| /* This Source Code Form is subject to the terms of the Mozilla Public |
| * License, v. 2.0. If a copy of the MPL was not distributed with this |
| * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| |
| #ifndef _LDAP_H_ |
| #define _LDAP_H_ |
| |
| #include "certt.h" |
| #include "pkixt.h" |
| |
| #ifdef __cplusplus |
| extern "C" { |
| #endif |
| |
| extern const SEC_ASN1Template PKIX_PL_LDAPCrossCertPairTemplate[]; |
| SEC_ASN1_CHOOSER_DECLARE(PKIX_PL_LDAPCrossCertPairTemplate) |
| extern const SEC_ASN1Template PKIX_PL_LDAPMessageTemplate[]; |
| SEC_ASN1_CHOOSER_DECLARE(PKIX_PL_LDAPMessageTemplate) |
| extern const SEC_ASN1Template LDAPFilterTemplate[]; |
| SEC_ASN1_CHOOSER_DECLARE(LDAPFilterTemplate) |
| |
| /* ********************************************************************** */ |
| |
| #define SEC_ASN1_LDAP_STRING SEC_ASN1_OCTET_STRING |
| |
| #define LDAPATTR_CACERT (1<<0) |
| #define LDAPATTR_USERCERT (1<<1) |
| #define LDAPATTR_CROSSPAIRCERT (1<<2) |
| #define LDAPATTR_CERTREVLIST (1<<3) |
| #define LDAPATTR_AUTHREVLIST (1<<4) |
| #define MAX_LDAPATTRS 5 |
| typedef PKIX_UInt32 LdapAttrMask; |
| |
| typedef enum { |
| SIMPLE_AUTH = 0, |
| KRBV42LDAP_AUTH = 1, |
| KRBV42DSA_AUTH = 2 |
| } AuthType; |
| |
| typedef enum { |
| BASE_OBJECT = 0, |
| SINGLE_LEVEL = 1, |
| WHOLE_SUBTREE = 2 |
| } ScopeType; |
| |
| typedef enum { |
| NEVER_DEREF = 0, |
| DEREF_IN_SEARCHING = 1, |
| DEREF_FINDING_BASEOBJ = 2, |
| ALWAYS_DEREF = 3 |
| } DerefType; |
| |
| typedef enum { |
| LDAP_INITIALSUBSTRING_TYPE = 0, |
| LDAP_ANYSUBSTRING_TYPE = 1, |
| LDAP_FINALSUBSTRING_TYPE = 2 |
| } LDAPSubstringFilterType; |
| |
| typedef enum { |
| LDAP_ANDFILTER_TYPE = 0, |
| LDAP_ORFILTER_TYPE = 1, |
| LDAP_NOTFILTER_TYPE = 2, |
| LDAP_EQUALFILTER_TYPE = 3, |
| LDAP_SUBSTRINGFILTER_TYPE = 4, |
| LDAP_GREATEROREQUALFILTER_TYPE = 5, |
| LDAP_LESSOREQUALFILTER_TYPE = 6, |
| LDAP_PRESENTFILTER_TYPE = 7, |
| LDAP_APPROXMATCHFILTER_TYPE = 8 |
| } LDAPFilterType; |
| |
| typedef enum { |
| LDAP_BIND_TYPE = 0, |
| LDAP_BINDRESPONSE_TYPE = 1, |
| LDAP_UNBIND_TYPE = 2, |
| LDAP_SEARCH_TYPE = 3, |
| LDAP_SEARCHRESPONSEENTRY_TYPE = 4, |
| LDAP_SEARCHRESPONSERESULT_TYPE = 5, |
| LDAP_ABANDONREQUEST_TYPE = 16 |
| } LDAPMessageType; |
| |
| typedef enum { |
| SUCCESS = 0, |
| OPERATIONSERROR = 1, |
| PROTOCOLERROR = 2, |
| TIMELIMITEXCEEDED = 3, |
| SIZELIMITEXCEEDED = 4, |
| COMPAREFALSE = 5, |
| COMPARETRUE = 6, |
| AUTHMETHODNOTSUPPORTED = 7, |
| STRONGAUTHREQUIRED = 8, |
| NOSUCHATTRIBUTE = 16, |
| UNDEFINEDATTRIBUTETYPE = 17, |
| INAPPROPRIATEMATCHING = 18, |
| CONSTRAINTVIOLATION = 19, |
| ATTRIBUTEORVALUEEXISTS = 20, |
| INVALIDATTRIBUTESYNTAX = 21, |
| NOSUCHOBJECT = 32, |
| ALIASPROBLEM = 33, |
| INVALIDDNSYNTAX = 34, |
| ISLEAF = 35, |
| ALIASDEREFERENCINGPROBLEM = 36, |
| INAPPROPRIATEAUTHENTICATION = 48, |
| INVALIDCREDENTIALS = 49, |
| INSUFFICIENTACCESSRIGHTS = 50, |
| BUSY = 51, |
| UNAVAILABLE = 52, |
| UNWILLINGTOPERFORM = 53, |
| LOOPDETECT = 54, |
| NAMINGVIOLATION = 64, |
| OBJECTCLASSVIOLATION = 65, |
| NOTALLOWEDONNONLEAF = 66, |
| NOTALLOWEDONRDN = 67, |
| ENTRYALREADYEXISTS = 68, |
| OBJECTCLASSMODSPROHIBITED = 69, |
| OTHER = 80 |
| } LDAPResultCode; |
| |
| typedef struct LDAPLocationStruct LDAPLocation; |
| typedef struct LDAPCertPairStruct LDAPCertPair; |
| typedef struct LDAPSimpleBindStruct LDAPSimpleBind; |
| typedef struct LDAPBindAPIStruct LDAPBindAPI; |
| typedef struct LDAPBindStruct LDAPBind; |
| typedef struct LDAPResultStruct LDAPBindResponse; |
| typedef struct LDAPResultStruct LDAPResult; |
| typedef struct LDAPSearchResponseAttrStruct LDAPSearchResponseAttr; |
| typedef struct LDAPSearchResponseEntryStruct LDAPSearchResponseEntry; |
| typedef struct LDAPResultStruct LDAPSearchResponseResult; |
| typedef struct LDAPUnbindStruct LDAPUnbind; |
| typedef struct LDAPFilterStruct LDAPFilter; |
| typedef struct LDAPAndFilterStruct LDAPAndFilter; |
| typedef struct LDAPNotFilterStruct LDAPNotFilter; |
| typedef struct LDAPSubstringStruct LDAPSubstring; |
| typedef struct LDAPSubstringFilterStruct LDAPSubstringFilter; |
| typedef struct LDAPPresentFilterStruct LDAPPresentFilter; |
| typedef struct LDAPAttributeValueAssertionStruct LDAPAttributeValueAssertion; |
| typedef struct LDAPNameComponentStruct LDAPNameComponent; |
| typedef struct LDAPRequestParamsStruct LDAPRequestParams; |
| typedef struct LDAPSearchStruct LDAPSearch; |
| typedef struct LDAPAbandonRequestStruct LDAPAbandonRequest; |
| typedef struct protocolOpStruct LDAPProtocolOp; |
| typedef struct LDAPMessageStruct LDAPMessage; |
| typedef LDAPAndFilter LDAPOrFilter; |
| typedef LDAPAttributeValueAssertion LDAPEqualFilter; |
| typedef LDAPAttributeValueAssertion LDAPGreaterOrEqualFilter; |
| typedef LDAPAttributeValueAssertion LDAPLessOrEqualFilter; |
| typedef LDAPAttributeValueAssertion LDAPApproxMatchFilter; |
| |
| struct LDAPLocationStruct { |
| PLArenaPool *arena; |
| void *serverSite; |
| void **filterString; |
| void **attrBitString; |
| }; |
| |
| struct LDAPCertPairStruct { |
| SECItem forward; |
| SECItem reverse; |
| }; |
| |
| struct LDAPSimpleBindStruct { |
| char *bindName; |
| char *authentication; |
| }; |
| |
| struct LDAPBindAPIStruct { |
| AuthType selector; |
| union { |
| LDAPSimpleBind simple; |
| } chooser; |
| }; |
| |
| struct LDAPBindStruct { |
| SECItem version; |
| SECItem bindName; |
| SECItem authentication; |
| }; |
| |
| struct LDAPResultStruct { |
| SECItem resultCode; |
| SECItem matchedDN; |
| SECItem errorMessage; |
| }; |
| |
| struct LDAPSearchResponseAttrStruct { |
| SECItem attrType; |
| SECItem **val; |
| }; |
| |
| struct LDAPSearchResponseEntryStruct { |
| SECItem objectName; |
| LDAPSearchResponseAttr **attributes; |
| }; |
| |
| struct LDAPUnbindStruct { |
| SECItem dummy; |
| }; |
| |
| struct LDAPAndFilterStruct { |
| LDAPFilter **filters; |
| }; |
| |
| struct LDAPNotFilterStruct { |
| LDAPFilter *filter; |
| }; |
| |
| struct LDAPSubstringStruct { |
| LDAPSubstringFilterType selector; |
| SECItem item; |
| }; |
| |
| struct LDAPSubstringFilterStruct { |
| SECItem attrType; |
| LDAPSubstring *strings; |
| }; |
| |
| struct LDAPPresentFilterStruct { |
| SECItem attrType; |
| }; |
| |
| struct LDAPAttributeValueAssertionStruct { |
| SECItem attrType; |
| SECItem attrValue; |
| }; |
| |
| struct LDAPFilterStruct { |
| LDAPFilterType selector; |
| union { |
| LDAPAndFilter andFilter; |
| LDAPOrFilter orFilter; |
| LDAPNotFilter notFilter; |
| LDAPEqualFilter equalFilter; |
| LDAPSubstringFilter substringFilter; |
| LDAPGreaterOrEqualFilter greaterOrEqualFilter; |
| LDAPLessOrEqualFilter lessOrEqualFilter; |
| LDAPPresentFilter presentFilter; |
| LDAPApproxMatchFilter approxMatchFilter; |
| } filter; |
| }; |
| |
| struct LDAPNameComponentStruct { |
| unsigned char *attrType; |
| unsigned char *attrValue; |
| }; |
| |
| struct LDAPRequestParamsStruct { |
| char *baseObject; /* e.g. "c=US" */ |
| ScopeType scope; |
| DerefType derefAliases; |
| PKIX_UInt32 sizeLimit; /* 0 = no limit */ |
| PRIntervalTime timeLimit; /* 0 = no limit */ |
| LDAPNameComponent **nc; /* e.g. {{"cn","xxx"},{"o","yyy"},NULL} */ |
| LdapAttrMask attributes; |
| }; |
| |
| struct LDAPSearchStruct { |
| SECItem baseObject; |
| SECItem scope; |
| SECItem derefAliases; |
| SECItem sizeLimit; |
| SECItem timeLimit; |
| SECItem attrsOnly; |
| LDAPFilter filter; |
| SECItem **attributes; |
| }; |
| |
| struct LDAPAbandonRequestStruct { |
| SECItem messageID; |
| }; |
| |
| struct protocolOpStruct { |
| LDAPMessageType selector; |
| union { |
| LDAPBind bindMsg; |
| LDAPBindResponse bindResponseMsg; |
| LDAPUnbind unbindMsg; |
| LDAPSearch searchMsg; |
| LDAPSearchResponseEntry searchResponseEntryMsg; |
| LDAPSearchResponseResult searchResponseResultMsg; |
| LDAPAbandonRequest abandonRequestMsg; |
| } op; |
| }; |
| |
| struct LDAPMessageStruct { |
| SECItem messageID; |
| LDAPProtocolOp protocolOp; |
| }; |
| |
| typedef struct PKIX_PL_LdapClientStruct PKIX_PL_LdapClient; |
| |
| typedef PKIX_Error * |
| (*PKIX_PL_LdapClient_InitiateFcn)( |
| PKIX_PL_LdapClient *client, |
| LDAPRequestParams *requestParams, |
| void **pNBIO, |
| PKIX_List **pResponse, |
| void *plContext); |
| |
| typedef PKIX_Error * |
| (*PKIX_PL_LdapClient_ResumeFcn)( |
| PKIX_PL_LdapClient *client, |
| void **pNBIO, |
| PKIX_List **pResponse, |
| void *plContext); |
| |
| struct PKIX_PL_LdapClientStruct { |
| PKIX_PL_LdapClient_InitiateFcn initiateFcn; |
| PKIX_PL_LdapClient_ResumeFcn resumeFcn; |
| }; |
| |
| #ifdef __cplusplus |
| } |
| #endif |
| |
| #endif |