/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #ifndef _LDAP_H_ #define _LDAP_H_ #include "certt.h" #include "pkixt.h" #ifdef __cplusplus extern "C" { #endif extern const SEC_ASN1Template PKIX_PL_LDAPCrossCertPairTemplate[]; SEC_ASN1_CHOOSER_DECLARE(PKIX_PL_LDAPCrossCertPairTemplate) extern const SEC_ASN1Template PKIX_PL_LDAPMessageTemplate[]; SEC_ASN1_CHOOSER_DECLARE(PKIX_PL_LDAPMessageTemplate) extern const SEC_ASN1Template LDAPFilterTemplate[]; SEC_ASN1_CHOOSER_DECLARE(LDAPFilterTemplate) /* ********************************************************************** */ #define SEC_ASN1_LDAP_STRING SEC_ASN1_OCTET_STRING #define LDAPATTR_CACERT (1<<0) #define LDAPATTR_USERCERT (1<<1) #define LDAPATTR_CROSSPAIRCERT (1<<2) #define LDAPATTR_CERTREVLIST (1<<3) #define LDAPATTR_AUTHREVLIST (1<<4) #define MAX_LDAPATTRS 5 typedef PKIX_UInt32 LdapAttrMask; typedef enum { SIMPLE_AUTH = 0, KRBV42LDAP_AUTH = 1, KRBV42DSA_AUTH = 2 } AuthType; typedef enum { BASE_OBJECT = 0, SINGLE_LEVEL = 1, WHOLE_SUBTREE = 2 } ScopeType; typedef enum { NEVER_DEREF = 0, DEREF_IN_SEARCHING = 1, DEREF_FINDING_BASEOBJ = 2, ALWAYS_DEREF = 3 } DerefType; typedef enum { LDAP_INITIALSUBSTRING_TYPE = 0, LDAP_ANYSUBSTRING_TYPE = 1, LDAP_FINALSUBSTRING_TYPE = 2 } LDAPSubstringFilterType; typedef enum { LDAP_ANDFILTER_TYPE = 0, LDAP_ORFILTER_TYPE = 1, LDAP_NOTFILTER_TYPE = 2, LDAP_EQUALFILTER_TYPE = 3, LDAP_SUBSTRINGFILTER_TYPE = 4, LDAP_GREATEROREQUALFILTER_TYPE = 5, LDAP_LESSOREQUALFILTER_TYPE = 6, LDAP_PRESENTFILTER_TYPE = 7, LDAP_APPROXMATCHFILTER_TYPE = 8 } LDAPFilterType; typedef enum { LDAP_BIND_TYPE = 0, LDAP_BINDRESPONSE_TYPE = 1, LDAP_UNBIND_TYPE = 2, LDAP_SEARCH_TYPE = 3, LDAP_SEARCHRESPONSEENTRY_TYPE = 4, LDAP_SEARCHRESPONSERESULT_TYPE = 5, LDAP_ABANDONREQUEST_TYPE = 16 } LDAPMessageType; typedef enum { SUCCESS = 0, OPERATIONSERROR = 1, PROTOCOLERROR = 2, TIMELIMITEXCEEDED = 3, SIZELIMITEXCEEDED = 4, COMPAREFALSE = 5, COMPARETRUE = 6, AUTHMETHODNOTSUPPORTED = 7, STRONGAUTHREQUIRED = 8, NOSUCHATTRIBUTE = 16, UNDEFINEDATTRIBUTETYPE = 17, INAPPROPRIATEMATCHING = 18, CONSTRAINTVIOLATION = 19, ATTRIBUTEORVALUEEXISTS = 20, INVALIDATTRIBUTESYNTAX = 21, NOSUCHOBJECT = 32, ALIASPROBLEM = 33, INVALIDDNSYNTAX = 34, ISLEAF = 35, ALIASDEREFERENCINGPROBLEM = 36, INAPPROPRIATEAUTHENTICATION = 48, INVALIDCREDENTIALS = 49, INSUFFICIENTACCESSRIGHTS = 50, BUSY = 51, UNAVAILABLE = 52, UNWILLINGTOPERFORM = 53, LOOPDETECT = 54, NAMINGVIOLATION = 64, OBJECTCLASSVIOLATION = 65, NOTALLOWEDONNONLEAF = 66, NOTALLOWEDONRDN = 67, ENTRYALREADYEXISTS = 68, OBJECTCLASSMODSPROHIBITED = 69, OTHER = 80 } LDAPResultCode; typedef struct LDAPLocationStruct LDAPLocation; typedef struct LDAPCertPairStruct LDAPCertPair; typedef struct LDAPSimpleBindStruct LDAPSimpleBind; typedef struct LDAPBindAPIStruct LDAPBindAPI; typedef struct LDAPBindStruct LDAPBind; typedef struct LDAPResultStruct LDAPBindResponse; typedef struct LDAPResultStruct LDAPResult; typedef struct LDAPSearchResponseAttrStruct LDAPSearchResponseAttr; typedef struct LDAPSearchResponseEntryStruct LDAPSearchResponseEntry; typedef struct LDAPResultStruct LDAPSearchResponseResult; typedef struct LDAPUnbindStruct LDAPUnbind; typedef struct LDAPFilterStruct LDAPFilter; typedef struct LDAPAndFilterStruct LDAPAndFilter; typedef struct LDAPNotFilterStruct LDAPNotFilter; typedef struct LDAPSubstringStruct LDAPSubstring; typedef struct LDAPSubstringFilterStruct LDAPSubstringFilter; typedef struct LDAPPresentFilterStruct LDAPPresentFilter; typedef struct LDAPAttributeValueAssertionStruct LDAPAttributeValueAssertion; typedef struct LDAPNameComponentStruct LDAPNameComponent; typedef struct LDAPRequestParamsStruct LDAPRequestParams; typedef struct LDAPSearchStruct LDAPSearch; typedef struct LDAPAbandonRequestStruct LDAPAbandonRequest; typedef struct protocolOpStruct LDAPProtocolOp; typedef struct LDAPMessageStruct LDAPMessage; typedef LDAPAndFilter LDAPOrFilter; typedef LDAPAttributeValueAssertion LDAPEqualFilter; typedef LDAPAttributeValueAssertion LDAPGreaterOrEqualFilter; typedef LDAPAttributeValueAssertion LDAPLessOrEqualFilter; typedef LDAPAttributeValueAssertion LDAPApproxMatchFilter; struct LDAPLocationStruct { PLArenaPool *arena; void *serverSite; void **filterString; void **attrBitString; }; struct LDAPCertPairStruct { SECItem forward; SECItem reverse; }; struct LDAPSimpleBindStruct { char *bindName; char *authentication; }; struct LDAPBindAPIStruct { AuthType selector; union { LDAPSimpleBind simple; } chooser; }; struct LDAPBindStruct { SECItem version; SECItem bindName; SECItem authentication; }; struct LDAPResultStruct { SECItem resultCode; SECItem matchedDN; SECItem errorMessage; }; struct LDAPSearchResponseAttrStruct { SECItem attrType; SECItem **val; }; struct LDAPSearchResponseEntryStruct { SECItem objectName; LDAPSearchResponseAttr **attributes; }; struct LDAPUnbindStruct { SECItem dummy; }; struct LDAPAndFilterStruct { LDAPFilter **filters; }; struct LDAPNotFilterStruct { LDAPFilter *filter; }; struct LDAPSubstringStruct { LDAPSubstringFilterType selector; SECItem item; }; struct LDAPSubstringFilterStruct { SECItem attrType; LDAPSubstring *strings; }; struct LDAPPresentFilterStruct { SECItem attrType; }; struct LDAPAttributeValueAssertionStruct { SECItem attrType; SECItem attrValue; }; struct LDAPFilterStruct { LDAPFilterType selector; union { LDAPAndFilter andFilter; LDAPOrFilter orFilter; LDAPNotFilter notFilter; LDAPEqualFilter equalFilter; LDAPSubstringFilter substringFilter; LDAPGreaterOrEqualFilter greaterOrEqualFilter; LDAPLessOrEqualFilter lessOrEqualFilter; LDAPPresentFilter presentFilter; LDAPApproxMatchFilter approxMatchFilter; } filter; }; struct LDAPNameComponentStruct { unsigned char *attrType; unsigned char *attrValue; }; struct LDAPRequestParamsStruct { char *baseObject; /* e.g. "c=US" */ ScopeType scope; DerefType derefAliases; PKIX_UInt32 sizeLimit; /* 0 = no limit */ PRIntervalTime timeLimit; /* 0 = no limit */ LDAPNameComponent **nc; /* e.g. {{"cn","xxx"},{"o","yyy"},NULL} */ LdapAttrMask attributes; }; struct LDAPSearchStruct { SECItem baseObject; SECItem scope; SECItem derefAliases; SECItem sizeLimit; SECItem timeLimit; SECItem attrsOnly; LDAPFilter filter; SECItem **attributes; }; struct LDAPAbandonRequestStruct { SECItem messageID; }; struct protocolOpStruct { LDAPMessageType selector; union { LDAPBind bindMsg; LDAPBindResponse bindResponseMsg; LDAPUnbind unbindMsg; LDAPSearch searchMsg; LDAPSearchResponseEntry searchResponseEntryMsg; LDAPSearchResponseResult searchResponseResultMsg; LDAPAbandonRequest abandonRequestMsg; } op; }; struct LDAPMessageStruct { SECItem messageID; LDAPProtocolOp protocolOp; }; typedef struct PKIX_PL_LdapClientStruct PKIX_PL_LdapClient; typedef PKIX_Error * (*PKIX_PL_LdapClient_InitiateFcn)( PKIX_PL_LdapClient *client, LDAPRequestParams *requestParams, void **pNBIO, PKIX_List **pResponse, void *plContext); typedef PKIX_Error * (*PKIX_PL_LdapClient_ResumeFcn)( PKIX_PL_LdapClient *client, void **pNBIO, PKIX_List **pResponse, void *plContext); struct PKIX_PL_LdapClientStruct { PKIX_PL_LdapClient_InitiateFcn initiateFcn; PKIX_PL_LdapClient_ResumeFcn resumeFcn; }; #ifdef __cplusplus } #endif #endif