/************************************************************************* * * * HPE CONFIDENTIAL. This software is confidential proprietary software * * licensed by Hewlett Packard Enterprise Development, LP, and is not * * authorized to be used, duplicated or disclosed to anyone without the * * prior written permission of HPE. * * Copyright 2016 Hewlett Packard Enterprise Development, LP * * * * VMS SOFTWARE, INC. CONFIDENTIAL. This software is confidential * * proprietary software licensed by VMS Software, Inc., and is not * * authorized to be used, duplicated or disclosed to anyone without * * the prior written permission of VMS Software, Inc. * * Copyright 2016, 2018, 2019 VMS Software, Inc. * * * *************************************************************************/ /* * * Copyright (c) 1998-1999 Innosoft International, Inc. All Rights Reserved. * * Copyright (c) 1996-1998 Critical Angle Inc. All Rights Reserved. * * Copyright (c) 1990-1996 Regents of the University of Michigan. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and that due credit is given * to the University of Michigan at Ann Arbor. The name of the University * may not be used to endorse or promote products derived from this * software without specific prior written permission. This software * is provided ``as is'' without express or implied warranty. * */ /* * Revision history * * X-6 Douglas Fyfe 17-Jul-2019 * Add TLS V1.3 to list of selectable protocols for SSL 1.1.1 * * X-5 Douglas Fyfe 19-Feb-2019 * Define SSL/TLS protocol constants to be used in TLS.C. * Synch LDAP and STARLET_H facilities on this copy */ /* * Compaq revision history * * Rev Author Date Comments * --- ------ ---- -------- * 001 Nick Hudson 03-May-2000 Add pragmas to support "ldap$" prefixing * 002 Nick Hudson 10-May-2000 First attempt at fixing LDAP_CONST issue * for BL1 * 003 Nick Hudson 10-May-2000 First attempt at fixing ldap_modrdn issue * for BL1 * 004 Nick Hudson 12-May-2000 Fixes to make library use "tis" routines * on VMS * 005 Nick Hudson 16-May-2000 Clean up header file * * 006 Nick Hudson 19-May-2000 Remove references to DOLLAR_PREFIX macro * since all builds now will do prefixing; * Used pragma to disable LONGEXTERN * warnings * * 007 Nick Hudson 30-May-2000 Hide all private data; fix ldap_modrdn * prototypes; fix LDAP_CONST * * 008 Nick Hudson 15-Jun-2000 Changes for initial 32/64 bit implementation: * 1. Name mapping for 64-bit callers * 2. used "member_alignment" pragma * 3. correct "ber_init" prototype * 4. Remove all private data altogether * * 009 Nick Hudson 19-Jul-2000 Make function naming more consistent for * 32/64 bit entry points: use "_32" suffix * * 010 Nick Hudson 20-Jul-2000 Set LDAP_API_VERSION to 2004 * * 011 Paul Dallas 13-Feb-2002 Include SSL definitions * * 012 Paul Dallas 24-Feb-2002 Include URL definitions * * 013 Nick Hudson 18-Apr-2002 Increment LDAP_VENDOR_VERSION * * 014 Paul Dallas 30-Apr-2003 Add jacket routine for ldap_free_urldesc * * 015 Prasad SG 04-Aug-2010 Added LDAP_OPT_BIND_TIMELIMIT option */ /* * $RCSfile: ldap.h,v $ $Revision: 1.84 $ $Date: 2000/01/27 21:54:51 $ $State: Exp $ * * $Log: ldap.h,v $ * Revision 1.84 2000/01/27 21:54:51 wahl * A0001274A move str_parse_line_b64 to ldap.h * * Revision 1.83 2000/01/22 05:57:24 wahl * A0001214B add ldap_stats_info * * Revision 1.82 2000/01/07 22:29:45 ac * A00010520A - align ber_scanf/ber_printf integer types with latest draft * * Revision 1.81 1999/12/23 18:20:19 wahl * add ldap_memalloc_fns * * Revision 1.80 1999/12/15 23:17:54 rcw * AIX not ready for AF_INET6 * * Revision 1.79 1999/11/19 23:41:56 kvc * Suppress INET6 for VMS, too * * Revision 1.78 1999/11/15 23:40:01 wahl * add ldap_errno * * Revision 1.77 1999/11/13 21:55:02 wahl * integrate draft -04 changes * * Revision 1.76 1999/10/28 07:25:46 wahl * enable FreeBSD threads * * Revision 1.75 1999/09/08 15:24:37 ac * A99090320A - move dn normalize functions into libldap * * Revision 1.74 1999/08/04 20:13:37 Administrator * A9908034A add LDAP_OPT_TLS_CONTEXT * * Revision 1.73 1999/07/01 23:15:12 wahl * update const arguments * * Revision 1.72 1999/06/29 19:37:47 nr * add LDAP_CONTROL_PROXIED_AUTHORIZATION * * Revision 1.71 1999/06/25 22:43:07 wahl * reorganize LDAP_DEBUG values * * Revision 1.70 1999/05/24 16:46:33 wahl * add CLDAP prototypes * * Revision 1.69 1999/05/15 01:10:37 nr * add LDAP_CONTROL_TREE_DELETE * * Revision 1.68 1999/05/11 18:20:57 Administrator * add cldap_setretryinfo * * Revision 1.67 1999/04/20 04:30:16 Administrator * add LDAP_OPT_TLS_VERSION * * Revision 1.66 1999/03/29 21:39:33 wahl * A9903294A adjust calculation of LDIF_SIZE_NEEDED * * Revision 1.65 1999/03/25 17:45:25 wahl * A9903244A estabfn in ldap_conn_swap returns long * * Revision 1.64 1999/03/25 17:30:16 wahl * A9903244A use long instead of int for sb_sd * * Revision 1.63 1999/03/04 21:25:17 Administrator * A9903044A ensure pthread.h included on AIX * * Revision 1.62 1999/02/09 20:44:34 ac * DIGEST-MD5 initial auth response * * Revision 1.61 1999/01/08 23:44:39 Administrator * correct export for ldap_parse_unsolicited * * Revision 1.60 1999/01/07 02:47:44 Administrator * allow ldap.h and Perl to be combined on Win32 * * Revision 1.59 1999/01/06 23:50:44 wahl * advertise string arguments as const * * Revision 1.58 1999/01/06 18:50:00 Administrator * add IDDS controls and ext ops * * Revision 1.57 1998/12/30 18:01:50 Administrator * add LDAP_CONTROL_INCR_UPDATE * * Revision 1.56 1998/12/30 17:56:19 wahl * add ldap_modrdn * * Revision 1.55 1998/12/23 18:21:48 Administrator * add Mozilla compat stubs * * Revision 1.54 1998/12/22 00:57:03 Administrator * add search preferences and display templates from U-M LDAP * * Revision 1.53 1998/12/21 23:38:30 Administrator * readd filter, compatibility commands * * Revision 1.52 1998/11/25 20:56:47 wahl * A9811254B HP-UX 11.0 threads support in headers * * Revision 1.51 1998/11/15 23:25:43 wahl * add new LDAP control OIDs * * Revision 1.50 1998/11/13 16:35:05 crw * Fix ifdef for no threads on VMS * * Revision 1.49 1998/10/25 00:26:51 wahl * A9810244A add NetBSD * * Revision 1.48 1998/10/21 15:38:56 wahl * add LDAPAPIInfo * * Revision 1.47 1998/10/06 05:51:39 kvc * A98100413A changes to support VMS V6 * * Revision 1.46 1998/10/02 17:40:14 wahl * A9810024A add lber.h and ldap_parse_unsolicited * * Revision 1.45 1998/09/20 06:16:56 kvc * A98092013A #include needed on VMS * * Revision 1.44 1998/09/12 00:47:47 wahl * call ldap_log_set_path * * Revision 1.43 1998/09/09 21:57:58 wahl * add LDAP_URL_SCOPE_UNSET * * Revision 1.42 1998/09/07 01:57:45 wahl * change hpux to __hppa * * Revision 1.41 1998/09/03 21:25:19 wahl * add LDAPCDECL to all functions * * */ #ifndef _H_III_LDAP #define _H_III_LDAP 1 #define LDAP_API_VERSION 2005 #define LDAP_VERSION_MIN 2 #define LDAP_VERSION_MAX 3 #define LDAP_VENDOR_NAME "Compaq Computer Corporation" #define LDAP_VENDOR_VERSION 200 #ifndef LDAP_CONST #define LDAP_CONST const #endif /* * * =========================================================================== * Other Portability Definitions * * This is where we define common stuff to make life easier on various Unix * systems. * */ #include #include #if defined(__VMS) #include #include #include #include #include #endif /* __VMS */ #include #include #include #include #include #ifndef __VMS #include #endif #include /* * Allow or use IPv6? This is set on non-linux machines if AF_INET6 is * defined. Win32 defines AF_INET6 but does not contain the * correct structure definitions. */ #if defined(AF_INET6) && (!defined(__VMS) && !defined(__osf__)) #define CAI_HAVE_INET6 #endif /* #define CAI_USE_INET6 */ #if defined(__osf__) #include #endif /* * The RFC documents define the names of the entry points to the API which * the user can expect to see. For the VMS implementation, the names * exposed by the RTL differ from the public names for the following reasons: * * 1. All of the names are prefixed by "LDAP$" in order to ensure that the * symbol namespace isn't polluted. * * 2. Because the RTL offers both 32 and 64 bit interfaces, the suffixes * "_32" and "_64" are used for entry points which are 32 or 64 bit * specific (functions which are not sensitive to pointer size have * no suffix) * * 3. Function names which (with suffix and prefix) would exceed 31 characters * in length are truncated. * * Adding the "LDAP$" prefix is done by the compiler as a result of the * "#pragma extern_prefix" directive. * * Adding suffixes and truncating names is done in the following set of * "#define" statements: */ #if (__INITIAL_POINTER_SIZE != 64) /* * This section will be processed for 32 bit compilations */ #define ldap_init ldap_init_32 #define ldap_open ldap_open_32 #define ldap_get_option ldap_get_option_32 #define ldap_set_option ldap_set_option_32 #define ldap_control_free ldap_control_free_32 #define ldap_controls_free ldap_controls_free_32 #define ldap_sasl_bind ldap_sasl_bind_32 #define ldap_sasl_bind_s ldap_sasl_bind_s_32 #define ldap_unbind_ext ldap_unbind_ext_32 #define ldap_search_ext ldap_search_ext_32 #define ldap_search_ext_s ldap_search_ext_s_32 #define ldap_search ldap_search_32 #define ldap_search_s ldap_search_s_32 #define ldap_search_st ldap_search_st_32 #define ldap_compare_ext ldap_compare_ext_32 #define ldap_compare_ext_s ldap_compare_ext_s_32 #define ldap_modify_ext ldap_modify_ext_32 #define ldap_modify_ext_s ldap_modify_ext_s_32 #define ldap_modify ldap_modify_32 #define ldap_modify_s ldap_modify_s_32 #define ldap_rename ldap_rename_32 #define ldap_rename_s ldap_rename_s_32 #define ldap_add_ext ldap_add_ext_32 #define ldap_add_ext_s ldap_add_ext_s_32 #define ldap_add ldap_add_32 #define ldap_add_s ldap_add_s_32 #define ldap_delete_ext ldap_delete_ext_32 #define ldap_delete_ext_s ldap_delete_ext_s_32 #define ldap_extended_operation ldap_ext_oper_32 #define ldap_extended_operation_s ldap_ext_oper_s_32 #define ldap_abandon_ext ldap_abandon_ext_32 #define ldap_result ldap_result_32 #define ldap_parse_result ldap_parse_result_32 #define ldap_parse_sasl_bind_result ldap_prs_sasl_bind_res_32 #define ldap_parse_extended_result ldap_parse_ext_res_32 #define ldap_err2string ldap_err2string_32 #define ldap_first_message ldap_first_message_32 #define ldap_next_message ldap_next_message_32 #define ldap_first_entry ldap_first_entry_32 #define ldap_next_entry ldap_next_entry_32 #define ldap_first_reference ldap_first_reference_32 #define ldap_next_reference ldap_next_reference_32 #define ldap_first_attribute ldap_first_attribute_32 #define ldap_next_attribute ldap_next_attribute_32 #define ldap_get_values ldap_get_values_32 #define ldap_get_values_len ldap_get_values_len_32 #define ldap_count_values ldap_count_values_32 #define ldap_count_values_len ldap_count_values_len_32 #define ldap_value_free ldap_value_free_32 #define ldap_value_free_len ldap_value_free_len_32 #define ldap_get_dn ldap_get_dn_32 #define ldap_explode_dn ldap_explode_dn_32 #define ldap_explode_rdn ldap_explode_rdn_32 #define ldap_dn2ufn ldap_dn2ufn_32 #define ldap_get_entry_controls ldap_get_entry_controls_32 #define ldap_parse_reference ldap_parse_reference_32 #define ber_bvfree ber_bvfree_32 #define ber_bvecfree ber_bvecfree_32 #define ber_bvdup ber_bvdup_32 #define ber_alloc_t ber_alloc_t_32 #define ber_printf ber_printf_32 #define ber_flatten ber_flatten_32 #define ber_init ber_init_32 #define ber_scanf ber_scanf_32 #define ber_first_element ber_first_element_32 #define ldap_url_parse ldap_url_parse_32 #define ldap_free_urldesc ldap_free_urldesc_32 #define ldap_url_search_st ldap_url_search_st_32 #define ldap_url_search_s ldap_url_search_s_32 #else /* __INITIAL_POINTER_SIZE == 64 */ /* * This section will be processed if we are compiling /POINTER=64 */ #define ldap_init ldap_init_64 #define ldap_open ldap_open_64 #define ldap_get_option ldap_get_option_64 #define ldap_set_option ldap_set_option_64 #define ldap_control_free ldap_control_free_64 #define ldap_controls_free ldap_controls_free_64 #define ldap_sasl_bind ldap_sasl_bind_64 #define ldap_sasl_bind_s ldap_sasl_bind_s_64 #define ldap_unbind_ext ldap_unbind_ext_64 #define ldap_search_ext ldap_search_ext_64 #define ldap_search_ext_s ldap_search_ext_s_64 #define ldap_search ldap_search_64 #define ldap_search_s ldap_search_s_64 #define ldap_search_st ldap_search_st_64 #define ldap_compare_ext ldap_compare_ext_64 #define ldap_compare_ext_s ldap_compare_ext_s_64 #define ldap_modify_ext ldap_modify_ext_64 #define ldap_modify_ext_s ldap_modify_ext_s_64 #define ldap_modify ldap_modify_64 #define ldap_modify_s ldap_modify_s_64 #define ldap_rename ldap_rename_64 #define ldap_rename_s ldap_rename_s_64 #define ldap_add_ext ldap_add_ext_64 #define ldap_add_ext_s ldap_add_ext_s_64 #define ldap_add ldap_add_64 #define ldap_add_s ldap_add_s_64 #define ldap_delete_ext ldap_delete_ext_64 #define ldap_delete_ext_s ldap_delete_ext_s_64 #define ldap_extended_operation ldap_ext_oper_64 #define ldap_extended_operation_s ldap_ext_oper_s_64 #define ldap_abandon_ext ldap_abandon_ext_64 #define ldap_result ldap_result_64 #define ldap_parse_result ldap_parse_result_64 #define ldap_parse_sasl_bind_result ldap_prs_sasl_bind_res_64 #define ldap_parse_extended_result ldap_parse_ext_res_64 #define ldap_err2string ldap_err2string_64 #define ldap_first_message ldap_first_message_64 #define ldap_next_message ldap_next_message_64 #define ldap_first_entry ldap_first_entry_64 #define ldap_next_entry ldap_next_entry_64 #define ldap_first_reference ldap_first_reference_64 #define ldap_next_reference ldap_next_reference_64 #define ldap_first_attribute ldap_first_attribute_64 #define ldap_next_attribute ldap_next_attribute_64 #define ldap_get_values ldap_get_values_64 #define ldap_get_values_len ldap_get_values_len_64 #define ldap_count_values ldap_count_values_64 #define ldap_count_values_len ldap_count_values_len_64 #define ldap_value_free ldap_value_free_64 #define ldap_value_free_len ldap_value_free_len_64 #define ldap_get_dn ldap_get_dn_64 #define ldap_explode_dn ldap_explode_dn_64 #define ldap_explode_rdn ldap_explode_rdn_64 #define ldap_dn2ufn ldap_dn2ufn_64 #define ldap_get_entry_controls ldap_get_entry_controls_64 #define ldap_parse_reference ldap_parse_reference_64 #define ber_bvfree ber_bvfree_64 #define ber_bvecfree ber_bvecfree_64 #define ber_bvdup ber_bvdup_64 #define ber_alloc_t ber_alloc_t_64 #define ber_printf ber_printf_64 #define ber_flatten ber_flatten_64 #define ber_init ber_init_64 #define ber_scanf ber_scanf_64 #define ber_first_element ber_first_element_64 #define ldap_url_parse ldap_url_parse_64 #define ldap_free_urldesc ldap_free_urldesc_64 #define ldap_url_search_st ldap_url_search_st_64 #define ldap_url_search_s ldap_url_search_s_64 #endif /* (__INITIAL_POINTER_SIZE == 64) */ /* * End of name mapping for 64/32-bit APIs */ /* * =========================================================================== * * Lightweight BER library routines * */ typedef unsigned long ber_len_t; typedef unsigned long ber_tag_t; typedef long ber_int_t; typedef unsigned long ber_uint_t; typedef long ber_slen_t; /* * Note that LBER_ERROR and LBER_DEFAULT are values that can never appear * as valid BER tags, and so it is safe to use them to report errors. In * fact, any tag for which the following is true is invalid: * (( tag & 0x00000080 ) != 0 ) && (( tag & 0xFFFFFF00 ) != 0 ) */ #ifdef LBER_ERROR_COMPAT #define LBER_ERROR 0xffffffffL #define LBER_DEFAULT 0xffffffffL #else #define LBER_ERROR ((ber_tag_t)-1) #define LBER_DEFAULT ((ber_tag_t)-1) #endif #define LBER_USE_DER 0x01 typedef struct berelement BerElement; /* * Structure for returning a sequence of octet strings + length. * Using "pragma member_alignment" ensures that everyone sees this * the same way, regardless of compilation flags. * * For a module built with 32-bit pointers, the structure looks * like this (assuming it's located at address "A") : * * +-----------------+ * | bv_len | : A * +-----------------+ * | bv_val | : A+4 * +-----------------+ * * For a module built with 64-bit pointers, the structure looks * like this (assuming it's located at address "A") : * * +-----------------+-----------------+ * | *** unused *** | bv_len | : A * +-----------------+-----------------+ * | bv_val | : A+8 * +-----------------+-----------------+ */ #pragma member_alignment save #pragma member_alignment typedef struct berval { ber_len_t bv_len; char *bv_val; } BerValue; #pragma member_alignment restore #ifdef __cplusplus extern "C" { #endif /* * ber public functions */ #pragma extern_prefix save #pragma extern_prefix "LDAP$" ber_tag_t ber_first_element(BerElement *ber, ber_len_t *lenPtr, char **opaquePtr); ber_tag_t ber_next_element(BerElement *ber, ber_len_t *lenPtr, char *opaque); ber_tag_t ber_skip_tag(BerElement *ber, ber_len_t *lenPtr); ber_tag_t ber_peek_tag(BerElement *ber, ber_len_t *lenPtr); ber_tag_t ber_scanf(BerElement *ber, LDAP_CONST char *fmt, ...); void ber_bvfree(struct berval *bv); void ber_bvecfree(struct berval **bv); struct berval *ber_bvdup(LDAP_CONST struct berval *bv); int ber_printf(BerElement *ber, LDAP_CONST char *fmt, ...); BerElement *ber_alloc_t(int options); void ber_free(BerElement *ber, int fbuf); /* * Note that the function below matches the draft 4 document */ BerElement *ber_init(struct berval *bv); int ber_flatten(const BerElement *ber, struct berval **bvPtr); #pragma extern_prefix restore #ifdef __cplusplus } #endif /* * =========================================================================== * LDAP definitions from the protocol * */ #define LDAP_PORT 389 #define LDAP_VERSION2 2 #define LDAP_VERSION3 3 #define LDAP_VERSION LDAP_VERSION2 /* * specific LDAP instantiations of BER types we know about */ /* possible result types a server can return */ #define LDAP_RES_BIND 0x61L /* application + constructed */ #define LDAP_RES_SEARCH_ENTRY 0x64L /* application + constructed */ #define LDAP_RES_SEARCH_RESULT 0x65L /* application + constructed */ #define LDAP_RES_SEARCH_REFERENCE 0x73L /* application + constructed */ #define LDAP_RES_MODIFY 0x67L /* application + constructed */ #define LDAP_RES_ADD 0x69L /* application + constructed */ #define LDAP_RES_DELETE 0x6bL /* application + constructed */ #define LDAP_RES_MODRDN 0x6dL /* application + constructed */ #define LDAP_RES_MODDN 0x6dL /* application + constructed */ #define LDAP_RES_COMPARE 0x6fL /* application + constructed */ #define LDAP_RES_EXTENDED 0x78L /* application + constructed */ #define LDAP_RES_ANY (-1L) #define LDAP_RES_UNSOLICITED 0x0 /* authentication methods available */ #define LDAP_AUTH_SIMPLE 0x80L /* context specific + primitive */ #define LDAP_AUTH_KRBV41 0x81L /* context specific + primitive */ #define LDAP_AUTH_KRBV42 0x82L /* context specific + primitive */ /* search scopes */ #define LDAP_SCOPE_BASE 0x00 #define LDAP_SCOPE_ONELEVEL 0x01 #define LDAP_SCOPE_SUBTREE 0x02 #define LDAP_NO_ATTRS "1.1" #define LDAP_ALL_USER_ATTRS "*" /* * possible error codes we can return */ #define LDAP_SUCCESS 0x00 #define LDAP_OPERATIONS_ERROR 0x01 #define LDAP_PROTOCOL_ERROR 0x02 #define LDAP_TIMELIMIT_EXCEEDED 0x03 #define LDAP_SIZELIMIT_EXCEEDED 0x04 #define LDAP_COMPARE_FALSE 0x05 #define LDAP_COMPARE_TRUE 0x06 #define LDAP_STRONG_AUTH_NOT_SUPPORTED 0x07 #define LDAP_STRONG_AUTH_REQUIRED 0x08 #define LDAP_REFERRAL 0x0a #define LDAP_ADMIN_LIMIT_EXCEEDED 0x0b #define LDAP_UNAVAILABLE_CRITICAL_EXTENSION 0x0c #define LDAP_CONFIDENTIALITY_REQUIRED 0x0d #define LDAP_SASL_BIND_IN_PROGRESS 0x0e #define LDAP_NO_SUCH_ATTRIBUTE 0x10 #define LDAP_UNDEFINED_TYPE 0x11 #define LDAP_INAPPROPRIATE_MATCHING 0x12 #define LDAP_CONSTRAINT_VIOLATION 0x13 #define LDAP_TYPE_OR_VALUE_EXISTS 0x14 #define LDAP_INVALID_SYNTAX 0x15 #define LDAP_NO_SUCH_OBJECT 0x20 #define LDAP_ALIAS_PROBLEM 0x21 #define LDAP_INVALID_DN_SYNTAX 0x22 #define LDAP_IS_LEAF 0x23 #define LDAP_ALIAS_DEREF_PROBLEM 0x24 #define LDAP_INAPPROPRIATE_AUTH 0x30 #define LDAP_INVALID_CREDENTIALS 0x31 #define LDAP_INSUFFICIENT_ACCESS 0x32 #define LDAP_BUSY 0x33 #define LDAP_UNAVAILABLE 0x34 #define LDAP_UNWILLING_TO_PERFORM 0x35 #define LDAP_LOOP_DETECT 0x36 #define LDAP_NAMING_VIOLATION 0x40 #define LDAP_OBJECT_CLASS_VIOLATION 0x41 #define LDAP_NOT_ALLOWED_ON_NONLEAF 0x42 #define LDAP_NOT_ALLOWED_ON_RDN 0x43 #define LDAP_ALREADY_EXISTS 0x44 #define LDAP_NO_OBJECT_CLASS_MODS 0x45 #define LDAP_RESULTS_TOO_LARGE 0x46 #define LDAP_AFFECTS_MULTIPLE_DSAS 0x47 #define LDAP_OTHER 0x50 #define LDAP_SERVER_DOWN 0x51 #define LDAP_LOCAL_ERROR 0x52 #define LDAP_ENCODING_ERROR 0x53 #define LDAP_DECODING_ERROR 0x54 #define LDAP_TIMEOUT 0x55 #define LDAP_AUTH_UNKNOWN 0x56 #define LDAP_FILTER_ERROR 0x57 #define LDAP_USER_CANCELLED 0x58 #define LDAP_PARAM_ERROR 0x59 #define LDAP_NO_MEMORY 0x5a #define LDAP_CONNECT_ERROR 0x5b #define LDAP_NOT_SUPPORTED 0x5c #define LDAP_CONTROL_NOT_FOUND 0x5d #define LDAP_NO_RESULTS_RETURNED 0x5e #define LDAP_MORE_RESULTS_TO_RETURN 0x5f #define LDAP_CLIENT_LOOP 0x60 #define LDAP_REFERRAL_LIMIT_EXCEEDED 0x61 #define LDAP_OPT_ON ((void *)1) #define LDAP_OPT_OFF ((void *)0) #define LDAP_OPT_API_INFO 0x00 #define LDAP_OPT_DESC 0x01 #define LDAP_OPT_DEREF 0x02 #define LDAP_OPT_SIZELIMIT 0x03 #define LDAP_OPT_TIMELIMIT 0x04 #define LDAP_OPT_REFERRALS 0x08 #define LDAP_OPT_RESTART 0x09 #define LDAP_OPT_PROTOCOL_VERSION 0x11 #define LDAP_OPT_SERVER_CONTROLS 0x12 #define LDAP_OPT_CLIENT_CONTROLS 0x13 #define LDAP_OPT_API_FEATURE_INFO 0x15 #define LDAP_OPT_HOST_NAME 0x30 #define LDAP_OPT_ERROR_NUMBER 0x31 #define LDAP_OPT_ERROR_STRING 0x32 #define LDAP_OPT_MATCHED_DN 0x33 #define LDAP_OPT_PRIVATE_EXTENSION_BASE 0x4000 #define LDAP_OPT_TLS_CERT_REQUIRED 0x7001 #define LDAP_OPT_TLS_VERIFY_REQUIRED 0x7002 #define LDAP_OPT_TLS_CERT_FILE 0x7003 #define LDAP_OPT_TLS_PKEY_FILE 0x7004 #define LDAP_OPT_TLS_CA_FILE 0x7005 #define LDAP_OPT_TLS_CA_PATH 0x7006 #define LDAP_OPT_TLS_VERSION 0x7007 #define LDAP_OPT_TLS_CONTEXT 0x7008 /* Timelimit for ldap_simple_bind[_s]() to timeout. * This is used internally for TCP connect() timeout. * zero means - Unlimited */ #define LDAP_OPT_BIND_TIMELIMIT 0x7009 #define LDAP_PORT_SECURITY_NEGOTIATE 23 #define LDAP_PORT_SECURITY_SSLV3 30 #define LDAP_PORT_SECURITY_TLSV10 31 #define LDAP_PORT_SECURITY_TLSV11 32 #define LDAP_PORT_SECURITY_TLSV12 33 #define LDAP_PORT_SECURITY_TLSV13 34 /* * =========================================================================== * LDAP protocol structures * */ /* * For modifications. * Use pragmas to make sure that these structures always * look the same for a given pointer size, regardless of * compiler "/member_align" switches */ #pragma member_alignment save #pragma member_alignment typedef struct ldapmod { int mod_op; #define LDAP_MOD_ADD 0x00 #define LDAP_MOD_DELETE 0x01 #define LDAP_MOD_REPLACE 0x02 #define LDAP_MOD_BVALUES 0x80 char *mod_type; union mod_vals_u { char **modv_strvals; struct berval **modv_bvals; } mod_vals; #define mod_values mod_vals.modv_strvals #define mod_bvalues mod_vals.modv_bvals } LDAPMod; #pragma member_alignment restore /* * This structure represents both ldap messages and ldap responses. * These are really the same, except in the case of search responses, * where a response has multiple messages. */ typedef struct ldapmsg LDAPMessage; /* * structure representing the interface between the client and the library * for a connection, or set of connections. */ #define LDAP_DEREF_NEVER 0 #define LDAP_DEREF_SEARCHING 1 #define LDAP_DEREF_FINDING 2 #define LDAP_DEREF_ALWAYS 3 #define LDAP_NO_LIMIT 0 typedef struct ldap LDAP; /* * Use pragmas to make sure that these structures always * look the same for a given pointer size, regardless of * compiler "/member_align" switches */ #pragma member_alignment save #pragma member_alignment typedef struct ldapapiinfo { int ldapai_info_version; /* version of this struct */ int ldapai_api_version; /* revision of the API supported */ int ldapai_protocol_version; /* highest LDAP version supported */ char **ldapai_extensions; /* names of API extensions */ char *ldapai_vendor_name; /* name of supplier */ int ldapai_vendor_version; /* supplier-specific version times 100 */ } LDAPAPIInfo; #define LDAP_API_INFO_VERSION 1 typedef struct ldap_apifeature_info { int ldapaif_info_version; /* version of this struct */ char *ldapaif_name; /* name of supported feature */ int ldapaif_version; /* revision of supported feature */ } LDAPAPIFeatureInfo; #define LDAP_FEATURE_INFO_VERSION 1 typedef struct ldapcontrol { char *ldctl_oid; struct berval ldctl_value; char ldctl_iscritical; } LDAPControl, *PLDAPControl; /* * types for ldap URL handling */ typedef struct ldap_url_desc { char *lud_host; int lud_port; char *lud_dn; char **lud_attrs; int lud_scope; char *lud_filter; char **lud_exts; char *lud_string; /* for internal use only */ } LDAPURLDesc; #define LDAP_URL_ERR_NOTLDAP 1 /* URL doesn't begin with "ldap://" */ #define LDAP_URL_ERR_NODN 2 /* URL has no DN (required) */ #define LDAP_URL_ERR_BADSCOPE 3 /* URL scope string is invalid */ #define LDAP_URL_ERR_MEM 4 /* can't allocate memory space */ #define LDAP_URL_ERR_BADEXT 5 /* unsupported extension */ #define LDAP_URL_SCOPE_UNSET -1 #pragma member_alignment restore /* * =========================================================================== * Core LDAPv2 functions * */ #ifdef __cplusplus extern "C" { #endif #pragma extern_prefix save #pragma extern_prefix "LDAP$" int ldap_abandon(LDAP *ld, int msgid); int ldap_add(LDAP *ld, LDAP_CONST char *dn, LDAPMod **attrs); int ldap_add_s(LDAP *ld, LDAP_CONST char *dn, LDAPMod **attrs); int ldap_simple_bind(LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd); int ldap_simple_bind_s(LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd); int ldap_compare(LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *attr, LDAP_CONST char *value); int ldap_compare_s(LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *attr, LDAP_CONST char *value); int ldap_delete(LDAP *ld, LDAP_CONST char *dn); int ldap_delete_s(LDAP *ld, LDAP_CONST char *dn); char *ldap_err2string(int err); int ldap_modify(LDAP *ld, LDAP_CONST char *dn, LDAPMod **mods); int ldap_modify_s(LDAP *ld, LDAP_CONST char *dn, LDAPMod **mods); LDAP *ldap_init(LDAP_CONST char *hostname, int portno); LDAPMessage *ldap_first_entry(LDAP *ld, LDAPMessage *res); LDAPMessage *ldap_next_entry(LDAP *ld, LDAPMessage *entry); int ldap_count_entries(LDAP *ld, LDAPMessage *res); char *ldap_get_dn(LDAP *ld, LDAPMessage *entry); char *ldap_dn2ufn(LDAP_CONST char *dn); char **ldap_explode_dn(LDAP_CONST char *dn, int notypes); char **ldap_explode_rdn(LDAP_CONST char *rdn, int notypes); char *ldap_first_attribute(LDAP *ld, LDAPMessage *entry, BerElement **ptr); char *ldap_next_attribute(LDAP *ld, LDAPMessage *entry, BerElement *ptr); char **ldap_get_values(LDAP *ld, LDAPMessage *entry, LDAP_CONST char *attr); struct berval **ldap_get_values_len(LDAP *ld, LDAPMessage *entry, LDAP_CONST char *attr); int ldap_count_values(char **vals); int ldap_count_values_len(struct berval **vals); void ldap_value_free(char **vals); void ldap_value_free_len(struct berval **vals); #define LDAP_MSG_ONE 0 #define LDAP_MSG_ALL 1 #define LDAP_MSG_RECEIVED 2 int ldap_result(LDAP *ld, int msgid, int all, struct timeval *timeout, LDAPMessage **res); int ldap_msgfree(LDAPMessage *res); int ldap_search(LDAP *ld, LDAP_CONST char *base, int scope, LDAP_CONST char *filter, char **attrs, int attrsonly); int ldap_search_s(LDAP *ld, LDAP_CONST char *base, int scope, LDAP_CONST char *filter, char **attrs, int attrsonly, LDAPMessage **res ); int ldap_search_st(LDAP *ld, LDAP_CONST char *base, int scope, LDAP_CONST char *filter, char **attrs, int attrsonly, struct timeval *timeout, LDAPMessage **res); int ldap_unbind(LDAP *ld); int ldap_unbind_s(LDAP *ld); int ldap_unbind_ext(LDAP *ld, LDAPControl **serverctrls, LDAPControl **clientctrls); void ldap_memfree(void *mem); /* * =========================================================================== * LDAPv2 compatibility functions * (please avoid using these if possible) * */ LDAP *ldap_open(LDAP_CONST char *hostname, int portno); int ldap_bind(LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *cred, int method); int ldap_bind_s(LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *cred, int method); /* * There are two variants for each of "ldap_modrdn" and "ldap_modrdn_s" * functions. * * The RFC1823 document specifies versions of these functions that accept * a fourth paramter, called "deleteoldrdn". * * The "draft 4" C API document specifies that these functions should only * accept 3 parameters. * * The "draft 4" document says that most implementations only supply the * 3-parameter version of the routines, which in any case are now deprecated * in favour of "ldap_rename" and "ldap_rename_s" * * This implementation of the API supplies both versions of the "modrdn" * functions. By default, the "draft 4" versions will be used; in order for * an application to be able to use the "RFC1823" version, the macro * LDAP_RFC1823_MODRDN should be defined before including LDAP.H * */ /* "draft4" versions of ldap_modrdn functions */ int ldap_modrdn_draft4(LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *newrdn); int ldap_modrdn_s_draft4(LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *newrdn); /* "rfc1823" versions of ldap_modrdn functions */ int ldap_modrdn_rfc1823(LDAP *ld, char *dn, char *newrdn, int deleteoldrdn); int ldap_modrdn_s_rfc1823(LDAP *ld, char *dn, char *newrdn, int deleteoldrdn); #ifdef LDAP_RFC1823_MODRDN #define ldap_modrdn ldap_modrdn_rfc1823 #define ldap_modrdn_s ldap_modrdn_s_rfc1823 #else #define ldap_modrdn ldap_modrdn_draft4 #define ldap_modrdn_s ldap_modrdn_s_draft4 #endif /* LDAP_RFC1823_MODRDN */ int ldap_modrdn2(LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *newrdn, int deleteoldrdn); int ldap_modrdn2_s(LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *newrdn, int deleteoldrdn); int ldap_result2error(LDAP *ld, LDAPMessage *res, int freeit); void ldap_perror(LDAP *ld, LDAP_CONST char *msg); /* * =========================================================================== * LDAPv3 functions * */ #define LDAP_NOTICE_OF_DISCONNECTION "1.3.6.1.4.1.1466.20036" #define LDAP_CHASE_SUBORDINATE_REFERRALS 0x00000020U #define LDAP_CHASE_EXTERNAL_REFERRALS 0x00000040U #define LDAP_SASL_SIMPLE NULL int ldap_sasl_bind(LDAP *ld, const char *dn, const char *mechanism, const struct berval *cred, LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp); int ldap_sasl_bind_s(LDAP *ld, const char *dn, const char *mechanism, const struct berval *cred, LDAPControl **serverctrls, LDAPControl **clientctrls, struct berval **servercredp); int ldap_search_ext(LDAP *ld, const char *base, int scope, const char *filter, char **attrs, int attrsonly, LDAPControl **serverctrls, LDAPControl **clientctrls, struct timeval *timeout, int sizelimit, int *msgidp); int ldap_search_ext_s(LDAP *ld, const char *base, int scope, const char *filter, char **attrs, int attrsonly, LDAPControl **serverctrls, LDAPControl **clientctrls, struct timeval *timeout, int sizelimit, LDAPMessage **res); int ldap_compare_ext(LDAP *ld, const char *dn, const char *attr, LDAP_CONST struct berval *bvalue, LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp); int ldap_compare_ext_s(LDAP *ld, const char *dn, const char *attr, LDAP_CONST struct berval *bvalue, LDAPControl **serverctrls, LDAPControl **clientctrls); int ldap_add_ext(LDAP *ld, const char *dn, LDAPMod **attrs, LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp); int ldap_add_ext_s(LDAP *ld, const char *dn, LDAPMod **attrs, LDAPControl **serverctrls, LDAPControl **clientctrls); int ldap_delete_ext(LDAP *ld, const char *dn, LDAPControl **serevrctrls, LDAPControl **clientctrls, int *msgidp); int ldap_delete_ext_s(LDAP *ld, const char *dn, LDAPControl **serverctrls, LDAPControl **clientctrls); int ldap_modify_ext(LDAP *ld, const char *dn, LDAPMod **mods, LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp); int ldap_modify_ext_s(LDAP *ld, const char *dn, LDAPMod **mods, LDAPControl **serverctrls, LDAPControl **clientctrls); int ldap_rename(LDAP *ld, const char *dn, const char *newrdn, const char *newparent, int deleteoldrdn, LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp); int ldap_rename_s(LDAP *ld, const char *dn, const char *newrdn, const char *newparent, int deleteoldrdn, LDAPControl **serverctrls, LDAPControl **clientctrls); int ldap_extended_operation(LDAP *ld, const char *requestoid, LDAP_CONST struct berval *requestdata, LDAPControl **serverctrls, LDAPControl **clientctrls, int *msgidp); int ldap_extended_operation_s(LDAP *ld, const char *requestoid, LDAP_CONST struct berval *requestdata, LDAPControl **serverctrls, LDAPControl **clientctrls, char **retoidp, struct berval **retdatap); int ldap_abandon_ext(LDAP *ld, int msgid, LDAPControl **serverctrls, LDAPControl **clientctrls); int ldap_msgtype(LDAPMessage *res); int ldap_msgid(LDAPMessage *res); int ldap_parse_result(LDAP *ld, LDAPMessage *res, int *errorcodep, char **matcheddnp, char **errormsgp, char ***referralsp, LDAPControl ***serverctrlsp, int freeit); int ldap_parse_sasl_bind_result(LDAP *ld, LDAPMessage *res, struct berval **servercredp, int freeit); int ldap_parse_extended_result(LDAP *ld, LDAPMessage *res, char **retoidp, struct berval **retdatap, int freeit); int ldap_parse_reference(LDAP *ld, LDAPMessage *ref, char ***referralsp, LDAPControl ***serverctrlsp, int freeit); LDAPMessage *ldap_first_message(LDAP *ld, LDAPMessage *res); LDAPMessage *ldap_next_message(LDAP *ld, LDAPMessage *res); int ldap_count_messages(LDAP *ld, LDAPMessage *res); LDAPMessage *ldap_first_reference(LDAP *ld, LDAPMessage *res); LDAPMessage *ldap_next_reference(LDAP *ld, LDAPMessage *ref); int ldap_count_references(LDAP *ld, LDAPMessage *res); int ldap_get_option(LDAP *ld, int option, void *outvalue); int ldap_set_option(LDAP *ld, int option, const void *invalue); void ldap_control_free(LDAPControl *ctrl); void ldap_controls_free(LDAPControl **ctrls); int ldap_get_entry_controls(LDAP *ld, LDAPMessage *entry, LDAPControl ***serverctrlsp); int ldap_tls_start(LDAP *ld, int negotiated); int ldap_is_ldap_url(LDAP_CONST char *url ); int ldap_url_parse(LDAP_CONST char *url, LDAPURLDesc **ludpp); void ldap_free_urldesc(LDAPURLDesc *ludp); int ldap_url_search(LDAP *ld, char *url, int attrsonly); int ldap_url_search_s(LDAP *ld, LDAP_CONST char *url, int attrsonly, LDAPMessage **res); int ldap_url_search_st(LDAP *ld, LDAP_CONST char *url, int attrsonly, struct timeval *timeout, LDAPMessage **res); #pragma extern_prefix restore #ifdef __cplusplus } #endif #endif /* _H_III_LDAP */