ldap.h source code [netbsd/objdir.amd64/destdir.amd64/usr/include/ldap.h]

1	/ $NetBSD: ldap.h,v 1.1.1.7 2018/02/06 01:53:05 christos Exp $ /
2
3	/ $OpenLDAP$ /
4	/ This work is part of OpenLDAP Software <http://www.openldap.org/>.*
5	*
6	* Copyright 1998-2017 The OpenLDAP Foundation.
7	* All rights reserved.
8	*
9	* Redistribution and use in source and binary forms, with or without
10	* modification, are permitted only as authorized by the OpenLDAP
11	* Public License.
12	*
13	* A copy of this license is available in file LICENSE in the
14	* top-level directory of the distribution or, alternatively, at
15	* <http://www.OpenLDAP.org/license.html>.
16	*/
17	/ Portions Copyright (c) 1990 Regents of the University of Michigan.*
18	* All rights reserved.
19	*
20	* Redistribution and use in source and binary forms are permitted
21	* provided that this notice is preserved and that due credit is given
22	* to the University of Michigan at Ann Arbor. The name of the University
23	* may not be used to endorse or promote products derived from this
24	* software without specific prior written permission. This software
25	* is provided ``as is'' without express or implied warranty.
26	*/
27
28	#ifndef _LDAP_H
29	#define _LDAP_H
30
31	/ pull in lber /
32	#include <lber.h>
33
34	/ include version and API feature defines /
35	#include <ldap_features.h>
36
37	LDAP_BEGIN_DECL
38
39	#define LDAP_VERSION1 1
40	#define LDAP_VERSION2 2
41	#define LDAP_VERSION3 3
42
43	#define LDAP_VERSION_MIN LDAP_VERSION2
44	#define LDAP_VERSION LDAP_VERSION2
45	#define LDAP_VERSION_MAX LDAP_VERSION3
46
47	/*
48	* We use 3000+n here because it is above 1823 (for RFC 1823),
49	* above 2000+rev of IETF LDAPEXT draft (now quite dated),
50	* yet below allocations for new RFCs (just in case there is
51	* someday an RFC produced).
52	*/
53	#define LDAP_API_VERSION 3001
54	#define LDAP_VENDOR_NAME "OpenLDAP"
55
56	/ OpenLDAP API Features /
57	#define LDAP_API_FEATURE_X_OPENLDAP LDAP_VENDOR_VERSION
58
59	#if defined( LDAP_API_FEATURE_X_OPENLDAP_REENTRANT ) \|\| \
60	( defined( LDAP_THREAD_SAFE ) && \
61	defined( LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE ) )
62	/ -lldap may or may not be thread safe /
63	/ -lldap_r, if available, is always thread safe /
64	# define LDAP_API_FEATURE_THREAD_SAFE 1
65	# define LDAP_API_FEATURE_SESSION_THREAD_SAFE 1
66	# define LDAP_API_FEATURE_OPERATION_THREAD_SAFE 1
67	#endif
68	#if defined( LDAP_THREAD_SAFE ) && \
69	defined( LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE )
70	/ #define LDAP_API_FEATURE_SESSION_SAFE 1 /
71	/ #define LDAP_API_OPERATION_SESSION_SAFE 1 /
72	#endif
73
74
75	#define LDAP_PORT 389 /* ldap:/// default LDAP port */
76	#define LDAPS_PORT 636 /* ldaps:/// default LDAP over TLS port */
77
78	#define LDAP_ROOT_DSE ""
79	#define LDAP_NO_ATTRS "1.1"
80	#define LDAP_ALL_USER_ATTRIBUTES "*"
81	#define LDAP_ALL_OPERATIONAL_ATTRIBUTES "+" /* RFC 3673 */
82
83	/ RFC 4511: maxInt INTEGER ::= 2147483647 -- (2^^31 - 1) -- /
84	#define LDAP_MAXINT (2147483647)
85
86	/*
87	* LDAP_OPTions
88	* 0x0000 - 0x0fff reserved for api options
89	* 0x1000 - 0x3fff reserved for api extended options
90	* 0x4000 - 0x7fff reserved for private and experimental options
91	*/
92
93	#define LDAP_OPT_API_INFO 0x0000
94	#define LDAP_OPT_DESC 0x0001 /* historic */
95	#define LDAP_OPT_DEREF 0x0002
96	#define LDAP_OPT_SIZELIMIT 0x0003
97	#define LDAP_OPT_TIMELIMIT 0x0004
98	/ 0x05 - 0x07 not defined /
99	#define LDAP_OPT_REFERRALS 0x0008
100	#define LDAP_OPT_RESTART 0x0009
101	/ 0x0a - 0x10 not defined /
102	#define LDAP_OPT_PROTOCOL_VERSION 0x0011
103	#define LDAP_OPT_SERVER_CONTROLS 0x0012
104	#define LDAP_OPT_CLIENT_CONTROLS 0x0013
105	/ 0x14 not defined /
106	#define LDAP_OPT_API_FEATURE_INFO 0x0015
107	/ 0x16 - 0x2f not defined /
108	#define LDAP_OPT_HOST_NAME 0x0030
109	#define LDAP_OPT_RESULT_CODE 0x0031
110	#define LDAP_OPT_ERROR_NUMBER LDAP_OPT_RESULT_CODE
111	#define LDAP_OPT_DIAGNOSTIC_MESSAGE 0x0032
112	#define LDAP_OPT_ERROR_STRING LDAP_OPT_DIAGNOSTIC_MESSAGE
113	#define LDAP_OPT_MATCHED_DN 0x0033
114	/ 0x0034 - 0x3fff not defined /
115	/ 0x0091 used by Microsoft for LDAP_OPT_AUTO_RECONNECT /
116	#define LDAP_OPT_SSPI_FLAGS 0x0092
117	/ 0x0093 used by Microsoft for LDAP_OPT_SSL_INFO /
118	/ 0x0094 used by Microsoft for LDAP_OPT_REF_DEREF_CONN_PER_MSG /
119	#define LDAP_OPT_SIGN 0x0095
120	#define LDAP_OPT_ENCRYPT 0x0096
121	#define LDAP_OPT_SASL_METHOD 0x0097
122	/ 0x0098 used by Microsoft for LDAP_OPT_AREC_EXCLUSIVE /
123	#define LDAP_OPT_SECURITY_CONTEXT 0x0099
124	/ 0x009A used by Microsoft for LDAP_OPT_ROOTDSE_CACHE /
125	/ 0x009B - 0x3fff not defined /
126
127	/ API Extensions /
128	#define LDAP_OPT_API_EXTENSION_BASE 0x4000 /* API extensions */
129
130	/ private and experimental options /
131	/ OpenLDAP specific options /
132	#define LDAP_OPT_DEBUG_LEVEL 0x5001 /* debug level */
133	#define LDAP_OPT_TIMEOUT 0x5002 /* default timeout */
134	#define LDAP_OPT_REFHOPLIMIT 0x5003 /* ref hop limit */
135	#define LDAP_OPT_NETWORK_TIMEOUT 0x5005 /* socket level timeout */
136	#define LDAP_OPT_URI 0x5006
137	#define LDAP_OPT_REFERRAL_URLS 0x5007 /* Referral URLs */
138	#define LDAP_OPT_SOCKBUF 0x5008 /* sockbuf */
139	#define LDAP_OPT_DEFBASE 0x5009 /* searchbase */
140	#define LDAP_OPT_CONNECT_ASYNC 0x5010 /* create connections asynchronously */
141	#define LDAP_OPT_CONNECT_CB 0x5011 /* connection callbacks */
142	#define LDAP_OPT_SESSION_REFCNT 0x5012 /* session reference count */
143
144	/ OpenLDAP TLS options /
145	#define LDAP_OPT_X_TLS 0x6000
146	#define LDAP_OPT_X_TLS_CTX 0x6001 /* OpenSSL CTX* */
147	#define LDAP_OPT_X_TLS_CACERTFILE 0x6002
148	#define LDAP_OPT_X_TLS_CACERTDIR 0x6003
149	#define LDAP_OPT_X_TLS_CERTFILE 0x6004
150	#define LDAP_OPT_X_TLS_KEYFILE 0x6005
151	#define LDAP_OPT_X_TLS_REQUIRE_CERT 0x6006
152	#define LDAP_OPT_X_TLS_PROTOCOL_MIN 0x6007
153	#define LDAP_OPT_X_TLS_CIPHER_SUITE 0x6008
154	#define LDAP_OPT_X_TLS_RANDOM_FILE 0x6009
155	#define LDAP_OPT_X_TLS_SSL_CTX 0x600a /* OpenSSL SSL* */
156	#define LDAP_OPT_X_TLS_CRLCHECK 0x600b
157	#define LDAP_OPT_X_TLS_CONNECT_CB 0x600c
158	#define LDAP_OPT_X_TLS_CONNECT_ARG 0x600d
159	#define LDAP_OPT_X_TLS_DHFILE 0x600e
160	#define LDAP_OPT_X_TLS_NEWCTX 0x600f
161	#define LDAP_OPT_X_TLS_CRLFILE 0x6010 /* GNUtls only */
162	#define LDAP_OPT_X_TLS_PACKAGE 0x6011
163
164	#define LDAP_OPT_X_TLS_NEVER 0
165	#define LDAP_OPT_X_TLS_HARD 1
166	#define LDAP_OPT_X_TLS_DEMAND 2
167	#define LDAP_OPT_X_TLS_ALLOW 3
168	#define LDAP_OPT_X_TLS_TRY 4
169
170	#define LDAP_OPT_X_TLS_CRL_NONE 0
171	#define LDAP_OPT_X_TLS_CRL_PEER 1
172	#define LDAP_OPT_X_TLS_CRL_ALL 2
173
174	/ for LDAP_OPT_X_TLS_PROTOCOL_MIN /
175	#define LDAP_OPT_X_TLS_PROTOCOL(maj,min) (((maj) << 8) + (min))
176	#define LDAP_OPT_X_TLS_PROTOCOL_SSL2 (2 << 8)
177	#define LDAP_OPT_X_TLS_PROTOCOL_SSL3 (3 << 8)
178	#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_0 ((3 << 8) + 1)
179	#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_1 ((3 << 8) + 2)
180	#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_2 ((3 << 8) + 3)
181
182	/ OpenLDAP SASL options /
183	#define LDAP_OPT_X_SASL_MECH 0x6100
184	#define LDAP_OPT_X_SASL_REALM 0x6101
185	#define LDAP_OPT_X_SASL_AUTHCID 0x6102
186	#define LDAP_OPT_X_SASL_AUTHZID 0x6103
187	#define LDAP_OPT_X_SASL_SSF 0x6104 /* read-only */
188	#define LDAP_OPT_X_SASL_SSF_EXTERNAL 0x6105 /* write-only */
189	#define LDAP_OPT_X_SASL_SECPROPS 0x6106 /* write-only */
190	#define LDAP_OPT_X_SASL_SSF_MIN 0x6107
191	#define LDAP_OPT_X_SASL_SSF_MAX 0x6108
192	#define LDAP_OPT_X_SASL_MAXBUFSIZE 0x6109
193	#define LDAP_OPT_X_SASL_MECHLIST 0x610a /* read-only */
194	#define LDAP_OPT_X_SASL_NOCANON 0x610b
195	#define LDAP_OPT_X_SASL_USERNAME 0x610c /* read-only */
196	#define LDAP_OPT_X_SASL_GSS_CREDS 0x610d
197
198	/ OpenLDAP GSSAPI options /
199	#define LDAP_OPT_X_GSSAPI_DO_NOT_FREE_CONTEXT 0x6200
200	#define LDAP_OPT_X_GSSAPI_ALLOW_REMOTE_PRINCIPAL 0x6201
201
202	/*
203	* OpenLDAP per connection tcp-keepalive settings
204	* (Linux only, ignored where unsupported)
205	*/
206	#define LDAP_OPT_X_KEEPALIVE_IDLE 0x6300
207	#define LDAP_OPT_X_KEEPALIVE_PROBES 0x6301
208	#define LDAP_OPT_X_KEEPALIVE_INTERVAL 0x6302
209
210	/ Private API Extensions -- reserved for application use /
211	#define LDAP_OPT_PRIVATE_EXTENSION_BASE 0x7000 /* Private API inclusive */
212
213	/*
214	* ldap_get_option() and ldap_set_option() return values.
215	* As later versions may return other values indicating
216	* failure, current applications should only compare returned
217	* value against LDAP_OPT_SUCCESS.
218	*/
219	#define LDAP_OPT_SUCCESS 0
220	#define LDAP_OPT_ERROR (-1)
221
222	/ option on/off values /
223	#define LDAP_OPT_ON ((void *) &ber_pvt_opt_on)
224	#define LDAP_OPT_OFF ((void *) 0)
225
226	typedef struct ldapapiinfo {
227	int ldapai_info_version; / version of LDAPAPIInfo /
228	#define LDAP_API_INFO_VERSION (1)
229	int ldapai_api_version; / revision of API supported /
230	int ldapai_protocol_version; / highest LDAP version supported /
231	char *ldapai_extensions; /* names of API extensions /
232	char ldapai_vendor_name; /* name of supplier /
233	int ldapai_vendor_version; / supplier-specific version * 100 /
234	} LDAPAPIInfo;
235
236	typedef struct ldap_apifeature_info {
237	int ldapaif_info_version; / version of LDAPAPIFeatureInfo /
238	#define LDAP_FEATURE_INFO_VERSION (1) /* apifeature_info struct version */
239	char* ldapaif_name; / LDAP_API_FEATURE_* (less prefix) /
240	int ldapaif_version; / value of LDAP_API_FEATURE_... /
241	} LDAPAPIFeatureInfo;
242
243	/*
244	* LDAP Control structure
245	*/
246	typedef struct ldapcontrol {
247	char * ldctl_oid; / numericoid of control /
248	struct berval ldctl_value; / encoded value of control /
249	char ldctl_iscritical; / criticality /
250	} LDAPControl;
251
252	/ LDAP Controls /
253	/ standard track controls /
254	#define LDAP_CONTROL_MANAGEDSAIT "2.16.840.1.113730.3.4.2" /* RFC 3296 */
255	#define LDAP_CONTROL_PROXY_AUTHZ "2.16.840.1.113730.3.4.18" /* RFC 4370 */
256	#define LDAP_CONTROL_SUBENTRIES "1.3.6.1.4.1.4203.1.10.1" /* RFC 3672 */
257
258	#define LDAP_CONTROL_VALUESRETURNFILTER "1.2.826.0.1.3344810.2.3"/* RFC 3876 */
259
260	#define LDAP_CONTROL_ASSERT "1.3.6.1.1.12" /* RFC 4528 */
261	#define LDAP_CONTROL_PRE_READ "1.3.6.1.1.13.1" /* RFC 4527 */
262	#define LDAP_CONTROL_POST_READ "1.3.6.1.1.13.2" /* RFC 4527 */
263
264	#define LDAP_CONTROL_SORTREQUEST "1.2.840.113556.1.4.473" /* RFC 2891 */
265	#define LDAP_CONTROL_SORTRESPONSE "1.2.840.113556.1.4.474" /* RFC 2891 */
266
267	/ non-standard track controls /
268	#define LDAP_CONTROL_PAGEDRESULTS "1.2.840.113556.1.4.319" /* RFC 2696 */
269
270	/ LDAP Content Synchronization Operation -- RFC 4533 /
271	#define LDAP_SYNC_OID "1.3.6.1.4.1.4203.1.9.1"
272	#define LDAP_CONTROL_SYNC LDAP_SYNC_OID ".1"
273	#define LDAP_CONTROL_SYNC_STATE LDAP_SYNC_OID ".2"
274	#define LDAP_CONTROL_SYNC_DONE LDAP_SYNC_OID ".3"
275	#define LDAP_SYNC_INFO LDAP_SYNC_OID ".4"
276
277	#define LDAP_SYNC_NONE 0x00
278	#define LDAP_SYNC_REFRESH_ONLY 0x01
279	#define LDAP_SYNC_RESERVED 0x02
280	#define LDAP_SYNC_REFRESH_AND_PERSIST 0x03
281
282	#define LDAP_SYNC_REFRESH_PRESENTS 0
283	#define LDAP_SYNC_REFRESH_DELETES 1
284
285	#define LDAP_TAG_SYNC_NEW_COOKIE ((ber_tag_t) 0x80U)
286	#define LDAP_TAG_SYNC_REFRESH_DELETE ((ber_tag_t) 0xa1U)
287	#define LDAP_TAG_SYNC_REFRESH_PRESENT ((ber_tag_t) 0xa2U)
288	#define LDAP_TAG_SYNC_ID_SET ((ber_tag_t) 0xa3U)
289
290	#define LDAP_TAG_SYNC_COOKIE ((ber_tag_t) 0x04U)
291	#define LDAP_TAG_REFRESHDELETES ((ber_tag_t) 0x01U)
292	#define LDAP_TAG_REFRESHDONE ((ber_tag_t) 0x01U)
293	#define LDAP_TAG_RELOAD_HINT ((ber_tag_t) 0x01U)
294
295	#define LDAP_SYNC_PRESENT 0
296	#define LDAP_SYNC_ADD 1
297	#define LDAP_SYNC_MODIFY 2
298	#define LDAP_SYNC_DELETE 3
299	#define LDAP_SYNC_NEW_COOKIE 4
300
301	/ LDAP Don't Use Copy Control (RFC 6171) /
302	#define LDAP_CONTROL_DONTUSECOPY "1.3.6.1.1.22"
303
304	/ Password policy Controls // work in progress /
305	/ ITS#3458: released; disabled by default /
306	#define LDAP_CONTROL_PASSWORDPOLICYREQUEST "1.3.6.1.4.1.42.2.27.8.5.1"
307	#define LDAP_CONTROL_PASSWORDPOLICYRESPONSE "1.3.6.1.4.1.42.2.27.8.5.1"
308
309	/ various works in progress /
310	#define LDAP_CONTROL_NOOP "1.3.6.1.4.1.4203.666.5.2"
311	#define LDAP_CONTROL_NO_SUBORDINATES "1.3.6.1.4.1.4203.666.5.11"
312	#define LDAP_CONTROL_RELAX "1.3.6.1.4.1.4203.666.5.12"
313	#define LDAP_CONTROL_MANAGEDIT LDAP_CONTROL_RELAX
314	#define LDAP_CONTROL_SLURP "1.3.6.1.4.1.4203.666.5.13"
315	#define LDAP_CONTROL_VALSORT "1.3.6.1.4.1.4203.666.5.14"
316	#define LDAP_CONTROL_X_DEREF "1.3.6.1.4.1.4203.666.5.16"
317	#define LDAP_CONTROL_X_WHATFAILED "1.3.6.1.4.1.4203.666.5.17"
318
319	/ LDAP Chaining Behavior Control // work in progress /
320	/ <draft-sermersheim-ldap-chaining>;*
321	* see also LDAP_NO_REFERRALS_FOUND, LDAP_CANNOT_CHAIN */
322	#define LDAP_CONTROL_X_CHAINING_BEHAVIOR "1.3.6.1.4.1.4203.666.11.3"
323
324	#define LDAP_CHAINING_PREFERRED 0
325	#define LDAP_CHAINING_REQUIRED 1
326	#define LDAP_REFERRALS_PREFERRED 2
327	#define LDAP_REFERRALS_REQUIRED 3
328
329	/ MS Active Directory controls (for compatibility) /
330	#define LDAP_CONTROL_X_INCREMENTAL_VALUES "1.2.840.113556.1.4.802"
331	#define LDAP_CONTROL_X_DOMAIN_SCOPE "1.2.840.113556.1.4.1339"
332	#define LDAP_CONTROL_X_PERMISSIVE_MODIFY "1.2.840.113556.1.4.1413"
333	#define LDAP_CONTROL_X_SEARCH_OPTIONS "1.2.840.113556.1.4.1340"
334	#define LDAP_SEARCH_FLAG_DOMAIN_SCOPE 1 /* do not generate referrals */
335	#define LDAP_SEARCH_FLAG_PHANTOM_ROOT 2 /* search all subordinate NCs */
336	#define LDAP_CONTROL_X_TREE_DELETE "1.2.840.113556.1.4.805"
337
338	/ MS Active Directory controls - not implemented in slapd(8) /
339	#define LDAP_CONTROL_X_EXTENDED_DN "1.2.840.113556.1.4.529"
340
341	/ <draft-wahl-ldap-session> /
342	#define LDAP_CONTROL_X_SESSION_TRACKING "1.3.6.1.4.1.21008.108.63.1"
343	#define LDAP_CONTROL_X_SESSION_TRACKING_RADIUS_ACCT_SESSION_ID \
344	LDAP_CONTROL_X_SESSION_TRACKING ".1"
345	#define LDAP_CONTROL_X_SESSION_TRACKING_RADIUS_ACCT_MULTI_SESSION_ID \
346	LDAP_CONTROL_X_SESSION_TRACKING ".2"
347	#define LDAP_CONTROL_X_SESSION_TRACKING_USERNAME \
348	LDAP_CONTROL_X_SESSION_TRACKING ".3"
349	/ various expired works /
350
351	/ LDAP Duplicated Entry Control Extension // not implemented in slapd(8) /
352	#define LDAP_CONTROL_DUPENT_REQUEST "2.16.840.1.113719.1.27.101.1"
353	#define LDAP_CONTROL_DUPENT_RESPONSE "2.16.840.1.113719.1.27.101.2"
354	#define LDAP_CONTROL_DUPENT_ENTRY "2.16.840.1.113719.1.27.101.3"
355	#define LDAP_CONTROL_DUPENT LDAP_CONTROL_DUPENT_REQUEST
356
357	/ LDAP Persistent Search Control // not implemented in slapd(8) /
358	#define LDAP_CONTROL_PERSIST_REQUEST "2.16.840.1.113730.3.4.3"
359	#define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_NOTICE "2.16.840.1.113730.3.4.7"
360	#define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_ADD 0x1
361	#define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_DELETE 0x2
362	#define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_MODIFY 0x4
363	#define LDAP_CONTROL_PERSIST_ENTRY_CHANGE_RENAME 0x8
364
365	/ LDAP VLV /
366	#define LDAP_CONTROL_VLVREQUEST "2.16.840.1.113730.3.4.9"
367	#define LDAP_CONTROL_VLVRESPONSE "2.16.840.1.113730.3.4.10"
368
369	/ LDAP Unsolicited Notifications /
370	#define LDAP_NOTICE_OF_DISCONNECTION "1.3.6.1.4.1.1466.20036" /* RFC 4511 */
371	#define LDAP_NOTICE_DISCONNECT LDAP_NOTICE_OF_DISCONNECTION
372
373	/ LDAP Extended Operations /
374	#define LDAP_EXOP_START_TLS "1.3.6.1.4.1.1466.20037" /* RFC 4511 */
375
376	#define LDAP_EXOP_MODIFY_PASSWD "1.3.6.1.4.1.4203.1.11.1" /* RFC 3062 */
377	#define LDAP_TAG_EXOP_MODIFY_PASSWD_ID ((ber_tag_t) 0x80U)
378	#define LDAP_TAG_EXOP_MODIFY_PASSWD_OLD ((ber_tag_t) 0x81U)
379	#define LDAP_TAG_EXOP_MODIFY_PASSWD_NEW ((ber_tag_t) 0x82U)
380	#define LDAP_TAG_EXOP_MODIFY_PASSWD_GEN ((ber_tag_t) 0x80U)
381
382	#define LDAP_EXOP_CANCEL "1.3.6.1.1.8" /* RFC 3909 */
383	#define LDAP_EXOP_X_CANCEL LDAP_EXOP_CANCEL
384
385	#define LDAP_EXOP_REFRESH "1.3.6.1.4.1.1466.101.119.1" /* RFC 2589 */
386	#define LDAP_TAG_EXOP_REFRESH_REQ_DN ((ber_tag_t) 0x80U)
387	#define LDAP_TAG_EXOP_REFRESH_REQ_TTL ((ber_tag_t) 0x81U)
388	#define LDAP_TAG_EXOP_REFRESH_RES_TTL ((ber_tag_t) 0x81U)
389
390	#define LDAP_EXOP_WHO_AM_I "1.3.6.1.4.1.4203.1.11.3" /* RFC 4532 */
391	#define LDAP_EXOP_X_WHO_AM_I LDAP_EXOP_WHO_AM_I
392
393	/ various works in progress /
394	#define LDAP_EXOP_TURN "1.3.6.1.1.19" /* RFC 4531 */
395	#define LDAP_EXOP_X_TURN LDAP_EXOP_TURN
396
397	/ LDAP Distributed Procedures <draft-sermersheim-ldap-distproc> /
398	/ a work in progress /
399	#define LDAP_X_DISTPROC_BASE "1.3.6.1.4.1.4203.666.11.6"
400	#define LDAP_EXOP_X_CHAINEDREQUEST LDAP_X_DISTPROC_BASE ".1"
401	#define LDAP_FEATURE_X_CANCHAINOPS LDAP_X_DISTPROC_BASE ".2"
402	#define LDAP_CONTROL_X_RETURNCONTREF LDAP_X_DISTPROC_BASE ".3"
403	#define LDAP_URLEXT_X_LOCALREFOID LDAP_X_DISTPROC_BASE ".4"
404	#define LDAP_URLEXT_X_REFTYPEOID LDAP_X_DISTPROC_BASE ".5"
405	#define LDAP_URLEXT_X_SEARCHEDSUBTREEOID \
406	LDAP_X_DISTPROC_BASE ".6"
407	#define LDAP_URLEXT_X_FAILEDNAMEOID LDAP_X_DISTPROC_BASE ".7"
408	#define LDAP_URLEXT_X_LOCALREF "x-localReference"
409	#define LDAP_URLEXT_X_REFTYPE "x-referenceType"
410	#define LDAP_URLEXT_X_SEARCHEDSUBTREE "x-searchedSubtree"
411	#define LDAP_URLEXT_X_FAILEDNAME "x-failedName"
412
413	#ifdef LDAP_DEVEL
414	#define LDAP_X_TXN "1.3.6.1.4.1.4203.666.11.7" /* tmp */
415	#define LDAP_EXOP_X_TXN_START LDAP_X_TXN ".1"
416	#define LDAP_CONTROL_X_TXN_SPEC LDAP_X_TXN ".2"
417	#define LDAP_EXOP_X_TXN_END LDAP_X_TXN ".3"
418	#define LDAP_EXOP_X_TXN_ABORTED_NOTICE LDAP_X_TXN ".4"
419	#endif
420
421	/ LDAP Features /
422	#define LDAP_FEATURE_ALL_OP_ATTRS "1.3.6.1.4.1.4203.1.5.1" /* RFC 3673 */
423	#define LDAP_FEATURE_OBJECTCLASS_ATTRS \
424	"1.3.6.1.4.1.4203.1.5.2" /* @objectClass - new number to be assigned */
425	#define LDAP_FEATURE_ABSOLUTE_FILTERS "1.3.6.1.4.1.4203.1.5.3" /* (&) (\|) */
426	#define LDAP_FEATURE_LANGUAGE_TAG_OPTIONS "1.3.6.1.4.1.4203.1.5.4"
427	#define LDAP_FEATURE_LANGUAGE_RANGE_OPTIONS "1.3.6.1.4.1.4203.1.5.5"
428	#define LDAP_FEATURE_MODIFY_INCREMENT "1.3.6.1.1.14"
429
430	/ LDAP Experimental (works in progress) Features /
431	#define LDAP_FEATURE_SUBORDINATE_SCOPE \
432	"1.3.6.1.4.1.4203.666.8.1" /* "children" */
433	#define LDAP_FEATURE_CHILDREN_SCOPE LDAP_FEATURE_SUBORDINATE_SCOPE
434
435	/*
436	* specific LDAP instantiations of BER types we know about
437	*/
438
439	/ Overview of LBER tag construction*
440	*
441	* Bits
442	* ______
443	* 8 7 \| CLASS
444	* 0 0 = UNIVERSAL
445	* 0 1 = APPLICATION
446	* 1 0 = CONTEXT-SPECIFIC
447	* 1 1 = PRIVATE
448	* _____
449	* \| 6 \| DATA-TYPE
450	* 0 = PRIMITIVE
451	* 1 = CONSTRUCTED
452	* ___________
453	* \| 5 ... 1 \| TAG-NUMBER
454	*/
455
456	/ general stuff /
457	#define LDAP_TAG_MESSAGE ((ber_tag_t) 0x30U) /* constructed + 16 */
458	#define LDAP_TAG_MSGID ((ber_tag_t) 0x02U) /* integer */
459
460	#define LDAP_TAG_LDAPDN ((ber_tag_t) 0x04U) /* octet string */
461	#define LDAP_TAG_LDAPCRED ((ber_tag_t) 0x04U) /* octet string */
462
463	#define LDAP_TAG_CONTROLS ((ber_tag_t) 0xa0U) /* context specific + constructed + 0 */
464	#define LDAP_TAG_REFERRAL ((ber_tag_t) 0xa3U) /* context specific + constructed + 3 */
465
466	#define LDAP_TAG_NEWSUPERIOR ((ber_tag_t) 0x80U) /* context-specific + primitive + 0 */
467
468	#define LDAP_TAG_EXOP_REQ_OID ((ber_tag_t) 0x80U) /* context specific + primitive */
469	#define LDAP_TAG_EXOP_REQ_VALUE ((ber_tag_t) 0x81U) /* context specific + primitive */
470	#define LDAP_TAG_EXOP_RES_OID ((ber_tag_t) 0x8aU) /* context specific + primitive */
471	#define LDAP_TAG_EXOP_RES_VALUE ((ber_tag_t) 0x8bU) /* context specific + primitive */
472
473	#define LDAP_TAG_IM_RES_OID ((ber_tag_t) 0x80U) /* context specific + primitive */
474	#define LDAP_TAG_IM_RES_VALUE ((ber_tag_t) 0x81U) /* context specific + primitive */
475
476	#define LDAP_TAG_SASL_RES_CREDS ((ber_tag_t) 0x87U) /* context specific + primitive */
477
478	/ LDAP Request Messages /
479	#define LDAP_REQ_BIND ((ber_tag_t) 0x60U) /* application + constructed */
480	#define LDAP_REQ_UNBIND ((ber_tag_t) 0x42U) /* application + primitive */
481	#define LDAP_REQ_SEARCH ((ber_tag_t) 0x63U) /* application + constructed */
482	#define LDAP_REQ_MODIFY ((ber_tag_t) 0x66U) /* application + constructed */
483	#define LDAP_REQ_ADD ((ber_tag_t) 0x68U) /* application + constructed */
484	#define LDAP_REQ_DELETE ((ber_tag_t) 0x4aU) /* application + primitive */
485	#define LDAP_REQ_MODDN ((ber_tag_t) 0x6cU) /* application + constructed */
486	#define LDAP_REQ_MODRDN LDAP_REQ_MODDN
487	#define LDAP_REQ_RENAME LDAP_REQ_MODDN
488	#define LDAP_REQ_COMPARE ((ber_tag_t) 0x6eU) /* application + constructed */
489	#define LDAP_REQ_ABANDON ((ber_tag_t) 0x50U) /* application + primitive */
490	#define LDAP_REQ_EXTENDED ((ber_tag_t) 0x77U) /* application + constructed */
491
492	/ LDAP Response Messages /
493	#define LDAP_RES_BIND ((ber_tag_t) 0x61U) /* application + constructed */
494	#define LDAP_RES_SEARCH_ENTRY ((ber_tag_t) 0x64U) /* application + constructed */
495	#define LDAP_RES_SEARCH_REFERENCE ((ber_tag_t) 0x73U) /* V3: application + constructed */
496	#define LDAP_RES_SEARCH_RESULT ((ber_tag_t) 0x65U) /* application + constructed */
497	#define LDAP_RES_MODIFY ((ber_tag_t) 0x67U) /* application + constructed */
498	#define LDAP_RES_ADD ((ber_tag_t) 0x69U) /* application + constructed */
499	#define LDAP_RES_DELETE ((ber_tag_t) 0x6bU) /* application + constructed */
500	#define LDAP_RES_MODDN ((ber_tag_t) 0x6dU) /* application + constructed */
501	#define LDAP_RES_MODRDN LDAP_RES_MODDN /* application + constructed */
502	#define LDAP_RES_RENAME LDAP_RES_MODDN /* application + constructed */
503	#define LDAP_RES_COMPARE ((ber_tag_t) 0x6fU) /* application + constructed */
504	#define LDAP_RES_EXTENDED ((ber_tag_t) 0x78U) /* V3: application + constructed */
505	#define LDAP_RES_INTERMEDIATE ((ber_tag_t) 0x79U) /* V3+: application + constructed */
506
507	#define LDAP_RES_ANY (-1)
508	#define LDAP_RES_UNSOLICITED (0)
509
510
511	/ sasl methods /
512	#define LDAP_SASL_SIMPLE ((char*)0)
513	#define LDAP_SASL_NULL ("")
514
515
516	/ authentication methods available /
517	#define LDAP_AUTH_NONE ((ber_tag_t) 0x00U) /* no authentication */
518	#define LDAP_AUTH_SIMPLE ((ber_tag_t) 0x80U) /* context specific + primitive */
519	#define LDAP_AUTH_SASL ((ber_tag_t) 0xa3U) /* context specific + constructed */
520	#define LDAP_AUTH_KRBV4 ((ber_tag_t) 0xffU) /* means do both of the following */
521	#define LDAP_AUTH_KRBV41 ((ber_tag_t) 0x81U) /* context specific + primitive */
522	#define LDAP_AUTH_KRBV42 ((ber_tag_t) 0x82U) /* context specific + primitive */
523
524	/ used by the Windows API but not used on the wire /
525	#define LDAP_AUTH_NEGOTIATE ((ber_tag_t) 0x04FFU)
526
527	/ filter types /
528	#define LDAP_FILTER_AND ((ber_tag_t) 0xa0U) /* context specific + constructed */
529	#define LDAP_FILTER_OR ((ber_tag_t) 0xa1U) /* context specific + constructed */
530	#define LDAP_FILTER_NOT ((ber_tag_t) 0xa2U) /* context specific + constructed */
531	#define LDAP_FILTER_EQUALITY ((ber_tag_t) 0xa3U) /* context specific + constructed */
532	#define LDAP_FILTER_SUBSTRINGS ((ber_tag_t) 0xa4U) /* context specific + constructed */
533	#define LDAP_FILTER_GE ((ber_tag_t) 0xa5U) /* context specific + constructed */
534	#define LDAP_FILTER_LE ((ber_tag_t) 0xa6U) /* context specific + constructed */
535	#define LDAP_FILTER_PRESENT ((ber_tag_t) 0x87U) /* context specific + primitive */
536	#define LDAP_FILTER_APPROX ((ber_tag_t) 0xa8U) /* context specific + constructed */
537	#define LDAP_FILTER_EXT ((ber_tag_t) 0xa9U) /* context specific + constructed */
538
539	/ extended filter component types /
540	#define LDAP_FILTER_EXT_OID ((ber_tag_t) 0x81U) /* context specific */
541	#define LDAP_FILTER_EXT_TYPE ((ber_tag_t) 0x82U) /* context specific */
542	#define LDAP_FILTER_EXT_VALUE ((ber_tag_t) 0x83U) /* context specific */
543	#define LDAP_FILTER_EXT_DNATTRS ((ber_tag_t) 0x84U) /* context specific */
544
545	/ substring filter component types /
546	#define LDAP_SUBSTRING_INITIAL ((ber_tag_t) 0x80U) /* context specific */
547	#define LDAP_SUBSTRING_ANY ((ber_tag_t) 0x81U) /* context specific */
548	#define LDAP_SUBSTRING_FINAL ((ber_tag_t) 0x82U) /* context specific */
549
550	/ search scopes /
551	#define LDAP_SCOPE_BASE ((ber_int_t) 0x0000)
552	#define LDAP_SCOPE_BASEOBJECT LDAP_SCOPE_BASE
553	#define LDAP_SCOPE_ONELEVEL ((ber_int_t) 0x0001)
554	#define LDAP_SCOPE_ONE LDAP_SCOPE_ONELEVEL
555	#define LDAP_SCOPE_SUBTREE ((ber_int_t) 0x0002)
556	#define LDAP_SCOPE_SUB LDAP_SCOPE_SUBTREE
557	#define LDAP_SCOPE_SUBORDINATE ((ber_int_t) 0x0003) /* OpenLDAP extension */
558	#define LDAP_SCOPE_CHILDREN LDAP_SCOPE_SUBORDINATE
559	#define LDAP_SCOPE_DEFAULT ((ber_int_t) -1) /* OpenLDAP extension */
560
561	/ substring filter component types /
562	#define LDAP_SUBSTRING_INITIAL ((ber_tag_t) 0x80U) /* context specific */
563	#define LDAP_SUBSTRING_ANY ((ber_tag_t) 0x81U) /* context specific */
564	#define LDAP_SUBSTRING_FINAL ((ber_tag_t) 0x82U) /* context specific */
565
566	/*
567	* LDAP Result Codes
568	*/
569	#define LDAP_SUCCESS 0x00
570
571	#define LDAP_RANGE(n,x,y) (((x) <= (n)) && ((n) <= (y)))
572
573	#define LDAP_OPERATIONS_ERROR 0x01
574	#define LDAP_PROTOCOL_ERROR 0x02
575	#define LDAP_TIMELIMIT_EXCEEDED 0x03
576	#define LDAP_SIZELIMIT_EXCEEDED 0x04
577	#define LDAP_COMPARE_FALSE 0x05
578	#define LDAP_COMPARE_TRUE 0x06
579	#define LDAP_AUTH_METHOD_NOT_SUPPORTED 0x07
580	#define LDAP_STRONG_AUTH_NOT_SUPPORTED LDAP_AUTH_METHOD_NOT_SUPPORTED
581	#define LDAP_STRONG_AUTH_REQUIRED 0x08
582	#define LDAP_STRONGER_AUTH_REQUIRED LDAP_STRONG_AUTH_REQUIRED
583	#define LDAP_PARTIAL_RESULTS 0x09 /* LDAPv2+ (not LDAPv3) */
584
585	#define LDAP_REFERRAL 0x0a /* LDAPv3 */
586	#define LDAP_ADMINLIMIT_EXCEEDED 0x0b /* LDAPv3 */
587	#define LDAP_UNAVAILABLE_CRITICAL_EXTENSION 0x0c /* LDAPv3 */
588	#define LDAP_CONFIDENTIALITY_REQUIRED 0x0d /* LDAPv3 */
589	#define LDAP_SASL_BIND_IN_PROGRESS 0x0e /* LDAPv3 */
590
591	#define LDAP_ATTR_ERROR(n) LDAP_RANGE((n),0x10,0x15) /* 16-21 */
592
593	#define LDAP_NO_SUCH_ATTRIBUTE 0x10
594	#define LDAP_UNDEFINED_TYPE 0x11
595	#define LDAP_INAPPROPRIATE_MATCHING 0x12
596	#define LDAP_CONSTRAINT_VIOLATION 0x13
597	#define LDAP_TYPE_OR_VALUE_EXISTS 0x14
598	#define LDAP_INVALID_SYNTAX 0x15
599
600	#define LDAP_NAME_ERROR(n) LDAP_RANGE((n),0x20,0x24) /* 32-34,36 */
601
602	#define LDAP_NO_SUCH_OBJECT 0x20
603	#define LDAP_ALIAS_PROBLEM 0x21
604	#define LDAP_INVALID_DN_SYNTAX 0x22
605	#define LDAP_IS_LEAF 0x23 /* not LDAPv3 */
606	#define LDAP_ALIAS_DEREF_PROBLEM 0x24
607
608	#define LDAP_SECURITY_ERROR(n) LDAP_RANGE((n),0x2F,0x32) /* 47-50 */
609
610	#define LDAP_X_PROXY_AUTHZ_FAILURE 0x2F /* LDAPv3 proxy authorization */
611	#define LDAP_INAPPROPRIATE_AUTH 0x30
612	#define LDAP_INVALID_CREDENTIALS 0x31
613	#define LDAP_INSUFFICIENT_ACCESS 0x32
614
615	#define LDAP_SERVICE_ERROR(n) LDAP_RANGE((n),0x33,0x36) /* 51-54 */
616
617	#define LDAP_BUSY 0x33
618	#define LDAP_UNAVAILABLE 0x34
619	#define LDAP_UNWILLING_TO_PERFORM 0x35
620	#define LDAP_LOOP_DETECT 0x36
621
622	#define LDAP_UPDATE_ERROR(n) LDAP_RANGE((n),0x40,0x47) /* 64-69,71 */
623
624	#define LDAP_NAMING_VIOLATION 0x40
625	#define LDAP_OBJECT_CLASS_VIOLATION 0x41
626	#define LDAP_NOT_ALLOWED_ON_NONLEAF 0x42
627	#define LDAP_NOT_ALLOWED_ON_RDN 0x43
628	#define LDAP_ALREADY_EXISTS 0x44
629	#define LDAP_NO_OBJECT_CLASS_MODS 0x45
630	#define LDAP_RESULTS_TOO_LARGE 0x46 /* CLDAP */
631	#define LDAP_AFFECTS_MULTIPLE_DSAS 0x47
632
633	#define LDAP_VLV_ERROR 0x4C
634
635	#define LDAP_OTHER 0x50
636
637	/ LCUP operation codes (113-117) - not implemented /
638	#define LDAP_CUP_RESOURCES_EXHAUSTED 0x71
639	#define LDAP_CUP_SECURITY_VIOLATION 0x72
640	#define LDAP_CUP_INVALID_DATA 0x73
641	#define LDAP_CUP_UNSUPPORTED_SCHEME 0x74
642	#define LDAP_CUP_RELOAD_REQUIRED 0x75
643
644	/ Cancel operation codes (118-121) /
645	#define LDAP_CANCELLED 0x76
646	#define LDAP_NO_SUCH_OPERATION 0x77
647	#define LDAP_TOO_LATE 0x78
648	#define LDAP_CANNOT_CANCEL 0x79
649
650	/ Assertion control (122) /
651	#define LDAP_ASSERTION_FAILED 0x7A
652
653	/ Proxied Authorization Denied (123) /
654	#define LDAP_PROXIED_AUTHORIZATION_DENIED 0x7B
655
656	/ Experimental result codes /
657	#define LDAP_E_ERROR(n) LDAP_RANGE((n),0x1000,0x3FFF)
658
659	/ LDAP Sync (4096) /
660	#define LDAP_SYNC_REFRESH_REQUIRED 0x1000
661
662
663	/ Private Use result codes /
664	#define LDAP_X_ERROR(n) LDAP_RANGE((n),0x4000,0xFFFF)
665
666	#define LDAP_X_SYNC_REFRESH_REQUIRED 0x4100 /* defunct */
667	#define LDAP_X_ASSERTION_FAILED 0x410f /* defunct */
668
669	/ for the LDAP No-Op control /
670	#define LDAP_X_NO_OPERATION 0x410e
671
672	/ for the Chaining Behavior control (consecutive result codes requested;*
673	* see <draft-sermersheim-ldap-chaining> ) */
674	#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
675	#define LDAP_X_NO_REFERRALS_FOUND 0x4110
676	#define LDAP_X_CANNOT_CHAIN 0x4111
677	#endif
678
679	/ for Distributed Procedures (see <draft-sermersheim-ldap-distproc>) /
680	#ifdef LDAP_X_DISTPROC_BASE
681	#define LDAP_X_INVALIDREFERENCE 0x4112
682	#endif
683
684	#ifdef LDAP_X_TXN
685	#define LDAP_X_TXN_SPECIFY_OKAY 0x4120
686	#define LDAP_X_TXN_ID_INVALID 0x4121
687	#endif
688
689	/ API Error Codes*
690	*
691	* Based on draft-ietf-ldap-c-api-xx
692	* but with new negative code values
693	*/
694	#define LDAP_API_ERROR(n) ((n)<0)
695	#define LDAP_API_RESULT(n) ((n)<=0)
696
697	#define LDAP_SERVER_DOWN (-1)
698	#define LDAP_LOCAL_ERROR (-2)
699	#define LDAP_ENCODING_ERROR (-3)
700	#define LDAP_DECODING_ERROR (-4)
701	#define LDAP_TIMEOUT (-5)
702	#define LDAP_AUTH_UNKNOWN (-6)
703	#define LDAP_FILTER_ERROR (-7)
704	#define LDAP_USER_CANCELLED (-8)
705	#define LDAP_PARAM_ERROR (-9)
706	#define LDAP_NO_MEMORY (-10)
707	#define LDAP_CONNECT_ERROR (-11)
708	#define LDAP_NOT_SUPPORTED (-12)
709	#define LDAP_CONTROL_NOT_FOUND (-13)
710	#define LDAP_NO_RESULTS_RETURNED (-14)
711	#define LDAP_MORE_RESULTS_TO_RETURN (-15) /* Obsolete */
712	#define LDAP_CLIENT_LOOP (-16)
713	#define LDAP_REFERRAL_LIMIT_EXCEEDED (-17)
714	#define LDAP_X_CONNECTING (-18)
715
716
717	/*
718	* This structure represents both ldap messages and ldap responses.
719	* These are really the same, except in the case of search responses,
720	* where a response has multiple messages.
721	*/
722
723	typedef struct ldapmsg LDAPMessage;
724
725	/ for modifications /
726	typedef struct ldapmod {
727	int mod_op;
728
729	#define LDAP_MOD_OP (0x0007)
730	#define LDAP_MOD_ADD (0x0000)
731	#define LDAP_MOD_DELETE (0x0001)
732	#define LDAP_MOD_REPLACE (0x0002)
733	#define LDAP_MOD_INCREMENT (0x0003) /* OpenLDAP extension */
734	#define LDAP_MOD_BVALUES (0x0080)
735	/ IMPORTANT: do not use code 0x1000 (or above),*
736	* it is used internally by the backends!
737	* (see ldap/servers/slapd/slap.h)
738	*/
739
740	char *mod_type;
741	union mod_vals_u {
742	char **modv_strvals;
743	struct berval **modv_bvals;
744	} mod_vals;
745	#define mod_values mod_vals.modv_strvals
746	#define mod_bvalues mod_vals.modv_bvals
747	} LDAPMod;
748
749	/*
750	* structure representing an ldap session which can
751	* encompass connections to multiple servers (in the
752	* face of referrals).
753	*/
754	typedef struct ldap LDAP;
755
756	#define LDAP_DEREF_NEVER 0x00
757	#define LDAP_DEREF_SEARCHING 0x01
758	#define LDAP_DEREF_FINDING 0x02
759	#define LDAP_DEREF_ALWAYS 0x03
760
761	#define LDAP_NO_LIMIT 0
762
763	/ how many messages to retrieve results for /
764	#define LDAP_MSG_ONE 0x00
765	#define LDAP_MSG_ALL 0x01
766	#define LDAP_MSG_RECEIVED 0x02
767
768	/*
769	* types for ldap URL handling
770	*/
771	typedef struct ldap_url_desc {
772	struct ldap_url_desc *lud_next;
773	char *lud_scheme;
774	char *lud_host;
775	int lud_port;
776	char *lud_dn;
777	char **lud_attrs;
778	int lud_scope;
779	char *lud_filter;
780	char **lud_exts;
781	int lud_crit_exts;
782	} LDAPURLDesc;
783
784	#define LDAP_URL_SUCCESS 0x00 /* Success */
785	#define LDAP_URL_ERR_MEM 0x01 /* can't allocate memory space */
786	#define LDAP_URL_ERR_PARAM 0x02 /* parameter is bad */
787
788	#define LDAP_URL_ERR_BADSCHEME 0x03 /* URL doesn't begin with "ldap[si]://" */
789	#define LDAP_URL_ERR_BADENCLOSURE 0x04 /* URL is missing trailing ">" */
790	#define LDAP_URL_ERR_BADURL 0x05 /* URL is bad */
791	#define LDAP_URL_ERR_BADHOST 0x06 /* host port is bad */
792	#define LDAP_URL_ERR_BADATTRS 0x07 /* bad (or missing) attributes */
793	#define LDAP_URL_ERR_BADSCOPE 0x08 /* scope string is invalid (or missing) */
794	#define LDAP_URL_ERR_BADFILTER 0x09 /* bad or missing filter */
795	#define LDAP_URL_ERR_BADEXTS 0x0a /* bad or missing extensions */
796
797	/*
798	* LDAP sync (RFC4533) API
799	*/
800
801	typedef struct ldap_sync_t ldap_sync_t;
802
803	typedef enum {
804	/ these are private - the client should never see them /
805	LDAP_SYNC_CAPI_NONE = -`1`,
806
807	LDAP_SYNC_CAPI_PHASE_FLAG = `0x10U`,
808	LDAP_SYNC_CAPI_IDSET_FLAG = `0x20U`,
809	LDAP_SYNC_CAPI_DONE_FLAG = `0x40U`,
810
811	/ these are passed to ls_search_entry() /
812	LDAP_SYNC_CAPI_PRESENT = LDAP_SYNC_PRESENT,
813	LDAP_SYNC_CAPI_ADD = LDAP_SYNC_ADD,
814	LDAP_SYNC_CAPI_MODIFY = LDAP_SYNC_MODIFY,
815	LDAP_SYNC_CAPI_DELETE = LDAP_SYNC_DELETE,
816
817	/ these are passed to ls_intermediate() /
818	LDAP_SYNC_CAPI_PRESENTS = ( LDAP_SYNC_CAPI_PHASE_FLAG \| LDAP_SYNC_CAPI_PRESENT ),
819	LDAP_SYNC_CAPI_DELETES = ( LDAP_SYNC_CAPI_PHASE_FLAG \| LDAP_SYNC_CAPI_DELETE ),
820
821	LDAP_SYNC_CAPI_PRESENTS_IDSET = ( LDAP_SYNC_CAPI_PRESENTS \| LDAP_SYNC_CAPI_IDSET_FLAG ),
822	LDAP_SYNC_CAPI_DELETES_IDSET = ( LDAP_SYNC_CAPI_DELETES \| LDAP_SYNC_CAPI_IDSET_FLAG ),
823
824	LDAP_SYNC_CAPI_DONE = ( LDAP_SYNC_CAPI_DONE_FLAG \| LDAP_SYNC_CAPI_PRESENTS )
825	} ldap_sync_refresh_t;
826
827	/*
828	* Called when an entry is returned by ldap_result().
829	* If phase is LDAP_SYNC_CAPI_ADD or LDAP_SYNC_CAPI_MODIFY,
830	* the entry has been either added or modified, and thus
831	* the complete view of the entry should be in the LDAPMessage.
832	* If phase is LDAP_SYNC_CAPI_PRESENT or LDAP_SYNC_CAPI_DELETE,
833	* only the DN should be in the LDAPMessage.
834	*/
835	typedef int (*ldap_sync_search_entry_f) LDAP_P((
836	ldap_sync_t *ls,
837	LDAPMessage *msg,
838	struct berval *entryUUID,
839	ldap_sync_refresh_t phase ));
840
841	/*
842	* Called when a reference is returned; the client should know
843	* what to do with it.
844	*/
845	typedef int (*ldap_sync_search_reference_f) LDAP_P((
846	ldap_sync_t *ls,
847	LDAPMessage *msg ));
848
849	/*
850	* Called when specific intermediate/final messages are returned.
851	* If phase is LDAP_SYNC_CAPI_PRESENTS or LDAP_SYNC_CAPI_DELETES,
852	* a "presents" or "deletes" phase begins.
853	* If phase is LDAP_SYNC_CAPI_DONE, a special "presents" phase
854	* with refreshDone set to "TRUE" has been returned, to indicate
855	* that the refresh phase of a refreshAndPersist is complete.
856	* In the above cases, syncUUIDs is NULL.
857	*
858	* If phase is LDAP_SYNC_CAPI_PRESENTS_IDSET or
859	* LDAP_SYNC_CAPI_DELETES_IDSET, syncUUIDs is an array of UUIDs
860	* that are either present or have been deleted.
861	*/
862	typedef int (*ldap_sync_intermediate_f) LDAP_P((
863	ldap_sync_t *ls,
864	LDAPMessage *msg,
865	BerVarray syncUUIDs,
866	ldap_sync_refresh_t phase ));
867
868	/*
869	* Called when a searchResultDone is returned. In refreshAndPersist,
870	* this can only occur if the search for any reason is being terminated
871	* by the server.
872	*/
873	typedef int (*ldap_sync_search_result_f) LDAP_P((
874	ldap_sync_t *ls,
875	LDAPMessage *msg,
876	int refreshDeletes ));
877
878	/*
879	* This structure contains all information about the persistent search;
880	* the caller is responsible for connecting, setting version, binding, tls...
881	*/
882	struct ldap_sync_t {
883	/ conf search params /
884	char *ls_base;
885	int ls_scope;
886	char *ls_filter;
887	char **ls_attrs;
888	int ls_timelimit;
889	int ls_sizelimit;
890
891	/ poll timeout /
892	int ls_timeout;
893
894	/ helpers - add as appropriate /
895	ldap_sync_search_entry_f ls_search_entry;
896	ldap_sync_search_reference_f ls_search_reference;
897	ldap_sync_intermediate_f ls_intermediate;
898	ldap_sync_search_result_f ls_search_result;
899
900	/ set by the caller as appropriate /
901	void *ls_private;
902
903	/ conn stuff /
904	LDAP *ls_ld;
905
906	/ --- the parameters below are private - do not modify --- /
907
908	/ FIXME: make the structure opaque, and provide an interface*
909	* to modify the public values? */
910
911	/ result stuff /
912	int ls_msgid;
913
914	/ sync stuff /
915	/ needed by refreshOnly /
916	int ls_reloadHint;
917
918	/ opaque - need to pass between sessions, updated by the API /
919	struct berval ls_cookie;
920
921	/ state variable - do not modify /
922	ldap_sync_refresh_t ls_refreshPhase;
923	};
924
925	/*
926	* End of LDAP sync (RFC4533) API
927	*/
928
929	/*
930	* Connection callbacks...
931	*/
932	struct ldap_conncb;
933	struct sockaddr;
934
935	/ Called after a connection is established /
936	typedef int (ldap_conn_add_f) LDAP_P(( LDAP ld, Sockbuf sb, LDAPURLDesc srv, struct* sockaddr *addr,
937	struct ldap_conncb *ctx ));
938	/ Called before a connection is closed /
939	typedef void (ldap_conn_del_f) LDAP_P(( LDAP ld, Sockbuf sb, struct ldap_conncb *ctx ));
940
941	/ Callbacks are pushed on a stack. Last one pushed is first one executed. The*
942	* delete callback is called with a NULL Sockbuf just before freeing the LDAP handle.
943	*/
944	typedef struct ldap_conncb {
945	ldap_conn_add_f *lc_add;
946	ldap_conn_del_f *lc_del;
947	void *lc_arg;
948	} ldap_conncb;
949
950	/*
951	* The API draft spec says we should declare (or cause to be declared)
952	* 'struct timeval'. We don't. See IETF LDAPext discussions.
953	*/
954	struct timeval;
955
956	/*
957	* in options.c:
958	*/
959	LDAP_F( int )
960	ldap_get_option LDAP_P((
961	LDAP *ld,
962	int option,
963	void *outvalue));
964
965	LDAP_F( int )
966	ldap_set_option LDAP_P((
967	LDAP *ld,
968	int option,
969	LDAP_CONST void *invalue));
970
971	/ V3 REBIND Function Callback Prototype /
972	typedef int (LDAP_REBIND_PROC) LDAP_P((
973	LDAP ld, LDAP_CONST char* *url,
974	ber_tag_t request, ber_int_t msgid,
975	void *params ));
976
977	LDAP_F( int )
978	ldap_set_rebind_proc LDAP_P((
979	LDAP *ld,
980	LDAP_REBIND_PROC *rebind_proc,
981	void *params ));
982
983	/ V3 referral selection Function Callback Prototype /
984	typedef int (LDAP_NEXTREF_PROC) LDAP_P((
985	LDAP ld, char* **refsp, int* *cntp,
986	void *params ));
987
988	LDAP_F( int )
989	ldap_set_nextref_proc LDAP_P((
990	LDAP *ld,
991	LDAP_NEXTREF_PROC *nextref_proc,
992	void *params ));
993
994	/ V3 URLLIST Function Callback Prototype /
995	typedef int (LDAP_URLLIST_PROC) LDAP_P((
996	LDAP *ld,
997	LDAPURLDesc **urllist,
998	LDAPURLDesc **url,
999	void *params ));
1000
1001	LDAP_F( int )
1002	ldap_set_urllist_proc LDAP_P((
1003	LDAP *ld,
1004	LDAP_URLLIST_PROC *urllist_proc,
1005	void *params ));
1006
1007	/*
1008	* in controls.c:
1009	*/
1010	#if LDAP_DEPRECATED
1011	LDAP_F( int )
1012	ldap_create_control LDAP_P(( / deprecated, use ldap_control_create /
1013	LDAP_CONST char *requestOID,
1014	BerElement *ber,
1015	int iscritical,
1016	LDAPControl **ctrlp ));
1017
1018	LDAP_F( LDAPControl * )
1019	ldap_find_control LDAP_P(( / deprecated, use ldap_control_find /
1020	LDAP_CONST char *oid,
1021	LDAPControl **ctrls ));
1022	#endif
1023
1024	LDAP_F( int )
1025	ldap_control_create LDAP_P((
1026	LDAP_CONST char *requestOID,
1027	int iscritical,
1028	struct berval *value,
1029	int dupval,
1030	LDAPControl **ctrlp ));
1031
1032	LDAP_F( LDAPControl * )
1033	ldap_control_find LDAP_P((
1034	LDAP_CONST char *oid,
1035	LDAPControl **ctrls,
1036	LDAPControl ***nextctrlp ));
1037
1038	LDAP_F( void )
1039	ldap_control_free LDAP_P((
1040	LDAPControl *ctrl ));
1041
1042	LDAP_F( void )
1043	ldap_controls_free LDAP_P((
1044	LDAPControl **ctrls ));
1045
1046	LDAP_F( LDAPControl ** )
1047	ldap_controls_dup LDAP_P((
1048	LDAPControl LDAP_CONST controls ));
1049
1050	LDAP_F( LDAPControl * )
1051	ldap_control_dup LDAP_P((
1052	LDAP_CONST LDAPControl *c ));
1053
1054	/*
1055	* in dnssrv.c:
1056	*/
1057	LDAP_F( int )
1058	ldap_domain2dn LDAP_P((
1059	LDAP_CONST char* domain,
1060	char** dn ));
1061
1062	LDAP_F( int )
1063	ldap_dn2domain LDAP_P((
1064	LDAP_CONST char* dn,
1065	char** domain ));
1066
1067	LDAP_F( int )
1068	ldap_domain2hostlist LDAP_P((
1069	LDAP_CONST char *domain,
1070	char** hostlist ));
1071
1072	/*
1073	* in extended.c:
1074	*/
1075	LDAP_F( int )
1076	ldap_extended_operation LDAP_P((
1077	LDAP *ld,
1078	LDAP_CONST char *reqoid,
1079	struct berval *reqdata,
1080	LDAPControl **serverctrls,
1081	LDAPControl **clientctrls,
1082	int *msgidp ));
1083
1084	LDAP_F( int )
1085	ldap_extended_operation_s LDAP_P((
1086	LDAP *ld,
1087	LDAP_CONST char *reqoid,
1088	struct berval *reqdata,
1089	LDAPControl **serverctrls,
1090	LDAPControl **clientctrls,
1091	char **retoidp,
1092	struct berval **retdatap ));
1093
1094	LDAP_F( int )
1095	ldap_parse_extended_result LDAP_P((
1096	LDAP *ld,
1097	LDAPMessage *res,
1098	char **retoidp,
1099	struct berval **retdatap,
1100	int freeit ));
1101
1102	LDAP_F( int )
1103	ldap_parse_intermediate LDAP_P((
1104	LDAP *ld,
1105	LDAPMessage *res,
1106	char **retoidp,
1107	struct berval **retdatap,
1108	LDAPControl ***serverctrls,
1109	int freeit ));
1110
1111
1112	/*
1113	* in abandon.c:
1114	*/
1115	LDAP_F( int )
1116	ldap_abandon_ext LDAP_P((
1117	LDAP *ld,
1118	int msgid,
1119	LDAPControl **serverctrls,
1120	LDAPControl **clientctrls ));
1121
1122	#if LDAP_DEPRECATED
1123	LDAP_F( int )
1124	ldap_abandon LDAP_P(( / deprecated, use ldap_abandon_ext /
1125	LDAP *ld,
1126	int msgid ));
1127	#endif
1128
1129	/*
1130	* in add.c:
1131	*/
1132	LDAP_F( int )
1133	ldap_add_ext LDAP_P((
1134	LDAP *ld,
1135	LDAP_CONST char *dn,
1136	LDAPMod **attrs,
1137	LDAPControl **serverctrls,
1138	LDAPControl **clientctrls,
1139	int *msgidp ));
1140
1141	LDAP_F( int )
1142	ldap_add_ext_s LDAP_P((
1143	LDAP *ld,
1144	LDAP_CONST char *dn,
1145	LDAPMod **attrs,
1146	LDAPControl **serverctrls,
1147	LDAPControl **clientctrls ));
1148
1149	#if LDAP_DEPRECATED
1150	LDAP_F( int )
1151	ldap_add LDAP_P(( / deprecated, use ldap_add_ext /
1152	LDAP *ld,
1153	LDAP_CONST char *dn,
1154	LDAPMod **attrs ));
1155
1156	LDAP_F( int )
1157	ldap_add_s LDAP_P(( / deprecated, use ldap_add_ext_s /
1158	LDAP *ld,
1159	LDAP_CONST char *dn,
1160	LDAPMod **attrs ));
1161	#endif
1162
1163
1164	/*
1165	* in sasl.c:
1166	*/
1167	LDAP_F( int )
1168	ldap_sasl_bind LDAP_P((
1169	LDAP *ld,
1170	LDAP_CONST char *dn,
1171	LDAP_CONST char *mechanism,
1172	struct berval *cred,
1173	LDAPControl **serverctrls,
1174	LDAPControl **clientctrls,
1175	int *msgidp ));
1176
1177	/ Interaction flags (should be passed about in a control)*
1178	* Automatic (default): use defaults, prompt otherwise
1179	* Interactive: prompt always
1180	* Quiet: never prompt
1181	*/
1182	#define LDAP_SASL_AUTOMATIC 0U
1183	#define LDAP_SASL_INTERACTIVE 1U
1184	#define LDAP_SASL_QUIET 2U
1185
1186	/*
1187	* V3 SASL Interaction Function Callback Prototype
1188	* when using Cyrus SASL, interact is pointer to sasl_interact_t
1189	* should likely passed in a control (and provided controls)
1190	*/
1191	typedef int (LDAP_SASL_INTERACT_PROC) LDAP_P((
1192	LDAP ld, unsigned* flags, void* defaults, void *interact ));
1193
1194	LDAP_F( int )
1195	ldap_sasl_interactive_bind LDAP_P((
1196	LDAP *ld,
1197	LDAP_CONST char dn, /* usually NULL /
1198	LDAP_CONST char *saslMechanism,
1199	LDAPControl **serverControls,
1200	LDAPControl **clientControls,
1201
1202	/ should be client controls /
1203	unsigned flags,
1204	LDAP_SASL_INTERACT_PROC *proc,
1205	void *defaults,
1206
1207	/ as obtained from ldap_result() /
1208	LDAPMessage *result,
1209
1210	/ returned during bind processing /
1211	const char **rmech,
1212	int *msgid ));
1213
1214	LDAP_F( int )
1215	ldap_sasl_interactive_bind_s LDAP_P((
1216	LDAP *ld,
1217	LDAP_CONST char dn, /* usually NULL /
1218	LDAP_CONST char *saslMechanism,
1219	LDAPControl **serverControls,
1220	LDAPControl **clientControls,
1221
1222	/ should be client controls /
1223	unsigned flags,
1224	LDAP_SASL_INTERACT_PROC *proc,
1225	void *defaults ));
1226
1227	LDAP_F( int )
1228	ldap_sasl_bind_s LDAP_P((
1229	LDAP *ld,
1230	LDAP_CONST char *dn,
1231	LDAP_CONST char *mechanism,
1232	struct berval *cred,
1233	LDAPControl **serverctrls,
1234	LDAPControl **clientctrls,
1235	struct berval **servercredp ));
1236
1237	LDAP_F( int )
1238	ldap_parse_sasl_bind_result LDAP_P((
1239	LDAP *ld,
1240	LDAPMessage *res,
1241	struct berval **servercredp,
1242	int freeit ));
1243
1244	#if LDAP_DEPRECATED
1245	/*
1246	* in bind.c:
1247	* (deprecated)
1248	*/
1249	LDAP_F( int )
1250	ldap_bind LDAP_P(( / deprecated, use ldap_sasl_bind /
1251	LDAP *ld,
1252	LDAP_CONST char *who,
1253	LDAP_CONST char *passwd,
1254	int authmethod ));
1255
1256	LDAP_F( int )
1257	ldap_bind_s LDAP_P(( / deprecated, use ldap_sasl_bind_s /
1258	LDAP *ld,
1259	LDAP_CONST char *who,
1260	LDAP_CONST char *cred,
1261	int authmethod ));
1262
1263	/*
1264	* in sbind.c:
1265	*/
1266	LDAP_F( int )
1267	ldap_simple_bind LDAP_P(( / deprecated, use ldap_sasl_bind /
1268	LDAP *ld,
1269	LDAP_CONST char *who,
1270	LDAP_CONST char *passwd ));
1271
1272	LDAP_F( int )
1273	ldap_simple_bind_s LDAP_P(( / deprecated, use ldap_sasl_bind_s /
1274	LDAP *ld,
1275	LDAP_CONST char *who,
1276	LDAP_CONST char *passwd ));
1277
1278	#endif
1279
1280
1281	/*
1282	* in compare.c:
1283	*/
1284	LDAP_F( int )
1285	ldap_compare_ext LDAP_P((
1286	LDAP *ld,
1287	LDAP_CONST char *dn,
1288	LDAP_CONST char *attr,
1289	struct berval *bvalue,
1290	LDAPControl **serverctrls,
1291	LDAPControl **clientctrls,
1292	int *msgidp ));
1293
1294	LDAP_F( int )
1295	ldap_compare_ext_s LDAP_P((
1296	LDAP *ld,
1297	LDAP_CONST char *dn,
1298	LDAP_CONST char *attr,
1299	struct berval *bvalue,
1300	LDAPControl **serverctrls,
1301	LDAPControl **clientctrls ));
1302
1303	#if LDAP_DEPRECATED
1304	LDAP_F( int )
1305	ldap_compare LDAP_P(( / deprecated, use ldap_compare_ext /
1306	LDAP *ld,
1307	LDAP_CONST char *dn,
1308	LDAP_CONST char *attr,
1309	LDAP_CONST char *value ));
1310
1311	LDAP_F( int )
1312	ldap_compare_s LDAP_P(( / deprecated, use ldap_compare_ext_s /
1313	LDAP *ld,
1314	LDAP_CONST char *dn,
1315	LDAP_CONST char *attr,
1316	LDAP_CONST char *value ));
1317	#endif
1318
1319
1320	/*
1321	* in delete.c:
1322	*/
1323	LDAP_F( int )
1324	ldap_delete_ext LDAP_P((
1325	LDAP *ld,
1326	LDAP_CONST char *dn,
1327	LDAPControl **serverctrls,
1328	LDAPControl **clientctrls,
1329	int *msgidp ));
1330
1331	LDAP_F( int )
1332	ldap_delete_ext_s LDAP_P((
1333	LDAP *ld,
1334	LDAP_CONST char *dn,
1335	LDAPControl **serverctrls,
1336	LDAPControl **clientctrls ));
1337
1338	#if LDAP_DEPRECATED
1339	LDAP_F( int )
1340	ldap_delete LDAP_P(( / deprecated, use ldap_delete_ext /
1341	LDAP *ld,
1342	LDAP_CONST char *dn ));
1343
1344	LDAP_F( int )
1345	ldap_delete_s LDAP_P(( / deprecated, use ldap_delete_ext_s /
1346	LDAP *ld,
1347	LDAP_CONST char *dn ));
1348	#endif
1349
1350
1351	/*
1352	* in error.c:
1353	*/
1354	LDAP_F( int )
1355	ldap_parse_result LDAP_P((
1356	LDAP *ld,
1357	LDAPMessage *res,
1358	int *errcodep,
1359	char **matcheddnp,
1360	char **errmsgp,
1361	char ***referralsp,
1362	LDAPControl ***serverctrls,
1363	int freeit ));
1364
1365	LDAP_F( char * )
1366	ldap_err2string LDAP_P((
1367	int err ));
1368
1369	#if LDAP_DEPRECATED
1370	LDAP_F( int )
1371	ldap_result2error LDAP_P(( / deprecated, use ldap_parse_result /
1372	LDAP *ld,
1373	LDAPMessage *r,
1374	int freeit ));
1375
1376	LDAP_F( void )
1377	ldap_perror LDAP_P(( / deprecated, use ldap_err2string /
1378	LDAP *ld,
1379	LDAP_CONST char *s ));
1380	#endif
1381
1382
1383	/*
1384	* gssapi.c:
1385	*/
1386	LDAP_F( int )
1387	ldap_gssapi_bind LDAP_P((
1388	LDAP *ld,
1389	LDAP_CONST char *dn,
1390	LDAP_CONST char *creds ));
1391
1392	LDAP_F( int )
1393	ldap_gssapi_bind_s LDAP_P((
1394	LDAP *ld,
1395	LDAP_CONST char *dn,
1396	LDAP_CONST char *creds ));
1397
1398
1399	/*
1400	* in modify.c:
1401	*/
1402	LDAP_F( int )
1403	ldap_modify_ext LDAP_P((
1404	LDAP *ld,
1405	LDAP_CONST char *dn,
1406	LDAPMod **mods,
1407	LDAPControl **serverctrls,
1408	LDAPControl **clientctrls,
1409	int *msgidp ));
1410
1411	LDAP_F( int )
1412	ldap_modify_ext_s LDAP_P((
1413	LDAP *ld,
1414	LDAP_CONST char *dn,
1415	LDAPMod **mods,
1416	LDAPControl **serverctrls,
1417	LDAPControl **clientctrls ));
1418
1419	#if LDAP_DEPRECATED
1420	LDAP_F( int )
1421	ldap_modify LDAP_P(( / deprecated, use ldap_modify_ext /
1422	LDAP *ld,
1423	LDAP_CONST char *dn,
1424	LDAPMod **mods ));
1425
1426	LDAP_F( int )
1427	ldap_modify_s LDAP_P(( / deprecated, use ldap_modify_ext_s /
1428	LDAP *ld,
1429	LDAP_CONST char *dn,
1430	LDAPMod **mods ));
1431	#endif
1432
1433
1434	/*
1435	* in modrdn.c:
1436	*/
1437	LDAP_F( int )
1438	ldap_rename LDAP_P((
1439	LDAP *ld,
1440	LDAP_CONST char *dn,
1441	LDAP_CONST char *newrdn,
1442	LDAP_CONST char *newSuperior,
1443	int deleteoldrdn,
1444	LDAPControl **sctrls,
1445	LDAPControl **cctrls,
1446	int *msgidp ));
1447
1448	LDAP_F( int )
1449	ldap_rename_s LDAP_P((
1450	LDAP *ld,
1451	LDAP_CONST char *dn,
1452	LDAP_CONST char *newrdn,
1453	LDAP_CONST char *newSuperior,
1454	int deleteoldrdn,
1455	LDAPControl **sctrls,
1456	LDAPControl **cctrls ));
1457
1458	#if LDAP_DEPRECATED
1459	LDAP_F( int )
1460	ldap_rename2 LDAP_P(( / deprecated, use ldap_rename /
1461	LDAP *ld,
1462	LDAP_CONST char *dn,
1463	LDAP_CONST char *newrdn,
1464	LDAP_CONST char *newSuperior,
1465	int deleteoldrdn ));
1466
1467	LDAP_F( int )
1468	ldap_rename2_s LDAP_P(( / deprecated, use ldap_rename_s /
1469	LDAP *ld,
1470	LDAP_CONST char *dn,
1471	LDAP_CONST char *newrdn,
1472	LDAP_CONST char *newSuperior,
1473	int deleteoldrdn ));
1474
1475	LDAP_F( int )
1476	ldap_modrdn LDAP_P(( / deprecated, use ldap_rename /
1477	LDAP *ld,
1478	LDAP_CONST char *dn,
1479	LDAP_CONST char *newrdn ));
1480
1481	LDAP_F( int )
1482	ldap_modrdn_s LDAP_P(( / deprecated, use ldap_rename_s /
1483	LDAP *ld,
1484	LDAP_CONST char *dn,
1485	LDAP_CONST char *newrdn ));
1486
1487	LDAP_F( int )
1488	ldap_modrdn2 LDAP_P(( / deprecated, use ldap_rename /
1489	LDAP *ld,
1490	LDAP_CONST char *dn,
1491	LDAP_CONST char *newrdn,
1492	int deleteoldrdn ));
1493
1494	LDAP_F( int )
1495	ldap_modrdn2_s LDAP_P(( / deprecated, use ldap_rename_s /
1496	LDAP *ld,
1497	LDAP_CONST char *dn,
1498	LDAP_CONST char *newrdn,
1499	int deleteoldrdn));
1500	#endif
1501
1502
1503	/*
1504	* in open.c:
1505	*/
1506	#if LDAP_DEPRECATED
1507	LDAP_F( LDAP * )
1508	ldap_init LDAP_P(( / deprecated, use ldap_create or ldap_initialize /
1509	LDAP_CONST char *host,
1510	int port ));
1511
1512	LDAP_F( LDAP * )
1513	ldap_open LDAP_P(( / deprecated, use ldap_create or ldap_initialize /
1514	LDAP_CONST char *host,
1515	int port ));
1516	#endif
1517
1518	LDAP_F( int )
1519	ldap_create LDAP_P((
1520	LDAP **ldp ));
1521
1522	LDAP_F( int )
1523	ldap_initialize LDAP_P((
1524	LDAP **ldp,
1525	LDAP_CONST char *url ));
1526
1527	LDAP_F( LDAP * )
1528	ldap_dup LDAP_P((
1529	LDAP *old ));
1530
1531	/*
1532	* in tls.c
1533	*/
1534
1535	LDAP_F( int )
1536	ldap_tls_inplace LDAP_P((
1537	LDAP *ld ));
1538
1539	LDAP_F( int )
1540	ldap_start_tls LDAP_P((
1541	LDAP *ld,
1542	LDAPControl **serverctrls,
1543	LDAPControl **clientctrls,
1544	int *msgidp ));
1545
1546	LDAP_F( int )
1547	ldap_install_tls LDAP_P((
1548	LDAP *ld ));
1549
1550	LDAP_F( int )
1551	ldap_start_tls_s LDAP_P((
1552	LDAP *ld,
1553	LDAPControl **serverctrls,
1554	LDAPControl **clientctrls ));
1555
1556	/*
1557	* in messages.c:
1558	*/
1559	LDAP_F( LDAPMessage * )
1560	ldap_first_message LDAP_P((
1561	LDAP *ld,
1562	LDAPMessage *chain ));
1563
1564	LDAP_F( LDAPMessage * )
1565	ldap_next_message LDAP_P((
1566	LDAP *ld,
1567	LDAPMessage *msg ));
1568
1569	LDAP_F( int )
1570	ldap_count_messages LDAP_P((
1571	LDAP *ld,
1572	LDAPMessage *chain ));
1573
1574	/*
1575	* in references.c:
1576	*/
1577	LDAP_F( LDAPMessage * )
1578	ldap_first_reference LDAP_P((
1579	LDAP *ld,
1580	LDAPMessage *chain ));
1581
1582	LDAP_F( LDAPMessage * )
1583	ldap_next_reference LDAP_P((
1584	LDAP *ld,
1585	LDAPMessage *ref ));
1586
1587	LDAP_F( int )
1588	ldap_count_references LDAP_P((
1589	LDAP *ld,
1590	LDAPMessage *chain ));
1591
1592	LDAP_F( int )
1593	ldap_parse_reference LDAP_P((
1594	LDAP *ld,
1595	LDAPMessage *ref,
1596	char ***referralsp,
1597	LDAPControl ***serverctrls,
1598	int freeit));
1599
1600
1601	/*
1602	* in getentry.c:
1603	*/
1604	LDAP_F( LDAPMessage * )
1605	ldap_first_entry LDAP_P((
1606	LDAP *ld,
1607	LDAPMessage *chain ));
1608
1609	LDAP_F( LDAPMessage * )
1610	ldap_next_entry LDAP_P((
1611	LDAP *ld,
1612	LDAPMessage *entry ));
1613
1614	LDAP_F( int )
1615	ldap_count_entries LDAP_P((
1616	LDAP *ld,
1617	LDAPMessage *chain ));
1618
1619	LDAP_F( int )
1620	ldap_get_entry_controls LDAP_P((
1621	LDAP *ld,
1622	LDAPMessage *entry,
1623	LDAPControl ***serverctrls));
1624
1625
1626	/*
1627	* in addentry.c
1628	*/
1629	LDAP_F( LDAPMessage * )
1630	ldap_delete_result_entry LDAP_P((
1631	LDAPMessage **list,
1632	LDAPMessage *e ));
1633
1634	LDAP_F( void )
1635	ldap_add_result_entry LDAP_P((
1636	LDAPMessage **list,
1637	LDAPMessage *e ));
1638
1639
1640	/*
1641	* in getdn.c
1642	*/
1643	LDAP_F( char * )
1644	ldap_get_dn LDAP_P((
1645	LDAP *ld,
1646	LDAPMessage *entry ));
1647
1648	typedef struct ldap_ava {
1649	struct berval la_attr;
1650	struct berval la_value;
1651	unsigned la_flags;
1652	#define LDAP_AVA_NULL 0x0000U
1653	#define LDAP_AVA_STRING 0x0001U
1654	#define LDAP_AVA_BINARY 0x0002U
1655	#define LDAP_AVA_NONPRINTABLE 0x0004U
1656	#define LDAP_AVA_FREE_ATTR 0x0010U
1657	#define LDAP_AVA_FREE_VALUE 0x0020U
1658
1659	void *la_private;
1660	} LDAPAVA;
1661
1662	typedef LDAPAVA** LDAPRDN;
1663	typedef LDAPRDN* LDAPDN;
1664
1665	/ DN formats /
1666	#define LDAP_DN_FORMAT_LDAP 0x0000U
1667	#define LDAP_DN_FORMAT_LDAPV3 0x0010U
1668	#define LDAP_DN_FORMAT_LDAPV2 0x0020U
1669	#define LDAP_DN_FORMAT_DCE 0x0030U
1670	#define LDAP_DN_FORMAT_UFN 0x0040U /* dn2str only */
1671	#define LDAP_DN_FORMAT_AD_CANONICAL 0x0050U /* dn2str only */
1672	#define LDAP_DN_FORMAT_LBER 0x00F0U /* for testing only */
1673	#define LDAP_DN_FORMAT_MASK 0x00F0U
1674
1675	/ DN flags /
1676	#define LDAP_DN_PRETTY 0x0100U
1677	#define LDAP_DN_SKIP 0x0200U
1678	#define LDAP_DN_P_NOLEADTRAILSPACES 0x1000U
1679	#define LDAP_DN_P_NOSPACEAFTERRDN 0x2000U
1680	#define LDAP_DN_PEDANTIC 0xF000U
1681
1682	LDAP_F( void ) ldap_rdnfree LDAP_P(( LDAPRDN rdn ));
1683	LDAP_F( void ) ldap_dnfree LDAP_P(( LDAPDN dn ));
1684
1685	LDAP_F( int )
1686	ldap_bv2dn LDAP_P((
1687	struct berval *bv,
1688	LDAPDN *dn,
1689	unsigned flags ));
1690
1691	LDAP_F( int )
1692	ldap_str2dn LDAP_P((
1693	LDAP_CONST char *str,
1694	LDAPDN *dn,
1695	unsigned flags ));
1696
1697	LDAP_F( int )
1698	ldap_dn2bv LDAP_P((
1699	LDAPDN dn,
1700	struct berval *bv,
1701	unsigned flags ));
1702
1703	LDAP_F( int )
1704	ldap_dn2str LDAP_P((
1705	LDAPDN dn,
1706	char **str,
1707	unsigned flags ));
1708
1709	LDAP_F( int )
1710	ldap_bv2rdn LDAP_P((
1711	struct berval *bv,
1712	LDAPRDN *rdn,
1713	char **next,
1714	unsigned flags ));
1715
1716	LDAP_F( int )
1717	ldap_str2rdn LDAP_P((
1718	LDAP_CONST char *str,
1719	LDAPRDN *rdn,
1720	char **next,
1721	unsigned flags ));
1722
1723	LDAP_F( int )
1724	ldap_rdn2bv LDAP_P((
1725	LDAPRDN rdn,
1726	struct berval *bv,
1727	unsigned flags ));
1728
1729	LDAP_F( int )
1730	ldap_rdn2str LDAP_P((
1731	LDAPRDN rdn,
1732	char **str,
1733	unsigned flags ));
1734
1735	LDAP_F( int )
1736	ldap_dn_normalize LDAP_P((
1737	LDAP_CONST char in, unsigned* iflags,
1738	char *out, unsigned* oflags ));
1739
1740	LDAP_F( char * )
1741	ldap_dn2ufn LDAP_P(( / deprecated, use ldap_str2dn/dn2str /
1742	LDAP_CONST char *dn ));
1743
1744	LDAP_F( char ** )
1745	ldap_explode_dn LDAP_P(( / deprecated, ldap_str2dn /
1746	LDAP_CONST char *dn,
1747	int notypes ));
1748
1749	LDAP_F( char ** )
1750	ldap_explode_rdn LDAP_P(( / deprecated, ldap_str2rdn /
1751	LDAP_CONST char *rdn,
1752	int notypes ));
1753
1754	typedef int LDAPDN_rewrite_func
1755	LDAP_P(( LDAPDN dn, unsigned flags, void *ctx ));
1756
1757	LDAP_F( int )
1758	ldap_X509dn2bv LDAP_P(( void x509_name, struct* berval *dn,
1759	LDAPDN_rewrite_func func, unsigned* flags ));
1760
1761	LDAP_F( char * )
1762	ldap_dn2dcedn LDAP_P(( / deprecated, ldap_str2dn/dn2str /
1763	LDAP_CONST char *dn ));
1764
1765	LDAP_F( char * )
1766	ldap_dcedn2dn LDAP_P(( / deprecated, ldap_str2dn/dn2str /
1767	LDAP_CONST char *dce ));
1768
1769	LDAP_F( char * )
1770	ldap_dn2ad_canonical LDAP_P(( / deprecated, ldap_str2dn/dn2str /
1771	LDAP_CONST char *dn ));
1772
1773	LDAP_F( int )
1774	ldap_get_dn_ber LDAP_P((
1775	LDAP ld, LDAPMessage e, BerElement berout, struct** berval *dn ));
1776
1777	LDAP_F( int )
1778	ldap_get_attribute_ber LDAP_P((
1779	LDAP ld, LDAPMessage e, BerElement ber, struct* berval *attr,
1780	struct berval **vals ));
1781
1782	/*
1783	* in getattr.c
1784	*/
1785	LDAP_F( char * )
1786	ldap_first_attribute LDAP_P((
1787	LDAP *ld,
1788	LDAPMessage *entry,
1789	BerElement **ber ));
1790
1791	LDAP_F( char * )
1792	ldap_next_attribute LDAP_P((
1793	LDAP *ld,
1794	LDAPMessage *entry,
1795	BerElement *ber ));
1796
1797
1798	/*
1799	* in getvalues.c
1800	*/
1801	LDAP_F( struct berval ** )
1802	ldap_get_values_len LDAP_P((
1803	LDAP *ld,
1804	LDAPMessage *entry,
1805	LDAP_CONST char *target ));
1806
1807	LDAP_F( int )
1808	ldap_count_values_len LDAP_P((
1809	struct berval **vals ));
1810
1811	LDAP_F( void )
1812	ldap_value_free_len LDAP_P((
1813	struct berval **vals ));
1814
1815	#if LDAP_DEPRECATED
1816	LDAP_F( char ** )
1817	ldap_get_values LDAP_P(( / deprecated, use ldap_get_values_len /
1818	LDAP *ld,
1819	LDAPMessage *entry,
1820	LDAP_CONST char *target ));
1821
1822	LDAP_F( int )
1823	ldap_count_values LDAP_P(( / deprecated, use ldap_count_values_len /
1824	char **vals ));
1825
1826	LDAP_F( void )
1827	ldap_value_free LDAP_P(( / deprecated, use ldap_value_free_len /
1828	char **vals ));
1829	#endif
1830
1831	/*
1832	* in result.c:
1833	*/
1834	LDAP_F( int )
1835	ldap_result LDAP_P((
1836	LDAP *ld,
1837	int msgid,
1838	int all,
1839	struct timeval *timeout,
1840	LDAPMessage **result ));
1841
1842	LDAP_F( int )
1843	ldap_msgtype LDAP_P((
1844	LDAPMessage *lm ));
1845
1846	LDAP_F( int )
1847	ldap_msgid LDAP_P((
1848	LDAPMessage *lm ));
1849
1850	LDAP_F( int )
1851	ldap_msgfree LDAP_P((
1852	LDAPMessage *lm ));
1853
1854	LDAP_F( int )
1855	ldap_msgdelete LDAP_P((
1856	LDAP *ld,
1857	int msgid ));
1858
1859
1860	/*
1861	* in search.c:
1862	*/
1863	LDAP_F( int )
1864	ldap_bv2escaped_filter_value LDAP_P((
1865	struct berval *in,
1866	struct berval *out ));
1867
1868	LDAP_F( int )
1869	ldap_search_ext LDAP_P((
1870	LDAP *ld,
1871	LDAP_CONST char *base,
1872	int scope,
1873	LDAP_CONST char *filter,
1874	char **attrs,
1875	int attrsonly,
1876	LDAPControl **serverctrls,
1877	LDAPControl **clientctrls,
1878	struct timeval *timeout,
1879	int sizelimit,
1880	int *msgidp ));
1881
1882	LDAP_F( int )
1883	ldap_search_ext_s LDAP_P((
1884	LDAP *ld,
1885	LDAP_CONST char *base,
1886	int scope,
1887	LDAP_CONST char *filter,
1888	char **attrs,
1889	int attrsonly,
1890	LDAPControl **serverctrls,
1891	LDAPControl **clientctrls,
1892	struct timeval *timeout,
1893	int sizelimit,
1894	LDAPMessage **res ));
1895
1896	#if LDAP_DEPRECATED
1897	LDAP_F( int )
1898	ldap_search LDAP_P(( / deprecated, use ldap_search_ext /
1899	LDAP *ld,
1900	LDAP_CONST char *base,
1901	int scope,
1902	LDAP_CONST char *filter,
1903	char **attrs,
1904	int attrsonly ));
1905
1906	LDAP_F( int )
1907	ldap_search_s LDAP_P(( / deprecated, use ldap_search_ext_s /
1908	LDAP *ld,
1909	LDAP_CONST char *base,
1910	int scope,
1911	LDAP_CONST char *filter,
1912	char **attrs,
1913	int attrsonly,
1914	LDAPMessage **res ));
1915
1916	LDAP_F( int )
1917	ldap_search_st LDAP_P(( / deprecated, use ldap_search_ext_s /
1918	LDAP *ld,
1919	LDAP_CONST char *base,
1920	int scope,
1921	LDAP_CONST char *filter,
1922	char **attrs,
1923	int attrsonly,
1924	struct timeval *timeout,
1925	LDAPMessage **res ));
1926	#endif
1927
1928	/*
1929	* in unbind.c
1930	*/
1931	LDAP_F( int )
1932	ldap_unbind_ext LDAP_P((
1933	LDAP *ld,
1934	LDAPControl **serverctrls,
1935	LDAPControl **clientctrls));
1936
1937	LDAP_F( int )
1938	ldap_unbind_ext_s LDAP_P((
1939	LDAP *ld,
1940	LDAPControl **serverctrls,
1941	LDAPControl **clientctrls));
1942
1943	LDAP_F( int )
1944	ldap_destroy LDAP_P((
1945	LDAP *ld));
1946
1947	#if LDAP_DEPRECATED
1948	LDAP_F( int )
1949	ldap_unbind LDAP_P(( / deprecated, use ldap_unbind_ext /
1950	LDAP *ld ));
1951
1952	LDAP_F( int )
1953	ldap_unbind_s LDAP_P(( / deprecated, use ldap_unbind_ext_s /
1954	LDAP *ld ));
1955	#endif
1956
1957	/*
1958	* in filter.c
1959	*/
1960	LDAP_F( int )
1961	ldap_put_vrFilter LDAP_P((
1962	BerElement *ber,
1963	const char *vrf ));
1964
1965	/*
1966	* in free.c
1967	*/
1968
1969	LDAP_F( void * )
1970	ldap_memalloc LDAP_P((
1971	ber_len_t s ));
1972
1973	LDAP_F( void * )
1974	ldap_memrealloc LDAP_P((
1975	void* p,
1976	ber_len_t s ));
1977
1978	LDAP_F( void * )
1979	ldap_memcalloc LDAP_P((
1980	ber_len_t n,
1981	ber_len_t s ));
1982
1983	LDAP_F( void )
1984	ldap_memfree LDAP_P((
1985	void* p ));
1986
1987	LDAP_F( void )
1988	ldap_memvfree LDAP_P((
1989	void** v ));
1990
1991	LDAP_F( char * )
1992	ldap_strdup LDAP_P((
1993	LDAP_CONST char * ));
1994
1995	LDAP_F( void )
1996	ldap_mods_free LDAP_P((
1997	LDAPMod **mods,
1998	int freemods ));
1999
2000
2001	#if LDAP_DEPRECATED
2002	/*
2003	* in sort.c (deprecated, use custom code instead)
2004	*/
2005	typedef int (LDAP_SORT_AD_CMP_PROC) LDAP_P(( / deprecated /
2006	LDAP_CONST char *left,
2007	LDAP_CONST char *right ));
2008
2009	typedef int (LDAP_SORT_AV_CMP_PROC) LDAP_P(( / deprecated /
2010	LDAP_CONST void *left,
2011	LDAP_CONST void *right ));
2012
2013	LDAP_F( int ) / deprecated /
2014	ldap_sort_entries LDAP_P(( LDAP *ld,
2015	LDAPMessage **chain,
2016	LDAP_CONST char *attr,
2017	LDAP_SORT_AD_CMP_PROC *cmp ));
2018
2019	LDAP_F( int ) / deprecated /
2020	ldap_sort_values LDAP_P((
2021	LDAP *ld,
2022	char **vals,
2023	LDAP_SORT_AV_CMP_PROC *cmp ));
2024
2025	LDAP_F( int ) / deprecated /
2026	ldap_sort_strcasecmp LDAP_P((
2027	LDAP_CONST void *a,
2028	LDAP_CONST void *b ));
2029	#endif
2030
2031	/*
2032	* in url.c
2033	*/
2034	LDAP_F( int )
2035	ldap_is_ldap_url LDAP_P((
2036	LDAP_CONST char *url ));
2037
2038	LDAP_F( int )
2039	ldap_is_ldaps_url LDAP_P((
2040	LDAP_CONST char *url ));
2041
2042	LDAP_F( int )
2043	ldap_is_ldapi_url LDAP_P((
2044	LDAP_CONST char *url ));
2045
2046	LDAP_F( int )
2047	ldap_url_parse LDAP_P((
2048	LDAP_CONST char *url,
2049	LDAPURLDesc **ludpp ));
2050
2051	LDAP_F( char * )
2052	ldap_url_desc2str LDAP_P((
2053	LDAPURLDesc *ludp ));
2054
2055	LDAP_F( void )
2056	ldap_free_urldesc LDAP_P((
2057	LDAPURLDesc *ludp ));
2058
2059
2060	/*
2061	* LDAP Cancel Extended Operation <draft-zeilenga-ldap-cancel-xx.txt>
2062	* in cancel.c
2063	*/
2064	#define LDAP_API_FEATURE_CANCEL 1000
2065
2066	LDAP_F( int )
2067	ldap_cancel LDAP_P(( LDAP *ld,
2068	int cancelid,
2069	LDAPControl **sctrls,
2070	LDAPControl **cctrls,
2071	int *msgidp ));
2072
2073	LDAP_F( int )
2074	ldap_cancel_s LDAP_P(( LDAP *ld,
2075	int cancelid,
2076	LDAPControl **sctrl,
2077	LDAPControl **cctrl ));
2078
2079	/*
2080	* LDAP Turn Extended Operation <draft-zeilenga-ldap-turn-xx.txt>
2081	* in turn.c
2082	*/
2083	#define LDAP_API_FEATURE_TURN 1000
2084
2085	LDAP_F( int )
2086	ldap_turn LDAP_P(( LDAP *ld,
2087	int mutual,
2088	LDAP_CONST char* identifier,
2089	LDAPControl **sctrls,
2090	LDAPControl **cctrls,
2091	int *msgidp ));
2092
2093	LDAP_F( int )
2094	ldap_turn_s LDAP_P(( LDAP *ld,
2095	int mutual,
2096	LDAP_CONST char* identifier,
2097	LDAPControl **sctrl,
2098	LDAPControl **cctrl ));
2099
2100	/*
2101	* LDAP Paged Results
2102	* in pagectrl.c
2103	*/
2104	#define LDAP_API_FEATURE_PAGED_RESULTS 2000
2105
2106	LDAP_F( int )
2107	ldap_create_page_control_value LDAP_P((
2108	LDAP *ld,
2109	ber_int_t pagesize,
2110	struct berval *cookie,
2111	struct berval *value ));
2112
2113	LDAP_F( int )
2114	ldap_create_page_control LDAP_P((
2115	LDAP *ld,
2116	ber_int_t pagesize,
2117	struct berval *cookie,
2118	int iscritical,
2119	LDAPControl **ctrlp ));
2120
2121	#if LDAP_DEPRECATED
2122	LDAP_F( int )
2123	ldap_parse_page_control LDAP_P((
2124	/ deprecated, use ldap_parse_pageresponse_control /
2125	LDAP *ld,
2126	LDAPControl **ctrls,
2127	ber_int_t *count,
2128	struct berval **cookie ));
2129	#endif
2130
2131	LDAP_F( int )
2132	ldap_parse_pageresponse_control LDAP_P((
2133	LDAP *ld,
2134	LDAPControl *ctrl,
2135	ber_int_t *count,
2136	struct berval *cookie ));
2137
2138	/*
2139	* LDAP Server Side Sort
2140	* in sortctrl.c
2141	*/
2142	#define LDAP_API_FEATURE_SERVER_SIDE_SORT 2000
2143
2144	/ structure for a sort-key /
2145	typedef struct ldapsortkey {
2146	char *attributeType;
2147	char *orderingRule;
2148	int reverseOrder;
2149	} LDAPSortKey;
2150
2151	LDAP_F( int )
2152	ldap_create_sort_keylist LDAP_P((
2153	LDAPSortKey ***sortKeyList,
2154	char *keyString ));
2155
2156	LDAP_F( void )
2157	ldap_free_sort_keylist LDAP_P((
2158	LDAPSortKey **sortkeylist ));
2159
2160	LDAP_F( int )
2161	ldap_create_sort_control_value LDAP_P((
2162	LDAP *ld,
2163	LDAPSortKey **keyList,
2164	struct berval *value ));
2165
2166	LDAP_F( int )
2167	ldap_create_sort_control LDAP_P((
2168	LDAP *ld,
2169	LDAPSortKey **keyList,
2170	int iscritical,
2171	LDAPControl **ctrlp ));
2172
2173	LDAP_F( int )
2174	ldap_parse_sortresponse_control LDAP_P((
2175	LDAP *ld,
2176	LDAPControl *ctrl,
2177	ber_int_t *result,
2178	char **attribute ));
2179
2180	/*
2181	* LDAP Virtual List View
2182	* in vlvctrl.c
2183	*/
2184	#define LDAP_API_FEATURE_VIRTUAL_LIST_VIEW 2000
2185
2186	/ structure for virtual list /
2187	typedef struct ldapvlvinfo {
2188	ber_int_t ldvlv_version;
2189	ber_int_t ldvlv_before_count;
2190	ber_int_t ldvlv_after_count;
2191	ber_int_t ldvlv_offset;
2192	ber_int_t ldvlv_count;
2193	struct berval * ldvlv_attrvalue;
2194	struct berval * ldvlv_context;
2195	void * ldvlv_extradata;
2196	} LDAPVLVInfo;
2197
2198	LDAP_F( int )
2199	ldap_create_vlv_control_value LDAP_P((
2200	LDAP *ld,
2201	LDAPVLVInfo *ldvlistp,
2202	struct berval *value));
2203
2204	LDAP_F( int )
2205	ldap_create_vlv_control LDAP_P((
2206	LDAP *ld,
2207	LDAPVLVInfo *ldvlistp,
2208	LDAPControl **ctrlp ));
2209
2210	LDAP_F( int )
2211	ldap_parse_vlvresponse_control LDAP_P((
2212	LDAP *ld,
2213	LDAPControl *ctrls,
2214	ber_int_t *target_posp,
2215	ber_int_t *list_countp,
2216	struct berval **contextp,
2217	int *errcodep ));
2218
2219	/*
2220	* LDAP Who Am I?
2221	* in whoami.c
2222	*/
2223	#define LDAP_API_FEATURE_WHOAMI 1000
2224
2225	LDAP_F( int )
2226	ldap_parse_whoami LDAP_P((
2227	LDAP *ld,
2228	LDAPMessage *res,
2229	struct berval **authzid ));
2230
2231	LDAP_F( int )
2232	ldap_whoami LDAP_P(( LDAP *ld,
2233	LDAPControl **sctrls,
2234	LDAPControl **cctrls,
2235	int *msgidp ));
2236
2237	LDAP_F( int )
2238	ldap_whoami_s LDAP_P((
2239	LDAP *ld,
2240	struct berval **authzid,
2241	LDAPControl **sctrls,
2242	LDAPControl **cctrls ));
2243
2244	/*
2245	* LDAP Password Modify
2246	* in passwd.c
2247	*/
2248	#define LDAP_API_FEATURE_PASSWD_MODIFY 1000
2249
2250	LDAP_F( int )
2251	ldap_parse_passwd LDAP_P((
2252	LDAP *ld,
2253	LDAPMessage *res,
2254	struct berval *newpasswd ));
2255
2256	LDAP_F( int )
2257	ldap_passwd LDAP_P(( LDAP *ld,
2258	struct berval *user,
2259	struct berval *oldpw,
2260	struct berval *newpw,
2261	LDAPControl **sctrls,
2262	LDAPControl **cctrls,
2263	int *msgidp ));
2264
2265	LDAP_F( int )
2266	ldap_passwd_s LDAP_P((
2267	LDAP *ld,
2268	struct berval *user,
2269	struct berval *oldpw,
2270	struct berval *newpw,
2271	struct berval *newpasswd,
2272	LDAPControl **sctrls,
2273	LDAPControl **cctrls ));
2274
2275	#ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST
2276	/*
2277	* LDAP Password Policy controls
2278	* in ppolicy.c
2279	*/
2280	#define LDAP_API_FEATURE_PASSWORD_POLICY 1000
2281
2282	typedef enum passpolicyerror_enum {
2283	PP_passwordExpired = `0`,
2284	PP_accountLocked = `1`,
2285	PP_changeAfterReset = `2`,
2286	PP_passwordModNotAllowed = `3`,
2287	PP_mustSupplyOldPassword = `4`,
2288	PP_insufficientPasswordQuality = `5`,
2289	PP_passwordTooShort = `6`,
2290	PP_passwordTooYoung = `7`,
2291	PP_passwordInHistory = `8`,
2292	PP_noError = `65535`
2293	} LDAPPasswordPolicyError;
2294
2295	LDAP_F( int )
2296	ldap_create_passwordpolicy_control LDAP_P((
2297	LDAP *ld,
2298	LDAPControl **ctrlp ));
2299
2300	LDAP_F( int )
2301	ldap_parse_passwordpolicy_control LDAP_P((
2302	LDAP *ld,
2303	LDAPControl *ctrl,
2304	ber_int_t *expirep,
2305	ber_int_t *gracep,
2306	LDAPPasswordPolicyError *errorp ));
2307
2308	LDAP_F( const char * )
2309	ldap_passwordpolicy_err2txt LDAP_P(( LDAPPasswordPolicyError ));
2310	#endif /* LDAP_CONTROL_PASSWORDPOLICYREQUEST */
2311
2312	/*
2313	* LDAP Dynamic Directory Services Refresh -- RFC 2589
2314	* in dds.c
2315	*/
2316	#define LDAP_API_FEATURE_REFRESH 1000
2317
2318	LDAP_F( int )
2319	ldap_parse_refresh LDAP_P((
2320	LDAP *ld,
2321	LDAPMessage *res,
2322	ber_int_t *newttl ));
2323
2324	LDAP_F( int )
2325	ldap_refresh LDAP_P(( LDAP *ld,
2326	struct berval *dn,
2327	ber_int_t ttl,
2328	LDAPControl **sctrls,
2329	LDAPControl **cctrls,
2330	int *msgidp ));
2331
2332	LDAP_F( int )
2333	ldap_refresh_s LDAP_P((
2334	LDAP *ld,
2335	struct berval *dn,
2336	ber_int_t ttl,
2337	ber_int_t *newttl,
2338	LDAPControl **sctrls,
2339	LDAPControl **cctrls ));
2340
2341	/*
2342	* LDAP Transactions
2343	*/
2344	#ifdef LDAP_X_TXN
2345	LDAP_F( int )
2346	ldap_txn_start LDAP_P(( LDAP *ld,
2347	LDAPControl **sctrls,
2348	LDAPControl **cctrls,
2349	int *msgidp ));
2350
2351	LDAP_F( int )
2352	ldap_txn_start_s LDAP_P(( LDAP *ld,
2353	LDAPControl **sctrl,
2354	LDAPControl **cctrl,
2355	struct berval **rettxnid ));
2356
2357	LDAP_F( int )
2358	ldap_txn_end LDAP_P(( LDAP *ld,
2359	int commit,
2360	struct berval *txnid,
2361	LDAPControl **sctrls,
2362	LDAPControl **cctrls,
2363	int *msgidp ));
2364
2365	LDAP_F( int )
2366	ldap_txn_end_s LDAP_P(( LDAP *ld,
2367	int commit,
2368	struct berval *txnid,
2369	LDAPControl **sctrl,
2370	LDAPControl **cctrl,
2371	int *retidp ));
2372	#endif
2373
2374	/*
2375	* in ldap_sync.c
2376	*/
2377
2378	/*
2379	* initialize the persistent search structure
2380	*/
2381	LDAP_F( ldap_sync_t * )
2382	ldap_sync_initialize LDAP_P((
2383	ldap_sync_t *ls ));
2384
2385	/*
2386	* destroy the persistent search structure
2387	*/
2388	LDAP_F( void )
2389	ldap_sync_destroy LDAP_P((
2390	ldap_sync_t *ls,
2391	int freeit ));
2392
2393	/*
2394	* initialize a refreshOnly sync
2395	*/
2396	LDAP_F( int )
2397	ldap_sync_init LDAP_P((
2398	ldap_sync_t *ls,
2399	int mode ));
2400
2401	/*
2402	* initialize a refreshOnly sync
2403	*/
2404	LDAP_F( int )
2405	ldap_sync_init_refresh_only LDAP_P((
2406	ldap_sync_t *ls ));
2407
2408	/*
2409	* initialize a refreshAndPersist sync
2410	*/
2411	LDAP_F( int )
2412	ldap_sync_init_refresh_and_persist LDAP_P((
2413	ldap_sync_t *ls ));
2414
2415	/*
2416	* poll for new responses
2417	*/
2418	LDAP_F( int )
2419	ldap_sync_poll LDAP_P((
2420	ldap_sync_t *ls ));
2421
2422	#ifdef LDAP_CONTROL_X_SESSION_TRACKING
2423
2424	/*
2425	* in stctrl.c
2426	*/
2427	LDAP_F( int )
2428	ldap_create_session_tracking_value LDAP_P((
2429	LDAP *ld,
2430	char *sessionSourceIp,
2431	char *sessionSourceName,
2432	char *formatOID,
2433	struct berval *sessionTrackingIdentifier,
2434	struct berval *value ));
2435
2436	LDAP_F( int )
2437	ldap_create_session_tracking_control LDAP_P((
2438	LDAP *ld,
2439	char *sessionSourceIp,
2440	char *sessionSourceName,
2441	char *formatOID,
2442	struct berval *sessionTrackingIdentifier,
2443	LDAPControl **ctrlp ));
2444
2445	LDAP_F( int )
2446	ldap_parse_session_tracking_control LDAP_P((
2447	LDAP *ld,
2448	LDAPControl *ctrl,
2449	struct berval *ip,
2450	struct berval *name,
2451	struct berval *oid,
2452	struct berval *id ));
2453
2454	#endif /* LDAP_CONTROL_X_SESSION_TRACKING */
2455
2456	/*
2457	* in assertion.c
2458	*/
2459	LDAP_F (int)
2460	ldap_create_assertion_control_value LDAP_P((
2461	LDAP *ld,
2462	char *assertion,
2463	struct berval *value ));
2464
2465	LDAP_F( int )
2466	ldap_create_assertion_control LDAP_P((
2467	LDAP *ld,
2468	char *filter,
2469	int iscritical,
2470	LDAPControl **ctrlp ));
2471
2472	/*
2473	* in deref.c
2474	*/
2475
2476	typedef struct LDAPDerefSpec {
2477	char *derefAttr;
2478	char **attributes;
2479	} LDAPDerefSpec;
2480
2481	typedef struct LDAPDerefVal {
2482	char *type;
2483	BerVarray vals;
2484	struct LDAPDerefVal *next;
2485	} LDAPDerefVal;
2486
2487	typedef struct LDAPDerefRes {
2488	char *derefAttr;
2489	struct berval derefVal;
2490	LDAPDerefVal *attrVals;
2491	struct LDAPDerefRes *next;
2492	} LDAPDerefRes;
2493
2494	LDAP_F( int )
2495	ldap_create_deref_control_value LDAP_P((
2496	LDAP *ld,
2497	LDAPDerefSpec *ds,
2498	struct berval *value ));
2499
2500	LDAP_F( int )
2501	ldap_create_deref_control LDAP_P((
2502	LDAP *ld,
2503	LDAPDerefSpec *ds,
2504	int iscritical,
2505	LDAPControl **ctrlp ));
2506
2507	LDAP_F( void )
2508	ldap_derefresponse_free LDAP_P((
2509	LDAPDerefRes *dr ));
2510
2511	LDAP_F( int )
2512	ldap_parse_derefresponse_control LDAP_P((
2513	LDAP *ld,
2514	LDAPControl *ctrl,
2515	LDAPDerefRes **drp ));
2516
2517	LDAP_F( int )
2518	ldap_parse_deref_control LDAP_P((
2519	LDAP *ld,
2520	LDAPControl **ctrls,
2521	LDAPDerefRes **drp ));
2522
2523	LDAP_END_DECL
2524	#endif /* _LDAP_H */
2525

Browse the source code of netbsd/objdir.amd64/destdir.amd64/usr/include/ldap.h