1. Manuals
  2. Brands
  3. Red Hat Manuals
  4. Server
  5. DIRECTORY SERVER 7.1 - PLUG-IN PROGRAMMERS
  6. Manual

Red Hat DIRECTORY SERVER 7.1 - PLUG-IN PROGRAMMERS Manual

Hide thumbs
1
2
Table Of Contents
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
Table of Contents

Advertisement

Quick Links

Download this manual
Plug-in Programmer's Guide
Red Hat Directory Server
Version 7.1
May 2005

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the DIRECTORY SERVER 7.1 - PLUG-IN PROGRAMMERS and is the answer not in the manual?

Questions and answers

Related Manuals for Red Hat DIRECTORY SERVER 7.1 - PLUG-IN PROGRAMMERS

Summary of Contents for Red Hat DIRECTORY SERVER 7.1 - PLUG-IN PROGRAMMERS

  • Page 1 Plug-in Programmer’s Guide Red Hat Directory Server Version 7.1 May 2005...
  • Page 2 All other trademarks referenced herein are the property of their respective owners. The GPG fingerprint of the security@redhat.com key is: CA 20 86 86 2B D6 9D FC 65 F6 EC C4 21 91 80 CD DB 42 A6 0E...

  • Page 3: Table Of Contents

    Contents Preface ................21 What You Should Already Know .
  • Page 4 Example of an Initialization Function ..........45 Compiling a Directory Server Plug-in .
  • Page 5 Getting the Parent DN of a DN ............73 Normalizing a DN .
  • Page 6 What to Do If Authentication Fails ..........107 What to Do If Authentication Succeeds .
  • Page 7 How the Server Handles the Filter ........... . 143 Query Operators in Matching Rules .
  • Page 8 Part 4 Reference ..............177 Chapter 14 Data Type and Structure Reference .
  • Page 9 slapi_access_allowed() ..............226 slapi_acl_check_mods() .
  • Page 10 slapi_attr_value_find() ..............269 slapi_valueset_set_from_smod() .
  • Page 11 slapi_ch_array_free() ..............301 slapi_ch_bvdup() .
  • Page 12 slapi_entry_attr_merge_sv() ............335 slapi_entry_attr_replace_sv() .
  • Page 13 slapi_filter_get_type() ..............369 slapi_filter_join() .
  • Page 14 slapi_mod_get_operation() ............. 404 slapi_mod_get_type() .
  • Page 15 slapi_pblock_destroy() ..............433 slapi_pblock_get() .
  • Page 16 slapi_moddn_get_newdn() ............. 467 slapi_sdn_add_rdn() .
  • Page 17 slapi_UTF8ISLOWER() ..............502 slapi_utf8isUpper() .
  • Page 18 slapi_valueset_first_value() ............. 534 slapi_valueset_free() .
  • Page 19 slapi_operation_clear_flag() ............566 slapi_is_flag_set() .
  • Page 20 Parameters for LDBM Backend Pre- and Post-Operation Functions ......597 Pre-Operation Plug-ins ............. . 598 Post-Operation Plug-ins .

  • Page 21: What You Should Already Know

    Preface This book describes how to write server plug-ins in order to customize and extend the capabilities of the Red Hat Directory Server (Directory Server). • What You Should Already Know (page 21) • Using Directory Server Plug-in APIs (page 21) •...
  • Page 22 Using Directory Server Plug-in APIs /opt/redhat-ds/plugins/slapd/slapi/ • The main header file is located here: /opt/redhat-ds/plugins/slapd/slapi/include/slapi-plugin.h • The location and syntax for you to add the plug-in directives are in the file, which is located in the dse.ldif directory. For guidelines, refer to...

  • Page 23: Preface

    Document Conventions Deprecated Functions and Their Suggested Replacements (Continued) Table 0-1 Deprecated Function Suggested Replacement Function slapi_entry_delete_values() slapi_entry_delete_values_sv() slapi_entry_attr_replace() slapi_entry_attr_replace_sv() slapi_attr_get_values() slapi_attr_value_find() slapi_attr_get_oid() slapi_attr_get_oid_copy() slapi_pw_find() slapi_pw_find_sv() slapi_call_syntax_values2keys() slapi_call_syntax_values2keys_sv() slapi_call_syntax_assertion2keys_ava slapi_call_syntax_assertion2keys_ava_sv() slapi_call_syntax_assertion2keys_sub slapi_call_syntax_assertion2keys_sub_sv() slapi_entry_attr_hasvalue() slapi_entry_attr_has_syntax_value() The following internal-operation calls are deprecated. The new internal operation functions that are defined in slapi-plugin.h take a Slapi_PBlock for extensibility and support the new plug-in configuration capabilities.

  • Page 24: Where To Find Directory Server Information

    Where to Find Directory Server Information http://server.domain/path/file.html In these URLs, represents the name of the server on which you run your server application (such as represents your Internet domain domain research1 name (such as represents the directory structure on the server, path example.com represents an individual filename.
  • Page 25 For a list of documentation installed with Directory Server, open the file. /opt/redhat-ds/manual/en/slapd/index.htm For the latest information about Directory Server, including current release notes, complete product documentation, technical notes, and deployment information, check this site: http://www.redhat.com/docs/manuals/dir-server/...

  • Page 26: Where To Find Directory Server Information

    Where to Find Directory Server Information Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

  • Page 27: Part 1 Introduction To Directory Server Plug-Ins

    Part 1 Introduction to Directory Server Plug-ins Chapter 1, “An Overview of Directory Server Plug-ins” Chapter 2, “Writing and Compiling Plug-ins” Chapter 3, “Configuring Plug-ins” Chapter 4, “A Quick Example”...
  • Page 28 Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

  • Page 29: Chapter 1 An Overview Of Directory Server Plug-Ins

    Chapter 1 An Overview of Directory Server Plug-ins This chapter introduces you to Red Hat Directory Server (Directory Server) plug-ins and discusses the different types of plug-ins that you can write. The chapter covers the following topics: • What Are Directory Server Plug-ins? (page 29 ) •...
  • Page 30 How Directory Server Plug-ins Work • You can design an action that the Directory Server performs after the server successfully completes an LDAP operation. For example, you can send mail to a client after an LDAP operation is successfully completed. •...

  • Page 31: What Are Directory Server Plug-Ins

    How Directory Server Plug-ins Work Calling Directory Server Plug-in Functions At specific LDAP events, the Directory Server calls all plug-in functions that are registered for that event. For example, before performing an LDAP add operation (an add event), the server calls all plug-in functions registered as pre-operation add functions.

  • Page 32: How Directory Server Plug-Ins Work

    How Directory Server Plug-ins Work The front-end receives LDAP requests from clients and processes those requests. When processing requests, the front-end calls functions in the backend to read and write data. The front-end then sends the results back to the client. The backend reads and writes data to the database containing the directory entries.

  • Page 33: The Directory Server Architecture

    How Directory Server Plug-ins Work Figure 1-1 Directory Server Architecture Chapter 1 An Overview of Directory Server Plug-ins...
  • Page 34 Types of Directory Server Plug-ins Types of Directory Server Plug-ins You can write the following types of plug-ins for the Directory Server: • Pre-operation/data validation. The server calls a pre-operation/data validation plug-in function before performing an LDAP operation. The main purpose of this type of plug-in is to validate data before the data is added to the directory or before it is used in an operation.
  • Page 35 Types of Directory Server Plug-ins Figure 1-2 Architecture of the Directory Server and Server Plug-ins Chapter 1 An Overview of Directory Server Plug-ins...

  • Page 36: Types Of Directory Server Plug-Ins

    Types of Directory Server Plug-ins Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

  • Page 37: Chapter 2 Writing And Compiling Plug-Ins

    Chapter 2 Writing and Compiling Plug-ins This chapter provides an introduction on how to write and compile Red Hat Directory Server (Directory Server) plug-ins. chapter 3, “Configuring Plug-ins,” describes how to load your plug-in into the Directory Server configuration once it is successfully compiled.

  • Page 38: Including The Api Header File

    When you install the Directory Server, gets installed into the slapi-plugin.h folder within the server’s root directory. For example: plugins/ /opt/redhat-ds/plugins/slapd/slapi/include Passing Data with Parameter Blocks Often, plug-in functions make use of a parameter block, , for Slapi_PBlock passing information to and from the Directory Server. The following plug-in function types pass a parameter block as a function argument: •...

  • Page 39: Writing A Plug-In Function

    Writing a Plug-in Function Working with Parameter Blocks In the functions you write, you set values in the parameter block that pertain to the operation you are performing. You can also get data from the parameter block which you can use within your functions. This process is described in the next section, “Getting Data from the Parameter Block,”...

  • Page 40: Setting Data In The Parameter Block

    Writing a Plug-in Function Getting Data from the Parameter Block (Continued) Code Example 2-1 /* Indicate the point when the plug-in starts executing */ slapi_log_error( SLAPI_LOG_PLUGIN, "searchdn_preop_search", "*** PREOPERATION SEARCH PLUGIN ***\n"); /* Get the base DN of the search from the parameter block. */ slapi_pblock_get( pb, SLAPI_SEARCH_TARGET, &dn );...

  • Page 41: Working With Parameter Blocks

    Writing a Plug-in Function Setting Values in the Parameter Block (Continued) Code Example 2-2 "Unable to store database information\n" ); This example uses the function to notify the user if an error slapi_log_error() occurred. In this code example, identifies the parameter in the parameter SLAPI_PRIVATE block that contains private data for use in the database functions.
  • Page 42 Writing Plug-in Initialization Functions In some cases, you may need to send an LDAP result back to the client. For example, if you are writing a pre-operation bind function and an error occurs during the processing of the function, the function should return a non-zero value, log an error message, and send the appropriate LDAP result code back to the client.

  • Page 43: Specifying Information About The Plug-In

    Writing Plug-in Initialization Functions slapi_pblock_set(pb, SLAPI_PLUGIN_VERSION, \ SLAPI_PLUGIN_VERSION_03); • Plug-in version 1 ( ) is compatible with versions 3.x SLAPI_PLUGIN_VERSION_01 and 4.x of the Directory Server. • Plug-in version 2 ( ) is compatible with version 4.x SLAPI_PLUGIN_VERSION_02 of the Directory Server. •...

  • Page 44: Writing Plug-In Initialization Functions

    Writing Plug-in Initialization Functions This version is intended to be used for your tracking purposes only; it is not the same as the server compatibility version number specified by the parameter (see “Specifying Directory Server SLAPI_PLUGIN_VERSION Compatibility,” on page 42, for details on this parameter). As you make changes to your plug-in code, you can track the version distributed using the number contained in the structure.

  • Page 45: Returning A Value To The Directory Server

    Writing Plug-in Initialization Functions You can register more than one plug-in function in your initialization function; you do not need to write an initialization function for each plug-in function that you need to register. You should, however, define a different initialization function for each type of plug-in that you are registering.

  • Page 46: Registering Your Plug-In Functions

    Consult the documentation for your platform compiler and linker for details. • Make sure that the /opt/redhat-ds/plugins/slapd/slapi/include directory is in your include path. • If you want, you can compile all plug-in functions in a single library. Although you can include different types of plug-in functions in the same library, you need to write separate initialization functions for each type of plug-in function.

  • Page 47: Compiling A Directory Server Plug-In

    Compiling a Directory Server Plug-in Example Solaris Makefile (Continued) Code Example 2-5 OBJS = testsaslbind.o testextendedop.o testpreop.o testpostop.o testentry.o all: libtest-plugin.so libtest-plugin.so: $(OBJS) $(LD) $(LDFLAGS) -o $@ $(OBJS) .c.o: $(CC) $(CFLAGS) -c $< clean: -rm -f $(OBJS) libtest-plugin.so Chapter 2 Writing and Compiling Plug-ins...
  • Page 48 Compiling a Directory Server Plug-in Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

  • Page 49: Chapter 3 Configuring Plug-Ins

    Chapter 3 Configuring Plug-ins After you compile your server plug-in, you need to configure the Red Hat Directory Server (Directory Server) so that it properly loads your plug-in. The following sections in this chapter show how this is done: • Creating a Plug-in Configuration File (page 47) •...
  • Page 50 Creating a Plug-in Configuration File An Example Plug-in Configuration File (Continued) Code Example 3-1 5. cn: Example Plug-in 6. nsslapd-pluginpath: /servers/lib/test-plugin.so 7. nsslapd-plugininitfunc: searchdn_preop_init 8. nsslapd-plugintype: preoperation 9. nsslapd-pluginenabled: on 10. nsslapd-pluginid: Example Pre-operation Plug-in 11. nsslapd-pluginversion: 1.0 12. nsslapd-pluginvendor: Example Corporation 13.

  • Page 51: Plug-In Dependencies

    Creating a Plug-in Configuration File • Line 10 uses the attribute to set the name of the plug-in. nsslapd-pluginid The name that you specify here will show up in the Directory Server Console. In this example, the plug-in identification is set to Example Pre-operation Plug-in •...

  • Page 52: Plug-In Type Dependencies

    Creating a Plug-in Configuration File In this example, the plug-in depends on two specifically named plug-ins: . This configuration line indicates that before my_pluginA vendor_plugin your plug-in can be loaded, the two specifically named plug-ins must be loaded. If either of these two plug-ins fail to load, the Directory Server will exit with a error code.

  • Page 53: Summary Of Plug-In Directives

    Creating a Plug-in Configuration File Summary of Plug-in Directives The following table summarizes the different types of plug-ins that you can specify in the plug-in configuration file. Directives for Specifying Different Plug-in Types Table 3-1 Directive Description Declares an entry fetch plug-in, which is called by the server after retrieving an entryfetch entry from the default backend database.

  • Page 54: Loading The Plug-In Configuration File

    Loading the Plug-in Configuration File After you have written the plug-in configuration file, you must load it into the file, which is located in the dse.ldif /opt/redhat-ds/slapd-instance_id/config directory. You can do this either by using an LDAP utility, such as , or ldapmodify by editing the file directly.
  • Page 55 Plug-ins can be dynamically configured at run-time by registering DSE callbacks for the plug-in entry with slapi_config_register_callback() Example 1: dn: cn=Test ExtendedOp,cn=plugins,cn=config objectClass: top objectClass: nsSlapdPlugin objectClass: extensibleObject cn: Test ExtendedOp nsslapd-pluginPath: /opt/redhat-ds/servers/plugins/slapd/slapi/ examples/libtest-plugin.so nsslapd-pluginInitfunc: testexop_init nsslapd-pluginType: extendedop nsslapd-pluginEnabled: on nsslapd-plugin-depends-on-type: database nsslapd-pluginId: test-extendedop nsslapd-pluginarg0: 1.2.3.4 Example 2:...

  • Page 56: Setting The Log Level Of The Server

    For additional information, check the code samples provided here: /opt/redhat-ds/plugins/slapd/slapi/examples Setting the Log Level of the Server If your functions call the function to write messages to the...

  • Page 57: Chapter 4 A Quick Example

    Chapter 4 A Quick Example This chapter provides an example of a pre-operation Red Hat Directory Server (Directory Server) server plug-in that you can compile and run. Along with the source code to the example, the chapter provides a Solaris Makefile that you can use to build the plug-in.

  • Page 58: Writing The Plug-In Example

    An Example Pre-Operation Plug-in Writing the Plug-in Example The following example code includes the sample pre-operation search function and the sample initialization function. Sample Pre-Operation Search and Initialization Functions Code Example 4-1 #include <stdio.h> #include <string.h> #include "slapi-plugin.h" /* function prototypes */ int test_preop_init( Slapi_PBlock *pb );...
  • Page 59 An Example Pre-Operation Plug-in Sample Pre-Operation Search and Initialization Functions (Continued) Code Example 4-1 from the parameter block and prints the data to the error log. */ test_preop_search( Slapi_PBlock *pb ) char *base, *filter_str, *attr_type, *substr_init, *substr_final; char **substr_any; int scope, deref, filter_type, i; Slapi_Filter *filter;...
  • Page 60 An Example Pre-Operation Plug-in Sample Pre-Operation Search and Initialization Functions (Continued) Code Example 4-1 break; default: slapi_log_error( SLAPI_LOG_PLUGIN, "SLAPI_SEARCH_DEREF", "unknown value specified: %d\n", deref ); break; /* Get and log the search filter information */ if ( slapi_pblock_get(pb,SLAPI_SEARCH_FILTER, &filter)==0 ) { /* Get and log the filter type */ filter_type = slapi_filter_get_choice( filter );...

  • Page 61: Compiling The Plug-In Example

    An Example Pre-Operation Plug-in Sample Pre-Operation Search and Initialization Functions (Continued) Code Example 4-1 slapi_log_error( SLAPI_LOG_PLUGIN, "\tFinal substring", "%s\n", substr_final ); break; case LDAP_FILTER_PRESENT: slapi_log_error( SLAPI_LOG_PLUGIN, "SLAPI_SEARCH_FILTER", "LDAP_FILTER_PRESENT\n" ); /* For presence filters, get and log the attribute type */ slapi_filter_get_type( filter, &attr_type );...

  • Page 62: Registering The Plug-In Example

    An Example Pre-Operation Plug-in Code Example 4-2 Example Solaris Makefile # SOLARIS Makefile for Directory Server plug-in examples CC = cc LD = ld INCLUDE_FLAGS = -I../include CFLAGS = $(INCLUDE_FLAGS) -D_REENTRANT -KPIC LDFLAGS = -G OBJS = srchxmpl.o all: srchxmpl.so srchxmpl.so: $(OBJS) $(LD) $(LDFLAGS) -o $@ $(OBJS) .c.o:...
  • Page 63 An Example Pre-Operation Plug-in Error log messsage here! Verify that the plug-ins log level is selected. Error logging is controlled with the attribute in . For the plug-ins log level, set nsslapd-errorlog-level cn=config this value to or set an the current value to .
  • Page 64 An Example Pre-Operation Plug-in Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

  • Page 65: Part 2 Basic Plug-In Programming Techniques

    Part 2 Basic Plug-in Programming Techniques Chapter 5, “Front-End API Functions Chapter 6, “Writing Pre/Post-Operation Plug-ins” Chapter 7, “Defining Functions for LDAP Operations” Chapter 8, “Defining Functions for Authentication”...
  • Page 66 Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

  • Page 67: Chapter 5 Front-End Api Functions

    Chapter 5 Front-End API Functions The Red Hat Directory Server (Directory Server) provides some general-purpose, front-end API functions that allow you to work with the entries in the Directory Server. This chapter explains how to use the front-end API functions to accomplish various tasks;...

  • Page 68: Adding Notes To Access Log Entries

    Adding Notes to Access Log Entries slapi_log_error( SLAPI_LOG_PLUGIN, "searchdn_preop_search", "*** PREOPERATION SEARCH PLUGIN ***\n"); This call will create the following message in the error log: [01/Oct/1997:02:24:18 -0700] searchdn_preop_search \ - *** PREOPERATION SEARCH PLUGIN *** Make sure that the Directory Server is configured to log messages that have the severity that you specify (for example, ).

  • Page 69: Determining If An Operation Was Abandoned

    Sending Data to the Client Sending Data to the Client Sometimes you might need to communicate various information directly back to the client. For example, you might want to do this in the following situations: • If you need to send a result code back to the client (for example, to report an error or a successful result to an LDAP operation), call the function.

  • Page 70: Working With Entries, Attributes, And Values

    Working with Entries, Attributes, and Values Working with Entries, Attributes, and Values This section discusses how to create new entries in the directory and how to convert them to LDIF and back. In certain situations, you will need to pass directory entries between the front-end and the client.

  • Page 71: Converting Between Entries And Strings

    Working with Entries, Attributes, and Values Front-End Functions for Manipulating Entries and Attributes (Continued) Table 5-1 Front-end function Description Delete values from an attribute in an entry. slapi_entry_delete_values_sv() Creating a New Entry In some situations, you might need to create a new entry. There are two basic ways to do this: •...
  • Page 72 Working with Entries, Attributes, and Values If you want to continue the specification of a value on additional lines (in other words, if the value wraps around to another line), use a single space (the ASCII 32 character) at the beginning of subsequent lines. For example: dn: cn=Jane Doe inski, ou=Accoun ting, dc=ex...

  • Page 73: Getting And Setting The Dn Of An Entry

    Working with Entries, Attributes, and Values Getting and Setting the DN of an Entry You can call the following two front-end routines to get and set the DN for an entry: • To get the DN for an entry, call the function.

  • Page 74: Finding A Specific Attribute In An Entry

    Working with DNs and RDNs Finding a Specific Attribute in an Entry To see if an entry contains a specific attribute, call slapi_entry_attr_find() This function returns if the entry contains the attribute, if it does not. Adding and Removing Values You can also call front-end routines to add or remove attributes and values in an entry.

  • Page 75: Determining If A Dn Is The Root Dn

    Working with DNs and RDNs Front-End Functions for Manipulating DNs (Continued) Table 5-2 Function Description Normalizes a DN and converts all characters to slapi_dn_normalize_case() lowercase. Determining If a DN Is the Root DN To determine if a DN is the root DN, call .

  • Page 76: Working With Search Filters

    Working with Search Filters Normalizing a DN You can use the following front-end function to normalize and convert the case of a DN: • to normalize a DN. slapi_dn_normalize() • to convert all characters in a DN to lowercase. slapi_dn_ignore_case() •...

  • Page 77: Determining If An Entry Matches A Filter

    Working with Search Filters Front-End Functions for Manipulating Filters (Continued) Table 5-3 Function Description Get the type of attribute that the filter is slapi_filter_get_type() searching for (only applicable to LDAP_FILTER_PRESENT searches). Get the substring pattern used for the filter slapi_filter_get_subfilt() (applicable only to LDAP_FILTER_SUBSTRING searches).

  • Page 78: Getting The Search Criteria

    Working with Search Filters Types of Filters (Continued) Table 5-4 Filter Type Description The search should find entries not matching the LDAP_FILTER_NOT specified filter. The search should find entries that contain a value LDAP_FILTER_EQUALITY equal to the specified attribute value. The search should find entries that contain a value LDAP_FILTER_SUBSTRINGS matching the specified substrings.

  • Page 79: Converting A String To A Filter

    Working with Search Filters returns a NULL, the component returned by the slapi_list_next() call is the last component in the complex filter. NOTE You do not need to free the values returned by the , and slapi_filter_get_ava() slapi_filter_get_type() functions. slapi_filter_get_subfilt() Converting a String to a Filter A search filter can be represented by either the datatype or as a...

  • Page 80: Checking Passwords

    Checking Passwords Checking Passwords By default, Directory Server uses the attribute to store the userPassword credentials for an entry. The server encodes the password using the scheme specified in the nsslapd-rootpwstoragescheme passwordStorageScheme attributes of the entry contained in the file. The scheme can cn=config dse.ldif be any of the following:...

  • Page 81: Chapter 6 Writing Pre/Post-Operation Plug-Ins

    Chapter 6 Writing Pre/Post-Operation Plug-ins This chapter explains how to write functions that the Red Hat Directory Server (Directory Server) calls before and after executing an LDAP operation. These functions are called pre-operation and post-operation plug-in functions. • How Pre/Post-Operation Plug-ins Work (page 79) •...
  • Page 82 How Pre/Post-Operation Plug-ins Work You can also set up the Directory Server to call your own plug-in functions before and after: • Sending an LDAP entry back to the client. • Sending an LDAP result code back to the client. •...

  • Page 83: Types Of Pre-Operation And Post-Operation Functions

    Types of Pre-Operation and Post-Operation Functions Types of Pre-Operation and Post-Operation Functions As is the case with other server plug-in functions, pre-operation functions and post-operation functions are specified in a parameter block that you can set on server startup. Each function corresponds to an ID in the parameter block. In your initialization function, you can call the function to specify slapi_pblock_set()

  • Page 84: Types Of Post-Operation Functions

    Types of Pre-Operation and Post-Operation Functions Functions Called before the Directory Server Executes an Operation (Continued) Table 6-1 ID in Parameter Block Description Specifies the function called before the Directory Server SLAPI_PLUGIN_PRE_MODIFY_FN executes an LDAP modify operation. For information on writing this type of function, see “Processing an LDAP Modify Operation,”...
  • Page 85 Types of Pre-Operation and Post-Operation Functions Table 6-2 Functions Called after the Directory Server Executes an Operation ID in Parameter Block Description Specifies the function called after the Directory Server SLAPI_PLUGIN_POST_BIND_FN executes an LDAP bind operation. For information on writing this type of function, see “Processing an LDAP Bind Operation,”...

  • Page 86: Registering Pre/Post-Operation Functions

    Registering Pre/Post-Operation Functions Functions Called after the Directory Server Executes an Operation (Continued) Table 6-2 ID in Parameter Block Description Specifies the function called after the Directory Server sends SLAPI_PLUGIN_POST_ENTRY_FN an entry back to the client (for example, when you call slapi_send_ldap_search_entry(), the post-operation entry function is called after the entry is sent back to the client).

  • Page 87: Chapter 7 Defining Functions For Ldap Operations

    Chapter 7 Defining Functions for LDAP Operations This chapter explains how to write pre-operation and post-operation functions for specific LDAP operations. In general, the functions outlined here use a parameter block to pass information between the plug-in and the Red Hat Directory Server (Directory Server).

  • Page 88: Processing An Ldap Bind Operation

    Processing an LDAP Bind Operation In the plug-in init function, use the following parameters with to specify these functions: slapi_pblock_set() Specifies the function called after the Directory Server SLAPI_PLUGIN_START_FN starts up. Specifies the function called before the Directory Server SLAPI_PLUGIN_CLOSE_FN shuts down.

  • Page 89: Getting And Setting Parameters For The Bind Operation

    Processing an LDAP Unbind Operation Getting and Setting Parameters for the Bind Operation The front-end makes this information available to pre-operation and post-operation plug-in functions in the form of parameters in a parameter block. Parameter ID Data Type Description DN of the entry as which to bind. SLAPI_BIND_TARGET char * Authentication method used;...

  • Page 90: Processing An Ldap Search Operation

    Processing an LDAP Search Operation Your plug-in functions should return if successful. If the pre-operation function returns a non-zero value, the post-operation unbind function is never called. Processing an LDAP Search Operation The server processes an LDAP search operation in two stages: •...
  • Page 91 Processing an LDAP Search Operation Parameter ID Data Type Description DN of the base entry in the search SLAPI_SEARCH_TARGET char * operation (the starting point of the search). The original DN sent by the client SLAPI_ORIGINAL_TARGET_DN char * (this DN is normalized by SLAPI_SEARCH_TARGET);...

  • Page 92: Iterating Through Candidates

    Processing an LDAP Search Operation Parameter ID Data Type Description Specifies whether the search SLAPI_SEARCH_ATTRSONLY results return attribute types only or attribute types and values. (0 means return both attributes and values; 1 means return attribute types only). Your search function should return if successful.

  • Page 93: Processing An Ldap Compare Operation

    Processing an LDAP Compare Operation Parameter ID Data Type Description Reserved for future use. SLAPI_SEARCH_RESULT_ENTRY_EXT void * The context identifying the last result sent in the results set. This “next entry” function actually sets this parameter. Number of search results found. SLAPI_NENTRIES Array of the URLs to other SLAPI_SEARCH_REFERRALS...

  • Page 94: Processing An Ldap Add Operation

    Processing an LDAP Add Operation Parameter ID Data Type Description DN of the entry to be compared. SLAPI_COMPARE_TARGET char * Attribute type to use in the comparison. SLAPI_COMPARE_TYPE char * Attribute value to use in the comparison SLAPI_COMPARE_VALUE struct berval * The compare function should call to send slapi_send_ldap_result()

  • Page 95: Processing An Ldap Modify Operation

    Processing an LDAP Modify Operation • If the entry already exists in the database, the function should call to send an LDAP error code slapi_send_ldap_result() and should return LDAP_ALREADY_EXISTS • If the parent entry (or the closest matching entry) is a referral entry (an entry with the object class ) and no control is included with the...
  • Page 96 Processing an LDAP Modify Operation Parameter ID Data Type Description A NULL-terminated array of LDAPMod SLAPI_MODIFY_MODS LDAPMod ** structures, which represent the modifications to be performed on the entry. function should check the following: modify • If the operation has been abandoned, the function should return .

  • Page 97: Processing An Ldap Modify Rdn Operation

    Processing an LDAP Modify RDN Operation You should also verify that the ACI syntax for the entry is correct; call to determine this. slapi_acl_check_mods() If the function is successful, the function should call modify to send an code back to the client and slapi_send_ldap_result() LDAP_SUCCESS should return...

  • Page 98: Processing An Ldap Delete Operation

    Processing an LDAP Delete Operation To determine if a control is present, call manageDSAIT slapi_pblock_get() to get the value of the parameter. If the value is , the SLAPI_MANAGEDSAIT control is included in the request. If , the control is not included in the request.

  • Page 99: Processing An Ldap Abandon Operation

    Processing an LDAP Abandon Operation Parameter ID Data Type Description DN of the entry to delete. SLAPI_DELETE_TARGET char * If the function is successful, it should return delete Processing an LDAP Abandon Operation When the Directory Server receives an LDAP request from a client, the abandon front-end gets the message ID of the operation that should be abandoned.
  • Page 100 Processing an LDAP Abandon Operation Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

  • Page 101: Chapter 8 Defining Functions For Authentication

    Chapter 8 Defining Functions for Authentication This chapter explains how to write a plug-in function to bypass or replace the standard function for authentication with your own function. Information on authentication with the Red Hat Directory Server (Directory Server) is organized in the following sections: •...

  • Page 102: How The Directory Server Identifies Clients

    How the Directory Server Identifies Clients • Simple Authentication and Security Layer (SASL) is described in RFC 2222, which you can find at http://www.ietf.org/rfc/rfc2222.txt SASL provides the means to use mechanisms other than simple authentication and SSL to authenticate to the Directory Server. How the Directory Server Identifies Clients The server keeps track of the identity of the LDAP client through the parameters.
  • Page 103 How the Authentication Process Works If the method of authentication is (SASL authentication), the LDAP_AUTH_SASL server determines whether the SASL mechanism (specified in the request) is supported. If the SASL mechanism is not supported by the server, the server sends an result code back to the client and ends the LDAP_AUTH_METHOD_NOT_SUPPORTED processing of the bind request.
  • Page 104 How the Authentication Process Works If the credentials are correct, the server sets the SLAPI_CONN_DN parameter to the DN and the parameter to SLAPI_CONN_AUTHTYPE . The server sends an result code back LDAP_AUTH_SIMPLE LDAP_SUCCESS to the client and ends the processing of the request.

  • Page 105: Writing Your Own Authentication Plug-In

    Writing Your Own Authentication Plug-in Writing Your Own Authentication Plug-in A situation may arise in which you may want to write and implement your own function for authentication; that is, replace the standard means of authentication with your own function. You can write a pre-operation bind plug-in function (a function that the server calls before processing an LDAP request) that bind...
  • Page 106 Writing a Pre-Operation Bind Plug-in Figure 8-1 Using a Pre-Operation Bind Plug-in Function to Handle Authentication Figure 8-2 illustrates the steps that your pre-operation bind plug-in function must take to authenticate LDAP clients to the Directory Server. Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

  • Page 107: Defining Your Authentication Function

    What to Do If Authentication Succeeds NOTE Be sure to check this source file for an example of a pre-operation plug-in function that handles authentication: /opt/redhat-ds/plugins/slapd/slapi/examples/testbind.c Getting and Checking the Bind Parameters Call the function to get the values of the following...

  • Page 108: Getting The Entry And Checking The Credentials

    Writing a Pre-Operation Bind Plug-in • — A structure containing the credentials SLAPI_BIND_CREDENTIALS berval sent by the client. If you plan to support authentication through SASL mechanisms, you should also get the value of the parameter (a string value SLAPI_BIND_SASLMECHANISM specifying the name of the SASL mechanism to use for authentication).

  • Page 109: What To Do If Authentication Fails

    Writing a Pre-Operation Bind Plug-in If you need to compare the client’s credentials against the value of the attribute, you can call the function. This userPassword slapi_pw_find_sv() function determines which password scheme was used to store the password and uses the appropriate comparison function to compare a given value against the encrypted value of the attribute.

  • Page 110: Registering The Sasl Mechanism

    Writing a Pre-Operation Bind Plug-in represents no authentication. (The client is binding SLAPD_AUTH_NONE anonymously.) represents the simple authentication method. SLAPD_AUTH_SIMPLE represents authentication through SSL. SLAPD_AUTH_SSL represents SASL authentication. SLAPD_AUTH_SASL These values differ from the values in the parameter. SLAPI_BIND_METHOD The values listed above are string values defined in the slapi-plugin.h header file, whereas the values of the parameter (such as...

  • Page 111: Example Of A Pre-Operation Bind Plug-In

    Be sure to check this source file for an example of a pre-operation plug-in function for SASL authentication with LDAP bind operations: /opt/redhat-ds/plugins/slapd/slapi/examples/testsaslbind. Example of a Pre-Operation Bind Plug-in The following sections document an example of a pre-operation bind plug-in that handles authentication: •...
  • Page 112 Writing a Pre-Operation Bind Plug-in Sample Pre-Operation Bind Function (Continued) Code Example 8-1 slapi_log_error( SLAPI_LOG_PLUGIN, "test_bind", "Pre-operation bind function called.\n" ); /* Gets parameters available when processing an LDAP bind operation. */ if ( slapi_pblock_get( pb, SLAPI_BIND_TARGET, &dn ) != 0 || slapi_pblock_get( pb, SLAPI_BIND_METHOD, &method ) != 0 || slapi_pblock_get( pb, SLAPI_BIND_CREDENTIALS, &credentials ) != 0 ) {...
  • Page 113 Writing a Pre-Operation Bind Plug-in Sample Pre-Operation Bind Function (Continued) Code Example 8-1 break; slapi_attr_get_values( attr, &pwvals ); if ( slapi_pw_find( pwvals, credentials ) != 0 ) { slapi_log_error( SLAPI_LOG_PLUGIN, "test_bind", "Credentials are not correct for the entry\n" ); rc = LDAP_INVALID_CREDENTIALS; break;...

  • Page 114: Example Of An Initialization Function

    Writing a Pre-Operation Bind Plug-in Sample Pre-Operation Bind Function (Continued) Code Example 8-1 slapi_log_error( SLAPI_LOG_PLUGIN, "test_bind", "Unsupported authentication method requested: %d\n", method ); rc = LDAP_AUTH_METHOD_NOT_SUPPORTED; break; if ( searchpb ) { slapi_free_search_results_internal( searchpb ); slapi_ch_free( ( void ** )&searchpb ); slapi_send_ldap_result( pb, rc, NULL, NULL, 0, NULL );...

  • Page 115: Registering The Plug-In

    -1 ); return( 0 ); Registering the Plug-in To register the plug-in, add this to the end of the file, which is located in dse.ldif directory: /opt/redhat-ds/slapd-instance_id/config dn: cn=Test Bind,cn=plugins,cn=config objectClass: top objectClass: nsSlapdPlugin objectClass: extensibleObject cn: Test Bind nsslapd-pluginPath: /opt/redhat-ds/plugins/slapd/slapi/examples/libtest-plugin.so...
  • Page 116 Using SASL with an LDAP Client In your client, call the function to ldap_sasl_bind() ldap_sasl_bind_s() request authentication using SASL. To parse credentials from an asynchronous SASL bind operation, call . These functions ldap_parse_sasl_bind_result() are part of LDAP C SDK 3.0. The syntax for these functions are listed below: LDAP_API(int) LDAP_CALL ldap_sasl_bind( LDAP *ld, const char *dn,...
  • Page 117 Using SASL with an LDAP Client If you are call the function, you need to call the ldap_sasl_bind() ldap_result() function to get the result of the authentication attempt: LDAP_API(int) LDAP_CALL ldap_result( LDAP *ld, int msgid, \ int all, struct timeval *timeout, LDAPMessage **result ); The parameters are described below: •...
  • Page 118 Using SASL with an LDAP Client The following example is an LDAP client that authenticates using the SASL method named babsmechanism Code Example 8-3 LDAP Client Authenticating Using SASL Method #include <stdio.h> #include <stdlib.h> #include <string.h> #include <time.h> #include <ldap.h> main( int argc, char **argv ) LDAP *ld;...
  • Page 119 Using SASL with an LDAP Client LDAP Client Authenticating Using SASL Method (Continued) Code Example 8-3 sprintf( buf, "This entry was modified with the modattrs program on %s", ctime( &now )); /* Get rid of \n which ctime put on the end of the time string if ( buf[ strlen( buf ) - 1 ] == '\n' ) { buf[ strlen( buf ) - 1 ] = '\0';...
  • Page 120 Using SASL with an LDAP Client Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

  • Page 121: Part 3 Advanced Programming Techniques

    Part 3 Advanced Programming Techniques Chapter 9, “Writing Entry Store/Fetch Plug-ins” Chapter 10, “Writing Extended Operation Plug-ins” Chapter 11, “Writing Matching Rule Plug-ins” Chapter 12, “Using the Custom Distribution Logic Chapter 13, “Using Data Interoperability Plug-ins...
  • Page 122 Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

  • Page 123: Chapter 9 Writing Entry Store/Fetch Plug-Ins

    Chapter 9 Writing Entry Store/Fetch Plug-ins This chapter describes how to write entry store and entry fetch plug-ins. You can use these types of plug-ins to invoke functions before and after data is read from the default database. The chapter contains the following sections: •...

  • Page 124: Writing Entry Store/Fetch Functions

    Writing Entry Store/Fetch Functions Figure 9-1 How the Server Calls Entry Store and Entry Fetch Plug-in Functions Writing Entry Store/Fetch Functions Unlike most other types of plug-in functions, entry store and entry fetch plug-in functions are not passed a parameter block when called. Instead, entry store and entry fetch plug-in functions must have the following prototype: void function_name( char **entry, unsigned long *len );...

  • Page 125: Registering Entry Store/Fetch Functions

    (see chapter 3, “Configuring Plug-ins”). For example, your plug-in entry might look like this: dn: cn=Test entry,cn=plugins,cn=config objectClass: top objectClass: nsSlapdPlugin objectClass: extensibleObject cn: Test entry nsslapd-pluginPath: /opt/redhat-ds/servers/plugins/slapd/slapi/ examples/libtest-plugin.so nsslapd-pluginInitfunc: testentry_init nsslapd-pluginType: ldbmentryfetchstore nsslapd-pluginEnabled: on nsslapd-pluginId: test-entry For an example plug-in functions that implement entry store and entry fetch operations, take a look at this source file: /opt/redhat-ds/plugins/slapd/slapi/examples/testentry.c...
  • Page 126 Registering Entry Store/Fetch Functions Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

  • Page 127: Chapter 10 Writing Extended Operation Plug-Ins

    Chapter 10 Writing Extended Operation Plug-ins This chapter explains how to write plug-in functions to handle extended operations. Extended operations are are defined in the LDAP v3 protocol. The chapter contains the following sections: • How Extended Operation Plug-ins Work (page 125) •...

  • Page 128: Writing Extended Operation Functions

    Writing Extended Operation Functions Writing Extended Operation Functions Like other plug-in functions, extended operation functions pass a single parameter block ( ) and return an integer value, as shown in the Slapi_PBlock following example declaration: int my_ext_func( Slapi_PBlock *pb ); Extended operation functions should return a value of if they are successful and a non-zero value if they are unsuccessful.

  • Page 129: Registering Extended Operation Functions

    NOTE For a sample plug-in function (uncompiled C code) that implements an extended operation, check this file: /opt/redhat-ds/plugins/slapd/slapi/examples/testextende dop.c Registering Extended Operation Functions As is the case with other server plug-in functions (see “Passing Data with Parameter Blocks,”...
  • Page 130 “Configuring Plug-ins”). For example, your plug-in entry might look like this: dn: cn=Test ExtendedOp,cn=plugins,cn=config objectClass: top objectClass: nsSlapdPlugin objectClass: extensibleObject cn: Test ExtendedOp nsslapd-pluginPath: /opt/redhat-ds/servers/plugins/slapd/slapi/ examples/libtest-plugin.so nsslapd-pluginInitfunc: testexop_init nsslapd-pluginType: extendedop Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

  • Page 131: Specifying Start And Close Functions

    1.2.3.4 For an example plug-in function that implements an extended operation, take a look at this source file: /opt/redhat-ds/plugins/slapd/slapi/examples/testextendedop.c Specifying Start and Close Functions For each extended operation plug-in, you can specify the name of a function to be called after the server starts and before the server is shut down.
  • Page 132 Specifying Start and Close Functions Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

  • Page 133: Chapter 11 Writing Matching Rule Plug-Ins

    Chapter 11 Writing Matching Rule Plug-ins This chapter explains how to write plug-in functions that handle matching rules. Matching rule plug-in functions are described in the following sections: • Understanding Matching Rules (page 131) • Understanding Matching Rule Plug-ins (page 133) •...

  • Page 134: Extensible Match Filters

    Understanding Matching Rules Extensible Match Filters In an extensible match filter, the client specifies that it wants to use the matching rule to compare a specified value against the values of entries in the directory. (For example, an extensible match filter might find all entries in which the attribute “sounds like”...

  • Page 135: Extensible Match Filters In The Directory Server

    Understanding Matching Rule Plug-ins Extensible Match Filters in the Directory Server Directory Serveralready includes support for certain matching rules, which are used to determine the collation order and operator for searches of international data. You can enable the Directory Server to handle your own matching rules for extensible match searches by defining your own matching rules plug-ins and registering them with the server.

  • Page 136: How Matching Rules Are Identified

    Understanding Matching Rule Plug-ins When the server starts up and loads the matching rule plug-in, it calls the initialization function. In this function, you pass the server the pointers to the factory functions and the close function. The server calls these functions when needed.

  • Page 137: How The Server Associates Plug-Ins With Oids

    Understanding Matching Rule Plug-ins How the Server Associates Plug-ins with OIDs When the server encounters the OID for a matching rule, it attempts to find the plug-in associated with that matching rule. If no plug-in is associated with the matching rule, the server calls each matching rule plug-in to find one that handles the specified matching rule.

  • Page 138: Finding A Plug-In For Searching

    Understanding Matching Rule Plug-ins Finding a Plug-in for Searching To determine which matching rule plug-in is responsible for handling an extensible match filter for a given matching rule (based on its OID), the server does the following for each plug-in: In a new parameter block, the server sets the following Slapi_PBlock...

  • Page 139: How The Server Uses Parameter Blocks

    Indexing Based on Matching Rules How the Server Uses Parameter Blocks The server uses parameter blocks as a means to pass information to and from plug-in functions. When calling your matching rule plug-in functions, the server will create a new parameter block, set some input parameters, and pass the Slapi_PBlock parameter block to your function.

  • Page 140: How The Server Updates The Index

    Indexing Based on Matching Rules The server gets the OID returned in the parameter and SLAPI_PLUGIN_MR_OID associates this OID with the rest of the attribute indexing information (such as the attribute type and the type of index) for future reference. When adding, modifying, or deleting the values of an attribute, the server will check this information to determine if the attribute is indexed.

  • Page 141: Writing The Indexer Factory Function

    Indexing Based on Matching Rules When the server is done, it frees any parameter blocks that were allocated during this process. Writing the Indexer Factory Function The indexer factory function takes a single argument. This function Slapi_PBlock should be thread-safe. The server may call this function concurrently. The indexer factory function should do the following: Get the OID from the parameter, and determine...

  • Page 142: Getting And Setting Parameters In Indexer Factory Functions

    Indexing Based on Matching Rules Set the parameter to the function responsible SLAPI_PLUGIN_DESTROY_FN for freeing any memory allocated by the factory function, such as the indexer object. See “Writing a Destructor Function,” on page 151, for details. Return (or the result code ) if everything completed LDAP_SUCCESS successfully.

  • Page 143: Writing The Indexer Function

    Indexing Based on Matching Rules Input and Output Parameters Available to an Indexer Factory Function (Continued) Table 11-1 Parameter Name Data Type Description Input parameter. Pointer to any private data SLAPI_PLUGIN_PRIVATE void * originally specified in the initialization function. See “Writing an Initialization Function,”...

  • Page 144: Getting And Setting Parameters In Indexer Functions

    Handling Extensible Match Filters Getting and Setting Parameters in Indexer Functions The following table summarizes the different parameters that the indexer function should get and set in the parameter block that is passed in. Input and Output Parameters Available to an Indexer Function Table 11-2 Parameter Name Data Type...

  • Page 145: How The Server Handles The Filter

    Handling Extensible Match Filters How the Server Handles the Filter When the server processes a search request that has an extensible match filter, the server does the following: First, the server finds the plug-in associated with this OID, if an association between the OID and plug-in has already been made.

  • Page 146: Query Operators In Matching Rules

    Handling Extensible Match Filters The server calls the filter matching function (which is specified in the parameter), passing in the filter SLAPI_PLUGIN_MR_FILTER_MATCH_FN object, the entry, and the attributes of the entry. If the entry does not match but the search request also specifies that the attributes in the DN should be searched, the server calls the filter matching function again, passing in the filter object, the entry, and the attributes in the DN.

  • Page 147: Writing A Filter Factory Function

    Handling Extensible Match Filters If the query operator is , the server attempts to find the keys in the SLAPI_OP_EQUAL index that match the value specified in the search filter. In the case of the other query operators, the server attempts to find ranges of keys that match the value. Writing a Filter Factory Function The filter factory function takes a single argument.

  • Page 148: Getting And Setting Parameters In Filter Factory Functions

    Handling Extensible Match Filters Set the following parameters: Set the parameter to the official OID of the SLAPI_PLUGIN_MR_OID matching rule if the value of that parameter is not the official OID. Optional. Set the parameter to the filter object. SLAPI_PLUGIN_OBJECT Set the parameter to the filter SLAPI_PLUGIN_MR_FILTER_INDEX_FN...

  • Page 149: Writing A Filter Index Function

    Handling Extensible Match Filters Input and Output Parameters Available to a Filter Factory Function (Continued) Table 11-4 Parameter Name Data Type Description Input parameter. Pointer to any SLAPI_PLUGIN_PRIVATE void * private data originally specified in the initialization function. See “Writing an Initialization Function,”...

  • Page 150: Getting And Setting Parameters In Filter Index Functions

    Handling Extensible Match Filters Set the parameter to the values in the filter SLAPI_PLUGIN_MR_VALUES object. Set the parameter to the query SLAPI_PLUGIN_MR_QUERY_OPERATOR operator that corresponds to this search filter. See “Query Operators in Matching Rules,” on page 144, for possible values for this parameter. Set the parameter to the filter object.

  • Page 151: Writing A Filter Matching Function

    Handling Extensible Match Filters Input and Output Parameters Available to a Filter Index Function (Continued) Table 11-5 Parameter Name Data Type Description Output parameter. Attribute type (if SLAPI_PLUGIN_MR_TYPE char * any) specified in the extensible match filter. Output parameter. Pointer to an SLAPI_PLUGIN_MR_VALUES struct berval ** array of berval structures...

  • Page 152: Handling Sorting By Matching Rules

    Handling Sorting by Matching Rules You can call the function to compare the attribute slapi_attr_type_cmp() in the filter against the attributes passed in as arguments. Using the query operator to determine how the values should be compared, compare the values from the filter against the values in the attribute. Return one of the following values: if the values of the attribute match the value specified in the filter.

  • Page 153: Writing A Destructor Function

    Writing a Destructor Function Next, the server gets the value of the parameter, SLAPI_PLUGIN_MR_KEYS which is an array of structures containing the keys corresponding berval to the values. The server compares the keys to sort the results. Writing a Destructor Function The server calls the destructor function to free any memory that you’ve allocated;...
  • Page 154 Writing an Initialization Function • parameter should be set to the SLAPI_PLUGIN_MR_FILTER_CREATE_FN filter factory function. See “How the Server Handles the Filter,” on page 143, and “Writing a Filter Factory Function,” on page 145, for details. • parameter should be set to the SLAPI_PLUGIN_MR_INDEXER_CREATE_FN indexer factory function if you have defined one.

  • Page 155: Registering Matching Rule Functions

    /opt/redhat-ds/servers/slapd-host1/ customplugins/filename.conf Specifying Start and Close Functions For each matching rule operation plug-in, you can specify the name of a function to be called after the server starts and before the server is shut down. These functions take a single argument.
  • Page 156 Specifying Start and Close Functions Table 11-8 Input and Output Parameters Available to a Matching Rule Plug-in Initialization Function Parameter Name Data Type Description Output parameter. The function called SLAPI_PLUGIN_START_FN void * after the Directory Server starts up. (function pointer) Output parameter.

  • Page 157: Chapter 12 Using The Custom Distribution Logic

    Chapter 12 Using the Custom Distribution Logic The distribution plug-in provided with Red Hat Directory Server (Directory Server) distributes a flat namespace, allowing you to associate several databases with a single suffix. This chapter contains the following sections: • About Distributing Flat Namespaces (page 155) •...

  • Page 158: Creating A Distribution Function

    Creating a Distribution Function Because the number of users is too large, you decide to distribute the entries according to the first letter of each user’s last name, assigning each letter to a separate database. To do this, you need to create your own distribution function. Your function determines how each operation received by the suffix is ou=users...
  • Page 159 Creating a Distribution Function Each time the server gets a request for a suffix that contains the distribution function, the function is called. The function then decides which database (backend) processes the request. The decision made by the function is based on some piece of information present in the pblock at the time of the request, such as the entry DN, a hash function, the time of day, or the type of operation.

  • Page 160: Adding The Distribution Function To Your Directory

    Adding the Distribution Function to Your Directory You can create the root entry in two ways: • Import the same LDIF file into each database using the ldif2db command-line utility. This LDIF file should contain the root entry as well as data that you want to distribute across the databases.

  • Page 161: Using The Console

    Adding the Distribution Function to Your Directory Using the Console In the Directory Server Console, select the Configuration tab. Expand the Data tree, and select the suffix to which you want to add another database. From the Object menu, select New Database. You can also right click the suffix and select New Database from the menu.

  • Page 162: Adding Distribution Logic To A Suffix

    Using the Distribution Logic Examples Adding Distribution Logic to a Suffix The distribution logic is a function declared in a suffix. This function is called for every operation reaching this suffix, including the subtree search operations that start above the suffix. You can add a distribution function to a suffix using both the Console and the command-line.
  • Page 163 For information on configuring database links, refer to chapter 2, “Creating Directory Entries,” in the Red Hat Directory Server Administrator’s Guide. The following directory in your Directory Server installation contains the uncompiled C code examples: /opt/redhat-ds/plugins/slapd/slapi/examples/distb/ This directory contains a file named , which contains three example distrib.c...

  • Page 164: Custom Distribution Checklist

    Custom Distribution Checklist Custom Distribution Checklist In summary, the following steps are involved in adding the distribution function to your directory: • Create the distribution function. • Create a suffix. • Add as many databases to the suffix as required by your distribution algorithm.

  • Page 165: Chapter 13 Using Data Interoperability Plug-Ins

    Chapter 13 Using Data Interoperability Plug-ins This chapter explains how to use the Data Interoperability (DIOP) feature of Red Hat Directory Server (Directory Server). The DIOP feature refers to Directory Server’s ability to work with a proprietary database, instead of the default database created during installation.

  • Page 166: Installing Directory Server

    Installing Directory Server Installing Directory Server This section explains how to install Directory Server in order to test and use the DIOP feature. • Understanding Deployment Configuration • Installing Two Instances of Directory Server Understanding Deployment Configuration To verify whether the DIOP feature works in Directory Server, your deployment must comprise two instances of Directory Server: •...
  • Page 167 Installing Directory Server Plug-in Status in DIOP-Enabled Directory Server (Continued) Table 13-1 Default Directory Server Plug-ins Unsupported Plug-ins (Indicated by X) (Names as they appear in the Directory Server Console) ACL preoperation Binary Syntax Boolean Syntax Case Exact String Syntax Case Ignore String Syntax chaining database Class of Service...
  • Page 168 Installing Directory Server Plug-in Status in DIOP-Enabled Directory Server (Continued) Table 13-1 Default Directory Server Plug-ins Unsupported Plug-ins (Indicated by X) (Names as they appear in the Directory Server Console) Telephone Syntax UID Uniqueness URI Syntax Views CLEAR CRYPT NS-MTA-MD5 SSHA Figure 13-1 illustrates Directory Server deployment required for testing the DIOP feature.
  • Page 169 Installing Directory Server In the above figure, is the configuration Directory Server and slapd-configInstance is the Directory Server instance with the DIOP plug-in turned slapd-diopInstance • The management and administration of is done via the slapd-configInstance corresponding Directory Server Console, accessible from within Red Hat Console.

  • Page 170: Installing Two Instances Of Directory Server

    To summarize the installation requirements for testing the DIOP feature: • You install two instances of Directory Server under the same server root (by specifying the same installation directory). For example, you can install two Directory Server instances: /opt/redhat-ds/servers/slapd-configInstance /opt/redhat-ds/servers/slapd-diopInstance where is the default installation directory. In the /opt/redhat-ds/servers sections that follow.

  • Page 171: Enabling The Diop Feature In Directory Server

    Enabling the DIOP Feature in Directory Server Start Administration Server. /opt/redhat-ds/servers/start-admin Start Red Hat Console. /opt/redhat-ds/servers/startconsole Use Red Hat Console to create a new/second instance of Directory Server in Figure 13-1). slapd-diopInstance In the navigation pane, select the Server Group, right click, select “Create Instance of Red Hat Directory Server,”...

  • Page 172: Using The Diop Feature

    • By editing the file directly: dse.ldif Shut down your Directory Server. /opt/redhat-ds/servers/slapd-diopInstance/stop-server In the text editor, open the file. dse.ldif The file is located in the /opt/redhat-ds/servers/slapd-diopInstance/config/dse.ldif directory. Add the above mentioned entry, save your changes, and close the file.
  • Page 173 If you want to use the sample plug-in, first build the plug-in, and then load it into the server: Shut down your DIOP-enabled Directory Server. Go to the directory in which the sample plug-in is located. cd /opt/redhat-ds/plugins/slapd/slapi/examples Build the plug-in. gmake Modify the file to /opt/redhat-ds/servers/slapd-diopInstance/config/dse.ldif...

  • Page 174: Sample Diop Plug-In

    Sample DIOP Plug-in Open the file in a /opt/redhat-ds/servers/slapd-diopInstance/config/dse.ldif text editor. Modify the entry, which cn=datainterop,cn=plugins,cn=config holds the plug-in information, with data from your proprietary database plug-in. After you have done the required changes, restart the server to load the modified configuration.
  • Page 175 Sample DIOP Plug-in • The main goal of the sample plug-in is to show how to create a simple plug-in that supports data interoperability. • The plug-in does not attempt to create any usable functionality to access backends (database or files) but returns observable output uniformly to verify that the functions in the pre-operation plug-in have been accessed and executed for different LDAP operations.
  • Page 176 “Installing Directory Server,” on page 164. Building the Data The compiler used on Solaris is Forte. For example: Interoperability Plug-in cd /opt/redhat-ds/plugins/slapd/slapi/examples gmake <libtest-plugin.so is generated> Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

  • Page 177: Debugging The Plug-In

    If you need to debug the plug-in installed on a Solaris machine, you can use cd /opt/redhat-ds/bin/slapd/server setenv NETSITE_ROOT /opt/redhat-ds/servers dbx ns-slapd run -d 65536 -D /opt/redhat-ds/servers/slapd-diopInstance Once the server starts up and error logs show that the server has started, press Ctrl+C. stop in user-defined-function-in-the-plugin Similar steps can be done on other platforms, using the platform-specific debuggers and commands.

  • Page 178: Bypassing Access Control Checks

    Plug-in API Reference Bypassing Access Control Checks It may be desirable to disable access control checking for operations that are handled by the custom DIOP plug-in. To enable the plug-ins to bypass access control, a new flag, , has been defined. You SLAPI_OP_FLAG_NO_ACCESS_CHECK allow a custom plug-in to bypass access control by setting the flag on the operation-data structure, which is available to the plug-in through the parameter...

  • Page 179: Part 4 Reference

    Part 4 Reference Chapter 14, “Data Type and Structure Reference” Chapter 15, “Function Reference” Chapter 16, “Parameter Block Reference”...
  • Page 180 Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

  • Page 181: Chapter 14 Data Type And Structure Reference

    Chapter 14 Data Type and Structure Reference This chapter summarizes the data types and structures that you can use when writing Red Hat Directory Server (Directory Server) plug-in functions. Summary of Data Types and Structures The functions in the server plug-in API use the following data types and structures: Data Types and Structures Description Represents binary data that is encoded...
  • Page 182 Summary of Data Types and Structures Data Types and Structures Description Specifies the prototype for a callback send_ldap_referral_fn_ptr_t function that you can write to send LDAPv3 referrals (search result references) back to the client. Specifies the prototype for a callback send_ldap_result_fn_ptr_t function that you can write to send LDAP result codes back to the client.

  • Page 183: Berval

    Summary of Data Types and Structures Data Types and Structures Description Represents an operation pending from an Slapi_Operation LDAP client. Contains name-value pairs that you can Slapi_PBlock get or set for each LDAP operation. Represents information about a server Slapi_PluginDesc plug-in.

  • Page 184: Computed_Attr_Context

    Summary of Data Types and Structures Description data structure represents binary data that is encoded using simplified berval Basic Encoding Rules (BER). The data and size of the data are included in a structure. berval Use a structure when working with attributes that contain binary data berval (such as a JPEG or audio file).
  • Page 185 Summary of Data Types and Structures Object ID (OID) of the control. ldctl_oid berval structure containing the value used by the control for ldctl_value the operation. Specifies whether the control is critical to the operation. This ldctl_iscritical field can have one of the following values: •...

  • Page 186: Ldapmod

    Summary of Data Types and Structures To ..Call this function Register the specified control with slapi_register_supported_control()) the server. This function associates the control with an object identification (OID) Retrieve an allocated array of object slapi_get_supported_controls_copy() identifiers (OIDs) representing the controls supported by the Directory Server.
  • Page 187 Summary of Data Types and Structures The operation to be performed on the attribute and the type of data mod_op specified as the attribute values. This field can have one of the following values: #define LDAP_MOD_ADD 0x00 #define LDAP_MOD_DELETE 0x01 #define LDAP_MOD_REPLACE 0x02 #define LDAP_MOD_BVALUES...
  • Page 188 Summary of Data Types and Structures Code Example 14-1 Sample Code for Changing the Email Address of a User’s Entry Slapi_PBlock *rcpb; LDAPMod attribute1; LDAPMod *list_of_attrs[2]; char *mail_values[] = { "bab@example.com", NULL }; char *dn; /* Identify the entry that you want changed */ dn = "cn=Barbara Jensen, ou=Product Development, l=US, dc=example,dc=com";...

  • Page 189: Mrfiltermatchfn

    Summary of Data Types and Structures See Also Slapi_Mod Slapi_Mods mrFilterMatchFn pecifies the prototype for a filter matching callback function. Syntax #include "slapi-plugin.h" typedef int (*mrFilterMatchFn) (void* filter, Slapi_Entry* entry, Slapi_Attr* attrs); Parameters This function has the following parameters: Pointer to the filter structure created by your filter factory function. (For filter details, see “Writing a Filter Factory Function,”...

  • Page 190: Plugin_Referral_Entry_Callback

    Summary of Data Types and Structures You need to define the filter matching function, which is the function that has prototype specified by . The server calls this function for each mrFilterMatchFn potential matching candidate entry. The server passes pointers to a filter structure that you create in your filter factory function (see “...

  • Page 191: Plugin_Result_Callback

    Summary of Data Types and Structures The LDAP referral entry callback function will be called once for each referral entry found by a search operation, which means it could be called zero or any number of times. parameter can be used to pass arbitrary plug-in or callback_data operation-specific information to a referral entry callback function.

  • Page 192: Plugin_Search_Entry_Callback

    Summary of Data Types and Structures plugin_search_entry_callback This typedef is used for LDAP search entry callback functions, which are plug-in defined functions that process LDAP entries that are located by an internal search. Syntax #include "slapi-plugin.h" typedef int (*plugin_search_entry_callback)(Slapi_Entry *e, void *callback_data);...
  • Page 193 Summary of Data Types and Structures Syntax #include "slapi-plugin.h" typedef int (*send_ldap_referral_fn_ptr_t)( Slapi_PBlock *pb, Slapi_Entry *e, struct berval **refs, struct berval ***urls); Parameters The function has the following parameters: Parameter block. Pointer to the Slapi_Entry structure representing the entry with which you are working.

  • Page 194: Send_Ldap_Result_Fn_Ptr_T

    Summary of Data Types and Structures send_ldap_result_fn_ptr_t specifies the prototype for a callback function that send_ldap_result_fn_ptr_t you can write to send LDAP result codes back to the client. You can register your function so that it is called whenever the function is slapi_send_ldap_result() called.

  • Page 195: Send_Ldap_Search_Entry_Fn_Ptr_T

    Summary of Data Types and Structures In your plug-in initialization function, register your function for sending results to the client by setting the SLAPI_PLUGIN_PRE_RESULT_FN parameter, depending on the type of plug-in SLAPI_PLUGIN_POST_RESULT_FN and if it is a pre-operation or post-operation, respectively, in the parameter block to the name of your function.

  • Page 196: Slapi_Attr

    Summary of Data Types and Structures See Also slapi_send_ldap_search_entry() Slapi_Attr Represents an attribute in an entry. Syntax #include "slapi-plugin.h" typedef struct slapi_attr Slapi_Attr; Description is the data type for an opaque structure that represents an attribute Slapi_Attr in a directory entry. In certain cases, your server plug-in may need to work with an entry’s attributes.

  • Page 197: Slapi_Backend

    Summary of Data Types and Structures To ..Call this function Initialize a valueset in a Slapi_Attr slapi_attr_set_valueset() structure from a specified Slapi_ValueSet structure. Get information about the plug-in slapi_attr_type2plugin() responsible for handling an attribute type. Compare two attribute names to slapi_attr_types_equivalent() determine if they represent the same attribute.
  • Page 198 Summary of Data Types and Structures The following table summarizes the front-end API functions that you can call to work with the backend operations. To ..Call this function Add the specified suffix to the slapi_be_addsuffix() given backend and increment the backend s suffix count.

  • Page 199: Slapi_Backend_State_Change_Fnptr

    Summary of Data Types and Structures To ..Call this function Verify if the backend is private. slapi_be_private() Find the backend that should be slapi_be_select() used to service the entry with the specified DN. Find the backend that matches by slapi_be_select_by_instance_name() the name of the backend.

  • Page 200: Slapi_Componentid

    Summary of Data Types and Structures Parameters The function has the following parameters: Pointer or reference to the address of the specified function. handle Name of the backend. be_name Old backend state. old_be_state New backend state. new_be_state Description function enables a plug-in to slapi_register_backend_state_change() register for callback when the state of a backend changes.

  • Page 201: Slapi_Compute_Output_T

    Summary of Data Types and Structures Syntax #include "slapi-plugin.h" typedef int (*slapi_compute_callback_t) (computed_attr_context *c, char* type, Slapi_Entry *e, slapi_compute_output_t outputfn); Parameters The function has the following parameters: Pointer to the computed_attr_context structure containing information relevant to the computed attribute. Attribute type of the attribute to be generated. type Pointer to the Slapi_Entry structure representing the entry to be sent back to the client.
  • Page 202 Summary of Data Types and Structures Syntax #include "slapi-plugin.h" typedef int (*slapi_compute_output_t) (computed_attr_context *c, Slapi_Attr *a, Slapi_Entry *e); Parameters The function has the following parameters: Returns One of the following values: • if the function successfully BER-encodes the computed attribute and adds it to the BER element to be sent to the client.

  • Page 203: Slapi_Connection

    Summary of Data Types and Structures In the example above, the function outputfn is passed slapi_compute_output_t in as an argument to function. After generating the my_compute_callback computed attribute, you need to call , passing it the context, the newly outputfn created attribute, and the entry.

  • Page 204: Slapi_Dn

    Summary of Data Types and Structures To ..Call this function Destroy a condition variable. slapi_destroy_condvar() Create a new condition variable. slapi_new_condvar() Send notification about a condition slapi_notify_condvar() variable. Wait for a condition variable. slapi_wait_condvar() Slapi_DN Represents a distinguished name in a directory entry. Syntax #include "slapi-plugin.h"...

  • Page 205: Slapi_Entry

    Summary of Data Types and Structures To ..Call this function Convert a DN to canonical format slapi_dn_normalize() by normalizing the case and the format. Handle a DN in the syntax defined by RFC 22 and RFC 1779. To handle some syntaxes compatible with older versions of Directory Server, all of the syntaxes in the above RFC s may not be...
  • Page 206 Summary of Data Types and Structures To ..Call this function Generate an LDIF string slapi_entry2str() description. Generate an LDIF string slapi_entry2str_with_options() descriptions with options. Add components in an entry s slapi_entry_add_rdn_values() RDN. Add a string value to an attribute slapi_entry_add_string() in an entry.
  • Page 207 Summary of Data Types and Structures To ..Call this function Set the first value as a string. slapi_entry_attr_set_charptr()) Set the first value as an integer. slapi_entry_attr_set_int() Set the first value as a long. slapi_entry_attr_set_long() Set the first value as an unsigned slapi_entry_attr_set_uint() integer.

  • Page 208: Slapi_Filter

    Summary of Data Types and Structures To ..Call this function Check if values present in an slapi_entry_rdn_values_present() entry s RDN are also present as attribute values. Determine if an entry complies slapi_entry_schema_check() with the schema for its object class.

  • Page 209: Slapi_Matchingruleentry

    Summary of Data Types and Structures To ..Call this function Determine if an entry matches a filter’s criteria. slapi_filter_test_ext() Get the filter type. slapi_filter_get_choice() Get the attribute type and value used for slapi_filter_get_ava() comparison in a filter (only applicable to LDAP_FILTER_EQUALITY, LDAP_FILTER_GE, LDAP_FILTER_LE, and LDAP_FILTER_APPROX searches).

  • Page 210: Slapi_Mod

    Summary of Data Types and Structures To ..Call this function Compare two berval structures to slapi_berval_cmp() determine if they are equal. Call the indexer function associated slapi_mr_filter_index() with an extensible match filter. Free the specified matching rule slapi_matchingrule_free() structure (and optionally, its members) from memory.
  • Page 211 Summary of Data Types and Structures To ..Call this function Add a value to a Slapi_Mod slapi_mod_add_value() structure. Free internals of Slapi_Mod slapi_mod_done() structure. Dump the contents of an LDAPMod slapi_mod_dump() to the server log. Free a Slapi_Mod structure. slapi_mod_free() Initialize a Slapi_Mod iterator and slapi_mod_get_first_value()

  • Page 212: Slapi_Mods

    Summary of Data Types and Structures To ..Call this function Set the operation type of a slapi_mod_set_operation() Slapi_Mod structure. Set the attribute type of a slapi_mod_set_type() Slapi_Mod. See Also LDAPMod Slapi_Mods Slapi_Mods Represents two or more LDAP modifications to a directory entry Syntax #include "slapi-plugin.h"...
  • Page 213 Summary of Data Types and Structures To ..Call this function Append a new mod to a slapi_mods_add_mod_values() Slapi_Mods structure, with attribute values provided as an array of Slapi_Value. Append a new mod to slapi_mods_add_string() Slapi_Mods structure with a single attribute value provided as a string.

  • Page 214: Slapi_Mutex

    Summary of Data Types and Structures To ..Call this function Insert an LDAPMod anywhere in a slapi_mods_insert_at() Slapi_Mods. Insert an LDAPMod into a slapi_mods_insert_before() Slapi_Mods structure before the current iterator position. Decrement the Slapi_Mods slapi_mods_iterator_backbone() current iterator position. Allocate a new uninitialized slapi_mods_new() Slapi_Mods structure.

  • Page 215: Slapi_Operation

    Summary of Data Types and Structures Slapi_Operation Represents an operation pending from an LDAP client. Syntax #include "slapi-plugin.h" typedef struct op Slapi_Operation; Description is the data type for an opaque structure that represents an Slapi_Operation operation pending from an LDAP client. The following table summarizes the front-end API functions that you can call to work with mutually exclusive locks.
  • Page 216 Summary of Data Types and Structures For example, when the plug-in function for an LDAP bind operation is called, the server puts the DN and credentials in the SLAPI_BIND_TARGET parameters of the structure. You can SLAPI_BIND_CREDENTIALS Slapi_PBlock call to get the DN and credentials of the client requesting slapi_pblock_get() authentication.

  • Page 217: Slapi_Plugindesc

    Summary of Data Types and Structures To ..Call this function Perform an LDAP modify operation slapi_modify_internal_pb() based on a parameter block to modify a directory entry. Set up a parameter block so that it slapi_modify_internal_set_pb() can be used by slapi_modify_internal_pb() for an internal modify operation.

  • Page 218: Slapi_Rdn

    Summary of Data Types and Structures Syntax typedef struct slapi_plugindesc { char *spd_id; char *spd_vendor; char *spd_version; char *spd_description; } Slapi_PluginDesc; Parameters The function has the following parameters: Unique identifier for the server plug-in. spd_id Name of the vendor supplying the server plug-in; for spd_vendor example, example.com.
  • Page 219 Summary of Data Types and Structures Description is the data type for an opaque structure that represents a relative Slapi_RDN distinguished name in the server plug-in. The following table summarizes the front-end API functions that you can call to work with relative distinguished names. To ...

  • Page 220: Slapi_Uniqueid

    Summary of Data Types and Structures To ..Call this function Initialize a Slapi_RDN structure slapi_rdn_init_sdn() with an RDN value taken from the DN contained in a given Slapi_RDN. Check if an RDN value is stored in a slapi_rdn_isempty() Slapi_RDN structure.

  • Page 221: Slapi_Value

    Summary of Data Types and Structures Description is the data type for an opaque structure that represents the Slapi_UniqueID unique identifier of a directory entry. All directory entries contain a unique identifier. Unlike the distinguished name (DN), the unique identifier of an entry never changes, providing a good way to refer unambiguously to an entry in a distributed/replicated environment.
  • Page 222 Summary of Data Types and Structures To ..Call this function Convert the value into an unsigned slapi_value_get_ulong() long. Initialize a Slapi_Value structure slapi_value_init() with no values. Initialize a Slapi_Value structure slapi_value_init_berval() from the berval structure. Initialize a Slapi_Value structure slapi_value_init_string() from a string.

  • Page 223: Slapi_Valueset

    Summary of Data Types and Structures Slapi_ValueSet Represents a set of (or a list of Slapi_Value Slapi_Value Syntax #include "slapi-plugin.h" typedef struct slapi_value_set Slapi_ValueSet; Description is the data type for an opaque structure that represents set of Slapi_ValueSet (or a list of Slapi_Value Slapi_Value The following table summarizes the front-end API functions that you can call to...

  • Page 224: See Also

    Summary of Data Types and Structures See Also Slapi_Value Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

  • Page 225: Chapter 15 Function Reference

    Chapter 15 Function Reference This chapter contains reference information on Red Hat Directory Server (Directory Server) server plug-in API. The server plug-in API includes the following functions: • Distribution Routines (page 224) • Functions for Access Control (page 226) • Functions for Internal Operations and Plug-in Callback (page 232) •...

  • Page 226: Distribution Routines

    Distribution Routines • Functions for LDAPMod Manipulation (page 395) • Functions for Monitoring Operations (page 431) • Functions for Managing Parameter Block (page 433) • Functions for Handling Passwords (page 438) • Functions for Managing RDN (page 443) • Functions for Managing Roles (page 464) •...

  • Page 227: Distribution_Plugin_Entry_Point()

    Distribution Routines distribution_plugin_entry_point() Allows for backend distribution. Syntax #include "slapi-plugin.h" int distribution_plugin_entry_point (Slapi_PBlock *pb, Slapi_DN *target_dn, char **mtn_be_names, int be_count, Slapi_DN * node_dn); Parameters This function takes the following parameters: Pointer to the parameter block of the operation. Pointer to the target DN of the operation. target_dn Pointer to the list of names of backends declared for this node.

  • Page 228: Functions For Access Control

    Functions for Access Control Functions for Access Control This section contains reference information on access control routines. Table 15-2 Function Description Determines if the user who is requesting the current operation has the slapi_access_allowed() access rights to perform an operation on a given entry, attribute, or value. Determines if a user has the rights to perform the specified modifications slapi_acl_check_mods() on an entry.
  • Page 229 Functions for Access Control Permission to add a specified entry. SLAPI_ACL_ADD Permission to compare the specified values of an attribute in SLAPI_ACL_COMPARE an entry. Permission to delete a specified entry. SLAPI_ACL_DELETE Permission to read a specified attribute. SLAPI_ACL_READ Permission to search on a specified attribute or value. SLAPI_ACL_SEARCH Permission to write a specified attribute or value or SLAPI_ACL_WRITE...
  • Page 230 Functions for Access Control Description Call this function to determine if a user has access rights to a specified entry, attribute, or value. The function performs this check for users who request the operation that invokes this plug-in. For example, suppose you are writing a pre-operation plug-in for the add operation.

  • Page 231: Slapi_Acl_Check_Mods()

    Functions for Access Control slapi_pblock_set( pb, SLAPI_BACKEND, be ); nAccessResult = slapi_access_allowed( pb, seObjectEntry, "*", bval, SLAPI_ACL_DELETE); slapi_acl_check_mods() Determines if a user has the rights to perform the specified modifications on an entry. Syntax #include "slapi-plugin.h" int slapi_acl_check_mods( Slapi_PBlock *pb, Slapi_Entry *e, LDAPMod **mods, char **errbuf );...
  • Page 232 Functions for Access Control Invalid syntax was specified. LDAP_INVALID_SYNTAX This error can occur if the ACL associated with an entry, attribute, or value uses the wrong syntax. The Directory Server is unable to perform the LDAP_UNWILLING_TO_PERFORM specified operation. This error can occur if, for example, you are requesting write access to a read-only database.

  • Page 233: Slapi_Acl_Verify_Aci_Syntax()

    Functions for Access Control Memory Concerns You must free the buffer by calling when you are errbuf slapi_ch_free() finished using the error message. See Also slapi_access_allowed() slapi_ch_free() slapi_acl_verify_aci_syntax() Determines whether the access control items (ACIs) on an entry are valid. Syntax #include "slapi-plugin.h"...

  • Page 234: Functions For Internal Operations And Plug-In Callback

    Functions for Internal Operations and Plug-in Callback Functions for Internal Operations and Plug-in Callback This section contains reference information on routines for internal operations and plug-in callbacks. These functions can be used for internal operations based on DN as well as on unique ID. These functions should be used by all new plug-ins, and, preferably, old plug-ins should be changed to use them to take advantage of new plug-in configuration capabilities and to use an extensible interface.

  • Page 235: Slapi_Delete_Internal_Pb()

    Functions for Internal Operations and Plug-in Callback Parameters This function takes the following parameter: A parameter block that has been initialized using slapi_add_internal_set_pb(). Returns This function returns one of the following values: • if successful. • if an error occurs. If is returned, the field SLAPI_PLUGIN_INTOP_RESULT...

  • Page 236: Slapi_Free_Search_Results_Internal()

    Functions for Internal Operations and Plug-in Callback A parameter block that has been initialized using slapi_delete_internal_set_pb(). Returns This function returns one of the following values: • if successful. • if an error occurs. If is returned, the field SLAPI_PLUGIN_INTOP_RESULT of the parameter block should be consulted to determine the precise LDAP result code.

  • Page 237: Slapi_Modify_Internal_Pb()

    Functions for Internal Operations and Plug-in Callback Description This function must be called when you are finished with the entries before freeing pblock slapi_modify_internal_pb() Performs an LDAP modify operation based on a parameter block to modify a directory entry. Syntax #include "slapi-plugin.h"...

  • Page 238: Slapi_Modrdn_Internal_Pb()

    Functions for Internal Operations and Plug-in Callback slapi_modrdn_internal_pb() Performs an LDAP modify RDN operation based on a parameter block to rename a directory entry. Syntax #include "slapi-plugin.h" int slapi_modrdn_internal_pb(Slapi_PBlock *pb); Parameters This function takes the following parameter: A parameter block that has been initialized using slapi_rename_internal_set_pb().
  • Page 239 Functions for Internal Operations and Plug-in Callback Syntax #include "slapi-plugin.h" int slapi_search_internal_callback_pb(Slapi_PBlock *pb, void *callback_data,plugin_result_callback prc, plugin_search_entry_callback psec, plugin_referral_entry_callback prec); Parameters This function takes the following parameters: A parameter block that has been initialized using slapi_seq_internal_callback_set_pb(). A pointer to arbitrary plug-in or operation-specific data that you callback_data would like to pass to your callback functions.

  • Page 240: Slapi_Search_Internal_Get_Entry()

    Functions for Internal Operations and Plug-in Callback • You can write a callback function that is invoked when the search operation normally sends a result code to the client. This function must have the prototype specified by . You specify this function in the argument of plugin_result_callback slapi_search_internal_callback_pb()

  • Page 241: Slapi_Search_Internal_Pb()

    Functions for Internal Operations and Plug-in Callback Syntax #include "slapi-plugin.h" int slapi_search_internal_get_entry( Slapi_DN *dn, char ** attrlist, Slapi_Entry **ret_entry, void *caller_identity); Parameters This function takes the following parameter: The DN of the entry to be read. A NULL terminated array of attribute types to return from attrlist entries that match filter.

  • Page 242: Functions For Setting Internal Operation Flags

    Functions for Setting Internal Operation Flags Syntax #include "slapi-plugin.h" int slapi_search_internal_pb(Slapi_PBlock *pb); Parameters This function takes the following parameter: A parameter block that has been initialized using slapi_search_internal_set_pb(). Returns This function returns one of the following values: • if successful. •...

  • Page 243: Slapi_Add_Entry_Internal_Set_Pb()

    Functions for Setting Internal Operation Flags Table 15-4 Internal Operation Flag Routines (Continued) Function Description Sets up a parameter block so that it can be used by slapi_add_internal_set_pb() slapi_add_internal_pb() fo an internal add operation; the entry is constructed from a DN and a set of attributes. Sets up a parameter block so that it can be used by slapi_delete_internal_set_pb() slapi_delete_internal_pb() for an internal delete operation.

  • Page 244: Slapi_Add_Internal_Set_Pb()

    Functions for Setting Internal Operation Flags Plug-in identity; a cookie that identifies the plug-in to the plugin_identity Directory Server during an internal operation. This cookie is used by the server to retrieve the plug-in configuration in order to determine whether to allow the operation and which actions to take during the operation processing.

  • Page 245: Slapi_Delete_Internal_Set_Pb()

    Functions for Setting Internal Operation Flags Plug-in identity; a cookie that identifies the plug-in to the plugin_identity Directory Server during an internal operation. This cookie is used by the server to retrieve the plug-in configuration in order to determine whether to allow the operation and which actions to take during the operation processing.
  • Page 246 Functions for Setting Internal Operation Flags Parameter block populated with delete parameters. DN of the entry to be removed. For unique ID operation, this parameter is used to select the correct backend. List of controls associated with the operation. controls Unique identifier of the entry to be removed.

  • Page 247: Slapi_Modify_Internal_Set_Pb()

    Functions for Setting Internal Operation Flags slapi_modify_internal_set_pb() Sets up a parameter block so that it can be used by slapi_modify_internal_pb() for an internal modify operation. Syntax #include "slapi-plugin.h" void slapi_modify_internal_set_pb(Slapi_PBlock *pb, const char *dn, LDAPMod **mods, LDAPControl **controls, const char *uniqueid, Slapi_ComponentId *plugin_identity, int operation_flags);...

  • Page 248: Slapi_Rename_Internal_Set_Pb()

    Functions for Setting Internal Operation Flags For unique ID-based operation: • set to the DN that allows to select the right backend. SLAPI_TARGET_DN • set to the unique ID of the entry. SLAPI_TARGET_UNIQUEID • set to the mods. SLAPI_MODIFY_MODS • set to request controls, if present.
  • Page 249 Functions for Setting Internal Operation Flags Unique identifier of the entry to be renamed. uniqueid All directory entries contain a unique identifier. Unlike the distinguished name (DN), the unique identifier of an entry never changes, providing a good way to refer unambiguously to an entry in a distributed/replicated environment.

  • Page 250: Slapi_Search_Internal_Set_Pb()

    Functions for Setting Internal Operation Flags slapi_search_internal_set_pb() Sets up a parameter block so that it can be used by for an internal search operation. slapi_search_internal_pb() Syntax #include "slapi-plugin.h" void slapi_search_internal_set_pb(Slapi_PBlock *pb, const char *base, int scope, const char *filter, char **attrs, int attrsonly, LDAPControl **controls, const char *uniqueid, Slapi_ComponentId *plugin_identity, int operation_flags);...

  • Page 251: Slapi_Seq_Internal_Callback_Pb()

    Functions for Setting Internal Operation Flags Actions taken during operation processing. operation_flags Description This function sets up the parameter block, for subsequent use by , to contain the following data for an internal slapi_search_internal_pb() search operation. For a unique ID-based search: •...

  • Page 252: Slapi_Seq_Internal_Set_Pb()

    Functions for Setting Internal Operation Flags Syntax #include "slapi-plugin.h" int slapi_seq_internal_callback_pb(Slapi_PBlock *pb, void *callback_data, plugin_result_callback res_callback, plugin_search_entry_callback srch_callback, plugin_referral_entry_callback ref_callback); Parameters This function takes the following parameters: Parameter block initialized with operation parameters. The easiest way to provide required parameters is by calling slapi_seq_internal_set_pb() function.

  • Page 253: Functions For Handling Attributes

    Functions for Handling Attributes Parameters This function takes the following parameters: Description This function sets up for use by pblock slapi_seq_internal_callback_pb() an internal, sequential-access operation; the function sets up the parameter block contain the following data: • set to the search base. SLAPI_SEARCH_TARGET •...

  • Page 254: Slapi_Attr_Add_Value()

    Functions for Handling Attributes Attribute Routines (Continued) Table 15-5 Function Description Frees an attribute. slapi_attr_free() Puts the values contained in an attribute into an array of berval slapi_attr_get_bervals_copy() structures. Gets the flags associated with an attribute. slapi_attr_get_flags() Puts the count of values of an attribute into an integer. slapi_attr_get_numvalues() Searches for an attribute type and gives its OID string.

  • Page 255: Slapi_Attr_Basetype()

    Functions for Handling Attributes Parameters This function takes the following parameters: The attribute that will contain the values. Values to be added to the attribute. Returns This function always returns 0. See Also slapi_attr_first_value() slapi_attr_next_value() slapi_attr_get_numvalues() slapi_attr_value_cmp() slapi_attr_value_find() slapi_attr_basetype() Returns the base type of an attribute (for example, if given , returns cn;lang-jp Syntax...

  • Page 256: Slapi_Attr_Dup()

    Functions for Handling Attributes Returns This function returns if the base type fits in the buffer. If the base type is NULL longer than the buffer, the function allocates memory for the base type and returns a pointer to it. Description This function returns the base type of an attribute (for example, if given returns...

  • Page 257: Slapi_Attr_First_Value()

    Functions for Handling Attributes See Also slapi_attr_new() slapi_attr_init() slapi_attr_free() slapi_attr_first_value() Gets the first value of an attribute. Syntax #include "slapi-plugin.h" int slapi_attr_first_value( Slapi_Attr *a, Slapi_Value **v ); Parameters This function takes the following parameters: Attribute containing the desired value. Holds the first value of the attribute. Returns This function returns one of the following values: •...

  • Page 258: Slapi_Attr_Free()

    Functions for Handling Attributes Syntax #include "slapi-plugin.h" int slapi_attr_flag_is_set( const Slapi_Attr *attr, unsigned long flag ); Parameters This function takes the following parameters: Attribute that you want to check. attr Flag that you want to check in the attribute. flag The value of the argument can be one of the following: flag...

  • Page 259: Slapi_Attr_Get_Bervals_Copy()

    Functions for Handling Attributes Syntax #include "slapi-plugin.h" void slapi_attr_free( Slapi_Attr **a ); Parameters This function takes the following parameters: Attribute to be freed. Description Use this function to free an attribute when you are finished with it. See Also slapi_attr_new() slapi_attr_init() slapi_attr_dup() slapi_attr_get_bervals_copy()

  • Page 260: Slapi_Attr_Get_Flags()

    Functions for Handling Attributes Returns This function returns one of the following values: • if values are found. • if null. Description This function copies the values from an attribute into an array of structure berval pointers. Memory Concerns You should free this array using from the LDAP SDK for C.

  • Page 261: Slapi_Attr_Get_Numvalues()

    Functions for Handling Attributes Flag that determines if the attribute is an operational SLAPI_ATTR_FLAG_OPATTR attribute. Flag that determines if the attribute is read-only. SLAPI_ATTR_FLAG_READONLY Returns This function returns if successful. Description This function gets the flags associated with the specified attribute. These flags can identify an attribute as a single-valued attribute, an operational attribute, or as a read-only attribute.

  • Page 262: Slapi_Attr_Get_Oid_Copy()

    Functions for Handling Attributes See Also slapi_attr_first_value() slapi_attr_next_value() slapi_attr_get_oid_copy() Searches the syntaxes for an attribute type, and returns a copy of its OID string. Syntax #include "slapi-plugin.h" int slapi_attr_get_oid_copy( const Slapi_Attr *attr, char **oidp ); Parameters This function takes the following parameters: Attribute that contains the desired type.

  • Page 263: Slapi_Attr_Get_Valueset()

    Functions for Handling Attributes Syntax #include "slapi-plugin.h" int slapi_attr_get_type( Slapi_Attr *attr, char **type ); Parameters This function takes the following parameters: Attribute for which you want to get the type. attr When you call slapi_attr_get_type(), this parameter is set to a type pointer to the type of the specified attribute.

  • Page 264: Slapi_Attr_Init()

    Functions for Handling Attributes Returns This function always returns See Also slapi_entry_add_valueset() slapi_valueset_new() slapi_valueset_free() slapi_valueset_init() slapi_valueset_done() slapi_valueset_add_value() slapi_valueset_first_value() slapi_valueset_next_value() slapi_valueset_count() slapi_attr_init() Initializes an empty attribute with a base type. Syntax #include "slapi-plugin.h" Slapi_Attr *slapi_attr_init(Slapi_Attr *a, const char *type); Parameters This function takes the following parameters: The empty attribute to be initialized.

  • Page 265: Slapi_Attr_Next_Value()

    Functions for Handling Attributes slapi_attr_new() Creates a new attribute. Syntax #include "slapi-plugin.h" Slapi_Attr *slapi_attr_new( void ); Parameters This function takes no parameters. Returns This function returns the newly-created attribute. Description Use this function to create an empty attribute. See Also slapi_attr_free() slapi_attr_dup() slapi_attr_next_value()

  • Page 266: Slapi_Attr_Set_Valueset()

    Functions for Handling Attributes Returns This function returns one of the following values: • plus if the value is found. hint • if null or if a value at is not found. hint Description Use this function to get the next value of an attribute. The value of an attribute associated with an index is placed into a value.

  • Page 267: Slapi_Attr_Syntax_Normalize()

    Functions for Handling Attributes See Also slapi_valueset_set_valueset() slapi_attr_syntax_normalize() Searches for an attribute type in the syntaxes, and returns a copy of the normalized attribute types. Syntax #include "slapi-plugin.h" char * slapi_attr_syntax_normalize( const char *s ); Parameters This function takes the following parameters: Attribute type for which you wish to search.

  • Page 268: Slapi_Attr_Type_Cmp()

    Functions for Handling Attributes Syntax #include "slapi-plugin.h" int slapi_attr_type2plugin( const char *type, void **pi ); Parameters This function takes the following parameters: Type of attribute for which you want to get the plug-in. type Pointer to the plug-in structure. Returns This function returns one of the following values: •...

  • Page 269: Slapi_Attr_Types_Equivalent()

    Functions for Handling Attributes Name of the second attribute type that you want to compare. One of the following values: • 0 - Compare the types as-is. • 1 - Compare only the base names of the types (for example, if the type is cn;lang-en, the function compares only the cn part of the type).

  • Page 270: Slapi_Attr_Value_Cmp()

    Functions for Handling Attributes Returns This function returns one of the following values: • represent the same attribute. • do not represent the same attribute. See Also slapi_attr_add_value() slapi_attr_first_value() slapi_attr_next_value() slapi_attr_get_numvalues() slapi_attr_value_find() slapi_attr_value_cmp() Compares two values for a given attribute to determine if they are equal. Syntax #include "slapi-plugin.h"...

  • Page 271: Slapi_Attr_Value_Find()

    Functions for Handling Attributes See Also slapi_attr_add_value() slapi_attr_first_value() slapi_attr_next_value() slapi_attr_get_numvalues() slapi_attr_value_find() slapi_attr_value_find() Determines is an attribute contains a given value. Syntax #include "slapi-plugin.h" int slapi_attr_value_find( const Slapi_Attr *a, const struct berval *v ); Parameters This function takes the following parameters: Attribute that you want to check.

  • Page 272: Slapi_Valueset_Set_From_Smod()

    Functions for Managing Backend Operations slapi_valueset_set_from_smod() Adds the changes in a modification to a valueset. Syntax #include "slapi-plugin.h" void slapi_valueset_set_from_smod(Slapi_ValueSet *vs, Slapi_Mod *smod); Parameters This function takes the following parameters: The valueset that will receive changes. Holds the changes to an attribute. smod Description Use this function to create a valueset that contains the changes from...
  • Page 273 Functions for Managing Backend Operations Table 15-6 Backend Routines (Continued) Function Description Frees memory and linked resources from the backend slapi_be_free() structure. Gets the instance information of the specified backend. slapi_be_get_instance_info() Returns the name of the specified backend. slapi_be_get_name() Indicates if the database associated with the backend is in slapi_be_get_readonly() read-only mode.

  • Page 274: Slapi_Be_Addsuffix()

    Functions for Managing Backend Operations Table 15-6 Backend Routines (Continued) Function Description Registers for callbacks when a backend changes state. slapi_register_backend_state_change() Unregisters backend-state-change callbacks. slapi_unregister_backend_state_change() slapi_be_addsuffix() Adds the specified suffix to the given backend and increments the backend’s suffix count. Syntax #include "slapi-plugin.h"...

  • Page 275: Slapi_Be_Exist()

    Functions for Managing Backend Operations slapi_be_exist() Checks if the backend that contains the specified DN exists. Syntax #include "slapi-plugin.h" int slapi_be_exist(const Slapi_DN *sdn); Parameters This function takes the following parameter: Pointer to the DN in the backends for which you are looking. Returns This function returns one of the following values: •...

  • Page 276: Slapi_Be_Get_Instance_Info()

    Functions for Managing Backend Operations slapi_be_get_instance_info() Gets the instance information of the specified backend. Syntax #include "slapi-plugin.h" void * slapi_be_get_instance_info(Slapi_Backend * be); Parameters This function takes the following parameter: Pointer to the structure containing the backend configuration. Returns This function returns an opaque pointer to the instance information. slapi_be_get_name() Returns the name of the specified backend.

  • Page 277: Slapi_Be_Get_Readonly()

    Functions for Managing Backend Operations slapi_be_get_readonly() Indicates if the database associated with the backend is in read-only mode. Syntax #include "slapi-plugin.h" int slapi_be_get_readonly(Slapi_Backend *be); Parameters This function takes the following parameter: Pointer to the structure containing the backend configuration. Returns This function returns one of the following values: •...

  • Page 278: Slapi_Be_Getsuffix()

    Functions for Managing Backend Operations Returns This function returns if successful, otherwise. slapi_be_getsuffix() Returns the suffix associated with the specified backend. Syntax #include "slapi-plugin.h" const Slapi_DN *slapi_be_getsuffix(Slapi_Backend *be, int n); Parameters This function takes the following parameters: Pointer to the structure containing the backend configuration. Index.

  • Page 279: Slapi_Be_Is_Flag_Set()

    Functions for Managing Backend Operations Parameters This function takes the following parameter: Pointer to the structure containing the backend configuration. Returns This function returns the type of the backend. Memory Concerns You should not free the returned pointer. slapi_be_is_flag_set() Checks if a flag is set in the backend configuration. Syntax #include "slapi-plugin.h"...

  • Page 280: Slapi_Be_Logchanges()

    Functions for Managing Backend Operations Syntax #include "slapi-plugin.h" int slapi_be_issuffix(const Slapi_Backend *be, const Slapi_DN *suffix ); Parameters This function takes the following parameters: Pointer to the structure containing the backend configuration. DN of the suffix for which you are looking. suffix Returns This function returns one of the following values:...

  • Page 281: Slapi_Be_New()

    Functions for Managing Backend Operations Returns This function returns one of the following values: • if the changes applied to the specific backend should not be logged in the changelog. • if the changes should be logged in the changelog. slapi_be_new() Creates a new backend structure, allocates memory for it, and initializes values for relevant parameters.

  • Page 282: Slapi_Be_Select()

    Functions for Managing Backend Operations Parameters This function takes the following parameter: Pointer to the structure containing the backend configuration. Returns This function returns one of the following values: • if the backend is not hidden from the user. • if the backend is hidden from the user (for internal use only).

  • Page 283: Slapi_Be_Select_By_Instance_Name()

    Functions for Managing Backend Operations slapi_be_select_by_instance_name() Find the backend used to service the database. Syntax #include "slapi-plugin.h" Slapi_Backend *slapi_be_select_by_instance_name( const char *name ); Parameters This function takes the following parameter: Pointer to the name of the backend of which you wish to get the name structure.

  • Page 284: Slapi_Be_Set_Instance_Info()

    Functions for Managing Backend Operations Parameters This function takes the following parameters: Pointer to the structure containing the backend configuration. Flag (bitmap) that needs to be set. flag slapi_be_set_instance_info() Sets the instance information of the specified backend with given data. Syntax #include "slapi-plugin.h"...

  • Page 285: Slapi_Be_Setentrypoint()

    Functions for Managing Backend Operations slapi_be_setentrypoint() Sets the entry point in the backend to the specified function. Syntax #include "slapi-plugin.h" int slapi_be_setentrypoint(Slapi_Backend *be, int entrypoint, void *ret_fnptr, Slapi_PBlock *pb); Parameters This function takes the following parameters: Pointer to the structure containing the backend configuration. Entry point in the backend.

  • Page 286: Slapi_Get_First_Suffix()

    Functions for Managing Backend Operations Returns This function returns one of the following values: • A pointer to the backend structure of the first backend and its index in the parameter. cookie • if there is no backend. NULL Description This function returns a pointer to the backend structure of the first backend.

  • Page 287: Slapi_Get_Next_Backend()

    Functions for Managing Backend Operations 0 checks only for non-private suffixes. show_private 1 checks for both private and non-private suffixes. Returns This function returns the DN of the first root suffix. Description This function returns the first root suffix of the DIT. If you wish to iterate through all of the suffixes, use this function in conjunction with .

  • Page 288: Slapi_Get_Next_Suffix()

    Functions for Managing Backend Operations Returns This function returns one of the following values: • A pointer to the next backend, if it exists, and updates the parameter. cookie • , and is not changed. NULL cookie Description This function returns a pointer to the next backend. If you wish to iterate through all of the backends, use this function in conjunction with .

  • Page 289: Slapi_Is_Root_Suffix()

    Functions for Managing Backend Operations Contains the returned valued, which is the DN of the next root node suffix of the DIT. Returns This function returns one of the following values: • The DN of the next root suffix of the DIT. •...

  • Page 290: Slapi_Register_Backend_State_Change()

    Functions for Managing Backend Operations Returns This function returns one of the following values: • if the DN is not a root suffix. • if the DN is a root suffix. slapi_register_backend_state_change() Registers for callback when a backend state changes. Syntax #include "slapi-plugin.h"...

  • Page 291: Functions For Dealing With Controls

    Functions for Dealing with Controls Syntax #include "slapi-plugin.h" int slapi_unregister_backend_state_change(void * handle); Parameters This function takes the following parameter: Pointer or reference to the address of the specified function. handle Returns This function returns one of the following values: • if the specified callback was found and unregistered successfully.

  • Page 292: Slapi_Build_Control()

    Functions for Dealing with Controls Table 15-7 Routines for Dealing with Controls (Continued) Function Description Makes an allocated copy of an LDAPControl. slapi_dup_control() Retrieves an allocated array of object identifiers (OIDs) slapi_get_supported_controls_copy() representing the controls supported by the Directory Server. Registers the specified control with the server.

  • Page 293: Slapi_Build_Control_From_Berval()

    Functions for Dealing with Controls Memory Concerns The contents of the parameter are consumed by this function. Because of this, the caller should not free the once a successful call has been made to BerElement slapi_build_control() pointer that is returned in should be freed by calling LDAPControl ctrlp...

  • Page 294: Slapi_Control_Present()

    Functions for Dealing with Controls Description This function creates an structure based on a , an OID, struct berval LDAPControl and a criticality flag. The that is created can be used in LDAP client LDAPControl requests or internal operations. Memory Concerns The contents of the parameter are consumed by this function.

  • Page 295: Slapi_Dup_Control()

    Functions for Dealing with Controls If the control is present in the list of controls, specifies whether the iscritical control is critical to the operation of the server: • 0 means that the control is not critical to the operation. •...

  • Page 296: Slapi_Get_Supported_Controls_Copy()

    Functions for Dealing with Controls • if an error occurs. NULL Description This function duplicates the contents of an structure. All fields LDAPControl within the are copied to a new, allocated structure, and a pointer to LDAPControl the new structure is returned. Memory Concerns The structure that is returned should be freed by calling ldap_control_free()

  • Page 297: Slapi_Register_Supported_Control()

    Functions for Dealing with Controls • if successful. • A non-zero value if an error occurs. Description This function replaces the deprecated slapi_get_supported_controls() function from previous releases, as it was not multithread safe. When you call to register a control, you slapi_register_supported_control() specify the OID of the control and the IDs of the operations that support the control.
  • Page 298 Functions for Dealing with Controls OID of the control you want to register. controloid Operation to which the control is applicable. controlops The specified control applies to the LDAP bind SLAPI_OPERATION_BIND operation. The specified control applies to the LDAP unbind SLAPI_OPERATION_UNBIND operation.

  • Page 299: Functions For Syntax Plug-In

    Functions for Syntax Plug-in Functions for Syntax Plug-in This section contains reference information on routines for syntax plug-ins. Syntax Plug-in Routines Table 15-8 Function Description Calls a function, specified in the syntax plug-in, to compare slapi_call_syntax_assertion2keys_ava_sv() against directory entries. Calls a function, specified in the syntax plug-in, to compare slapi_call_syntax_assertion2keys_sub_sv() against directory entries.

  • Page 300: Slapi_Call_Syntax_Assertion2Keys_Sub_Sv()

    Functions for Syntax Plug-in Returns This function returns one of the following values: • if successful. • if an error occurs; for example, if the corresponding function for the specified plug-in is not found. Description When processing a search that uses an attribute-value assertion (AVA) filter (for example, ), the backend needs to compare the ou=Accounting...

  • Page 301: Slapi_Call_Syntax_Values2Keys_Sv()

    Functions for Syntax Plug-in Array of “contains” values from the search filter; for example, if the filter is ou=*Corporate*Sales*, the argument any is an array containing Corporate and Sales. “Ends with” value from the search filter; for example, if the filter final is ou=*Sales, the argument final is Sales.

  • Page 302: Functions For Managing Memory

    Functions for Managing Memory Parameters This function takes the following parameters: Handle to plug-in for this attribute type. Pointer to the Slapi_Value structure containing the value to vals add or delete. Pointer to an array of Slapi_Value structures containing the ivals values returned by the plug-in function;...

  • Page 303: Slapi_Ch_Array_Free()

    Functions for Managing Memory Memory Management Routines (Continued) Table 15-9 Function Description Frees space allocated by the slapi_ch_malloc(), slapi_ch_free() slapi_ch_realloc(), and slapi_ch_calloc() functions. Frees space previously allocated to a string. slapi_ch_free_string() Allocates space in memory. slapi_ch_malloc() Changes the size of a block of allocated memory. slapi_ch_realloc() Creates, formats, and returns a given string.

  • Page 304: Slapi_Ch_Bvecdup()

    Functions for Managing Memory Parameters This function takes the following parameter: Pointer to the berval structure that you want to copy. Returns This function returns a pointer to the new copy of the structure. If the berval structure cannot be duplicated, e.g., because of insufficient virtual memory, the program terminates.

  • Page 305: Slapi_Ch_Calloc()

    Functions for Managing Memory Memory Concerns The contents of the parameter are not altered by this function. The returned structure should be freed by calling , which is an LDAP API berval ber_bvfree() function; see the Mozilla LDAP SDK for C Programmer’s Guide. See Also slapi_ch_bvdup() ber_bvfree()

  • Page 306: Slapi_Ch_Free()

    Functions for Managing Memory slapi_ch_strdup() slapi_ch_free() Frees space allocated by the , and slapi_ch_malloc() slapi_ch_realloc() functions and sets the pointer to . Call this function slapi_ch_calloc() NULL instead of the standard C function. free() Syntax #include "slapi-plugin.h" void slapi_ch_free( void **ptr ); Parameters This function takes the following parameter: Address of the pointer to the block of memory that you want to free.

  • Page 307: Slapi_Ch_Malloc()

    Functions for Managing Memory Parameters This function takes the following parameter: Address of the string that you want to free. If NULL, no action occurs. Description This function is similar to , but the argument is the address of a slapi_ch_free() string.

  • Page 308: Slapi_Ch_Realloc()

    Functions for Managing Memory See Also slapi_ch_free() slapi_ch_calloc() slapi_ch_realloc() slapi_ch_strdup() slapi_ch_realloc() Changes the size of a block of allocated memory. Syntax #include "slapi-plugin.h" char * slapi_ch_realloc( char *block, unsigned long size ); Parameters This function takes the following parameters: Pointer to an existing block of allocated memory. block New size of the block of memory you want allocated.

  • Page 309: Slapi_Ch_Smprintf()

    Functions for Managing Memory slapi_ch_smprintf() Creates, writes to, and returns a given string. Syntax #include "slapi-plugin.h" char *string = slapi_ch_smprintf (format, *arg, ...); Parameters This function takes the following parameter: String that is printed. string A printf-style format string format Arguments to pass for the string.

  • Page 310: Functions For Managing Dns

    Functions for Managing DNs Syntax #include "slapi-plugin.h" char * slapi_ch_strdup( const char *s ); Parameters This function takes the following parameter: Pointer to the string you want to copy. Returns This function returns a pointer to a copy of the string. If space cannot be allocated, e.g., no more virtual memory exists, the program terminates.

  • Page 311: Slapi_Add_Auth_Response_Control()

    Functions for Managing DNs Table 15-10 DN Management Routines (Continued) Function Description Determines if the DN is the root DN for the local database. slapi_dn_isroot() Determines if a DN is equal to a specified suffix. slapi_dn_issuffix() Converts a DN to canonical format. slapi_dn_normalize() Converts a DN to canonical format and all characters to lower case.

  • Page 312: Slapi_Dn_Beparent()

    Functions for Managing DNs slapi_dn_beparent() Gets a copy of the distinguished name (DN) of the parent of an entry, unless the specified entry’s DN is the suffix of the local database. If you don’t want to check if the entry’s DN is the suffix of the local database, call function instead.

  • Page 313: Slapi_Dn_Isbesuffix()

    Functions for Managing DNs Parameters This function takes the following parameter: DN that you want to convert to lowercase. Returns The DN with lowercase characters. A variable passed in as the argument is also converted in-place. See Also slapi_dn_normalize() slapi_dn_isbesuffix() Determines whether the specified distinguished name (DN) is the suffix of the local database.

  • Page 314: Slapi_Dn_Isparent()

    Functions for Managing DNs See Also slapi_dn_isroot() slapi_dn_isparent() Determines whether a particular DN is the parent of another specified DN. Before calling this function, you should call to normalize slapi_dn_normalize_case() the DNs and convert all characters to lowercase. Syntax #include "slapi-plugin.h" int slapi_dn_isparent( const char *parentdn, const char *childdn );...

  • Page 315: Slapi_Dn_Issuffix()

    Functions for Managing DNs Parameters This function takes the following parameters: Parameter block. DN that you want to check. Returns This function returns one of the following values: • if the specified DN is the root DN of the local database. •...

  • Page 316: Slapi_Dn_Normalize()

    Functions for Managing DNs • if the specified DN is the same as the specified suffix. • if the specified DN is not the same as the specified suffix. See Also slapi_dn_isparent() slapi_dn_normalize() Convert a distinguished name (DN) to canonical format (no leading or trailing spaces, no spaces between components, and no spaces around the equals sign).

  • Page 317: Slapi_Dn_Normalize_Case()

    Functions for Managing DNs slapi_dn_normalize_case() Converts a distinguished name (DN) to canonical format and converts all characters to lowercase. Calling this function has the same effect as calling the function followed by the slapi_dn_normalize() slapi_dn_ignore_case() function. Syntax #include "slapi-plugin.h" char *slapi_dn_normalize_case( char *dn ); Parameters This function takes the following parameter: DN that you want to normalize and convert to lowercase.

  • Page 318: Slapi_Dn_Parent()

    Functions for Managing DNs DN value to be normalized. Pointer to the end of what will be normalized from the DN value in dn. If this argument is NULL, the DN value in dn will be wholly normalized. Returns This function returns a pointer to the end of the that has been normalized.

  • Page 319: Slapi_Dn_Plus_Rdn()

    Functions for Managing DNs • if the specified DN is , if the DN is an empty string, or if the DN has Null NULL no parent (for example, dc=example,dc=com See Also slapi_dn_beparent() slapi_dn_plus_rdn() Adds an RDN to DN. Syntax #include "slapi-plugin.h"...

  • Page 320: Functions For Managing Entries

    Functions for Managing Entries Second RDN value Pointer to the attribute type of the second RDN. type Pointer to the berval value structure. Returns This function returns the new RDN value as a value in . This function berval can be used for creating the RDN as an attribute value since it returns the value of the RDN in the structure.
  • Page 321 Functions for Managing Entries Table 15-11 Entry Routines (Continued) Function Description Gets the first value as an integer. slapi_entry_attr_get_int() Gets the first value as a long. slapi_entry_attr_get_long() Gets the first value as an unsigned integer. slapi_entry_attr_get_uint() Gets the first value as an unsigned long. slapi_entry_attr_get_ulong() Checks if an attribute in an entry contains a value.

  • Page 322: Slapi_Entry2Str()

    Functions for Managing Entries Table 15-11 Entry Routines (Continued) Function Description Checks if values present in an entry’s RDN are also slapi_entry_rdn_values_present() present as attribute values. Determines if an entry complies with the schema for its slapi_entry_schema_check() object class. Sets the DN of an entry. slapi_entry_set_dn() Sets the Slapi_DN value in an entry.

  • Page 323: Slapi_Entry2Str_With_Options()

    Functions for Managing Entries dn: dn\n [attr: value\n]* For example: dn: uid=jdoe, ou=People, dc=example,dc=com cn: Jane Doe sn: Doe To convert a string description in LDIF format to an entry of the data Slapi_Entry type, call the function. slapi_str2entry() Memory Concerns When you no longer need to use the string, you should free it from memory by calling the function.
  • Page 324 Functions for Managing Entries The Options Parameter You can together any of the following options when you call this function: Flag Value Description This is only used internally by replication. This SLAPI_DUMP_STATEINFO allows access to the internal data used by multi-master replication.

  • Page 325: Slapi_Entry_Add_Rdn_Values()

    Functions for Managing Entries Memory Concerns When you no longer need to use the string, you should free it from memory by calling the function. slapi_ch_free() See Also slapi_entry2str() slapi_str2entry() slapi_entry_add_rdn_values() Adds the components in an entry’s relative distinguished name (RDN) to the entry as attribute values.

  • Page 326: Slapi_Entry_Add_String()

    Functions for Managing Entries slapi_entry_add_string() Adds a string value to an attribute in an entry. Syntax #include "slapi-plugin.h" int slapi_entry_add_string (Slapi_Entry *e, const char *type, const char *value); Parameters This function takes the following parameters: Entry to which you want to add a string value. Attribute to which you want to add a string value.

  • Page 327: Slapi_Entry_Add_Values_Sv()

    Functions for Managing Entries Parameters This function takes the following parameters: Entry to which you want to add a value. Attribute to which you want to add a value. type The Slapi_value data value you want to add to the entry. value Returns This function returns...

  • Page 328: Slapi_Entry_Add_Valueset()

    Functions for Managing Entries Returns This function returns one of the following values: • if the array is successfully added to the attribute. LDAP_SUCCESS Slapi_Value • if any values you are trying to add duplicate LDAP_TYPE_OR_VALUE_EXISTS an existing value in the attribute. •...

  • Page 329: Slapi_Entry_Alloc()

    Functions for Managing Entries Returns This function returns when successful; any other value returned signals failure. Description This function adds a set of values to an attribute in an entry. The values added are in the form of a data type. If the entry does not contain the Slapi_ValueSet attribute specified, it is created with the specified value.

  • Page 330: Slapi_Entry_Attr_Delete()

    Functions for Managing Entries slapi_entry_attr_delete() Deletes an attribute (and all its associated values) from an entry. Syntax #include "slapi-plugin.h" int slapi_entry_attr_delete( Slapi_Entry *e, const char *type ); Parameters This function takes the following parameters: Entry from which you want to delete the attribute. Attribute type that you want to delete.

  • Page 331: Slapi_Entry_Attr_Get_Bool()

    Functions for Managing Entries Returns This function returns one of the following values: • if the entry contains the specified attribute. • if the entry does not contain the specified attribute. Memory Concerns Do not free the returned . It is a pointer to the internal entry data structure. It attr is usually wise to make a copy of the returned , using...

  • Page 332: Slapi_Entry_Attr_Get_Charptr()

    Functions for Managing Entries Comparisons are case-insensitive ( , and are all the same), and TRUE trUe true unique substrings can be matched ( will be interpreted as ). If the true attribute value is a number, then non-zero numbers are interpreted as , and true is interpreted as...

  • Page 333: Slapi_Entry_Attr_Get_Int()

    Functions for Managing Entries Parameters This function takes the following parameters: Entry from which you want to get the values. Attribute type from which you want to get the values. type Description This function is very similar to , except that it slapi_entry_attr_get_charptr() returns a array for multi-valued attributes.

  • Page 334: Slapi_Entry_Attr_Get_Long()

    Functions for Managing Entries Syntax #include "slapi-plugin.h" int slapi_entry_attr_get_int(const Slapi_Entry* e, const char *type); Parameters This function takes the following parameters: Entry from which you want to get the integer value. Attribute type from which you want to get the value. type Returns This function returns one of the following values:...

  • Page 335: Slapi_Entry_Attr_Get_Uint()

    Functions for Managing Entries Returns This function returns one of the following values: • The first value in the attribute converted to a type. long • if the entry does not contain the attribute specified. slapi_entry_attr_get_uint() Gets the first value of an attribute in an entry as an unsigned integer data type. Syntax #include "slapi-plugin.h"...

  • Page 336: Slapi_Entry_Attr_Has_Syntax_Value()

    Functions for Managing Entries Parameters This function takes the following parameters: Entry from which you want to get the value. Attribute type from which you want to get the value. type Returns This function returns one of the following values: •...

  • Page 337: Slapi_Entry_Attr_Merge_Sv()

    Functions for Managing Entries Description This function replaces the deprecated function slapi_entry_attr_hasvalue() and takes into consideration the syntax of the attribute type. slapi_entry_attr_merge_sv() Adds an array of data values to the existing attribute values in an Slapi_Value entry. If the attribute does not exist, it is created with the specified.

  • Page 338: Slapi_Entry_Attr_Replace_Sv()

    Functions for Managing Entries slapi_entry_attr_replace_sv() Replaces the values of an attribute with the data value you specify. Slapi_Value Syntax #include "slapi-plugin.h" int slapi_entry_attr_replace_sv( Slapi_Entry *e, const char *type, Slapi_Value **vals ); Parameters This function takes the following parameters: Entry in which you want to replace values. Attribute type which will receive the replaced values.

  • Page 339: Slapi_Entry_Attr_Set_Int()

    Functions for Managing Entries Syntax #include "slapi-plugin.h" void slapi_entry_attr_set_charptr(Slapi_Entry* e, const char *type, const char *value); Parameters This function takes the following parameters: Entry in which you want to set the value. Attribute type in which you want to set the value. type String value that you want to assign to the attribute.

  • Page 340: Slapi_Entry_Attr_Set_Long()

    Functions for Managing Entries Description This function will replace the value or values of an attribute with the integer value that you specify. If the attribute does not exist, it is created with the integer value that you specify. slapi_entry_attr_set_long() Replaces the value or values of an attribute in an entry with a specified long data type value.

  • Page 341: Slapi_Entry_Attr_Set_Ulong()

    Functions for Managing Entries Unsigned integer value that you want assigned to the attribute. Description This function will replace the value or values of an attribute with the unsigned value that you specify. If the attribute does not exist, it is created with the integer unsigned integer value you specify.

  • Page 342: Slapi_Entry_Delete_Values_Sv()

    Functions for Managing Entries Syntax #include "slapi-plugin.h" int slapi_entry_delete_string(Slapi_Entry *e, const char *type, const char *value); Parameters This function takes the following parameters: Entry from which you want the string deleted. Attribute type from which you want the string deleted. type Value of string to delete.

  • Page 343: Slapi_Entry_Dup()

    Functions for Managing Entries If the specified attribute contains a value, the attribute is deleted from the NULL attribute list, and the function returns . As well, if the LDAP_NO_SUCH_ATTRIBUTE attribute is not found in the list of attributes for the specified entry, the function returns LDAP_NO_SUCH_ATTRIBUTE If there is an operational error during the processing of this call such as a duplicate...

  • Page 344: Slapi_Entry_First_Attr()

    Functions for Managing Entries Returns This function returns the new copy of the entry. If the structure cannot be duplicated, for example, if no more virtual memory exists, the program slapd terminates. Description This function returns a copy of an existing structure.

  • Page 345: Slapi_Entry_Free()

    Functions for Managing Entries Memory Concerns Do not free the returned . This is a pointer into the internal entry data attr structure. If you need a copy, use slapi_attr_dup() See Also slapi_attr_dup() slapi_entry_free() Frees an entry, its DN, and its attributes from memory. Syntax #include "slapi-plugin.h"...

  • Page 346: Slapi_Entry_Get_Dn_Const()

    Functions for Managing Entries Syntax #include "slapi-plugin.h" char *slapi_entry_get_dn( Slapi_Entry *e ); Parameters This function takes the following parameter: Entry from which you want to get the DN. Returns This function returns the DN of the entry. This returns a pointer to the actual DN in the entry, not a copy of the DN.

  • Page 347: Slapi_Entry_Get_Ndn()

    Functions for Managing Entries Returns This function returns one of the following values: • of the entry that you specify. The is returned as a ; you are not const able to modify the value. • value of if the of the object is Slapi_DN...

  • Page 348: Slapi_Entry_Get_Sdn_Const()

    Functions for Managing Entries Parameters This function takes the following parameter: Entry from which you want to get the Slapi_DN object. Returns Returns the object form the entry that you specify. Slapi_DN Memory Concerns Never free this value. If you need a copy, use slapi_sdn_dup() See Also slapi_sdn_dup()

  • Page 349: Slapi_Entry_Get_Uniqueid()

    Functions for Managing Entries See Also slapi_sdn_dup() slapi_entry_get_uniqueid() Gets the unique ID value of the entry. Syntax #include "slapi-plugin.h" const char *slapi_entry_get_uniqueid( const Slapi_Entry *e ); Parameters This function takes the following parameter: Entry from which you want obtain the unique ID. Returns This function returns the unique ID value of the entry specified.

  • Page 350: Slapi_Entry_Init()

    Functions for Managing Entries Entry that you want to test for child entries. Returns This function returns one of the following values: • if the entry you supply has children entries. • if the entry you supply has no children entries. slapi_entry_init() Initializes the values of an entry with the DN and attribute value pairs you supply.

  • Page 351: Slapi_Entry_Merge_Values_Sv()

    Functions for Managing Entries Slapi_Entry *e = slapi_entry_alloc(); slapi_entry_init(e, NULL, NULL); To set the DN in the entry: slapi_sdn_set_dn_passin(slapi_entry_get_sdn(e), dn); In this case, the argument is not copied but is consumed by the function. To copy the argument, see the following example: char *dn = slapi_ch_strdup(some_dn);...

  • Page 352: Slapi_Entry_Next_Attr()

    Functions for Managing Entries Returns This function returns one of the following values: • LDAP_SUCCESS • LDAP_NO_SUCH_ATTRIBUTE Description This function adds additional data values to the existing values Slapi_Value contained in an attribute. If the attribute type does not exist, it is created. If the specified attribute exists in the entry, the function merges the value specified and returns .

  • Page 353: Slapi_Entry_Rdn_Values_Present()

    Functions for Managing Entries Returns This function returns one of the following values: • if successful. • was the last attribute in the entry. prevattr Memory Concerns Never free the returned . Use to make a copy if a copy is attr slapi_attr_dup() needed.

  • Page 354: Slapi_Entry_Schema_Check()

    Functions for Managing Entries slapi_entry_schema_check() Determines whether the specified entry complies with the schema for its object class. Syntax #include "slapi-plugin.h" int slapi_entry_schema_check( Slapi_PBlock *pb, Slapi_Entry *e ); Parameters This function takes the following parameters: Parameter block. Entry of which you want to check the schema. Returns The function returns one of the following values: •...

  • Page 355: Slapi_Entry_Set_Sdn()

    Functions for Managing Entries Parameters This function takes the following parameters: Entry to which you want to assign the DN. Distinguished name you want assigned to the entry. Description This function sets the DN pointer in the specified entry to the DN that you supply. Memory Concerns will be freed eventually when is called.

  • Page 356: Slapi_Entry_Set_Uniqueid()

    Functions for Managing Entries Description This function sets the value for the object in the entry you specify. Slapi_DN Memory Concerns This function makes a copy of the argument. slapi_entry_set_uniqueid() Replaces the unique ID value of an entry with the unique ID value that you supply.

  • Page 357: Slapi_Entry_Size()

    Functions for Managing Entries See Also slapi_entry_free() slapi_entry_size() This function returns the approximate size of an entry, rounded to the nearest 1k. This can be useful for checking cache sizes, estimating storage needs, and so on. Syntax #include "slapi-plugin.h" size_t slapi_entry_size(Slapi_Entry *e); Parameters This function takes the following parameter: Entry from which you want the size returned.

  • Page 358: Slapi_Is_Rootdse()

    Functions for Managing Entries slapi_is_rootdse() This function determines if an entry is the root DSE. The root DSE is a special entry that contains information about the Directory Server, including its capabilities and configuration. Syntax #include "slapi-plugin.h" int slapi_is_rootdse ( const char *dn ); Parameters This function takes the following parameter: The DN that you want to test to see if it is the root DSE entry.
  • Page 359 Functions for Managing Entries The value of the argument can be one of the following values: flags Removes any duplicate values in the attributes SLAPI_STR2ENTRY_REMOVEDUPVALS of the entry. Adds the relative distinguished name (RDN) SLAPI_STR2ENTRY_ADDRDNVALS components (for example, uid=bjensen) as attributes of the entry.

  • Page 360: Functions Related To Entry Flags

    Functions Related to Entry Flags Functions Related to Entry Flags This section contains reference information on functions that are specific to entry flags. Table 15-12 Entry Flags Function Description Clears a flag for a specified entry. slapi_entry_clear_flag() Checks if certain flags are set in an entry. slapi_entry_flag_is_set() Sets a flag for an entry.

  • Page 361: Slapi_Entry_Flag_Is_Set()

    Functions Related to Entry Flags slapi_entry_flag_is_set() Determines if certain flags are set for a specified entry. Syntax #include "slapi-plugin.h" int slapi_entry_flag_is_set( const Slapi_Entry *e, unsigned char flag ); Parameters This function takes the following parameters: Entry in which you want to check the flag settings. Flag of which you want to check for presence.

  • Page 362: Functions For Dealing With Filters

    Functions for Dealing with Filters Parameters This function takes the following parameters: Entry for which you want to set the flags. Flag that you want to set. flag Description In current versions of Directory Server, the only external flag that can be set is .

  • Page 363: Slapi_Filter_Apply()

    Functions for Dealing with Filters Table 15-13 Filter Routines (Continued) Function Description Recursively joins two specified filters. slapi_filter_join_ex() Gets the first filter that makes up the specified filter. slapi_filter_list_first() Gets the next filter. slapi_filter_list_next() Determines if the specified entry matches a particular filter. slapi_filter_test() Determines if an entry matches a given filter.

  • Page 364: Slapi_Filter_Compare()

    Functions for Dealing with Filters Pointer to error code of , which can be accessed by error_code calling function. Possible values slapi_filter_apply() may set in include error_code SLAPI_FILTER_UNKNOWN_FILTER_TYPE should return FILTER_APPLY_FN _STOP _CONTINUE only. Returns This function returns an integer. Possible return values for include: slapi_filter_apply() •...

  • Page 365: Slapi_Filter_Dup()

    Functions for Dealing with Filters • if the two filters are identical. • A value other than if the two filters are not identical. Description This function allows you to determine if two filters are identical and/or are allowed to be in a different order. slapi_filter_dup() Creates a duplicate of the specified filter.

  • Page 366: Slapi_Filter_Get_Attribute_Type()

    Functions for Dealing with Filters Filter that you want to free. If 1, recursively frees all filters that comprise this filter. If 0, only recurse frees the filter specified by f. Description This function frees the filter in parameter Memory Concerns Filters created using must be freed after using this function.

  • Page 367: Slapi_Filter_Get_Ava()

    Functions for Dealing with Filters Description This function gets the attribute type for all simple filter choices: • LDAP_FILTER_GE • LDAP_FILTER_LE • LDAP_FILTER_APPROX • LDAP_FILTER_EQUALITY • LDAP_FILTER_SUBSTRINGS • LDAP_FILTER_PRESENT • LDAP_FILTER_EXTENDED • LDAP_FILTER_AND • LDAP_FILTER_OR • LDAP_FILTER_NOT A filter such as ( ), will return the type mail-foo mail...
  • Page 368 Functions for Dealing with Filters Parameters This function takes the following parameters: Filter from which you want to get the attribute and value. Pointer to the attribute type of the filter. type Pointer to the address of the berval structure containing the bval value of the filter.

  • Page 369: Slapi_Filter_Get_Choice()

    Functions for Dealing with Filters slapi_filter_get_choice() Gets the type of the specified filter; for example, LDAP_FILTER_EQUALITY Syntax #include "slapi-plugin.h" int slapi_filter_get_choice( Slapi_Filter *f ); Parameters This function takes the following parameters: Filter of which you want to get type. Returns This function returns one of the following values: •...

  • Page 370: Slapi_Filter_Get_Subfilt()

    Functions for Dealing with Filters • (approximation filter) LDAP_FILTER_APPROX For example: (ou~=Sales) • (extensible filter) LDAP_FILTER_EXTENDED For example: (o:dn:=Example) See Also slapi_filter_get_type() slapi_filter_get_attribute_type() slapi_filter_get_ava() slapi_filter_get_subfilt() Applies only to filters of the type . Gets the substring LDAP_FILTER_SUBSTRINGS values from the filter. Syntax #include "slapi-plugin.h"...

  • Page 371: Slapi_Filter_Get_Type()

    Functions for Dealing with Filters Description Filters of the type generally compare a set of substrings LDAP_FILTER_SUBSTRINGS against an attribute. For example: (cn=John*Q*Public) This filter finds entries in which the value of the attribute starts with John contains , and ends with Public Call this function to get these substring values as well as the attribute type from this filter.

  • Page 372: Slapi_Filter_Join()

    Functions for Dealing with Filters Description Filters of the type generally determine if a specified LDAP_FILTER_PRESENT attribute is assigned a value. For example: (mail=*) This filter finds entries that have a value assigned to the attribute. mail Call this function to get the attribute type from this filter. In the case of the example above, calling this function gets the attribute type mail Memory Concerns...

  • Page 373: Slapi_Filter_Join_Ex()

    Functions for Dealing with Filters Returns This function returns the new filter constructed from the other two filters. Description Filters of the type , and LDAP_FILTER_AND LDAP_FILTER_OR LDAP_FILTER_NOT generally consist of one or more other filters. For example: (&(ou=Accounting)(l=Sunnyvale)) (|(ou=Accounting)(l=Sunnyvale)) (!(l=Sunnyvale)) Each of these examples contain one or more filters.

  • Page 374: Slapi_Filter_List_First()

    Functions for Dealing with Filters Second filter that you want to join. If ftype is LDAP_FILTER_NOT, specify NULL for this argument. Recursively joins filters f1 and f2. recurse_always Returns This function returns the new filter constructed from the other two filters. Description Filters of the type , and...

  • Page 375: Slapi_Filter_List_Next()

    Functions for Dealing with Filters Filter of which you want to get the first component. Returns This function returns the first filter that makes up the specified filter Description To iterate through all filters that make up a specified filter, use this function in conjunction with the function.

  • Page 376: Slapi_Filter_Test()

    Functions for Dealing with Filters Filter from which you want to get the next component (after fprev). Filter within the specified filter f. fprev Returns This function returns the next filter (after ) that makes up the specified filter fprev Description To iterate through all filters that make up a specified filter, use this function in conjunction with the...

  • Page 377: Slapi_Filter_Test_Ext()

    Functions for Dealing with Filters Parameter block. Entry that you want to test. Filter that you want to test the entry against. If 1, verifies that the current user has access rights to search the verify_access specified entry. If 0, bypasses any access control. Returns This function returns one of the following values: •...

  • Page 378: Slapi_Filter_Test_Simple()

    Functions for Dealing with Filters 0 when filter matching must be done. only_test_access 1 when filter matching must not be done. Returns This function returns one of the following values: • if the entry matched the filter or if the specified filter is NULL •...

  • Page 379: Slapi_Find_Matching_Paren()

    Functions for Dealing with Filters • if the entry matched the filter or if the specified filter is NULL. • if the filter type is unknown or if the entry does not match the filter. • A positive value (an LDAP error code) if an error occurred. Description This function allows you to check if entry matches filter...

  • Page 380: Slapi_Vattr_Filter_Test()

    Functions for Dealing with Filters Parameters This function takes the following parameter: String description of a search filter. Returns This function returns one of the following values: • A pointer to the structure representing the search filter. Slapi_Filter • if the string cannot be converteted; for example, if an empty string is NULL specified or if the filter syntax is incorrect.

  • Page 381: Functions Specific To Extended Operation

    Functions Specific to Extended Operation Returns This function returns one of the following values: • if the filter matched. • if the filter did not match. • An LDAP error code (an integer greater than zero) if an error occurs. Description This function supports the case where the filter specifies virtual attributes.

  • Page 382: Functions Specific To Bind Methods

    Functions Specific to Bind Methods Returns This function returns a pointer to an array of the OIDs of the extended operations supported by the server. Description This function replaces the deprecated slapi_get_supported_extended_ops() function from earlier releases as slapi_get_supported_extended_ops() not multi-thread safe. This function gets a copy of the object IDs (OIDs) of the extended operations supported by the server.

  • Page 383: Slapi_Register_Supported_Saslmechanism()

    Functions for Thread-Safe LDAP Connections Syntax #include "slapi-plugin.h" char ** slapi_get_supported_saslmechanisms_copy( void ); Returns This function returns a pointer to an array of the names of SASL mechanisms supported by the server. slapi_register_supported_saslmechanism() Registers the specified Simple Authentication and Security Layer (SASL) mechanism with the server.

  • Page 384: Slapi_Ldap_Init()

    Functions for Thread-Safe LDAP Connections slapi_ldap_init() Initializes an LDAP session with another LDAP server. Syntax #include "slapi-plugin.h" LDAP *slapi_ldap_init( char *ldaphost, int ldapport, int secure, int shared ); Parameters This function takes the following parameters: Space-delimited list of one or more hostnames (or IP address in ldaphost dotted notation, such as 141.211.83.36) of the LDAP servers to which you want to connect.
  • Page 385 Functions for Thread-Safe LDAP Connections This function allocates an structure containing information about the session, LDAP including the hostname and port of the LDAP server, preferences for the session (such as the maximum number of entries to return in a search), and the error code of the last LDAP operation performed.

  • Page 386: Slapi_Ldap_Unbind()

    Functions for Logging /* use the handle, e.g., call ldap_search_ext() */ slapi_ldap_unbind( ld ); return 0; slapi_ldap_unbind() Unbinds from another LDAP server and frees the resources contained in the LDAP structure. Syntax #include "slapi-plugin.h" void slapi_ldap_unbind( LDAP *ld ); Parameters This function takes the following parameter: Connection handle, which is a pointer to an LDAP structure containing information about the connection to the LDAP server.

  • Page 387: Slapi_Log_Error()

    Functions for Logging slapi_log_error() Writes a message to the error log for the Directory Server. By default, the error log file is /opt/redhat-ds/servers/slapd-instance_id/logs/errors Syntax #include "slapi-plugin.h" int slapi_log_error( int severity, char *subsystem, char *fmt, ... ); Parameters This function takes the following parameters: Level of severity of the message.

  • Page 388: Slapi_Is_Loglevel_Set()

    Functions for Logging Written to the error log if the Log Level setting “Heavy trace SLAPI_LOG_ARGS output” is selected. Written to the error log if the Log Level setting “Connection SLAPI_LOG_CONNS management” is selected. Written to the error log if the Log Level setting “Packets SLAPI_LOG_BER sent/received”...

  • Page 389: Functions For Handling Matching Rules

    Functions for Handling Matching Rules Syntax #include "slapi-plugin.h" int slapi_is_loglevel_set( const int loglevel ); Parameters This function takes the following parameter: Log level setting to check. loglevel Returns The function returns one of the following values: • is not selected as log level settings. loglevel •...

  • Page 390: Slapi_Berval_Cmp()

    Functions for Handling Matching Rules Table 15-18 Matching Rule Routines (Continued) Function Description Calls the indexer function associated with an extensible match filter. slapi_mr_filter_index() Calls the indexer factory function for the plug-in responsible for a slapi_mr_indexer_create() specified matching rule. slapi_berval_cmp() Compares two structures to determine if they are equal.

  • Page 391: Slapi_Matchingrule_Get()

    Functions for Handling Matching Rules Syntax #include "slapi-plugin.h" void slapi_matchingrule_free(Slapi_MatchingRuleEntry **mrEntry, int freeMembers); Parameters This function takes the following parameters: The Slapi_MatchingRuleEntry structure that you want to free mrEntry from memory. If 1, the function also frees the members of the structure from freeMembers memory.

  • Page 392: Slapi_Matchingrule_New()

    Functions for Handling Matching Rules Data Type Description of the value Argument Name of the matching rule. SLAPI_MATCHINGRULE_NAME char * OID of the matching rule. SLAPI_MATCHINGRULE_OID char * Description of the matching rule. SLAPI_MATCHINGRULE_DESC char * Syntax supported by the matching SLAPI_MATCHINGRULE_SYNTAX char * rule.

  • Page 393: Slapi_Matchingrule_Register()

    Functions for Handling Matching Rules Description This function allocates memory for a new structure, Slapi_MatchingRuleEntry which represents a matching rule. After you call this function, you can call the function to set the values in this structure and call the slapi_matchingrule_set() function to register the matching rule.
  • Page 394 Functions for Handling Matching Rules Syntax #include "slapi-plugin.h" int slapi_matchingrule_set(Slapi_MatchingRuleEntry *mr, int arg, void *value); Parameters This function takes the following parameters: Slapi_MatchingRuleEntry structure in which you want to set data. ID specifying the type of information you want to set. The value that you want to set.

  • Page 395: Slapi_Matchingrule_Unregister()

    Functions for Handling Matching Rules slapi_matchingrule_unregister() Placeholder for future function. Currently, this function does nothing. Syntax #include "slapi-plugin.h" int slapi_matchingrule_unregister(char *oid); slapi_mr_filter_index() Calls the indexer function associated with an extensible match filter. Syntax #include "slapi-plugin.h" int slapi_mr_filter_index (Slapi_Filter *f, Slapi_PBlock *pb); Parameters This function takes the following parameters: Pointer to a Slapi_Filter structure, representing the extensible match...

  • Page 396: Slapi_Mr_Indexer_Create()

    Functions for Handling Matching Rules The indexer function should set the parameter of the SLAPI_PLUGIN_MR_KEYS parameter block to an array of the keys that correspond to the values in the parameter. SLAPI_PLUGIN_MR_VALUES For more information on filter index functions and indexer functions, see chapter 11, “Writing Matching Rule Plug-ins.”...

  • Page 397: Functions For Ldapmod Manipulation

    Functions for LDAPMod Manipulation • should contain the attribute type that you want used SLAPI_PLUGIN_MR_TYPE for indexing or sorting. • should specify if the indexer will be used for SLAPI_PLUGIN_MR_USAGE indexing ( ) or for sorting SLAPI_PLUGIN_MR_USAGE_INDEX SLAPI_PLUGIN_MR_USAGE_SORT The indexer factory function should set the following parameters: •...
  • Page 398 Functions for LDAPMod Manipulation Table 15-19 LDAPMod Manipulation Routines (Continued) Function Description Gets a reference to the LDAPMod in a Slapi_Mod structure. slapi_mod_get_ldapmod_byref() Retrieves the LDAPMod contained in a Slapi_Mod structure. slapi_mod_get_ldapmod_passout() Increments the Slapi_Mod iterator and returns the next attribute slapi_mod_get_next_value() value.

  • Page 399: Slapi_Entry2Mods()

    Functions for LDAPMod Manipulation Table 15-19 LDAPMod Manipulation Routines (Continued) Function Description Frees a Slapi_Mods structure. slapi_mods_free() Initializes a Slapi_Mods iterator and returns the first LDAPMod. slapi_mods_get_first_mod() Initializes a Slapi_Mods iterator and returns the first mod slapi_mods_get_first_smod() wrapped in a Slapi_Mods structure. Gets a reference to the array of LDAPMod in a Slapi_Mods slapi_mods_get_ldapmods_byref() structure.

  • Page 400: Slapi_Mod_Add_Value()

    Functions for LDAPMod Manipulation Syntax #include "slapi-plugin.h" int slapi_entry2mods(const Slapi_Entry *e, char **dn, LDAPMod ***attrs); Parameters This function takes the following parameters: Pointer to a Slapi_Entry. Address of a char* that will be set on return to the entry DN. Address of an array of LDAPMod that will be set on return to a attrs copy of the entry attributes.

  • Page 401: Slapi_Mod_Done()

    Functions for LDAPMod Manipulation Pointer to an initialized Slapi_Mod. smod Pointer to a berval representing the attribute value. Description Adds a copy of a given attribute to the Slapi_Mod slapi_mod_done() Frees the internals of structure. Slapi_Mod Syntax #include "slapi-plugin.h" void slapi_mod_done(Slapi_Mod *mod); Parameters This function takes the following parameter: Pointer to a Slapi_Mod.

  • Page 402: Slapi_Mod_Free()

    Functions for LDAPMod Manipulation Syntax #include "slapi-plugin.h" void slapi_mod_dump(LDAPMod *mod, int n); Parameters This function takes the following parameters: Pointer to an LDAPMod. Numeric label that will be included in the log. Description This function uses the log level to dump the contents of an LDAP_DEBUG_ANY to the server log for debugging.

  • Page 403: Slapi_Mod_Get_First_Value()

    Functions for LDAPMod Manipulation slapi_mod_get_first_value() Initializes a iterator and returns the first attribute value. Slapi_Mod Syntax #include "slapi-plugin.h" struct berval *slapi_mod_get_first_value(Slapi_Mod *smod); Parameters This function takes the following parameter: Pointer to an initialized Slapi_Mod. smod Returns This function returns a pointer to the first attribute value in the Slapi_Mod NULL if no values exist.

  • Page 404: Slapi_Mod_Get_Ldapmod_Passout()

    Functions for LDAPMod Manipulation Returns This function returns a pointer to a read-only owned by the LDAPMod Slapi_Mod Description Use this function to get direct access to the contained in a LDAPMod Slapi_Mod Memory Concerns Responsibility for the remains with the LDAPMod Slapi_Mod See Also...

  • Page 405: Slapi_Mod_Get_Next_Value()

    Functions for LDAPMod Manipulation slapi_mod_get_next_value() Increments the iterator and return the next attribute value. Slapi_Mod Syntax #include "slapi-plugin.h" struct berval *slapi_mod_get_next_value(Slapi_Mod *smod); Parameters This function takes the following parameter: Pointer to an initialized Slapi_Mod. smod Returns This function returns a pointer to the next attribute value in the Slapi_Mod NULL if there are no more.

  • Page 406: Slapi_Mod_Get_Operation()

    Functions for LDAPMod Manipulation Returns This function returns the number of attribute values in the Slapi_Mod slapi_mod_get_operation() Gets the operation type of structure. Slapi_Mod Syntax #include "slapi-plugin.h" int slapi_mod_get_operation(const Slapi_Mod *smod); Parameters This function takes the following parameter: Pointer to an initialized Slapi_Mod. smod Returns This function returns one of...

  • Page 407: Slapi_Mod_Init()

    Functions for LDAPMod Manipulation Returns This function returns a read-only pointer to the attribute type in the Slapi_Mod Description Gets the LDAP attribute type of a Slapi_Mod See Also slapi_mod_set_type() slapi_mod_init() Initializes a structure. Slapi_Mod Syntax #include "slapi-plugin.h" void slapi_mod_init(Slapi_Mod *smod, int initCount); Parameters This function takes the following parameters: Pointer to an uninitialized Slapi_Mod.

  • Page 408: Slapi_Mod_Init_Byref()

    Functions for LDAPMod Manipulation slapi_mod_init_byref() Initializes a structure that is a wrapper for an existing Slapi_Mod LDAPMod Syntax #include "slapi-plugin.h" void slapi_mod_init_byref(Slapi_Mod *smod, LDAPMod *mod); Parameters This function takes the following parameters: Pointer to an uninitialized Slapi_Mod. smod Pointer to an LDAPMod. Description This function initializes a containing a reference to an...

  • Page 409: Slapi_Mod_Init_Passin()

    Functions for LDAPMod Manipulation See Also slapi_mod_done() slapi_mod_init() slapi_mod_init_byref() slapi_mod_init_byval() slapi_mod_init_passin() Initializes a from an Slapi_Mod LDAPMod Syntax #include "slapi-plugin.h" void slapi_mod_init_passin(Slapi_Mod *smod, LDAPMod *mod); Parameters This function takes the following parameters: Pointer to an uninitialized Slapi_Mod. smod Pointer to an LDAPMod. Description This function initializes a by passing in an...

  • Page 410: Slapi_Mod_New()

    Functions for LDAPMod Manipulation Syntax #include "slapi-plugin.h" int slapi_mod_isvalid(const Slapi_Mod *mod); Parameters This function takes the following parameter: Pointer to a Slapi_Mod. smod Returns This function returns one of the following values: • if the is valid. Slapi_Mod • if the is not valid.

  • Page 411: Slapi_Mod_Remove_Value()

    Functions for LDAPMod Manipulation See Also slapi_mod_free() slapi_mod_remove_value() Removes the value at the current iterator position. Slapi_Mod Syntax #include "slapi-plugin.h" void slapi_mod_remove_value(Slapi_Mod *smod); Parameters This function takes the following parameter: Pointer to an initialized Slapi_Mod. smod See Also slapi_mod_get_first_value() slapi_mod_get_next_value() slapi_mod_set_operation() Sets the operation type of a structure.

  • Page 412: Slapi_Mod_Set_Type()

    Functions for LDAPMod Manipulation See Also slapi_mod_get_operation() slapi_mod_set_type() Sets the attribute type of a Slapi_Mod Syntax #include "slapi-plugin.h" void slapi_mod_set_type(Slapi_Mod *smod, const char *type); Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mod. smod An attribute type. type Description Sets the attribute type of the...

  • Page 413: Slapi_Mods_Add()

    Functions for LDAPMod Manipulation The LDAP DN of the entry. An array of LDAPMOD of type LDAP_MOD_ADD representing the attrs entry attributes. Returns This function returns one of the following values: • if successful. LDAP_SUCCESS • An LDAP return code if not successful. Description This function creates a from a copy of an array of...

  • Page 414: Slapi_Mods_Add_Ldapmod()

    Functions for LDAPMod Manipulation Description This function appends a new with a single attribute value to a Slapi_Mods is constructed from copies of the values of , and modtype type Memory Concerns This function must not be used on initialized with Slapi_Mods slapi_mods_init_byref() See Also...

  • Page 415: Slapi_Mods_Add_Mod_Values()

    Functions for LDAPMod Manipulation See Also slapi_mods_add() slapi_mods_add_modbvps() slapi_mods_add_mod_values() slapi_mods_add_string() slapi_mods_add_mod_values() Appends a new to a structure with attribute values provided as an Slapi_Mods array of Slapi_Value Syntax #include "slapi-plugin.h" void slapi_mods_add_mod_values( Slapi_Mods *smods, int modtype, const char *type, Slapi_Value **va );; Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mods.

  • Page 416: Slapi_Mods_Add_Smod()

    Functions for LDAPMod Manipulation See Also slapi_mods_add() slapi_mods_add_smod() slapi_mods_add_ldapmod() slapi_mods_add_modbvps() slapi_mods_add_string() slapi_mods_add_smod() Appends a new to a structure. The passed in is not copied smod Slapi_Mods or duplicated, but the reference is used directly. Syntax #include "slapi-plugin.h" void slapi_mods_add_smod( Slapi_Mods *smods, Slapi_Mod *smod ); Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mods.

  • Page 417: Slapi_Mods_Add_Modbvps()

    Functions for LDAPMod Manipulation slapi_mods_add_modbvps() Appends a new to a structure with attribute values provided as an Slapi_Mods array of berval Syntax #include "slapi-plugin.h" void slapi_mods_add_modbvps( Slapi_Mods *smods, int modtype, const char *type, struct berval **bvps ); Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mods.

  • Page 418: Slapi_Mods_Done()

    Functions for LDAPMod Manipulation Syntax #include "slapi-plugin.h" void slapi_mods_add_string( Slapi_Mods *smods, int modtype, const char *type, const char *val); Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mods. smods One of LDAP_MOD_ADD, LDAP_MOD_DELETE, or modtype LDAP_MOD_REPLACE. The LDAP attribute type. type The attribute value represented as a null-terminated string.

  • Page 419: Slapi_Mods_Dump()

    Functions for LDAPMod Manipulation Parameters This function takes the following parameter: Pointer to a Slapi_Mods. smod Description This function frees the internals of a , leaving it in the uninitialized Slapi_Mods state. Use this function on a stack-allocated when you are finished Slapi_Mods with it, or when you wish to reuse it.

  • Page 420: Slapi_Mods_Free()

    Functions for LDAPMod Manipulation slapi_mods_free() Frees a structure. Slapi_Mods Syntax #include "slapi-plugin.h" void slapi_mods_free(Slapi_Mods **smods); Parameters This function takes the following parameter: Pointer to an allocated Slapi_Mods. smods Description This function frees a that was allocated by Slapi_Mods slapi_mods_new() See Also slapi_mods_new() slapi_mods_get_first_mod() Initializes a...

  • Page 421: Slapi_Mods_Get_First_Smod()

    Functions for LDAPMod Manipulation • if there are no mods. NULL slapi_mods_get_first_smod() Initializes a iterator and returns the first wrapped in a Slapi_Mods structure. Slapi_Mods Syntax #include "slapi-plugin.h" Slapi_Mod *slapi_mods_get_first_smod(Slapi_Mods *smods, Slapi_Mod *smod); Parameters This function takes the following parameters: A pointer to a an initialized Slapi_Mods.

  • Page 422: Slapi_Mods_Get_Ldapmods_Byref()

    Functions for LDAPMod Manipulation slapi_mods_get_ldapmods_byref() Gets a reference to the array of in a structure. LDAPMod Slapi_Mods Syntax #include "slapi-plugin.h" LDAPMod **slapi_mods_get_ldapmods_byref(Slapi_Mods *smods); Parameters This function takes the following parameter: Pointer to an initialized Slapi_Mods. smods Returns This function returns a null-terminated array of owned by the LDAPMod Slapi_Mods...

  • Page 423: Slapi_Mods_Get_Next_Mod()

    Functions for LDAPMod Manipulation Pointer to an initialized Slapi_Mods. smod Returns This function returns a null-terminated array owned by the caller. LDAPMod Description Gets the array of out of a . Responsibility for the array LDAPMod Slapi_Mods transfers to the caller. The is left in the uninitialized state.

  • Page 424: Slapi_Mods_Get_Next_Smod()

    Functions for LDAPMod Manipulation Memory Concerns Only one thread may be iterating through a particular at any given Slapi_Mods time. See Also slapi_mods_get_first_mod() slapi_mods_get_next_smod() Increments the iterator and returns the next wrapped in a Slapi_Mods Slapi_Mods Syntax #include "slapi-plugin.h" Slapi_Mod *slapi_mods_get_next_smod(Slapi_Mods *smods, Slapi_Mod *smod);...

  • Page 425: Slapi_Mods_Get_Num_Mods()

    Functions for LDAPMod Manipulation slapi_mods_get_num_mods() Gets the number of in a structure. mods Slapi_Mods Syntax #include "slapi-plugin.h" int slapi_mods_get_num_mods(const Slapi_Mods *smods); Parameters This function takes the following parameter: Pointer to an initialized Slapi_Mods. smods Returns This function returns the number of mods Slapi_Mods slapi_mods_init()

  • Page 426: Slapi_Mods_Init_Byref()

    Functions for LDAPMod Manipulation Memory Concerns If you are unsure of how much room you will need, you may use an initCount . The expands as necessary. Slapi_Mods See Also slapi_mods_done() slapi_mods_init_byref() Initializes a that is a wrapper for an existing array of Slapi_Mods LDAPMod Syntax...

  • Page 427: Slapi_Mods_Insert_After()

    Functions for LDAPMod Manipulation Syntax #include "slapi-plugin.h" void slapi_mods_init_passin(Slapi_Mods *smods, LDAPMod **mods); Parameters This function takes the following parameters: Pointer to an uninitialized Slapi_Mods. smods A null-terminated array of LDAPMod. mods Description This function initializes a by passing in an array of .

  • Page 428: Slapi_Mods_Insert_At()

    Functions for LDAPMod Manipulation Description This function inserts an in a immediately after the current LDAPMod Slapi_Mods position of the iterator. The iterator position is unchanged. Slapi_Mods Memory Concerns Responsibility for the is transferred to the . This function LDAPMod Slapi_Mods must not be used on a initialized with...

  • Page 429: Slapi_Mods_Insert_Before()

    Functions for LDAPMod Manipulation Memory Concerns Responsibility for the is transferred to the . This function LDAPMod Slapi_Mods must not be used on a initialized with Slapi_Mods slapi_mods_init_byref() See Also slapi_mods_insert_at() slapi_mods_add_ldapmod() adds to the end of all mods. slapi_mods_insert_before() Inserts an into a structure before the current iterator position.

  • Page 430: Slapi_Mods_Insert_Smod_Before()

    Functions for LDAPMod Manipulation Syntax #include "slapi-plugin.h" void slapi_mods_insert_smod_at(Slapi_Mods *smods, Slapi_Mod *smod, int pos); Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mods. smods Pointer to the LDAPMod to be inserted. smod Position at which to insert the new mod. Minimum value is 0. Maximum value is the current number of mods.

  • Page 431: Slapi_Mods_Iterator_Backbone()

    Functions for LDAPMod Manipulation Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mods. smods Pointer to the Slapi_Mod to be inserted. smod Description This function inserts an immediately before the current position of the smod iterator. The iterator position is unchanged. Slapi_Mods Memory Concerns argument...

  • Page 432: Slapi_Mods_New()

    Functions for LDAPMod Manipulation See Also slapi_mods_get_first_mod() slapi_mods_get_next_mod() slapi_mods_get_first_smod() slapi_mods_get_next_smod() slapi_mods_new() Allocates a new uninitialized structure. Slapi_Mods Syntax #include "slapi-plugin.h" Slapi_Mods* slapi_mods_new( void ); Parameters This function takes no parameters. Returns This function returns a pointer to an allocated uninitialized Slapi_Mods Description This function allocates a new initialized...

  • Page 433: Functions For Monitoring Operations

    Functions for Monitoring Operations Pointer to an initialized Slapi_Mods. smods Description This function removes the at the current iterator position. See Also slapi_mods_get_first_mod() slapi_mods_get_next_mod() slapi_mods_get_first_smod() slapi_mods_get_next_smod() Functions for Monitoring Operations This section contains reference information on operation routines. Table 15-20 Operation Routines Function Description Determines if the client has abandoned the current operation.

  • Page 434: Slapi_Op_Get_Type()

    Functions for Monitoring Operations Description This function allows you to verify if the operation associated to the in the pblock parameter has been abandoned. This function is useful to check periodically the operations status of long-running plug-ins. Returns This function returns one of the following values: •...

  • Page 435: Functions For Managing Parameter Block

    Functions for Managing Parameter Block • SLAPI_OPERATION_ADD • SLAPI_OPERATION_DELETE • SLAPI_OPERATION_MODDN • SLAPI_OPERATION_MODRDN • SLAPI_OPERATION_COMPARE • SLAPI_OPERATION_ABANDON • SLAPI_OPERATION_EXTENDED See Also slapi_pblock_get() Functions for Managing Parameter Block This section contains reference information on parameter block routines. Table 15-21 Parameter Block Routines Function Description Frees a pblock from memory.

  • Page 436: Slapi_Pblock_Get()

    Functions for Managing Parameter Block Parameter block that you want to free. Memory Concerns The parameter block that you wish to free must have been created using . Use of this function with allocated on the stack slapi_pblock_new() pblocks (for example, ;) or using another memory allocator is not Slapi_PBlock pb supported and may lead to memory errors and memory leaks.
  • Page 437 Functions for Managing Parameter Block Parameter block. ID of the name-value pair that you want to get. For a list of IDs that you can specify, see chapter 16, “Parameter Block Reference.” Pointer to the value retrieved from the parameter block. value Returns This function returns one of the following values:...

  • Page 438: Slapi_Pblock_New()

    Functions for Managing Parameter Block char *someparam = NULL; someparam = slapi_ch_strdup(somestring); slapi_pblock_set(pb, SOME_PARAM, someparam); someparam = NULL; /* avoid dangling reference */ slapi_pblock_get(pb, SOME_PARAM, &someparam); slapi_pblock_set(pb, SOME_PARAM, NULL); /* make sure no one else can reference this parameter */ slapi_ch_free_string(&someparam);...
  • Page 439 Functions for Managing Parameter Block Syntax #include "slapi-plugin.h" int slapi_pblock_set( Slapi_PBlock *pb, int arg, void *value ); Parameters This function takes the following parameters: Parameter block. ID of the name-value pair that you want to set. For a list of IDs that you can specify, see chapter 16, “Parameter Block Reference.”...

  • Page 440: Functions For Handling Passwords

    Functions for Handling Passwords With some compilers, you will have to cast the value argument to ( ). If the void * caller allocates the memory passed in, the caller is responsible for freeing that memory. Also, it is recommended to use to retrieve the slapi_pblock_get() value to free, rather than relying on a potentially dangling pointer.
  • Page 441 Functions for Handling Passwords Syntax #include "slapi-plugin.h" int slapi_pw_find_sv( Slapi_Value **vals, const Slapi_Value *v ); Parameters This function takes the following parameters: Pointer to the array of Slapi_Value structure pointers, containing the vals values of an attribute that stores passwords (for example, the userpassword attribute).

  • Page 442: Slapi_Is_Encoded()

    Functions for Handling Passwords slapi_is_encoded() Checks whether the specified value is encoded with any known algorithm. Syntax #include "slapi-plugin.h" int slapi_is_encoded(char *value); Parameters This function takes the following parameter: The value, the encoding status of which needs to be determined. value Returns This function returns one of the following values:...

  • Page 443: Slapi_Add_Pwd_Control()

    Functions for Handling Passwords The encoding algorithm. The following algorithms are supported in a a default Directory Server installation: • CRYPT • CLEAR • SSHA • SHA If you pass NULL for the alg parameter, the scheme used is determined by the setting of the server’s passwordStorageScheme value within the server configuration entry (cn=config).

  • Page 444: Slapi_Pwpolicy_Make_Response_Control()

    Functions for Handling Passwords Returns This function returns one of the following values: • ) if the password has expired. LDAP_CONTROL_PWEXPIRED • , with the time in seconds) if the password has LDAP_CONTROL_PWEXPIRING not yet expired but is within the warning period. slapi_pwpolicy_make_response_control() Sends back detailed information about password policies.

  • Page 445: Functions For Managing Rdn

    Functions for Managing RDN • ), if the new password is shorter than the LDAP_PWPOLICY_PWDTOOSHORT minimum length set by the policy. • ), if there has been a minimum age set before LDAP_PWPOLICY_PWDTOOYOUNG a password can be modified. • ), if old passwords are stored in history. LDAP_PWPOLICY_PWDINHISTORY Description stuff about this plug-in...

  • Page 446: Slapi_Rdn_Add()

    Functions for Managing RDN Table 15-23 RDN Routines (Continued) Function Description Initializes a Slapi_RDN structure with an RDN value taken from a slapi_rdn_init_dn() given DN. Initializes a Slapi_RDN structure with an RDN value. slapi_rdn_init_rdn() Initializes a Slapi_RDN structure with an RDN value taken from the slapi_rdn_init_sdn() DN contained in a given Slapi_RDN structure.

  • Page 447: Slapi_Rdn_Compare()

    Functions for Managing RDN The type (cn, o, ou, etc.) of the RDN to be added. This parameter type cannot be NULL. The value of the RDN to be added. This parameter cannot be value NULL. Returns This function always returns Description This function adds a new type/value pair to an existing RDN or sets the type/value pair as the new RDN if...

  • Page 448: Slapi_Rdn_Contains()

    Functions for Managing RDN Description This function compares . For to be considered equal rdn1 rdn2 rdn1 rdn2 RDNs, their components do not necessarily have to be in the same order. slapi_rdn_contains() Checks whether a structure holds any RDN matching a given Slapi_RDN type/value pair.

  • Page 449: Slapi_Rdn_Contains_Attr()

    Functions for Managing RDN slapi_rdn_contains_attr() slapi_rdn_contains_attr() Checks whether a structure contains any RDN matching a given type Slapi_RDN and, if true, gets the corresponding attribute value. Syntax #include "slapi-plugin.h" int slapi_rdn_contains_attr(Slapi_RDN *rdn, const char *type, char **value); Parameters This function takes the following parameters: The Slapi_RDN structure containing the RDN value(s).

  • Page 450: Slapi_Rdn_Done()

    Functions for Managing RDN slapi_rdn_done() Clears an instance of a structure. Slapi_RDN Syntax #include "slapi-plugin.h" void slapi_rdn_done(Slapi_RDN *rdn); Parameters This function takes the following parameter: Pointer to the structure to be cleared. Description This function clears the contents of a structure.

  • Page 451: Slapi_Rdn_Get_First()

    Functions for Managing RDN See Also slapi_rdn_new() slapi_rdn_done() slapi_rdn_get_first() Gets the type/value pair corresponding to the first RDN stored in a Slapi_RDN structure. Syntax #include "slapi-plugin.h" int slapi_rdn_get_first(Slapi_RDN *rdn, char **type, char **value); Parameters This function takes the following parameters: The Slapi_RDN structure containing the RDN value(s).

  • Page 452: Slapi_Rdn_Get_Index()

    Functions for Managing RDN slapi_rdn_get_index() Gets the index of the RDN that follows the RDN with a given type and value. Syntax #include "slapi-plugin.h" int slapi_rdn_get_index(Slapi_RDN *rdn, const char *type, const char *value,size_t length); Parameters This function takes the following parameters: The Slapi_RDN structure containing the RDN value(s).

  • Page 453: Slapi_Rdn_Get_Next()

    Functions for Managing RDN Syntax #include "slapi-plugin.h" int slapi_rdn_get_index_attr(Slapi_RDN *rdn, const char *type, char **value); Parameters This function takes the following parameters: The Slapi_RDN structure containing the RDN value(s). Type (cn, o, ou, etc.) of the RDN searched. type Repository that will hold the value of the first RDN whose type value matches the content of the parameter type.

  • Page 454: Slapi_Rdn_Get_Num_Components()

    Functions for Managing RDN Parameters This function takes the following parameters: The Slapi_RDN structure containing the RDN value(s). Indicates the position of the RDN the precedes the currently index desired RDN. Repository that will hold the type (cn, o, ou, etc.) of the next type (index+1) RDN.

  • Page 455: Slapi_Rdn_Get_Rdn()

    Functions for Managing RDN The target Slapi_RDN structure. Returns This function returns the number of RDN type/value pairs present in See Also slapi_rdn_add() slapi_rdn_get_rdn() Gets the RDN from a structure. Slapi_RDN Syntax #include "slapi-plugin.h" const char *slapi_rdn_get_rdn(const Slapi_RDN *rdn); Parameters This function takes the following parameter: The Slapi_RDN structure holding the RDN value.

  • Page 456: Slapi_Rdn_Init()

    Functions for Managing RDN Parameters This function takes the following parameter: The Slapi_RDN structure holding the RDN value. Returns This function returns the new RDN value. slapi_rdn_init() Initializes a structure with values. Slapi_RDN NULL Syntax #include "slapi-plugin.h" void slapi_rdn_init(Slapi_RDN *rdn); Parameters This function takes the following parameters: The Slapi_RDN structure to be initialized.

  • Page 457: Slapi_Rdn_Init_Rdn()

    Functions for Managing RDN Syntax #include "slapi-plugin.h" void slapi_rdn_init_dn(Slapi_RDN *rdn,const char *dn); Parameters This function takes the following parameters: The Slapi_RDN structure to be initialized. The DN value whose RDN will be used to initialize the new Slapi_RDN structure. Description This function initializes a given structure with the RDN value taken Slapi_RDN...

  • Page 458: Slapi_Rdn_Init_Sdn()

    Functions for Managing RDN See Also slapi_rdn_init_dn() slapi_rdn_init_sdn() slapi_rdn_init_sdn() Initializes a structure with an RDN value taken from the DN Slapi_RDN contained in a given structure. Slapi_RDN Syntax #include "slapi-plugin.h" void slapi_rdn_init_sdn(Slapi_RDN *rdn,const Slapi_DN *sdn); Parameters This function takes the following parameters: The Slapi_RDN structure to be initialized.

  • Page 459: Slapi_Rdn_New()

    Functions for Managing RDN The target Slapi_RDN structure. Returns This function returns one of the following values: • if there is no RDN value present. • contains a value. See Also slapi_rdn_init() slapi_rdn_done() slapi_rdn_free() slapi_rdn_new() Allocates a new structure and initializes the values to Slapi_RDN NULL Syntax...

  • Page 460: Slapi_Rdn_New_Dn()

    Functions for Managing RDN slapi_rdn_new_dn() Creates a new structure and sets an RDN value taken from a given Slapi_RDN Syntax #include "slapi-plugin.h" Slapi_RDN *slapi_rdn_new_dn(const char *dn); Parameters This function takes the following parameter: The DN value whose RDN will be used to initialize the new Slapi_RDN structure.

  • Page 461: Slapi_Rdn_New_Sdn()

    Functions for Managing RDN Parameters This function takes the following parameter: The RDN value to be set in the new Slapi_RDN structure. fromrdn Returns This function returns a pointer to the new structure with an RDN set to Slapi_RDN the content of fromrdn Description This function creates a new...

  • Page 462: Slapi_Rdn_Remove()

    Functions for Managing RDN Returns This function returns a pointer to the new structure initialized with Slapi_RDN the RDN taken from the DN value in Description This function creates a new structure and initializes its RDN with the Slapi_RDN value taken from the DN passed within the structure of the Slapi_RDN parameter.

  • Page 463: Slapi_Rdn_Remove_Attr()

    Functions for Managing RDN • if no RDN is removed. Description This function removes the RDN from rdn that matches the given criteria ( type , and value length See Also slapi_rdn_remove_attr() slapi_rdn_remove_index() slapi_rdn_remove_attr() Removes an RDN type/value pair from a structure.

  • Page 464: Slapi_Rdn_Remove_Index()

    Functions for Managing RDN slapi_rdn_remove_index() Removes an RDN type/value pair from a structure. Slapi_RDN Syntax #include "slapi-plugin.h" int slapi_rdn_remove_index(Slapi_RDN *rdn, int atindex); Parameters This function takes the following parameters: The target Slapi_RDN structure. The index of the RDN type/value pair to remove. atindex Returns This function returns one of the following values:...

  • Page 465: Slapi_Rdn_Set_Rdn()

    Functions for Managing RDN The target Slapi_RDN structure. The DN value whose RDN will be set in rdn. Description This function sets an RDN value in a structure. The structure is freed Slapi_RDN from memory and freed of any previous content before setting the new RDN. The new RDN is taken from the DN value present in the parameter.

  • Page 466: Slapi_Rdn_Set_Sdn()

    Functions for Managing Roles slapi_rdn_set_sdn() Sets an RDN value in a structure. Slapi_RDN Syntax #include "slapi-plugin.h" void slapi_rdn_set_sdn(Slapi_RDN *rdn,const Slapi_DN *sdn); Parameters This function takes the following parameters: The target Slapi_RDN structure. The Slapi_RDN structure containing the DN value whose RDN will be set in rdn.

  • Page 467: Slapi_Role_Check()

    Functions for Managing Roles slapi_role_check() Checks if the entry pointed to by contains the role indicated by entry_to_check role_dn Syntax #include "slapi-plugin.h" int slapi_role_check(Slapi_Entry *entry_to_check, Slapi_DN *role_dn,int *present); Parameters This function takes the following parameters: The entry in which the presence of a role is to be checked. entry_to_check The DN of the role for which to check.

  • Page 468: Functions For Managing Dns

    Functions for Managing DNs Functions for Managing DNs This section contains reference information on DN routines. Table 15-25 DN Routines Function Description Builds the new DN of an entry. slapi_moddn_get_newdn() Adds the RDN contained in a Slapi_RDN structure to the DN contained slapi_sdn_add_rdn() in a Slapi_DN structure.

  • Page 469: Slapi_Moddn_Get_Newdn()

    Functions for Managing DNs Table 15-25 DN Routines (Continued) Function Description Checks if an entry is in the scope of a certain base DN. slapi_sdn_scope_test() Sets a DN value in a Slapi_DN structure. slapi_sdn_set_dn_byref() Sets a DN value in a Slapi_DN structure. slapi_sdn_set_dn_byval() Sets a DN value in a Slapi_DN structure.

  • Page 470: Slapi_Sdn_Add_Rdn()

    Functions for Managing DNs Description This function is used for operations and builds a new DN out of a new moddn RDN and the DN of the new parent. The new DN is worked out by adding the new RDN in to a parent DN.

  • Page 471: Slapi_Sdn_Copy()

    Functions for Managing DNs Syntax #include "slapi-plugin.h" int slapi_sdn_compare( const Slapi_DN *sdn1, const Slapi_DN *sdn2 ); Parameters This function takes the following parameters: DN to compare with the value in sdn2. sdn1 DN to compare with the value in sdn1. sdn2 Returns This function returns one of the following values:...

  • Page 472: Slapi_Sdn_Done()

    Functions for Managing DNs Description This function copies the DN in to the structure pointed by from Memory Concerns must be allocated in advance of calling this function. See Also slapi_sdn_dup() slapi_sdn_done() Clears an instance of a structure. Slapi_DN Syntax #include "slapi-plugin.h"...

  • Page 473: Slapi_Sdn_Free()

    Functions for Managing DNs Parameters This function takes the following parameter: Pointer to the Slapi_DN structure to duplicate. Returns This function returns a pointer to a duplicate of See Also slapi_sdn_copy() slapi_sdn_new() slapi_sdn_free() Frees a structure. Slapi_DN Syntax #include "slapi-plugin.h" void slapi_sdn_free(Slapi_DN **sdn);...

  • Page 474: Slapi_Sdn_Get_Backend_Parent()

    Functions for Managing DNs slapi_sdn_get_backend_parent() Gets the DN of the parent of an entry within a specific backend. Syntax #include "slapi-plugin.h" void slapi_sdn_get_backend_parent(const Slapi_DN *sdn, Slapi_DN *sdn_parent,const Slapi_Backend *backend); Parameters This function takes the following parameters: DN of the entry whose parent is searched. Parent DN of sdn.

  • Page 475: Slapi_Sdn_Get_Ndn()

    Functions for Managing DNs The Slapi_DN structure containing the DN value. Returns This function returns the DN value. Description This function retrieves the DN value of a structure. The returned value Slapi_DN can be the normalized DN (in a canonical format and in lower case) if no other value is present.

  • Page 476: Slapi_Sdn_Get_Ndn_Len()

    Functions for Managing DNs See Also slapi_sdn_get_dn() slapi_sdn_get_ndn_len() Gets the length of the normalized DN of a structure. Slapi_DN Syntax #include "slapi-plugin.h" int slapi_sdn_get_ndn_len(const Slapi_DN *sdn); Parameters This function takes the following parameter: The Slapi_DN structure containing the DN value. Returns This function returns the length of the normalized DN.

  • Page 477: Slapi_Sdn_Get_Rdn()

    Functions for Managing DNs Pointer to the Slapi_DN structure where the parent DN is sdn_parent returned. Description This function returns a structure containing the parent DN of the DN Slapi_DN kept in the structure pointed to by See Also slapi_sdn_get_backend_parent() slapi_sdn_get_rdn() Gets the RDN from a DN.

  • Page 478: Slapi_Sdn_Is_Rdn_Component()

    Functions for Managing DNs slapi_sdn_is_rdn_component() Not implemented; do not use. Checks if there is a RDN value that is a component of the DN structure. Syntax #include "slapi-plugin.h" int slapi_sdn_is_rdn_component(const Slapi_DN *rdn, const Slapi_Attr *a, const Slapi_Value *v); Parameters This function takes the following parameters: Pointer to the structure that is going to be checked.

  • Page 479: Slapi_Sdn_Isgrandparent()

    Functions for Managing DNs Parameters This function takes the following parameter: Pointer to the structure that is going to be checked. Slapi_DN Returns This function returns one of the following values: • if there is no DN value (normalized or not) present in the structure.

  • Page 480: Slapi_Sdn_Isparent()

    Functions for Managing DNs Returns This function returns one of the following values: • if the DN in parent is the grandparent of the DN in child. • if the DN in parent does not match the DN of the grandparent of the DN in child.

  • Page 481: Slapi_Sdn_Issuffix()

    Functions for Managing DNs slapi_sdn_issuffix() Checks whether a structure contains a suffix of another Slapi_DN Slapi_DN structure. Syntax #include "slapi-plugin.h" int slapi_sdn_issuffix(const Slapi_DN *sdn, const Slapi_DN *suffixsdn); Parameters This function takes the following parameters: Pointer to the Slapi_DN structure to be checked. Pointer to the Slapi_DN structure of the suffix.

  • Page 482: Slapi_Sdn_New_Dn_Byref()

    Functions for Managing DNs Description This function creates a new structure by allocating the necessary Slapi_DN memory and initializing both DN and normalized DN values to NULL See Also slapi_sdn_free() slapi_sdn_copy() slapi_sdn_done() slapi_sdn_new_dn_byref() Creates a new structure and sets a DN value. Slapi_DN Syntax #include "slapi-plugin.h"...

  • Page 483: Slapi_Sdn_New_Dn_Byval()

    Functions for Managing DNs slapi_sdn_new_dn_byval() Creates a new structure and sets a DN value. Slapi_DN Syntax #include "slapi-plugin.h" Slapi_DN *slapi_sdn_new_dn_byval(const char *dn); Parameters This function takes the following parameter: The DN value to be set in the new Slapi_DN structure. Returns This function returns a pointer to the new structure with a DN valueset...

  • Page 484: Slapi_Sdn_New_Ndn_Byref()

    Functions for Managing DNs Parameters This function takes the following parameter: The DN value to be set the new Slapi_DN structure. Returns This function returns a pointer to the new structure with DN valueset Slapi_DN to the content of Description This function creates a new structure and initializes its DN with the Slapi_DN...

  • Page 485: Slapi_Sdn_New_Ndn_Byval()

    Functions for Managing DNs Returns This function returns a pointer to the new structure with a normalized Slapi_DN DN valueset to the content of Descriptions This function creates a new structure and initializes its normalized DN Slapi_DN with the value of .

  • Page 486: Slapi_Sdn_Scope_Test()

    Functions for Managing DNs Description This function creates a new structure and initializes its normalized DN Slapi_DN with the value of . The normalized DN of the new structure will point to a copy of the string pointed to by ;...

  • Page 487: Slapi_Sdn_Set_Dn_Byref()

    Functions for Managing DNs Returns This function returns non-zero if matches the scoping criteria given by base and scope. Description This function carries out a simple test to check whether the DN passed in the parameter is actually in the scope of the base DN according to the values passed into the parameters.

  • Page 488: Slapi_Sdn_Set_Dn_Byval()

    Functions for Managing DNs See Also slapi_sdn_set_dn_byval() slapi_sdn_set_dn_passin() slapi_sdn_set_dn_byval() Sets a DN value in a structure. Slapi_DN Syntax #include "slapi-plugin.h" Slapi_DN *slapi_sdn_set_dn_byval(Slapi_DN *sdn, const char *dn); Parameters This function takes the following parameters: The target Slapi_DN structure. The DN value to be set in sdn. Returns This function returns a pointer to the structure containing the new DN...

  • Page 489: Slapi_Sdn_Set_Ndn_Byref()

    Functions for Managing DNs Syntax #include "slapi-plugin.h" Slapi_DN *slapi_sdn_set_dn_passin(Slapi_DN *sdn, const char *dn); Parameters This function takes the following parameters: The target Slapi_DN structure. DN value to be set in sdn. Returns This function returns a pointer to the structure containing the new DN Slapi_DN value.

  • Page 490: Slapi_Sdn_Set_Ndn_Byval()

    Functions for Managing DNs Returns This function returns a pointer to the structure containing the new Slapi_DN normalized DN value. Description This function sets a normalized DN value in a structure. The Slapi_DN normalized DN of the new structure will point to the same string pointed to by ;...

  • Page 491: Slapi_Sdn_Set_Parent()

    Functions for Managing DNs See Also slapi_sdn_set_ndn_byref() slapi_sdn_set_dn_passin() slapi_sdn_set_parent() Sets a new parent for a given entry. Syntax #include "slapi-plugin.h" Slapi_DN *slapi_sdn_set_parent(Slapi_DN *sdn, const Slapi_DN *parentdn); Parameters This function takes the following parameters: The Slapi_DN structure containing the DN of the entry. The new parent DN.

  • Page 492: Functions For Sending Entries And Results To The Client

    Functions for Sending Entries and Results to the Client Syntax #include "slapi-plugin.h" Slapi_DN *slapi_sdn_set_rdn(Slapi_DN *sdn, const Slapi_RDN *rdn); Parameters This function takes the following parameters: The Slapi_DN structure containing the DN of the entry. The new RDN. Returns This function returns a pointer to the structure that keeps the DN of the Slapi_DN entry after the new RDN has been set.

  • Page 493: Slapi_Send_Ldap_Referral()

    Functions for Sending Entries and Results to the Client slapi_send_ldap_referral() Processes an entry’s LDAPv3 referrals, which are found in the entry’s attribute. For LDAPv3 clients, this function sends the LDAP referrals back to the client. For LDAPv2 clients, this function copies the referrals to an array of berval structures that you can pass to function at a later...

  • Page 494: Slapi_Send_Ldap_Result()

    Functions for Sending Entries and Results to the Client When you call the function for LDAPv3 slapi_send_ldap_referral() clients, the server sends the referrals specified in the argument back to refs the client as search result references. The argument is not used in this urls case.
  • Page 495 Functions for Sending Entries and Results to the Client When sending back an LDAP_NO_SUCH_OBJECT result code, use matched this argument to specify the portion of the target DN that could be matched. Pass NULL in other situations. Error message that you want sent back to the client. Pass NULL if you text do not want an error message sent back.

  • Page 496: Slapi_Send_Ldap_Search_Entry()

    Functions for Sending Entries and Results to the Client struct berval **urls; slapi_send_ldap_referral( ld, e, &refs, &urls ); slapi_send_ldap_result( ld, LDAP_PARTIAL_RESULTS, NULL, NULL, 0, \ urls ); If you want to define your own function for sending result codes, write a function that complies with the type definition , and set the send_ldap_result_fn_ptr_t...

  • Page 497: Functions Related To Utf-8

    Functions Related to UTF-8 Returns This function returns one of the following values: • if successful. • if the entry is not sent; for example, if access control did not allow it to be sent. • if an error occurs. Description Call to send an entry found by a search back...

  • Page 498: Slapi_Has8Thbit()

    Functions Related to UTF-8 Table 15-27 UTF-8 Related Routines Function Description Checks if a string has an 8-bit character. slapi_has8thBit() Makes case-insensitive string comparison of two UTF-8 strings. slapi_utf8casecmp() Compares two UTF-8 strings. slapi_UTF8CASECMP() Makes case-insensitive string comparison of first n characters of two UTF-8 slapi_utf8ncasecmp() strings.

  • Page 499: Slapi_Utf8Casecmp()

    Functions Related to UTF-8 Pointer to the null-terminated string to test. Returns This function returns one of the following values: • if the string contains an 8-bit character. • if it does not. slapi_utf8casecmp() Makes case-insensitive string comparison of two UTF-8 strings. Syntax #include "slapi-plugin.h"...

  • Page 500: Slapi_Utf8Casecmp()

    Functions Related to UTF-8 • If one of the strings is NULL or zero-length, the NULL/zero-length string is smaller. • If one or both of the strings are not UTF-8, system provided strcasecmp used. • If one of the two strings contains no 8-bit characters, is used.

  • Page 501: Slapi_Utf8Ncasecmp()

    Functions Related to UTF-8 • A positive number if is after • if the two string are identical, ignoring case. • A negative number if is after Description The function takes two UTF-8 strings ( ) of to be compared. The signed char comparison rules are as follows: •...

  • Page 502: Slapi_Utf8Ncasecmp()

    Functions Related to UTF-8 A null-terminated UTF-8 string. A null-terminated UTF-8 string. The number of UTF-8 characters (not bytes) from s0 and s1 to compare. Returns This function returns one of the following values: • A positive number if is after •...

  • Page 503: Slapi_Utf8Islower()

    Functions Related to UTF-8 Returns This function returns one of the following values: • A positive number if is after • if the two string are identical, ignoring case. • A negative number if is after Description This function has the following rules: •...

  • Page 504: Slapi_Utf8Islower()

    Functions Related to UTF-8 Pointer to a single UTF-8 character (could be multiple bytes). Returns This function returns one of the following values: • if the character is a lowercase letter. • if the character is not a lowercase letter. slapi_UTF8ISLOWER() Verifies if a UTF-8 character is a lower-case letter.

  • Page 505: Slapi_Utf8Isupper()

    Functions Related to UTF-8 Parameters This function takes the following parameter: A single UTF-8 character (could be multiple bytes) Returns This function returns one of the following values: • if the character is an upper-case letter. • if the character is not an upper-case letter. slapi_UTF8ISUPPER() Verifies if a UTF-8 character is an upper-case letter.

  • Page 506: Slapi_Utf8Strtolower()

    Functions Related to UTF-8 Syntax #include "slapi-plugin.h" unsigned char *slapi_utf8StrToLower(unsigned char *s); Parameters This function takes the following parameter: A null-terminated UTF-8 string to be converted to lower case. Returns This function returns one of the following values: • A pointer to a null-terminated UTF-8 string whose characters are converted to lower case;...

  • Page 507: Slapi_Utf8Strtoupper()

    Functions Related to UTF-8 A null-terminated UTF-8 string to be converted to lower case. Returns This function returns one of the following values: • A pointer to a null-terminated UTF-8 string whose characters are converted to lower case. Characters which are not upper case are copied as-is. •...

  • Page 508: Slapi_Utf8Strtoupper()

    Functions Related to UTF-8 • A null-terminated UTF-8 string whose characters are converted to upper case; characters that are not lower case are copied as-is. • if the string is not considered to be a UTF-8 string. NULL Description This function converts a string of multiple UTF-8 characters, not a single character as in slapi_utf8ToUpper() Memory Concerns...

  • Page 509: Slapi_Utf8Tolower()

    Functions Related to UTF-8 slapi_utf8ToLower() Converts an upper-case UTF-8 character to a lower-case character. Syntax #include "slapi-plugin.h" void slapi_utf8ToLower(unsigned char *s, unsigned char *d, int *ssz, int *dsz); Parameters This function takes the following parameters: A single UTF-8 character (could be multiple bytes). Pointer to the lower case form of s.

  • Page 510: Slapi_Utf8Toupper()

    Functions Related to UTF-8 Returns the length in bytes of the output character. slapi_utf8ToUpper() Converts a lower-case UTF-8 character to an upper-case character. Syntax #include "slapi-plugin.h" void slapi_utf8ToUpper(unsigned char *s, unsigned char *d, int *ssz, int *dsz); Parameters This function takes the following parameters: Pointer to a single UTF-8 character (could be multiple bytes).

  • Page 511: Functions For Handling Values

    Functions for Handling Values Pointer to a single UTF-8 character (could be multiple bytes). Pointer to the upper case version of s. The memory for this must be allocated by the caller before calling the function. Returns the length in bytes of the input character. Returns the length in bytes of the output character.

  • Page 512: Slapi_Value_Compare()

    Functions for Handling Values Table 15-28 Value Routines (Continued) Function Description Allocates a new Slapi_Value structure and initializes it from a slapi_value_new_string_passin() string. Allocates a new Slapi_Value from another Slapi_Value structure. slapi_value_new_value() Sets the value. slapi_value_set() Copies the value from a berval structure into a Slapi_Value slapi_value_set_berval() structure.

  • Page 513: Slapi_Value_Dup()

    Functions for Handling Values • if the two values are equal. • is smaller than • is greater than Description This function compares two using the matching rule associated to Slapi_Values the attribute This function replaces the deprecated function used in slapi_attr_value_cmp() previous releases and uses the attribute values instead of the...

  • Page 514: Slapi_Value_Get_Berval()

    Functions for Handling Values Syntax #include "slapi-plugin.h" slapi_value_free(Slapi_Value **value); Parameters This function takes the following parameter: Address of the pointer to the Slapi_Value you wish to free. value Description This function frees the structure and its members (if it is not Slapi_Value NULL and sets the pointer to...

  • Page 515: Slapi_Value_Get_Int()

    Functions for Handling Values Memory Concerns You should not free the structure unless you plan to replace it by calling berval slapi_value_set_berval() See Also slapi_value_set_berval() slapi_value_get_int() Converts the value to an integer. Syntax #include "slapi-plugin.h" int slapi_value_get_int(const Slapi_Value *value); Parameters This function takes the following parameter: Pointer to the Slapi_Value that you want to get as an integer.

  • Page 516: Slapi_Value_Get_Long()

    Functions for Handling Values Syntax #include "slapi-plugin.h" size_t slapi_value_get_length(const Slapi_Value *value); Parameters This function takes the following parameter: Pointer to the Slapi_Value of which you wish to get the value length. Returns This function returns one of the following values: •...

  • Page 517: Slapi_Value_Get_String()

    Functions for Handling Values • A long integer which corresponds to the value stored in the Slapi_Value structure. • if there is no value. Description This function converts the value contained in the structure into a Slapi_Value long integer. See Also slapi_value_get_int() slapi_value_get_ulong() slapi_value_get_uint()

  • Page 518: Slapi_Value_Get_Uint()

    Functions for Handling Values See Also slapi_value_set_string() slapi_value_get_uint() Converts the value to an unsigned integer. Syntax #include "slapi-plugin.h" unsigned int slapi_value_get_uint(const Slapi_Value *value); Parameters This function takes the following parameter: Pointer to the value that you wish to get as an unsigned integer. value Returns This function returns one of the following values:...

  • Page 519: Slapi_Value_Init()

    Functions for Handling Values Parameters This function takes the following parameter: Pointer to the value that you wish to get as an unsigned integer. value Returns This function returns one of the following values: • An unsigned long integer which corresponds to the value stored in the structure.

  • Page 520: Slapi_Value_Init_Berval()

    Functions for Handling Values Returns This function returns a pointer to the initialized structure (itself). Slapi_Value Description This function initializes the structure, resetting all of its fields to Slapi_Value zero. The value passed as the parameter must be a valid Slapi_Value slapi_value_init_berval() Initializes a...

  • Page 521: Slapi_Value_Init_String_Passin()

    Functions for Handling Values Parameters This function takes the following parameters: Pointer to the value to be initialized. The pointer must not be NULL. A null-terminated string used to initialize the value. Returns This function returns a pointer to the initialized structure (itself).

  • Page 522: Slapi_Value_New()

    Functions for Handling Values Memory Concerns The string will be freed when the structure is freed from memory by Slapi_Value calling slapi_value_free() See Also slapi_value_free() slapi_value_new_string_passin() slapi_value_set_string_passin() slapi_value_new() Allocates a new structure. Slapi_Value Syntax #include "slapi-plugin.h" slapi_value_new(); Parameters This function does not take any parameters. Returns This function returns a pointer to the newly allocated structure.

  • Page 523: Slapi_Value_New_String()

    Functions for Handling Values Syntax #include "slapi-plugin.h" slapi_value_new_berval(const struct berval *bval); Parameters This function takes the following parameter: Pointer to the berval structure used to initialize the newly bval allocated Slapi_Value. Returns This function returns a pointer to the newly allocated .

  • Page 524: Slapi_Value_New_String_Passin()

    Functions for Handling Values A null-terminated string used to initialize the newly-allocated Slapi_Value. Returns This function returns a pointer to the newly allocated . If space Slapi_Value cannot be allocated (for example, if no more virtual memory exists), the slapd program will terminate.

  • Page 525: Slapi_Value_New_Value()

    Functions for Handling Values Returns This function returns a pointer to a newly allocated structure. If Slapi_Value space cannot be allocated (for example, if no virtual memory exists), the slapd program terminates. Description This function returns a structure containing the string passed as the Slapi_Value parameter.

  • Page 526: Slapi_Value_Set()

    Functions for Handling Values Description This function returns a structure containing a value duplicated from Slapi_Value structure passed as the parameter. This function is identical to Slapi_Value slapi_value_dup() Memory Concerns When you are no longer using the value, you should free it from memory by calling the function.

  • Page 527: Slapi_Value_Set_Berval

    Functions for Handling Values Memory Concerns If the pointer to the structure is , then nothing is done, and the Slapi_Value NULL function returns . If the structure already contains a value, it is NULL Slapi_Value freed from memory before the new one is set. When you are no longer using the structure, you should free it from Slapi_Value...

  • Page 528: Slapi_Value_Set_Int()

    Functions for Handling Values Memory Concerns If the pointer to the structure is , nothing is done, and the Slapi_Value NULL function returns . If the already contains a value, it is freed NULL Slapi_Value from memory before the new one is set. When you are no longer using the structure, you should free it from Slapi_Value...

  • Page 529: Slapi_Value_Set_String()

    Functions for Handling Values Memory Concerns If the pointer to the structure is , nothing is done, and the Slapi_Value NULL function returns . If the already contains a value, it is freed from Slapi_Value memory before the new one is set. When you are no longer using the structure, you should free it from Slapi_Value...

  • Page 530: Slapi_Value_Set_String_Passin()

    Functions for Handling Values When you are no longer using the structure, you should free it from Slapi_Value memory by calling slapi_value_free() See Also slapi_value_free() slapi_value_set_string_passin() Sets the value of a structure from a string. Slapi_Value Syntax #include "slapi-plugin.h" int slapi_value_set_string_passin ( Slapi_Value *value, char *strVal);...

  • Page 531: Slapi_Value_Set_Value

    Functions for Handling Values slapi_value_set_value() Copies the value of a structure into a structure. Slapi_Value Slapi_Value Syntax #include "slapi-plugin.h" slapi_value_set_value( Slapi_Value *value, const Slapi_Value *vfrom); Parameters This function takes the following parameters: Pointer to the Slapi_Value in which to set the value. value Pointer to the Slapi_Value from which to get the value.

  • Page 532: Functions For Handling Valueset

    Functions for Handling Valueset Functions for Handling Valueset This section contains reference information on valueset routines. Table 15-29 Valueset Routines Function Description Adds a Slapi_Value in the Slapi_ValueSet structure. slapi_valueset_add_value() Enables adding of a Slapi_Value in the Slapi_ValueSet structure slapi_valueset_add_value_ext() without having to duplicate and free the target value.

  • Page 533: Slapi_Valueset_Add_Value_Ext()

    Functions for Handling Valueset Pointer to the Slapi_ValueSet structure to which to add the value. Pointer to the Slapi_Value to add to the Slapi_ValueSet. addval Description This function adds a value in the form of a structure in a Slapi_Value structure.

  • Page 534: Slapi_Valueset_Count()

    Functions for Handling Valueset If SLAPI_VALUE_FLAG_PASSIN bit is set in the flags, the flags function would take over the ownership of the new value to be added without duplicating it. Description Sometimes, it is desirable to have a pass-in interface to add a to a list Slapi_Value without having to duplicate and free the target value.

  • Page 535: Slapi_Valueset_Done()

    Functions for Handling Valueset slapi_valueset_done() Frees the values contained in the structure. Slapi_ValueSet Syntax #include "slapi-plugin.h" void slapi_valueset_done(Slapi_ValueSet *vs); Parameters This function takes the following parameter: Pointer to the Slapi_ValueSet structure from which you wish to free its values. Memory Concerns Use this function when you are no longer using the values but you want to re-use structure for a new set of values.

  • Page 536: Slapi_Valueset_First_Value()

    Functions for Handling Valueset Returns This function returns one of the following values: • A pointer to the value in the valueset if the value was found. • if the value was not found. Null Description Use this function to check for duplicate values in an attribute. slapi_valueset_first_value() Gets the first value of a structure.

  • Page 537: Slapi_Valueset_Free()

    Functions for Handling Valueset Memory Concerns This function gives a pointer to the actual value within the . You Slapi_ValueSet should not free it from memory. See Also slapi_valueset_next_value() slapi_valueset_free() Frees the specified structure and its members from memory. Slapi_ValueSet Syntax #include "slapi-plugin.h"...

  • Page 538: Slapi_Valueset_New()

    Functions for Handling Valueset Pointer to the Slapi_ValueSet to replace. Description This function returns the values contained in the structure (sets Slapi_ValueSet them to ). This does not free the values contained in the structure. To free the values, use slapi_valueset_done() Memory Concerns When you are no longer using the...

  • Page 539: Slapi_Valueset_Next_Value()

    Functions for Handling Valueset Memory Concerns When you are no longer using the value, you should free it from memory by calling slapi_valueset_free() See Also slapi_valueset_free() slapi_valueset_next_value() Gets the next value from a structure. Slapi_ValueSet Syntax #include "slapi-plugin.h" int slapi_valueset_next_value( Slapi_ValueSet *vs, int index, Slapi_Value **v);...

  • Page 540: Slapi_Valueset_Set_From_Smod()

    Functions for Handling Valueset Memory Concerns This function gives a pointer to the actual value within the Slapi_ValueSet you should not free it from memory. See Also slapi_valueset_first_value() slapi_valueset_set_from_smod() Copies the values of structure into a structure. Slapi_Mod Slapi_ValueSet Syntax #include "slapi-plugin.h"...

  • Page 541: Slapi_Valueset_Set_Valueset()

    Functions Specific to Virtual Attribute Service slapi_valueset_set_valueset() Initializes a structure from another structure. Slapi_ValueSet Slapi_ValueSet Syntax #include "slapi-plugin.h" void slapi_valueset_set_valueset(Slapi_ValueSet *vs1, const Slapi_ValueSet *vs2); Parameters This function takes the following parameters: Pointer to the Slapi_ValueSet structure to which you wish to set the values.

  • Page 542: Slapi_Vattr_List_Attrs()

    Functions Specific to Virtual Attribute Service Table 15-30 Virtual Attribute Service Routines Function Description Returns all the attribute types, both real and virtual, from an entry. slapi_vattr_list_attrs() Frees the attribute list returned by slapi_vattr_list_attrs(). slapi_vattr_attrs_free() Performs a schema check on the attribute types in the entry. slapi_vattr_schema_check_type() Compares the attribute and the name in a given entry.

  • Page 543: Slapi_Vattr_Attrs_Free()

    Functions Specific to Virtual Attribute Service Bit mask of options. Valid values include: buffer_flags SLAPI_VIRTUALATTRS_RETURNED_COPIES SLAPI_VIRTUALATTRS_RETURNED_POINTERS SLAPI_VIRTUALATTRS_REALATTRS_ONLY Memory Concerns The list that is returned from this API should be freed by the user by calling for that list. slapi_vattr_attrs_free() Description This function should be used to return both the real and virtual attributes for an entry.

  • Page 544: Slapi_Vattr_Schema_Check_Type()

    Functions Specific to Virtual Attribute Service Memory Concerns Free the pointer block using slapi_ch_free() See Also slapi_vattr_list_attrs() slapi_vattr_schema_check_type() Performs a schema check on the attribute types in the entry. Syntax #include "slapi-plugin.h" int slapi_vattr_schema_check_type(Slapi_Entry *e, char *type); Parameters This function takes the following parameters: The entry to be checked.

  • Page 545: Slapi_Vattr_Values_Free()

    Functions Specific to Virtual Attribute Service Attribute type name. type Value to be tested. test_this 1 if the compare is true, 0 if the compare is false. result Not used. You should pass 0 for this parameter. flags Returns This function returns for success, in which case contains the result of the result...

  • Page 546: Slapi_Vattr_Values_Get()

    Functions Specific to Virtual Attribute Service Description This function should be used to free the valueset and type names returned from slapi_vattr_values_get_ex() See Also slapi_vattr_values_get_ex() slapi_vattr_values_get() Returns the values of a virtual attribute for the given an entry and the attribute-type name.

  • Page 547: Slapi_Vattr_Values_Get_Ex()

    Functions Specific to Virtual Attribute Service • (failed to evaluate a SLAPI_VIRTUALATTRS_LOOP_DETECTED vattr • (type not recognized by any and not a real SLAPI_VIRTUAL_NOT_FOUND vattr in entry). attr • (memory error). ENOMEM Memory Concerns Gets values for an attribute type ( ) in the list.
  • Page 548 Functions Specific to Virtual Attribute Service Bit mask to be used as input flags for buffer_flags slapi_values_free(). Number of subtypes matched. subtype_count Returns This function returns for success, in which case: • contains the current values for type all of the subtypes in results •...

  • Page 549: Slapi_Vattr_Values_Type_Thang_Get()

    Functions Specific to Virtual Attribute Service slapi_vattr_values_type_thang_get() Gets values for an attribute type in the list only if the results field for that attribute type is NULL Syntax #include "slapi-plugin.h" int slapi_vattr_values_type_thang_get Slapi_Entry *e, vattr_type_thang *type_thang, Slapi_ValueSet** results, int *type_name_disposition, char **actual_type_name, int flags, int *buffer_flags);...

  • Page 550: Functions For Managing Locks And Synchronization

    Functions for Managing Locks and Synchronization See Also slapi_vattr_values_get() Functions for Managing Locks and Synchronization This section contains reference information on locks and synchronization routines. Table 15-31 Locks and Synchronization Routines Function Description Frees a Slapi_CondVar structure from memory. slapi_destroy_condvar() Frees a Slapi_Mutex structure from memory.

  • Page 551: Slapi_Destroy_Mutex()

    Functions for Managing Locks and Synchronization Description This function frees a structure from memory. Before calling this Slapi_CondVer function, you should make sure that this condition variable is no longer in use. slapi_destroy_mutex() Frees a structure from memory. Slapi_Mutex Syntax #include "slapi-plugin.h"...

  • Page 552: Slapi_New_Condvar()

    Functions for Managing Locks and Synchronization Description This function locks the mutex specified by the structure. After this Slapi_Mutex function returns, any other thread that attempts to acquire the same lock is blocked until the holder of the lock releases the lock. Acquiring the lock is not an interruptible operation, nor is there any time-out mechanism.

  • Page 553: Slapi_New_Mutex()

    Functions for Managing Locks and Synchronization slapi_new_mutex() Creates a new mutex and returns a pointer to the corresponding Slapi_Mutex structure. Syntax #include "slapi-plugin.h" Slapi_Mutex *slapi_new_mutex(); Returns This function returns one of the following values: • A pointer to the new structure.

  • Page 554: Slapi_Unlock_Mutex()

    Functions for Managing Locks and Synchronization Returns This function returns one of the following values: • A non-zero value if the thread (or threads) are successfully notified. • if an error occurs; for example, if the condition variable is or if the NULL mutex associated with the condition variable is not locked.

  • Page 555: Functions For Managing Computed Attributes

    Functions for Managing Computed Attributes Syntax #include "slapi-plugin.h" int slapi_wait_condvar( Slapi_CondVar *cvar, struct timeval *timeout ); Parameters This function takes the following parameters: Pointer to an Slapi_CondVar structure representing the cvar condition variable on which you want to wait. Time period to wait for notification on the condition variable. If timeout NULL, the calling function blocks indefinitely.

  • Page 556: Slapi_Compute_Add_Evaluator()

    Functions for Managing Computed Attributes slapi_compute_add_evaluator() Registers the specified function as an evaluator that the server will call to generate a computed attribute. Syntax #include "slapi-plugin.h" int slapi_compute_add_evaluator( slapi_compute_callback_t function); Parameters This function takes the following parameter: Function registered by the plug-in that will be used in function evaluating the computed attributes.

  • Page 557: Compute_Rewrite_Search_Filter()

    Functions for Managing Computed Attributes Syntax #include "slapi-plugin.h" int slapi_compute_add_search_rewriter (slapi_search_rewrite_callback_t function); Parameters This function takes the following parameter: Function registered by the plug-in to rewrite the search filters. function Returns This function returns one of the following values: • if no attribute matched the requested type •...

  • Page 558: Functions For Manipulating Bits

    Functions for Manipulating Bits Returns This function returns one of the following values: • indicates the function should keep looking for a match. • indicates the rewrite is successful. • indicates the function refuses to perform the search. • indicates the function encountered an error. Description This function calls evaluator functions to see if there is a match with a search filter.

  • Page 559: Slapi_Isbitset_Uchar()

    Functions for Manipulating Bits Syntax #include "slapi-plugin.h" int slapi_isbitset_int(unsigned int f,unsigned int bitnum); Parameters This function takes the following parameters: The unsigned integer, a bit of which is to be checked. The bit number in the unsigned integer that needs to be checked. bitnum Returns This function returns one of the following values:...

  • Page 560: Slapi_Setbit_Int()

    Functions for Manipulating Bits Returns This function returns one of the following values: • if the specified bit is set. • if the specified bit is not set. See Also slapi_setbit_uchar() slapi_unsetbit_uchar() slapi_setbit_int() Sets the specified bit in an integer. Syntax #include "slapi-plugin.h"...

  • Page 561: Slapi_Unsetbit_Int()

    Functions for Manipulating Bits Syntax #include "slapi-plugin.h" unsigned char slapi_setbit_uchar(unsigned char f, unsigned char bitnum); Parameters This function takes the following parameters: The character in which a bit is to be set. The bit number that needs to be set in the character. bitnum Returns This function returns the character with the specified bit set.

  • Page 562: Slapi_Unsetbit_Uchar()

    Functions for Registering Object Extensions See Also slapi_isbitset_int() slapi_setbit_int() slapi_unsetbit_uchar() Unsets the specified bit in a character. Syntax #include "slapi-plugin.h" unsigned char slapi_unsetbit_uchar(unsigned char f, unsigned char bitnum); Parameters This function takes the following parameters: The character in which a bit is to be unset. The bit number that needs to be unset in the character.

  • Page 563: Slapi_Get_Object_Extension()

    Functions for Registering Object Extensions Table 15-34 Routines for Registering Object Extensions Function Description Retrieves a pointer to the plug-in extension. slapi_get_object_extension() Registers a plug-in’s object extension. slapi_register_object_extension() Changes a plug-in’s object extension. slapi_set_object_extension() slapi_get_object_extension() Retrieves a pointer to the plug-in extension. Syntax #include "slapi-plugin.h"...

  • Page 564: Slapi_Register_Object_Extension()

    Functions for Registering Object Extensions See Also slapi_register_object_extension() slapi_set_object_extension() slapi_register_object_extension() Registers a plug-in’s object extension. Syntax #include "slapi-plugin.h" int slapi_register_object_extension( const char *pluginname, const char *objectname, slapi_extension_constructor_fnptr constructor, slapi_extension_destructor_fnptr destructor, int *objecttype, int *extensionhandle); Parameters This function takes the following parameters: Plug-in name.

  • Page 565: Slapi_Set_Object_Extension()

    Functions for Registering Object Extensions Description When a plug-in is initialized, it must register its object extensions. It must provide the name of the object to be extended, e.g., , and constructor and Operation destructor functions. These functions are called when the object is constructed and destroyed.

  • Page 566: Functions Related To Data Interoperability

    Functions Related to Data Interoperability See Also slapi_register_object_extension() slapi_get_object_extension() Functions Related to Data Interoperability This section contains reference information on routines that support the data interoperability feature of Directory Server, which is explained in chapter 13, “Using Data Interoperability Plug-ins.” This set of functions allows a custom plug-in to preserve the default behavior of the Directory Server and bypass access control checking.

  • Page 567: Slapi_Operation_Set_Flag()

    Functions Related to Data Interoperability Returns This function returns if the operation is not reserved and a non-zero value if the operation is reserved. Description This function allows you to implement a custom DIOP plug-in that does not affect the default behavior of the server. The code snippet below is a sample for a plug-in that handles the LDAP delete operation.

  • Page 568: Slapi_Operation_Clear_Flag()

    Functions Related to Data Interoperability Description The code sample demonstrates how the flag for the operation is to be set: Slapi_Operation *op; if ( slapi_pblock_get( pb, SLAPI_OPERATION, &op ) != 0 ) { slapi_operation_set_flag( op, SLAPI_OP_FLAG_NO_ACCESS_CHECK See Also slapi_operation_clear_flag() slapi_is_flag_set() slapi_operation_clear_flag() Clears the specified flag for the operation.

  • Page 569: Functions For Registering Additional Plug-Ins

    Functions for Registering Additional Plug-ins Syntax #include "slapi-plugin.h" int slapi_is_flag_set(Slapi_Operation *op, unsigned long flag) Parameter This function takes the following parameters: Operation data structure. Flag to check. By default, only one flag can be checked, the flag SLAPI_OP_FLAG_NO_ACCESS_CHECK flag, which specifies that access control should not be checked.

  • Page 570: Slapi_Register_Plugin()

    Functions for Registering Additional Plug-ins slapi_register_plugin() Allows plug-in to register a plug-in. Syntax #include "slapi-plugin.h" int slapi_register_plugin( const char *plugintype, int enabled, const char *initsymbol, slapi_plugin_init_fnptr initfunc, const char *name, char **argv, void *group_identity); Parameters This function takes the following parameters: Handle to find the offset into the object where the extension plugintype block is stored.

  • Page 571: Chapter 16 Parameter Block Reference

    Chapter 16 Parameter Block Reference This chapter describes the parameters available in the parameter Slapi_PBlock block, the type of data associated with each parameter, and the plug-in functions in which those parameters are accessible. To get the values of these parameters, call the function.

  • Page 572: Parameters For Registering Plug-In Functions

    Parameters for Registering Plug-in Functions • Parameters for Error Logging (page 603) • Parameters for Filters (page 605) • Parameters for Password Storage (page 606) • Parameters for Resource Limits (page 607) • Parameters for the Virtual Attribute Service (page 608) Parameters for Registering Plug-in Functions The parameters listed in this section identify plug-in functions recognized by the server.
  • Page 573 Parameters for Registering Plug-in Functions To register your plug-in function, write an initialization function that sets the values of the following parameters to your functions. Table 16-1 Parameter ID Description This function is called before an LDAP bind operation SLAPI_PLUGIN_PRE_BIND_FN is completed.

  • Page 574: Post-Operation/Data Notification Plug-Ins

    Parameters for Registering Plug-in Functions Table 16-1 Parameter ID Description This function is called before an internal LDAP delete SLAPI_PLUGIN_INTERNAL_PRE_DELETE_FN operation is completed. This function is called before an internal LDAP modify SLAPI_PLUGIN_INTERNAL_PRE_MODIFY_FN operation is completed. This function is called before an internal LDAP modify SLAPI_PLUGIN_INTERNAL_PRE_MODRDN_FN RDN operation is completed.

  • Page 575: Matching Rule Plug-Ins

    Parameters for Registering Plug-in Functions Table 16-2 Parameter ID Description This function is called after a set of referrals is sent back SLAPI_PLUGIN_POST_REFERRAL_FN to the client. This function is called after a set of search results is sent SLAPI_PLUGIN_POST_RESULT_FN back to the client. This function is called after the server starts up.

  • Page 576: Entry Plug-Ins

    Parameters Accessible to All Plug-ins Entry Plug-ins The parameters listed below are used for entry store and entry fetch plug-in functions. These plug-in functions are called by the server before writing an entry to disk and after reading an entry from disk. Entry store and entry fetch plug-in functions are passed using the string representation (in LDIF) of the entry.

  • Page 577: Information About The Database

    Parameters Accessible to All Plug-ins • Information about Targets Information about the Database The parameters listed below specify information about the backend database. These parameters are available for all types of plug-ins. These specific parameters cannot be set by calling .
  • Page 578 Parameters Accessible to All Plug-ins Table 16-4 Parameter ID Data Type Description Indicates the maximum number of nesting SLAPI_BE_MAXNESTLEVEL int * levels allowed within groups for access control evaluation. Contains a list of client IP addresses that are SLAPI_CLIENT_DNS struct berval registered in DNS.

  • Page 579: Information About The Connection

    Parameters Accessible to All Plug-ins Information about the Connection The parameters listed below specify information about the connection. These parameters are available for all types of plug-ins. Table 16-5 Parameter ID Data Type Description The security strength factor provided by SLAPI_CONN_SASL_SSF int * the SASL layer that is in use.
  • Page 580 Parameters Accessible to All Plug-ins Table 16-5 Parameter ID Data Type Description Method used to authenticate the current SLAPI_CONN_AUTHMETHOD char * user. If you call slapi_pblock_get() to get this value, you should call slapi_ch_free_string() to free the resulting value when done. This parameter can have one of the following values: •...

  • Page 581: Information About The Operation

    Parameters Accessible to All Plug-ins Table 16-5 Parameter ID Data Type Description IP address of the client requesting the SLAPI_CONN_CLIENTNETADDR* PRNetAddr operation. IP address to which the client is SLAPI_CONN_SERVERNETADDR* PRNetAddr connecting. You might want to use this parameter if, for example, your server accepts connections on multiple IP addresses.

  • Page 582: Information About Extended Operations

    Parameters Accessible to All Plug-ins Table 16-6 Parameter ID Data Type Description Specifies the DN of the user requesting SLAPI_REQUESTOR_DN char * the operation. Specifies the DN to which the operation SLAPI_TARGET_DN char * applies; for example, the DN of the entry being added or removed.

  • Page 583: Information About Access Control Lists

    Parameters Accessible to All Plug-ins Parameter ID Data Type Description Parent transaction. SLAPI_PARENT_TXN void * ID for current transaction. SLAPI_TXN void * Information about Access Control Lists The parameters listed below are used with the access control list (ACL) plug-in functions to determine access control levels.

  • Page 584: Information About The Plug-In

    Parameters Accessible to All Plug-ins Table 16-7 Parameter ID Data Type Description Flags specifying the notes that you want appended to SLAPI_OPERATION_NOTES unsigned int access log entries. You can set this parameter to the following value: • SLAPI_OP_NOTE_UNINDEXED specifies that you want the string Notes=U appended to access log entries.

  • Page 585: Types Of Plug-Ins

    Parameters Accessible to All Plug-ins Table 16-8 Parameter ID Data Type Description Reserved for internal use only; used with filter SLAPI_PLUGIN_OBJECT void * processing. Reserved for internal use only; used with filter SLAPI_PLUGIN_DESTROY_FN void * processing. Provides a description of this plug-in function. SLAPI_PLUGIN_DESCRIPTION char * Identifies this plug-in function.

  • Page 586: Version Information

    Parameters Accessible to All Plug-ins Version Information To set the value of the parameter, you can specify one of SLAPI_PLUGIN_VERSION the following values: Defined Constant Description The current version of the Directory Server SLAPI_PLUGIN_CURRENT_VERSION plug-in. Version 1 of the plug-in interface, which is SLAPI_PLUGIN_VERSION_01 supported by the Directory Server 3.x and subsequent releases (including 4.0).

  • Page 587: Attribute Names

    Parameters Accessible to All Plug-ins • Attribute Comparisons Attribute Names The parameters listed below are used to check for commonly-used attribute names. These are not pblock parameters but macros that define strings; for example, SLAPI_ATTR_OBJECTCLASS objectclass Parameter ID Data Type Description The nscpEntryDN attribute value.

  • Page 588: Attribute Comparisons

    Parameters Accessible to All Plug-ins Parameter ID Description Flag that indicates that this is a standard, SLAPI_ATTR_FLAG_STD_ATTR non-user-defined attribute that is not listed in the user defined schema file, which is typically the schema file named 99user.ldif. Standard attribute types can’t be deleted by modifying the subschema subentry (cn=schema) over LDAP.

  • Page 589: Parameters For The Bind Function

    Parameters for the Bind Function Parameters for the Bind Function The following table lists the parameters in the parameter block passed to the database bind function. If you are writing a pre-operation, database, or post-operation bind function, you can get these values by calling the function.

  • Page 590: Parameters Passed To The Search Function

    Parameters for the Search Function Parameters Passed to the Search Function The following table lists the parameters in the parameter block passed to the database search function. If you are writing a pre-operation, database, or post-operation search function, you can get these values by calling the function.

  • Page 591: Parameters For Executing The Search

    Parameters for the Search Function Table 16-10 Parameter ID Data Type Description Specifies whether the search results return attribute SLAPI_SEARCH_ATTRSONLY types only or attribute types and values. 0 means return both attributes and values; 1 means return attribute types only. Parameters for Executing the Search The following parameters are set by the front-end and backend database as part of the process of executing the search.

  • Page 592: Parameters That Convert Strings To Entries

    Parameters that Convert Strings to Entries Table 16-12 Parameter ID Data Type Description Result code that was encountered SLAPI_RESULT_CODE int * during the search; this corresponds to the resultCode field within an LDAPResult message. The portion of the target DN that was SLAPI_RESULT_MATCHED char * matched;...

  • Page 593: Parameters For The Add Function

    Parameters for the Add Function Table 16-13 Parameter ID Description Returns entries that have a version: 1 line as SLAPI_STR2ENTRY_INCLUDE_VERSI part of the LDIF representation. ON_STR Informs slapi_str2entry() that the LDIF SLAPI_STR2ENTRY_NOT_WELL_FORM input is not well formed. Well formed LDIF ED_LDIF input has no duplicate attribute values, already has the RDN as an attribute of the entry, and...

  • Page 594: Parameters For The Compare Function

    Parameters for the Compare Function Parameter ID Data Type Description Internal only; used by the SLAPI_ADD_PARENT_UNIQUEID char * multi-master replication update resolution procedure code. This is the unique ID of the parent entry of the entry to add. Internal only; used by the SLAPI_ADD_EXISTING_UNIQUEID_ENTRY Slapi_Entry * multi-master replication resolution...

  • Page 595: Parameters For The Delete Function

    Parameters for the Delete Function Parameters for the Delete Function The following table lists the parameters in the parameter block passed to the database delete function. If you are writing a pre-operation, database, or post-operation delete function, you can get these values by calling the function.

  • Page 596: Parameters For The Modify Rdn Function

    Parameters for the Modify RDN Function See “Processing an LDAP Modify Operation,” on page 93, for more information on these parameters. Parameters for the Modify RDN Function The following table lists the parameters in the parameter block passed to the database modify RDN function.

  • Page 597: Parameters For The Abandon Function

    Parameters for the Abandon Function Parameter ID Data Type Description Internal only; used by the SLAPI_MODRDN_NEWSUPERIOR_ADDRESS void * multi-master replication update resolution procedure code. See “Processing an LDAP Modify RDN Operation,” on page 95, for more information on these parameters. Parameters for the Abandon Function The following table lists the parameters in the parameter block passed to the database abandon function.
  • Page 598 Parameters for the Matching Rule Function Parameter ID Data Type Description Value specified in the extensible SLAPI_PLUGIN_MR_VALUE struct berval * match filter. Pointer to an array of berval SLAPI_PLUGIN_MR_VALUES struct berval ** structures containing the values of the values entry s attributes that need to be indexed.

  • Page 599: Query Operators In Extensible Match Filters

    Parameters for LDBM Backend Pre- and Post-Operation Functions • SLAPI_MR_FILTER_OID • SLAPI_MR_FILTER_DNATTRS The following function sets all three parameters: • SLAPI_SEARCH_INTERNAL_PB() Query Operators in Extensible Match Filters The server checks the value of the parameter SLAPI_PLUGIN_MR_QUERY_OPERATOR to determine which operator is specified. The following parameters are defined values for the SLAPI_PLUGIN_MR_QUERY_OPERATOR Parameter ID...

  • Page 600: Pre-Operation Plug-Ins

    Parameters for the Database Pre-Operation Plug-ins The parameters listed in this section are used with pre-operation database plug-in functions. Parameter ID Description This function is called before a database add SLAPI_PLUGIN_BE_PRE_ADD_FN operation is completed. This function is called before a database delete SLAPI_PLUGIN_BE_PRE_DELETE_FN operation is completed.

  • Page 601: Information About The Database

    Parameters for the Database • Information about the Database • Information about Operations • Information about Backend State Change Information about the Database The following parameters can be used as the second argument to the functions to get and set slapi_pblock_get() slapi_pblock_set() information about the database.

  • Page 602: Information About Backend State Change

    Parameters for LDAP Functions Parameter ID Data Type Description The operation type; the type is one of SLAPI_OPERATION_TYPE the SLAPI_OPERATION_xxx values. The time in seconds since 00:00:00 UTC, SLAPI_OPINITIATED_TIME time_t January 1, 1970, when the Directory Server started processing the operation. The bind DN at the time processing of SLAPI_REQUESTOR_DN char *...

  • Page 603: Parameters For Ldap Operations

    Parameters for LDAP Functions • Parameters for LDAP Control • Parameters for Generating LDIF Strings Parameters for LDAP Operations Table 16-16 Parameter ID Data Type Description Result code of the internal SLAPI_PLUGIN_INTOP_RESULT LDAP operation. Array of entries found by an SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES Slapi_Entry ** internal LDAP search...
  • Page 604 Parameters for LDAP Functions Parameter ID Data Type Description This control applies to the LDAP abandon SLAPI_OPERATION_ABANDON LDAPControl * operation. This control applies to the LDAP add SLAPI_OPERATION_ADD LDAPControl * operation. This control applies to any LDAP operation. SLAPI_OPERATION_ANY LDAPControl * This control applies to the LDAP bind SLAPI_OPERATION_BIND LDAPControl *...

  • Page 605: Parameters For Generating Ldif Strings

    /opt/redhat-ds/servers/slapd-instance_id/logs/errors The severity level of the message is determined by the administrator and determines whether the message is written to the error log. The severity level can...
  • Page 606 Parameters for Error Logging Parameter ID Description This message is written to the error log if the log level SLAPI_LOG_TRACE setting “Trace function calls” is selected. This severity level is typically used to indicate what function is being called. This message is written to the error log if the log level SLAPI_LOG_PACKETS setting “Packet handling”...

  • Page 607: Parameters For Filters

    Parameters for Filters Parameters for Filters This section lists the parameters used for manipulating LDAP filters, including with functions such as . These are not parameters. slapi_filter_join() pblock • Parameters for Comparison Filters • Parameters for Filter Operations Parameters for Comparison Filters The parameters listed below are filters that are used to compare a value against an attribute.

  • Page 608: Parameters For Password Storage

    Parameters for Password Storage Table 16-18 Parameter ID Description Indicates success in traversing the entire SLAPI_FILTER_SCAN_NOMORE filter. Indicates a premature abort. SLAPI_FILTER_SCAN_STOP Indicates to continue scanning. SLAPI_FILTER_SCAN_CONTINUE Indicates an error occurred during the SLAPI_FILTER_SCAN_ERROR traverse and the scan aborted. Error code that SLAPI_FILTER_UNKNOWN_FILTER_TYPE SLAPI_FILTER_SCAN_ERROR can set.

  • Page 609: Parameters For Password Storage

    Parameters for Resource Limits Parameters for Password Storage The parameters listed below apply to password storage schemes. Table 16-20 Parameter ID Data Type Description Value from the database password storage SLAPI_PLUGIN_PWD_STORAGE_SCHEME char * scheme. _DB_PWD Name of the password storage scheme. SLAPI_PLUGIN_PWD_STORAGE_SCHEME char * _NAME...

  • Page 610: Status Codes For Resource Limits

    Parameters for the Virtual Attribute Service Status Codes for Resource Limits The status codes are used with functions that extract attribute values from a binder entry that corresponds to resource limits. Typically, operational attributes are used to hold binder-specific search size limits. Any resource limits found in the binder entry are cached in the connection structure by a connection object extension.
  • Page 611 Parameters for the Virtual Attribute Service Table 16-22 Parameter Data Type Description Buffer disposition flag that indicates SLAPI_VIRTUALATTRS_REALATTRS these are real attributes. _ONLY Buffer disposition flag that indicates the SLAPI_VIRTUALATTRS_RETURNED_ virtual attributes returned copies. COPIES Buffer disposition flag that indicates the SLAPI_VIRTUALATTRS_RETURNED_ virtual attributes returned pointers.
  • Page 612 Parameters for the Virtual Attribute Service Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

  • Page 613: Glossary

    Glossary access control instruction See ACI. ACI Also Access Control Instruction. An instruction that grants or denies permissions to entries in the directory. access control list See ACL. ACL Also Access Control List. The mechanism for controlling access to your directory.
  • Page 614 attribute Holds descriptive information about an entry. Attributes have a label and a value. Each attribute also follows a standard syntax for the type of information that can be stored as the attribute value. attribute list A list of required and optional attributes for a given entry type or object class.
  • Page 615 browser Software, such as Mozilla Firefox, used to request and view World Wide Web material stored as HTML files. The browser uses the HTTP protocol to communicate with the host server. browsing index Also virtual view index. Speeds up the display of entries in the Directory Server Console.
  • Page 616 CIR See consumer-initiated replication. class definition Specifies the information needed to create an instance of a particular object and determines how the object works in relation to other objects in the directory. class of service See CoS. classic CoS A classic CoS identifies the template entry by both its DN and the value of one of the target entry’s attributes.
  • Page 617 DAP Directory Access Protocol. The ISO X.500 standard protocol that provides client access to the directory. data master The server that is the master source of a particular piece of data. database link An implementation of chaining. The database link behaves like a database but has no persistent storage.
  • Page 618 DNS alias A DNS alias is a hostname that the DNS server knows points to a different host—specifically a DNS CNAME record. Machines always have one real name, but they can have one or more aliases. For example, an alias such as might point to a real machine called www.yourdomain.domain where the server currently exists.
  • Page 619 hostname A name for a machine in the form machine.domain.dom, which is translated into an IP address. For example, is the machine www.example.com in the subdomain domain. example HTML Hypertext Markup Language. The formatting language used for documents on the World Wide Web. HTML files are plain text files with formatting codes that tell browsers such as the Mozilla Firefox how to display text, position graphics, and form items and to display links to other pages.
  • Page 620 LDAP Lightweight Directory Access Protocol. Directory service protocol designed to run over TCP/IP and across multiple platforms. LDAPv3 Version 3 of the LDAP protocol, upon which Directory Server bases its schema format. LDAP client Software used to request and view LDAP entries from an LDAP Directory Server.
  • Page 621 master agent See SNMP master agent. matching rule Provides guidelines for how the server compares strings during a search operation. In an international search, the matching rule tells the server what collation order and operator to use. MD5 A message digest algorithm by RSA Data Security, Inc., which can be used to produce a short digest of data that is unique with high probability and is mathematically extremely hard to produce;...
  • Page 622 network management application Network Management Station component that graphically displays information about SNMP managed devices (which device is up or down, which and how many error messages were received, etc.). network management station See NMS. NIS Network Information Service. A system of programs and data files that Unix machines use to collect, collate, and share specific information about machines, users, filesystems, and network parameters throughout a network of computers.
  • Page 623 password policy A set of rules that governs how passwords are used in a given directory. permission In the context of access control, permission states whether access to the directory information is granted or denied and the level of access that is granted or denied.
  • Page 624 RDN Also Relative Distinguished Name. The name of the actual entry itself, before the entry’s ancestors have been appended to the string to form the full distinguished name. referential integrity Mechanism that ensures that relationships between related entries are maintained within the directory. referral (1) When a server receives a search or update request from an LDAP client that it cannot process, it usually sends back to the client a pointer to the LDAP sever that can process the request.
  • Page 625 root The most privileged user available on Unix machines. The root user has complete access privileges to all files on the machine. root suffix The parent of one or more sub suffixes. A directory tree can contain more than one root suffix. SASL Also Simple Authentication and Security Layer.
  • Page 626 Simple Network Management Protocol See SNMP. single-master replication The most basic replication scenario in which two servers each hold a copy of the same read-write replicas to consumer servers. In a single-master replication scenario, the supplier server maintains a changelog. SIR See supplier-initiated replication.
  • Page 627 supplier server In the context of replication, a server that holds a replica that is copied to a different server is called a supplier for that replica. supplier-initiated replication Replication configuration where supplier servers replicate directory data to consumer servers. symmetric encryption Encryption that uses the same key for both encrypting and decrypting.
  • Page 628 virtual list view index Also browsing index. Speeds up the display of entries in the Directory Server Console. Virtual list view indexes can be created on any branchpoint in the directory tree to improve display performance. X.500 standard The set of ISO/ITU-T documents outlining the recommended information model, object classes and attributes used by directory server implementation.

  • Page 629: Index

    Index data structures and types berval, 181 computed_attr_context, 182 LDAP_Mod, 184 LDAPControl, 182 LDAPMod, 184 mrFilterMatchFn, 187 plugin_referral_entry_callback, 188 plugin_result_callback, 189 plugin_search_entry_callback, 190 send_ldap_referral_fn_ptr_t, 190 send_ldap_result_fn_ptr_t, 192 send_ldap_search_entry_fn_ptr_t, 193 Slapi_Attr, 194 attribute routines, 251 Slapi_Backend, 195 Slapi_ComponentID, 198 slapi_compute_callback_t, 198 slapi_compute_output_t, 199 Slapi_CondVar, 201 Slapi_DN, 202...
  • Page 630 slapi_add_auth_response_control(), 309 LDAPControl, 182 slapi_add_pwd_control(), 441 slapi_build_control(), 183 slapi_ch_smprintf(), 307 slapi_build_control_from_berval(), 183 slapi_destroy_mutex(), 549 slapi_control_present(), 183 slapi_entry_attr_delete(), 328 slapi_get_supported_controls_copy(), 184 slapi_entry_attr_find(), 328 slapi_mod_get_ldapmod_passout(), 183 slapi_entry_attr_get_bool(), 329 slapi_register_supported_control(), 184 slapi_entry_attr_get_charptr(), 330 LDAPMod, 184 slapi_entry_attr_get_int(), 331 slapi_entry2mods(), 186 slapi_entry_attr_set_charptr(), 336 slapi_mod_dump(), 186 slapi_entry_attr_set_long(), 338 slapi_mod_get_ldapmod_byref(), 186 slapi_ldap_init(), 382...
  • Page 631 slapi_attr_get_flags(), 194 slapi_attr_get_numvalues(), 194 parameter block, 31 slapi_attr_get_oid_copy(), 194 parameter block routines, 433 slapi_attr_get_type(), 194 slapi_attr_get_valueset(), 194 password routines, 438 slapi_attr_next_value(), 194 plug-in types, 34 slapi_attr_set_valueset(), 195 plugin_referral_entry_callback, 188 slapi_attr_type2plugin(), 195 plugin_result_callback, 189 slapi_attr_types_equivalent(), 195 plugin_search_entry_callback, 190 slapi_attr_value_cmp(), 195 slapi_attr_value_find(), 195 slapi_entry_attr_find(), 195 slapi_entry_first_attr(), 195 slapi_entry_next_attr(), 195...
  • Page 632 slapi_be_get_name(), 196 slapi_build_control_from_berval(), 291 slapi_be_get_readonly(), 196 slapi_call_syntax_assertion2keys_ava_sv(), 297 slapi_be_getentrypoint(), 196 slapi_call_syntax_assertion2keys_sub_sv(), 298 slapi_be_getsuffix(), 196 slapi_call_syntax_values2keys_sv(), 299 slapi_be_is_flag_set(), 196 slapi_ch_array_free(), 301 slapi_be_issuffix(), 196 slapi_ch_bvdup(), 301 slapi_be_logchanges(), 196 slapi_ch_bvecdup(), 302 slapi_be_new(), 196 slapi_ch_calloc(), 303 slapi_be_private(), 197 slapi_be_select(), 197 slapi_ch_free(), 304 slapi_be_select_by_instance_name(), 197 slapi_ch_free_string(), 304, 577 slapi_be_set_flag(), 197 slapi_ch_malloc(), 305...
  • Page 633 slapi_dn_isroot(), 312 slapi_entry_next_attr(), 205 slapi_entry_rdn_values_present(), 206 slapi_dn_normalize(), 314 slapi_entry_schema_check(), 206 slapi_dn_normalize_case(), 315 slapi_entry_set_dn(), 206 slapi_dn_normalize_to_end(), 315 slapi_entry_set_sdn(), 206 slapi_dn_parent(), 316 slapi_entry_set_uniqueid(), 206 slapi_dn_plus_rdn(), 317 slapi_entry_size(), 206 slapi_dup_control(), 293 slapi_entry2str_with_options(), 204 slapi_encode(), 440 slapi_is_rootdse(), 206 slapi_str2entry(), 204, 206 Slapi_Entry, 203 slapi_be_getentrypoint(), 196 slapi_entry_add_rdn_values(), 323 slapi_entry_add_rdn_values(), 204 slapi_entry_add_string(), 324...
  • Page 634 slapi_entry_get_sdn(), 345 slapi_find_matching_paren(), 377 slapi_entry_get_sdn_const(), 346 slapi_free_search_results_internal(), 234 slapi_entry_get_uniqueid(), 347 slapi_get_first_backend(), 283 slapi_entry_has_children(), 347 slapi_get_first_suffix(), 284 slapi_entry_init(), 348 slapi_get_next_backend(), 285 slapi_entry_merge_values_sv(), 349 slapi_get_next_suffix(), 286 slapi_entry_next_attr(), 350 slapi_get_object_extension(), 561 slapi_entry_rdn_values_present(), 351 slapi_get_supported_controls_copy(), 294 slapi_entry_schema_check(), 352 slapi_get_supported_extended_ops_copy(), 379 slapi_entry_set_dn(), 352 slapi_get_supported_saslmechanisms_copy(), 380 slapi_entry_set_flag(), 359 slapi_has8thBit(), 496 slapi_entry_set_sdn(), 353...
  • Page 635 slapi_mod_get_ldapmod_byref(), 209 slapi_mods_add_modbvps(), 210 slapi_mod_get_ldapmod_passout(), 209 slapi_mods_add_string(), 211 slapi_mod_get_next_value(), 209 slapi_mods_done(), 211 slapi_mod_get_num_values(), 209 slapi_mods_dump(), 211 slapi_mod_get_operation(), 209 slapi_mods_free(), 211 slapi_mod_get_type(), 209 slapi_mods_get_first_mod(), 211 slapi_mod_init(), 209 slapi_mods_get_ldapmods_byref(), 211 slapi_mod_init_byref(), 209 slapi_mods_get_ldapmods_passout(), 211 slapi_mod_init_byval(), 209 slapi_mods_get_next_mod(), 211 slapi_mod_init_passin(), 209 slapi_mods_get_next_smod(), 211 slapi_mod_isvalid(), 209 slapi_mods_get_num_mods(), 211 slapi_mod_new(), 209...
  • Page 636 slapi_mods_iterator_backbone(), 429 slapi_seq_internal_callback_pb(), 215 slapi_mods_new(), 430 slapi_pblock_destroy(), 433 slapi_mods_remove(), 430 slapi_pblock_get(), 434, 569, 575, 577, 580, 587, 588, 592, 593, 594, 599 slapi_mods2entry(), 410 slapi_pblock_new(), 436 slapi_mr_filter_index(), 393 slapi_pblock_set(), 436, 569, 575, 599 slapi_mr_indexer_create(), 394 Slapi_PluginDesc, 215 Slapi_Mutex, 212 slapi_destroy_mutex(), 212 slapi_pwpolicy_make_response_control(), 442 slapi_lock_mutex(), 212 Slapi_RDN, 216...
  • Page 637 slapi_rdn_get_rdn(), 453 slapi_sdn_isparent(), 478 slapi_rdn_init(), 454 slapi_sdn_issuffix(), 479 slapi_rdn_init_dn(), 454 slapi_sdn_new(), 479 slapi_rdn_init_rdn(), 455 slapi_sdn_new_dn_byref(), 480 slapi_rdn_init_sdn(), 456 slapi_sdn_new_dn_byval(), 481 slapi_rdn_isempty(), 456 slapi_sdn_new_dn_passin(), 481 slapi_rdn_new(), 457 slapi_sdn_new_ndn_byref(), 482 slapi_rdn_new_dn(), 458 slapi_sdn_new_ndn_byval(), 483 slapi_rdn_new_rdn(), 458 slapi_sdn_scope_test(), 484 slapi_rdn_new_sdn(), 459 slapi_sdn_set_dn_byref(), 485 slapi_rdn_remove(), 460 slapi_sdn_set_dn_byval(), 486 slapi_rdn_remove_attr(), 461...
  • Page 638 slapi_UTF8NCASECMP(), 500 slapi_value_get_uint(), 516 slapi_utf8ncasecmp(), 499 slapi_value_get_ulong(), 516 slapi_UTF8STRTOLOWER(), 504 slapi_value_init(), 517 slapi_utf8StrToLower(), 503 slapi_value_init_berval(), 518 slapi_UTF8STRTOUPPER(), 506 slapi_value_init_string(), 518 slapi_utf8StrToUpper(), 505 slapi_value_init_string_passin(), 519 slapi_UTF8TOLOWER(), 507 slapi_value_new(), 520 slapi_utf8ToLower(), 507 slapi_value_new_berval(), 520 slapi_UTF8TOUPPER(), 508 slapi_value_new_string(), 521 slapi_utf8ToUpper(), 508 slapi_value_new_string_passin(), 522 Slapi_Value, 219 slapi_value_new_value(), 523 slapi_value_compare(), 219...
  • Page 639 slapi_vattr_value_compare(), 542 slapi_vattr_values_free(), 543 slapi_vattr_values_get(), 544 slapi_vattr_values_get_ex(), 545 slapi_vattr_values_type_thang_get(), 547 slapi_wait_condvar(), 552 slapi-plugin.h, 38 specifying plug-in dependencies, 49 syntax plug-in routines, 297 thread-safe LDAP connection routines, 381 types of plug-ins, 34 URLs conventions used, 23 UTF-8 routines, 495 value routines, 509 valueset routines, 530 virtual attribute service routines, 539 Index...
  • Page 640 Red Hat Directory Server Plug-in Programmer’s Guide • May 2005...

This manual is also suitable for:

Directory server 7.1

Table of Contents