null(BerElement *" ber ", ber_tag_t " tag ");" .LP .BI "int ber_put_boolean(BerElement *" ber ", ber_int_t " bool ", ber_tag_t " tag ");" .LP .BI "int ber_put_bitstring(BerElement *" ber ", const char *" str ", ber_len_t " blen ", ber_tag_t " tag ");" .LP .BI "int ber_start_seq(BerElement *" ber ", ber_tag_t " tag ");" .LP .BI "int ber_start_set(BerElement *" ber ", ber_tag_t " tag ");" .LP .BI "int ber_put_seq(BerElement *" ber ");" .LP .BI "int ber_put_set(BerElement *" ber ");" .SH DESCRIPTION .LP These routines provide a subroutine interface to a simplified implementation of the Basic Encoding Rules of ASN.1. The version of BER these routines support is the one defined for the LDAP protocol. The encoding rules are the same as BER, except that only definite form lengths are used, and bitstrings and octet strings are always encoded in primitive form. This man page describes the encoding routines in the lber library. See .BR lber-decode (3) for details on the corresponding decoding routines. Consult .BR lber-types (3) for information about types, allocators, and deallocators. .LP Normally, the only routines that need to be called by an application are .BR ber_alloc_t () to allocate a BER element for encoding, .BR ber_printf () to do the actual encoding, and .BR ber_flush2 () to actually write the element. The other routines are provided for those applications that need more control than .BR ber_printf () provides. In general, these routines return the length of the element encoded, or \-1 if an error occurred. .LP The .BR ber_alloc_t () routine is used to allocate a new BER element. It should be called with an argument of LBER_USE_DER. .LP The .BR ber_flush2 () routine is used to actually write the element to a socket (or file) descriptor, once it has been fully encoded (using .BR ber_printf () and friends). See .BR lber-sockbuf (3) for more details on the Sockbuf implementation of the \fIsb\fP parameter. If the \fIfreeit\fP parameter is non-zero, the supplied \fIber\fP will be freed. If \fILBER_FLUSH_FREE_ON_SUCCESS\fP is used, the \fIber\fP is only freed when successfully flushed, otherwise it is left intact; if \fILBER_FLUSH_FREE_ON_ERROR\fP is used, the \fIber\fP is only freed when an error occurs, otherwise it is left intact; if \fILBER_FLUSH_FREE_ALWAYS\fP is used, the \fIber\fP is freed anyway. This function differs from the original .BR ber_flush (3) function, whose behavior corresponds to that indicated for \fILBER_FLUSH_FREE_ON_SUCCESS\fP. Note that in the future, the behavior of .BR ber_flush (3) with \fIfreeit\fP non-zero might change into that of .BR ber_flush2 (3) with \fIfreeit\fP set to \fILBER_FLUSH_FREE_ALWAYS\fP. .LP The .BR ber_printf () routine is used to encode a BER element in much the same way that .BR sprintf (3) works. One important difference, though, is that some state information is kept with the \fIber\fP parameter so that multiple calls can be made to .BR ber_printf () to append things to the end of the BER element. .BR Ber_printf () writes to \fIber\fP, a pointer to a BerElement such as returned by .BR ber_alloc_t (). It interprets and formats its arguments according to the format string \fIfmt\fP. The format string can contain the following characters: .RS .LP .TP 3 .B b Boolean. An ber_int_t parameter should be supplied. A boolean element is output. .TP .B e Enumeration. An ber_int_t parameter should be supplied. An enumeration element is output. .TP .B i Integer. An ber_int_t parameter should be supplied. An integer element is output. .TP .B B Bitstring. A char * pointer to the start of the bitstring is supplied, followed by the number of bits in the bitstring. A bitstring element is output. .TP .B n Null. No parameter is required. A null element is output. .TP .B o Octet string. A char * is supplied, followed by the length of the string pointed to. An octet string element is output. .TP .B O Octet string. A struct berval * is supplied. An octet string element is output. .TP .B s Octet string. A null-terminated string is supplied. An octet string element is output, not including the trailing NULL octet. .TP .B t Tag. A ber_tag_t specifying the tag to give the next element is provided. This works across calls. .TP .B v Several octet strings. A null-terminated array of char *'s is supplied. Note that a construct like '{v}' is required to get an actual SEQUENCE OF octet strings. .TP .B V Several octet strings. A null-terminated array of struct berval *'s is supplied. Note that a construct like '{V}' is required to get an actual SEQUENCE OF octet strings. .TP .B W Several octet strings. An array of struct berval's is supplied. The array is terminated by a struct berval with a NULL bv_val. Note that a construct like '{W}' is required to get an actual SEQUENCE OF octet strings. .TP .B { Begin sequence. No parameter is required. .TP .B } End sequence. No parameter is required. .TP .B [ Begin set. No parameter is required. .TP .B ] End set. No parameter is required. .RE .LP The .BR ber_put_int () routine writes the integer element \fInum\fP to the BER element \fIber\fP. .LP The .BR ber_put_enum () routine writes the enumeration element \fInum\fP to the BER element \fIber\fP. .LP The .BR ber_put_boolean () routine writes the boolean value given by \fIbool\fP to the BER element. .LP The .BR ber_put_bitstring () routine writes \fIblen\fP bits starting at \fIstr\fP as a bitstring value to the given BER element. Note that \fIblen\fP is the length \fIin bits\fP of the bitstring. .LP The .BR ber_put_ostring () routine writes \fIlen\fP bytes starting at \fIstr\fP to the BER element as an octet string. .LP The .BR ber_put_string () routine writes the null-terminated string (minus the terminating '\0') to the BER element as an octet string. .LP The .BR ber_put_null () routine writes a NULL element to the BER element. .LP The .BR ber_start_seq () routine is used to start a sequence in the BER element. The .BR ber_start_set () routine works similarly. The end of the sequence or set is marked by the nearest matching call to .BR ber_put_seq () or .BR ber_put_set (), respectively. .SH EXAMPLES Assuming the following variable declarations, and that the variables have been assigned appropriately, an lber encoding of the following ASN.1 object: .LP .nf AlmostASearchRequest := SEQUENCE { baseObject DistinguishedName, scope ENUMERATED { baseObject (0), singleLevel (1), wholeSubtree (2) }, derefAliases ENUMERATED { neverDerefaliases (0), derefInSearching (1), derefFindingBaseObj (2), alwaysDerefAliases (3) }, sizelimit INTEGER (0 .. 65535), timelimit INTEGER (0 .. 65535), attrsOnly BOOLEAN, attributes SEQUENCE OF AttributeType } .fi .LP can be achieved like so: .LP .nf int rc; ber_int_t scope, ali, size, time, attrsonly; char *dn, **attrs; BerElement *ber; /* ... fill in values ... */ ber = ber_alloc_t( LBER_USE_DER ); if ( ber == NULL ) { /* error */ } rc = ber_printf( ber, "{siiiib{v}}", dn, scope, ali, size, time, attrsonly, attrs ); if( rc == \-1 ) { /* error */ } else { /* success */ } .fi .SH ERRORS If an error occurs during encoding, generally these routines return \-1. .LP .SH NOTES .LP The return values for all of these functions are declared in the header file. .SH SEE ALSO .BR lber-decode (3), .BR lber-memory (3), .BR lber-sockbuf (3), .BR lber-types (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_get_dn.3.links0000644000175000017500000000022414461774414021523 0ustar sergiosergioldap_explode_dn.3 ldap_explode_rdn.3 ldap_dn2ufn.3 ldap_str2dn.3 ldap_dnfree.3 ldap_dn2str.3 ldap_dn2dcedn.3 ldap_dcedn2dn.3 ldap_dn2ad_canonical.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_url.3.links0000644000175000017500000000007014461774414021064 0ustar sergiosergioldap_is_ldap_url.3 ldap_url_parse.3 ldap_free_urldesc.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_memory.30000644000175000017500000000246214461774414020462 0ustar sergiosergio.TH LDAP_MEMORY 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_memfree, ldap_memvfree, ldap_memalloc, ldap_memcalloc, ldap_memrealloc, ldap_strdup \- LDAP memory allocation routines .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .B #include .LP .BI "void ldap_memfree(void *" p ");" .LP .BI "void ldap_memvfree(void **" v ");" .LP .BI "void *ldap_memalloc(ber_len_t " s ");" .LP .BI "void *ldap_memcalloc(ber_len_t " n ", ber_len_t " s ");" .LP .BI "void *ldap_memrealloc(void *" p ", ber_len_t " s ");" .LP .BI "char *ldap_strdup(LDAP_CONST char *" p ");" .SH DESCRIPTION These routines are used to allocate/deallocate memory used/returned by the LDAP library. .BR ldap_memalloc (), .BR ldap_memcalloc (), .BR ldap_memrealloc (), and .BR ldap_memfree () are used exactly like the standard .BR malloc (3), .BR calloc (3), .BR realloc (3), and .BR free (3) routines, respectively. The .BR ldap_memvfree () routine is used to free a dynamically allocated array of pointers to arbitrary dynamically allocated objects. The .BR ldap_strdup () routine is used exactly like the standard .BR strdup (3) routine. .SH SEE ALSO .BR ldap (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_get_values.3.links0000644000175000017500000000015214461774414022421 0ustar sergiosergioldap_get_values_len.3 ldap_value_free.3 ldap_value_free_len.3 ldap_count_values.3 ldap_count_values_len.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_parse_reference.30000644000175000017500000000406114461774414022277 0ustar sergiosergio.TH LDAP_PARSE_REFERENCE 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_parse_reference \- Extract referrals and controls from a reference message .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B int ldap_parse_reference( LDAP *ld, LDAPMessage *reference, char ***referralsp, LDAPControl ***serverctrlsp, int freeit ) .SH DESCRIPTION .LP The .B ldap_parse_reference() routine is used to extract referrals and controls from a reference message. The \fIreference\fP parameter is a reference message as returned by a call to .BR ldap_first_reference (3) , .BR ldap_next_reference (3) , .BR ldap_first_message (3) , .BR ldap_next_message (3) , or .BR ldap_result (3) . .LP The \fIreferralsp\fP parameter will be filled in with an allocated array of character strings. The strings are copies of the referrals contained in the parsed message. The array should be freed by calling .BR ldap_value_free (3) . If \fIreferralsp\fP is NULL, no referrals are returned. If no referrals were returned, \fI*referralsp\fP is set to NULL. .LP The \fIserverctrlsp\fP parameter will be filled in with an allocated array of controls copied from the parsed message. The array should be freed by calling .BR ldap_controls_free (3). If \fIserverctrlsp\fP is NULL, no controls are returned. If no controls were returned, \fI*serverctrlsp\fP is set to NULL. .LP The \fIfreeit\fP parameter determines whether the parsed message is freed or not after the extraction. Any non-zero value will make it free the message. The .BR ldap_msgfree (3) routine can also be used to free the message later. .SH ERRORS Upon success LDAP_SUCCESS is returned. Otherwise the values of the \fIreferralsp\fP and \fIserverctrlsp\fP parameters are undefined. .SH SEE ALSO .BR ldap (3), .BR ldap_first_reference (3), .BR ldap_first_message (3), .BR ldap_result (3), .BR ldap_get_values (3), .BR ldap_controls_free (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_modify.3.links0000644000175000017500000000010714461774414021552 0ustar sergiosergioldap_modify_s.3 ldap_modify_ext.3 ldap_modify_ext_s.3 ldap_mods_free.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_extended_operation.3.links0000644000175000017500000000003514461774414024143 0ustar sergiosergioldap_extended_operation_s.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_abandon.3.links0000644000175000017500000000002314461774414021662 0ustar sergiosergioldap_abandon_ext.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_sync.30000644000175000017500000002300214461774414020117 0ustar sergiosergio.TH LDAP_SYNC 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 2006-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_sync_init, ldap_sync_init_refresh_only, ldap_sync_init_refresh_and_persist, ldap_sync_poll \- LDAP sync routines .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .B #include .LP .BI "int ldap_sync_init(ldap_sync_t *" ls ", int " mode ");" .LP .BI "int ldap_sync_init_refresh_only(ldap_sync_t *" ls ");" .LP .BI "int ldap_sync_init_refresh_and_persist(ldap_sync_t *" ls ");" .LP .BI "int ldap_sync_poll(ldap_sync_t *" ls ");" .LP .BI "ldap_sync_t * ldap_sync_initialize(ldap_sync_t *" ls ");" .LP .BI "void ldap_sync_destroy(ldap_sync_t *" ls ", int " freeit ");" .LP .BI "typedef int (*" ldap_sync_search_entry_f ")(ldap_sync_t *" ls "," .RS .BI "LDAPMessage *" msg ", struct berval *" entryUUID "," .BI "ldap_sync_refresh_t " phase ");" .RE .LP .BI "typedef int (*" ldap_sync_search_reference_f ")(ldap_sync_t *" ls "," .RS .BI "LDAPMessage *" msg ");" .RE .LP .BI "typedef int (*" ldap_sync_intermediate_f ")(ldap_sync_t *" ls "," .RS .BI "LDAPMessage *" msg ", BerVarray " syncUUIDs "," .BI "ldap_sync_refresh_t " phase ");" .RE .LP .BI "typedef int (*" ldap_sync_search_result_f ")(ldap_sync_t *" ls "," .RS .BI "LDAPMessage *" msg ", int " refreshDeletes ");" .RE .SH DESCRIPTION .LP These routines provide an interface to the LDAP Content Synchronization operation (RFC 4533). They require an .BR ldap_sync_t structure to be set up with parameters required for various phases of the operation; this includes setting some handlers for special events. All handlers take a pointer to the \fBldap_sync_t\fP structure as the first argument, and a pointer to the \fBLDAPMessage\fP structure as received from the server by the client library, plus, occasionally, other specific arguments. The members of the \fBldap_sync_t\fP structure are: .TP .BI "char *" ls_base The search base; by default, the .B BASE option in .BR ldap.conf (5). .TP .BI "int " ls_scope The search scope (one of .BR LDAP_SCOPE_BASE , .BR LDAP_SCOPE_ONELEVEL , .BR LDAP_SCOPE_SUBORDINATE or .BR LDAP_SCOPE_SUBTREE ; see .B ldap.h for details). .TP .BI "char *" ls_filter The filter (RFC 4515); by default, .BR (objectClass=*) . .TP .BI "char **" ls_attrs The requested attributes; by default .BR NULL , indicating all user attributes. .TP .BI "int " ls_timelimit The requested time limit (in seconds); by default .BR 0 , to indicate no limit. .TP .BI "int " ls_sizelimit The requested size limit (in entries); by default .BR 0 , to indicate no limit. .TP .BI "int " ls_timeout The desired timeout during polling with .BR ldap_sync_poll (3). A value of .BR \-1 means that polling is blocking, so .BR ldap_sync_poll (3) will not return until a message is received; a value of .BR 0 means that polling returns immediately, no matter if any response is available or not; a positive value represents the timeout the .BR ldap_sync_poll (3) function will wait for response before returning, unless a message is received; in that case, .BR ldap_sync_poll (3) returns as soon as the message is available. .TP .BI "ldap_sync_search_entry_f " ls_search_entry A function that is called whenever an entry is returned. The .BR msg argument is the .BR LDAPMessage that contains the searchResultEntry; it can be parsed using the regular client API routines, like .BR ldap_get_dn (3), .BR ldap_first_attribute (3), and so on. The .BR entryUUID argument contains the entryUUID of the entry. The .BR phase argument indicates the type of operation: one of .BR LDAP_SYNC_CAPI_PRESENT , .BR LDAP_SYNC_CAPI_ADD , .BR LDAP_SYNC_CAPI_MODIFY , .BR LDAP_SYNC_CAPI_DELETE ; in case of .BR LDAP_SYNC_CAPI_PRESENT or .BR LDAP_SYNC_CAPI_DELETE , only the DN is contained in the .IR LDAPMessage ; in case of .BR LDAP_SYNC_CAPI_MODIFY , the whole entry is contained in the .IR LDAPMessage , and the application is responsible of determining the differences between the new view of the entry provided by the caller and the data already known. .TP .BI "ldap_sync_search_reference_f " ls_search_reference A function that is called whenever a search reference is returned. The .BR msg argument is the .BR LDAPMessage that contains the searchResultReference; it can be parsed using the regular client API routines, like .BR ldap_parse_reference (3). .TP .BI "ldap_sync_intermediate_f " ls_intermediate A function that is called whenever something relevant occurs during the refresh phase of the search, which is marked by an \fIintermediateResponse\fP message type. The .BR msg argument is the .BR LDAPMessage that contains the intermediate response; it can be parsed using the regular client API routines, like .BR ldap_parse_intermediate (3). The .BR syncUUIDs argument contains an array of UUIDs of the entries that depends on the value of the .BR phase argument. In case of .BR LDAP_SYNC_CAPI_PRESENTS , the "present" phase is being entered; this means that the following sequence of results will consist in entries in "present" sync state. In case of .BR LDAP_SYNC_CAPI_DELETES , the "deletes" phase is being entered; this means that the following sequence of results will consist in entries in "delete" sync state. In case of .BR LDAP_SYNC_CAPI_PRESENTS_IDSET , the message contains a set of UUIDs of entries that are present; it replaces a "presents" phase. In case of .BR LDAP_SYNC_CAPI_DELETES_IDSET , the message contains a set of UUIDs of entries that have been deleted; it replaces a "deletes" phase. In case of .BR LDAP_SYNC_CAPI_DONE, a "presents" phase with "refreshDone" set to "TRUE" has been returned to indicate that the refresh phase of refreshAndPersist is over, and the client should start polling. Except for the .BR LDAP_SYNC_CAPI_PRESENTS_IDSET and .BR LDAP_SYNC_CAPI_DELETES_IDSET cases, .BR syncUUIDs is NULL. .BR .TP .BI "ldap_sync_search_result_f " ls_search_result A function that is called whenever a searchResultDone is returned. In refreshAndPersist this can only occur when the server decides that the search must be interrupted. The .BR msg argument is the .BR LDAPMessage that contains the response; it can be parsed using the regular client API routines, like .BR ldap_parse_result (3). The .BR refreshDeletes argument is not relevant in this case; it should always be \-1. .TP .BI "void *" ls_private A pointer to private data. The client may register here a pointer to data the handlers above may need. .TP .BI "LDAP *" ls_ld A pointer to a LDAP structure that is used to connect to the server. It is the responsibility of the client to initialize the structure and to provide appropriate authentication and security in place. .SH "GENERAL USE" A .B ldap_sync_t structure is initialized by calling .BR ldap_sync_initialize(3). This simply clears out the contents of an already existing .B ldap_sync_t structure, and sets appropriate values for some members. After that, the caller is responsible for setting up the connection (member .BR ls_ld ), eventually setting up transport security (TLS), for binding and any other initialization. The caller must also fill all the documented search-related fields of the .B ldap_sync_t structure. At the end of a session, the structure can be cleaned up by calling .BR ldap_sync_destroy (3), which takes care of freeing all data assuming it was allocated by .BR ldap_mem* (3) routines. Otherwise, the caller should take care of destroying and zeroing out the documented search-related fields, and call .BR ldap_sync_destroy (3) to free undocumented members set by the API. .SH "REFRESH ONLY" The .BR refreshOnly functionality is obtained by periodically calling .BR ldap_sync_init (3) with mode set to .BR LDAP_SYNC_REFRESH_ONLY , or, which is equivalent, by directly calling .BR ldap_sync_init_refresh_only (3). The state of the search, and the consistency of the search parameters, is preserved across calls by passing the .B ldap_sync_t structure as left by the previous call. .SH "REFRESH AND PERSIST" The .BR refreshAndPersist functionality is obtained by calling .BR ldap_sync_init (3) with mode set to .BR LDAP_SYNC_REFRESH_AND_PERSIST , or, which is equivalent, by directly calling .BR ldap_sync_init_refresh_and_persist (3) and, after a successful return, by repeatedly polling with .BR ldap_sync_poll (3) according to the desired pattern. A client may insert a call to .BR ldap_sync_poll (3) into an external loop to check if any modification was returned; in this case, it might be appropriate to set .BR ls_timeout to 0, or to set it to a finite, small value. Otherwise, if the client's main purpose consists in waiting for responses, a timeout of \-1 is most suitable, so that the function only returns after some data has been received and handled. .SH ERRORS All routines return any LDAP error resulting from a lower-level error in the API calls they are based on, or LDAP_SUCCESS in case of success. .BR ldap_sync_poll (3) may return .BR LDAP_SYNC_REFRESH_REQUIRED if a full refresh is requested by the server. In this case, it is appropriate to call .BR ldap_sync_init (3) again, passing the same .B ldap_sync_t structure as resulted from any previous call. .SH NOTES .SH SEE ALSO .BR ldap (3), .BR ldap_search_ext (3), .BR ldap_result (3) ; .B RFC 4533 (http://www.rfc-editor.org), .SH AUTHOR Designed and implemented by Pierangelo Masarati, based on RFC 4533 and loosely inspired by syncrepl code in .BR slapd (8). .SH ACKNOWLEDGEMENTS Initially developed by .BR "SysNet s.n.c." .B OpenLDAP is developed and maintained by The OpenLDAP Project (http://www.openldap.org/). .B OpenLDAP is derived from University of Michigan LDAP 3.3 Release. openldap-2.5.16+dfsg/doc/man/man3/ldap_open.30000644000175000017500000001370714461774414020117 0ustar sergiosergio.TH LDAP_OPEN 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_init, ldap_initialize, ldap_open \- Initialize the LDAP library and open a connection to an LDAP server .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B LDAP *ldap_open(host, port) .ft char *host; int port; .LP .ft B LDAP *ldap_init(host, port) .ft char *host; int port; .LP .ft B int ldap_initialize(ldp, uri) .ft LDAP **ldp; char *uri; .LP .ft B int ldap_connect(ldp) .ft LDAP *ldp; .LP .ft B int ldap_set_urllist_proc(ld, proc, params) .ft LDAP *ld; LDAP_URLLIST_PROC *proc; void *params; .LP .ft B int (LDAP_URLLIST_PROC)(ld, urllist, url, params); .ft LDAP *ld; LDAPURLDesc **urllist; LDAPURLDesc **url; void *params; .LP .ft B #include .LP .ft B int ldap_init_fd(fd, proto, uri, ldp) .ft ber_socket_t fd; int proto; char *uri; LDAP **ldp; .SH DESCRIPTION .LP .B ldap_open() opens a connection to an LDAP server and allocates an LDAP structure which is used to identify the connection and to maintain per-connection information. .B ldap_init() allocates an LDAP structure but does not open an initial connection. .B ldap_initialize() allocates an LDAP structure but does not open an initial connection. .B ldap_init_fd() allocates an LDAP structure using an existing connection on the provided socket. One of these routines must be called before any operations are attempted. .LP .B ldap_open() takes \fIhost\fP, the hostname on which the LDAP server is running, and \fIport\fP, the port number to which to connect. If the default IANA-assigned port of 389 is desired, LDAP_PORT should be specified for \fIport\fP. The \fIhost\fP parameter may contain a blank-separated list of hosts to try to connect to, and each host may optionally by of the form \fIhost:port\fP. If present, the \fI:port\fP overrides the \fIport\fP parameter to .BR ldap_open() . Upon successfully making a connection to an LDAP server, .B ldap_open() returns a pointer to an opaque LDAP structure, which should be passed to subsequent calls to .BR ldap_bind() , .BR ldap_search() , etc. Certain fields in the LDAP structure can be set to indicate size limit, time limit, and how aliases are handled during operations; read and write access to those fields must occur by calling .BR ldap_get_option (3) and .BR ldap_set_option (3) respectively, whenever possible. .LP .B ldap_init() acts just like .BR ldap_open() , but does not open a connection to the LDAP server. The actual connection open will occur when the first operation is attempted. .LP .B ldap_initialize() acts like .BR ldap_init() , but it returns an integer indicating either success or the failure reason, and it allows to specify details for the connection in the schema portion of the URI. The .I uri parameter may be a comma- or whitespace-separated list of URIs containing only the .IR schema , the .IR host , and the .I port fields. Apart from .BR ldap , other (non-standard) recognized values of the .I schema field are .B ldaps (LDAP over TLS), .B ldapi (LDAP over IPC), and .B cldap (connectionless LDAP). If other fields are present, the behavior is undefined. .LP At this time, .B ldap_open() and .B ldap_init() are deprecated in favor of .BR ldap_initialize() , essentially because the latter allows to specify a schema in the URI and it explicitly returns an error code. .LP .B ldap_connect() causes a handle created by .B ldap_initialize() to connect to the server. This is useful in situations where a file descriptor is required before a request is performed. .LP .B ldap_init_fd() allows an LDAP structure to be initialized using an already-opened connection. The .I proto parameter should be one of LDAP_PROTO_TCP, LDAP_PROTO_UDP, or LDAP_PROTO_IPC for a connection using TCP, UDP, or IPC, respectively. The value LDAP_PROTO_EXT may also be specified if user-supplied sockbuf handlers are going to be used. Note that support for UDP is not implemented unless libldap was built with LDAP_CONNECTIONLESS defined. The .I uri parameter may optionally be provided for informational purposes. .LP .B ldap_set_urllist_proc() allows to set a function .I proc of type .I LDAP_URLLIST_PROC that is called when a successful connection can be established. This function receives the list of URIs parsed from the .I uri string originally passed to .BR ldap_initialize() , and the one that successfully connected. The function may manipulate the URI list; the typical use consists in moving the successful URI to the head of the list, so that subsequent attempts to connect to one of the URIs using the same LDAP handle will try it first. If .I ld is null, .I proc is set as a global parameter that is inherited by all handlers within the process that are created after the call to .BR ldap_set_urllist_proc() . By default, no .I LDAP_URLLIST_PROC is set. In a multithreaded environment, .B ldap_set_urllist_proc() must be called before any concurrent operation using the LDAP handle is started. Note: the first call into the LDAP library also initializes the global options for the library. As such the first call should be single-threaded or otherwise protected to insure that only one call is active. It is recommended that .BR ldap_get_option () or .BR ldap_set_option () be used in the program's main thread before any additional threads are created. See .BR ldap_get_option (3). .SH ERRORS If an error occurs, .B ldap_open() and .B ldap_init() will return NULL and .I errno should be set appropriately. .B ldap_initialize() and .B ldap_init_fd() will directly return the LDAP code associated to the error (or .I LDAP_SUCCESS in case of success); .I errno should be set as well whenever appropriate. .B ldap_set_urllist_proc() returns LDAP_OPT_ERROR on error, and LDAP_OPT_SUCCESS on success. .SH SEE ALSO .BR ldap (3), .BR ldap_bind (3), .BR ldap_get_option (3), .BR ldap_set_option (3), .BR lber-sockbuf (3), .BR errno (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_get_option.30000644000175000017500000005444014461774414021324 0ustar sergiosergio.TH LDAP_GET_OPTION 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_get_option, ldap_set_option \- LDAP option handling routines .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .B #include .LP .BI "int ldap_get_option(LDAP *" ld ", int " option ", void *" outvalue ");" .LP .BI "int ldap_set_option(LDAP *" ld ", int " option ", const void *" invalue ");" .SH DESCRIPTION .LP These routines provide access to options stored either in a LDAP handle or as global options, where applicable. They make use of a neutral interface, where the type of the value either retrieved by .BR ldap_get_option (3) or set by .BR ldap_set_option (3) is cast to .BR "void *" . The actual type is determined based on the value of the .B option argument. Global options are set/retrieved by passing a NULL LDAP handle. LDAP handles inherit their default settings from the global options in effect at the time the handle is created. .TP .B LDAP_OPT_API_FEATURE_INFO Fills-in a .BR "LDAPAPIFeatureInfo" ; .BR outvalue must be a .BR "LDAPAPIFeatureInfo *" , pointing to an already allocated struct. The .B ldapaif_info_version field of the struct must be initialized to .B LDAP_FEATURE_INFO_VERSION before making the call. The .B ldapaif_name field must be set to the name of a feature to query. This is a read-only option. .TP .B LDAP_OPT_API_INFO Fills-in a .BR "LDAPAPIInfo" ; .BR outvalue must be a .BR "LDAPAPIInfo *" , pointing to an already allocated struct. The .B ldapai_info_version field of the struct must be initialized to .B LDAP_API_INFO_VERSION before making the call. If the version passed in does not match the current library version, the expected version number will be stored in the struct and the call will fail. The caller is responsible for freeing the elements of the .B ldapai_extensions array and the array itself using .BR ldap_memfree (3). The caller must also free the .BR ldapi_vendor_name . This is a read-only option. .TP .B LDAP_OPT_CLIENT_CONTROLS Sets/gets the client-side controls to be used for all operations. This is now deprecated as modern LDAP C API provides replacements for all main operations which accepts client-side controls as explicit arguments; see for example .BR ldap_search_ext (3), .BR ldap_add_ext (3), .BR ldap_modify_ext (3) and so on. .BR outvalue must be .BR "LDAPControl ***" , and the caller is responsible of freeing the returned controls, if any, by calling .BR ldap_controls_free (3), while .BR invalue must be .BR "LDAPControl *const *" ; the library duplicates the controls passed via .BR invalue . .TP .B LDAP_OPT_CONNECT_ASYNC Sets/gets the status of the asynchronous connect flag. .BR invalue should either be .BR LDAP_OPT_OFF or .BR LDAP_OPT_ON ; .BR outvalue must be .BR "int *" . When set, the library will call .BR connect (2) and return, without waiting for response. This leaves the handle in a connecting state. Subsequent calls to library routines will poll for completion of the connect before performing further operations. As a consequence, library calls that need to establish a connection with a DSA do not block even for the network timeout (option .BR LDAP_OPT_NETWORK_TIMEOUT ). This option is OpenLDAP specific. .TP .B LDAP_OPT_CONNECT_CB This option allows to set a connect callback. .B invalue must be a .BR "const struct ldap_conncb *" . Callbacks are executed in last in-first served order. Handle-specific callbacks are executed first, followed by global ones. Right before freeing the callback structure, the .B lc_del callback handler is passed a .B NULL .BR Sockbuf . Calling .BR ldap_get_option (3) for this option removes the callback whose pointer matches .BR outvalue . This option is OpenLDAP specific. .TP .B LDAP_OPT_DEBUG_LEVEL Sets/gets the debug level of the client library. .BR invalue must be a .BR "const int *" ; .BR outvalue must be a .BR "int *" . Valid debug levels are .BR LDAP_DEBUG_ANY , .BR LDAP_DEBUG_ARGS , .BR LDAP_DEBUG_BER , .BR LDAP_DEBUG_CONNS , .BR LDAP_DEBUG_NONE , .BR LDAP_DEBUG_PACKETS , .BR LDAP_DEBUG_PARSE , and .BR LDAP_DEBUG_TRACE . This option is OpenLDAP specific. .TP .B LDAP_OPT_DEFBASE Sets/gets a string containing the DN to be used as default base for search operations. .BR outvalue must be a .BR "char **" , and the caller is responsible of freeing the returned string by calling .BR ldap_memfree (3), while .BR invalue must be a .BR "const char *" ; the library duplicates the corresponding string. This option is OpenLDAP specific. .TP .B LDAP_OPT_DEREF Sets/gets the value that defines when alias dereferencing must occur. .BR invalue must be .BR "const int *" ; .BR outvalue must be .BR "int *" . They cannot be NULL. The value of .BR *invalue should be one of .BR LDAP_DEREF_NEVER (the default), .BR LDAP_DEREF_SEARCHING , .BR LDAP_DEREF_FINDING , or .BR LDAP_DEREF_ALWAYS . Note that this has ever been the only means to determine alias dereferencing within search operations. .TP .B LDAP_OPT_DESC Returns the file descriptor associated to the socket buffer of the LDAP handle passed in as .BR ld ; .BR outvalue must be a .BR "int *" . This is a read-only, handle-specific option. .TP .B LDAP_OPT_DIAGNOSTIC_MESSAGE Sets/gets a string containing the error string associated to the LDAP handle. This option was formerly known as .BR LDAP_OPT_ERROR_STRING . .BR outvalue must be a .BR "char **" , and the caller is responsible of freeing the returned string by calling .BR ldap_memfree (3), while .BR invalue must be a .BR "char *" ; the library duplicates the corresponding string. .TP .B LDAP_OPT_HOST_NAME Sets/gets a space-separated list of hosts to be contacted by the library when trying to establish a connection. This is now deprecated in favor of .BR LDAP_OPT_URI . .BR outvalue must be a .BR "char **" , and the caller is responsible of freeing the resulting string by calling .BR ldap_memfree (3), while .BR invalue must be a .BR "const char *" ; the library duplicates the corresponding string. .TP .B LDAP_OPT_MATCHED_DN Sets/gets a string containing the matched DN associated to the LDAP handle. .BR outvalue must be a .BR "char **" , and the caller is responsible of freeing the returned string by calling .BR ldap_memfree (3), while .BR invalue must be a .BR "const char *" ; the library duplicates the corresponding string. .TP .B LDAP_OPT_NETWORK_TIMEOUT Sets/gets the network timeout value after which .BR poll (2)/ select (2) following a .BR connect (2) returns in case of no activity. .B outvalue must be a .BR "struct timeval **" (the caller has to free .BR *outvalue using .BR ldap_memfree (3)), and .B invalue must be a .BR "const struct timeval *" . They cannot be NULL. Using a struct with seconds set to \-1 results in an infinite timeout, which is the default. This option is OpenLDAP specific. .TP .B LDAP_OPT_PROTOCOL_VERSION Sets/gets the protocol version. .BR outvalue and .BR invalue must be .BR "int *" . .TP .B LDAP_OPT_REFERRAL_URLS Sets/gets an array containing the referral URIs associated to the LDAP handle. .BR outvalue must be a .BR "char ***" , and the caller is responsible of freeing the returned string by calling .BR ldap_memvfree (3), while .BR invalue must be a NULL-terminated .BR "char *const *" ; the library duplicates the corresponding string. This option is OpenLDAP specific. .TP .B LDAP_OPT_REFERRALS Determines whether the library should implicitly chase referrals or not. .BR invalue must be .BR "const int *" ; its value should either be .BR LDAP_OPT_OFF or .BR LDAP_OPT_ON . .BR outvalue must be .BR "int *" . .\".TP .\".B LDAP_OPT_REFHOPLIMIT .\"This option is OpenLDAP specific. .\"It is not currently implemented. .TP .B LDAP_OPT_RESTART Determines whether the library should implicitly restart connections (FIXME). .BR invalue must be .BR "const int *" ; its value should either be .BR LDAP_OPT_OFF or .BR LDAP_OPT_ON . .BR outvalue must be .BR "int *" . .TP .B LDAP_OPT_RESULT_CODE Sets/gets the LDAP result code associated to the handle. This option was formerly known as .BR LDAP_OPT_ERROR_NUMBER . .BR invalue must be a .BR "const int *" . .BR outvalue must be a .BR "int *" . .TP .B LDAP_OPT_SERVER_CONTROLS Sets/gets the server-side controls to be used for all operations. This is now deprecated as modern LDAP C API provides replacements for all main operations which accepts server-side controls as explicit arguments; see for example .BR ldap_search_ext (3), .BR ldap_add_ext (3), .BR ldap_modify_ext (3) and so on. .BR outvalue must be .BR "LDAPControl ***" , and the caller is responsible of freeing the returned controls, if any, by calling .BR ldap_controls_free (3), while .BR invalue must be .BR "LDAPControl *const *" ; the library duplicates the controls passed via .BR invalue . .TP .B LDAP_OPT_SESSION_REFCNT Returns the reference count associated with the LDAP handle passed in as .BR ld ; .BR outvalue must be a .BR "int *" . This is a read-only, handle-specific option. This option is OpenLDAP specific. .TP .B LDAP_OPT_SIZELIMIT Sets/gets the value that defines the maximum number of entries to be returned by a search operation. .BR invalue must be .BR "const int *" , while .BR outvalue must be .BR "int *" ; They cannot be NULL. .TP .B LDAP_OPT_SOCKBUF Returns a pointer to the socket buffer of the LDAP handle passed in as .BR ld ; .BR outvalue must be a .BR "Sockbuf **" . This is a read-only, handle-specific option. This option is OpenLDAP specific. .TP .B LDAP_OPT_SOCKET_BIND_ADDRESSES Sets/gets a space-separated list of IP Addresses used as binding interface to remote server when trying to establish a connection. Only one valid IPv4 address and/or one valid IPv6 address are allowed in the list. .BR outvalue must be a .BR "char **", and the caller is responsible of freeing the returned string by calling .BR ldap_memfree (3), while .BR invalue must be a .BR "const char *" ; the library duplicates the corresponding string. .TP .B LDAP_OPT_TIMELIMIT Sets/gets the value that defines the time limit after which a search operation should be terminated by the server. .BR invalue must be .BR "const int *" , while .BR outvalue must be .BR "int *" , and they cannot be NULL. .TP .B LDAP_OPT_TIMEOUT Sets/gets a timeout value for the synchronous API calls. .B outvalue must be a .BR "struct timeval **" (the caller has to free .BR *outvalue using .BR ldap_memfree (3)), and .B invalue must be a .BR "struct timeval *" , and they cannot be NULL. Using a struct with seconds set to \-1 results in an infinite timeout, which is the default. This option is OpenLDAP specific. .TP .B LDAP_OPT_URI Sets/gets a comma- or space-separated list of URIs to be contacted by the library when trying to establish a connection. .BR outvalue must be a .BR "char **" , and the caller is responsible of freeing the resulting string by calling .BR ldap_memfree (3), while .BR invalue must be a .BR "const char *" ; the library parses the string into a list of .BR LDAPURLDesc structures, so the invocation of .BR ldap_set_option (3) may fail if URL parsing fails. URIs may only contain the .BR schema , the .BR host , and the .BR port fields. This option is OpenLDAP specific. .TP .B LDAP_OPT_KEEPCONN Instructs .BR ldap_result (3) to keep the connection open on read error or if Notice of Disconnection is received. In these cases, the connection should be closed by the caller. This option is OpenLDAP specific. .TP .B LDAP_OPT_TCP_USER_TIMEOUT Allows to configure TCP_USER_TIMEOUT in milliseconds on the connection, overriding the operating system setting. This option is OpenLDAP specific and supported only on Linux 2.6.37 or higher. .B invalue must be a .BR "const unsigned int *" ; .BR outvalue must be an .BR "unsigned int *" . .SH SASL OPTIONS The SASL options are OpenLDAP specific and unless otherwise noted, require an LDAP handle to be passed. .TP .B LDAP_OPT_X_SASL_AUTHCID Gets the SASL authentication identity; .BR outvalue must be a .BR "char **" , its content needs to be freed by the caller using .BR ldap_memfree (3). .TP .B LDAP_OPT_X_SASL_AUTHZID Gets the SASL authorization identity; .BR outvalue must be a .BR "char **" , its content needs to be freed by the caller using .BR ldap_memfree (3). .TP .B LDAP_OPT_X_SASL_MAXBUFSIZE Gets/sets SASL maximum buffer size; .BR invalue must be .BR "const ber_len_t *" , while .BR outvalue must be .BR "ber_len_t *" . See also .BR LDAP_OPT_X_SASL_SECPROPS . .TP .B LDAP_OPT_X_SASL_MECH Gets the SASL mechanism; .BR outvalue must be a .BR "char **" , its content needs to be freed by the caller using .BR ldap_memfree (3). .TP .B LDAP_OPT_X_SASL_MECHLIST Gets the list of the available mechanisms, in form of a NULL-terminated array of strings; .BR outvalue must be .BR "char ***" . The caller must not free or otherwise muck with it. This option can be used globally. .TP .B LDAP_OPT_X_SASL_NOCANON Sets/gets the NOCANON flag. When unset, the hostname is canonicalized. .BR invalue must be .BR "const int *" ; its value should either be .BR LDAP_OPT_OFF or .BR LDAP_OPT_ON . .BR outvalue must be .BR "int *" . .TP .B LDAP_OPT_X_SASL_REALM Gets the SASL realm; .BR outvalue must be a .BR "char **" , its content needs to be freed by the caller using .BR ldap_memfree (3). .TP .B LDAP_OPT_X_SASL_SECPROPS Sets the SASL secprops; .BR invalue must be a .BR "char *" , containing a comma-separated list of properties. Legal values are: .BR none , .BR nodict , .BR noplain , .BR noactive , .BR passcred , .BR forwardsec , .BR noanonymous , .BR minssf= , .BR maxssf= , .BR maxbufsize= . .TP .B LDAP_OPT_X_SASL_SSF Gets the SASL SSF; .BR outvalue must be a .BR "ber_len_t *" . .TP .B LDAP_OPT_X_SASL_SSF_EXTERNAL Sets the SASL SSF value related to an authentication performed using an EXTERNAL mechanism; .BR invalue must be a .BR "const ber_len_t *" . .TP .B LDAP_OPT_X_SASL_SSF_MAX Gets/sets SASL maximum SSF; .BR invalue must be .BR "const ber_len_t *" , while .BR outvalue must be .BR "ber_len_t *" . See also .BR LDAP_OPT_X_SASL_SECPROPS . .TP .B LDAP_OPT_X_SASL_SSF_MIN Gets/sets SASL minimum SSF; .BR invalue must be .BR "const ber_len_t *" , while .BR outvalue must be .BR "ber_len_t *" . See also .BR LDAP_OPT_X_SASL_SECPROPS . .TP .B LDAP_OPT_X_SASL_USERNAME Gets the SASL username; .BR outvalue must be a .BR "char **" . Its content needs to be freed by the caller using .BR ldap_memfree (3). .TP .B LDAP_OPT_X_SASL_CBINDING Sets/gets the channel-binding type to use in SASL, one of .BR LDAP_OPT_X_SASL_CBINDING_NONE (the default), .BR LDAP_OPT_X_SASL_CBINDING_TLS_UNIQUE the "tls-unique" type from RFC 5929. .BR LDAP_OPT_X_SASL_CBINDING_TLS_ENDPOINT the "tls-server-end-point" from RFC 5929, compatible with Windows. .BR invalue must be .BR "const int *" ; .BR outvalue must be .BR "int *" . .SH TCP OPTIONS The TCP options are OpenLDAP specific. Mainly intended for use with Linux, they may not be portable. .TP .B LDAP_OPT_X_KEEPALIVE_IDLE Sets/gets the number of seconds a connection needs to remain idle before TCP starts sending keepalive probes. .BR invalue must be .BR "const int *" ; .BR outvalue must be .BR "int *" . .TP .B LDAP_OPT_X_KEEPALIVE_PROBES Sets/gets the maximum number of keepalive probes TCP should send before dropping the connection. .BR invalue must be .BR "const int *" ; .BR outvalue must be .BR "int *" . .TP .B LDAP_OPT_X_KEEPALIVE_INTERVAL Sets/gets the interval in seconds between individual keepalive probes. .BR invalue must be .BR "const int *" ; .BR outvalue must be .BR "int *" . .SH TLS OPTIONS The TLS options are OpenLDAP specific. .\".TP .\".B LDAP_OPT_X_TLS .\"Sets/gets the TLS mode. .TP .B LDAP_OPT_X_TLS_CACERTDIR Sets/gets the path of the directory containing CA certificates. .BR invalue must be .BR "const char *" ; .BR outvalue must be .BR "char **" , and its contents need to be freed by the caller using .BR ldap_memfree (3). .TP .B LDAP_OPT_X_TLS_CACERTFILE Sets/gets the full-path of the CA certificate file. .BR invalue must be .BR "const char *" ; .BR outvalue must be .BR "char **" , and its contents need to be freed by the caller using .BR ldap_memfree (3). .TP .B LDAP_OPT_X_TLS_CERTFILE Sets/gets the full-path of the certificate file. .BR invalue must be .BR "const char *" ; .BR outvalue must be .BR "char **" , and its contents need to be freed by the caller using .BR ldap_memfree (3). .TP .B LDAP_OPT_X_TLS_CIPHER Gets the cipher being used on an established TLS session. .BR outvalue must be .BR "char **" , and its contents need to be freed by the caller using .BR ldap_memfree (3). .TP .B LDAP_OPT_X_TLS_CIPHER_SUITE Sets/gets the allowed cipher suite. .BR invalue must be .BR "const char *" ; .BR outvalue must be .BR "char **" , and its contents need to be freed by the caller using .BR ldap_memfree (3). .TP .B LDAP_OPT_X_TLS_CONNECT_ARG Sets/gets the connection callback argument. .BR invalue must be .BR "const void *" ; .BR outvalue must be .BR "void **" . .TP .B LDAP_OPT_X_TLS_CONNECT_CB Sets/gets the connection callback handle. .BR invalue must be .BR "const LDAP_TLS_CONNECT_CB *" ; .BR outvalue must be .BR "LDAP_TLS_CONNECT_CB **" . .TP .B LDAP_OPT_X_TLS_CRLCHECK Sets/gets the CRL evaluation strategy, one of .BR LDAP_OPT_X_TLS_CRL_NONE , .BR LDAP_OPT_X_TLS_CRL_PEER , or .BR LDAP_OPT_X_TLS_CRL_ALL . .BR invalue must be .BR "const int *" ; .BR outvalue must be .BR "int *" . Requires OpenSSL. .TP .B LDAP_OPT_X_TLS_CRLFILE Sets/gets the full-path of the CRL file. .BR invalue must be .BR "const char *" ; .BR outvalue must be .BR "char **" , and its contents need to be freed by the caller using .BR ldap_memfree (3). This option is only valid for GnuTLS. .TP .B LDAP_OPT_X_TLS_CTX Sets/gets the TLS library context. New TLS sessions will inherit their default settings from this library context. .BR invalue must be .BR "const void *" ; .BR outvalue must be .BR "void **" . When using the OpenSSL library this is an SSL_CTX*. When using other crypto libraries this is a pointer to an OpenLDAP private structure. Applications generally should not use this option or attempt to manipulate this structure. .TP .B LDAP_OPT_X_TLS_DHFILE Gets/sets the full-path of the file containing the parameters for Diffie-Hellman ephemeral key exchange. .BR invalue must be .BR "const char *" ; .BR outvalue must be .BR "char **" , and its contents need to be freed by the caller using .BR ldap_memfree (3). .TP .B LDAP_OPT_X_TLS_ECNAME Gets/sets the name of the curve(s) used for elliptic curve key exchanges. .BR invalue must be .BR "const char *" ; .BR outvalue must be .BR "char **" , and its contents need to be freed by the caller using .BR ldap_memfree (3). Ignored by GnuTLS. In GnuTLS a curve may be selected in the cipher suite specification. .TP .B LDAP_OPT_X_TLS_KEYFILE Sets/gets the full-path of the certificate key file. .BR invalue must be .BR "const char *" ; .BR outvalue must be .BR "char **" , and its contents need to be freed by the caller using .BR ldap_memfree (3). .TP .B LDAP_OPT_X_TLS_NEWCTX Instructs the library to create a new TLS library context. .BR invalue must be .BR "const int *" . A non-zero value pointed to by .BR invalue tells the library to create a context for a server. .TP .B LDAP_OPT_X_TLS_PEERCERT Gets the peer's certificate in DER format from an established TLS session. .BR outvalue must be .BR "struct berval *" , and the data it returns needs to be freed by the caller using .BR ldap_memfree (3). .TP .B LDAP_OPT_X_TLS_PROTOCOL_MAX Sets/gets the maximum protocol version. .BR invalue must be .BR "const int *" ; .BR outvalue must be .BR "int *" . .TP .B LDAP_OPT_X_TLS_PROTOCOL_MIN Sets/gets the minimum protocol version. .BR invalue must be .BR "const int *" ; .BR outvalue must be .BR "int *" . .TP .B LDAP_OPT_X_TLS_RANDOM_FILE Sets/gets the random file when .B /dev/random and .B /dev/urandom are not available. .BR invalue must be .BR "const char *" ; .BR outvalue must be .BR "char **" , and its contents need to be freed by the caller using .BR ldap_memfree (3). Ignored by GnuTLS older than version 2.2. .TP .B LDAP_OPT_X_TLS_REQUIRE_CERT Sets/gets the peer certificate checking strategy, one of .BR LDAP_OPT_X_TLS_NEVER , .BR LDAP_OPT_X_TLS_HARD , .BR LDAP_OPT_X_TLS_DEMAND , .BR LDAP_OPT_X_TLS_ALLOW , .BR LDAP_OPT_X_TLS_TRY . .TP .B LDAP_OPT_X_TLS_REQUIRE_SAN Sets/gets the peer certificate subjectAlternativeName checking strategy, one of .BR LDAP_OPT_X_TLS_NEVER , .BR LDAP_OPT_X_TLS_HARD , .BR LDAP_OPT_X_TLS_DEMAND , .BR LDAP_OPT_X_TLS_ALLOW , .BR LDAP_OPT_X_TLS_TRY . .TP .B LDAP_OPT_X_TLS_SSL_CTX Gets the TLS session context associated with this handle. .BR outvalue must be .BR "void **" . When using the OpenSSL library this is an SSL*. When using other crypto libraries this is a pointer to an OpenLDAP private structure. Applications generally should not use this option. .TP .B LDAP_OPT_X_TLS_VERSION Gets the TLS version being used on an established TLS session. .BR outvalue must be .BR "char **" , and its contents need to be freed by the caller using .BR ldap_memfree (3). .TP .B LDAP_OPT_X_TLS_PEERKEY_HASH Sets the (public) key that the application expects the peer to be using. .B invalue must be .BR "const char *" containing the base64 encoding of the expected peer's key or in the format .B ":" where as a TLS session is established, the library will hash the peer's key with the provided hash algorithm and compare it with value provided and will only allow the session to continue if they match. This happens regardless of certificate checking strategy. The list of supported .B hashalg values depends on the crypto library used, check its documentation to get a list. .SH ERRORS On success, the functions return .BR LDAP_OPT_SUCCESS , while they may return .B LDAP_OPT_ERROR to indicate a generic option handling error. Occasionally, more specific errors can be returned, like .B LDAP_NO_MEMORY to indicate a failure in memory allocation. .SH NOTES The LDAP libraries with the .B LDAP_OPT_REFERRALS option set to .B LDAP_OPT_ON (default value) automatically follow referrals using an anonymous bind. Application developers are encouraged to either implement consistent referral chasing features, or explicitly disable referral chasing by setting that option to .BR LDAP_OPT_OFF . .P The protocol version used by the library defaults to LDAPv2 (now historic), which corresponds to the .B LDAP_VERSION2 macro. Application developers are encouraged to explicitly set .B LDAP_OPT_PROTOCOL_VERSION to LDAPv3, using the .B LDAP_VERSION3 macro, or to allow users to select the protocol version. .SH SEE ALSO .BR ldap (3), .BR ldap_error (3), .B RFC 4422 (http://www.rfc-editor.org), .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_result.30000644000175000017500000001024214461774414020463 0ustar sergiosergio.TH LDAP_RESULT 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_result \- Wait for the result of an LDAP operation .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B int ldap_result( LDAP *ld, int msgid, int all, struct timeval *timeout, LDAPMessage **result ); int ldap_msgfree( LDAPMessage *msg ); int ldap_msgtype( LDAPMessage *msg ); int ldap_msgid( LDAPMessage *msg ); .ft .SH DESCRIPTION The .B ldap_result() routine is used to wait for and return the result of an operation previously initiated by one of the LDAP asynchronous operation routines (e.g., .BR ldap_search_ext (3), .BR ldap_modify_ext (3), etc.). Those routines all return \-1 in case of error, and an invocation identifier upon successful initiation of the operation. The invocation identifier is picked by the library and is guaranteed to be unique across the LDAP session. It can be used to request the result of a specific operation from .B ldap_result() through the \fImsgid\fP parameter. .LP The .B ldap_result() routine will block or not, depending upon the setting of the \fItimeout\fP parameter. If timeout is not a NULL pointer, it specifies a maximum interval to wait for the selection to complete. If timeout is a NULL pointer, the LDAP_OPT_TIMEOUT value set by .BR ldap_set_option (3) is used. With the default setting, the select blocks indefinitely. To effect a poll, the timeout argument should be a non-NULL pointer, pointing to a zero-valued timeval structure. To obtain the behavior of the default setting, bypassing any value set by .BR ldap_set_option (3), set to -1 the \fItv_sec\fP field of the \fItimeout\fP parameter. See .BR select (2) for further details. .LP If the result of a specific operation is required, \fImsgid\fP should be set to the invocation identifier returned when the operation was initiated, otherwise LDAP_RES_ANY or LDAP_RES_UNSOLICITED should be supplied to wait for any or unsolicited response. .LP The \fIall\fP parameter, if non-zero, causes .B ldap_result() to return all responses with msgid, otherwise only the next response is returned. This is commonly used to obtain all the responses of a search operation. .LP A search response is made up of zero or more search entries, zero or more search references, and zero or more extended partial responses followed by a search result. If \fIall\fP is set to 0, search entries will be returned one at a time as they come in, via separate calls to .BR ldap_result() . If it's set to 1, the search response will only be returned in its entirety, i.e., after all entries, all references, all extended partial responses, and the final search result have been received. .SH RETURN VALUE Upon success, the type of the result received is returned and the \fIresult\fP parameter will contain the result of the operation; otherwise, the \fIresult\fP parameter is undefined. This result should be passed to the LDAP parsing routines, .BR ldap_first_message (3) and friends, for interpretation. .LP The possible result types returned are: .LP .nf LDAP_RES_BIND (0x61) LDAP_RES_SEARCH_ENTRY (0x64) LDAP_RES_SEARCH_REFERENCE (0x73) LDAP_RES_SEARCH_RESULT (0x65) LDAP_RES_MODIFY (0x67) LDAP_RES_ADD (0x69) LDAP_RES_DELETE (0x6b) LDAP_RES_MODDN (0x6d) LDAP_RES_COMPARE (0x6f) LDAP_RES_EXTENDED (0x78) LDAP_RES_INTERMEDIATE (0x79) .fi .LP The .B ldap_msgfree() routine is used to free the memory allocated for result(s) by .B ldap_result() or .BR ldap_search_ext_s (3) and friends. It takes a pointer to the result or result chain to be freed and returns the type of the last message in the chain. If the parameter is NULL, the function does nothing and returns zero. .LP The .B ldap_msgtype() routine returns the type of a message. .LP The .B ldap_msgid() routine returns the message id of a message. .SH ERRORS .B ldap_result() returns \-1 if something bad happens, and zero if the timeout specified was exceeded. .B ldap_msgtype() and .B ldap_msgid() return \-1 on error. .SH SEE ALSO .BR ldap (3), .BR ldap_first_message (3), .BR select (2) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_parse_result.3.links0000644000175000017500000000012514461774414022773 0ustar sergiosergioldap_parse_sasl_bind_result.3 ldap_parse_extended_result.3 ldap_parse_intermediate.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_first_entry.30000644000175000017500000000415414461774414021522 0ustar sergiosergio.TH LDAP_FIRST_ENTRY 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_first_entry, ldap_next_entry, ldap_count_entries \- LDAP result entry parsing and counting routines .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B int ldap_count_entries( LDAP *ld, LDAPMessage *result ) .LP .ft B LDAPMessage *ldap_first_entry( LDAP *ld, LDAPMessage *result ) .LP .ft B LDAPMessage *ldap_next_entry( LDAP *ld, LDAPMessage *entry ) .SH DESCRIPTION .LP These routines are used to parse results received from .BR ldap_result (3) or the synchronous LDAP search operation routines .BR ldap_search_s (3) and .BR ldap_search_st (3). .LP The .B ldap_first_entry() routine is used to retrieve the first entry in a chain of search results. It takes the \fIresult\fP as returned by a call to .BR ldap_result (3) or .BR ldap_search_s (3) or .BR ldap_search_st (3) and returns a pointer to the first entry in the result. .LP This pointer should be supplied on a subsequent call to .B ldap_next_entry() to get the next entry, the result of which should be supplied to the next call to .BR ldap_next_entry() , etc. .B ldap_next_entry() will return NULL when there are no more entries. The entries returned from these calls are used in calls to the routines described in .BR ldap_get_dn (3), .BR ldap_first_attribute (3), .BR ldap_get_values (3), etc. .LP A count of the number of entries in the search result can be obtained by calling .BR ldap_count_entries() . .SH ERRORS If an error occurs in .B ldap_first_entry() or .BR ldap_next_entry() , NULL is returned and the ld_errno field in the \fIld\fP parameter is set to indicate the error. If an error occurs in .BR ldap_count_entries() , -1 is returned, and .B ld_errno is set appropriately. See .BR ldap_error (3) for a description of possible error codes. .SH SEE ALSO .BR ldap (3), .BR ldap_result (3), .BR ldap_search (3), .BR ldap_first_attribute (3), .BR ldap_get_values (3), .BR ldap_get_dn (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_bind.30000644000175000017500000002711114461774414020064 0ustar sergiosergio.TH LDAP_BIND 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_bind, ldap_bind_s, ldap_simple_bind, ldap_simple_bind_s, ldap_sasl_bind, ldap_sasl_bind_s, ldap_sasl_interactive_bind_s, ldap_parse_sasl_bind_result, ldap_unbind, ldap_unbind_s, ldap_unbind_ext, ldap_unbind_ext_s, ldap_set_rebind_proc \- LDAP bind routines .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .B #include .LP .BI "int ldap_bind(LDAP *" ld ", const char *" who ", const char *" cred "," .RS .BI "int " method ");" .RE .LP .BI "int ldap_bind_s(LDAP *" ld ", const char *" who ", const char *" cred "," .RS .BI "int " method ");" .RE .LP .BI "int ldap_simple_bind(LDAP *" ld ", const char *" who ", const char *" passwd ");" .LP .BI "int ldap_simple_bind_s(LDAP *" ld ", const char *" who ", const char *" passwd ");" .LP .BI "int ldap_sasl_bind(LDAP *" ld ", const char *" dn ", const char *" mechanism "," .RS .BI "struct berval *" cred ", LDAPControl *" sctrls "[]," .BI "LDAPControl *" cctrls "[], int *" msgidp ");" .RE .LP .BI "int ldap_sasl_bind_s(LDAP *" ld ", const char *" dn ", const char *" mechanism "," .RS .BI "struct berval *" cred ", LDAPControl *" sctrls "[]," .BI "LDAPControl *" cctrls "[], struct berval **" servercredp ");" .RE .LP .BI "int ldap_parse_sasl_bind_result(LDAP *" ld ", LDAPMessage *" res "," .RS .BI "struct berval **" servercredp ", int " freeit ");" .RE .LP .BI "int ldap_sasl_interactive_bind_s(LDAP *" ld ", const char *" dn "," .RS .BI "const char *" mechs "," .BI "LDAPControl *" sctrls "[], LDAPControl *" cctrls "[]," .BI "unsigned " flags ", LDAP_SASL_INTERACT_PROC *" interact "," .BI "void *" defaults ");" .RE .LP .BI "int ldap_sasl_interactive_bind(LDAP *" ld ", const char *" dn "," .RS .BI "const char *" mechs "," .BI "LDAPControl *" sctrls "[], LDAPControl *" cctrls "[]," .BI "unsigned " flags ", LDAP_SASL_INTERACT_PROC *" interact "," .BI "void *" defaults ", LDAPMessage *" result "," .BI "const char **" rmechp ", int *" msgidp ");" .RE .LP .BI "int (LDAP_SASL_INTERACT_PROC)(LDAP *" ld ", unsigned " flags ", void *" defaults ", void *" sasl_interact ");" .LP .BI "int ldap_unbind(LDAP *" ld ");" .LP .BI "int ldap_unbind_s(LDAP *" ld ");" .LP .BI "int ldap_unbind_ext(LDAP *" ld ", LDAPControl *" sctrls "[]," .RS .BI "LDAPControl *" cctrls "[]);" .RE .LP .BI "int ldap_unbind_ext_s(LDAP *" ld ", LDAPControl *" sctrls "[]," .RS .BI "LDAPControl *" cctrls "[]);" .RE .LP .BI "int ldap_set_rebind_proc (LDAP *" ld ", LDAP_REBIND_PROC *" ldap_proc ", void *" params ");" .LP .BI "int (LDAP_REBIND_PROC)(LDAP *" ld ", LDAP_CONST char *" url ", ber_tag_t " request ", ber_int_t " msgid ", void *" params ");" .SH DESCRIPTION .LP These routines provide various interfaces to the LDAP bind operation. After an association with an LDAP server is made using .BR ldap_init (3), an LDAP bind operation should be performed before other operations are attempted over the connection. An LDAP bind is required when using Version 2 of the LDAP protocol; it is optional for Version 3 but is usually needed due to security considerations. .LP There are three types of bind calls, ones providing simple authentication, ones providing SASL authentication, and general routines capable of doing either simple or SASL authentication. .LP .B SASL (Simple Authentication and Security Layer) can negotiate one of many different kinds of authentication. Both synchronous and asynchronous versions of each variant of the bind call are provided. All routines take \fIld\fP as their first parameter, as returned from .BR ldap_init (3). .SH SIMPLE AUTHENTICATION The simplest form of the bind call is .BR ldap_simple_bind_s() . It takes the DN to bind as in \fIwho\fP, and the userPassword associated with the entry in \fIpasswd\fP. It returns an LDAP error indication (see .BR ldap_error (3)). The .B ldap_simple_bind() call is asynchronous, taking the same parameters but only initiating the bind operation and returning the message id of the request it sent. The result of the operation can be obtained by a subsequent call to .BR ldap_result (3). The .B ldap_sasl_bind_s() and asynchronous .B ldap_sasl_bind() functions can also be used to make a simple bind by using LDAP_SASL_SIMPLE as the SASL mechanism. .SH GENERAL AUTHENTICATION The .B ldap_bind() and .B ldap_bind_s() routines can be used when the authentication method to use needs to be selected at runtime. They both take an extra \fImethod\fP parameter selecting the authentication method to use. It should be set to LDAP_AUTH_SIMPLE to select simple authentication. .B ldap_bind() returns the message id of the request it initiates. .B ldap_bind_s() returns an LDAP error indication. .SH SASL AUTHENTICATION For SASL binds the server always ignores any provided DN, so the .I dn parameter should always be NULL. .BR ldap_sasl_bind_s () sends a single SASL bind request with the given SASL .I mechanism and credentials in the .I cred parameter. The format of the credentials depends on the particular SASL mechanism in use. For mechanisms that provide mutual authentication the server's credentials will be returned in the .I servercredp parameter. The routine returns an LDAP error indication (see .BR ldap_error (3)). The .BR ldap_sasl_bind () call is asynchronous, taking the same parameters but only sending the request and returning the message id of the request it sent. The result of the operation can be obtained by a subsequent call to .BR ldap_result (3). The result must be additionally parsed by .BR ldap_parse_sasl_bind_result () to obtain any server credentials sent from the server. Any returned server credentials should be freed using .BR ber_bvfree (). .LP Many SASL mechanisms require multiple message exchanges to perform a complete authentication. Applications should generally use .BR ldap_sasl_interactive_bind_s () rather than calling the basic .BR ldap_sasl_bind () functions directly. The .I mechs parameter should contain a space-separated list of candidate mechanisms to use. If this parameter is NULL or empty the library will query the supportedSASLMechanisms attribute from the server's rootDSE for the list of SASL mechanisms the server supports. The .I flags parameter controls the interaction used to retrieve any necessary SASL authentication parameters and should be one of: .TP LDAP_SASL_AUTOMATIC use defaults if available, prompt otherwise .TP LDAP_SASL_INTERACTIVE always prompt .TP LDAP_SASL_QUIET never prompt .LP The .I interact function uses the provided .I defaults to handle requests from the SASL library for particular authentication parameters. There is no defined format for the .I defaults information; it is up to the caller to use whatever format is appropriate for the supplied .I interact function. The .I sasl_interact parameter comes from the underlying SASL library. When used with Cyrus SASL this is an array of .B sasl_interact_t structures. The Cyrus SASL library will prompt for a variety of inputs, including: .TP SASL_CB_GETREALM the realm for the authentication attempt .TP SASL_CB_AUTHNAME the username to authenticate .TP SASL_CB_PASS the password for the provided username .TP SASL_CB_USER the username to use for proxy authorization .TP SASL_CB_NOECHOPROMPT generic prompt for input with input echoing disabled .TP SASL_CB_ECHOPROMPT generic prompt for input with input echoing enabled .TP SASL_CB_LIST_END indicates the end of the array of prompts .LP See the Cyrus SASL documentation for more details. .LP Applications which need to manage connections asynchronously may use .BR ldap_sasl_interactive_bind () instead of the synchronous version. A valid mechs parameter must be supplied, otherwise the library will be forced to query the server for a list of supported mechanisms, and this query will be performed synchronously. The other parameters are the same as for the synchronous function, with three additional parameters. The actual SASL mechanism that was used, and the message ID for use with .BR ldap_result () will be returned in rmechp and msgidp, respectively. The value in rmechp must not be modified by the caller and must be passed back on each subsequent call. The message obtained from .BR ldap_result () must be passed in the result parameter. This parameter must be NULL when initiating a new Bind. The caller must free the result message after each call using .BR ldap_msgfree (). The .BR ldap_sasl_interactive_bind () function returns an LDAP result code. If the code is LDAP_SASL_BIND_IN_PROGRESS then the Bind is not complete yet, and this function must be called again with the next result from the server. .SH REBINDING .LP The .B ldap_set_rebind_proc function() sets the process to use for binding when an operation returns a referral. This function is used when an application needs to bind to another server in order to follow a referral or search continuation reference. .LP The function takes \fIld\fP, the \fIrebind\fP function, and the \fIparams\fP, the arbitrary data like state information which the client might need to properly rebind. The LDAP_OPT_REFERRALS option in the \fIld\fP must be set to ON for the libraries to use the rebind function. Use the .BR ldap_set_option function to set the value. .LP The rebind function parameters are as follows: .LP The \fIld\fP parameter must be used by the application when binding to the referred server if the application wants the libraries to follow the referral. .LP The \fIurl\fP parameter points to the URL referral string received from the LDAP server. The LDAP application can use the .BR ldap_url_parse (3) function to parse the string into its components. .LP The \fIrequest\fP parameter specifies the type of request that generated the referral. .LP The \fImsgid\fP parameter specifies the message ID of the request generating the referral. .LP The \fIparams\fP parameter is the same value as passed originally to the .BR ldap_set_rebind_proc () function. .LP The LDAP libraries set all the parameters when they call the rebind function. The application should not attempt to free either the ld or the url structures in the rebind function. .LP The application must supply to the rebind function the required authentication information such as, user name, password, and certificates. The rebind function must use a synchronous bind method. .SH UNBINDING The .B ldap_unbind() call is used to unbind from the directory, terminate the current association, and free the resources contained in the \fIld\fP structure. Once it is called, the connection to the LDAP server is closed, and the \fIld\fP structure is invalid. The .B ldap_unbind_s() call is just another name for .BR ldap_unbind() ; both of these calls are synchronous in nature. .LP The .B ldap_unbind_ext() and .B ldap_unbind_ext_s() allows the operations to specify controls. .SH ERRORS Asynchronous routines will return \-1 in case of error, setting the \fIld_errno\fP parameter of the \fIld\fP structure. Synchronous routines return whatever \fIld_errno\fP is set to. See .BR ldap_error (3) for more information. .SH NOTES If an anonymous bind is sufficient for the application, the rebind process need not be provided. The LDAP libraries with the LDAP_OPT_REFERRALS option set to ON (default value) will automatically follow referrals using an anonymous bind. .LP If the application needs stronger authentication than an anonymous bind, you need to provide a rebind process for that authentication method. The bind method must be synchronous. .SH SEE ALSO .BR ldap (3), .BR ldap_error (3), .BR ldap_open (3), .BR ldap_set_option (3), .BR ldap_url_parse (3) .B RFC 4422 (http://www.rfc-editor.org), .B Cyrus SASL (http://asg.web.cmu.edu/sasl/) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_compare.3.links0000644000175000017500000000007114461774414021711 0ustar sergiosergioldap_compare_s.3 ldap_compare_ext.3 ldap_compare_ext_s.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_controls.30000644000175000017500000000527714461774414021024 0ustar sergiosergio.TH LDAP_CONTROLS 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_control_create, ldap_control_find, ldap_control_dup, ldap_controls_dup, ldap_control_free, ldap_controls_free \- LDAP control manipulation routines .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .B #include .LP .BI "int ldap_control_create(const char *" oid ", int " iscritical ", struct berval *" value ", int " dupval ", LDAPControl **" ctrlp ");" .LP .BI "LDAPControl *ldap_control_find( const char *" oid ", LDAPControl **" ctrls ", LDAPControl ***" nextctrlp ");" .LP .BI "LDAPControl *ldap_control_dup(LDAPControl *" ctrl ");" .LP .BI "LDAPControl **ldap_controls_dup(LDAPControl **" ctrls ");" .LP .BI "void ldap_control_free(LDAPControl *" ctrl ");" .LP .BI "void ldap_controls_free(LDAPControl **" ctrls ");" .SH DESCRIPTION These routines are used to manipulate structures used for LDAP controls. .BR ldap_control_create () creates a control with the specified .I OID using the contents of the .I value parameter for the control value, if any. The content of .I value is duplicated if .I dupval is non-zero. The .I iscritical parameter must be non-zero for a critical control. The created control is returned in the .I ctrlp parameter. The routine returns .B LDAP_SUCCESS on success or some other error code on failure. The content of .IR value , for supported control types, can be prepared using helpers provided by this implementation of libldap, usually in the form .BR "ldap_create__control_value" (). Otherwise, it can be BER-encoded using the functionalities of liblber. .BR ldap_control_find () searches the NULL-terminated .I ctrls array for a control whose OID matches the .I oid parameter. The routine returns a pointer to the control if found, NULL otherwise. If the parameter .I nextctrlp is not NULL, on return it will point to the next control in the array, and can be passed to the .BR ldap_control_find () routine for subsequent calls, to find further occurrences of the same control type. The use of this function is discouraged; the recommended way of handling controls in responses consists in going through the array of controls, dealing with each of them in the returned order, since it could matter. .BR ldap_control_dup () duplicates an individual control structure, and .BR ldap_controls_dup () duplicates a NULL-terminated array of controls. .BR ldap_control_free () frees an individual control structure, and .BR ldap_controls_free () frees a NULL-terminated array of controls. .SH SEE ALSO .BR ldap (3), .BR ldap_error (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_parse_sort_control.30000644000175000017500000000262514461774414023074 0ustar sergiosergio.TH LDAP_PARSE_SORT-CONTROL 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_parse_sort_control \- Decode the information returned from a search operation that used a server-side sort control .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B int ldap_parse_sort_control(ld, ctrls, returnCode, attribute) .ft LDAP *ld; LDAPControl **ctrls; unsigned long *returnCode; char **attribute; .SH DESCRIPTION This function is used to parse the results returned in a search operation that uses a server-side sort control. .LP It takes a null terminated array of LDAPControl structures usually obtained by a call to the .BR ldap_parse_result function. A returncode which points to the sort control result code,and an array of LDAPControl structures that list the client controls to use with the search. The function also takes an out parameter \fIattribute\fP and if the sort operation fails, the server may return a string that indicates the first attribute in the sortKey list that caused the failure. If this parameter is NULL, no string is returned. If a string is returned, the memory should be freed by calling the ldap_memfree function. .SH NOTES .SH SEE ALSO .BR ldap_result (3), .BR ldap_controls_free (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_result.3.links0000644000175000017500000000005314461774414021601 0ustar sergiosergioldap_msgfree.3 ldap_msgtype.3 ldap_msgid.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_parse_result.30000644000175000017500000000776514461774414021675 0ustar sergiosergio.TH LDAP_PARSE_RESULT 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_parse_result \- Parsing results .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B int ldap_parse_result( LDAP *ld, LDAPMessage *result, int *errcodep, char **matcheddnp, char **errmsgp, char ***referralsp, LDAPControl ***serverctrlsp, int freeit ) .LP .ft B int ldap_parse_sasl_bind_result( LDAP *ld, LDAPMessage *result, struct berval **servercredp, int freeit ) .LP .ft B int ldap_parse_extended_result( LDAP *ld, LDAPMessage *result, char **retoidp, struct berval **retdatap, int freeit ) .LP .ft B int ldap_parse_intermediate( LDAP *ld, LDAPMessage *result, char **retoidp, struct berval **retdatap, LDAPControl ***serverctrlsp, int freeit ) .SH DESCRIPTION .LP These routines are used to extract information from a result message. They will operate on the first result message in a chain of search results (skipping past other message types). They take the \fIresult\fP as returned by a call to .BR ldap_result (3), .BR ldap_search_s (3) or .BR ldap_search_st (3). In addition to .BR ldap_parse_result() , the routines .B ldap_parse_sasl_bind_result() and .B ldap_parse_extended_result() are used to get all the result information from SASL bind and extended operations. To extract information from intermediate responses, .B ldap_parse_intermediate() can be used. .LP The \fIerrcodep\fP parameter will be filled in with the result code from the result message. .LP The server might supply a matched DN string in the message indicating how much of a name in a request was recognized. The \fImatcheddnp\fP parameter will be filled in with this string if supplied, else it will be NULL. If a string is returned, it should be freed using .BR ldap_memfree (3). .LP The \fIerrmsgp\fP parameter will be filled in with the error message field from the parsed message. This string should be freed using .BR ldap_memfree (3). .LP The \fIreferralsp\fP parameter will be filled in with an allocated array of referral strings from the parsed message. This array should be freed using .BR ldap_memvfree (3). If no referrals were returned, \fI*referralsp\fP is set to NULL. .LP The \fIserverctrlsp\fP parameter will be filled in with an allocated array of controls copied from the parsed message. The array should be freed using .BR ldap_controls_free (3). If no controls were returned, \fI*serverctrlsp\fP is set to NULL. .LP The \fIfreeit\fP parameter determines whether the parsed message is freed or not after the extraction. Any non-zero value will make it free the message. The .BR ldap_msgfree (3) routine can also be used to free the message later. .LP For SASL bind results, the \fIservercredp\fP parameter will be filled in with an allocated berval structure containing the credentials from the server if present. The structure should be freed using .BR ber_bvfree (3). .LP For extended results and intermediate responses, the \fIretoidp\fP parameter will be filled in with the dotted-OID text representation of the name of the extended operation response. The string should be freed using .BR ldap_memfree (3). If no OID was returned, \fI*retoidp\fP is set to NULL. .LP For extended results and intermediate responses, the \fIretdatap\fP parameter will be filled in with a pointer to a berval structure containing the data from the extended operation response. The structure should be freed using .BR ber_bvfree (3). If no data were returned, \fI*retdatap\fP is set to NULL. .LP For all the above result parameters, NULL values can be used in calls in order to ignore certain fields. .SH ERRORS Upon success LDAP_SUCCESS is returned. Otherwise the values of the result parameters are undefined. .SH SEE ALSO .BR ldap (3), .BR ldap_result (3), .BR ldap_search (3), .BR ldap_memfree (3), .BR ldap_memvfree (3), .BR ldap_get_values (3), .BR ldap_controls_free (3), .BR lber-types (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_first_attribute.30000644000175000017500000000561414461774414022366 0ustar sergiosergio.TH LDAP_FIRST_ATTRIBUTE 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_first_attribute, ldap_next_attribute \- step through LDAP entry attributes .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B char *ldap_first_attribute( LDAP *ld, LDAPMessage *entry, BerElement **berptr ) .LP .ft B char *ldap_next_attribute( LDAP *ld, LDAPMessage *entry, BerElement *ber ) .LP .ft B int ldap_get_attribute_ber( LDAP *ld, LDAPMessage *entry, BerElement *ber, BerValue *attr, BerVarray *vals ) .SH DESCRIPTION The .BR ldap_first_attribute() , .B ldap_next_attribute() and .B ldap_get_attribute_ber() routines are used to step through the attributes in an LDAP entry. .B ldap_first_attribute() takes an \fIentry\fP as returned by .BR ldap_first_entry (3) or .BR ldap_next_entry (3) and returns a pointer to character string containing the first attribute description in the entry. .B ldap_next_attribute() returns the next attribute description in the entry. .LP It also returns, in \fIberptr\fP, a pointer to a BerElement it has allocated to keep track of its current position. This pointer should be passed to subsequent calls to .B ldap_next_attribute() and is used to effectively step through the entry's attributes. The caller is solely responsible for freeing the BerElement pointed to by \fIberptr\fP when it is no longer needed by calling .BR ber_free (3). When calling .BR ber_free (3) in this instance, be sure the second argument is 0. .LP The attribute names returned are suitable for inclusion in a call to .BR ldap_get_values (3) to retrieve the attribute's values. .LP The .B ldap_get_attribute_ber() routine allows one to iterate over all attributes in-place, without allocating memory to hold text for the attribute name or its values, if requested. The use case is similar to .B ldap_next_attribute() except that the attribute name is returned into \fIattr\fP and, if \fIvals\fP is non-NULL, the list of values is stored there. Both point into the LDAP message and remain valid only while the entry is valid. The caller is still responsible for freeing \fIvals\fP with .BR ldap_memfree (3), if used. .SH ERRORS If an error occurs, NULL is returned and the ld_errno field in the \fIld\fP parameter is set to indicate the error. See .BR ldap_error (3) for a description of possible error codes. .SH NOTES The .B ldap_first_attribute() and .B ldap_next_attribute() return dynamically allocated memory that must be freed by the caller via .BR ldap_memfree (3). For .BR ldap_get_attribute_ber() , only the actual \fIvals\fP pointer needs to be freed with .BR ldap_memfree (3), other data is accounted for as part of \fIber\fP. .SH SEE ALSO .BR ldap (3), .BR ldap_first_entry (3), .BR ldap_get_values (3), .BR ldap_error (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/lber-encode.3.links0000644000175000017500000000024214461774414021442 0ustar sergiosergiober_alloc_t.3 ber_flush.3 ber_printf.3 ber_put_int.3 ber_put_ostring.3 ber_put_string.3 ber_put_null.3 ber_put_enum.3 ber_start_set.3 ber_put_seq.3 ber_put_set.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_delete.30000644000175000017500000000437114461774414020415 0ustar sergiosergio.TH LDAP_DELETE 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_delete, ldap_delete_s, ldap_delete_ext, ldap_delete_ext_s \- Perform an LDAP delete operation. .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B int ldap_delete_s(ld, dn) .ft LDAP *ld; char *dn; .LP .ft B int ldap_delete(ld, dn) .ft LDAP *ld; char *dn; .LP .ft B int ldap_delete_ext(ld, dn, serverctrls, clientctrls, msgidp) .ft LDAP *ld; char *dn; LDAPControl **serverctrls, **clientctrls; int *msgidp; .LP .ft B int ldap_delete_ext_s(ld, dn, serverctrls, clientctrls) .ft LDAP *ld; char *dn; LDAPControl **serverctrls, **clientctrls; .SH DESCRIPTION The .B ldap_delete_s() routine is used to perform an LDAP delete operation synchronously. It takes \fIdn\fP, the DN of the entry to be deleted. It returns an LDAP error code, indicating the success or failure of the operation. .LP The .B ldap_delete() routine is used to perform an LDAP delete operation asynchronously. It takes the same parameters as .BR ldap_delete_s(), but returns the message id of the request it initiated. The result of the delete can be obtained by a subsequent call to .BR ldap_result (3). .LP The .B ldap_delete_ext() routine allows server and client controls to be specified to extend the delete request. This routine is asynchronous like ldap_delete(), but its return value is an LDAP error code. It stores the message id of the request in the integer pointed to by msgidp. .LP The .B ldap_delete_ext_s() routine is the synchronous version of .BR ldap_delete_ext(). It also returns an LDAP error code indicating success or failure of the operation. .SH ERRORS .B ldap_delete_s() returns an LDAP error code which can be interpreted by calling one of .BR ldap_perror (3) and friends. .B ldap_delete() returns \-1 if something went wrong initiating the request. It returns the non-negative message id of the request if things went ok. .LP .B ldap_delete_ext() and .B ldap_delete_ext_s() return some Non-zero value if something went wrong initiating the request, else return 0. .SH SEE ALSO .BR ldap (3), .BR ldap_error (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_delete.3.links0000644000175000017500000000006614461774414021531 0ustar sergiosergioldap_delete_s.3 ldap_delete_ext.3 ldap_delete_ext_s.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_bind.3.links0000644000175000017500000000026514461774414021204 0ustar sergiosergioldap_bind_s.3 ldap_simple_bind.3 ldap_simple_bind_s.3 ldap_sasl_bind.3 ldap_sasl_bind_s.3 ldap_unbind.3 ldap_unbind_ext.3 ldap_unbind_s.3 ldap_unbind_ext_s.3 ldap_set_rebind_proc.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_modrdn.3.links0000644000175000017500000000006014461774414021544 0ustar sergiosergioldap_modrdn_s.3 ldap_modrdn2.3 ldap_modrdn2_s.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_error.3.links0000644000175000017500000000011614461774414021414 0ustar sergiosergioldap_perror.3 ld_errno.3 ldap_result2error.3 ldap_errlist.3 ldap_err2string.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_open.3.links0000644000175000017500000000010514461774414021222 0ustar sergiosergioldap_init.3 ldap_initialize.3 ldap_set_urllist_proc.3 ldap_init_fd.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_modify.30000644000175000017500000000720314461774414020437 0ustar sergiosergio.TH LDAP_MODIFY 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_modify_ext, ldap_modify_ext_s \- Perform an LDAP modify operation .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B int ldap_modify_ext( .RS .ft B LDAP *\fIld\fB, char *\fIdn\fB, LDAPMod *\fImods[]\fB, LDAPControl **\fIsctrls\fB, LDAPControl **\fIcctrls\fB, int *\fImsgidp\fB ); .RE .LP .nf .ft B int ldap_modify_ext_s( .RS .ft B LDAP *\fIld\fB, char *\fIdn\fB, LDAPMod *\fImods[]\fB, LDAPControl **\fIsctrls\fB, LDAPControl **\fIcctrls\fB ); .RE .LP .nf .ft B void ldap_mods_free( .RS .ft B LDAPMod **\fImods\fB, int \fIfreemods\fB ); .RE .SH DESCRIPTION The routine .B ldap_modify_ext_s() is used to perform an LDAP modify operation. \fIdn\fP is the DN of the entry to modify, and \fImods\fP is a null-terminated array of modifications to make to the entry. Each element of the \fImods\fP array is a pointer to an LDAPMod structure, which is defined below. .LP .nf typedef struct ldapmod { int mod_op; char *mod_type; union { char **modv_strvals; struct berval **modv_bvals; } mod_vals; } LDAPMod; #define mod_values mod_vals.modv_strvals #define mod_bvalues mod_vals.modv_bvals .ft .fi .LP The \fImod_op\fP field is used to specify the type of modification to perform and should be one of LDAP_MOD_ADD, LDAP_MOD_DELETE, or LDAP_MOD_REPLACE. The \fImod_type\fP and \fImod_values\fP fields specify the attribute type to modify and a null-terminated array of values to add, delete, or replace respectively. .LP If you need to specify a non-string value (e.g., to add a photo or audio attribute value), you should set \fImod_op\fP to the logical OR of the operation as above (e.g., LDAP_MOD_REPLACE) and the constant LDAP_MOD_BVALUES. In this case, \fImod_bvalues\fP should be used instead of \fImod_values\fP, and it should point to a null-terminated array of struct bervals, as defined in . .LP For LDAP_MOD_ADD modifications, the given values are added to the entry, creating the attribute if necessary. For LDAP_MOD_DELETE modifications, the given values are deleted from the entry, removing the attribute if no values remain. If the entire attribute is to be deleted, the \fImod_values\fP field should be set to NULL. For LDAP_MOD_REPLACE modifications, the attribute will have the listed values after the modification, having been created if necessary. All modifications are performed in the order in which they are listed. .LP .B ldap_mods_free() can be used to free each element of a NULL-terminated array of mod structures. If \fIfreemods\fP is non-zero, the \fImods\fP pointer itself is freed as well. .LP .B ldap_modify_ext_s() returns a code indicating success or, in the case of failure, indicating the nature of the failure. See .BR ldap_error (3) for details .LP The .B ldap_modify_ext() operation works the same way as .BR ldap_modify_ext_s() , except that it is asynchronous. The integer that \fImsgidp\fP points to is set to the message id of the modify request. The result of the operation can be obtained by calling .BR ldap_result (3). .LP Both .B ldap_modify_ext() and .B ldap_modify_ext_s() allows server and client controls to be passed in via the sctrls and cctrls parameters, respectively. .SH DEPRECATED INTERFACES The .B ldap_modify() and .B ldap_modify_s() routines are deprecated in favor of the .B ldap_modify_ext() and .B ldap_modify_ext_s() routines, respectively. .LP .so Deprecated .SH SEE ALSO .BR ldap (3), .BR ldap_error (3), .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_tls.30000644000175000017500000000264114461774414017753 0ustar sergiosergio.TH LDAP_TLS 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_start_tls, ldap_start_tls_s, ldap_tls_inplace, ldap_install_tls \- LDAP TLS initialization routines .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .B #include .LP .BI "int ldap_start_tls(LDAP *" ld ");" .LP .BI "int ldap_start_tls_s(LDAP *" ld ", LDAPControl **" serverctrls ", LDAPControl **" clientctrls ");" .LP .BI "int ldap_tls_inplace(LDAP *" ld ");" .LP .BI "int ldap_install_tls(LDAP *" ld ");" .SH DESCRIPTION These routines are used to initiate TLS processing on an LDAP session. .BR ldap_start_tls_s () sends a StartTLS request to a server, waits for the reply, and then installs TLS handlers on the session if the request succeeded. The routine returns .B LDAP_SUCCESS if everything succeeded, otherwise it returns an LDAP error code. .BR ldap_start_tls () sends a StartTLS request to a server and does nothing else. It returns .B LDAP_SUCCESS if the request was sent successfully. .BR ldap_tls_inplace () returns 1 if TLS handlers have been installed on the specified session, 0 otherwise. .BR ldap_install_tls () installs the TLS handlers on the given session. It returns .B LDAP_LOCAL_ERROR if TLS is already installed. .SH SEE ALSO .BR ldap (3), .BR ldap_error (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_schema.3.links0000644000175000017500000000060214461774414021523 0ustar sergiosergioldap_str2syntax.3 ldap_syntax2str.3 ldap_syntax2name.3 ldap_syntax_free.3 ldap_str2matchingrule.3 ldap_matchingrule2str.3 ldap_matchingrule2name.3 ldap_matchingrule_free.3 ldap_str2attributetype.3 ldap_attributetype2str.3 ldap_attributetype2name.3 ldap_attributetype_free.3 ldap_str2objectclass.3 ldap_objectclass2str.3 ldap_objectclass2name.3 ldap_objectclass_free.3 ldap_scherr2str.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_first_entry.3.links0000644000175000017500000000004714461774414022636 0ustar sergiosergioldap_next_entry.3 ldap_count_entries.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_get_option.3.links0000644000175000017500000000002214461774414022426 0ustar sergiosergioldap_set_option.3 openldap-2.5.16+dfsg/doc/man/man3/Deprecated0000644000175000017500000000067214461774414020052 0ustar sergiosergioDeprecated interfaces generally remain in the library. The macro LDAP_DEPRECATED can be defined to a non-zero value (e.g., -DLDAP_DEPRECATED=1) when compiling program designed to use deprecated interfaces. It is recommended that developers writing new programs, or updating old programs, avoid use of deprecated interfaces. Over time, it is expected that documentation (and, eventually, support) for deprecated interfaces to be eliminated. openldap-2.5.16+dfsg/doc/man/man3/ldap_extended_operation.30000644000175000017500000000435014461774414023030 0ustar sergiosergio.TH LDAP_EXTENDED_OPERATION 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_extended_operation, ldap_extended_operation_s \- Extends the LDAP operations to the LDAP server. .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B int ldap_extended_operation( .RS .ft B LDAP *\fIld\fB, const char *\fIrequestoid\fB, const struct berval *\fIrequestdata\fB, LDAPControl **\fIsctrls\fB, LDAPControl **\fIcctrls\fB, int *\fImsgidp\fB ); .RE .LP .ft B int ldap_extended_operation_s( .RS .ft B LDAP *\fIld\fB, const char *\fIrequestoid\fB, const struct berval *\fIrequestdata\fB, LDAPControl **\fIsctrls\fB, LDAPControl **\fIcctrls\fB, char **\fIretoidp\fB, struct berval **\fIretdatap\fB ); .RE .SH DESCRIPTION The .B ldap_extended_operation_s() routine is used to synchronously perform an LDAP extended operation. It takes \fIrequestoid\fP, which points to a dotted-decimal OID string identifying the extended operation to perform. \fIrequestdata\fP is the data required for the request, \fIsctrls\fP is an array of LDAPControl structures to use with this extended operation, \fIcctrls\fP is an array of LDAPControl structures that list the client controls to use with this extended operation. .LP The output parameter \fIretoidp\fP points to a dotted-decimal OID string returned by the LDAP server. The memory used by the string should be freed with the .BR ldap_memfree (3) function. The output parameter \fIretdatap\fP points to a pointer to a berval structure that contains the returned data. If no data is returned by the server, the pointer is set this to NULL. The memory used by this structure should be freed with the .BR ber_bvfree (3) function. .LP The .B ldap_extended_operation() works just like .BR ldap_extended_operation_s() , but the operation is asynchronous. It provides the message id of the request it initiated in the integer pointed to be \fImsgidp\fP. The result of this operation can be obtained by calling .BR ldap_result(3). .SH SEE ALSO .BR ber_bvfree (3), .BR ldap_memfree (3), .BR ldap_parse_extended_result (3), .BR ldap_result (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_parse_vlv_control.30000644000175000017500000000405414461774414022712 0ustar sergiosergio.TH LDAP_PARSE_VLV_CONTROL 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_parse_vlv_control \- Decode the information returned from a search operation that used a VLV (virtual list view) control .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B int ldap_parse_vlv_control( ld, ctrlp, target_posp, list_countp, contextp, errcodep ) .ft LDAP *ld; LDAPControl **ctrlp; unsigned long *target_posp, *list_countp; struct berval **contextp; int *errcodep; .SH DESCRIPTION The .B ldap_parse_vlv_control is used to decode the information returned from a search operation that used a VLV (virtual list view)control. It takes a null terminated array of LDAPControl structures, usually obtained by a call to the .BR ldap_parse_result function, a \fItarget_pos\fP which points to the list index of the target entry. If this parameter is NULL, the target position is not returned. The index returned is an approximation of the position of the target entry. It is not guaranteed to be exact. The parameter \fIlist_countp\fP points to the server's estimate of the size of the list. If this parameter is NULL, the size is not returned. \fIcontextp\fP is a pointer to the address of a berval structure that contains a server-generated context identifier if server returns one. If server does not return a context identifier, the server returns a NULL in this parameter. If this parameter is set to NULL, the context identifier is not returned. You should use this returned context in the next call to create a VLV control. When the berval structure is no longer needed, you should free the memory by calling the \fIber_bvfree function.e\fP \fIerrcodep\fP is an output parameter, which points to the result code returned by the server. If this parameter is NULL, the result code is not returned. .LP See ldap.h for a list of possible return codes. .SH SEE ALSO .BR ldap_search (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_search.30000644000175000017500000001065214461774414020417 0ustar sergiosergio.TH LDAP_SEARCH 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_search, ldap_search_s, ldap_search_st, ldap_search_ext, ldap_search_ext_s \- Perform an LDAP search operation .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include #include .LP .ft B int ldap_search_ext( .RS LDAP *\fIld\fB, char *\fIbase\fB, int \fIscope\fB, char *\fIfilter\fB, char *\fIattrs\fB[], int \fIattrsonly\fB, LDAPControl **\fIserverctrls\fB, LDAPControl **\fIclientctrls\fB, struct timeval *\fItimeout\fB, int \fIsizelimit\fB, int *\fImsgidp\fB ); .RE .LP .ft B int ldap_search_ext_s( .RS LDAP *\fIld\fB, char *\fIbase\fB, int \fIscope\fB, char *\fIfilter\fB, char *\fIattrs\fB[], int \fIattrsonly\fB, LDAPControl **\fIserverctrls\fB, LDAPControl **\fIclientctrls\fB, struct timeval *\fItimeout\fB, int \fIsizelimit\fB, LDAPMessage **\fIres\fB ); .RE .SH DESCRIPTION These routines are used to perform LDAP search operations. The .B ldap_search_ext_s() routine does the search synchronously (i.e., not returning until the operation completes), providing a pointer to the resulting LDAP messages at the location pointed to by the \fIres\fP parameter. .LP The .B ldap_search_ext() routine is the asynchronous version, initiating the search and returning the message id of the operation it initiated in the integer pointed to by the \fImsgidp\fP parameter. .LP The \fIbase\fP parameter is the DN of the entry at which to start the search. .LP The \fIscope\fP parameter is the scope of the search and should be one of LDAP_SCOPE_BASE, to search the object itself, LDAP_SCOPE_ONELEVEL, to search the object's immediate children, LDAP_SCOPE_SUBTREE, to search the object and all its descendants, or LDAP_SCOPE_CHILDREN, to search all of the descendants. Note that the latter requires the server support the LDAP Subordinates Search Scope extension. .LP The \fIfilter\fP is a string representation of the filter to apply in the search. The string should conform to the format specified in RFC 4515 as extended by RFC 4526. For instance, "(cn=Jane Doe)". Note that use of the extension requires the server to support the LDAP Absolute True/False Filter extension. NULL may be specified to indicate the library should send the filter (objectClass=*). .LP The \fIattrs\fP parameter is a null-terminated array of attribute descriptions to return from matching entries. If NULL is specified, the return of all user attributes is requested. The description "*" (LDAP_ALL_USER_ATTRIBUTES) may be used to request all user attributes to be returned. The description "+"(LDAP_ALL_OPERATIONAL_ATTRIBUTES) may be used to request all operational attributes to be returned. Note that this requires the server to support the LDAP All Operational Attribute extension. To request no attributes, the description "1.1" (LDAP_NO_ATTRS) should be listed by itself. .LP The \fIattrsonly\fP parameter should be set to a non-zero value if only attribute descriptions are wanted. It should be set to zero (0) if both attributes descriptions and attribute values are wanted. .LP The \fIserverctrls\fP and \fIclientctrls\fP parameters may be used to specify server and client controls, respectively. .LP The .B ldap_search_ext_s() routine is the synchronous version of .BR ldap_search_ext(). .LP It also returns a code indicating success or, in the case of failure, indicating the nature of the failure of the operation. See .BR ldap_error (3) for details. .SH NOTES Note that both read and list functionality are subsumed by these routines, by using a filter like "(objectclass=*)" and a scope of LDAP_SCOPE_BASE (to emulate read) or LDAP_SCOPE_ONELEVEL (to emulate list). .LP These routines may dynamically allocate memory. The caller is responsible for freeing such memory using supplied deallocation routines. Return values are contained in . .LP Note that \fIres\fR parameter of .B ldap_search_ext_s() and .B ldap_search_s() should be freed with .B ldap_msgfree() regardless of return value of these functions. .SH DEPRECATED INTERFACES The .B ldap_search() routine is deprecated in favor of the .B ldap_search_ext() routine. The .B ldap_search_s() and .B ldap_search_st() routines are deprecated in favor of the .B ldap_search_ext_s() routine. .LP .so Deprecated .SH SEE ALSO .BR ldap (3), .BR ldap_result (3), .BR ldap_error (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap.30000644000175000017500000002020714461774414017067 0ustar sergiosergio.TH LDAP 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap \- OpenLDAP Lightweight Directory Access Protocol API .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .ft .fi .SH DESCRIPTION .LP The Lightweight Directory Access Protocol (LDAP) (RFC 4510) provides access to X.500 directory services. These services may be stand\-alone or part of a distributed directory service. This client API supports LDAP over TCP (RFC 4511), LDAP over TLS/SSL, and LDAP over IPC (UNIX domain sockets). This API supports SASL (RFC 4513) and Start TLS (RFC 4513) as well as a number of protocol extensions. This API is loosely based upon IETF/LDAPEXT C LDAP API draft specification, a (orphaned) work in progress. .LP The OpenLDAP Software package includes a stand\-alone server in .BR slapd (8), various LDAP clients, and an LDAP client library used to provide programmatic access to the LDAP protocol. This man page gives an overview of the LDAP library routines. .LP Both synchronous and asynchronous APIs are provided. Also included are various routines to parse the results returned from these routines. These routines are found in the \-lldap library. .LP The basic interaction is as follows. A session handle is created using .BR ldap_initialize (3) and set the protocol version to 3 by calling .BR ldap_set_option (3). The underlying session is established first operation is issued. This would generally be a Start TLS or Bind operation, or a Search operation to read attributes of the Root DSE. A Start TLS operation is performed by calling .BR ldap_start_tls_s (3). A LDAP bind operation is performed by calling .BR ldap_sasl_bind (3) or one of its friends. A Search operation is performed by calling ldap_search_ext_s(3) or one of its friends. Subsequently, additional operations are performed by calling one of the synchronous or asynchronous routines (e.g., .BR ldap_compare_ext_s (3) or .BR ldap_compare_ext (3) followed by .BR ldap_result (3)). Results returned from these routines are interpreted by calling the LDAP parsing routines such as .BR ldap_parse_result (3). The LDAP association and underlying connection is terminated by calling .BR ldap_unbind_ext (3). Errors can be interpreted by calling .BR ldap_err2string (3). .SH LDAP versions This library supports version 3 of the Lightweight Directory Access Protocol (LDAPv3) as defined in RFC 4510. It also supports a variant of version 2 of LDAP as defined by U-Mich LDAP and, to some degree, RFC 1777. Version 2 (all variants) are considered obsolete. Version 3 should be used instead. .LP For backwards compatibility reasons, the library defaults to version 2. Hence, all new applications (and all actively maintained applications) should use .BR ldap_set_option (3) to select version 3. The library manual pages assume version 3 has been selected. .SH INPUT and OUTPUT PARAMETERS All character string input/output is expected to be/is UTF-8 encoded Unicode (version 3.2). .LP Distinguished names (DN) (and relative distinguished names (RDN) to be passed to the LDAP routines should conform to RFC 4514 UTF-8 string representation. .LP Search filters to be passed to the search routines are to be constructed by hand and should conform to RFC 4515 UTF-8 string representation. .LP LDAP URLs to be passed to routines are expected to conform to RFC 4516 format. The .BR ldap_url (3) routines can be used to work with LDAP URLs. .LP LDAP controls to be passed to routines can be manipulated using the .BR ldap_controls (3) routines. .SH DISPLAYING RESULTS Results obtained from the search routines can be output by hand, by calling .BR ldap_first_entry (3) and .BR ldap_next_entry (3) to step through the entries returned, .BR ldap_first_attribute (3) and .BR ldap_next_attribute (3) to step through an entry's attributes, and .BR ldap_get_values (3) to retrieve a given attribute's values. Attribute values may or may not be displayable. .SH UTILITY ROUTINES Also provided are various utility routines. The .BR ldap_sort (3) routines are used to sort the entries and values returned via the ldap search routines. .SH DEPRECATED INTERFACES A number of interfaces are now considered deprecated. For instance, ldap_add(3) is deprecated in favor of ldap_add_ext(3). .so Deprecated .SH BER LIBRARY Also included in the distribution is a set of lightweight Basic Encoding Rules routines. These routines are used by the LDAP library routines to encode and decode LDAP protocol elements using the (slightly simplified) Basic Encoding Rules defined by LDAP. They are not normally used directly by an LDAP application program except in the handling of controls and extended operations. The routines provide a printf and scanf\-like interface, as well as lower\-level access. These routines are discussed in .BR lber\-decode (3), .BR lber\-encode (3), .BR lber\-memory (3), and .BR lber\-types (3). .SH INDEX .TP 20 .SM ldap_initialize(3) initialize the LDAP library without opening a connection to a server .TP .SM ldap_result(3) wait for the result from an asynchronous operation .TP .SM ldap_abandon_ext(3) abandon (abort) an asynchronous operation .TP .SM ldap_add_ext(3) asynchronously add an entry .TP .SM ldap_add_ext_s(3) synchronously add an entry .TP .SM ldap_sasl_bind(3) asynchronously bind to the directory .TP .SM ldap_sasl_bind_s(3) synchronously bind to the directory .TP .SM ldap_unbind_ext(3) synchronously unbind from the LDAP server and close the connection .TP .SM ldap_unbind(3) and ldap_unbind_s(3) are equivalent to .BR ldap_unbind_ext (3) .TP .SM ldap_memfree(3) dispose of memory allocated by LDAP routines. .TP .SM ldap_compare_ext(3) asynchronously compare to a directory entry .TP .SM ldap_compare_ext_s(3) synchronously compare to a directory entry .TP .SM ldap_delete_ext(3) asynchronously delete an entry .TP .SM ldap_delete_ext_s(3) synchronously delete an entry .TP .SM ld_errno(3) LDAP error indication .TP .SM ldap_errlist(3) list of LDAP errors and their meanings .TP .SM ldap_err2string(3) convert LDAP error indication to a string .TP .SM ldap_extended_operation(3) asynchronously perform an arbitrary extended operation .TP .SM ldap_extended_operation_s(3) synchronously perform an arbitrary extended operation .TP .SM ldap_first_attribute(3) return first attribute name in an entry .TP .SM ldap_next_attribute(3) return next attribute name in an entry .TP .SM ldap_first_entry(3) return first entry in a chain of search results .TP .SM ldap_next_entry(3) return next entry in a chain of search results .TP .SM ldap_count_entries(3) return number of entries in a search result .TP .SM ldap_get_dn(3) extract the DN from an entry .TP .SM ldap_get_values_len(3) return an attribute's values with lengths .TP .SM ldap_value_free_len(3) free memory allocated by ldap_get_values_len(3) .TP .SM ldap_count_values_len(3) return number of values .TP .SM ldap_modify_ext(3) asynchronously modify an entry .TP .SM ldap_modify_ext_s(3) synchronously modify an entry .TP .SM ldap_mods_free(3) free array of pointers to mod structures used by ldap_modify_ext(3) .TP .SM ldap_rename(3) asynchronously rename an entry .TP .SM ldap_rename_s(3) synchronously rename an entry .TP .SM ldap_msgfree(3) free results allocated by ldap_result(3) .TP .SM ldap_msgtype(3) return the message type of a message from ldap_result(3) .TP .SM ldap_msgid(3) return the message id of a message from ldap_result(3) .TP .SM ldap_search_ext(3) asynchronously search the directory .TP .SM ldap_search_ext_s(3) synchronously search the directory .TP .SM ldap_is_ldap_url(3) check a URL string to see if it is an LDAP URL .TP .SM ldap_url_parse(3) break up an LDAP URL string into its components .TP .SM ldap_sort_entries(3) sort a list of search results .TP .SM ldap_sort_values(3) sort a list of attribute values .TP .SM ldap_sort_strcasecmp(3) case insensitive string comparison .SH SEE ALSO .BR ldap.conf (5), .BR slapd (8), .BR draft-ietf-ldapext-ldap-c-api-xx.txt \ .SH ACKNOWLEDGEMENTS .so ../Project .LP These API manual pages are loosely based upon descriptions provided in the IETF/LDAPEXT C LDAP API Internet Draft, a (orphaned) work in progress. openldap-2.5.16+dfsg/doc/man/man3/ldap_rename.30000644000175000017500000000461314461774414020421 0ustar sergiosergio.TH LDAP_RENAME 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_rename, ldap_rename_s \- Renames the specified entry. .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B int ldap_rename( ld, dn, newrdn, newparent, deleteoldrdn, sctrls[], cctrls[], msgidp ); .ft LDAP *ld; const char *dn, *newrdn, *newparent; int deleteoldrdn; LDAPControl *sctrls[], *cctrls[]; int *msgidp); .LP .ft B int ldap_rename_s( ld, dn, newrdn, newparent, deleteoldrdn, sctrls[], cctrls[] ); .ft LDAP *ld; const char *dn, *newrdn, *newparent; int deleteoldrdn; LDAPControl *sctrls[], *cctrls[]; .SH DESCRIPTION These routines are used to perform a LDAP rename operation. The function changes the leaf component of an entry's distinguished name and optionally moves the entry to a new parent container. The .B ldap_rename_s performs a rename operation synchronously. The method takes \fIdn\fP, which points to the distinguished name of the entry whose attribute is being compared, \fInewparent\fP,the distinguished name of the entry's new parent. If this parameter is NULL, only the RDN is changed. The root DN is specified by passing a zero length string, "". \fIdeleteoldrdn\fP specifies whether the old RDN should be retained or deleted. Zero indicates that the old RDN should be retained. If you choose this option, the attribute will contain both names (the old and the new). Non-zero indicates that the old RDN should be deleted. \fIserverctrls\fP points to an array of LDAPControl structures that list the client controls to use with this extended operation. Use NULL to specify no client controls. \fIclientctrls\fP points to an array of LDAPControl structures that list the client controls to use with the search. .LP .B ldap_rename works just like .B ldap_rename_s, but the operation is asynchronous. It returns the message id of the request it initiated. The result of this operation can be obtained by calling .BR ldap_result(3). .SH ERRORS .B ldap_rename() returns \-1 in case of error initiating the request, and will set the \fIld_errno\fP field in the \fIld\fP parameter to indicate the error. .BR ldap_rename_s() returns the LDAP error code resulting from the rename operation. .SH SEE ALSO .BR ldap (3), .BR ldap_modify (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/lber-decode.3.links0000644000175000017500000000032614461774414021433 0ustar sergiosergiober_get_next.3 ber_skip_tag.3 ber_peek_tag.3 ber_scanf.3 ber_get_int.3 ber_get_stringa.3 ber_get_stringb.3 ber_get_null.3 ber_get_enum.3 ber_get_boolean.3 ber_get_bitstring.3 ber_first_element.3 ber_next_element.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_add.3.links0000644000175000017500000000005514461774414021015 0ustar sergiosergioldap_add_s.3 ldap_add_ext.3 ldap_add_ext_s.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_abandon.30000644000175000017500000000314414461774414020552 0ustar sergiosergio.TH LDAP_ABANDON 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_abandon_ext \- Abandon an LDAP operation in progress .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .B #include .LP .ft B int ldap_abandon_ext( .RS .ft B LDAP *\fIld\fB, Bint \fImsgid\fB, LDAPControl **\fIsctrls\fB, LDAPControl **\fIcctrls\fB ); .RE .fi .SH DESCRIPTION The .B ldap_abandon_ext() routine is used to send a LDAP Abandon request for an operation in progress. The \fImsgid\fP passed should be the message id of an outstanding LDAP operation, such as returned by .BR ldap_search_ext (3). .LP .BR ldap_abandon_ext () checks to see if the result of the operation has already come in. If it has, it deletes it from the queue of pending messages. If not, it sends an LDAP abandon request to the LDAP server. .LP The caller can expect that the result of an abandoned operation will not be returned from a future call to .BR ldap_result (3). .LP .B ldap_abandon_ext() allows server and client controls to be passed in via the .I sctrls and .I cctrls parameters, respectively. .LP .B ldap_abandon_ext() returns a code indicating success or, in the case of failure, the nature of the failure. See .BR ldap_error (3) for details. .SH DEPRECATED INTERFACES The .B ldap_abandon() routine is deprecated in favor of the .B ldap_abandon_ext() routine. .LP .so Deprecated .SH SEE ALSO .BR ldap (3), .BR ldap_error (3), .BR ldap_result (3), .BR ldap_search_ext (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_compare.30000644000175000017500000000403214461774414020573 0ustar sergiosergio.TH LDAP_COMPARE 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_compare, ldap_compare_s, ldap_compare_ext, ldap_compare_ext_s \- Perform an LDAP compare operation. .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B int ldap_compare_ext( .RS .ft B LDAP *\fIld\fB, char *\fIdn\fB, char *\fIattr\fB, const struct berval *\fIbvalue\fB, LDAPControl **\fIserverctrls\fB, LDAPControl **\fIclientctrls\fB, int *\fImsgidp\fB ); .RE .LP .ft B int ldap_compare_ext_s( .RS .ft B LDAP *\fIld\fB, char *\fIdn\fB, char *\fIattr\fB, const struct berval *\fIbvalue\fB, LDAPControl **\fIserverctrls\fB, LDAPControl **\fIclientctrls\fB ); .RE .SH DESCRIPTION The .B ldap_compare_ext_s() routine is used to perform an LDAP compare operation synchronously. It takes \fIdn\fP, the DN of the entry upon which to perform the compare, and \fIattr\fP and \fIvalue\fP, the attribute description and value to compare to those found in the entry. It returns a code, which will be LDAP_COMPARE_TRUE if the entry contains the attribute value and LDAP_COMPARE_FALSE if it does not. Otherwise, an error code is returned that indicates the nature of the problem. See .BR ldap (3) for details. .LP The .B ldap_compare_ext() routine is used to perform an LDAP compare operation asynchronously. It takes the same parameters as .BR ldap_compare_ext_s() , but provides the message id of the request it initiated in the integer pointed to \fImsgidp\fP. The result of the compare can be obtained by a subsequent call to .BR ldap_result (3). .LP Both routines allow server and client controls to be specified to extend the compare request. .SH DEPRECATED INTERFACES The routines .BR ldap_compare () and .BR ldap_compare_s () are deprecated in favor of .BR ldap_compare_ext () and .BR ldap_compare_ext_s (), respectively. .LP .so Deprecated .SH SEE ALSO .BR ldap (3), .BR ldap_error (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_get_dn.30000644000175000017500000001456214461774414020416 0ustar sergiosergio.TH LDAP_GET_DN 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_get_dn, ldap_explode_dn, ldap_explode_rdn, ldap_dn2ufn \- LDAP DN handling routines .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B char *ldap_get_dn( LDAP *ld, LDAPMessage *entry ) .LP .ft B int ldap_str2dn( const char *str, LDAPDN *dn, unsigned flags ) .LP .ft B void ldap_dnfree( LDAPDN dn ) .LP .ft B int ldap_dn2str( LDAPDN dn, char **str, unsigned flags ) .LP .ft B char **ldap_explode_dn( const char *dn, int notypes ) .LP .ft B char **ldap_explode_rdn( const char *rdn, int notypes ) .LP .ft B char *ldap_dn2ufn( const char * dn ) .LP .ft B char *ldap_dn2dcedn( const char * dn ) .LP .ft B char *ldap_dcedn2dn( const char * dn ) .LP .ft B char *ldap_dn2ad_canonical( const char * dn ) .SH DESCRIPTION These routines allow LDAP entry names (Distinguished Names, or DNs) to be obtained, parsed, converted to a user-friendly form, and tested. A DN has the form described in RFC 4414 "Lightweight Directory Access Protocol (LDAP): String Representation of Distinguished Names". .LP The .B ldap_get_dn() routine takes an \fIentry\fP as returned by .BR ldap_first_entry (3) or .BR ldap_next_entry (3) and returns a copy of the entry's DN. Space for the DN will be obtained dynamically and should be freed by the caller using .BR ldap_memfree (3). .LP .B ldap_str2dn() parses a string representation of a distinguished name contained in .B str into its components, which are stored in .B dn as .B ldap_ava structures, arranged in .B LDAPAVA, .B LDAPRDN, and .B LDAPDN terms. Space for .B dn will be obtained dynamically and should be freed by the caller using .BR ldap_dnfree (3). The .B LDAPDN is defined as: .nf .ft B typedef struct ldap_ava { struct berval la_attr; struct berval la_value; unsigned la_flags; } LDAPAVA; typedef LDAPAVA** LDAPRDN; typedef LDAPRDN* LDAPDN; .ft .fi The attribute types and the attribute values are not normalized. The .B la_flags can be either .B LDAP_AVA_STRING or .B LDAP_AVA_BINARY, the latter meaning that the value is BER/DER encoded and thus must be represented as, quoting from RFC 4514, " ... an octothorpe character ('#' ASCII 35) followed by the hexadecimal representation of each of the bytes of the BER encoding of the X.500 AttributeValue." The .B flags parameter to .B ldap_str2dn() can be .LP .nf LDAP_DN_FORMAT_LDAPV3 LDAP_DN_FORMAT_LDAPV2 LDAP_DN_FORMAT_DCE .fi which defines what DN syntax is expected (according to RFC 4514, RFC 1779 and DCE, respectively). The format can be \fIOR\fPed to the flags .LP .nf LDAP_DN_P_NO_SPACES LDAP_DN_P_NO_SPACE_AFTER_RDN ... LDAP_DN_PEDANTIC .fi The latter is a shortcut for all the previous limitations. .LP .B LDAP_DN_P_NO_SPACES does not allow extra spaces in the dn; the default is to silently eliminate spaces around AVA separators ('='), RDN component separators ('+' for LDAPv3/LDAPv2 or ',' for DCE) and RDN separators (',' LDAPv3/LDAPv2 or '/' for DCE). .LP .B LDAP_DN_P_NO_SPACE_AFTER_RDN does not allow a single space after RDN separators. .LP .B ldap_dn2str() performs the inverse operation, yielding in .B str a string representation of .B dn. It allows the same values for .B flags as .B ldap_str2dn(), plus .LP .nf LDAP_DN_FORMAT_UFN LDAP_DN_FORMAT_AD_CANONICAL .fi for user-friendly naming (RFC 1781) and AD canonical. .LP The following routines are viewed as deprecated in favor of .B ldap_str2dn() and .BR ldap_dn2str(). They are provided to support legacy applications. .LP The .B ldap_explode_dn() routine takes a DN as returned by .B ldap_get_dn() and breaks it up into its component parts. Each part is known as a Relative Distinguished Name, or RDN. .B ldap_explode_dn() returns a NULL-terminated array, each component of which contains an RDN from the DN. The \fInotypes\fP parameter is used to request that only the RDN values be returned, not their types. For example, the DN "cn=Bob, c=US" would return as either { "cn=Bob", "c=US", NULL } or { "Bob", "US", NULL }, depending on whether notypes was 0 or 1, respectively. Assertion values in RDN strings may included escaped characters. The result can be freed by calling .BR ldap_value_free (3). .LP Similarly, the .B ldap_explode_rdn() routine takes an RDN as returned by .B ldap_explode_dn(dn,0) and breaks it up into its "type=value" component parts (or just "value", if the \fInotypes\fP parameter is set). Note the value is not unescaped. The result can be freed by calling .BR ldap_value_free (3). .LP .B ldap_dn2ufn() is used to turn a DN as returned by .BR ldap_get_dn (3) into a more user-friendly form, stripping off all type names. See "Using the Directory to Achieve User Friendly Naming" (RFC 1781) for more details on the UFN format. Due to the ambiguous nature of the format, it is generally only used for display purposes. The space for the UFN returned is obtained dynamically and the user is responsible for freeing it via a call to .BR ldap_memfree (3). .LP .B ldap_dn2dcedn() is used to turn a DN as returned by .BR ldap_get_dn (3) into a DCE-style DN, e.g. a string with most-significant to least significant rdns separated by slashes ('/'); rdn components are separated by commas (','). Only printable chars (e.g. LDAPv2 printable string) are allowed, at least in this implementation. .B ldap_dcedn2dn() performs the opposite operation. .B ldap_dn2ad_canonical() turns a DN into a AD canonical name, which is basically a DCE dn with attribute types omitted. The trailing domain, if present, is turned in a DNS-like domain. The space for the returned value is obtained dynamically and the user is responsible for freeing it via a call to .BR ldap_memfree (3). .SH ERRORS If an error occurs in .BR ldap_get_dn() , NULL is returned and the .B ld_errno field in the \fIld\fP parameter is set to indicate the error. See .BR ldap_error (3) for a description of possible error codes. .BR ldap_explode_dn() , .BR ldap_explode_rdn() , .B ldap_dn2ufn(), .B ldap_dn2dcedn(), .B ldap_dcedn2dn(), and .B ldap_dn2ad_canonical() will return NULL with .BR errno (3) set appropriately in case of trouble. .SH NOTES These routines dynamically allocate memory that the caller must free. .SH SEE ALSO .BR ldap (3), .BR ldap_error (3), .BR ldap_first_entry (3), .BR ldap_memfree (3), .BR ldap_value_free (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_tls.3.links0000644000175000017500000000011214461774414021061 0ustar sergiosergioldap_start_tls.3 ldap_start_tls_s.3 ldap_tls_inplace.3 ldap_install_tls.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_first_reference.3.links0000644000175000017500000000005614461774414023433 0ustar sergiosergioldap_next_reference.3 ldap_count_references.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_modrdn.30000644000175000017500000000402214461774414020427 0ustar sergiosergio.TH LDAP_MODRDN 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_modrdn, ldap_modrdn_s, ldap_modrdn2, ldap_modrdn2_s \- Perform an LDAP modify RDN operation .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B int ldap_modrdn(ld, dn, newrdn) .ft LDAP \(**ld; char \(**dn, \(**newrdn; .LP .ft B .LP .ft B int ldap_modrdn_s(ld, dn, newrdn) .ft LDAP \(**ld; char \(**dn, \(**newrdn; .LP .ft B int ldap_modrdn2(ld, dn, newrdn, deleteoldrdn) .ft LDAP \(**ld; char \(**dn, \(**newrdn; int deleteoldrdn; .LP .ft B int ldap_modrdn2_s(ld, dn, newrdn, deleteoldrdn) .ft LDAP \(**ld; char \(**dn, \(**newrdn; int deleteoldrdn; .SH DESCRIPTION The .B ldap_modrdn() and .B ldap_modrdn_s() routines perform an LDAP modify RDN operation. They both take \fIdn\fP, the DN of the entry whose RDN is to be changed, and \fInewrdn\fP, the new RDN to give the entry. The old RDN of the entry is never kept as an attribute of the entry. .B ldap_modrdn() is asynchronous, returning the message id of the operation it initiates. .B ldap_modrdn_s() is synchronous, returning the LDAP error code indicating the success or failure of the operation. Use of these routines is deprecated. Use the versions described below instead. .LP The .B ldap_modrdn2() and .B ldap_modrdn2_s() routines also perform an LDAP modify RDN operation, taking the same parameters as above. In addition, they both take the \fIdeleteoldrdn\fP parameter which is used as a boolean value to indicate whether the old RDN values should be deleted from the entry or not. .SH ERRORS The synchronous (_s) versions of these routines return an LDAP error code, either LDAP_SUCCESS or an error if there was trouble. The asynchronous versions return \-1 in case of trouble, setting the .B ld_errno field of \fIld\fP. See .BR ldap_error (3) for more details. .SH SEE ALSO .BR ldap (3), .BR ldap_error (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/lber-sockbuf.30000644000175000017500000001273714461774414020536 0ustar sergiosergio.TH LBER_SOCKBUF 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ber_sockbuf_alloc, ber_sockbuf_free, ber_sockbuf_ctrl, ber_sockbuf_add_io, ber_sockbuf_remove_io, Sockbuf_IO \- OpenLDAP LBER I/O infrastructure .SH LIBRARY OpenLDAP LBER (liblber, \-llber) .SH SYNOPSIS .B #include .LP .B Sockbuf *ber_sockbuf_alloc( void ); .LP .BI "void ber_sockbuf_free(Sockbuf *" sb ");" .LP .BI "int ber_sockbuf_ctrl(Sockbuf *" sb ", int " opt ", void *" arg ");" .LP .BI "int ber_sockbuf_add_io(Sockbuf *" sb ", Sockbuf_IO *" sbio ", int " layer ", void *" arg ");" .LP .BI "int ber_sockbuf_remove_io(Sockbuf *" sb ", Sockbuf_IO *" sbio ", int " layer ");" .LP .nf .B typedef struct sockbuf_io_desc { .BI "int " sbiod_level ";" .BI "Sockbuf *" sbiod_sb ";" .BI "Sockbuf_IO *" sbiod_io ";" .BI "void *" sbiod_pvt ";" .BI "struct sockbuf_io_desc *" sbiod_next ";" .B } Sockbuf_IO_Desc; .LP .B typedef struct sockbuf_io { .BI "int (*" sbi_setup ")(Sockbuf_IO_Desc *" sbiod ", void *" arg ");" .BI "int (*" sbi_remove ")(Sockbuf_IO_Desc *" sbiod ");" .BI "int (*" sbi_ctrl ")(Sockbuf_IO_Desc *" sbiod ", int " opt ", void *" arg ");" .BI "ber_slen_t (*" sbi_read ")(Sockbuf_IO_Desc *" sbiod ", void *" buf ", ber_len_t " len ");" .BI "ber_slen_t (*" sbi_write ")(Sockbuf_IO_Desc *" sbiod ", void *" buf ", ber_len_t " len ");" .BI "int (*" sbi_close ")(Sockbuf_IO_Desc *" sbiod ");" .B } Sockbuf_IO; .SH DESCRIPTION .LP These routines are used to manage the low level I/O operations performed by the Lightweight BER library. They are called implicitly by the other libraries and usually do not need to be called directly from applications. The I/O framework is modularized and new transport layers can be supported by appropriately defining a .B Sockbuf_IO structure and installing it onto an existing .BR Sockbuf . .B Sockbuf structures are allocated and freed by .BR ber_sockbuf_alloc () and .BR ber_sockbuf_free (), respectively. The .BR ber_sockbuf_ctrl () function is used to get and set options related to a .B Sockbuf or to a specific I/O layer of the .BR Sockbuf . The .BR ber_sockbuf_add_io () and .BR ber_sockbuf_remove_io () functions are used to add and remove specific I/O layers on a .BR Sockbuf . Options for .BR ber_sockbuf_ctrl () include: .TP .B LBER_SB_OPT_HAS_IO Takes a .B Sockbuf_IO * argument and returns 1 if the given handler is installed on the .BR Sockbuf , otherwise returns 0. .TP .B LBER_SB_OPT_GET_FD Retrieves the file descriptor associated to the .BR Sockbuf ; .B arg must be a .BR "ber_socket_t *" . The return value will be 1 if a valid descriptor was present, \-1 otherwise. .TP .B LBER_SB_OPT_SET_FD Sets the file descriptor of the .B Sockbuf to the descriptor pointed to by .BR arg ; .B arg must be a .BR "ber_socket_t *" . The return value will always be 1. .TP .B LBER_SB_OPT_SET_NONBLOCK Toggles the non-blocking state of the file descriptor associated to the .BR Sockbuf . .B arg should be NULL to disable and non-NULL to enable the non-blocking state. The return value will be 1 for success, \-1 otherwise. .TP .B LBER_SB_OPT_DRAIN Flush (read and discard) all available input on the .BR Sockbuf . The return value will be 1. .TP .B LBER_SB_OPT_NEEDS_READ Returns non-zero if input is waiting to be read. .TP .B LBER_SB_OPT_NEEDS_WRITE Returns non-zero if the .B Sockbuf is ready to be written. .TP .B LBER_SB_OPT_GET_MAX_INCOMING Returns the maximum allowed size of an incoming message; .B arg must be a .BR "ber_len_t *" . The return value will be 1. .TP .B LBER_SB_OPT_SET_MAX_INCOMING Sets the maximum allowed size of an incoming message; .B arg must be a .BR "ber_len_t *" . The return value will be 1. .LP Options not in this list will be passed down to each .B Sockbuf_IO handler in turn until one of them processes it. If the option is not handled .BR ber_sockbuf_ctrl () will return 0. .LP Multiple .B Sockbuf_IO handlers can be stacked in multiple layers to provide various functionality. Currently defined layers include .TP .B LBER_SBIOD_LEVEL_PROVIDER the lowest layer, talking directly to a network .TP .B LBER_SBIOD_LEVEL_TRANSPORT an intermediate layer .TP .B LBER_SBIOD_LEVEL_APPLICATION a higher layer .LP Currently defined .B Sockbuf_IO handlers in liblber include .TP .B ber_sockbuf_io_tcp The default stream-oriented provider .TP .B ber_sockbuf_io_fd A stream-oriented provider for local IPC sockets .TP .B ber_sockbuf_io_dgram A datagram-oriented provider. This handler is only present if the liblber library was built with LDAP_CONNECTIONLESS defined. .TP .B ber_sockbuf_io_readahead A buffering layer, usually used with a datagram provider to hide the datagram semantics from upper layers. .TP .B ber_sockbuf_io_debug A generic handler that outputs hex dumps of all traffic. This handler may be inserted multiple times at arbitrary layers to show the flow of data between other handlers. .LP Additional handlers may be present in libldap if support for them was enabled: .TP .B ldap_pvt_sockbuf_io_sasl An application layer handler for SASL encoding/decoding. .TP .B sb_tls_sbio A transport layer handler for SSL/TLS encoding/decoding. Note that this handler is private to the library and is not exposed in the API. .LP The provided handlers are all instantiated implicitly by libldap, and applications generally will not need to directly manipulate them. .SH SEE ALSO .BR lber-decode (3), .BR lber-encode (3), .BR lber-types (3), .BR ldap_get_option (3) .LP .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_first_message.30000644000175000017500000000452114461774414022003 0ustar sergiosergio.TH LDAP_FIRST_MESSAGE 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_first_message, ldap_next_message, ldap_count_messages \- Stepping through messages in a result chain .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B int ldap_count_messages( LDAP *ld, LDAPMessage *result ) .LP .ft B LDAPMessage *ldap_first_message( LDAP *ld, LDAPMessage *result ) .LP .ft B LDAPMessage *ldap_next_message( LDAP *ld, LDAPMessage *message ) .SH DESCRIPTION .LP These routines are used to step through the messages in a result chain received from .BR ldap_result (3) . For search operations, the result chain can contain referral, entry and result messages. The .BR ldap_msgtype (3) function can be used to distinguish between the different message types. .LP The .B ldap_first_message() routine is used to retrieve the first message in a result chain. It takes the \fIresult\fP as returned by a call to .BR ldap_result (3) , .BR ldap_search_s (3) or .BR ldap_search_st (3) and returns a pointer to the first message in the result chain. .LP This pointer should be supplied on a subsequent call to .B ldap_next_message() to get the next message, the result of which should be supplied to the next call to .BR ldap_next_message() , etc. .B ldap_next_message() will return NULL when there are no more messages. .LP These functions are useful when using routines like .BR ldap_parse_result (3) that only operate on the first result in the chain. .LP A count of the number of messages in the result chain can be obtained by calling .BR ldap_count_messages() . It can also be used to count the number of remaining messages in a chain if called with a message, entry or reference returned by .B ldap_first_message() , .B ldap_next_message() , .BR ldap_first_entry (3) , .BR ldap_next_entry (3) , .BR ldap_first_reference (3) , .BR ldap_next_reference (3) . .SH ERRORS If an error occurs in .B ldap_first_message() or .BR ldap_next_message() , NULL is returned. If an error occurs in .BR ldap_count_messages() , -1 is returned. .SH SEE ALSO .BR ldap (3), .BR ldap_search (3), .BR ldap_result (3), .BR ldap_parse_result (3), .BR ldap_first_entry (3), .BR ldap_first_reference (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_dup.30000644000175000017500000000643514461774414017746 0ustar sergiosergio.TH LDAP_OPEN 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_dup, ldap_destroy, \- Duplicate and destroy LDAP session handles .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B LDAP *ldap_dup( .RS .ft B LDAP *\fIold\fB ); .RE .LP .ft B int ldap_destroy( .RS .ft B LDAP *\fIold\fB ); .RE .SH DESCRIPTION .LP .B ldap_dup() duplicates an existing LDAP .RB ( "LDAP *" ) session handle. The new session handle may be used concurrently with the original session handle. In a threaded environment, different threads may execute concurrent requests on the same connection/session without fear of contamination. Each session handle manages its own private error results. .LP .B ldap_destroy() destroys an existing session handle. .LP The .B ldap_dup() and .B ldap_destroy() functions are used in conjunction with a "thread safe" version of .B libldap to enable operation thread safe API calls, so that a single session may be simultaneously used across multiple threads with consistent error handling. .LP When a session is created through the use of one of the session creation functions including .BR ldap_open (3), .BR ldap_init (3), .BR ldap_initialize (3) or .BR ldap_init_fd (3) an .B "LDAP *" session handle is returned to the application. The session handle may be shared amongst threads, however the error codes are unique to a session handle. Multiple threads performing different operations using the same session handle will result in inconsistent error codes and return values. .LP To prevent this confusion, .B ldap_dup() is used duplicate an existing session handle so that multiple threads can share the session, and maintain consistent error information and results. .LP The message queues for a session are shared between sibling session handles. Results of operations on a sibling session handles are accessible to all the sibling session handles. Applications desiring results associated with a specific operation should provide the appropriate msgid to .BR ldap_result() . Applications should avoid calling .B ldap_result() with .B LDAP_RES_ANY as that may "steal" and return results in the calling thread that another operation in a different thread, using a different session handle, may require to complete. .LP When .B ldap_unbind() is called on a session handle with siblings, all the siblings become invalid. .LP Siblings must be destroyed using .BR ldap_destroy() . Session handle resources associated with the original .RB ( "LDAP *" ) will be freed when the last session handle is destroyed or when .B ldap_unbind() is called, if no other session handles currently exist. .SH ERRORS If an error occurs, .B ldap_dup() will return NULL and .I errno should be set appropriately. .B ldap_destroy() will directly return the LDAP code associated to the error (or .I LDAP_SUCCESS in case of success); .I errno should be set as well whenever appropriate. .SH SEE ALSO .BR ldap_open (3), .BR ldap_init (3), .BR ldap_initialize (3), .BR ldap_init_fd (3), .BR errno (3) .SH ACKNOWLEDGEMENTS This work is based on the previously proposed .B LDAP C API Concurrency Extensions draft .BR ( draft-zeilenga-ldap-c-api-concurrency-00.txt ) effort. .so ../Project openldap-2.5.16+dfsg/doc/man/man3/lber-types.3.links0000644000175000017500000000023214461774414021350 0ustar sergiosergiober_bvarray_add.3 ber_bvarray_free.3 ber_bvdup.3 ber_bvecadd.3 ber_bvecfree.3 ber_bvfree.3 ber_bvstr.3 ber_bvstrdup.3 ber_dupbv.3 ber_free.3 ber_str2bv.3 openldap-2.5.16+dfsg/doc/man/man3/ldap_get_values.30000644000175000017500000000475114461774414021313 0ustar sergiosergio.TH LDAP_GET_VALUES 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldap_get_values, ldap_get_values_len, ldap_count_values \- LDAP attribute value handling routines .SH LIBRARY OpenLDAP LDAP (libldap, \-lldap) .SH SYNOPSIS .nf .ft B #include .LP .ft B char **ldap_get_values(ld, entry, attr) .ft LDAP *ld; LDAPMessage *entry; char *attr; .LP .ft B struct berval **ldap_get_values_len(ld, entry, attr) .ft LDAP *ld; LDAPMessage *entry; char *attr; .LP .ft B int ldap_count_values(vals) .ft char **vals; .LP .ft B int ldap_count_values_len(vals) .ft struct berval **vals; .LP .ft B void ldap_value_free(vals) .ft char **vals; .LP .ft B void ldap_value_free_len(vals) .ft struct berval **vals; .SH DESCRIPTION These routines are used to retrieve and manipulate attribute values from an LDAP entry as returned by .BR ldap_first_entry (3) or .BR ldap_next_entry (3). .B ldap_get_values() takes the \fIentry\fP and the attribute \fIattr\fP whose values are desired and returns a NULL-terminated array of the attribute's values. \fIattr\fP may be an attribute type as returned from .BR ldap_first_attribute (3) or .BR ldap_next_attribute (3), or if the attribute type is known it can simply be given. .LP The number of values in the array can be counted by calling .BR ldap_count_values() . The array of values returned can be freed by calling .BR ldap_value_free() . .LP If the attribute values are binary in nature, and thus not suitable to be returned as an array of char *'s, the .B ldap_get_values_len() routine can be used instead. It takes the same parameters as .BR ldap_get_values() , but returns a NULL-terminated array of pointers to berval structures, each containing the length of and a pointer to a value. .LP The number of values in the array can be counted by calling .BR ldap_count_values_len() . The array of values returned can be freed by calling .BR ldap_value_free_len() . .SH ERRORS If an error occurs in .B ldap_get_values() or .BR ldap_get_values_len() , NULL is returned and the .B ld_errno field in the \fIld\fP parameter is set to indicate the error. See .BR ldap_error (3) for a description of possible error codes. .SH NOTES These routines dynamically allocate memory which the caller must free using the supplied routines. .SH SEE ALSO .BR ldap (3), .BR ldap_first_entry (3), .BR ldap_first_attribute (3), .BR ldap_error (3) .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man3/ldap_dup.3.links0000644000175000017500000000001714461774414021053 0ustar sergiosergioldap_destroy.3 openldap-2.5.16+dfsg/doc/man/man3/lber-memory.30000644000175000017500000000243614461774414020405 0ustar sergiosergio.TH LBER_MEMORY 3 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ber_memalloc, ber_memcalloc, ber_memrealloc, ber_memfree, ber_memvfree \- OpenLDAP LBER memory allocators .SH LIBRARY OpenLDAP LBER (liblber, \-llber) .SH SYNOPSIS .B #include .LP .BI "void *ber_memalloc(ber_len_t " bytes ");" .LP .BI "void *ber_memcalloc(ber_len_t " nelems ", ber_len_t " bytes ");" .LP .BI "void *ber_memrealloc(void *" ptr ", ber_len_t " bytes ");" .LP .BI "void ber_memfree(void *" ptr ");" .LP .BI "void ber_memvfree(void **" vec ");" .SH DESCRIPTION .LP These routines are used to allocate/deallocate memory used/returned by the Lightweight BER library as required by .BR lber-encode (3) and .BR lber-decode (3). .BR ber_memalloc (), .BR ber_memcalloc (), .BR ber_memrealloc (), and .BR ber_memfree () are used exactly like the standard .BR malloc (3), .BR calloc (3), .BR realloc (3), and .BR free (3) routines, respectively. The .BR ber_memvfree () routine is used to free a dynamically allocated array of pointers to arbitrary dynamically allocated objects. .SH SEE ALSO .BR lber-decode (3), .BR lber-encode (3), .BR lber-types (3) .LP .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/Makefile.in0000644000175000017500000000105214461774414017267 0ustar sergiosergio# man Makefile.in for OpenLDAP # $OpenLDAP$ ## This work is part of OpenLDAP Software . ## ## Copyright 1998-2022 The OpenLDAP Foundation. ## All rights reserved. ## ## Redistribution and use in source and binary forms, with or without ## modification, are permitted only as authorized by the OpenLDAP ## Public License. ## ## A copy of this license is available in the file LICENSE in the ## top-level directory of the distribution or, alternatively, at ## . SUBDIRS= man1 man3 man5 man8 openldap-2.5.16+dfsg/doc/man/man1/0000755000175000017500000000000014461774414016060 5ustar sergiosergioopenldap-2.5.16+dfsg/doc/man/man1/ldapdelete.10000644000175000017500000001415614461774414020254 0ustar sergiosergio.TH LDAPDELETE 1 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldapdelete \- LDAP delete entry tool .SH SYNOPSIS .B ldapdelete [\c .BR \-V [ V ]] [\c .BI \-d \ debuglevel\fR] [\c .BR \-n ] [\c .BR \-v ] [\c .BR \-c ] [\c .BI \-f \ file\fR] [\c .BR \-r ] [\c .BI \-z \ sizelimit\fR] [\c .BR \-M [ M ]] [\c .BR \-x ] [\c .BI \-D \ binddn\fR] [\c .BR \-W ] [\c .BI \-w \ passwd\fR] [\c .BI \-y \ passwdfile\fR] [\c .BI \-H \ ldapuri\fR] [\c .BR \-P \ { 2 \||\| 3 }] [\c .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BI \-o \ opt \fR[= optparam \fR]] [\c .BI \-O \ security-properties\fR] [\c .BR \-I ] [\c .BR \-Q ] [\c .BR \-N ] [\c .BI \-U \ authcid\fR] [\c .BI \-R \ realm\fR] [\c .BI \-X \ authzid\fR] [\c .BI \-Y \ mech\fR] [\c .BR \-Z [ Z ]] [\c .IR DN \ [ ... ]] .SH DESCRIPTION .I ldapdelete is a shell-accessible interface to the .BR ldap_delete_ext (3) library call. .LP .B ldapdelete opens a connection to an LDAP server, binds, and deletes one or more entries. If one or more \fIDN\fP arguments are provided, entries with those Distinguished Names are deleted. Each \fIDN\fP should be provided using the LDAPv3 string representation as defined in RFC 4514. If no \fIDN\fP arguments are provided, a list of DNs is read from standard input (or from \fIfile\fP if the \fB\-f\fP flag is used). .SH OPTIONS .TP .BR \-V [ V ] Print version info. If \fB\-VV\fP is given, only the version information is printed. .TP .BI \-d \ debuglevel Set the LDAP debugging level to \fIdebuglevel\fP. .B ldapdelete must be compiled with LDAP_DEBUG defined for this option to have any effect. .TP .B \-n Show what would be done, but don't actually delete entries. Useful for debugging in conjunction with \fB\-v\fP. .TP .B \-v Use verbose mode, with many diagnostics written to standard output. .TP .B \-c Continuous operation mode. Errors are reported, but .B ldapdelete will continue with deletions. The default is to exit after reporting an error. .TP .BI \-f \ file Read a series of DNs from \fIfile\fP, one per line, performing an LDAP delete for each. .TP .B \-r Do a recursive delete. If the DN specified isn't a leaf, its children, and all their children are deleted down the tree. No verification is done, so if you add this switch, ldapdelete will happily delete large portions of your tree. Use with care. .TP .BI \-z \ sizelimit Use \fIsizelimit\fP when searching for children DN to delete, to circumvent any server-side size limit. Only useful in conjunction with \fB\-r\fP. .TP .BR \-M [ M ] Enable manage DSA IT control. .B \-MM makes control critical. .TP .B \-x Use simple authentication instead of SASL. .TP .BI \-D \ binddn Use the Distinguished Name \fIbinddn\fP to bind to the LDAP directory. For SASL binds, the server is expected to ignore this value. .TP .B \-W Prompt for simple authentication. This is used instead of specifying the password on the command line. .TP .BI \-w \ passwd Use \fIpasswd\fP as the password for simple authentication. .TP .BI \-y \ passwdfile Use complete contents of \fIpasswdfile\fP as the password for simple authentication. .TP .BI \-H \ ldapuri Specify URI(s) referring to the ldap server(s); only the protocol/host/port fields are allowed; a list of URI, separated by whitespace or commas is expected. .TP .BR \-P \ { 2 \||\| 3 } Specify the LDAP protocol version to use. .TP .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ] .TP .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ] Specify general extensions with \fB\-e\fP and delete extensions with \fB\-E\fP. \'\fB!\fP\' indicates criticality. General extensions: .nf [!]assert= (an RFC 4515 Filter) !authzid= ("dn:" or "u:") [!]bauthzid (RFC 3829 authzid control) [!]chaining[=[/]] [!]manageDSAit [!]noop ppolicy [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) .fi Delete extensions: .nf (none) .fi .TP .BI \-o \ opt \fR[= optparam \fR] Specify any .BR ldap.conf (5) option or one of the following: .nf nettimeout= (in seconds, or "none" or "max") ldif_wrap= (in columns, or "no" for no wrapping) .fi .TP .BI \-O \ security-properties Specify SASL security properties. .TP .B \-I Enable SASL Interactive mode. Always prompt. Default is to prompt only as needed. .TP .B \-Q Enable SASL Quiet mode. Never prompt. .TP .B \-N Do not use reverse DNS to canonicalize SASL host name. .TP .BI \-U \ authcid Specify the authentication ID for SASL bind. The form of the identity depends on the actual SASL mechanism used. .TP .BI \-R \ realm Specify the realm of authentication ID for SASL bind. The form of the realm depends on the actual SASL mechanism used. .TP .BI \-X \ authzid Specify the requested authorization ID for SASL bind. .I authzid must be one of the following formats: .BI dn: "" or .BI u: .TP .BI \-Y \ mech Specify the SASL mechanism to be used for authentication. If it's not specified, the program will choose the best mechanism the server knows. .TP .BR \-Z [ Z ] Issue StartTLS (Transport Layer Security) extended operation. If you use \fB\-ZZ\fP, the command will require the operation to be successful. .SH EXAMPLE The following command: .LP .nf ldapdelete "cn=Delete Me,dc=example,dc=com" .fi .LP will attempt to delete the entry named "cn=Delete Me,dc=example,dc=com". Of course it would probably be necessary to supply authentication credentials. .SH DIAGNOSTICS Exit status is 0 if no errors occur. Errors result in a non-zero exit status and a diagnostic message being written to standard error. .SH "SEE ALSO" .BR ldap.conf (5), .BR ldapadd (1), .BR ldapmodify (1), .BR ldapmodrdn (1), .BR ldapsearch (1), .BR ldap (3), .BR ldap_delete_ext (3) .SH AUTHOR The OpenLDAP Project .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man1/ldapwhoami.10000644000175000017500000001074714461774414020300 0ustar sergiosergio.TH LDAPWHOAMI 1 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldapwhoami \- LDAP who am i? tool .SH SYNOPSIS .B ldapwhoami [\c .BR \-V [ V ]] [\c .BI \-d \ debuglevel\fR] [\c .BR \-n ] [\c .BR \-v ] [\c .BR \-x ] [\c .BI \-D \ binddn\fR] [\c .BR \-W ] [\c .BI \-w \ passwd\fR] [\c .BI \-y \ passwdfile\fR] [\c .BI \-H \ ldapuri\fR] [\c .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BI \-o \ opt \fR[= optparam \fR]] [\c .BI \-O \ security-properties\fR] [\c .BR \-I ] [\c .BR \-Q ] [\c .BR \-N ] [\c .BI \-U \ authcid\fR] [\c .BI \-R \ realm\fR] [\c .BI \-X \ authzid\fR] [\c .BI \-Y \ mech\fR] [\c .BR \-Z [ Z ]] .SH DESCRIPTION .I ldapwhoami implements the LDAP "Who Am I?" extended operation. .LP .B ldapwhoami opens a connection to an LDAP server, binds, and performs a whoami operation. .SH OPTIONS .TP .BR \-V [ V ] Print version info. If \fB\-VV\fP is given, only the version information is printed. .TP .BI \-d \ debuglevel Set the LDAP debugging level to \fIdebuglevel\fP. .B ldapwhoami must be compiled with LDAP_DEBUG defined for this option to have any effect. .TP .B \-n Show what would be done, but don't actually perform the whoami operation. Useful for debugging in conjunction with \fB\-v\fP. .TP .B \-v Run in verbose mode, with many diagnostics written to standard output. .TP .B \-x Use simple authentication instead of SASL. .TP .BI \-D \ binddn Use the Distinguished Name \fIbinddn\fP to bind to the LDAP directory. For SASL binds, the server is expected to ignore this value. .TP .B \-W Prompt for simple authentication. This is used instead of specifying the password on the command line. .TP .BI \-w \ passwd Use \fIpasswd\fP as the password for simple authentication. .TP .BI \-y \ passwdfile Use complete contents of \fIpasswdfile\fP as the password for simple authentication. .TP .BI \-H \ ldapuri Specify URI(s) referring to the ldap server(s); only the protocol/host/port fields are allowed; a list of URI, separated by whitespace or commas is expected. .TP .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ] .TP .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ] Specify general extensions with \fB\-e\fP and whoami extensions with \fB\-E\fP. \'\fB!\fP\' indicates criticality. General extensions: .nf [!]assert= (an RFC 4515 Filter) !authzid= ("dn:" or "u:") [!]bauthzid (RFC 3829 authzid control) [!]chaining[=[/]] [!]manageDSAit [!]noop ppolicy [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) .fi WhoAmI extensions: .nf (none) .fi .TP .BI \-o \ opt \fR[= optparam \fR] Specify any .BR ldap.conf (5) option or one of the following: .nf nettimeout= (in seconds, or "none" or "max") ldif_wrap= (in columns, or "no" for no wrapping) .fi .B -o option that can be passed here, check .BR ldap.conf (5) for details. .TP .BI \-O \ security-properties Specify SASL security properties. .TP .B \-I Enable SASL Interactive mode. Always prompt. Default is to prompt only as needed. .TP .B \-Q Enable SASL Quiet mode. Never prompt. .TP .B \-N Do not use reverse DNS to canonicalize SASL host name. .TP .BI \-U \ authcid Specify the authentication ID for SASL bind. The form of the ID depends on the actual SASL mechanism used. .TP .BI \-R \ realm Specify the realm of authentication ID for SASL bind. The form of the realm depends on the actual SASL mechanism used. .TP .BI \-X \ authzid Specify the requested authorization ID for SASL bind. .I authzid must be one of the following formats: .BI dn: "" or .BI u: .TP .BI \-Y \ mech Specify the SASL mechanism to be used for authentication. If it's not specified, the program will choose the best mechanism the server knows. .TP .BR \-Z [ Z ] Issue StartTLS (Transport Layer Security) extended operation. If you use \fB\-ZZ\fP, the command will require the operation to be successful. .SH EXAMPLE .nf ldapwhoami \-x \-D "cn=Manager,dc=example,dc=com" \-W .fi .SH "SEE ALSO" .BR ldap.conf (5), .BR ldap (3), .BR ldap_extended_operation (3) .SH AUTHOR The OpenLDAP Project .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man1/ldapmodify.10000644000175000017500000002014414461774414020273 0ustar sergiosergio.TH LDAPMODIFY 1 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldapmodify, ldapadd \- LDAP modify entry and LDAP add entry tools .SH SYNOPSIS .B ldapmodify [\c .BR \-V [ V ]] [\c .BI \-d \ debuglevel\fR] [\c .BR \-n ] [\c .BR \-v ] [\c .BR \-a ] [\c .BR \-c ] [\c .BI \-f \ file\fR] [\c .BI \-S \ file\fR] [\c .BR \-M [ M ]] [\c .BR \-x ] [\c .BI \-D \ binddn\fR] [\c .BR \-W ] [\c .BI \-w \ passwd\fR] [\c .BI \-y \ passwdfile\fR] [\c .BI \-H \ ldapuri\fR] [\c .BR \-P \ { 2 \||\| 3 }] [\c .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BI \-o \ opt \fR[= optparam \fR]] [\c .BI \-O \ security-properties\fR] [\c .BR \-I ] [\c .BR \-Q ] [\c .BR \-N ] [\c .BI \-U \ authcid\fR] [\c .BI \-R \ realm\fR] [\c .BI \-X \ authzid\fR] [\c .BI \-Y \ mech\fR] [\c .BR \-Z [ Z ]] .LP .B ldapadd [\c .BR \-V [ V ]] [\c .BI \-d \ debuglevel\fR] [\c .BR \-n ] [\c .BR \-v ] [\c .BR \-c ] [\c .BI \-f \ file\fR] [\c .BI \-S \ file\fR] [\c .BR \-M [ M ]] [\c .BR \-x ] [\c .BI \-D \ binddn\fR] [\c .BR \-W ] [\c .BI \-w \ passwd\fR] [\c .BI \-y \ passwdfile\fR] [\c .BI \-H \ ldapuri\fR] [\c .BR \-P \ { 2 \||\| 3 }] [\c .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BI \-o \ opt \fR[= optparam \fR]] [\c .BI \-O \ security-properties\fR] [\c .BR \-I ] [\c .BR \-Q ] [\c .BR \-N ] [\c .BI \-U \ authcid\fR] [\c .BI \-R \ realm\fR] [\c .BI \-X \ authzid\fR] [\c .BI \-Y \ mech\fR] [\c .BR \-Z [ Z ]] .SH DESCRIPTION .B ldapmodify is a shell-accessible interface to the .BR ldap_add_ext (3), .BR ldap_modify_ext (3), .BR ldap_delete_ext (3) and .BR ldap_rename (3). library calls. .B ldapadd is implemented as a hard link to the ldapmodify tool. When invoked as .B ldapadd the \fB\-a\fP (add new entry) flag is turned on automatically. .LP .B ldapmodify opens a connection to an LDAP server, binds, and modifies or adds entries. The entry information is read from standard input or from \fIfile\fP through the use of the \fB\-f\fP option. .SH OPTIONS .TP .BR \-V [ V ] Print version info. If \fB\-VV\fP is given, only the version information is printed. .TP .BI \-d \ debuglevel Set the LDAP debugging level to \fIdebuglevel\fP. .B ldapmodify must be compiled with LDAP_DEBUG defined for this option to have any effect. .TP .B \-n Show what would be done, but don't actually modify entries. Useful for debugging in conjunction with \fB\-v\fP. .TP .B \-v Use verbose mode, with many diagnostics written to standard output. .TP .B \-a Add new entries. The default for .B ldapmodify is to modify existing entries. If invoked as .BR ldapadd , this flag is always set. .TP .B \-c Continuous operation mode. Errors are reported, but .B ldapmodify will continue with modifications. The default is to exit after reporting an error. .TP .BI \-f \ file Read the entry modification information from \fIfile\fP instead of from standard input. .TP .BI \-S \ file Add or change records which were skipped due to an error are written to \fIfile\fP and the error message returned by the server is added as a comment. Most useful in conjunction with \fB\-c\fP. .TP .BR \-M [ M ] Enable manage DSA IT control. .B \-MM makes control critical. .TP .B \-x Use simple authentication instead of SASL. .TP .BI \-D \ binddn Use the Distinguished Name \fIbinddn\fP to bind to the LDAP directory. For SASL binds, the server is expected to ignore this value. .TP .B \-W Prompt for simple authentication. This is used instead of specifying the password on the command line. .TP .BI \-w \ passwd Use \fIpasswd\fP as the password for simple authentication. .TP .BI \-y \ passwdfile Use complete contents of \fIpasswdfile\fP as the password for simple authentication. .TP .BI \-H \ ldapuri Specify URI(s) referring to the ldap server(s); only the protocol/host/port fields are allowed; a list of URI, separated by whitespace or commas is expected. .TP .BR \-P \ { 2 \||\| 3 } Specify the LDAP protocol version to use. .TP .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ] .TP .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ] Specify general extensions with \fB\-e\fP and modify extensions with \fB\-E\fP. \'\fB!\fP\' indicates criticality. General extensions: .nf [!]assert= (an RFC 4515 Filter) !authzid= ("dn:" or "u:") [!]bauthzid (RFC 3829 authzid control) [!]chaining[=[/]] [!]manageDSAit [!]noop ppolicy [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) .fi Modify extensions: .nf [!]txn[=abort|commit] .fi .TP .BI \-o \ opt \fR[= optparam \fR]] Specify any .BR ldap.conf (5) option or one of the following: .nf nettimeout= (in seconds, or "none" or "max") ldif_wrap= (in columns, or "no" for no wrapping) .fi .TP .BI \-O \ security-properties Specify SASL security properties. .TP .B \-I Enable SASL Interactive mode. Always prompt. Default is to prompt only as needed. .TP .B \-Q Enable SASL Quiet mode. Never prompt. .TP .B \-N Do not use reverse DNS to canonicalize SASL host name. .TP .BI \-U \ authcid Specify the authentication ID for SASL bind. The form of the ID depends on the actual SASL mechanism used. .TP .BI \-R \ realm Specify the realm of authentication ID for SASL bind. The form of the realm depends on the actual SASL mechanism used. .TP .BI \-X \ authzid Specify the requested authorization ID for SASL bind. .I authzid must be one of the following formats: .BI dn: "" or .BI u: .TP .BI \-Y \ mech Specify the SASL mechanism to be used for authentication. If it's not specified, the program will choose the best mechanism the server knows. .TP .BR \-Z [ Z ] Issue StartTLS (Transport Layer Security) extended operation. If you use .B \-ZZ\c , the command will require the operation to be successful. .SH INPUT FORMAT The contents of \fIfile\fP (or standard input if no \fB\-f\fP flag is given on the command line) must conform to the format defined in .BR ldif (5) (LDIF as defined in RFC 2849). .SH EXAMPLES Assuming that the file .B /tmp/entrymods exists and has the contents: .LP .nf dn: cn=Modify Me,dc=example,dc=com changetype: modify replace: mail mail: modme@example.com \- add: title title: Grand Poobah \- add: jpegPhoto jpegPhoto:< file:///tmp/modme.jpeg \- delete: description \- .fi .LP the command: .LP .nf ldapmodify \-f /tmp/entrymods .fi .LP will replace the contents of the "Modify Me" entry's .I mail attribute with the value "modme@example.com", add a .I title of "Grand Poobah", and the contents of the file "/tmp/modme.jpeg" as a .IR jpegPhoto , and completely remove the .I description attribute. .LP Assuming that the file .B /tmp/newentry exists and has the contents: .LP .nf dn: cn=Barbara Jensen,dc=example,dc=com objectClass: person cn: Barbara Jensen cn: Babs Jensen sn: Jensen title: the world's most famous mythical manager mail: bjensen@example.com uid: bjensen .fi .LP the command: .LP .nf ldapadd \-f /tmp/newentry .fi .LP will add a new entry for Babs Jensen, using the values from the file .B /tmp/newentry. .LP Assuming that the file .B /tmp/entrymods exists and has the contents: .LP .nf dn: cn=Barbara Jensen,dc=example,dc=com changetype: delete .fi .LP the command: .LP .nf ldapmodify \-f /tmp/entrymods .fi .LP will remove Babs Jensen's entry. .SH DIAGNOSTICS Exit status is zero if no errors occur. Errors result in a non-zero exit status and a diagnostic message being written to standard error. .SH "SEE ALSO" .BR ldapadd (1), .BR ldapdelete (1), .BR ldapmodrdn (1), .BR ldapsearch (1), .BR ldap.conf (5), .BR ldap (3), .BR ldap_add_ext (3), .BR ldap_delete_ext (3), .BR ldap_modify_ext (3), .BR ldap_modrdn_ext (3), .BR ldif (5). .SH AUTHOR The OpenLDAP Project .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man1/ldappasswd.10000644000175000017500000001253414461774414020311 0ustar sergiosergio.TH LDAPPASSWD 1 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldappasswd \- change the password of an LDAP entry .SH SYNOPSIS .B ldappasswd [\c .BR \-V [ V ]] [\c .BI \-d \ debuglevel\fR] [\c .BR \-n ] [\c .BR \-v ] [\c .BR \-A ] [\c .BI \-a \ oldPasswd\fR] [\c .BI \-t \ oldpasswdfile\fR] [\c .BR \-S ] [\c .BI \-s \ newPasswd\fR] [\c .BI \-T \ newpasswdfile\fR] [\c .BR \-x ] [\c .BI \-D \ binddn\fR] [\c .BR \-W ] [\c .BI \-w \ passwd\fR] [\c .BI \-y \ passwdfile\fR] [\c .BI \-H \ ldapuri\fR] [\c .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BI \-o \ opt \fR[= optparam \fR]] [\c .BI \-O \ security-properties\fR] [\c .BR \-I ] [\c .BR \-Q ] [\c .BR \-N ] [\c .BI \-U \ authcid\fR] [\c .BI \-R \ realm\fR] [\c .BI \-X \ authzid\fR] [\c .BI \-Y \ mech\fR] [\c .BR \-Z [ Z ]] [\c .IR user ] .SH DESCRIPTION .B ldappasswd is a tool to set the password of an LDAP user. .B ldappasswd uses the LDAPv3 Password Modify (RFC 3062) extended operation. .LP .B ldappasswd sets the password of associated with the user [or an optionally specified .IR user ]. If the new password is not specified on the command line and the user doesn't enable prompting, the server will be asked to generate a password for the user. .LP .B ldappasswd is neither designed nor intended to be a replacement for .BR passwd (1) and should not be installed as such. .SH OPTIONS .TP .BR \-V [ V ] Print version info. If \fB\-VV\fP is given, only the version information is printed. .TP .BI \-d \ debuglevel Set the LDAP debugging level to \fIdebuglevel\fP. .B ldappasswd must be compiled with LDAP_DEBUG defined for this option to have any effect. .TP .B \-n Do not set password. (Can be useful when used in conjunction with \fB\-v\fP or \fB\-d\fP) .TP .B \-v Increase the verbosity of output. Can be specified multiple times. .TP .BI \-A Prompt for old password. This is used instead of specifying the password on the command line. .TP .BI \-a \ oldPasswd Set the old password to \fIoldPasswd\fP. .TP .BI \-t \ oldPasswdFile Set the old password to the contents of \fIoldPasswdFile\fP. .TP .BI \-S Prompt for new password. This is used instead of specifying the password on the command line. .TP .BI \-s \ newPasswd Set the new password to \fInewPasswd\fP. .TP .BI \-T \ newPasswdFile Set the new password to the contents of \fInewPasswdFile\fP. .TP .B \-x Use simple authentication instead of SASL. .TP .BI \-D \ binddn Use the Distinguished Name \fIbinddn\fP to bind to the LDAP directory. For SASL binds, the server is expected to ignore this value. .TP .BI \-W Prompt for bind password. This is used instead of specifying the password on the command line. .TP .BI \-w \ passwd Use \fIpasswd\fP as the password to bind with. .TP .BI \-y \ passwdfile Use complete contents of \fIpasswdfile\fP as the password for simple authentication. .TP .BI \-H \ ldapuri Specify URI(s) referring to the ldap server(s); only the protocol/host/port fields are allowed; a list of URI, separated by whitespace or commas is expected. .TP .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ] .TP .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ] Specify general extensions with \fB\-e\fP and passwd modify extensions with \fB\-E\fP. \'\fB!\fP\' indicates criticality. General extensions: .nf [!]assert= (an RFC 4515 Filter) !authzid= ("dn:" or "u:") [!]bauthzid (RFC 3829 authzid control) [!]chaining[=[/]] [!]manageDSAit [!]noop ppolicy [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) .fi Passwd Modify extensions: .nf (none) .fi .TP .BI \-o \ opt \fR[= optparam \fR]] Specify any .BR ldap.conf (5) option or one of the following: .nf nettimeout= (in seconds, or "none" or "max") ldif_wrap= (in columns, or "no" for no wrapping) .fi .TP .BI \-O \ security-properties Specify SASL security properties. .TP .B \-I Enable SASL Interactive mode. Always prompt. Default is to prompt only as needed. .TP .B \-Q Enable SASL Quiet mode. Never prompt. .TP .B \-N Do not use reverse DNS to canonicalize SASL host name. .TP .BI \-U \ authcid Specify the authentication ID for SASL bind. The form of the ID depends on the actual SASL mechanism used. .TP .BI \-R \ realm Specify the realm of authentication ID for SASL bind. The form of the realm depends on the actual SASL mechanism used. .TP .BI \-X \ authzid Specify the requested authorization ID for SASL bind. .I authzid must be one of the following formats: .BI dn: "" or .BI u: \fP. .TP .BI \-Y \ mech Specify the SASL mechanism to be used for authentication. If it's not specified, the program will choose the best mechanism the server knows. .TP .BR \-Z [ Z ] Issue StartTLS (Transport Layer Security) extended operation. If you use \fB\-ZZ\fP, the command will require the operation to be successful .SH SEE ALSO .BR ldap_sasl_bind (3), .BR ldap_extended_operation (3), .BR ldap_start_tls_s (3) .SH AUTHOR The OpenLDAP Project .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man1/ldapurl.10000644000175000017500000000747614461774414017623 0ustar sergiosergio.TH LDAPURL 1 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 2008-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldapurl \- LDAP URL formatting tool .SH SYNOPSIS .B ldapurl [\c .BR \-a \ attrs\fR] [\c .BI \-b \ searchbase\fR] [\c .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BI \-f \ filter\fR] [\c .BI \-H \ ldapuri\fR] [\c .BI \-h \ ldaphost\fR] [\c .BI \-p \ ldapport\fR] [\c .BR \-s \ { base \||\| one \||\| sub \||\| children }] [\c .BI \-S \ scheme\fR] .SH DESCRIPTION .I ldapurl is a command that allows one to either compose or decompose LDAP URIs. .LP When invoked with the \fB\-H\fP option, .B ldapurl extracts the components of the \fIldapuri\fP option argument, unescaping hex-escaped chars as required. It basically acts as a frontend to the .BR ldap_url_parse (3) call. Otherwise, it builds an LDAP URI based on the components passed with the appropriate options, performing the inverse operation. Option \fB\-H\fP is incompatible with options .BR \-a , .BR \-b , .BR \-E , .BR \-f , .BR \-H , .BR \-h , .BR \-p , .BR \-S , and .BR \-s . .SH OPTIONS .TP .TP .BI \-a \ attrs Set a comma-separated list of attribute selectors. .TP .BI \-b \ searchbase Set the \fIsearchbase\fP. .TP .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ] Specify general extensions with \fB\-e\fP \'\fB!\fP\' indicates criticality. General extensions: .nf [!]assert= (an RFC 4515 Filter) !authzid= ("dn:" or "u:") [!]bauthzid (RFC 3829 authzid control) [!]chaining[=[/]] [!]manageDSAit [!]noop ppolicy [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) .fi .TP .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ] Set URL extensions; incompatible with .BR \-H . .TP .BI \-f \ filter Set the URL filter. No particular check on conformity with RFC 4515 LDAP filters is performed, but the value is hex-escaped as required. .TP .BI \-H \ ldapuri Specify URI to be exploded. .TP .BI \-h \ ldaphost Set the host. .TP .BI \-p \ ldapport Set the TCP port. .TP .BI \-S \ scheme Set the URL scheme. Defaults for other fields, like \fIldapport\fP, may depend on the value of \fIscheme\fP. .TP .BR \-s \ { base \||\| one \||\| sub \||\| children } Specify the scope of the search to be one of .BR base , .BR one , .BR sub , or .B children to specify a base object, one-level, subtree, or children search. The default is .BR sub . Note: .B children scope requires LDAPv3 subordinate feature extension. .SH OUTPUT FORMAT If the \fB\-H\fP option is used, the \fIldapuri\fP supplied is exploded in its components, which are printed to standard output in an LDIF-like form. .LP Otherwise, the URI built using the values passed with the other options is printed to standard output. .SH EXAMPLE The following command: .LP .nf ldapurl \-h ldap.example.com \-b dc=example,dc=com \-s sub \-f "(cn=Some One)" .fi .LP returns .LP .nf ldap://ldap.example.com:389/dc=example,dc=com??sub?(cn=Some%20One) .fi .LP The command: .LP .nf ldapurl \-H ldap://ldap.example.com:389/dc=example,dc=com??sub?(cn=Some%20One) .fi .LP returns .LP .nf scheme: ldap host: ldap.example.com port: 389 dn: dc=example,dc=com scope: sub filter: (cn=Some One) .fi .LP .SH DIAGNOSTICS Exit status is zero if no errors occur. Errors result in a non-zero exit status and a diagnostic message being written to standard error. .SH "SEE ALSO" .BR ldap (3), .BR ldap_url_parse (3), .SH AUTHOR The OpenLDAP Project .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man1/ldapmodify.1.links0000644000175000017500000000001214461774414021402 0ustar sergiosergioldapadd.1 openldap-2.5.16+dfsg/doc/man/man1/ldapsearch.10000644000175000017500000003274614461774414020264 0ustar sergiosergio.TH LDAPSEARCH 1 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldapsearch \- LDAP search tool .SH SYNOPSIS .B ldapsearch [\c .BR \-V [ V ]] [\c .BI \-d \ debuglevel\fR] [\c .BR \-n ] [\c .BR \-v ] [\c .BR \-c ] [\c .BR \-u ] [\c .BR \-t [ t ]] [\c .BI \-T \ path\fR] [\c .BI \-F \ prefix\fR] [\c .BR \-A ] [\c .BR \-L [ L [ L ]]] [\c .BI \-S \ attribute\fR] [\c .BI \-b \ searchbase\fR] [\c .BR \-s \ { base \||\| one \||\| sub \||\| children }] [\c .BR \-a \ { never \||\| always \||\| search \||\| find }] [\c .BI \-l \ timelimit\fR] [\c .BI \-z \ sizelimit\fR] [\c .BI \-f \ file\fR] [\c .BR \-M [ M ]] [\c .BR \-x ] [\c .BI \-D \ binddn\fR] [\c .BR \-W ] [\c .BI \-w \ passwd\fR] [\c .BI \-y \ passwdfile\fR] [\c .BI \-H \ ldapuri\fR] [\c .BR \-P \ { 2 \||\| 3 }] [\c .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BI \-o \ opt \fR[= optparam \fR]] [\c .BI \-O \ security-properties\fR] [\c .BR \-I ] [\c .BR \-Q ] [\c .BR \-N ] [\c .BI \-U \ authcid\fR] [\c .BI \-R \ realm\fR] [\c .BI \-X \ authzid\fR] [\c .BI \-Y \ mech\fR] [\c .BR \-Z [ Z ]] .I filter [\c .IR attrs... ] .SH DESCRIPTION .I ldapsearch is a shell-accessible interface to the .BR ldap_search_ext (3) library call. .LP .B ldapsearch opens a connection to an LDAP server, binds, and performs a search using specified parameters. The \fIfilter\fP should conform to the string representation for search filters as defined in RFC 4515. If not provided, the default filter, \fB(objectClass=*)\fP, is used. .LP If .B ldapsearch finds one or more entries, the attributes specified by \fIattrs\fP are returned. If \fB*\fP is listed, all user attributes are returned. If \fB+\fP is listed, all operational attributes are returned. If no \fIattrs\fP are listed, all user attributes are returned. If only 1.1 is listed, no attributes will be returned. .LP The search results are displayed using an extended version of LDIF. Option \fI\-L\fP controls the format of the output. .SH OPTIONS .TP .BR \-V [ V ] Print version info. If \fB\-VV\fP is given, exit after providing version info. Otherwise proceed with the specified search .TP .BI \-d \ debuglevel Set the LDAP debugging level to \fIdebuglevel\fP. .B ldapsearch must be compiled with LDAP_DEBUG defined for this option to have any effect. .TP .B \-n Show what would be done, but don't actually perform the search. Useful for debugging in conjunction with \fB\-v\fP. .TP .B \-v Run in verbose mode, with many diagnostics written to standard output. .TP .B \-c Continuous operation mode. Errors are reported, but ldapsearch will continue with searches. The default is to exit after reporting an error. Only useful in conjunction with \fB\-f\fP. .TP .B \-u Include the User Friendly Name form of the Distinguished Name (DN) in the output. .TP .BR \-t [ t ] A single \fB\-t\fP writes retrieved non-printable values to a set of temporary files. This is useful for dealing with values containing non-character data such as jpegPhoto or audio. A second \fB\-t\fP writes all retrieved values to files. .TP .BI \-T \ path Write temporary files to directory specified by \fIpath\fP (default: \fB/var/tmp/\fP) .TP .BI \-F \ prefix URL prefix for temporary files. Default is \fBfile://\fIpath\fP where \fIpath\fP is \fB/var/tmp/\fP or specified with \fB\-T\fP. .TP .B \-A Retrieve attributes only (no values). This is useful when you just want to see if an attribute is present in an entry and are not interested in the specific values. .TP .B \-L Search results are display in LDAP Data Interchange Format detailed in .BR ldif (5). A single \fB\-L\fP restricts the output to LDIFv1. A second \fB\-L\fP disables comments. A third \fB\-L\fP disables printing of the LDIF version. The default is to use an extended version of LDIF. .TP .BI \-S \ attribute Sort the entries returned based on \fIattribute\fP. The default is not to sort entries returned. If \fIattribute\fP is a zero-length string (""), the entries are sorted by the components of their Distinguished Name. See .BR ldap_sort (3) for more details. Note that .B ldapsearch normally prints out entries as it receives them. The use of the \fB\-S\fP option defeats this behavior, causing all entries to be retrieved, then sorted, then printed. .TP .BI \-b \ searchbase Use \fIsearchbase\fP as the starting point for the search instead of the default. .TP .BR \-s \ { base \||\| one \||\| sub \||\| children } Specify the scope of the search to be one of .BR base , .BR one , .BR sub , or .B children to specify a base object, one-level, subtree, or children search. The default is .BR sub . Note: .I children scope requires LDAPv3 subordinate feature extension. .TP .BR \-a \ { never \||\| always \||\| search \||\| find } Specify how aliases dereferencing is done. Should be one of .BR never , .BR always , .BR search , or .B find to specify that aliases are never dereferenced, always dereferenced, dereferenced when searching, or dereferenced only when locating the base object for the search. The default is to never dereference aliases. .TP .BI \-l \ timelimit wait at most \fItimelimit\fP seconds for a search to complete. A timelimit of .I 0 (zero) or .I none means no limit. A timelimit of .I max means the maximum integer allowable by the protocol. A server may impose a maximal timelimit which only the root user may override. .TP .BI \-z \ sizelimit retrieve at most \fIsizelimit\fP entries for a search. A sizelimit of .I 0 (zero) or .I none means no limit. A sizelimit of .I max means the maximum integer allowable by the protocol. A server may impose a maximal sizelimit which only the root user may override. .TP .BI \-f \ file Read a series of lines from \fIfile\fP, performing one LDAP search for each line. In this case, the \fIfilter\fP given on the command line is treated as a pattern where the first and only occurrence of \fB%s\fP is replaced with a line from \fIfile\fP. Any other occurrence of the the \fB%\fP character in the pattern will be regarded as an error. Where it is desired that the search filter include a \fB%\fP character, the character should be encoded as \fB\\25\fP (see RFC 4515). If \fIfile\fP is a single \fB\-\fP character, then the lines are read from standard input. .B ldapsearch will exit when the first non-successful search result is returned, unless \fB\-c\fP is used. .TP .BR \-M [ M ] Enable manage DSA IT control. .B \-MM makes control critical. .TP .B \-x Use simple authentication instead of SASL. .TP .BI \-D \ binddn Use the Distinguished Name \fIbinddn\fP to bind to the LDAP directory. For SASL binds, the server is expected to ignore this value. .TP .B \-W Prompt for simple authentication. This is used instead of specifying the password on the command line. .TP .BI \-w \ passwd Use \fIpasswd\fP as the password for simple authentication. .TP .BI \-y \ passwdfile Use complete contents of \fIpasswdfile\fP as the password for simple authentication. .TP .BI \-H \ ldapuri Specify URI(s) referring to the ldap server(s); a list of URI, separated by whitespace or commas is expected; only the protocol/host/port fields are allowed. As an exception, if no host/port is specified, but a DN is, the DN is used to look up the corresponding host(s) using the DNS SRV records, according to RFC 2782. The DN must be a non-empty sequence of AVAs whose attribute type is "dc" (domain component), and must be escaped according to RFC 2396. .TP .BR \-P \ { 2 \||\| 3 } Specify the LDAP protocol version to use. .TP .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ] .TP .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ] Specify general extensions with \fB\-e\fP and search extensions with \fB\-E\fP. \'\fB!\fP\' indicates criticality. General extensions: .nf [!]assert= (an RFC 4515 Filter) !authzid= ("dn:" or "u:") [!]bauthzid (RFC 3829 authzid control) [!]chaining[=[/]] [!]manageDSAit [!]noop ppolicy [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) .fi Search extensions: .nf !dontUseCopy [!]domainScope (domain scope) [!]mv= (matched values filter) [!]pr=[/prompt|noprompt] (paged results/prompt) [!]sss=[\-][/[\-]...] (server side sorting) [!]subentries[=true|false] (subentries) [!]sync=ro[/] (LDAP Sync refreshOnly) rp[/][/] (LDAP Sync refreshAndPersist) [!]vlv=/(//|:) (virtual list view) [!]deref=derefAttr:attr[,attr[...]][;derefAttr:attr[,attr[...]]] [!][=:|::] .fi .TP .BI \-o \ opt \fR[= optparam \fR] Specify any .BR ldap.conf (5) option or one of the following: .nf nettimeout= (in seconds, or "none" or "max") ldif_wrap= (in columns, or "no" for no wrapping) .fi .TP .BI \-O \ security-properties Specify SASL security properties. .TP .B \-I Enable SASL Interactive mode. Always prompt. Default is to prompt only as needed. .TP .B \-Q Enable SASL Quiet mode. Never prompt. .TP .B \-N Do not use reverse DNS to canonicalize SASL host name. .TP .BI \-U \ authcid Specify the authentication ID for SASL bind. The form of the ID depends on the actual SASL mechanism used. .TP .BI \-R \ realm Specify the realm of authentication ID for SASL bind. The form of the realm depends on the actual SASL mechanism used. .TP .BI \-X \ authzid Specify the requested authorization ID for SASL bind. .I authzid must be one of the following formats: .BI dn: "" or .BI u: .TP .BI \-Y \ mech Specify the SASL mechanism to be used for authentication. If it's not specified, the program will choose the best mechanism the server knows. .TP .BR \-Z [ Z ] Issue StartTLS (Transport Layer Security) extended operation. If you use \fB\-ZZ\fP, the command will require the operation to be successful. .SH OUTPUT FORMAT If one or more entries are found, each entry is written to standard output in LDAP Data Interchange Format or .BR ldif (5): .LP .nf version: 1 # bjensen, example, net dn: uid=bjensen,dc=example,dc=net objectClass: person objectClass: dcObject uid: bjensen cn: Barbara Jensen sn: Jensen ... .fi .LP If the \fB\-t\fP option is used, the URI of a temporary file is used in place of the actual value. If the \fB\-A\fP option is given, only the "attributename" part is written. .SH EXAMPLE The following command: .LP .nf ldapsearch \-LLL "(sn=smith)" cn sn telephoneNumber .fi .LP will perform a subtree search (using the default search base and other parameters defined in .BR ldap.conf (5)) for entries with a surname (sn) of smith. The common name (cn), surname (sn) and telephoneNumber values will be retrieved and printed to standard output. The output might look something like this if two entries are found: .LP .nf dn: uid=jts,dc=example,dc=com cn: John Smith cn: John T. Smith sn: Smith sn;lang\-en: Smith sn;lang\-de: Schmidt telephoneNumber: 1 555 123\-4567 dn: uid=sss,dc=example,dc=com cn: Steve Smith cn: Steve S. Smith sn: Smith sn;lang\-en: Smith sn;lang\-de: Schmidt telephoneNumber: 1 555 765\-4321 .fi .LP The command: .LP .nf ldapsearch \-LLL \-u \-t "(uid=xyz)" jpegPhoto audio .fi .LP will perform a subtree search using the default search base for entries with user id of "xyz". The user friendly form of the entry's DN will be output after the line that contains the DN itself, and the jpegPhoto and audio values will be retrieved and written to temporary files. The output might look like this if one entry with one value for each of the requested attributes is found: .LP .nf dn: uid=xyz,dc=example,dc=com ufn: xyz, example, com audio:< file:///tmp/ldapsearch\-audio\-a19924 jpegPhoto:< file:///tmp/ldapsearch\-jpegPhoto\-a19924 .fi .LP This command: .LP .nf ldapsearch \-LLL \-s one \-b "c=US" "(o=University*)" o description .fi .LP will perform a one-level search at the c=US level for all entries whose organization name (o) begins with \fBUniversity\fP. The organization name and description attribute values will be retrieved and printed to standard output, resulting in output similar to this: .LP .nf dn: o=University of Alaska Fairbanks,c=US o: University of Alaska Fairbanks description: Naturally Inspiring description: leaf node only dn: o=University of Colorado at Boulder,c=US o: University of Colorado at Boulder description: No personnel information description: Institution of education and research dn: o=University of Colorado at Denver,c=US o: University of Colorado at Denver o: UCD o: CU/Denver o: CU\-Denver description: Institute for Higher Learning and Research dn: o=University of Florida,c=US o: University of Florida o: UFl description: Warper of young minds ... .fi .SH DIAGNOSTICS Exit status is zero if no errors occur. Errors result in a non-zero exit status and a diagnostic message being written to standard error. .SH "SEE ALSO" .BR ldapadd (1), .BR ldapdelete (1), .BR ldapmodify (1), .BR ldapmodrdn (1), .BR ldap.conf (5), .BR ldif (5), .BR ldap (3), .BR ldap_search_ext (3), .BR ldap_sort (3) .SH AUTHOR The OpenLDAP Project .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man1/ldapmodrdn.10000644000175000017500000001443014461774414020270 0ustar sergiosergio.TH LDAPMODRDN 1 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldapmodrdn \- LDAP rename entry tool .SH SYNOPSIS .B ldapmodrdn [\c .BR \-V [ V ]] [\c .BI \-d \ debuglevel\fR] [\c .BR \-n ] [\c .BR \-v ] [\c .BR \-r ] [\c .BI \-s \ newsup\fR] [\c .BR \-c ] [\c .BI \-f \ file\fR] [\c .BR \-M [ M ]] [\c .BR \-x ] [\c .BI \-D \ binddn\fR] [\c .BR \-W ] [\c .BI \-w \ passwd\fR] [\c .BI \-y \ passwdfile\fR] [\c .BI \-H \ ldapuri\fR] [\c .BR \-P \ { 2 \||\| 3 }] [\c .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BI \-o \ opt \fR[= optparam \fR]] [\c .BI \-O \ security-properties\fR] [\c .BR \-I ] [\c .BR \-Q ] [\c .BR \-N ] [\c .BI \-U \ authcid\fR] [\c .BI \-R \ realm\fR] [\c .BI \-X \ authzid\fR] [\c .BI \-Y \ mech\fR] [\c .BR \-Z [ Z ]] [\c .I dn rdn\fR] .SH DESCRIPTION .B ldapmodrdn is a shell-accessible interface to the .BR ldap_rename (3) library call. .LP .B ldapmodrdn opens a connection to an LDAP server, binds, and modifies the RDN of entries. The entry information is read from standard input, from \fIfile\fP through the use of the .RI \- f option, or from the command-line pair \fIdn\fP and \fIrdn\fP. .SH OPTIONS .TP .BR \-V [ V ] Print version info. If \fB\-VV\fP is given, only the version information is printed. .TP .BI \-d \ debuglevel Set the LDAP debugging level to \fIdebuglevel\fP. .B ldapmodrdn must be compiled with LDAP_DEBUG defined for this option to have any effect. .TP .B \-n Show what would be done, but don't actually change entries. Useful for debugging in conjunction with \fB\-v\fP. .TP .B \-v Use verbose mode, with many diagnostics written to standard output. .TP .B \-r Remove old RDN values from the entry. Default is to keep old values. .TP .BI \-s \ newsup Specify a new superior entry. (I.e., move the target entry and make it a child of the new superior.) This option is not supported in LDAPv2. .TP .B \-c Continuous operation mode. Errors are reported, but ldapmodrdn will continue with modifications. The default is to exit after reporting an error. .TP .BI \-f \ file Read the entry modification information from \fIfile\fP instead of from standard input or the command-line. .TP .BR \-M [ M ] Enable manage DSA IT control. .B \-MM makes control critical. .TP .B \-x Use simple authentication instead of SASL. .TP .BI \-D \ binddn Use the Distinguished Name \fIbinddn\fP to bind to the LDAP directory. For SASL binds, the server is expected to ignore this value. .TP .B \-W Prompt for simple authentication. This is used instead of specifying the password on the command line. .TP .BI \-w \ passwd Use \fIpasswd\fP as the password for simple authentication. .TP .BI \-y \ passwdfile Use complete contents of \fIpasswdfile\fP as the password for simple authentication. .TP .BI \-H \ ldapuri Specify URI(s) referring to the ldap server(s); only the protocol/host/port fields are allowed; a list of URI, separated by whitespace or commas is expected. .TP .BR \-P \ { 2 \||\| 3 } Specify the LDAP protocol version to use. .TP .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ] .TP .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ] Specify general extensions with \fB\-e\fP and modrdn extensions with \fB\-E\fP. \'\fB!\fP\' indicates criticality. General extensions: .nf [!]assert= (an RFC 4515 Filter) !authzid= ("dn:" or "u:") [!]bauthzid (RFC 3829 authzid control) [!]chaining[=[/]] [!]manageDSAit [!]noop ppolicy [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) .fi Modrdn extensions: .nf (none) .fi .TP .BI \-o \ opt \fR[= optparam \fR] Specify any .BR ldap.conf (5) option or one of the following: .nf nettimeout= (in seconds, or "none" or "max") ldif_wrap= (in columns, or "no" for no wrapping) .fi .TP .BI \-O \ security-properties Specify SASL security properties. .TP .B \-I Enable SASL Interactive mode. Always prompt. Default is to prompt only as needed. .TP .B \-Q Enable SASL Quiet mode. Never prompt. .TP .B \-N Do not use reverse DNS to canonicalize SASL host name. .TP .BI \-U \ authcid Specify the authentication ID for SASL bind. The form of the ID depends on the actual SASL mechanism used. .TP .BI \-R \ realm Specify the realm of authentication ID for SASL bind. The form of the realm depends on the actual SASL mechanism used. .TP .BI \-X \ authzid Specify the requested authorization ID for SASL bind. .I authzid must be one of the following formats: .BI dn: "" or .BI u: .TP .BI \-Y \ mech Specify the SASL mechanism to be used for authentication. If it's not specified, the program will choose the best mechanism the server knows. .TP .BR \-Z [ Z ] Issue StartTLS (Transport Layer Security) extended operation. If you use \fB\-ZZ\fP, the command will require the operation to be successful. .SH INPUT FORMAT If the command-line arguments \fIdn\fP and \fIrdn\fP are given, \fIrdn\fP will replace the RDN of the entry specified by the DN, \fIdn\fP. .LP Otherwise, the contents of \fIfile\fP (or standard input if no \fB\-f\fP flag is given) should consist of one or more entries. .LP .nf Distinguished Name (DN) Relative Distinguished Name (RDN) .fi .LP One or more blank lines may be used to separate each DN/RDN pair. .SH EXAMPLE Assuming that the file .B /tmp/entrymods exists and has the contents: .LP .nf cn=Modify Me,dc=example,dc=com cn=The New Me .fi .LP the command: .LP .nf ldapmodrdn \-r \-f /tmp/entrymods .fi .LP will change the RDN of the "Modify Me" entry from "Modify Me" to "The New Me" and the old cn, "Modify Me" will be removed. .LP .SH DIAGNOSTICS Exit status is 0 if no errors occur. Errors result in a non-zero exit status and a diagnostic message being written to standard error. .SH "SEE ALSO" .BR ldapadd (1), .BR ldapdelete (1), .BR ldapmodify (1), .BR ldapsearch (1), .BR ldap.conf (5), .BR ldap (3), .BR ldap_rename (3) .SH AUTHOR The OpenLDAP Project .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man1/ldapexop.10000644000175000017500000001310014461774414017751 0ustar sergiosergio.\" $OpenLDAP$ .\" This contribution is derived from OpenLDAP Software. .\" All of the modifications to OpenLDAP Software represented in this .\" contribution were developed by Peter Marschall . .\" I have not assigned rights and/or interest in this work to any party. .\" .\" Copyright 2009 Peter Marschall .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted only as authorized by the OpenLDAP Public License. .\" .\" A copy of this license is available in file LICENSE in the .\" top-level directory of the distribution or, alternatively, at .\" http://www.OpenLDAP.org/license.html. .TH LDAPEXOP 1 .SH NAME ldapexop \- issue LDAP extended operations .SH SYNOPSIS ldapexop [\c .BR \-V [ V ]] [\c .BI \-d \ debuglevel\fR] [\c .BR \-n ] [\c .BR \-v ] [\c .BI \-f \ file\fR] [\c .BR \-x ] [\c .BI \-D \ binddn\fR] [\c .BR \-W ] [\c .BI \-w \ passwd\fR] [\c .BI \-y \ passwdfile\fR] [\c .BI \-H \ URI\fR] [\c .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BI \-o \ opt \fR[= optparam \fR]] [\c .BI \-O \ security-properties\fR] [\c .BR \-I ] [\c .BR \-Q ] [\c .BR \-N ] [\c .BI \-U \ authcid\fR] [\c .BI \-R \ realm\fR] [\c .BI \-X \ authzid\fR] [\c .BI \-Y \ mech\fR] [\c .BR \-Z [ Z ]] {\c .I oid | .BI oid: data | .BI oid:: b64data | .B whoami | .BI cancel \ cancel-id | .BI refresh \ DN \ \fR[\fIttl\fR]} .SH DESCRIPTION ldapexop issues the LDAP extended operation specified by \fBoid\fP or one of the special keywords \fBwhoami\fP, \fBcancel\fP, or \fBrefresh\fP. Additional data for the extended operation can be passed to the server using \fIdata\fP or base-64 encoded as \fIb64data\fP in the case of \fBoid\fP, or using the additional parameters in the case of the specially named extended operations above. Please note that ldapexop behaves differently for the same extended operation when it was given as an OID or as a specially named operation: Calling ldapexop with the OID of the \fBwhoami\fP (RFC 4532) extended operation .nf ldapexop [] 1.3.6.1.4.1.4203.1.11.3 .fi yields .nf # extended operation response data:: .fi while calling it with the keyword \fBwhoami\fP .nf ldapexop [] whoami .fi results in .nf dn: .fi .SH OPTIONS .TP .BI \-V [ V ] Print version info. If\fB\-VV\fP is given, only the version information is printed. .TP .BI \-d \ debuglevel Set the LDAP debugging level to \fIdebuglevel\fP. .TP .BI \-n Show what would be done but don't actually do it. Useful for debugging in conjunction with \fB\-v\fP. .TP .BI \-v Run in verbose mode, with many diagnostics written to standard output. .TP .BI \-f \ file Read operations from \fIfile\fP. .TP .BI \-x Use simple authentication instead of SASL. .TP .BI \-D \ binddn Use the Distinguished Name \fIbinddn\fP to bind to the LDAP directory. .TP .BI \-W Prompt for simple authentication. This is used instead of specifying the password on the command line. .TP .BI \-w \ passwd Use \fIpasswd\fP as the password for simple authentication. .TP .BI \-y \ passwdfile Use complete contents of \fIpasswdfile\fP as the password for simple authentication. .TP .BI \-H \ URI Specify URI(s) referring to the ldap server(s); only the protocol/host/port fields are allowed; a list of URI, separated by whitespace or commas is expected. .TP .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ] Specify general extensions. \'!\' indicates criticality. .nf [!]assert= (an RFC 4515 Filter) !authzid= ("dn:" or "u:") [!]bauthzid (RFC 3829 authzid control) [!]chaining[=[/]] [!]manageDSAit [!]noop ppolicy [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) .fi .TP .BI \-o \ opt \fR[= optparam \fR] Specify any .BR ldap.conf (5) option or one of the following: .nf nettimeout= (in seconds, or "none" or "max") ldif_wrap= (in columns, or "no" for no wrapping) .fi .TP .BI \-O \ security-properties Specify SASL security properties. .TP .BI \-I Enable SASL Interactive mode. Always prompt. Default is to prompt only as needed. .TP .BI \-Q Enable SASL Quiet mode. Never prompt. .TP .B \-N Do not use reverse DNS to canonicalize SASL host name. .TP .BI \-U \ authcid Specify the authentication ID for SASL bind. The form of the ID depends on the actual SASL mechanism used. .TP .BI \-R \ realm Specify the realm of authentication ID for SASL bind. The form of the realm depends on the actual SASL mechanism used. .TP .BI \-X \ authzid Specify the requested authorization ID for SASL bind. .I authzid must be one of the following formats: .BI dn: "" or .BI u: .TP .BI \-Y \ mech Specify the SASL mechanism to be used for authentication. Without this option, the program will choose the best mechanism the server knows. .TP .BR \-Z [ Z ] Issue StartTLS (Transport Layer Security) extended operation. Giving it twice (\fB\-ZZ\fP) will require the operation to be successful. .SH DIAGNOSTICS Exit status is zero if no errors occur. Errors result in a non-zero exit status and a diagnostic message being written to standard error. .SH "SEE ALSO" .BR ldap_extended_operation_s (3) .SH AUTHOR This manual page was written by Peter Marschall based on \fBldapexop\fP's usage message and a few tests with \fBldapexop\fP. Do not expect it to be complete or absolutely correct. .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man1/ldapvc.10000644000175000017500000001231214461774414017412 0ustar sergiosergio.TH LDAPVC 1 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldapvc \- LDAP verify credentials tool .SH SYNOPSIS .B ldapvc [\c .BR \-V [ V ]] [\c .BI \-d \ debuglevel\fR] [\c .BR \-a ] [\c .BR \-b ] [\c .BR \-n ] [\c .BR \-v ] [\c .BR \-x ] [\c .BI \-D \ binddn\fR] [\c .BR \-W ] [\c .BI \-w \ passwd\fR] [\c .BI \-y \ passwdfile\fR] [\c .BI \-H \ ldapuri\fR] [\c .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BI \-o \ opt \fR[= optparam \fR]] [\c .BI \-O \ security-properties\fR] [\c .BR \-I ] [\c .BR \-Q ] [\c .BR \-N ] [\c .BI \-U \ authcid\fR] [\c .BI \-R \ realm\fR] [\c .BI \-X \ authzid\fR] [\c .BI \-Y \ mech\fR] [\c .BR \-Z [ Z ]] \c .I Distinguished Name \ \c .I [Credentials] .SH DESCRIPTION .I ldapvc implements the LDAP "Verify Credentials" extended operation. .LP .B Verify Credentials operation behaves like LDAP Bind but has no impact upon the underlying LDAP session. .SH OPTIONS .TP .BR \-V [ V ] Print version info. If \fB\-VV\fP is given, only the version information is printed. .TP .BI \-d \ debuglevel Set the LDAP debugging level to \fIdebuglevel\fP. .B ldapvc must be compiled with LDAP_DEBUG defined for this option to have any effect. .TP .B \-a Print the authzID resulting from a successful verification of credentials. .TP .B \-b Print the results from the ppolicy control after verification of credentials. .TP .B \-n Show what would be done, but don't actually perform the operation. Useful for debugging in conjunction with \fB\-v\fP. .TP .B \-v Run in verbose mode, with many diagnostics written to standard output. .TP .B \-x Use simple authentication instead of SASL. .TP .BI \-D \ binddn Use the Distinguished Name \fIbinddn\fP to bind to the LDAP directory. For SASL binds, the server is expected to ignore this value. .TP .B \-W Prompt for simple authentication. This is used instead of specifying the password on the command line. .TP .BI \-w \ passwd Use \fIpasswd\fP as the password for simple authentication. .TP .BI \-y \ passwdfile Use complete contents of \fIpasswdfile\fP as the password for simple authentication. .TP .BI \-H \ ldapuri Specify URI(s) referring to the ldap server(s); only the protocol/host/port fields are allowed; a list of URI, separated by whitespace or commas is expected. .TP .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ] .TP .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ] Specify general extensions with \fB\-e\fP and Verify Credentials extensions with \fB\-E\fP. \'\fB!\fP\' indicates criticality. General extensions: .nf [!]assert= (an RFC 4515 Filter) [!]bauthzid (RFC 3829 authzid control) [!]chaining[=[/]] [!]manageDSAit [!]noop ppolicy [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) .fi .sp Verify Credentials extensions: .sp The following options set SASL params on the Verify Credentials request: .nf authcid= (SASL Authentication Identity "dn:" or "u:") authzid= (SASL Authorization Identity "dn:" or "u:") mech= (SASL mechanism default e.g. Simple) realm= (SASL Realm, defaults to none) sasl=a[utomatic]|i[nteractive]|q[uiet] (SASL mode defaults to automatic if any other -E option provided, otherwise none) secprops= (SASL Security Properties) .fi .TP .BI \-o \ opt \fR[= optparam \fR] Specify any .BR ldap.conf (5) option or one of the following: .nf nettimeout= (in seconds, or "none" or "max") ldif_wrap= (in columns, or "no" for no wrapping) .fi .B -o option that can be passed here, check .BR ldap.conf (5) for details. .TP .BI \-O \ security-properties Specify SASL security properties. .TP .B \-I Enable SASL Interactive mode. Always prompt. Default is to prompt only as needed. .TP .B \-Q Enable SASL Quiet mode. Never prompt. .TP .B \-N Do not use reverse DNS to canonicalize SASL host name. .TP .BI \-U \ authcid Specify the authentication ID for SASL bind. The form of the ID depends on the actual SASL mechanism used. .TP .BI \-R \ realm Specify the realm of authentication ID for SASL bind. The form of the realm depends on the actual SASL mechanism used. .TP .BI \-X \ authzid Specify the requested authorization ID for SASL bind. .I authzid must be one of the following formats: .BI dn: "" or .BI u: .TP .BI \-Y \ mech Specify the SASL mechanism to be used for authentication. If it's not specified, the program will choose the best mechanism the server knows. .TP .BR \-Z [ Z ] Issue StartTLS (Transport Layer Security) extended operation. If you use \fB\-ZZ\fP, the command will require the operation to be successful. .SH EXAMPLE .nf ldapvc \-x "uid=Alice,ou=People,dc=example,dc=com" .fi .SH "SEE ALSO" .BR ldap.conf (5), .BR ldap (3), .BR ldap_extended_operation (3) .SH AUTHOR The OpenLDAP Project .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man1/ldapcompare.10000644000175000017500000001411114461774414020427 0ustar sergiosergio.TH LDAPCOMPARE 1 "RELEASEDATE" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .SH NAME ldapcompare \- LDAP compare tool .SH SYNOPSIS .B ldapcompare [\c .BR \-V [ V ]] [\c .BI \-d \ debuglevel\fR] [\c .BR \-n ] [\c .BR \-v ] [\c .BR \-z ] [\c .BR \-M [ M ]] [\c .BR \-x ] [\c .BI \-D \ binddn\fR] [\c .BR \-W ] [\c .BI \-w \ passwd\fR] [\c .BI \-y \ passwdfile\fR] [\c .BI \-H \ ldapuri\fR] [\c .BR \-P \ { 2 \||\| 3 }] [\c .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] [\c .BI \-o \ opt \fR[= optparam \fR]] [\c .BI \-O \ security-properties\fR] [\c .BR \-I ] [\c .BR \-Q ] [\c .BR \-N ] [\c .BI \-U \ authcid\fR] [\c .BI \-R \ realm\fR] [\c .BI \-X \ authzid\fR] [\c .BI \-Y \ mech\fR] [\c .BR \-Z [ Z ]] .IR DN {\c .BI attr: value | .BI attr:: b64value\fR} .SH DESCRIPTION .I ldapcompare is a shell-accessible interface to the .BR ldap_compare_ext (3) library call. .LP .B ldapcompare opens a connection to an LDAP server, binds, and performs a compare using specified parameters. The \fIDN\fP should be a distinguished name in the directory. \fIAttr\fP should be a known attribute. If followed by one colon, the assertion \fIvalue\fP should be provided as a string. If followed by two colons, the base64 encoding of the value is provided. The result code of the compare is provided as the exit code and, unless ran with \fB\-z\fP, the program prints TRUE, FALSE, or UNDEFINED on standard output. .LP .SH OPTIONS .TP .BR \-V [ V ] Print version info. If \fB\-VV\fP is given, only the version information is printed. .TP .BI \-d \ debuglevel Set the LDAP debugging level to \fIdebuglevel\fP. .B ldapcompare must be compiled with LDAP_DEBUG defined for this option to have any effect. .TP .B \-n Show what would be done, but don't actually perform the compare. Useful for debugging in conjunction with \fB\-v\fP. .TP .B \-v Run in verbose mode, with many diagnostics written to standard output. .TP .B \-z Run in quiet mode, no output is written. You must check the return status. Useful in shell scripts. .TP .BR \-M [ M ] Enable manage DSA IT control. .B \-MM makes control critical. .TP .B \-x Use simple authentication instead of SASL. .TP .BI \-D \ binddn Use the Distinguished Name \fIbinddn\fP to bind to the LDAP directory. For SASL binds, the server is expected to ignore this value. .TP .B \-W Prompt for simple authentication. This is used instead of specifying the password on the command line. .TP .BI \-w \ passwd Use \fIpasswd\fP as the password for simple authentication. .TP .BI \-y \ passwdfile Use complete contents of \fIpasswdfile\fP as the password for simple authentication. Note that \fIcomplete\fP means that any leading or trailing whitespaces, including newlines, will be considered part of the password and, unlike other software, they will not be stripped. As a consequence, passwords stored in files by commands like .BR echo (1) will not behave as expected, since .BR echo (1) by default appends a trailing newline to the echoed string. The recommended portable way to store a cleartext password in a file for use with this option is to use .BR slappasswd (8) with \fI{CLEARTEXT}\fP as hash and the option \fB\-n\fP. .TP .BI \-H \ ldapuri Specify URI(s) referring to the ldap server(s); only the protocol/host/port fields are allowed; a list of URI, separated by whitespace or commas is expected. .TP .BR \-P \ { 2 \||\| 3 } Specify the LDAP protocol version to use. .TP .BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ] .TP .BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ] Specify general extensions with \fB\-e\fP and compare extensions with \fB\-E\fP. \'\fB!\fP\' indicates criticality. General extensions: .nf [!]assert= (an RFC 4515 Filter) !authzid= ("dn:" or "u:") [!]bauthzid (RFC 3829 authzid control) [!]chaining[=[/]] [!]manageDSAit [!]noop ppolicy [!]postread[=] (a comma-separated attribute list) [!]preread[=] (a comma-separated attribute list) [!]relax sessiontracking[=] abandon,cancel,ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) .fi Compare extensions: .nf !dontUseCopy .fi .TP .BI \-o \ opt \fR[= optparam \fR] Specify any .BR ldap.conf (5) option or one of the following: .nf nettimeout= (in seconds, or "none" or "max") ldif_wrap= (in columns, or "no" for no wrapping) .fi .TP .BI \-O \ security-properties Specify SASL security properties. .TP .B \-I Enable SASL Interactive mode. Always prompt. Default is to prompt only as needed. .TP .B \-Q Enable SASL Quiet mode. Never prompt. .TP .B \-N Do not use reverse DNS to canonicalize SASL host name. .TP .BI \-U \ authcid Specify the authentication ID for SASL bind. The form of the ID depends on the actual SASL mechanism used. .TP .BI \-R \ realm Specify the realm of authentication ID for SASL bind. The form of the realm depends on the actual SASL mechanism used. .TP .BI \-X \ authzid Specify the requested authorization ID for SASL bind. .I authzid must be one of the following formats: .BI dn: "" or .BI u: .TP .BI \-Y \ mech Specify the SASL mechanism to be used for authentication. If it's not specified, the program will choose the best mechanism the server knows. .TP .BR \-Z [ Z ] Issue StartTLS (Transport Layer Security) extended operation. If you use \fB\-ZZ\fP, the command will require the operation to be successful. .SH EXAMPLES .nf ldapcompare "uid=babs,dc=example,dc=com" sn:Jensen ldapcompare "uid=babs,dc=example,dc=com" sn::SmVuc2Vu .fi are all equivalent. .SH LIMITATIONS Requiring the value be passed on the command line is limiting and introduces some security concerns. The command should support a mechanism to specify the location (file name or URL) to read the value from. .SH "SEE ALSO" .BR ldap.conf (5), .BR ldif (5), .BR ldap (3), .BR ldap_compare_ext (3) .SH AUTHOR The OpenLDAP Project .SH ACKNOWLEDGEMENTS .so ../Project openldap-2.5.16+dfsg/doc/man/man1/Makefile.in0000644000175000017500000000103014461774414020117 0ustar sergiosergio# man1 Makefile.in for OpenLDAP # $OpenLDAP$ ## This work is part of OpenLDAP Software . ## ## Copyright 1998-2022 The OpenLDAP Foundation. ## All rights reserved. ## ## Redistribution and use in source and binary forms, with or without ## modification, are permitted only as authorized by the OpenLDAP ## Public License. ## ## A copy of this license is available in the file LICENSE in the ## top-level directory of the distribution or, alternatively, at ## . MANSECT=1 openldap-2.5.16+dfsg/doc/man/Project0000644000175000017500000000034514461774414016557 0ustar sergiosergio.\" Shared Project Acknowledgement Text .B "OpenLDAP Software" is developed and maintained by The OpenLDAP Project . .B "OpenLDAP Software" is derived from the University of Michigan LDAP 3.3 Release. openldap-2.5.16+dfsg/doc/man/man5/0000755000175000017500000000000014461774414016064 5ustar sergiosergioopenldap-2.5.16+dfsg/doc/man/man5/slapo-deref.50000644000175000017500000000350014461774414020351 0ustar sergiosergio.TH SLAPO-DEREF 5 "RELEASEDATE" "OpenLDAP LDVERSION" .\" Copyright 2008-2022 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .\" $OpenLDAP$ .SH NAME slapo\-deref \- Dereference Control overlay to slapd .SH SYNOPSIS ETCDIR/slapd.conf .TP ETCDIR/slapd.d .SH DESCRIPTION This overlay implements the draft Dereference control. The overlay can be used with any backend or globally for all backends. .SH EXAMPLES .nf database mdb ... overlay deref .fi Given these entries: .nf dn: cn=Howard Chu,ou=people,dc=example,dc=org objectClass: inetOrgPerson cn: Howard Chu sn: Chu uid: hyc dn: cn=Pierangelo Masarati,ou=people,dc=example,dc=org objectClass: inetOrgPerson cn: Pierangelo Masarati sn: Masarati uid: ando dn: cn=Test Group,ou=groups,dc=example,dc=org objectClass: groupOfNames cn: Test Group member: cn=Howard Chu,ou=people,dc=example,dc=org member: cn=Pierangelo Masarati,ou=people,dc=example,dc=org .fi A search could be performed with a Dereference request control value specified as .nf { member, uid } .fi I.e., .nf ldapsearch -x -b dc=example,dc=org -E 'deref=member:uid' .fi and the "cn=Test Group" entry would be returned with the response control value .nf { { member, cn=Howard Chu,ou=people,dc=example,dc=org, { { uid, [hyc] } } }, { member, cn=Pierangelo Masarati,ou=people,dc=example,dc=org, { { uid, [ando] } } } } .fi .SH FILES .TP ETCDIR/slapd.conf default slapd configuration file .TP ETCDIR/slapd.d default slapd configuration directory .SH SEE ALSO .BR slapd.conf (5), .BR slapd\-config (5). .LP "OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/) .LP IETF LDAP Dereference Control proposal by P. Masarati, H. Chu, in IETF document "draft-masarati-ldap-deref-00.txt". .SH AUTHOR Pierangelo Masarati openldap-2.5.16+dfsg/doc/man/man5/slapo-pbind.50000644000175000017500000000255214461774414020366 0ustar sergiosergio.TH SLAPO-PBIND 5 "RELEASEDATE" "OpenLDAP LDVERSION" .\" Copyright 2010-2022 The OpenLDAP Foundation, All Rights Reserved. .\" Copying restrictions apply. See the COPYRIGHT file. .\" $OpenLDAP$ .SH NAME slapo\-pbind \- proxy bind overlay to slapd .SH SYNOPSIS ETCDIR/slapd.conf .SH DESCRIPTION The .B pbind overlay to .BR slapd (8) forwards Simple Binds on a local database to a remote LDAP server instead of processing them locally. The remote connection is managed using an instance of the ldap backend. .LP The .B pbind overlay uses a subset of the \fIldap\fP backend's config directives. They are described in more detail in .BR slapd\-ldap (5). Note: this overlay is built into the \fIldap\fP backend; it is not a separate module. .TP .B overlay pbind This directive adds the proxy bind overlay to the current backend. The proxy bind overlay may be used with any backend, but it is mainly intended for use with local storage backends. .TP .B uri LDAP server to use. .TP .B tls Specify the use of TLS. .TP .B network\-timeout