Netscape DIRECTORY SERVER 6.1 - PLUG-IN Manual

page of 612

/ 612
Contents
Table of Contents
Bookmarks

Table of Contents

Quick Links

Download this manual

Plug-In Programmer's Guide

Netscape Directory Server

Version 6.1

August 2002

Table of Contents

Need help?

Do you have a question about the NETSCAPE DIRECTORY SERVER 6.1 - PLUG-IN and is the answer not in the manual?

Questions and answers

Summary of Contents for Netscape NETSCAPE DIRECTORY SERVER 6.1 - PLUG-IN

Page 1 Plug-In Programmer’s Guide Netscape Directory Server Version 6.1 August 2002...
Page 2 Netscape Communications Corporation (“Netscape”) and its licensors retain all ownership rights to the software programs offered by Netscape (referred to herein as “Software”) and related documentation. Use of the Software and related documentation is governed by the license agreement for the Software and applicable copyright law. Your right to copy this documentation is limited by copyright law.
Page 3: Table Of Contents
Contents Preface ............... 11 What You Should Already Know .
Page 4 Registering Your Plug-In Functions ........... . 34 Returning a Value to the Directory Server .
Page 5 Working with DN Suffixes ............65 Server Suffixes .
Page 6 Getting and Checking the Bind Parameters ......... . . 97 Getting the Entry and Checking the Credentials .
Page 7 Getting and Setting Parameters in Indexer Functions ........134 Handling Extensible Match Filters .
Page 8 Part 4 Reference ............169 Chapter 14 Data Type and Structure Reference .
Page 9 Chapter 16 Parameter Block Reference ......... 555 Parameters for Registering Plug-In Functions .
Page 10 Information About Operations ............585 Information About Backend State Change .
Page 11: Preface
Preface This book describes how to write server plug-ins in order to customize and extend the capabilities of the Netscape Directory Server (Directory Server). • What You Should Already Know • Using Directory Server Plug-In APIs • Document Conventions • Where to Find Directory Server Information What You Should Already Know This book assumes you have this basic background:...
Page 12 Using Directory Server Plug-In APIs • The main header file is located here: <server_root>/plugins/slapd/slapi/include/slapi-plugin.h • The location and syntax for the plug-in directives have changed. In the Directory Server 4.x release, the directives were in the database section plugin of the file.
Page 13: Document Conventions
Document Conventions Deprecated Functions and Their Suggested Replacements (Continued) Table 0-1 Deprecated Function Suggested Replacement Function slapi_entry_attr_replace() slapi_entry_attr_replace_sv() slapi_attr_get_values() slapi_attr_value_find() slapi_attr_get_oid() slapi_attr_get_oid_copy() slapi_pw_find() slapi_pw_find_sv() slapi_call_syntax_values2keys() slapi_call_syntax_values2keys_sv() slapi_call_syntax_assertion2keys_ava() slapi_call_syntax_assertion2keys_ava_sv() slapi_call_syntax_assertion2keys_sub() slapi_call_syntax_assertion2keys_sub_sv() slapi_entry_attr_hasvalue() slapi_entry_attr_has_syntax_value() The following internal-operation calls are deprecated. The new internal operation functions that are defined in slapi-plugin.h take a Slapi_PBlock for extensibility and support the new plug-in configuration capabilities.
Page 14: Where To Find Directory Server Information
Where to Find Directory Server Information http://<server>.<domain>/<path>/<file>.html In these URLs, represents the name of the server on which you run your <server> application (such as represents your Internet domain research1 <domain> name (such as represents the directory structure on the example.com <path>...
Page 15 Where to Find Directory Server Information • Netscape Directory Server Configuration, Command, and File Reference. Contains information about using the command-line scripts shipped with Directory Server. • Netscape Directory Server Schema Reference. Contains information about the Directory Server schema. For a list of documentation installed with Directory Server, open the file, where is the <server_root>/manual/en/slapd/index.htm...
Page 16 Where to Find Directory Server Information Netscape Directory Server Plug-In Programmer’s Guide • August 2002...
Page 17: Part 1 Introduction To Directory Server Plug-Ins
Part 1 Introduction to Directory Server Plug-Ins Chapter 1, “An Overview of Directory Server Plug-Ins” Chapter 2, “Writing and Compiling Plug-Ins” Chapter 3, “Configuring Plug-Ins” Chapter 4, “A Quick Example”...
Page 18 Netscape Directory Server Plug-In Programmer’s Guide • August 2002...
Page 19: Chapter 1 An Overview Of Directory Server Plug-Ins
Chapter 1 An Overview of Directory Server Plug-Ins This chapter introduces you to Netscape Directory Server (Directory Server) plug-ins and discusses the different types of plug-ins that you can write. The chapter covers the following topics: • What Are Directory Server Plug-Ins? •...
Page 20: How Directory Server Plug-Ins Work
How Directory Server Plug-Ins Work • You can design an action that the Directory Server performs after the server successfully completes an LDAP operation. For example, you can send mail to a client after an LDAP operation is successfully completed. •...
Page 21: Calling Directory Server Plug-In Functions
How Directory Server Plug-Ins Work Calling Directory Server Plug-In Functions At specific LDAP events, the Directory Server calls all plug-in functions that are registered for that event. For example, before performing an LDAP add operation (an add event), the server calls all plug-in functions registered as pre-operation add functions.
Page 22 How Directory Server Plug-Ins Work The front-end receives LDAP requests from clients and processes those requests. When processing requests, the front-end calls functions in the back-end to read and write data. The front-end then sends the results back to the client. The back-end reads and writes data to the database containing the directory entries.
Page 23 How Directory Server Plug-Ins Work Directory Server Architecture Figure 1-1 Chapter 1 An Overview of Directory Server Plug-Ins...
Page 24: Types Of Directory Server Plug-Ins
Types of Directory Server Plug-Ins Types of Directory Server Plug-Ins You can write the following types of plug-ins for the Directory Server: • Pre-operation/data validation. The server calls a pre-operation/data validation plug-in function before performing an LDAP operation. The main purpose of this type of plug-in is to validate data before the data is added to the directory or before it is used in an operation.
Page 25 Types of Directory Server Plug-Ins Architecture of the Directory Server and Server Plug-Ins Figure 1-2 Chapter 1 An Overview of Directory Server Plug-Ins...
Page 26 Types of Directory Server Plug-Ins Netscape Directory Server Plug-In Programmer’s Guide • August 2002...
Page 27: Chapter 2 Writing And Compiling Plug-Ins
Chapter 2 Writing and Compiling Plug-Ins This chapter provides an introduction on how to write and compile Netscape Directory Server (Directory Server) plug-ins. Chapter 3, “Configuring Plug-Ins,” describes how to load your plug-in into the Directory Server configuration once it is successfully compiled.
Page 28: Including The Api Header File
Writing a Plug-In Function • Chapter 10, “Writing Extended Operation Plug-Ins” Including the API Header File The interface to the Directory Server plug-in API is located in the slapi-plugin.h header file. You must include this header file in the plug-ins you write. The following line of code shows an example of including this header file: #include "slapi-plugin.h"...
Page 29: Working With Parameter Blocks
Writing a Plug-In Function Working with Parameter Blocks In the functions you write, you set values in the parameter block that pertain to the operation you are performing. You can also get data from the parameter block which you can use within your functions. This process is described in the next section, “Getting Data from the Parameter Block,”...
Page 30: Setting Data In The Parameter Block
Writing a Plug-In Function Getting Data From the Parameter Block (Continued) Code Example 2-1 /* Indicate the point when the plug-in starts executing */ slapi_log_error( SLAPI_LOG_PLUGIN, "searchdn_preop_search", "*** PREOPERATION SEARCH PLUGIN ***\n"); /* Get the base DN of the search from the parameter block. */ slapi_pblock_get( pb, SLAPI_SEARCH_TARGET, &dn );...
Page 31: Calling Front-End Functions
Writing a Plug-In Function Setting Values in the Parameter Block (Continued) Code Example 2-2 "Unable to store database information\n" ); Notice that this example uses the function to notify the user slapi_new_condvar() if an error occurred. In this code example, identifies the parameter in the parameter SLAPI_PRIVATE block that contains private data for use in the database functions.
Page 32: Writing Plug-In Initialization Functions
Writing Plug-in Initialization Functions In some cases, you may need to send an LDAP result back to the client. For example, if you are writing a pre-operation bind function and an error occurs during the processing of the function, the function should return a non-zero value, log an error message, and send the appropriate LDAP result code back to the client.
Page 33: Specifying Directory Server Compatibility
Writing Plug-in Initialization Functions NOTE You do not need to export all plug-in functions. Specifically, you do not need to export any plug-in function that is specified in the parameter block. Specifying Directory Server Compatibility You need to specify the compatibility version of your plug-in so that the Directory Server can determine whether or not it supports the plug-in.
Page 34: Registering Your Plug-In Functions
Writing Plug-in Initialization Functions Specifying Plug-In Information (Continued) Code Example 2-3 /* Set this information in the parameter block */ slapi_pblock_set( pb, SLAPI_PLUGIN_DESCRIPTION, (void *)&mypdesc ); In this example code specifies the following plug-in information: • The unique identifier for the server plug-in is test-plugin •...
Page 35: Returning A Value To The Directory Server
Writing Plug-in Initialization Functions For example, if you want to register as a pre-operation searchdn_preop_search() search function, include the following code in your initialization function: slapi_pblock_set( pb, SLAPI_PLUGIN_PRE_SEARCH_FN, \ (void *) searchdn_preop_search ) is the parameter that specifies the pre-operation SLAPI_PLUGIN_PRE_SEARCH_FN plug-in function for the LDAP search operation.
Page 36: Compiling A Directory Server Plug-In
Compiling a Directory Server Plug-In An Example Initialization Function (Continued) Code Example 2-4 if ( slapi_pblock_set( pb, SLAPI_PLUGIN_VERSION, SLAPI_PLUGIN_VERSION_01 ) != 0 || /* Set up the server to call searchdn_preop_search() before each LDAP search operation. */ slapi_pblock_set( pb, SLAPI_PLUGIN_PRE_SEARCH_FN, (void *) searchdn_preop_search ) !=0 ) { /* If a problem occurs, log an error message, return -1.*/ slapi_log_error(SLAPI_LOG_PLUGIN,"searchdn_preop_init",...
Page 37 Compiling a Directory Server Plug-In • If you want, you can compile all plug-in functions in a single library. Although you can include different types of plug-in functions in the same library, you need to write separate initialization functions for each type of plug-in function. Refer to the chapter “Configuring Plug-Ins”...
Page 38 Compiling a Directory Server Plug-In Netscape Directory Server Plug-In Programmer’s Guide • August 2002...
Page 39: Chapter 3 Configuring Plug-Ins
Chapter 3 Configuring Plug-Ins After you compile your server plug-in, you need to configure the Netscape Directory Server (Directory Server) so that it properly loads your plug-in. The following sections in this chapter show how this is done: • Creating a Plug-In Configuration File •...
Page 40 Creating a Plug-In Configuration File An Example Plug-In Configuration File (Continued) Code Example 3-1 5. cn: Example Plug-in 6. nsslapd-pluginpath: C:/ds60/lib/test-plugin.dll 7. nsslapd-plugininitfunc: searchdn_preop_init 8. nsslapd-plugintype: preoperation 9. nsslapd-pluginenabled: on 10. nsslapd-pluginid: Example Pre-operation Plug-in 11. nsslapd-pluginversion: 1.0 12. nsslapd-pluginvendor: Example Corporation 13.
Page 41: Plug-In Dependencies
Creating a Plug-In Configuration File You can also use the Directory Server Console to activate or deactivate the plug-in once the plug-in is loaded. • Line 10 uses the attribute to set the name of the plug-in. nsslapd-pluginid The name that you specify here will show up in the Directory Server Console. In this example, the plug-in identification is set to Example Pre-operation Plug-in...
Page 42: Plug-In Type Dependencies
Creating a Plug-In Configuration File In this example, the plug-in depends on two specifically named plug-ins: . This configuration line indicates that before your my_pluginA vendor_plugin plug-in can be loaded, the two specifically named plug-ins must be loaded. If either of these two plug-ins fail to load, the Directory Server will exit with a error code.
Page 43 Creating a Plug-In Configuration File Table 3-1 Directives for Specifying Different Plug-In Types Directive Description Declares an entry fetch plug-in, which is called by the server after retrieving an entryfetch entry from the default back-end database. Example of use: If you encrypt data with an entry store plug-in function before saving the data to the database, you can define an entry fetch function that decrypts data after reading it from the database.
Page 44: Loading The Plug-In Configuration File
Loading the Plug-In Configuration File Directives for Specifying Different Plug-In Types (Continued) Table 3-1 Directive Description Declares an object plug-in. Object plug-ins can install object SLAPI_PLUGIN_START_FN, SLAPI_PLUGIN_CLOSE_FN, and SLAPI_PLUGIN_POSTSTART_FN functions. They can also use the slapi_register_plugin() call to register any kind of plug-in they like. Object plug-ins are typically used to simplify configuration of a group of related plug-ins (one entry under cn=config instead of many).
Page 45: Passing Extra Arguments To Plug-Ins
Passing Extra Arguments to Plug-Ins Passing Extra Arguments to Plug-Ins In the Directory Server 4.x version, you could specify additional arguments at the end of the directive. For example: plugin plugin preoperation /usr/lib/myplugin.so my_init_fn \ arg1 arg2 From the initialization function and the plug-in functions, you can get these arguments by getting the following parameters from the parameter block: •...
Page 46: Setting The Log Level Of The Server
Setting the Log Level of the Server nsslapd-pluginarg0: d:/netscape/servers/slapd-host/config/slapd-collations.conf nsslapd-pluginId: orderingrule nsslapd-pluginVersion: 6.0 nsslapd-pluginVendor: Netscape Communications Corporation nsslapd-pluginDescription: internationalized ordering rule plugin This method allows for more descriptive configuration, which is easier to maintain. To find the plug-in entry DN, retrieve from the passed SLAPI_TARGET_DN...
Page 47: Chapter 4 A Quick Example
Chapter 4 A Quick Example This chapter provides an example of a pre-operation Netscape Directory Server (Directory Server) server plug-in that you can compile and run. Along with the source code to the example, the chapter provides a Solaris Makefile that you can use to build the plug-in.
Page 48: Writing The Plug-In Example
An Example Pre-Operation Plug-In Writing the Plug-In Example The following example code includes the sample pre-operation search function and the sample initialization function. Code Example 4-1 Sample Pre-Operation Search and Initialization Functions #include <stdio.h> #include <string.h> #include "slapi-plugin.h" /* function prototypes */ int test_preop_init( Slapi_PBlock *pb );...
Page 49 An Example Pre-Operation Plug-In Sample Pre-Operation Search and Initialization Functions (Continued) Code Example 4-1 from the parameter block and prints the data to the error log. */ test_preop_search( Slapi_PBlock *pb ) char *base, *filter_str, *attr_type, *substr_init, *substr_final; char **substr_any; int scope, deref, filter_type, i; Slapi_Filter *filter;...
Page 50 An Example Pre-Operation Plug-In Sample Pre-Operation Search and Initialization Functions (Continued) Code Example 4-1 break; default: slapi_log_error( SLAPI_LOG_PLUGIN, "SLAPI_SEARCH_DEREF", "unknown value specified: %d\n", deref ); break; /* Get and log the search filter information */ if ( slapi_pblock_get(pb,SLAPI_SEARCH_FILTER, &filter)==0 ) { /* Get and log the filter type */ filter_type = slapi_filter_get_choice( filter );...
Page 51: Compiling The Plug-In Example
An Example Pre-Operation Plug-In Sample Pre-Operation Search and Initialization Functions (Continued) Code Example 4-1 slapi_log_error( SLAPI_LOG_PLUGIN, "\tFinal substring", "%s\n", substr_final ); break; case LDAP_FILTER_PRESENT: slapi_log_error( SLAPI_LOG_PLUGIN, "SLAPI_SEARCH_FILTER", "LDAP_FILTER_PRESENT\n" ); /* For presence filters, get and log the attribute type */ slapi_filter_get_type( filter, &attr_type );...
Page 52: Registering The Plug-In Example
An Example Pre-Operation Plug-In Code Example 4-2 Example Solaris Makefile # SOLARIS Makefile for Directory Server plug-in examples CC = cc LD = ld INCLUDE_FLAGS = -I../include CFLAGS = $(INCLUDE_FLAGS) -D_REENTRANT -KPIC LDFLAGS = -G OBJS = srchxmpl.o all: srchxmpl.so srchxmpl.so: $(OBJS) $(LD) $(LDFLAGS) -o $@ $(OBJS) .c.o:...
Page 53: Running The Plug-In Example
An Example Pre-Operation Plug-In Running the Plug-In Example After compiling the plug-in and registering it with the Directory Server, you’re ready to make calls that are processed by the plug-in functions. The first step is to restart the Directory Server and check the error log to see that the plug-in is properly registered.
Page 54 An Example Pre-Operation Plug-In Netscape Directory Server Plug-In Programmer’s Guide • August 2002...
Page 55: Part 2 Basic Plug-In Programming Techniques
Part 2 Basic Plug-In Programming Techniques Chapter 5, “Front-End API Functions Chapter 6, “Writing Pre/Post-Operation Plug-Ins” Chapter 7, “Defining Functions for LDAP Operations” Chapter 8, “Defining Functions for Authentication”...
Page 56 Netscape Directory Server Plug-In Programmer’s Guide • August 2002...
Page 57: Chapter 5 Front-End Api Functions
Chapter 5 Front-End API Functions The Netscape Directory Server (Directory Server) provides some general-purpose, front-end API functions that allow you to work with the entries in the Directory Server. This chapter explains how to use the front-end API functions to accomplish various tasks;...
Page 58: Logging Messages
Logging Messages Logging Messages To write an error message to the error log, call the function. slapi_new_condvar() For example, the following function call writes a message in slapi_log_error() the error log: slapi_log_error( SLAPI_LOG_PLUGIN, "searchdn_preop_search", "*** PREOPERATION SEARCH PLUGIN ***\n"); This call will create the following message in the error log: [01/Oct/1997:02:24:18 -0700] searchdn_preop_search \ - *** PREOPERATION SEARCH PLUGIN *** Make sure that the Directory Server is configured to log messages that have the...
Page 59: Sending Data To The Client
Sending Data to the Client Sending Data to the Client Sometimes you might need to communicate various information directly back to the client. For example, you might want to do this in the following situations: • If you need to send a result code back to the client (for example, to report an error or a successful result to an LDAP operation), call the function.
Page 60: Working With Entries, Attributes, And Values
Working with Entries, Attributes, and Values Working with Entries, Attributes, and Values This section discusses how to create new entries in the directory and how to convert them to LDIF and back. In certain situations, you will need to pass directory entries between the front-end and the client.
Page 61: Creating A New Entry
Working with Entries, Attributes, and Values Creating a New Entry In some situations, you might need to create a new entry. There are two basic ways to do this: • By allocating memory for a new entry To allocate memory for a new entry, call the function.
Page 62: Getting And Setting The Dn Of An Entry
Working with Entries, Attributes, and Values If a double-colon is used after a data type, it signifies that the value after the double-colon is encoded as a base-64 string. Data is sometimes encoded as a base-64 string. For example, it might be encoded this way if the value contains a non-printing character or newline.
Page 63: Getting The Attributes And Values Of An Entry
Working with Entries, Attributes, and Values To see if an entry complies with the schema, call the function. slapi_entry_schema_check() Getting the Attributes and Values of an Entry There are two basic ways to obtain the attributes and values of an entry: •...
Page 64: Working With Dns And Rdns
Working with DNs and RDNs • To remove values from an entry, call slapi_entry_delete_values_sv() • In certain situations, you may want to add an attribute and its values to an entry while not replacing any attribute values that already exist. To do this, call function.
Page 65: Working With Dn Suffixes
Working with DNs and RDNs Working with DN Suffixes A suffix of a DN identifies a subtree in the directory tree where the DN is located. For example, consider the following DN: cn=Babs Jensen, ou=Product Development, o=Example Corporation, c=US In this case, one of the suffixes is: o=Example Corporation, c=US This suffix indicates that the entry is located in the...
Page 66: Working With Search Filters
Working with Search Filters You can use the following front-end function to normalize and convert the case of a • normalize a DN. slapi_dn_normalize() • to convert all characters in a DN to lowercase. slapi_dn_ignore_case() • to both normalize the DN and convert all slapi_dn_normalize_case() characters in the DN to lowercase.
Page 67: Determining If An Entry Matches A Filter
Working with Search Filters Front-End Functions for Manipulating Filters (Continued) Table 5-3 Function Description Convert a string representation of a filter to a slapi_str2filter() filter of the datatype Slapi_Filter Construct a new LDAP_FILTER_AND, slapi_filter_join() LDAP_FILTER_OR, or LDAP_FILTER_NOT filter from other filters Get the components of a filter (only applicable slapi_filter_list_first(), to LDAP_FILTER_AND, LDAP_FILTER_OR,...
Page 68: Getting The Search Criteria
Working with Search Filters Types of Filters (Continued) Table 5-4 Filter Type Description The search should find entries that contain a value LDAP_FILTER_GE greater than or equal to the specified attribute value. The search should find entries that contain a value less LDAP_FILTER_LE than or equal to the specified attribute value.
Page 69: Converting A String To A Filter
Checking Passwords Converting a String to a Filter A search filter can be represented by either the datatype or as a Slapi_Filter string. In a parameter block for a search operation, is a filter SLAPI_SEARCH_FILTER of the datatype is the string Slapi_Filter SLAPI_SEARCH_STRFILTER representation of that filter.
Page 70 Checking Passwords • (means Unix crypt algorithm and can be defined using the CRYPT plug-in) crypt-password-storage-scheme • (means Secure Hashing Algorithm and can be defined using the plug-in) -password-storage-scheme • (means Salted Secure Hashing Algorithm and can be defined using the SSHA plug-in) ssha-password-storage-scheme...
Page 71: Chapter 6 Writing Pre/Post-Operation Plug-Ins
Chapter 6 Writing Pre/Post-Operation Plug-Ins This chapter explains how to write functions that the Netscape Directory Server (Directory Server) calls before and after executing an LDAP operation. These functions are called pre-operation and post-operation plug-in functions. • How Pre/Post-Operation Plug-Ins Work •...
Page 72 How Pre/Post-Operation Plug-Ins Work You can also set up the Directory Server to call your own plug-in functions before and after: • Sending an LDAP entry back to the client • Sending an LDAP result code back to the client •...
Page 73: Types Pre-Operation And Post-Operation Functions
Types Pre-Operation and Post-Operation Functions Types Pre-Operation and Post-Operation Functions As is the case with other server plug-in functions, pre-operation functions and post-operation functions are specified in a parameter block that you can set on server startup. Each function corresponds to an ID in the parameter block. In your initialization function, you can call the function to specify slapi_pblock_set()
Page 74: Types Of Post-Operation Functions
Types Pre-Operation and Post-Operation Functions Functions Called Before the Directory Server Executes an Operation (Continued) Table 6-1 ID in Parameter Block Description Specifies the function called before the Directory Server SLAPI_PLUGIN_PRE_MODIFY_FN executes an LDAP modify operation. For information on writing this type of function, see “Processing an LDAP Modify Operation”...
Page 75 Types Pre-Operation and Post-Operation Functions Table 6-2 Functions Called After the Directory Server Executes an Operation ID in Parameter Block Description Specifies the function called after the Directory Server SLAPI_PLUGIN_POST_BIND_FN executes an LDAP bind operation. For information on writing this type of function, see “Processing an LDAP Bind Operation”...
Page 76: Registering Pre/Post-Operation Functions
Registering Pre/Post-Operation Functions Functions Called After the Directory Server Executes an Operation (Continued) Table 6-2 ID in Parameter Block Description Specifies the function called after the Directory Server sends SLAPI_PLUGIN_POST_ENTRY_FN an entry back to the client (for example, when you call slapi_send_ldap_search_entry(), the post-operation entry function is called after the entry is sent back to the client).
Page 77: Chapter 7 Defining Functions For Ldap Operations
Chapter 7 Defining Functions for LDAP Operations This chapter explains how to write pre-operation and post-operation functions for specific LDAP operations. In general, the functions outlined here use a parameter block to pass information between the plug-in and the Netscape Directory Server (Directory Server).
Page 78: Specifying Start And Close Functions
Specifying Start and Close Functions Specifying Start and Close Functions For each pre-operation and post-operation plug-in, you can specify the name of a function to be called after the server starts and before the server is shut down. Use the following parameters to specify these functions: Specifies the function called after the Directory Server SLAPI_PLUGIN_START_FN starts up.
Page 79: Getting And Setting Parameters For The Bind Operation
Processing an LDAP Unbind Operation Your pre-operation and post-operation bind functions should return 0 if successful. If the pre-operation function returns a non-zero value, the post-operation bind function is never called. For information on defining a function that handles authentication, see Chapter 8, “Defining Functions for Authentication.”...
Page 80: Processing An Ldap Search Operation
Processing an LDAP Search Operation • parameter specifies the pre-operation SLAPI_PLUGIN_PRE_UNBIND_FN unbind function. • parameter specifies the post-operation SLAPI_PLUGIN_POST_UNBIND_FN unbind function. You set these parameters to the names of your functions by calling slapi_pblock_set() Your plug-in functions should return 0 if successful. If the pre-operation function returns a non-zero value, the post-operation unbind function is never called.
Page 81: Getting The List Of Candidates
Processing an LDAP Search Operation Getting the List of Candidates When the Directory Server receives an LDAP search request, the front-end gets information about the search (such as the scope and base DN). The front-end normalizes the base DN (by calling the function) and slapi_dn_normalize() determines if the base DN identifies a DSA-specific entry (DSE).
Page 82: Iterating Through Candidates
Processing an LDAP Search Operation Parameter ID Data Type Description Slapi_Filter struct (an SLAPI_SEARCH_FILTER Slapi_Filter * opaque data structure) representing the filter to be used in the search. String representation of the filter SLAPI_SEARCH_STRFILTER char * to be used in the search. Array of attribute types to be SLAPI_SEARCH_ATTRS char **...
Page 83 Processing an LDAP Search Operation Parameter ID Data Type Description Set of search results. SLAPI_SEARCH_RESULT_SET void * Entry returned from iterating SLAPI_SEARCH_RESULT_ENTRY void * through the results set. This “next entry” function actually sets this parameter. (Netscape Directory Server 4.x) SLAPI_SEARCH_RESULT_ENTRY_EXT void * Reserved for future use.
Page 84: Processing An Ldap Compare Operation
Processing an LDAP Compare Operation Processing an LDAP Compare Operation When the Directory Server receives an LDAP compare request from a client, the front-end gets the DN of the entry being compared and the attribute and value being used in the comparison. The front-end makes this information available to pre-operation and post-operation plug-in functions in the form of parameters in a parameter block.
Page 85 Processing an LDAP Add Operation The add function should check the following: • If the operation has been abandoned, the function should return -1. (You do not need to call to send an LDAP error code to slapi_send_ldap_result() the client. According to the LDAP protocol, the client does not expect a server response after an operation is abandoned.) •...
Page 86: Processing An Ldap Modify Operation
Processing an LDAP Modify Operation Processing an LDAP Modify Operation When the Directory Server receives an LDAP modify request from a client, the front-end gets the DN of the entry to be modified and the modifications to be made. The front-end makes this information available to pre-operation and post-operation plug-in functions in the form of parameters in a parameter block.
Page 87: Processing An Ldap Modify Rdn Operation
Processing an LDAP Modify RDN Operation • If the RDN of the entry contains attribute values that are not part of the entry (for example, if the RDN is “uid=bjensen” but the entry has no uid value or has a different uid value), the function should call slapi_send_ldap_result() send the LDAP error code and should return -1.
Page 88 Processing an LDAP Modify RDN Operation The modify RDN function should check the following: • If the operation has been abandoned, the function should return -1. (You do not need to call to send an LDAP error code to slapi_send_ldap_result() the client.
Page 89: Processing An Ldap Delete Operation
Processing an LDAP Delete Operation Processing an LDAP Delete Operation When the Directory Server receives an LDAP delete request from a client, the front-end gets the DN of the entry to be removed from the directory. The front-end makes this information available to pre-operation and post-operation plug-in functions in the form of parameters in a parameter block.
Page 90 Processing an LDAP Abandon Operation Netscape Directory Server Plug-In Programmer’s Guide • August 2002...
Page 91: Chapter 8 Defining Functions For Authentication
Chapter 8 Defining Functions for Authentication This chapter explains how to write a plug-in function to bypass or replace the standard function for authentication with your own function. Information on authentication with the Netscape Directory Server (Directory Server) is organized in the following sections: •...
Page 92: How The Directory Server Identifies Clients
How the Directory Server Identifies Clients SASL provides the means to use mechanisms other than simple authentication and SSL to authenticate to the Directory Server. How the Directory Server Identifies Clients The server keeps track of the identity of the LDAP client through the parameters.
Page 93 How the Authentication Process Works If the SASL mechanism is not supported by the server, the server sends an result code back to the client and ends the LDAP_AUTH_METHOD_NOT_SUPPORTED processing of the bind request. If the method of authentication is (simple authentication), LDAP_AUTH_SIMPLE the server checks if the DN is an empty string or if there are no credentials.
Page 94 How the Authentication Process Works If the credentials are correct, the server sets the SLAPI_CONN_DN parameter to the DN and the parameter to SLAPI_CONN_AUTHTYPE . The server sends an result code back LDAP_AUTH_SIMPLE LDAP_SUCCESS to the client and ends the processing of the bind request. If the credentials are incorrect, the server sends an result code back to the client and ends the LDAP_INVALID_CREDENTIALS...
Page 95: Writing Your Own Authentication Plug-In
Writing Your Own Authentication Plug-in Writing Your Own Authentication Plug-in A situation may arise in which you may want to write and implement your own function for authentication; that is, replace the standard means of authentication with your own function. You can write a pre-operation bind plug-in function (a function that the server calls before processing an LDAP bind request) that performs the authentication and bypasses the default bind functionality.
Page 96 Writing a Pre-Operation Bind Plug-in Using a Pre-Operation Bind Plug-In Function to Handle Authentication Figure 8-1 Figure 8-2 illustrates the steps that your pre-operation bind plug-in function must take to authenticate LDAP clients to the Directory Server. Netscape Directory Server Plug-In Programmer’s Guide • August 2002...
Page 97: Defining Your Authentication Function
Writing a Pre-Operation Bind Plug-in How Your Pre-Operation Bind Plug-In Function Can Authenticate LDAP Figure 8-2 Clients Defining Your Authentication Function The following sections cover guidelines that you can follow when defining your authentication function: • Getting and Checking the Bind Parameters •...
Page 98: Getting The Entry And Checking The Credentials
Writing a Pre-Operation Bind Plug-in • structure containing the credentials sent SLAPI_BIND_CREDENTIALS berval by the client) If you plan to support authentication through SASL mechanisms, you should also parameter (a string value get the value of the SLAPI_BIND_SASLMECHANISM specifying the name of the SASL mechanism to use for authentication). Make sure to check the following: •...
Page 99: What To Do If Authentication Fails
Writing a Pre-Operation Bind Plug-in • (means Secure Hashing Algorithm and can be defined using the plug-in) -password-storage-scheme • (means Salted Secure Hashing Algorithm and can be defined using the SSHA plug-in) ssha-password-storage-scheme If you need to compare the client’s credentials against the value of the attribute, you can call the function.
Page 100: Registering The Sasl Mechanism
Writing a Pre-Operation Bind Plug-in This sets the DN and authentication method for the connection to the client. (The server uses this DN and method in subsequent operations when checking access rights.) to one of the following values: You can set SLAPI_CONN_AUTHTYPE represents no authentication.
Page 101: Example Of A Pre-Operation Bind Plug-In
Writing a Pre-Operation Bind Plug-in Note that if you do not register your SASL mechanism, the Directory Server will send an result code back to the client and LDAP_AUTH_METHOD_NOT_SUPPORTED will not call your pre-operation bind function. NOTE Be sure to check this source file for an example of a pre-operation plug-in function for SASL authentication with LDAP bind operations: <server_root>/plugins/slapd/slapi/examples/testsaslbind.c Example of a Pre-Operation Bind Plug-In...
Page 102 Writing a Pre-Operation Bind Plug-in Sample Pre-Operation Bind Function (Continued) Code Example 8-1 Slapi_Entry *e = NULL; Slapi_Entry **entries = NULL; Slapi_Attr *attr = NULL; /* Log a message to the server error log. */ slapi_log_error( SLAPI_LOG_PLUGIN, "test_bind", "Pre-operation bind function called.\n" ); /* Gets parameters available when processing an LDAP bind operation.
Page 103 Writing a Pre-Operation Bind Plug-in Sample Pre-Operation Bind Function (Continued) Code Example 8-1 if ( slapi_entry_attr_find( e, "userpassword", &attr ) != 0 slapi_log_error( SLAPI_LOG_PLUGIN, "test_bind", "Entry has no userpassword attribute\n" ); rc = LDAP_INAPPROPRIATE_AUTH; break; slapi_attr_get_values( attr, &pwvals ); if ( slapi_pw_find( pwvals, credentials ) != 0 ) { slapi_log_error( SLAPI_LOG_PLUGIN, "test_bind", "Credentials are not correct for the entry\n"...
Page 104: Example Of An Initialization Function
Writing a Pre-Operation Bind Plug-in Sample Pre-Operation Bind Function (Continued) Code Example 8-1 break; /* This plug-in does not support any other method of authentication */ case LDAP_AUTH_SASL: default: slapi_log_error( SLAPI_LOG_PLUGIN, "test_bind", "Unsupported authentication method requested: %d\n", method ); rc = LDAP_AUTH_METHOD_NOT_SUPPORTED; break;...
Page 105: Registering The Plug-In
Writing a Pre-Operation Bind Plug-in Sample Function for Registering Pre-Operation Bind Function Code Example 8-2 /* Register the pre-operation bind function and specify the server plug-in version. */ if ( slapi_pblock_set( pb, SLAPI_PLUGIN_VERSION, SLAPI_PLUGIN_VERSION_01 ) != 0 || slapi_pblock_set( pb, SLAPI_PLUGIN_DESCRIPTION, (void *)&bindpdesc ) != 0 || slapi_pblock_set( pb, SLAPI_PLUGIN_PRE_BIND_FN, (void *) test_bind ) != 0 ) {...
Page 106: Using Sasl With An Ldap Client
Using SASL with an LDAP Client nsslapd-pluginType: preoperation nsslapd-pluginEnabled: on nsslapd-plugin-depends-on-type: database nsslapd-pluginId: test-bind Check this source file for an example of a pre-operation plug-in function that handles authentication: <server_root>/plugins/slapd/slapi/examples/testbind.c Using SASL with an LDAP Client If you intend to use SASL as the method for authenticating clients, you need to enable your LDAP clients to use SASL.
Page 107 Using SASL with an LDAP Client • is a pointer to an array of structures representing serverctrls LDAPControl the LDAP v3 server controls that you want passed to the server for the bind operation. is a pointer to an array of structures representing •...
Page 108 Using SASL with an LDAP Client • is the connection handle, which is a pointer to the LDAP structure containing information about the connection to the LDAP server. • is a pointer to the structure containing the results that you LDAPMessage want to parse.
Page 109 Using SASL with an LDAP Client LDAP Client Authenticating Using SASL Method (Continued) Code Example 8-3 if ( ldap_sasl_bind_s( ld, "uid=bjensen,ou=people,o=example.com", "babsmechanism", &cred, NULL, NULL, &servcred ) != LDAP_SUCCESS ) { ldap_perror( ld, "ldap_sasl_bind_s" ); return( 1 ); /* get and print the credentials returned by the server */ printf( "Server credentials: %s\n", servcred->bv_val );...
Page 110 Using SASL with an LDAP Client Netscape Directory Server Plug-In Programmer’s Guide • August 2002...
Page 111: Part 3 Advanced Programming Techniques
Part 3 Advanced Programming Techniques Chapter 9, “Writing Entry Store/Fetch Plug-Ins” Chapter 10, “Writing Extended Operation Plug-Ins” Chapter 11, “Writing Matching Rule Plug-Ins” Chapter 12, “Using the Custom Distribution Logic...
Page 112 Netscape Directory Server Plug-In Programmer’s Guide • August 2002...
Page 113: Chapter 9 Writing Entry Store/Fetch Plug-Ins
Chapter 9 Writing Entry Store/Fetch Plug-Ins This chapter describes how to write entry store and entry fetch plug-ins. You can use these types of plug-ins to invoke functions before and after data is read from the default database. The chapter contains the following sections: •...
Page 114: Writing Entry Store/Fetch Functions
Writing Entry Store/Fetch Functions How the Server Calls Entry Store and Entry Fetch Plug-In Functions Figure 9-1 Writing Entry Store/Fetch Functions Unlike most other types of plug-in functions, entry store and entry fetch plug-in functions are not passed a parameter block when called. Instead, entry store and entry fetch plug-in functions must have the following prototype: void function_name( char **entry, unsigned long *len );...
Page 115: Registering Entry Store/Fetch Functions
Registering Entry Store/Fetch Functions Pointer to a string specifying the entry in LDIF format; for entry details on this format, see “slapi_filter_free()” on page 351. Pointer to the length of the entry string. Since the text of the entry is passed in as an argument, you can modify the entry before it gets saved to disk and modify the entry after it is read from disk.
Page 116 Registering Entry Store/Fetch Functions plugin entrystore [on|off] "<name of plugin>" \ <library_name> <function_name> plugin entryfetch [on|off] "<name of plugin>" \ <library_name> <function_name> is the name and path to your shared library or dynamic link <library_name> library, and is the name of your plug-in function. <function_name>...
Page 117: Chapter 10 Writing Extended Operation Plug-Ins
Chapter 10 Writing Extended Operation Plug-Ins This chapter explains how to write plug-in functions to handle extended operations. Extended operations are are defined in the LDAP v3 protocol. The chapter contains the following sections: • How Extended Operation Plug-Ins Work •...
Page 118: Writing Extended Operation Functions
Writing Extended Operation Functions Writing Extended Operation Functions Like other plug-in functions, extended operation functions pass a single parameter block ( ) and return an integer value, as shown in the following Slapi_PBlock example declaration: int my_ext_func( Slapi_PBlock *pb ); Extended operation functions should return a value of if they are successful and a non-zero value if they are unsuccessful.
Page 119: Registering Extended Operation Functions
Registering Extended Operation Functions • If your function cannot handle the extended operation with the specified OID, your function should return the value . The front-end will send an SLAPI_PLUGIN_EXTENDED_NOT_HANDLED result code (with an “unsupported extended operation LDAP_PROTOCOL_ERROR error message”) back to the client. NOTE For a sample plug-in function (uncompiled C code) that implements an extended operation, check this file:...
Page 120 Registering Extended Operation Functions Sample Initialization Function for Passing an OID (Continued) Code Example 10-1 /* Get the number of additional arguments and copy them. */ for ( i = 0; argv[i] != NULL; i++ ) oids = (char **) slapi_ch_malloc( (i+1) * sizeof(char *) ); for ( i = 0;...
Page 121: Specifying Start And Close Functions
Specifying Start and Close Functions nsslapd-pluginEnabled: on nsslapd-plugin-depends-on-type: database nsslapd-pluginId: test-extendedop nsslapd-pluginarg0: 1.2.3.4 For an example plug-in function that implements an extended operation, take a look at this source file: <server_root>/plugins/slapd/slapi/examples/testextendedop.c In Netscape Directory Server 4.x, add this directive to the file: slapd.ldbm.conf plugin extendedop [on|off] “<name of plugin>”...
Page 122 Specifying Start and Close Functions Netscape Directory Server Plug-In Programmer’s Guide • August 2002...
Page 123: Chapter 11 Writing Matching Rule Plug-Ins
Chapter 11 Writing Matching Rule Plug-Ins This chapter explains how to write plug-in functions that handle matching rules. Matching rule plug-in functions are described in the following sections: • Understanding Matching Rules • Understanding Matching Rule Plug-Ins • Indexing Based on Matching Rules •...
Page 124: Extensible Match Filters
Understanding Matching Rules Extensible Match Filters In an “extensible match” filter, the client specifies that it wants to use the matching rule to compare a specified value against the values of entries in the directory. (For example, an extensible match filter might find all entries in which the attribute “sounds like”...
Page 125: Extensible Match Filters In The Directory Server
Understanding Matching Rule Plug-Ins Extensible Match Filters in the Directory Server Directory Server 6.x and earlier versions already include support for certain matching rules (which are used to determine the collation order and operator for searches of international data). You can enable the Directory Server to handle your own matching rules for extensible match searches by defining your own matching rules plug-ins and registering them with the server.
Page 126: How Matching Rules Are Identified
Understanding Matching Rule Plug-Ins When the server starts up and loads the matching rule plug-in, it calls the initialization function. In this function, you pass the server the pointers to the factory functions and the close function. The server calls these functions when needed (see “How Matching Rules Are Identified”...
Page 127: How The Server Associates Plug-Ins With Oids
Understanding Matching Rule Plug-Ins How the Server Associates Plug-Ins with OIDs When the server encounters the OID for a matching rule, it attempts to find the plug-in associated with that matching rule. If no plug-in is associated with the matching rule, the server calls each matching rule plug-in to find one that handles the specified matching rule.
Page 128: Finding A Plug-In For Searching
Understanding Matching Rule Plug-Ins Finding a Plug-In for Searching To determine which matching rule plug-in is responsible for handling an extensible match filter for a given matching rule (based on its OID), the server does the following for each plug-in: In a new parameter block, the server sets the following Slapi_PBlock...
Page 129: How The Server Uses Parameter Blocks
Indexing Based on Matching Rules How the Server Uses Parameter Blocks The server uses parameter blocks as a means to pass information to and from your plug-in functions. When calling your matching rule plug-in functions, the server will create a new parameter block, set some input parameters, and pass the Slapi_PBlock parameter block to your function.
Page 130: How The Server Updates The Index
Indexing Based on Matching Rules The server gets the OID returned in the parameter and SLAPI_PLUGIN_MR_OID associates this OID with the rest of the attribute indexing information (such as the attribute type and the type of index) for future reference. When adding, modifying, or deleting the values of an attribute, the server will check this information to determine if the attribute is indexed.
Page 131: Writing The Indexer Factory Function
Indexing Based on Matching Rules Writing the Indexer Factory Function The indexer factory function takes a single argument. This function Slapi_PBlock should be thread-safe. The server may call this function concurrently. The indexer factory function should do the following: Get the OID from the parameter and determine SLAPI_PLUGIN_MR_OID whether or not that OID is supported by your plug-in.
Page 132: Getting And Setting Parameters In Indexer Factory Functions
Indexing Based on Matching Rules Set the parameter to the function responsible SLAPI_PLUGIN_DESTROY_FN for freeing any memory allocated by the factory function, such as the indexer object. (See “Writing a Destructor Function” on page 143 for details.) Return 0 (or the result code ) if everything completed LDAP_SUCCESS successfully.
Page 133: Writing The Indexer Function
Indexing Based on Matching Rules Input and Output Parameters Available to a Indexer Factory Function (Continued) Table 11-1 Parameter Name Data Type Description (Input parameter) Pointer to any private SLAPI_PLUGIN_PRIVATE void * data originally specified in the initialization function. (See “Writing an Initialization Function”...
Page 134: Getting And Setting Parameters In Indexer Functions
Handling Extensible Match Filters Getting and Setting Parameters in Indexer Functions The following table summarizes the different parameters that the indexer function should get and set in the parameter block that is passed in: Table 11-2 Input and output parameters available to an indexer function Parameter Name Data Type Description...
Page 135: How The Server Handles The Filter
Handling Extensible Match Filters How the Server Handles the Filter When the server processes a search request that has an extensible match filter, the server does the following: First, the server finds the plug-in associated with this OID, if an association between the OID and plug-in has already been made.
Page 136: Query Operators In Matching Rules
Handling Extensible Match Filters The server calls the filter matching function (which is specified in the parameter), passing in the filter SLAPI_PLUGIN_MR_FILTER_MATCH_FN object, the entry, and the attributes of the entry. If the entry does not match but the search request also specifies that the attributes in the DN should be searched, the server calls the filter matching function again, passing in the filter object, the entry, and the attributes in the DN.
Page 137: Writing A Filter Factory Function
Handling Extensible Match Filters If the query operator is , the server attempts to find the keys in SLAPI_OP_EQUAL the index that match the value specified in the search filter. In the case of the other query operators, the server attempts to find ranges of keys that match the value. Writing a Filter Factory Function The filter factory function takes a single argument.
Page 138: Getting And Setting Parameters In Filter Factory Functions
Handling Extensible Match Filters Set the following parameters: Set the parameter to the official OID of the SLAPI_PLUGIN_MR_OID matching rule, if the value of that parameter is not the official OID (optional). Set the parameter to the filter object. SLAPI_PLUGIN_OBJECT Set the parameter to the filter index SLAPI_PLUGIN_MR_FILTER_INDEX_FN...
Page 139: Writing A Filter Index Function
Handling Extensible Match Filters Input and Output Parameters Available to a Filter Factory Function (Continued) Table 11-4 Parameter Name Data Type Description (Input parameter) Pointer to any SLAPI_PLUGIN_PRIVATE void * private data originally specified in the initialization function. (See “Writing an Initialization Function”...
Page 140: Getting And Setting Parameters In Filter Index Functions
Handling Extensible Match Filters Set the parameter to the attribute type in the SLAPI_PLUGIN_MR_TYPE filter object. Set the parameter to the values in the filter SLAPI_PLUGIN_MR_VALUES object. Set the parameter to the query SLAPI_PLUGIN_MR_QUERY_OPERATOR operator that corresponds to this search filter. (See “Query Operators in Matching Rules”...
Page 141: Writing A Filter Matching Function
Handling Extensible Match Filters Input and Output Parameters Available to a Filter Index Function (Continued) Table 11-5 Parameter Name Data Type Description (Output parameter) Official SLAPI_PLUGIN_MR_OID char * matching rule OID (if any) specified in the extensible match filter. (Output parameter) Attribute type SLAPI_PLUGIN_MR_TYPE char * (if any) specified in the extensible...
Page 142: Handling Sorting By Matching Rules
Handling Sorting by Matching Rules Find the corresponding attribute in the attributes passed into the function. Make sure to check for subtypes of an attribute (for example, “cn;lang-ja”) in the filter and in the attributes specified by attrs You can call the function to compare the attribute in slapi_attr_type_cmp() the filter against the attributes passed in as arguments.
Page 143: Writing A Destructor Function
Writing a Destructor Function The server calls the indexer function (specified by the parameter). SLAPI_PLUGIN_MR_INDEXER_FN Next, the server gets the value of the parameter, SLAPI_PLUGIN_MR_KEYS which is an array of structures containing the keys corresponding berval to the values. The server compares the keys to sort the results. Writing a Destructor Function The server calls the destructor function to free any memory that you’ve allocated (for example, the indexer object or the filter object).
Page 144 Writing an Initialization Function In order to add your plug-in to that internal list, you need to write an initialization function. The initialization function takes a single argument. The Slapi_PBlock function should set the following parameters: parameter should be set to the •...
Page 145: Registering Matching Rule Functions
Registering Matching Rule Functions Input and Output Parameters Available to a Matching Rule Plug-In Initialization Function Table 11-7 Parameter Name Data Type Description (Output parameter) The “close” SLAPI_PLUGIN_CLOSE_FN void * function, which the server calls (function pointer) before shutting down. (Output parameter) Pointer to SLAPI_PLUGIN_PRIVATE void *...
Page 146: Specifying Start And Close Functions
Specifying Start and Close Functions plugin matchingrule on “my matching rule plugin” /usr/ns/myplugin.so my_init_fn Specifying Start and Close Functions For each matching rule operation plug-in, you can specify the name of a function to be called after the server starts and before the server is shut down. These functions take a single argument.
Page 147: Chapter 12 Using The Custom Distribution Logic
Chapter 12 Using the Custom Distribution Logic The distribution plug-in provided with Netscape Directory Server (Directory Server) distributes a flat namespace, allowing you to associate several databases with a single suffix. This chapter contains the following sections: • About Distributing Flat Namespaces •...
Page 148: Creating A Distribution Function
Creating a Distribution Function Because the number of users is too large, you decide to distribute the entries according to the first letter of each user’s last name, assigning each letter to a separate database. To do this, you need to create your own distribution function. Your function determines how each operation received by the suffix is ou=users...
Page 149 Creating a Distribution Function Each time the server gets a request for a suffix that contains the distribution function, the function is called. The function then decides which database (backend) processes the request. The decision made by the function is based on some piece of information present in the pblock at the time of the request (such as the entry DN, a hash function, the time of day, or the type of operation).
Page 150: Adding The Distribution Function To Your Directory
Adding the Distribution Function to Your Directory You can create the root entry in two ways: • Import the same LDIF file into each database using the command-line ldif2db utility. This LDIF file should contain the root entry as well as data that you want to distribute across the databases.
Page 151: Adding Multiple Databases To A Single Suffix
Adding the Distribution Function to Your Directory Adding Multiple Databases to a Single Suffix The following procedures describe adding multiple databases to a suffix using the console and the command-line. Using the Console In the Directory Server Console, select the Configuration tab. Expand the Data tree and select the suffix to which you want to add another database.
Page 152: Adding Distribution Logic To A Suffix
Adding the Distribution Function to Your Directory The entry added corresponds to a database named that contains the data for Datas the root suffix ou=people,dc=example,dc=com The database name, given in the DN attribute, must correspond with one of the attribute of the suffix entry. values in the nsslapd-backend Adding Distribution Logic to a Suffix...
Page 153: Using The Distribution Logic Examples
Using the Distribution Logic Examples Using the Distribution Logic Examples The directory provides three distribution logic examples. The examples illustrate the following: • Distributing entries based on the first letter of their RDN (alpha_distribution). The example uses as many databases as you like to contain the data. For example, if you create 3 databases for a single suffix, entries starting with the letters A-I to database 0, entries starting with the letters J-R go to database 1, and entries starting with the letters S-Z go to database 2.
Page 154: Custom Distribution Checklist
Custom Distribution Checklist Imagine you want to use the hash distribution function on a Solaris machine. First create a suffix. Then create several databases under that suffix. Next, import the suffix entry to each of the databases you created. Finally, add the following lines to the suffix: nsslapd-distribution-plugin: /plugin/distrib-plugin.so nsslapd-distribution-funct: hash_distribution...
Page 155: Chapter 13 Using Data Interoperability Plug-Ins
Chapter 13 Using Data Interoperability Plug-Ins This chapter explains how to use the Data Interoperability (DIOP) feature of Netscape Directory Server (Directory Server). The DIOP feature refers to Directory Server’s ability to work with a proprietary database, instead of its default database that gets created during installation.
Page 156: Installing Directory Server
Installing Directory Server Installing Directory Server This section explains how to install Directory Server in order to test and use the DIOP feature. • Understanding Deployment Configuration • Installing Two Instances of Directory Server Understanding Deployment Configuration To verify whether the DIOP feature works in Directory Server, your deployment must comprise two instances of Directory Server: •...
Page 157 Installing Directory Server Table 13-1 Plug-In Status in DIOP-Enabled Directory Server (Continued) Default Directory Server Plug-Ins Unsupported Plug-Ins (Indicated by X) (Names as they appear in the Directory Server Console) ACL Plugin ACL preoperation Binary Syntax Boolean Syntax Case Exact String Syntax Case Ignore String Syntax chaining database Class of Service...
Page 158 Installing Directory Server Table 13-1 Plug-In Status in DIOP-Enabled Directory Server (Continued) Default Directory Server Plug-Ins Unsupported Plug-Ins (Indicated by X) (Names as they appear in the Directory Server Console) State Change Plugin Telephone Syntax uid uniqueness URI Syntax Views CLEAR CRYPT NS-MTA-MD5...
Page 159 Installing Directory Server In the above figure, is the configuration Directory slapd-<configInstance> Server and is the Directory Server instance with the DIOP slapd-<diopInstance> plug-in turned on. • The management and administration of is done via slapd-<configInstance> the corresponding Directory Server Console, accessible from within Netscape Console.
Page 160: Installing Two Instances Of Directory Server
Installing Directory Server /usr/netscape/servers/slapd-<diopInstance> where is the default installation directory. In the /usr/netscape/servers sections that follow, the installation directory is identified as <server_root> • After you install the two instances, you designate the second Directory Server instance ( ) for testing the DIOP feature. slapd-<diopInstance>...
Page 161: Enabling The Diop Feature In Directory Server
Enabling the DIOP Feature in Directory Server Use Netscape Console to create a new/second instance of Directory Server in Figure 13-1). slapd-<diopInstance> In the navigation pane, select the Server Group, right click, and select “Create Instance of Netscape Directory Server,” and follow the prompts. Disable the unsupported plug-ins in the second instance ), which you will use for enabling the DIOP plug-in.
Page 162: Using The Diop Feature
Using the DIOP Feature In the text editor, open the file. dse.ldif The file is located in the directory. <server_root>/slapd-<diopInstance>/config/dse.ldif Add the above mentioned entry, and save your changes, and close the file. Restart the server. <server_root>/slapd-<diopInstance>/start-server • By using the command.
Page 163 Using the DIOP Feature • If you want to use the sample plug-in, first build the plug-in and then load it into the server: Shut down your DIOP-enabled Directory Server. Go to the directory in which the sample plug-in is located. cd <server_root>/plugins/slapd/slapi/examples Build the plug-in.
Page 164: Sample Diop Plug-In
Sample DIOP Plug-In Open the file <server_root>/slapd-<diopInstance>/config/dse.ldif in a text editor. Delete the entry, which holds cn=datainterop,cn=plugins,cn=config the plug-in information. Restart the server to load the modified configuration. You can also use the command to make these changes. ldapmodify Sample DIOP Plug-In To help you understand the DIOP feature, a sample DIOP plug-in is included with Directory Server.
Page 165 Sample DIOP Plug-In Table 13-2 Elements of Pre-Operation Plug-In Description of the #define PLUGIN_NAME "nullsuffix-preop" Plug-In static Slapi_PluginDesc plugindesc = { PLUGIN_NAME, "Netscape", "6.1", "sample pre-operation null suffix plugin" Initialization of the nullsuffix_init( Slapi_PBlock *pb ) Plug-In by the Server In this function, all the callbacks are set up and will be called by the server for each LDAP operation.
Page 166: Debugging The Plug-In
Sample DIOP Plug-In Table 13-2 Elements of Pre-Operation Plug-In (Continued) Sparse Tree Support Any mods done to the server on the null suffix are processed by the plug-in. The plug-in writes the DN of all mods received to a standalone Berkley db, and trying a simple test using LDIF entries without the required object classes or parent entries will still get processed by the server, populating the db created by the plug-in.
Page 167: Plug-In Api Reference
Plug-In API Reference Plug-In API Reference This section contains reference information on APIs that enable the following: • Preserving the Default Behavior of the Server • Bypassing Access Control Checks Preserving the Default Behavior of the Server Directory Server implements internal backends for supporting subtrees , and , which are the reserved naming contexts cn=config...
Page 168 Plug-In API Reference Netscape Directory Server Plug-In Programmer’s Guide • August 2002...
Page 169: Part 4 Reference
Part 4 Reference Chapter 14, “Data Type and Structure Reference” Chapter 15, “Function Reference” Chapter 16, “Parameter Block Reference”...
Page 170 Netscape Directory Server Plug-In Programmer’s Guide • August 2002...
Page 171: Chapter 14 Data Type And Structure Reference
Chapter 14 Data Type and Structure Reference This chapter summarizes the data types and structures that you can use when writing Netscape Directory Server (Directory Server) plug-in functions. Summary of Data Types and Structures The functions in the server plug-in API use the following data types and structures: Data Types and Structures Description Represents binary data that is encoded...
Page 172 Summary of Data Types and Structures Data Types and Structures Description Specifies the prototype for a callback send_ldap_referral_fn_ptr_t function that you can write to send LDAP v3 referrals (search result references) back to the client. Specifies the prototype for a callback send_ldap_result_fn_ptr_t function that you can write to send LDAP result codes back to the client.
Page 173 Summary of Data Types and Structures Data Types and Structures Description Represents an operation pending from an Slapi_Operation LDAP client. Contains name-value pairs that you can Slapi_PBlock get or set for each LDAP operation. Represents information about a server Slapi_PluginDesc plug-in.
Page 174 Summary of Data Types and Structures Use a structure when working with attributes that contain binary data berval (such as a JPEG or audio file). computed_attr_context Represents information used for a computed attribute. Syntax typedef struct _computed_attr_context computed_attr_context; Description is the data type for an opaque structure that represents computed_attr_context information about a computed attribute.
Page 175 Summary of Data Types and Structures Specifies whether or not the control is critical to the operation. ldctl_iscritical This field can have one of the following values: • LDAP_OPT_ON specifies that the control is critical to the operation. • LDAP_OPT_OFF specifies that the control is not critical to the operation.
Page 176 Summary of Data Types and Structures To do this... Call this function Retrieves an allocated array of slapi_get_supported_controls_copy() object identifiers (OIDs) representing the controls supported by the Directory Server. LDAPMod Specifies changes to an attribute in an directory entry. Syntax typedef struct ldapmod { int mod_op;...
Page 177 Summary of Data Types and Structures The operation to be performed on the attribute and the type of data mod_op specified as the attribute values. This field can have one of the following values: #define LDAP_MOD_ADD 0x00 #define LDAP_MOD_DELETE 0x01 #define LDAP_MOD_REPLACE 0x02 #define LDAP_MOD_BVALUES...
Page 178 Summary of Data Types and Structures Code Example 14-1 Sample Code for Changing the Email. Address of a User’s Entry Slapi_PBlock *rcpb; LDAPMod attribute1; LDAPMod *list_of_attrs[2]; char *mail_values[] = { "bab@example.com", NULL }; char *dn; /* Identify the entry that you want changed */ dn = "cn=Barbara Jensen, ou=Product Development, o=Ace Industry, c=US";...
Page 179 Summary of Data Types and Structures See Also Slapi_Mod Slapi_Mods mrFilterMatchFn pecifies the prototype for a filter matching callback function. Syntax #include “slapi-plugin.h” typedef int (*mrFilterMatchFn) (void* filter, Slapi_Entry* entry, Slapi_Attr* attrs); Parameters This function has the following parameters: Pointer to the filter structure created by your filter factory function. (For filter details, see “Writing a Filter Factory Function.”) Pointer to the Slapi_Entry structure representing the candidate entry...
Page 180 Summary of Data Types and Structures You need to define the filter matching function, which is the function that has prototype specified by . The server calls this function for each mrFilterMatchFn potential matching candidate entry. The server passes pointers to a filter structure (that you create in your filter factory function —...
Page 181 Summary of Data Types and Structures The LDAP referral entry callback function will be called once for each referral entry found by a search operation, which means it could be called 0 or any number of times. parameter can be used to pass arbitrary plug-in or callback_data operation-specific information to a referral entry callback function.
Page 182 Summary of Data Types and Structures plugin_search_entry_callback This typedef is used for LDAP search entry callback functions, which are plug-in defined functions that process LDAP entries that are located by an internal search. Syntax #include “slapi-plugin.h” typedef int (*plugin_search_entry_callback)(Slapi_Entry *e, void *callback_data);...
Page 183 Summary of Data Types and Structures Syntax #include “slapi-plugin.h” typedef int (*send_ldap_referral_fn_ptr_t)( Slapi_PBlock *pb, Slapi_Entry *e, struct berval **refs, struct berval ***urls); Parameters The function has the following parameters: Parameter block. Pointer to the Slapi_Entry structure representing the entry that you are working with.
Page 184 Summary of Data Types and Structures send_ldap_result_fn_ptr_t specifies the prototype for a callback function that send_ldap_result_fn_ptr_t you can write to send LDAP result codes back to the client. You can register your function so that it is called whenever the function is slapi_send_ldap_result() called.
Page 185 Summary of Data Types and Structures In your plug-in initialization function, register your function for sending results to the client by setting the SLAPI_PLUGIN_PRE_RESULT_FN parameter (depending on the type of plug-in, SLAPI_PLUGIN_POST_RESULT_FN and if it is a pre-operation or post-operation, respectively) in the parameter block to the name of your function.
Page 186 Summary of Data Types and Structures See Also slapi_send_ldap_search_entry() Slapi_Attr Represents an attribute in an entry. Syntax #include slapi-plugin.h typedef struct slapi_attr Slapi_Attr; Description is the data type for an opaque structure that represents an attribute in Slapi_Attr a directory entry. In certain cases, your server plug-in may need to work with an entry’s attributes.
Page 187 Summary of Data Types and Structures To do this... Call this function Initialize a valueset in a Slapi_Attr slapi_attr_set_valueset() structure from a specified Slapi_ValueSet structure Get information about the plug-in slapi_attr_type2plugin() responsible for handling an attribute type Compare two attribute names to slapi_attr_types_equivalent() determine if they represent the same attribute...
Page 188 Summary of Data Types and Structures The following table summarizes the front-end API functions that you can call to work with the backend operations. To do this... Call this function Add the specified suffix to the slapi_be_addsuffix() given backend and increments the backend's suffix count Set the flag to denote that the slapi_be_delete_onexit()
Page 189 Summary of Data Types and Structures To do this... Call this function Find the backend that should be slapi_be_select() used to service the entry with the specified DN Find the backend that matches by slapi_be_select_by_instance_name() the name of the backend. Backend’s can be identified by name and type.
Page 190 Summary of Data Types and Structures Pointer or reference to the address of the specified function. handle Name of the backend. be_name Old backend state. old_be_state New backend state. new_be_state Description function enables a plug-in to slapi_register_backend_state_change() register for callback when the state of a backend changes. You may need to keep track of backend state changes when writing custom plug-ins.
Page 191 Summary of Data Types and Structures Parameters The function has the following parameters: Pointer to the computed_attr_context structure containing information relevant to the computed attribute. Attribute type of the attribute to be generated. type Pointer to the Slapi_Entry structure representing the entry to be sent back to the client.
Page 192 Summary of Data Types and Structures Returns One of the following values: • 0 if the function successfully BER-encodes the computed attribute and adds it to the BER element to be sent to the client. • An LDAP error code if an error occurred. Description specifies the prototype for a callback function that slapi_compute_output_t...
Page 193 Summary of Data Types and Structures See Also slapi_compute_callback_t Slapi_Connection Represents a connection. Syntax #include slapi-plugin.h typedef struct conn Slapi_Connection; Description is the data type for an opaque structure that represents a Slapi_Connection connection. Slapi_CondVar Represents a condition variable in a directory entry. Syntax #include slapi-plugin.h typedef struct slapi_condvar Slapi_CondVar;...
Page 194 Summary of Data Types and Structures Slapi_DN Represents a distinguished name in a directory entry. Syntax #include slapi-plugin.h typedef struct slapi_dn Slapi_DN; Description is the data type for an opaque structure that represents a distinguished Slapi_DN name in the server plug-in. The following table summarizes the front-end API functions that you can call to work with distinguished names.
Page 195 Summary of Data Types and Structures To do this... Call this function Get the DN of the parent of an entry slapi_dn_parent() Add an RDN to a DN slapi_dn_plus_rdn() See Also Slapi_PBlock Slapi_Entry Represents an entry in the directory. Syntax #include slapi-plugin.h typedef struct slapi_entry Slapi_Entry;...
Page 196 Summary of Data Types and Structures To do this... Call this function Add a data value to an attribute slapi_entry_add_valueset() in an entry Allocate memory for a entry slapi_entry_alloc() structure Delete an attribute from an entry slapi_entry_attr_delete() Check if an entry contains a slapi_entry_attr_find() specific attribute Get the first value as a string...
Page 197 Summary of Data Types and Structures To do this... Call this function Find the first attribute in an entry slapi_entry_first_attr() Free an entry from memory slapi_entry_free() Get the DN from an entry slapi_entry_get_dn() Return the DN of an entry as a slapi_entry_get_dn_const() constant Return the normalized...
Page 198 Summary of Data Types and Structures See Also Slapi_Attr Slapi_Filter Represents a search filter. Syntax #include slapi-plugin.h typedef struct slapi_filter Slapi_Filter; Description is the data type for an opaque structure that represents an search Slapi_Filter filter. (For more information on search filters, see “Working with Search Filters.”) The following table summarizes the front-end API functions that you can call to work with filters.
Page 199 Summary of Data Types and Structures To do this... Call this function Free a filter from memory slapi_filter_free() Slapi_MatchingRuleEntry Represents a matching rule. Syntax #include slapi-plugin.h typedef struct slapi_matchingRuleEntry Slapi_MatchingRuleEntry; Description is the data type for an opaque structure that Slapi_MatchingRuleEntry represents a matching rule.
Page 200 Summary of Data Types and Structures To do this... Call this function Placeholder for future function slapi_matchingrule_unregister() (currently, this function does nothing.) Slapi_Mod Represents a single LDAP modification to a directory entry. Syntax #include slapi-plugin.h typedef struct slapi_mod Slapi_Mod; Description is the data type for an opaque structure that represents LDAPMod Slapi_Mod modifications to an attribute in a directory entry.
Page 201 Summary of Data Types and Structures To do this... Call this function Get the operation type of slapi_mod_get_operation() Slapi_Mod structure Get the attribute type of a slapi_mod_get_type() Slapi_Mod structure Initialize a Slapi_Mod structure slapi_mod_init() Initialize a Slapi_Mod structure slapi_mod_init_byref() that is a wrapper for an existing LDAPMod Initialize a modification by value slapi_mod_init_byval()
Page 202 Summary of Data Types and Structures The following table summarizes the front-end API functions that you can call to manipulate directory entries. To do this... Call this function Create a Slapi_Entry from an slapi_mods2entry() array of LDAPMod Append a new mod with a single slapi_mods_add() attribute value to Slapi_Mods structure...
Page 203 Summary of Data Types and Structures To do this... Call this function Increment the Slapi_Mods iterator slapi_mods_get_next_smod() and return the next mod wrapped in a Slapi_Mods Get the number of mods in a slapi_mods_get_num_mods() Slapi_Mods structure Initialize a Slapi_Mods slapi_mods_init() Initialize a Slapi_Mods that is a slapi_mods_init_byref() wrapper for an existing array of...
Page 204 Summary of Data Types and Structures Description is the data type for an opaque structure that represents a mutual Slapi_Mutex exclusive lock (mutex) in the server plug-in. The following table summarizes the front-end API functions that you can call to work with mutually exclusive locks.
Page 205 Summary of Data Types and Structures Slapi_PBlock Contains name-value pairs, known as parameter blocks, that you can get or set for each LDAP operation. Syntax #include slapi-plugin.h typedef struct slapi_pblock Slapi_PBlock; Description contains name-value pairs that you can use to retrieve information Slapi_PBlock from the server and set information to be used by the server.
Page 206 Summary of Data Types and Structures To do this... Call this function Adds an LDAP add operation slapi_add_internal_pb() based on a parameter block to add a new directory entry. Set up a parameter block so that it slapi_add_internal_set_pb() can be used by slapi_add_internal_pb() for an internal add operation;...
Page 207 Summary of Data Types and Structures To do this... Call this function Sets up a parameter block so that it slapi_search_internal_set_pb() can be used by slapi_search_internal_pb() for an internal search operation. Perform internal sequential access slapi_seq_internal_callback_pb() operation Set up a parameter block for use by slapi_seq_internal_set_pb() slapi_seq_internal_callbac k_pb() for an internal,...
Page 208 Summary of Data Types and Structures Description represents information about a server plug-in. In your Slapi_PluginDesc initialization function, you specify information about your plug-in in this structure and call to put the structure in the slapi_pblock_set() parameter. SLAPI_PLUGIN_DESCRIPTION See Also For more information on using to specify plug-in information, Slapi_PluginDesc...
Page 209 Summary of Data Types and Structures To do this... Call this function Get the index of the RDN slapi_rdn_get_index() Get the position and the attribute slapi_rdn_get_index_attr() value of the first RDN Get the RDN type/value pair from slapi_rdn_get_next() the RDN Get the number of RDN type/value slapi_rdn_get_num_components() pairs...
Page 210 Summary of Data Types and Structures To do this... Call this function Set an RDN value in a Slapi_RDN slapi_rdn_set_dn() structure Set an RDN in a Slapi_RDN slapi_rdn_set_rdn() structure. Set an RDN value in a Slapi_RDN slapi_rdn_set_sdn() structure Add an RDN to a DN slapi_sdn_add_rdn() Slapi_UniqueID Represents the unique identifier of a directory entry.
Page 211 Summary of Data Types and Structures To do this... Call this function Compare a value slapi_value_compare() Duplicate a value slapi_value_dup() Free a Slapi_Value structure slapi_value_free() from memory Get the berval structure of the slapi_value_get_berval() value Convert the value of an integer slapi_value_get_int() Get the length of a value slapi_value_get_int()
Page 212 Summary of Data Types and Structures To do this... Call this function Allocate anew Slapi_Value from slapi_value_new_value() another Slapi_Value structure Set the value slapi_value_set() Copy the value from a berval slapi_value_set_berval() structure into a Slapi_Value structure Set the integer value of a slapi_value_set_int() Slapi_Value structure Copy a string into the value...
Page 213 Summary of Data Types and Structures To do this... Call this function Free the values contained in the slapi_valueset_done() Slapi_ValueSet structure. Find the value in a valueset using slapi_valueset_find() the syntax of an attribute Get the first value of a slapi_valueset_first_value() Slapi_ValueSet structure Free the specified...
Page 214 Summary of Data Types and Structures Netscape Directory Server Plug-In Programmer’s Guide • August 2002...
Page 215: Chapter 15 Function Reference
Chapter 15 Function Reference This chapter contains reference information on Netscape Directory Server (Directory Server) server plug-in API. The server plug-in API includes the following functions: • Distribution Routines • Functions for Access Control • Functions for Internal Operations and Plug-In Callback •...
Page 216: Distribution Routines
Distribution Routines • Functions for LDAPMod Manipulation • Functions for Monitoring Operations • Functions for Managing Parameter Block • Functions for Handling Passwords • Functions for Managing RDN • Functions for Managing Roles • Functions for Managing DNs • Functions for Sending Entries and Results to the Client •...
Page 217 Distribution Routines distribution_plugin_entry_point() Allows for backend distribution. Syntax #include “slapi-plugin.h” int distribution_plugin_entry_point (Slapi_PBlock *pb, Slapi_DN *target_dn, char **mtn_be_names, int be_count, Slapi_DN * node_dn); Parameters This function takes the following parameters: Pointer to the parameter block of the operation. Pointer to the target DN of the operation. target_dn Pointer to the list of names of backends declared for this node.
Page 218: Functions For Access Control
Functions for Access Control Functions for Access Control This section contains reference information on access control routines. Table 15-2 Access Control Routines Function Description slapi_access_allowed() Determines if a user (who is requesting the current operation) has the access rights to perform an operation on a given entry, attribute, or value slapi_acl_check_mods() Determines if a user has the rights to perform the specified modifications on an entry.
Page 219 Functions for Access Control Permission to add a specified entry. SLAPI_ACL_ADD Permission to compare the specified values of an attribute in SLAPI_ACL_COMPARE an entry. Permission to delete a specified entry. SLAPI_ACL_DELETE Permission to read a specified attribute. SLAPI_ACL_READ Permission to search on a specified attribute or value. SLAPI_ACL_SEARCH Permission to write a specified attribute or value or SLAPI_ACL_WRITE...
Page 220 Functions for Access Control Description Call this function to determine if a user has access rights to a specified entry, attribute, or value. The function performs this check for users who request the operation that invokes this plug-in. For example, suppose you are writing a pre-operation plug-in for the add operation.
Page 221 Functions for Access Control slapi_pblock_set( pb, SLAPI_BACKEND, be ); nAccessResult = slapi_access_allowed( pb, seObjectEntry, "*", bval, SLAPI_ACL_DELETE); slapi_acl_check_mods() Determines if a user has the rights to perform the specified modifications on an entry. Syntax #include “slapi-plugin.h” int slapi_acl_check_mods( Slapi_PBlock *pb, Slapi_Entry *e, LDAPMod **mods, char **errbuf );...
Page 222 Functions for Access Control Invalid syntax was specified. LDAP_INVALID_SYNTAX This error can occur if the ACL associated with an entry, attribute, or value uses the wrong syntax. The DSA (this directory server) is unable to LDAP_UNWILLING_TO_PERFORM perform the specified operation. This error can occur if, for example, you are requesting write access to a read-only database.
Page 223 Functions for Access Control Memory Concerns You must free the buffer by calling when you are errbuf slapi_ch_free() finished using the error message. See Also slapi_access_allowed() slapi_ch_free() slapi_acl_verify_aci_syntax() Determines whether or not the access control items (ACIs) on an entry are valid. Syntax #include “slapi-plugin.h”...
Page 224: Functions For Internal Operations And Plug-In Callback
Functions for Internal Operations and Plug-In Callback Functions for Internal Operations and Plug-In Callback This section contains reference information on routines for internal operations and plug-in callbacks—these functions can be used for internal operations based on DN as well as on unique ID. These functions should be used by all new plug-ins and preferably old plug-ins should be changed to use them to take advantage of new plug-in configuration capabilities and to use an extensible interface.
Page 225 Functions for Internal Operations and Plug-In Callback A parameter block that has been initialized using slapi_add_internal_set_pb(). Returns This function returns one of the following values: • 0 if successful. • -1 if an error occurs. If -1 is returned, the field of SLAPI_PLUGIN_INTOP_RESULT the parameter block should be consulted to determine the precise LDAP result...
Page 226 Functions for Internal Operations and Plug-In Callback Returns This function returns one of the following values: • 0 if successful. • -1 if an error occurs. If -1 is returned, the field of SLAPI_PLUGIN_INTOP_RESULT the parameter block should be consulted to determine the precise LDAP result code.
Page 227 Functions for Internal Operations and Plug-In Callback slapi_modify_internal_pb() Performs an LDAP modify operation based on a parameter block to modify a directory entry. Syntax #include “slapi-plugin.h” int slapi_modify_internal_pb(Slapi_PBlock *pb); Parameters This function takes the following parameter: A parameter block that has been initialized using slapi_modify_internal_set_pb().
Page 228 Functions for Internal Operations and Plug-In Callback Parameters This function takes the following parameter: A parameter block that has been initialized using slapi_rename_internal_set_pb(). Returns This function returns one of the following values: • 0 if successful. • -1 if an error occurs. If -1 is returned, the field of SLAPI_PLUGIN_INTOP_RESULT the parameter block should be consulted to determine the precise LDAP result...
Page 229 Functions for Internal Operations and Plug-In Callback A parameter block that has been initialized using slapi_seq_internal_callback_set_pb(). A pointer to arbitrary plug-in or operation-specific data that you callback_data would like to pass to your callback functions. Callback function that the server calls to send result codes. The function must have the prototype specified by plugin_result_callback.
Page 230 Functions for Internal Operations and Plug-In Callback This function must have the prototype specified by . You specify this function in the plugin_search_entry_callback psec argument of slapi_search_internal_callback_pb() • You can write a callback function that is invoked when the search operation normally sends LDAP v3 search result references.
Page 231 Functions for Internal Operations and Plug-In Callback The address of a Slapi_Entry pointer to receive the entry if it ret_entry is found. A plug-in or component identifier. This value can be obtained caller_identity from the SLAPI_PLUGIN_IDENTITY field of the parameter block that is passed to your plug-in initialization function.
Page 232: Functions For Setting Internal Operation Flags
Functions for Setting Internal Operation Flags Returns This function returns one of the following values: • 0 if successful. • -1 if an error occurs. If -1 is returned, the field of SLAPI_PLUGIN_INTOP_RESULT the parameter block should be consulted to determine the precise LDAP result code.
Page 233 Functions for Setting Internal Operation Flags Internal Operation Flag Routines (Continued) Table 15-4 Function Description slapi_seq_internal_callback_pb() Performs internal sequential access operation. slapi_seq_internal_set_pb() Sets up a parameter block for use by slapi_seq_internal_callback_pb() for an internal, sequential-access operation. slapi_add_entry_internal_set_pb() Sets up a parameter block so that it can be used by slapi_add_internal_pb() an internal add operation.
Page 234 Functions for Setting Internal Operation Flags Description This function populates parameters in the structure so that it can be used pblock for an internal add operation. slapi_add_internal_pb() slapi_add_internal_set_pb() Sets up a parameter block so that it can be used by slapi_add_internal_pb() an internal add operation.
Page 235 Functions for Setting Internal Operation Flags • set to DN of the new entry. SLAPI_TARGET_DN • set to request controls, if present. SLAPI_CONTROLS_ARG • set to to add. SLAPI_ADD_ENTRY Slapi_Entry Returns This function returns or one of the LDAP error codes if the entry LDAP_SUCCESS cannot be constructed from the specified attributes due to constraint violation.
Page 236 Functions for Setting Internal Operation Flags Plug-in identity, a cookie that identifies the plug-in to the plugin_identity Directory Server during an internal operation. This cookie is used by the server to retrieve the plug-in configuration in order to determine whether to allow the operation and which actions to take during the operation processing.
Page 237 Functions for Setting Internal Operation Flags Parameter block populated with modify parameters. DN of the entry to be modified. For unique ID operation, this parameter is used to select the correct backend. Modifications to be applied to the entry. mods List of controls associated with the operation.
Page 238 Functions for Setting Internal Operation Flags slapi_rename_internal_set_pb() Sets up a parameter block so that it can be used by slapi_modrdn_internal_pb() for an internal rename operation. Syntax #include “slapi-plugin.h” void slapi_rename_internal_set_pb(Slapi_PBlock *pb, const char *olddn, const char *newrdn, const char *newsuperior, int deloldrdn, LDAPControl **controls, const char *uniqueid, Slapi_ComponentId *plugin_identity, int operation_flags);...
Page 239 Functions for Setting Internal Operation Flags Description This function populates with parameters for use by pblock for an internal rename operation. The function sets slapi_modrdn_internal_pb() the parameter block to contain the following data. For unique ID-based operation: • set to the DN that allows to select the right backend. SLAPI_TARGET_DN •...
Page 240 Functions for Setting Internal Operation Flags Search scope (LDAP_SCOPE_SUBTREE, etc.). scope Search filter. filter Attributes to be returned. attrs Flag specifying whether to return just attribute names or names attrsonly and values. List of controls associated with the operation. controls Unique identifier of the entry.
Page 241 Functions for Setting Internal Operation Flags • set to the search filter. SLAPI_SEARCH_STRFILTER • set to request controls, if present. SLAPI_CONTROLS_ARG • set to the list of attributes to return. SLAPI_SEARCH_ATTRS • indicates whether attribute values should be SLAPI_SEARCH_ATTRSONLY returned. slapi_seq_internal_callback_pb() Performs internal sequential access operation.
Page 242 Functions for Setting Internal Operation Flags slapi_seq_internal_set_pb() Sets up a parameter block for use by for an slapi_seq_internal_callback_pb() internal, sequential-access operation. Syntax #include “slapi-plugin.h” void slapi_seq_internal_set_pb(Slapi_PBlock *pb, char *ibase, int type, char *attrname, char *val, char **attrs, int attrsonly, LDAPControl **controls, Slapi_ComponentId *plugin_identity, int operation_flags);...
Page 243: Functions For Handling Attributes
Functions for Handling Attributes Functions for Handling Attributes This section contains reference information on attribute routines. Table 15-5 Attribute Routines Function Description slapi_attr_add_value() Adds a value to an attribute. slapi_attr_basetype() Returns the base type of an attribute. slapi_attr_dup() Duplicates an attribute. slapi_attr_first_value() Gets the first value of an attribute.
Page 244 Functions for Handling Attributes Attribute Routines (Continued) Table 15-5 Function Description slapi_valueset_set_valueset() Initializes a Slapi_ValueSet structure from another Slapi_ValueSet structure. slapi_attr_add_value() Adds a value to an attribute. Syntax #include “slapi-plugin.h” int slapi_attr_add_value(Slapi_Attr *a, const Slapi_Value *v); Parameters This function takes the following parameters: The attribute that will contain the values.
Page 245 Functions for Handling Attributes Syntax #include “slapi-plugin.h” char *slapi_attr_basetype( char *type, char *buf, size_t bufsiz ); Parameters This function takes the following parameters: Attribute type from which you want to get the base type. type Buffer to hold the returned base type. Size of the buffer.
Page 246 Functions for Handling Attributes Parameters This function takes the following parameters: The attribute to be duplicated. attr Returns This function returns the newly created copy of the attribute. Description Use this function to make a copy of an attribute. Memory Concerns You must free the returned attribute using slapi_attr_free() See Also...
Page 247 Functions for Handling Attributes Returns This function returns one of the following values: • 0, which is the index of the first value. • -1 if NULL, or if the value is not found. hint Description Use this function to get the first value of an attribute. This is part of a set of functions to enumerate over an structure.
Page 248 Functions for Handling Attributes Returns This function returns one of the following values: • 1 if the specified flag is set. • 0 if the specified flag is not set. Description This function determines if certain flags are set for a particular attribute. These flags can identify an attribute as a single-valued attribute, an operational attribute, or as a read-only attribute.
Page 249 Functions for Handling Attributes Syntax #include “slapi-plugin.h” int slapi_attr_get_bervals_copy( Slapi_Attr *a, struct berval ***vals ); Parameters This function takes the following parameters: Attribute that contains the desired values. Pointer to an array of berval structure pointers to hold the vals desired values.
Page 250 Functions for Handling Attributes Attribute for which you want to get the flags. attr When you call slapi_attr_get_flags(), this parameter is set to a flags pointer to the flags of the specified attribute. Do not free the flags; the flags are part of the actual data in the attribute, not a copy of the data. To determine which flags have been set, you can bitwise AND the value of the argument with one or more of the following: flags...
Page 251 Functions for Handling Attributes Attribute containing the values to be counted. Integer to hold the counted values. numValues Returns This function always returns 0. Description This function counts the number of values in an attribute and places that count in an integer.
Page 252 Functions for Handling Attributes Description This function replaces the deprecated function, . Use this slapi_attr_get_oid function to search the syntaxes for an attribute type’s OID. Memory Concerns You should free this string using slapi_ch_free() slapi_attr_get_type() Gets the name of the attribute type from a specified attribute. Syntax #include “slapi-plugin.h”...
Page 253 Functions for Handling Attributes Syntax #include “slapi-plugin.h” int slapi_attr_get_valueset(const Slapi_Attr *a, Slapi_ValueSet **vs); Parameters This function takes the following parameters: Attribute containing the values to be placed into a valueset. Receives values from the first parameter. Returns This function always returns See Also slapi_entry_add_valueset() slapi_valueset_new()
Page 254 Functions for Handling Attributes The empty attribute to be initialized. Attribute type to be initialized. type Returns This function returns the newly-initialized attribute. Description Use this function to initialize an empty attribute with an attribute type. See Also slapi_attr_new() slapi_attr_free() slapi_attr_dup() slapi_attr_new() Creates a new attribute.
Page 255 Functions for Handling Attributes slapi_attr_next_value() Gets the next value of an attribute. Syntax #include “slapi-plugin.h” int slapi_attr_next_value( Slapi_Attr *a, int hint, Slapi_Value **v ); Parameters This function takes the following parameters: Attribute contained the desired value. Index of the value to be returned. hint Holds the value of the attribute.
Page 256 Functions for Handling Attributes Syntax #include “slapi-plugin.h” int slapi_attr_set_valueset(Slapi_Attr *a, const Slapi_ValueSet *vs); Parameters This function takes the following parameters: Pointer to the Slapi_Attr structure, the value set of which you wish to set. Pointer to the Slapi_ValueSet structure from which you want to extract the values.
Page 257 Functions for Handling Attributes Returns This function returns the copy of the desired normalized attribute, or a normalized copy of what was passed in. Description Use this function to search the syntaxes for an attribute type and return its normalized form. Memory Concerns You should free the returned string using slapi_ch_free()
Page 258 Functions for Handling Attributes See Also slapi_attr_get_type() slapi_attr_type_cmp() slapi_attr_types_equivalent() slapi_attr_basetype() slapi_attr_type_cmp() Compares two attribute types to determine if they are the same. Syntax #include “slapi-plugin.h” int slapi_attr_type_cmp( char *t1, char *t2, int opt ); Parameters This function takes the following parameters: Name of the first attribute type that you want to compare.
Page 259 Functions for Handling Attributes slapi_attr_get_type() slapi_attr_types_equivalent() slapi_attr_basetype() slapi_attr_types_equivalent() Compares two attribute names to determine if they represent the same attribute. Syntax #include “slapi-plugin.h” int slapi_attr_types_equivalent( const char *t1, const char *t2 ); Parameters This function takes the following parameters: Pointer to the first attribute type that you want to compare. Pointer to the second attributed type that you want to compare.
Page 260 Functions for Handling Attributes Syntax #include “slapi-plugin.h” int slapi_attr_value_cmp( Slapi_Attr *attr, struct berval *v1, struct berval *v2 ); Parameters This function takes the following parameters: Attribute used to determine how these values are compared (for attr example, if the attribute contains case-insensitive strings, the strings are compared without regard to case).
Page 261 Functions for Handling Attributes Parameters This function takes the following parameters: Attribute that you want to check. Pointer to the berval structure containing the value that you want to search for. Returns This function returns one of the following values: •...
Page 262: Functions For Managing Backend Operations
Functions for Managing Backend Operations Description Use this function to create a valueset that contains the changes from smod See Also slapi_mods_init() slapi_mods_free() slapi_mods_done() Functions for Managing Backend Operations This section contains reference information on routines that help you deal with backends.
Page 263 Functions for Managing Backend Operations Backend Routines (Continued) Table 15-6 Function Description slapi_be_new() Creates a new backend structure, allocates memory for it, and initializes values for relevant parameters. slapi_be_private() Verifies if the backend is private. slapi_be_select() Finds the backend that should be used to service the entry with the specified DN.
Page 264 Functions for Managing Backend Operations Suffix that needs to be added to the backend. suffix slapi_be_delete_onexit() Sets the flag to denote that the backend will be deleted on exiting. Syntax #include “slapi-plugin.h” void slapi_be_delete_onexit(Slapi_Backend *be); Parameters This function takes the following parameter: Pointer to the structure containing the backend configuration.
Page 265 Functions for Managing Backend Operations slapi_be_free() Frees memory and linked resources from the backend structure. Syntax #include “slapi-plugin.h” void slapi_be_free(Slapi_Backend **be); Parameters This function takes the following parameter: Pointer to the structure containing the backend configuration. slapi_be_get_instance_info() Gets the instance information of the specified backend. Syntax #include “slapi-plugin.h”...
Page 266 Functions for Managing Backend Operations Parameters This function takes the following parameter: Pointer to the structure containing the backend configuration. Returns This function returns the name associated to the specified backend. Memory Concerns You should not free the returned pointer. slapi_be_get_readonly() Indicates if the database associated with the backend is in read-only mode.
Page 267 Functions for Managing Backend Operations Syntax int slapi_be_getentrypoint(Slapi_Backend *be, int entrypoint, void **ret_fnptr, Slapi_PBlock *pb); Parameters This function takes the following parameters: Pointer to the structure containing the backend configuration. Entry point in the backend. entrypoint Opaque pointer to store function address. ret_fnptr Pointer to the parameter block.
Page 268 Functions for Managing Backend Operations Description This function returns the suffix associated with the specified backend. This function is still present for compatibility purposes with previous versions of the Directory Server Plug-in API. Directory Server 6.x does not support backends containing multiple suffixes, so if is not 0, NULL will be returned.
Page 269 Functions for Managing Backend Operations Pointer to the structure containing the backend configuration. Flag to check (for example, SLAPI_BE_FLAG_REMOTE_DATA). flag Returns This function returns one of the following values: • 0 if a flag is not set in the backend configuration. •...
Page 270 Functions for Managing Backend Operations slapi_be_logchanges() Indicates whether the changes applied to the backend should be logged in the changelog. Syntax #include “slapi-plugin.h” int slapi_be_logchanges(Slapi_Backend *be); Parameters This function takes the following parameter: Pointer to the structure containing the backend configuration. Returns This function returns one of the following values: •...
Page 271 Functions for Managing Backend Operations Returns This function returns a pointer to the newly-created backend. slapi_be_private() Verifies if the backend is private. Syntax #include “slapi-plugin.h” int slapi_be_private( Slapi_Backend *be ); Parameters This function takes the following parameter: Pointer to the structure containing the backend configuration. Returns This function returns one of the following values: •...
Page 272 Functions for Managing Backend Operations Returns This function returns one of the following values: • A pointer to the default backend, if no backend with the appropriate suffix is configured. • Otherwise, it returns a pointer to the backend structure. Memory Concerns You should not free the returned pointer.
Page 273 Functions for Managing Backend Operations See Also slapi_be_select() slapi_be_set_flag() Sets the specified flag in the backend. Syntax #include “slapi-plugin.h” void slapi_be_set_flag(Slapi_Backend * be, int flag); Parameters This function takes the following parameters: Pointer to the structure containing the backend configuration. Flag (bitmap) that needs to be set.
Page 274 Functions for Managing Backend Operations Syntax #include “slapi-plugin.h” void slapi_be_set_readonly(Slapi_Backend *be, int readonly); Parameters This function takes the following parameters: Pointer to the structure containing the backend configuration. Flag to specify the read-only status. readonly slapi_be_setentrypoint() Sets the entry point in the backend to the specified function. Syntax #include “slapi-plugin.h”...
Page 275 Functions for Managing Backend Operations Syntax #include “slapi-plugin.h” Slapi_Backend* slapi_get_first_backend(char **cookie); Parameters This function takes the following parameter: Output parameter containing the index of the returned backed. cookie This is useful for calls to slapi_get_next_backend(). Contains 0 in output if no backend is returned. Returns This function returns one of the following values: •...
Page 276 Functions for Managing Backend Operations slapi_get_first_suffix() Returns the first root suffix of the DIT. Syntax #include “slapi-plugin.h” Slapi_DN * slapi_get_first_suffix(void ** node, int show_private); Parameters This function takes the following parameter: Contains the returned valued, which is the DN of the first root node suffix of the DIT.
Page 277 Functions for Managing Backend Operations Syntax #include “slapi-plugin.h” Slapi_Backend* slapi_get_next_backend(char *cookie); Parameters This function takes the following parameter: Upon input, contains the index from which the search for the cookie next backend is done. Upon output, contains the index of the returned backend.
Page 278 Functions for Managing Backend Operations slapi_get_next_suffix() Returns the DN of the next root suffix of the DIT. Syntax #include “slapi-plugin.h” Slapi_DN * slapi_get_next_suffix(void ** node, int show_private); Parameters This function takes the following parameter: 0 checks only for non-private suffixes. show_private 1 checks for both private and non-private suffixes.
Page 279 Functions for Managing Backend Operations slapi_is_root_suffix() Checks if a suffix is a root suffix of the DIT. Syntax #include “slapi-plugin.h” int slapi_is_root_suffix(Slapi_DN * dn); Parameters This function takes the following parameter: DN that you wish to check. Returns This function returns one of the following values: •...
Page 280 Functions for Managing Backend Operations For example, if your plug-in stores any kind of state, such as a configuration cache, it will become invalidated or incomplete whenever the state of a backend changes. Because the plug-in wouldn’t be aware of these state changes, it would require restarting the server whenever a backend state changes.
Page 281: Functions For Dealing With Controls
Functions for Dealing with Controls Functions for Dealing with Controls This section contains reference information on routines for dealing with controls. Table 15-7 Routines for Dealing with Controls Function Description slapi_build_control() Creates an LDAPControl structure based on a BerElement, an OID, and a criticality flag.
Page 282 Functions for Dealing with Controls Returns This function returns (LDAP result code) if successful. LDAP_SUCCESS Description This function creates an structure based on a , an OID, LDAPCotnrol BerElement and a criticality flag. The that is created can be used in LDAP client LDAPControl requests or internal operations.
Page 283 Functions for Dealing with Controls Pointer that will receive the allocated LDAPControl structure. ctrlp Returns This function returns (LDAP result code) if successful. LDAP_SUCCESS Description This function creates an structure based on a , an LDAPControl struct berval OID, and a criticality flag. The that is created can be used in LDAP LDAPControl client requests or internal operations.
Page 284 Functions for Dealing with Controls If the control is present in the list of controls, specifies the pointer to the berval structure containing the value of the control. If the control is present in the list of controls, specifies whether or not iscritical the control is critical to the operation of the server: •...
Page 285 Functions for Dealing with Controls Returns This function returns one of the following values: • A pointer to an allocated structure if successful. LDAPControl • if an error occurs. NULL Description This function duplicates the contents of an structure. All fields within LDAPControl are copied to a new, allocated structure, and a pointer to the new LDAPControl...
Page 286 Functions for Dealing with Controls Returns This function returns one of the following values: • 0 if successful. • A non-zero value if an error occurs. Description This function replaces the deprecated slapi_get_supported_controls() function from previous releases, as it was not multithread safe. When you call to register a control, you slapi_register_supported_control()
Page 287 Functions for Dealing with Controls Parameters This function takes the following parameters: OID of the control you want to register. controloid Operation that the control is applicable to. controlops The specified control applies to the LDAP bind SLAPI_OPERATION_BIND operation. The specified control applies to the LDAP unbind SLAPI_OPERATION_UNBIND operation.
Page 288: Functions For Syntax Plug-In
Functions for Syntax Plug-In slapi_control_present() Functions for Syntax Plug-In This section contains reference information on routines for syntax plug-ins. Table 15-8 Syntax Plug-In Routines Function Description slapi_call_syntax_assertion2keys_ava_sv() Calls a function, specified in the syntax plug-in, to compare against directory entries. slapi_call_syntax_assertion2keys_sub_sv() Calls a function, specified in the syntax plug-in, to compare against directory entries.
Page 289 Functions for Syntax Plug-In Pointer to the Slapi_Value arrays containing the values ivals returned by the plug-in function (these values can now be compared against entries in the directory). Type of filter (for example, LDAP_FILTER_EQUALITY) ftype Returns This function returns one of the following values: •...
Page 290 Functions for Syntax Plug-In Parameters This function takes the following parameters: Handle to plug-in for this attribute type “Starts with” value from the search filter (for example, if the initial filter is ou=Sales*, the argument initial is Sales) Array of “contains” values from the search filter (for example, if the filter is ou=*Corporate*Sales*, the argument any is an array containing Corporate and Sales) “Ends with”...
Page 291: Functions For Managing Memory
Functions for Managing Memory slapi_call_syntax_values2keys_sv() When adding or removing values from an index, calls the function (defined in the specified syntax plug-in) responsible for returning an array of keys matching the specified values. Syntax #include “slapi-plugin.h” int slapi_call_syntax_values2keys_sv( void *vpi, Slapi_Value **vals, Slapi_Value ***ivals, int ftype );...
Page 292 Functions for Managing Memory Table 15-9 Memory Management Routines Function Description slapi_ch_array_free() Frees an existing array. slapi_ch_bvdup() Makes a copy of an existing berval structure. slapi_ch_bvecdup() Makes a copy of an array of existing berval structures. slapi_ch_calloc() Allocates space for an array of a number of elements of a specified size slapi_ch_free() Frees space allocated by the slapi_ch_malloc(), slapi_ch_realloc(), and slapi_ch_calloc() functions.
Page 293 Functions for Managing Memory Syntax #include “slapi-plugin.h” extern struct berval* slapi_ch_bvdup( const struct berval *v ); Parameters This function takes the following parameters: Pointer to the berval structure that you want to copy. Returns This function returns a pointer to the new copy of the structure.
Page 294 Functions for Managing Memory Returns This function returns a pointer to an array of the new copy of the berval structures. If the structures cannot be duplicated, for example, if no more virtual memory exists, the program terminates. slapd Memory Concerns The contents of the parameter are not altered by this function.
Page 295 Functions for Managing Memory See Also slapi_ch_free() slapi_ch_malloc() slapi_ch_realloc() slapi_ch_strdup() slapi_ch_free() Frees space allocated by the , and slapi_ch_malloc() slapi_ch_realloc() functions and sets the pointer to . Call this function slapi_ch_calloc() NULL instead of the standard C function. free() Syntax #include “slapi-plugin.h”...
Page 296 Functions for Managing Memory Syntax #include “slapi-plugin.h” void slapi_ch_free_string( char **s ); Parameters This function takes the following parameter: Address of the string that you want to free. If NULL, no action occurs. Description This function is similar to , but the argument is the address of a slapi_ch_free() string.
Page 297 Functions for Managing Memory The returned pointer should be freed by calling slapi_ch_free() See Also slapi_ch_free() slapi_ch_calloc() slapi_ch_realloc() slapi_ch_strdup() slapi_ch_realloc() Changes the size of a block of allocated memory. Syntax #include “slapi-plugin.h” char * slapi_ch_realloc( char *block, unsigned long size ); Parameters This function takes the following parameters: Pointer to an existing block of allocated memory.
Page 298: Functions For Managing Dns
Functions for Managing DNs slapi_ch_calloc() slapi_ch_strdup() slapi_ch_strdup() Makes a copy of an existing string. Syntax #include “slapi-plugin.h” char * slapi_ch_strdup( char *s ); Parameters This function takes the following parameters: Pointer to the string you want to copy. Returns This function returns a pointer to a copy of the string. If space cannot be allocated, for example, if no more virtual memory exists, the program terminates.
Page 299 Functions for Managing DNs Table 15-10 DN Management Routines Function Description slapi_dn_beparent() Gets a copy of the DN of the parent of an entry. slapi_dn_ignore_case() Converts all characters in a DN to lowercase. slapi_dn_isbesuffix() Determines if the a DN is the suffix of the local database. slapi_dn_isparent() Determines if a DN is the parent of a specific DN.
Page 300 Functions for Managing DNs Returns This function returns one of the following values: • The DN of the parent entry. • NULL if the specified DN is NULL, if the DN is an empty string, if the DN has no parent (for example, ), or if the specified DN is the suffix of o=example.com the local database.
Page 301 Functions for Managing DNs Syntax #include “slapi-plugin.h” int slapi_dn_isbesuffix( Slapi_PBlock *pb, char *dn ); Parameters This function takes the following parameters: Parameter block. DN that you want to check. Returns This function returns one of the following values: • 1 if the specified DN is the suffix for the local database. •...
Page 302 Functions for Managing DNs Returns This function returns one of the following values: • A non-zero value if is the parent of parentdn childdn • 0 if the is not the parent of parentdn childdn See Also slapi_dn_issuffix() slapi_dn_isroot() Determines whether or not the specified DN is the root DN for this local database. Before calling this function, you should call slapi_dn_normalize_case() normalize the DN and convert all characters to lowercase.
Page 303 Functions for Managing DNs slapi_dn_issuffix() Determines whether or not a DN is equal to the specified suffix. Before calling this function, you should call to normalize the DN and slapi_dn_normalize_case() convert all characters to lowercase. If you want to determine if a DN is the same as the suffix for the local database, call function instead.
Page 304 Functions for Managing DNs Syntax #include “slapi-plugin.h” char *slapi_dn_normalize( char *dn ); Parameters This function takes the following parameters: DN that you want to normalize. Returns This function returns the normalized DN. Note that variable passed in as the argument is also converted in place. See Also slapi_dn_normalize_to_end() slapi_dn_normalize_case()
Page 305 Functions for Managing DNs See Also slapi_dn_normalize() slapi_dn_ignore_case() slapi_dn_normalize_to_end() Normalizes part of a DN value, specifically, the part going from what is pointed to by dn to that pointed to by . Note that this routine does not terminate the NULL normalized bit pointed to by at the return of the function.
Page 306 Functions for Managing DNs If you want to check if the DN is the suffix of the local database, call the function instead. slapi_dn_beparent() Syntax #include “slapi-plugin.h” char *slapi_dn_parent( char *dn ); Parameters This function takes the following parameters: DN of the entry for which you want to find the parent. Returns This function returns one of the following values: •...
Page 307: Functions For Managing Entries
Functions for Managing Entries Returns This function returns the new DN formed by adding the RDN value in to the DN value in See Also slapi_sdn_add_rdn() slapi_rdn2typeval() Converts the second RDN type value to the value. berval Syntax #include “slapi-plugin.h” int slapi_rdn2typeval( char *rdn, char **type, struct berval *bv );...
Page 308 Functions for Managing Entries Table 15-11 Entry Routines Function Description slapi_entry2str() Generates an LDIF string description. slapi_entry2str_with_options() Generates an LDIF string descriptions with options. slapi_entry_add_rdn_values() Add components in an entry’s RDN. slapi_entry_add_string() Adds a string value to an attribute in an entry. slapi_entry_add_value() Adds a data value to an attribute in an entry.
Page 309 Functions for Managing Entries Table 15-11 Entry Routines (Continued) Function Description slapi_entry_free() Frees an entry from memory. slapi_entry_get_dn() Gets the DN from an entry. slapi_entry_get_dn_const() Returns the DN of an entry as a constant. slapi_entry_get_ndn() Returns the NDN of an entry. slapi_entry_get_sdn() Returns the Slapi_DN from an entry.
Page 310 Functions for Managing Entries Entry that you want to convert into an LDIF string. Length of the returned LDIF string. Returns This function returns one of the following values: • The LDIF string representation of the entry you specify. • if an error occurs.
Page 311 Functions for Managing Entries Syntax #include “slapi-plugin.h” char *slapi_entry2str_with_options( Slapi_Entry *e, int *len, int options ); Parameters This function takes the following parameters: Entry that you want to convert into an LDIF string. Length of the LDIF string returned by this function. An option set that specifies how you want the string converted.
Page 312 Functions for Managing Entries Description This function generates an LDIF string value conforming to the following syntax: dn: <dn>\n [<attr>: <value>\n]* For example: dn: uid=jdoe, ou=People, o=example.com cn: Jane Doe sn: Doe To convert an entry described in LDIF string format to an LDAP entry using the data type, call the function.
Page 313 Functions for Managing Entries • if the values were successfully added to the entry. The function LDAP_SUCCESS also returns if the entry is , if the entry’s DN is , or if LDAP_SUCCESS NULL NULL the entry’s RDN is NULL •...
Page 314 Functions for Managing Entries Memory Concerns This routine makes a copy of the parameter can be value value NULL slapi_entry_add_value() Adds a specified data value to an attribute in an entry. Slapi_Value Syntax #include “slapi-plugin.h” int slapi_entry_add_value (Slapi_Entry *e, const char *type, const Slapi_Value *value);...
Page 315 Functions for Managing Entries Syntax #include “slapi-plugin.h” int slapi_entry_add_values_sv( Slapi_Entry *e, const char *type, Slapi_Value **vals ); Parameters This function takes the following parameters: Entry to which you want to add values. Attribute type to which you want to add values. type Array of Slapi_Value data values that you want to add.
Page 316 Functions for Managing Entries Syntax #include “slapi-plugin.h” int slapi_entry_add_valueset(Slapi_Entry *e, const char *type, Slapi_ValueSet *vs); Parameters This function takes the following parameters: Entry to which you want to add values. Attribute type to which you want to add values. type Slapi_ValueSet data value that you want to add to the entry.
Page 317 Functions for Managing Entries When you are no longer using the entry, you should free it from memory by calling function. slapi_entry_free() Memory Concerns When you no longer use the entry, free it from memory by calling the function. slapi_entry_free() See Also slapi_entry_dup() slapi_entry_free()
Page 318 Functions for Managing Entries Syntax #include “slapi-plugin.h” int slapi_entry_attr_find( const Slapi_Entry *e, const char *type, Slapi_Attr **attr ); Parameters This function takes the following parameters: Entry that you want to check. Name of the attribute that you want to check. type Pointer to the attribute, if the attribute is in the entry.
Page 319 Functions for Managing Entries Parameters This function takes the following parameters: Entry from which you want to get the string value. Attribute type from which you want to get the value. type Returns This function returns one of the following values: •...
Page 320 Functions for Managing Entries Description This function is very similar to , except that it slapi_entry_attr_get_charptr() returns a array for multi-valued attributes. The array and all values are char** copies. Even if the attribute values are not strings, they will still be null terminated, so that they can be used safely in a string context.
Page 321 Functions for Managing Entries Returns This function returns one of the following values: • The first value in the attribute converted to an integer. • if the entry does not contain the attribute. slapi_entry_attr_get_long() Gets the first value of an attribute in an entry as a long data type. Syntax #include “slapi-plugin.h”...
Page 322 Functions for Managing Entries Entry from which you want to get the value. Attribute type from which you want to get the value. type Returns This function returns one of the following values: • The first value in the attribute converted to an unsigned integer •...
Page 323 Functions for Managing Entries Syntax #include “slapi-plugin.h” int slapi_entry_attr_has_syntax_value(const Slapi_Entry *e, const char *type, const Slapi_Value *value); Parameters Entry that you want to check. Attribute type that you want to test for the value specified. type Value that you want to find in the attribute. value Returns This function returns one of the following values:...
Page 324 Functions for Managing Entries Attribute to which you want to add values. type Array of Slapi_Value data values you want to add. vals Returns This function returns if successful; any other value returned signals failure. Description This function replaces the deprecated function.
Page 325 Functions for Managing Entries Description This function replaces existing attribute values in a specified entry with a single data value. The function first deletes the existing attribute from the Slapi_Value entry, then replaces it with the new value specified. This function replaces the deprecated function.
Page 326 Functions for Managing Entries slapi_entry_attr_set_int() Replaces the value or values of an attribute in an entry with a specified integer data value. Syntax #include “slapi-plugin.h” void slapi_entry_attr_set_int(Slapi_Entry* e, char *type, int l); Parameters This function takes the following parameters: Entry in which you want to set the value. Attribute type in which you want to set the value.
Page 327 Functions for Managing Entries slapi_entry_attr_set_uint() Replaces the value or values of an attribute in an entry with a specified unsigned integer data type value. Syntax #include “slapi-plugin.h” void slapi_entry_attr_set_uint(Slapi_Entry* e, char *type, unsigned int l); Parameters This function takes the following parameters: Entry in which you want to set the value.
Page 328 Functions for Managing Entries Description This function will replace the value or values of an attribute with the unsigned value that you specify. If the attribute does not exist, it is created with the long unsigned long value that you specify. slapi_entry_delete_string() Deletes a string value from an attribute in an entry.
Page 329 Functions for Managing Entries Attribute from which you want to delete values. type Array of Slapi_Value data values that you want to delete. vals Returns This function returns if the specified attribute and the array of LDAP_SUCCESS data values are deleted from the entry. Slapi_Value If the specified attribute contains a value, the attribute is deleted from the...
Page 330 Functions for Managing Entries Parameters This function takes the following parameter: Entry that you want to copy. Returns This function returns the new copy of the entry. If the structure cannot be duplicated (for example, if no more virtual memory exists), the program slapd terminates.
Page 331 Functions for Managing Entries Returns Returns when successful; any other value returned signals failure. Memory Concerns Do not free the returned . This is a pointer into the internal entry data attr structure. If you need a copy, use slapi_attr_dup() See Also slapi_attr_dup() slapi_entry_free()
Page 332 Functions for Managing Entries Syntax #include “slapi-plugin.h” char *slapi_entry_get_dn( Slapi_Entry *e ); Parameters This function takes the following parameter: Entry from which you want to get the DN. Returns This function returns the DN of the entry. Note that this returns a pointer to the actual DN in the entry, not a copy of the DN.
Page 333 Functions for Managing Entries • of the entry that you specify. The is returned as a ; you are not const able to modify the value. • value of if the of the object is Slapi_DN Slapi_DN NULL Memory Concerns Never free this value.
Page 334 Functions for Managing Entries Entry from which you want to get the Slapi_DN object. Returns Returns the object form the entry that you specify. Slapi_DN Memory Concerns Never free this value. If you need a copy, use slapi_sdn_dup() See Also slapi_sdn_dup() slapi_entry_get_sdn_const() Returns as a...
Page 335 Functions for Managing Entries slapi_entry_get_uniqueid() Gets the unique ID value of the entry. Syntax #include “slapi-plugin.h” const char *slapi_entry_get_uniqueid( const Slapi_Entry *e ); Parameters This function takes the following parameter: Entry from which you want obtain the unique ID. Returns This function returns the unique ID value of the entry specified.
Page 336 Functions for Managing Entries • if the entry you supply has children entries. • if the entry you supply has no children entries. slapi_entry_init() Initializes the values of an entry with the DN and attribute value pairs you supply. Syntax #include “slapi-plugin.h”...
Page 337 Functions for Managing Entries char *dn = slapi_ch_strdup(some_dn); Slapi_Entry *e = slapi_entry_alloc() slapi_entry_init(e, dn, NULL);l is not freed in this context, but will eventually be freed when is called. slapi_entry_free() See Also slapi_entry_free() slapi_entry_alloc() slapi_ch_strdup() slapi_entry_merge_values_sv() Merges (adds) and array of data values to a specified attribute in an Slapi_Value entry.
Page 338 Functions for Managing Entries Description This function adds additional data values to the existing values Slapi_Value contained in an attribute. If the attribute type does not exist, it is created. If the specified attribute exists in the entry, the function merges the value specified and returns .
Page 339 Functions for Managing Entries Memory Concerns Never free the returned . Use to make a copy if a copy is attr slapi_attr_dup() needed. See Also slapi_attr_dup() slapi_entry_rdn_values_present() Determines whether or not the values in an entry’s relative distinguished name (RDN) are also present as attribute values. (For example, if the entry’s RDN is , the function determines if the entry has the attribute with cn=Barbara Jensen...
Page 340 Functions for Managing Entries Parameters This function takes the following parameters: Parameter block. Entry of which you want to check the schema. Returns The function returns one of the following values: • if the entry complies with the schema or if schema checking is turned off. The function also returns if the entry has additional attributes not allowed by the schema and has the object class...
Page 341 Functions for Managing Entries Description This function sets the DN pointer in the specified entry to the DN that you supply. Memory Concerns will be freed eventually when is called. slapi_entry_free() A copy of should be passed, for example: char *dn = slapi_ch_strdup(some_dn): slapi_entry_set_dn(e, dn);...
Page 342 Functions for Managing Entries slapi_entry_set_uniqueid() Replaces the unique ID value of an entry with the unique ID value that you supply. Syntax #include “slapi-plugin.h” void slapi_entry_set_uniqueid( Slapi_Entry *e, char *uniqueid ); Parameters This function takes the following parameters: Entry for which you want to generate a description. The unique ID value to which you want to assign the entry.
Page 343 Functions for Managing Entries Syntax #include “slapi-plugin.h” size_t slapi_entry_size(Slapi_Entry *e); Parameters This function takes the following parameter: Entry from which you want the size returned. Returns This function returns one of the following values: • The size of the entry, rounded to the nearest 1k. The value returned is a size_t data type, with is a value.
Page 344 Functions for Managing Entries The DN that you want to test to see if it is the root DSE entry. Returns This function returns one of the following values: • is the root DSE. • is not the root DSE. slapi_str2entry() Converts an LDIF description of a directory entry (a string value) into an entry of type.
Page 345: Functions Related To Entry Flags
Functions Related to Entry Flags Returns This function returns one of the following values: • A pointer to the structure representing the entry. Slapi_Entry • if the string cannot be converted, for example, if no DN is specified in the NULL string.
Page 346 Functions Related to Entry Flags Table 15-12 Entry Flags (Continued) Function Description slapi_entry_set_flag() Sets a flag for an entry. slapi_entry_clear_flag() Clears a flag for a specified entry. Syntax #include “slapi-plugin.h” void slapi_entry_clear_flag( Slapi_Entry *e, unsigned char flag); Parameters This function takes the following parameters: Entry in which you want to clear the flag settings.
Page 347 Functions Related to Entry Flags Parameters This function takes the following parameters: Entry in which you want to check the flag settings. Flag of which you want to check for presence. flag Returns This function returns one of the following values: •...
Page 348: Functions For Dealing With Filters
Functions for Dealing with Filters Description In Directory Server 6.1, the only external flag that can be set is . This flag means that the entry is a tombstone SLAPI_ENTRY_FLAG_TOMBSTONE entry. More flags may be exposed in future releases. Do not use your own flags. See Also slapi_entry_clear_flag() slapi_entry_flag_is_set()
Page 349 Functions for Dealing with Filters Table 15-13 Filter Routines (Continued) Function Description slapi_find_matching_paren() Finds the matching right parentheses in a string (corresponding to the left parenthesis to which the string currently points) slapi_str2filter() Converts a string description of a search filter into a filter of the Slapi_Filter type.
Page 350 Functions for Dealing with Filters • (Indicates premature abort) SLAPI_FILTER_SCAN_STOP • (Indicates continue scanning) SLAPI_FILTER_SCAN_CONTINUE • (Indicates an occurred during the traverse and the SLAPI_FILTER_SCAN_ERROR scan is aborted. In this case can be checked for more details; error_code currently, the only error is SLAPI_FILTER_UNKNOWN_FILTER_TYPE slapi_filter_compare() Determines if two filters are identical.
Page 351 Functions for Dealing with Filters Syntax #include “slapi-plugin.h” Slapi_Filter *slapi_filter_dup(Slapi_Filter *f); Parameters This function takes the following parameter: Filter to duplicate. Returns This function returns a pointer to the duplicated filter, if successful; otherwise, it returns NULL. slapi_filter_free() Frees the specified filter and (optionally) the set of filters that comprise it (for example, the set of filters in an type filter).
Page 352 Functions for Dealing with Filters See Also slapi_str2filter() slapi_pblock_get() slapi_filter_get_attribute_type() Gets the attribute type for all simple filter choices. Syntax #include “slapi-plugin.h” int slapi_filter_get_attribute_type( Slapi_Filter *f, char **type ); Parameters This function takes the following parameters: Filter from which you wish to get the substring values. Pointer to the attribute type of the filter.
Page 353 Functions for Dealing with Filters Memory Concerns The attribute type is returned in type and should not be freed after calling this function. It will be freed at the same time as the structure when Slapi_Filter is called. slapi_filter_free() See Also slapi_filter_get_choice() slapi_filter_get_ava() slapi_filter_get_type()
Page 354 Functions for Dealing with Filters Description Filters of the type LDAP_FILTER_EQUALITY LDAP_FILTER_GE LDAP_FILTER_LE generally compare a value against an attribute. For LDAP_FILTER_APPROX example: (cn=Barbara Jensen) This filter finds entries in which the value of the attribute is equal to Barbara Jensen The attribute is returned in the parameter type, and the value is returned in...
Page 355 Functions for Dealing with Filters For example: (&(ou=Accounting)(l=Sunnyvale)) • (OR filter) LDAP_FILTER_OR For example: (|(ou=Accounting)(l=Sunnyvale)) • (NOT filter) LDAP_FILTER_NOT For example: (!(l=Sunnyvale)) • (equals filter) LDAP_FILTER_EQUALITY For example: (ou=Accounting) • (substring filter) LDAP_FILTER_SUBSTRINGS For example: (ou=Account*Department) • (“greater than or equal to” filter) LDAP_FILTER_GE For example: (supportedLDAPVersion>=3)
Page 356 Functions for Dealing with Filters Syntax #include “slapi-plugin.h” int slapi_filter_get_subfilt( Slapi_Filter *f, char **type, char **initial, char ***any, char **final ); Parameters This function takes the following parameters: Filter that you want to get the substring values from. Pointer to the attribute type of the filter. type Pointer to the initial substring (“starts with”) of the filter.
Page 357 Functions for Dealing with Filters slapi_filter_get_type() (Applies only to filters of the type ) Gets the attribute type LDAP_FILTER_PRESENT specified in the filter. Syntax #include “slapi-plugin.h” int slapi_filter_get_type( Slapi_Filter *f, char **type ); Parameters This function takes the following parameters: Filter that you want to get the substring values from.
Page 358 Functions for Dealing with Filters slapi_filter_join() Joins the two specified filters using one of the following filter types: , or . (When specifying the LDAP_FILTER_AND LDAP_FILTER_OR LDAP_FILTER_NOT filter type , the second filter should be LDAP_FILTER_NOT NULL Syntax #include “slapi-plugin.h” Slapi_Filter *slapi_filter_join( int ftype, Slapi_Filter *f1, Slapi_Filter *f2 );...
Page 359 Functions for Dealing with Filters See Also uses with the slapi_filter_join() slapi_filter_join_ex() recurse_always argument being 1. slapi_filter_join_ex() Recursively joins the two specified filters using one of the following filter types: , or . (When specifying the LDAP_FILTER_AND LDAP_FILTER_OR LDAP_FILTER_NOT filter type , the second filter should be LDAP_FILTER_NOT NULL...
Page 360 Functions for Dealing with Filters Memory Concerns filters are neither copied nor freed during the join process, but the resulting filter will have references pointing to these two filters. See Also uses with slapi_filter_join() slapi_filter_join_ex() recurse_always argument set to 1. slapi_filter_list_first() (Applies only to filters of the types LDAP_FILTER_EQUALITY...
Page 361 Functions for Dealing with Filters Memory Concerns No duplication of the filter is done, so this filter should not be freed independently of the original filter. See Also slapi_filter_list_next() slapi_filter_list_next() (Applies only to filters of the types LDAP_FILTER_EQUALITY LDAP_FILTER_GE ) Gets the next filter (following ) that LDAP_FILTER_LE LDAP_FILTER_APPROX...
Page 362 Functions for Dealing with Filters Memory Concerns No duplication of the filter is done, so this filter should not be freed independently of the original filter. See Also slapi_filter_list_first() slapi_filter_test() Determines if the specified entry matches a particular filter. Syntax #include “slapi-plugin.h”...
Page 363 Functions for Dealing with Filters slapi_filter_test_ext() Determines if an entry matches a given filter. Syntax #include “slapi-plugin.h” int slapi_filter_test_ext( Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Filter *f,int verify_access, int only_test_access) Parameters This function takes the following parameters: pblock from which the user is extracted. The entry on which filter matching must be verified.
Page 364 Functions for Dealing with Filters slapi_filter_test_simple() Determines if an entry matches a filter. Syntax #include “slapi-plugin.h” int slapi_filter_test_simple( Slapi_Entry *e, Slapi_Filter *f); Parameters This function takes the following parameters: Entry that you wish to test. Filter to match the entry against. Returns This function returns one of the following values: •...
Page 365 Functions for Dealing with Filters String containing the parentheses. Returns This function returns a pointer to the matching right parenthesis in the specified string. slapi_str2filter() Converts a string description of a search filter into a filter of the Slapi_Filter type. Syntax #include “slapi-plugin.h”...
Page 366 Functions for Dealing with Filters Syntax #include “slapi-plugin.h” int slapi_vattr_filter_test( Slapi_PBlock *pb, Slapi_Entry *e, struct slapi_filter *f, int verify_access); Parameters This function takes the following parameters: Parameter block containing information about the filter. Entry against which the filter is to be tested. Filter against which the entry is to be tested.
Page 367: Functions Specific To Extended Operation
Functions Specific to Extended Operation Functions Specific to Extended Operation This section contains reference information on routines for dealing with extended operations. Table 15-14 Extended Operation Routines Function Description slapi_get_supported_extended_ops_copy() Gets a copy of the object IDs (OIDs) of the extended operations.
Page 368: Functions Specific To Bind Methods
Functions Specific to Bind Methods slapi_ch_array_free() Functions Specific to Bind Methods This section contains reference information on bind routines, including SASL. Table 15-15 Bind Routines Function Description slapi_get_supported_saslmechanisms_copy() Gets an array of the names of the supported Simple Authentication and Security Layer (SASL) methods. slapi_register_supported_saslmechanism() Registers the specified Simple Authentication and Security Layer (SASL) method with the server.
Page 369: Functions For Thread-Safe Ldap Connections
Functions for Thread-Safe LDAP Connections Parameters This function takes the following parameters: Name of the SASL mechanism. mechanism See Also “Functions for Managing DNs,” on page 451. Functions for Thread-Safe LDAP Connections This section contains reference information on functions for thread-safe LDAP connections.
Page 370 Functions for Thread-Safe LDAP Connections Parameters This function takes the following parameters: Space-delimited list of one or more host names (or IP address in ldaphost dotted notation, such as "141.211.83.36") of the LDAP servers that you want to connect to. The names can be in hostname:portnumber format (in which case, portnumber overrides the port number specified by the ldapport argument).
Page 371 Functions for Thread-Safe LDAP Connections If you specify a non-zero value for the argument, this function installs the shared server’s threading functions and allows multiple threads to share this session (the returned structure). Note that the Directory Server processes each request in LDAP a separate thread.
Page 372: Functions For Logging
Functions for Logging Syntax #include “slapi-plugin.h” void slapi_ldap_unbind( LDAP *ld ); Parameters This function takes the following parameters: Connection handle, which is a pointer to an LDAP structure containing information about the connection to the LDAP server. Description This function unbinds from another LDAP server. Call this function if you initialized the LDAP session with the function.
Page 373 Functions for Logging Parameters This function takes the following parameters: Level of severity of the message. In combination with the severity severity level specified by the administrator, this determines whether or not the message is written to the log. Name of the subsystem in which this function is called. The subsystem string that you specify here appears in the error log in the following format:...
Page 374 Functions for Logging Written to the error log if the Log Level setting “Config file SLAPI_LOG_CONFIG processing” is selected. Written to the error log if the Log Level setting “Access SLAPI_LOG_ACL control list processing” is selected. Written to the error log if the Log Level setting “Log SLAPI_LOG_SHELL communications with shell back-ends”...
Page 375: Functions For Handling Matching Rules
Functions for Handling Matching Rules Returns The function returns one of the following values: • 0 if is not selected as log level settings. loglevel • 1 if is selected as log level setting. loglevel Description To specify the level of logging used by the Directory Server, the administrator can use the Server Console, or set the attribute.
Page 376 Functions for Handling Matching Rules Syntax #include “slapi-plugin.h” int slapi_berval_cmp (const struct berval *L, const struct berval *R); Parameters This function takes the following parameters: Pointer to the first berval structure that you want to compare. Pointer to the second structure that you want to compare. Returns This function returns one of the following values: •...
Page 377 Functions for Handling Matching Rules Description This function frees a structure (and, optionally, its Slapi_MatchingRuleEntry members) from memory. Call this function when you are done working with the structure. slapi_matchingrule_get() Gets information about a matching rule. Syntax #include “slapi-plugin.h” int slapi_matchingrule_get(SlPi_MatchingRuleEntry *mr, int arg, void *value);...
Page 378 Functions for Handling Matching Rules Returns This function returns one of the following values: • 0 if the information was successfully retrieved. • -1 if an error occurred (for example, if an invalid argument was specified). Description This function gets information about a matching rule from the structure.
Page 379 Functions for Handling Matching Rules Parameters This function takes the following parameters: Slapi_MatchingRuleEntry structure representing the mrEntry matching rule that you want to register. Returns This function returns one of the following values: • 0 if the matching rule was successfully registered. •...
Page 380 Functions for Handling Matching Rules argument can have one of the following values: Data Type Description of the value Argument Name of the matching rule. SLAPI_MATCHINGRULE_NAME char * OID of the matching rule. SLAPI_MATCHINGRULE_OID char * Description of the matching rule. SLAPI_MATCHINGRULE_DESC char * Syntax supported by the matching...
Page 381 Functions for Handling Matching Rules Parameters This function takes the following parameters: Pointer to a Slapi_Filter structure, representing the extensible match filter for which you want to find the indexer function. Parameter block containing information about the extensible match filter. Returns This function returns the result code returned by the indexer function.
Page 382 Functions for Handling Matching Rules Parameters This function takes the following parameters: Parameter block containing information about the matching rule and attribute type to be used in indexing or sorting. Returns This function returns the result code returned by the indexer factory function. Description This function calls the indexer factory function for the plug-in responsible for handing a specified matching rule.
Page 383: Functions For Ldapmod Manipulation
Functions for LDAPMod Manipulation • should specify the name of the function SLAPI_PLUGIN_DESTROY_FN responsible for freeing any memory allocated by this indexer factory function (for example, memory allocated for a structure that you pass to the indexer function using SLAPI_PLUGIN_OBJECT For more information on filter index functions and indexer functions, see Chapter 11, “Writing Matching Rule Plug-Ins.”...
Page 384 Functions for LDAPMod Manipulation Table 15-19 LDAPMod Manipulation Routines (Continued) Function Description slapi_mod_new() Allocates a new Slapi_Mod structure. slapi_mod_remove_value() Removes the value at the current Slapi_Mod iterator position. slapi_mod_set_operation() Sets the operation type of a Slapi_Mod structure. slapi_mod_set_type() Sets the attribute type of a Slapi_Mod. slapi_mods2entry() Creates a Slapi_Entry from an array of LDAPMod.
Page 385 Functions for LDAPMod Manipulation Table 15-19 LDAPMod Manipulation Routines (Continued) Function Description slapi_mods_init_passin() Initializes a Slapi_Mods structure from an array of LDAPMod. slapi_mods_insert_after() Inserts an LDAPMod into a Slapi_Mods structure after the current iterator position. slapi_mods_insert_at() Inserts an LDAPMod anywhere in a Slapi_Mods. slapi_mods_insert_before() Inserts an LDAPMod into a Slapi_Mods structure before the current iterator position.
Page 386 Functions for LDAPMod Manipulation • A non-zero value if not successful. Description This function creates an array of of type from a LDAPMod LDAP_MOD_ADD Slapi_Entry See Also slapi_mods2entry() slapi_mod_add_value() Adds a value to a structure. Slapi_Mod Syntax #include “slapi-plugin.h” void slapi_mod_add_value(Slapi_Mod *smod, const struct berval *val); Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mod.
Page 387 Functions for LDAPMod Manipulation Description This function frees the internals of a , leaving it in the uninitialized state. Slapi_Mod Memory Concerns Use this function on a stack-allocated when you have finished with it, Slapi_Mod or want to reuse it. See Also slapi_mod_init() slapi_mod_init_byval()
Page 388 Functions for LDAPMod Manipulation Syntax #include “slapi-plugin.h” void slapi_mod_free(Slapi_Mod **smod); Parameters This function takes the following parameter: Pointer to an initialized Slapi_Mod. smod Description This function frees a structure that was allocated by Slapi_Mod slapi_mod_new() See Also slapi_mod_new() slapi_mod_get_first_value() Initializes a iterator and returns the first attribute value.
Page 389 Functions for LDAPMod Manipulation See Also slapi_mod_get_next_value() slapi_mod_get_ldapmod_byref() Gets a reference to the in a structure. LDAPMod Slapi_Mod Syntax #include “slapi-plugin.h” const LDAPMod *slapi_mod_get_ldapmod_byref(const Slapi_Mod *smod); Parameters This function takes the following parameter: Pointer to an initialized Slapi_Mod. smod Returns This function returns a pointer to a read-only owned by the LDAPMod...
Page 390 Functions for LDAPMod Manipulation Parameters This function takes the following parameter: Pointer to an initialized Slapi_Mod. smod Returns This function returns a pointer to an owned by the caller. LDAPMod Description Use this function to get the out of a LDAPMod Slapi_Mod Memory Concerns...
Page 391 Functions for LDAPMod Manipulation Description Use this function with to iterate through the slapi_mods_get_first_mod() attribute values in a Slapi_Mod See Also slapi_mods_get_first_mod() slapi_mod_get_num_values() Gets the number of values in a structure. Slapi_Mod Syntax #include “slapi-plugin.h” int slapi_mod_get_num_values(const Slapi_Mod *smod); Parameters This function takes the following parameter: Pointer to an initialized Slapi_Mod.
Page 392 Functions for LDAPMod Manipulation Returns This function returns one of LDAP_MOD_ADD LDAP_MOD_DELETE , combined using the bitwise or operator with LDAP_MOD_REPLACE LDAP_MOD_BYVALUES See Also slapi_mod_set_operation() slapi_mod_get_type() Gets the attribute type of a structure. Slapi_Mod Syntax #include “slapi-plugin.h” const char *slapi_mod_get_type(const Slapi_Mod *smod); Parameters This function takes the following parameter: Pointer to an initialized Slapi_Mod.
Page 393 Functions for LDAPMod Manipulation Parameters This function takes the following parameters: Pointer to an uninitialized Slapi_Mod. smod Suggested number of attribute values for which to make room. initCount Minimum value is 0. Description This function initializes a so that it is empty, but initially has room for Slapi_Mod the given number of attribute values.
Page 394 Functions for LDAPMod Manipulation Description This function initializes a containing a reference to an . Use this Slapi_Mod LDAPMod function when you have an and would like the convenience of the LDAPMod functions to access it. Slapi_Mod See Also slapi_mod_done() slapi_mod_init() slapi_mod_init_byval() slapi_mod_init_passin()
Page 395 Functions for LDAPMod Manipulation Syntax #include “slapi-plugin.h” void slapi_mod_init_passin(Slapi_Mod *smod, LDAPMod *mod); Parameters This function takes the following parameters: Pointer to an uninitialized Slapi_Mod. smod Pointer to an LDAPMod. Description This function initializes a by passing in an . Use this function to Slapi_Mod LDAPMod convert an...
Page 396 Functions for LDAPMod Manipulation Returns This function returns one of the following values: • 1 if the is valid. Slapi_Mod • 0 if the is not valid. Slapi_Mod Description Use this function to verify that the contents of are valid. It is considered Slapi_Mod valid if the operation type is one of LDAP_MOD_ADD...
Page 397 Functions for LDAPMod Manipulation Parameters This function takes the following parameter: Pointer to an initialized Slapi_Mod. smod See Also slapi_mod_get_first_value() slapi_mod_get_next_value() slapi_mod_set_operation() Sets the operation type of a structure. Slapi_Mod Syntax #include “slapi-plugin.h” void slapi_mod_set_operation(Slapi_Mod *smod, int op); Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mod.
Page 398 Functions for LDAPMod Manipulation Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mod. smod An attribute type. type Description Sets the attribute type of the to a copy of the given value. Slapi_Mod See Also slapi_mod_get_type() slapi_mods2entry() Creates a from an array of Slapi_Entry...
Page 399 Functions for LDAPMod Manipulation Description This function creates a from a copy of an array of of type Slapi_Entry LDAPMod LDAP_MODD_ADD See Also slapi_entry2mods() slapi_mods_add() Appends a new with a single attribute value to structure. Slapi_Mods Syntax #include “slapi-plugin.h” void slapi_mods_add( Slapi_Mods *smods, int modtype, const char *type, unsigned long len, const char *val);...
Page 400 Functions for LDAPMod Manipulation slapi_mods_add_string() slapi_mods_add_ldapmod() Appends an to a structure. LDAPMod Slapi_Mods Syntax #include “slapi-plugin.h” void slapi_mods_add_ldapmod(Slapi_Mods *smods, LDAPMod *mod); Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mods. smods Pointer to a the LDAPMod to be appended. Description Appends an to a...
Page 401 Functions for LDAPMod Manipulation Syntax #include “slapi-plugin.h” void slapi_mods_add_mod_values( Slapi_Mods *smods, int modtype, const char *type, Slapi_Value **va );; Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mods. smods One of LDAP_MOD_ADD, LDAP_MOD_DELETE, modtype LDAP_MOD_REPLACE. The LDAP attribute type. type A null-terminated array of Slapi_Value representing the attribute values.
Page 402 Functions for LDAPMod Manipulation Syntax #include “slapi-plugin.h” void slapi_mods_add_smod( Slapi_Mods *smods, Slapi_Mod *smod ); Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mods. smods Pointer to an initialized Slapi_Mod. smod Description This function appends a new to a .
Page 403 Functions for LDAPMod Manipulation Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mods. smods One of LDAP_MOD_ADD, LDAP_MOD_DELETE, modtype LDAP_MOD_REPLACE. The LDAP attribute type. type A null-terminated array of berval representing the attribute bvps values. Description This function appends a new .
Page 404 Functions for LDAPMod Manipulation Pointer to an initialized Slapi_Mods. smods One of LDAP_MOD_ADD, LDAP_MOD_DELETE, modtype LDAP_MOD_REPLACE. The LDAP attribute type. type The attribute value represented as a null-terminated string. Description This function appends a new with a single string attribute value to a .
Page 405 Functions for LDAPMod Manipulation Description This function frees the internals of a , leaving it in the uninitialized Slapi_Mods state. Use this function on a stack-allocated when you are finished Slapi_Mods with it, or when you wish to reuse it. See Also slapi_mods_init() slapi_mods_init_byref()
Page 406 Functions for LDAPMod Manipulation Syntax #include “slapi-plugin.h” void slapi_mods_free(Slapi_Mods **smods); Parameters This function takes the following parameter: Pointer to an allocated Slapi_Mods. smods Description This function frees a that was allocated by Slapi_Mods slapi_mods_new() See Also slapi_mods_new() slapi_mods_get_first_mod() Initializes a iterator and returns the first Slapi_Mods LDAPMod...
Page 407 Functions for LDAPMod Manipulation slapi_mods_get_first_smod() Initializes a iterator and returns the first wrapped in a Slapi_Mods structure. Slapi_Mods Syntax #include “slapi-plugin.h” Slapi_Mod *slapi_mods_get_first_smod(Slapi_Mods *smods, Slapi_Mod *smod); Parameters This function takes the following parameters: A pointer to a an initialized Slapi_Mods. smods Pointer to a Slapi_Mods that will be used to hold the mod.
Page 408 Functions for LDAPMod Manipulation Parameters This function takes the following parameter: Pointer to an initialized Slapi_Mods. smods Returns This function returns a null-terminated array of owned by the LDAPMod Slapi_Mods Description Use this function to get direct access to the array of contained in a LDAPMod Slapi_Mods...
Page 409 Functions for LDAPMod Manipulation Description Gets the array of out of a . Responsibility for the array LDAPMod Slapi_Mods transfers to the caller. The is left in the uninitialized state. Slapi_Mods See Also slapi_mods_get_ldapmods_byref() slapi_mods_get_next_mod() Increments the iterator and returns the next Slapi_Mods LDAPMod Syntax...
Page 410 Functions for LDAPMod Manipulation Syntax #include “slapi-plugin.h” Slapi_Mod *slapi_mods_get_next_smod(Slapi_Mods *smods, Slapi_Mod *smod); Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mods. smods Pointer to a Slapi_Mods that will be used to hold the mod. smod Returns This function returns a pointer to the , wrapping the next , or Slapi_Mod...
Page 411 Functions for LDAPMod Manipulation Returns This function returns the number of mods in Slapi_Mods slapi_mods_init() Initializes a Slapi_Mods Syntax #include “slapi-plugin.h” void slapi_mods_init(Slapi_Mods *smods, int initCount); Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mods. smods Suggested number of mods for which to make room. The initCount minimum value is 0.
Page 412 Functions for LDAPMod Manipulation Parameters This function takes the following parameters: Pointer to an uninitialized Slapi_Mods. smods A null-terminated array of LDAPMod. mods Description Initializes a containing a reference to an array of . This Slapi_Mods LDAPMod function provides the convenience of using functions to access Slapi_Mods array items.
Page 413 Functions for LDAPMod Manipulation Memory Concerns The responsibility for the array and its elements is transferred to the Slapi_Mods The array and its elements are destroyed when the is destroyed. Slapi_Mods See Also slapi_mods_done() slapi_mods_insert_after() Inserts an into a structure after the current iterator position. LDAPMod Slapi_Mods Syntax...
Page 414 Functions for LDAPMod Manipulation slapi_mods_insert_at() Inserts an at position in a structure. smod Slapi_Mods Syntax #include “slapi-plugin.h” void slapi_mods_insert_at(Slapi_Mods *smods, LDAPMod *mod, int pos); Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mods. smods Pointer to the LDAPMod to be inserted. Position at which to insert the new mod.
Page 415 Functions for LDAPMod Manipulation Parameters This function takes the following parameters: Pointer to an initialized Slapi_Mods with valid iterator smods position. Pointer to the LDAPMod to be inserted. Description Inserts an into a immediately before the current position of LDAPMod Slapi_Mods iterator.
Page 416 Functions for LDAPMod Manipulation Description This function inserts an at a given position . Position 0 smod Slapi_Mods (zero) refers to the first s . A position equal to the current number of smods (determined by causes an at and slapi_mods_get_num_mods() append.
Page 417 Functions for LDAPMod Manipulation See Also slapi_mods_insert_before() slapi_mods_insert_smod_at() slapi_mods_iterator_backbone() Decrements the current iterator position. Slapi_Mods Syntax #include “slapi-plugin.h” void slapi_mods_iterator_backone(Slapi_Mods *smods); Parameters This function takes the following parameter: Pointer to an initialized Slapi_Mods. smods Description This function moves the iterator back one position. See Also slapi_mods_get_first_mod() slapi_mods_get_next_mod()
Page 418 Functions for LDAPMod Manipulation Returns This function returns a pointer to an allocated uninitialized Slapi_Mods Description This function allocates a new initialized Slapi_Mods Memory Concerns Use this function when you need a allocated from the heap, rather Slapi_Mods than from the stack. See Also slapi_mods_free() slapi_mods_remove()
Page 419: Functions For Monitoring Operations
Functions for Monitoring Operations Functions for Monitoring Operations This section contains reference information on operation routines. Table 15-20 Operation Routines Function Description slapi_op_abandoned() Determines if the client has abandoned the current operation. slapi_op_get_type() Gets the type of a Slapi_Operation. slapi_op_abandoned() Determines whether or not the client has abandoned the current operation (the operation that passes in the parameter block).
Page 420 Functions for Monitoring Operations slapi_op_get_type() Gets the type of a Slapi_Operation Syntax #include “slapi-plugin.h” unsigned long slapi_op_get_type(Slapi_Operation * op); Parameters This function takes the following parameters: The operation of which you wish to get the type. Description This function returns the type of an operation. The structure can Slapi_Operation be extracted from a...
Page 421: Functions For Managing Parameter Block
Functions for Managing Parameter Block Functions for Managing Parameter Block This section contains reference information on parameter block routines. Table 15-21 Parameter Block Routines Function Description slapi_pblock_destroy() Frees a pblock from memory. slapi_pblock_get() Gets the value from a pblock. slapi_pblock_new() Creates a new pblock.
Page 422 Functions for Managing Parameter Block If you reuse the pointer in this way, it makes it easier to identify a Segmentation Fault, rather than using some difficult method to detect memory leaks or other abnormal behavior. It is safe to call this function with a NULL pointer. For example: Slapi_PBlock *pb = NULL;...
Page 423 Functions for Managing Parameter Block int connid = 0; retval = slapi_pblock_get(pb, SLAPI_CONN_ID, &connid); is an integer value, so you will pass in a pointer to/address of an SLAPI_CONN_ID integer to get the value. Similarly, for a char (a string), pass in a pointer * value to/address of the value.
Page 424 Functions for Managing Parameter Block See Also slapi_pblock_destroy() slapi_pblock_set() slapi_pblock_new() Creates a new parameter block. Syntax #include “slapi-plugin.h” Slapi_PBlock *slapi_pblock_new(); Returns This function returns a pointer to the new parameter block. Memory Concerns pointer allocated with this function must always be freed by pblock .
Page 425: Functions For Handling Passwords
Functions for Handling Passwords • 0 if successful. • -1 if an error occurs (for example, if an invalid ID is specified). Memory Concerns The value to be passed in must always be a pointer, even for integer arguments. For example, if you wanted to do a search with the control: ManageDSAIT int managedsait = 1;...
Page 426 Functions for Handling Passwords Table 15-22 Password Handling Routines Function Description slapi_pw_find_sv() Determines whether or not a specified password matches one of the encrypted values of an attribute. slapi_is_encoded() Checks whether a value is encoded with any known algorithm. slapi_encode() Encodes a value with the specified algorithm.
Page 427 Functions for Handling Passwords Description This function replaces the deprecated function from previous slapi_pw_find() Directory Server releases. When the Directory Server stores the password for an entry in the userpassword attribute, it encodes the password using different schemes. Supported schemes are (default), , and SSHA...
Page 428: Functions For Managing Rdn
Functions for Managing RDN slapi_encode() Encodes a value with the specified algorithm. Syntax #include “slapi-plugin.h” char* slapi_encode(char *value, char *alg); Parameters This function takes the following parameters: The value that needs to be encoded. value The encoding algorithm. The following algorithms are supported in a a default Directory Server installation: •...
Page 429 Functions for Managing RDN Table 15-23 RDN Routines Function Description slapi_rdn_add() Adds a new RDN to an existing RDN structure. slapi_rdn_compare() Compares two RDNs. slapi_rdn_contains() Checks if a Slapi_RDN structure holds any RDN matching a give type/value pair. slapi_rdn_contains_attr() Checks if a Slapi_RDN structure contains any RDN matching a given type.
Page 430 Functions for Managing RDN Table 15-23 RDN Routines (Continued) Function Description slapi_rdn_remove_attr() Removes an RDN type/value pair from a Slapi_RDN structure. slapi_rdn_remove_index() Removes an RDN type/value pair from a Slapi_RDN structure. slapi_rdn_set_dn() Sets an RDN value in a Slapi_RDN structure. slapi_rdn_set_rdn() Sets an RDN in a Slapi_RDN structure.
Page 431 Functions for Managing RDN See Also slapi_rdn_get_num_components() slapi_rdn_compare() Compares two RDNs. Syntax #include “slapi-plugin.h” int slapi_rdn_compare(Slapi_RDN *rdn1, Slapi_RDN *rdn2); Parameters This function takes the following parameters: The first RDN to compare. rdn1 The second RDN to compare. rdn2 Returns This function returns one of the following values: •...
Page 432 Functions for Managing RDN Parameters This function takes the following parameters: The Slapi_RDN structure containing the RDN value(s). The type (cn, o, ou, etc.) of the RDN searched. type The value of the RDN searched. value Gives the length of value that should be taken into account for length the string operation when searching for the RDN.
Page 433 Functions for Managing RDN The Slapi_RDN structure containing the RDN value(s). Type (cn, o, ou, etc.) of the RDN searched. type Repository that will hold the value of the first RDN whose type value matches the content of the parameter type. If this parameter is NULL at the return of the function, no RDN with the desired type exists within rdn.
Page 434 Functions for Managing RDN Description This function clears the contents of a structure. It frees both the RDN Slapi_RDN value and the array of split RDNs. Those pointers are then set to NULL See Also slapi_rdn_free() slapi_rdn_init() slapi_rdn_free() Frees a structure.
Page 435 Functions for Managing RDN Parameters This function takes the following parameters: The Slapi_RDN structure containing the RDN value(s). Repository that will hold the type of the first RDN. If this type parameter is NULL at the return of the function, it means rdn is empty.
Page 436 Functions for Managing RDN Parameters This function takes the following parameters: The Slapi_RDN structure containing the RDN value(s). Type (cn, o, ou, etc.) of the RDN that is searched. type Value of the RDN searched. value Gives the length of value that should be taken into account for length the string comparisons when searching for the RDN.
Page 437 Functions for Managing RDN Parameters This function takes the following parameters: The Slapi_RDN structure containing the RDN value(s). Type (cn, o, ou, etc.) of the RDN searched. type Repository that will hold the value of the first RDN whose type value matches the content of the parameter type.
Page 438 Functions for Managing RDN Indicates the position of the RDN the precedes the currently index desired RDN. Repository that will hold the type (cn, o, ou, etc.) of the next type (index+1) RDN. If this parameter is NULL at the return of the function, the RDN does not exist.
Page 439 Functions for Managing RDN Returns This function returns the number of RDN type/value pairs present in See Also slapi_rdn_add() slapi_rdn_get_rdn() Gets the RDN from a structure. Slapi_RDN Syntax #include “slapi-plugin.h” const char *slapi_rdn_get_rdn(const Slapi_RDN *rdn); Parameters This function takes the following parameter: The Slapi_RDN structure holding the RDN value.
Page 440 Functions for Managing RDN Returns This function returns the new RDN value. slapi_rdn_init() Initializes a structure with values. Slapi_RDN NULL Syntax #include “slapi-plugin.h” void slapi_rdn_init(Slapi_RDN *rdn); Parameters This function takes the following parameters: The Slapi_RDN structure to be initialized. Description This function initializes a given structure with values (both the...
Page 441 Functions for Managing RDN The DN value whose RDN will be used to initialize the new Slapi_RDN structure. Description This function initializes a given structure with the RDN value taken Slapi_RDN from the DN passed in the parameter. See Also slapi_rdn_init_sdn() slapi_rdn_init_rdn() slapi_rdn_init_rdn()
Page 442 Functions for Managing RDN slapi_rdn_init_sdn() Initializes a structure with an RDN value taken from the DN contained Slapi_RDN in a given structure. Slapi_RDN Syntax #include “slapi-plugin.h” void slapi_rdn_init_sdn(Slapi_RDN *rdn,const Slapi_DN *sdn); Parameters This function takes the following parameters: The Slapi_RDN structure to be initialized. The Slapi_DN structure containing the DN value whose RDN will be used to initialize the new Slapi_RDN structure.
Page 443 Functions for Managing RDN Returns This function returns one of the following values: • if there is no RDN value present. • contains a value. See Also slapi_rdn_init() slapi_rdn_done() slapi_rdn_free() slapi_rdn_new() Allocates a new structure and initializes the values to Slapi_RDN NULL Syntax...
Page 444 Functions for Managing RDN Syntax #include “slapi-plugin.h” Slapi_RDN *slapi_rdn_new_dn(const char *dn); Parameters This function takes the following parameter: The DN value whose RDN will be used to initialize the new Slapi_RDN structure. Returns This function returns a pointer to the new structure initialized with the Slapi_RDN RDN taken from the DN value in...
Page 445 Functions for Managing RDN Returns This function returns a pointer to the new structure with an RDN set to Slapi_RDN the content of fromrdn Description This function creates a new structure and initializes its RDN with the Slapi_RDN value of fromrdn Memory Concerns The memory is allocated by the function itself.
Page 446 Functions for Managing RDN Memory Concerns The memory is allocated by the function itself. See Also slapi_rdn_new_dn() slapi_rdn_new_rdn() slapi_rdn_remove() Removes an RDN type/value pair from a structure. Slapi_RDN Syntax #include “slapi-plugin.h” int slapi_rdn_remove(Slapi_RDN *rdn, const char *type, const char *value, size_t length); Parameters This function takes the following parameters: The target Slapi_RDN structure.
Page 447 Functions for Managing RDN slapi_rdn_remove_attr() Removes an RDN type/value pair from a structure. Slapi_RDN Syntax #include “slapi-plugin.h” int slapi_rdn_remove_attr(Slapi_RDN *rdn, const char *type); Parameters This function takes the following parameters: The target Slapi_RDN structure. Type (cn, o, ou, etc.) of the RDN searched. type Returns This function returns one of the following values:...
Page 448 Functions for Managing RDN The target Slapi_RDN structure. The index of the RDN type/value pair to remove. atindex Returns This function returns one of the following values: • if the RDN is removed from • if no RDN is removed because either is empty or the index goes beyond the number of RDNs present.
Page 449 Functions for Managing RDN Description This function sets an RDN value in a structure. The structure is freed Slapi_RDN from memory and freed of any previous content before setting the new RDN. The new RDN is taken from the DN value present in the parameter.
Page 450: Functions For Managing Roles
Functions for Managing Roles Parameters This function takes the following parameters: The target Slapi_RDN structure. The Slapi_RDN structure containing the DN value whose RDN will be set in rdn. Description This function sets an RDN value in a structure. The structure is freed Slapi_RDN from memory and freed of any previous content before setting the new RDN.
Page 451: Functions For Managing Dns
Functions for Managing DNs Syntax #include “slapi-plugin.h” int slapi_role_check(Slapi_Entry *entry_to_check, Slapi_DN *role_dn,int *present); Parameters This function takes the following parameters: The entry in which the presence of a role is to be checked. entry_to_check The DN of the role for which to check. role_dn Pointer to an integer where the result, present or not present, present...
Page 452 Functions for Managing DNs Table 15-25 DN Routines Function Description slapi_moddn_get_newdn() Builds the new DN of an entry. slapi_sdn_add_rdn() Adds the RDN contained in a Slapi_RDN structure to the DN contained in a Slapi_DN structure. slapi_sdn_compare() Compares two DNs. slapi_sdn_copy() Copies a DN.
Page 453 Functions for Managing DNs Table 15-25 DN Routines (Continued) Function Description slapi_sdn_set_dn_passin() Sets a DN value in a Slapi_DN structure. slapi_sdn_set_ndn_byref() Sets a a normalized DN in a Slapi_DN structure. slapi_sdn_set_ndn_byval() Sets a normalized DN in a Slapi_DN structure. slapi_sdn_set_parent() Sets a new parent in an entry.
Page 454 Functions for Managing DNs slapi_sdn_add_rdn() Adds the RDN contained in a structure to the DN contained in a Slapi_RDN structure. Slapi_DN Syntax #include “slapi-plugin.h” Slapi_DN *slapi_sdn_add_rdn(Slapi_DN *sdn, const Slapi_RDN *rdn); Parameters This function takes the following parameters: Slapi_DN structure containging the value to which a new RDN is to be added.
Page 455 Functions for Managing DNs Returns This function returns one of the following values: • 0 if is equal to sdn1 sdn2 • -1 if sdn1 NULL • 1 if is not sdn2 NULL sdn1 NULL Description This function compares two DNs, .
Page 456 Functions for Managing DNs Syntax #include “slapi-plugin.h” void slapi_sdn_done(Slapi_DN *sdn); Parameters This function takes the following parameter: Pointer to the structure to clear. Description This function clears the contents of a structure. It frees both the DN and Slapi_DN the normalized DN, if any, and sets those pointers to NULL See Also slapi_sdn_free()
Page 457 Functions for Managing DNs slapi_sdn_free() Frees a structure. Slapi_DN Syntax #include “slapi-plugin.h” void slapi_sdn_free(Slapi_DN **sdn); Parameters This function takes the following parameter: Pointer tot he pointer of the Slapi_DN structure to be freed. Description This function frees the structure and its contents pointed to by the Slapi_DN contents of See Also...
Page 458 Functions for Managing DNs Returns This function gets the parent DN of an entry within a given backend. The parent DN is returned is , unless is empty or is a suffix of the backend sdn_parent itself. In this case, is empty.
Page 459 Functions for Managing DNs slapi_sdn_get_ndn() Gets the normalized DN of a structure. Slapi_DN Syntax #include “slapi-plugin.h” const char * slapi_sdn_get_ndn(const Slapi_DN *sdn); Parameters This function takes the following parameter: The Slapi_DN structure containing the DN value. Returns This function returns the normalized DN value. Description This function retrieves the normalized DN (in a canonical format and lower case) from a...
Page 460 Functions for Managing DNs Returns This function returns the length of the normalized DN. Description This function contains the length of the normalized DN and normalizes if it has not already been normalized. slapi_sdn_get_parent() Gets the parent DN of a given structure.
Page 461 Functions for Managing DNs Parameters This function takes the following parameters: Pointer to the Slapi_DN structure containing the DN. Pointer to the Slapi_RDN structure where the RDN is returned. Description This function takes the DN stored in the structure pointed to by Slapi_DN retrieves its returned RDN within the structure pointed to by...
Page 462 Functions for Managing DNs • 1 if there is no RDN value (normalized or not) present in the Slapi_DN structure. • 0 if is a component of the structure. Slapi_DN Description This function checks whether a structure contains an RDN value that is a Slapi_DN component of the DN structure.
Page 463 Functions for Managing DNs slapi_sdn_isgrandparent() Checks whether a DN is the parent of the parent of a given DN. Syntax #include “slapi-plugin.h” int slapi_sdn_isgrandparent( const Slapi_DN *parent, const Slapi_DN *child ); Parameters This function takes the following parameters: Pointer to the Slapi_DN structure containing the DN which parent claims to be the grandparent DN of the DN in child.
Page 464 Functions for Managing DNs Parameters This function takes the following parameters: Pointer to the Slapi_DN structure containing the DN which parent claims to be the parent of the DN in child. Pointer to the Slapi_DN structure containing the DN of the child supposed child of the DN in the structure pointed to by parent.
Page 465 Functions for Managing DNs • 1 if the DN is is the suffix of suffixsdn • 0 if the DN in is not a suffix of suffixsdn See Also slapi_sdn_isparent() slapi_sdn_new() Allocates a new structure and initializes it to Slapi_DN NULL Syntax #include “slapi-plugin.h”...
Page 466 Functions for Managing DNs The DN value to be set in the new Slapi_DN structure. Returns This function returns a pointer to the new structure with a DN value set Slapi_DN to the content of Description This function creates anew structure and initializes its DN with the value Slapi_DN .
Page 467 Functions for Managing DNs Description This function creates anew structure and initializes its DN with the value Slapi_DN . The DN of the new structure will point to a copy of the string pointed to by (the DN value is passed in to the parameter by value). The flag is set FLAG_DN and the internal counter is incremented.
Page 468 Functions for Managing DNs See Also slapi_sdn_new_dn_byval() slapi_sdn_new_ndn_byref() slapi_sdn_new_ndn_byref() Creates a new structure and sets a normalized DN value. Slapi_DN Syntax #include “slapi-plugin.h” Slapi_DN *slapi_sdn_new_ndn_byref(const char *ndn); Parameters This function takes the following parameter: The normalized DN value to be set in the new Slapi_DN structure.
Page 469 Functions for Managing DNs Syntax #include “slapi-plugin.h” Slapi_DN *slapi_sdn_new_ndn_byval(const char *ndn); Parameters This function takes the following parameter: The normalized DN value to be set in the new Slapi_DN structure. Returns This function returns a pointer to the new structure with a normalized Slapi_DN DN value set to the content of Description...
Page 470 Functions for Managing DNs The DN of the entry subject of scope test. The base DN to which dn is going to be tested against. base The scope tested. This parameter can take one of the following scope levels: • LDAP_SCOPE_BASE - where the entry DN should be the same as the base DN •...
Page 471 Functions for Managing DNs The target Slapi_DN structure. The DN value to be set in sdn. Returns This function returns a pointer to the structure containing the new DN Slapi_DN value. Description This function sets a DN value in a structure.
Page 472 Functions for Managing DNs Description This function sets a DN value in a structure. The DN of the new structure Slapi_DN will point to a copy of the string pointed to by (the DN value is passed into the parameter by value). The flag is set, and the internal counters are FLAG_DN incremented.
Page 473 Functions for Managing DNs slapi_sdn_set_ndn_byref() Sets a normalized DN in a structure. Slapi_DN Syntax #include “slapi-plugin.h” Slapi_DN *slapi_sdn_set_ndn_byref(Slapi_DN *sdn, const char *ndn); Parameters This function takes the following parameters: The target Slapi_DN structure. Normalized DN value to be set in sdn. Returns This function returns a pointer to the structure containing the new...
Page 474 Functions for Managing DNs The target Slapi_DN structure. The normalized DN value to be set in sdn. Returns This function returns a pointer to the structure containing the new Slapi_DN normalized DN value. Description This function sets a normalized DN value in a structure.
Page 475 Functions for Managing DNs Description This function sets a new parent for an entry. This is done by keeping the RDN of the original DN of the entry and by adding the DN of its new parent (the value of ) to it.
Page 476: Functions For Sending Entries And Results To The Client
Functions for Sending Entries and Results to the Client Functions for Sending Entries and Results to the Client This section contains reference information on routines for sending entries and results to the client. Table 15-26 Routines for Sending Entries and Results to Clients Function Description slapi_send_ldap_referral()
Page 477 Functions for Sending Entries and Results to the Client Returns This function returns one of the following values: • 0 if successful. • -1 if an error occurs. Description When you call this function, the server processes the LDAP referrals specified in argument.
Page 478 Functions for Sending Entries and Results to the Client slapi_send_ldap_result() Sends an LDAP result code back to the client. Syntax #include “slapi-plugin.h” void slapi_send_ldap_result( Slapi_PBlock *pb, int err, char *matched, char *text, int nentries, struct berval **urls ); Parameters This function takes the following parameters: Parameter block.
Page 479 Functions for Sending Entries and Results to the Client and the database contains entries for “c=US” and “o=Example, c=US”, but no entry for “ou=Product Division, o=Example, c=US”, you should set the parameter to: matched o=Example, c=US • urls When sending an result code back to an LDAP v2 LDAP_PARTIAL_RESULTS client or an...
Page 480 Functions for Sending Entries and Results to the Client Parameters This function takes the following parameters: Parameter block. Pointer to the Slapi_Entry structure representing the entry that you want to send back to the client. Pointer to the array of LDAPControl structures representing ectrls the controls associated with the search request.
Page 481: Functions Related To Utf-8
Functions Related to UTF-8 If you want to define your own function for sending entries, write a function complies with the type definition and set the send_ldap_search_entry_fn_ptr_t parameter in the parameter block to the name of SLAPI_PLUGIN_DB_ENTRY_FN your function. See Also slapi_str2filter() slapi_send_ldap_search_entry() Functions Related to UTF-8...
Page 482 Functions Related to UTF-8 slapi_has8thBit() Checks if a string has an 8-bit character. Syntax #include “slapi-plugin.h” int slapi_has8thBit(unsigned char *s); Parameters This function takes the following parameter: Pointer to the null-terminated string to test. Returns This function returns one of the following values: •...
Page 483 Functions Related to UTF-8 • if the two string are identical, ignoring case. • A negative number if is after Description The function takes two UTF-8 strings (s0, s1) of unsigned char to be compared. The comparison rules are as follows: •...
Page 484 Functions Related to UTF-8 Parameters This function takes the following parameters: A null-terminated UTF-8 string. A null-terminated UTF-8 string. Returns This function returns one of the following values: • A positive number if is after • if the two string are identical, ignoring case. •...
Page 485 Functions Related to UTF-8 slapi_utf8ncasecmp() Makes case-insensitive string comparison of first n characters of two UTF-8 strings. Syntax #include “slapi-plugin.h” int slapi_utf8ncasecmp(unsigned char *s0, unsigned char *s1, int n); Parameters This function takes the following parameters: A null-terminated UTF-8 string. A null-terminated UTF-8 string.
Page 486 Functions Related to UTF-8 Parameters This function takes the following parameters: A null-terminated UTF-8 string. A null-terminated UTF-8 string. The number of UTF-8 characters (not bytes) from s0 and s1 to compare. Returns This function returns one of the following values: •...
Page 487 Functions Related to UTF-8 slapi_utf8isLower() Verifies if a UTF-8 character is a lower-case letter. Syntax #include “slapi-plugin.h” int slapi_utf8isLower(unsigned char *s); This function takes the following parameter: Pointer to a single UTF-8 character (could be multiple bytes). Returns This function returns one of the following values: •...
Page 488 Functions Related to UTF-8 slapi_utf8isUpper() Verifies if a UTF-8 character is an upper-case letter. Syntax #include “slapi-plugin.h” int slapi_utf8isUpper(unsigned char *s); Parameters This function takes the following parameter: A single UTF-8 character (could be multiple bytes) Returns This function returns one of the following values: •...
Page 489 Functions Related to UTF-8 slapi_utf8StrToLower() Converts upper case characters in a UTF-8 string to lower-case characters. Syntax #include “slapi-plugin.h” unsigned char *slapi_utf8StrToLower(unsigned char *s); Parameters This function takes the following parameter: A null-terminated UTF-8 string to be converted to lower case. Returns This function returns one of the following values: •...
Page 490 Functions Related to UTF-8 Parameters This function takes the following parameter: A null-terminated UTF-8 string to be converted to lower case. Returns This function returns one of the following values: • A pointer to a null-terminated UTF-8 string whose characters are converted to lower case.
Page 491 Functions Related to UTF-8 Returns This function returns one of the following values: • A null-terminated UTF-8 string whose characters are converted to upper case; characters that are not lower case are copied as is. • if the string is not considered to be a UTF-8 string. Null Description This function converts a string of multiple UTF-8 characters, not a single character...
Page 492 Functions Related to UTF-8 slapi_utf8ToLower() Converts an upper-case UTF-8 character to a lower-case character. Syntax #include “slapi-plugin.h” void slapi_utf8ToLower(unsigned char *s, unsigned char *d, int *ssz, int *dsz); Parameters This function takes the following parameters: A single UTF-8 character (could be multiple bytes). Pointer to the lower case form of s.
Page 493 Functions Related to UTF-8 Returns the length in bytes of the output character. slapi_utf8ToUpper() Converts a lower-case UTF-8 character to an upper-case character. Syntax #include “slapi-plugin.h” void slapi_utf8ToUpper(unsigned char *s, unsigned char *d, int *ssz, int *dsz); Parameters This function takes the following parameters: Pointer to a single UTF-8 character (could be multiple bytes).
Page 494: Functions For Handling Values
Functions for Handling Values Pointer to the upper case version of s. The memory for this must be allocated by the caller before calling the function. Returns the length in bytes of the input character. Returns the length in bytes of the output character. Functions for Handling Values This section contains reference information on value routines.
Page 495 Functions for Handling Values Table 15-28 Value Routines (Continued) Function Description slapi_value_set() Sets the value. slapi_value_set_berval() Copies the value from a berval structure into a Slapi_Value structure. slapi_value_set_int() Sets the integer value of a Slapi_Value structure. slapi_value_set_string() Copies a string into the value. slapi_value_set_string_passin() Sets the value.
Page 496 Functions for Handling Values Description This function compares two using the matching rule associated to Slapi_Values the attribute This function replaces the deprecated function used in slapi_attr_value_cmp() previous releases, and uses the attribute values instead of the Slapi_Value berval attribute values. slapi_value_dup() Duplicates a value.
Page 497 Functions for Handling Values Parameters This function takes the following parameter: Address of the pointer to the Slapi_Value you wish to free. value Description This function frees the structure and its members (if it is not Slapi_Value NULL and sets the pointer to NULL Memory Concerns Call this function when you are finished working with the structure.
Page 498 Functions for Handling Values slapi_value_get_int() Converts the value to an integer. Syntax #include “slapi-plugin.h” slapi_value_get_int(const Slapi_Value *value); Parameters This function takes the following parameter: Pointer to the Slapi_Value that you with to get as an integer. value Returns This function returns one of the following values: •...
Page 499 Functions for Handling Values Returns This function returns one of the following values: • The length of the value contained in Slapi_Value • 0 if there is no value. Description This function returns the actual length of a value contained in the Slapi_Value structure.
Page 500 Functions for Handling Values slapi_value_get_string() Returns the value as a string. Syntax #include “slapi-plugin.h” slapi_value_get_string(const Slapi_Value *value); Parameters This function takes the following parameter: Pointer to the value you wish to get as a string. value Returns This function returns one of the following values: •...
Page 501 Functions for Handling Values Returns This function returns one of the following values: • An unsigned integer which corresponds to the value stored in the structure. Slapi_Value • if there is no value. Description Converts the value contained in into an unsigned integer. Slapi_Value See Also slapi_value_get_int()
Page 502 Functions for Handling Values See Also slapi_value_get_int() slapi_value_get_long() slapi_value_get_uint() slapi_value_init() Initializes a structure with no value. Slapi_Value Syntax #include “slapi-plugin.h” slapi_value_init(Slapi_Value *v); Parameters This function takes the following parameter: Pointer to the value to be initialized. The pointer must not be NULL.
Page 503 Functions for Handling Values Parameters This function takes the following parameters: Pointer to the value to initialize. The pointer must not be NULL. Pointer to the berval structure to be used to initialize the value. bval Returns This function returns a pointer to the initialized structure (itself).
Page 504 Functions for Handling Values slapi_value_init_string_passin() Initializes a structure with value contained in the string. Slapi_Value Syntax #include “slapi-plugin.h” Slapi_Value * slapi_value_init_string_passin (Slapi_value *v, char *s); Parameters This function takes the following parameters: Pointer to the value to initialize. The pointer must not be NULL. NULL terminated string used to initialize the value.
Page 505 Functions for Handling Values Parameters This function does not take any parameters. Returns This function returns a pointer to the newly allocated structure. If Slapi_Value space cannot be allocated (for example, if no more virtual memory exists), the program terminates. slapd Description This function returns an empty...
Page 506 Functions for Handling Values Description This function returns a structure containing a value duplicated from Slapi_Value structure passed as the parameter. berval Memory Concerns When you are no longer using the value, you should free it from memory by calling slapi_value_free() See Also slapi_value_new()
Page 507 Functions for Handling Values Memory Concerns When you are no longer using the value, you should free it from memory by calling slapi_value_free() See Also slapi_value_new() slapi_value_new_berval() slapi_value_free() slapi_value_dup() slapi_value_new_string_passin() Allocates a new structure and initializes it from a string. Slapi_Value Syntax #include “slapi-plugin.h”...
Page 508 Functions for Handling Values slapi_value_dup() slapi_value_new() slapi_value_new_value() Allocates a new structure and initializes it from another Slapi_Value structure. Slapi_Value Syntax #include “slapi-plugin.h” slapi_value_new_value(const Slapi_Value *v); Parameters This function takes the following parameter: Pointer to the Slapi_Value structure used to initialize the newly allocated Slapi_Value.
Page 509 Functions for Handling Values slapi_value_set() Sets the value in a structure. Slapi_Value Syntax #include “slapi-plugin.h” slapi_value_set( Slapi_Value *value, void *val, unsigned long len); Parameters This function takes the following parameters: Pointer to the Slapi_Value in which to set the value. value Pointer to the value.
Page 510 Functions for Handling Values Syntax #include “slapi-plugin.h” slapi_value_set_berval( Slapi_Value *value, const struct berval *bval ); Parameters This function takes the following parameters: Pointer to the Slapi_Value structure in which to set the value. value Pointer to the berval value to be copied. bval Returns This function returns one of the following values:...
Page 511 Functions for Handling Values Parameters This function takes the following parameters: Pointer to the Slapi_Value structure in which to set the value integer value. The integer containing the value to set. intVal Returns This function returns one of the following values: •...
Page 512 Functions for Handling Values The string containing the value to set. strVal Returns This function returns one of the following: • if value is set. • if the pointer to the Slapi_Value NULL Description This function sets the value of the structure by duplicating the string Slapi_Value strVal...
Page 513 Functions for Handling Values Returns This function returns one of the following values: • if the value is set. • if the pointer to the structure is Slapi_Value NULL Description This function sets the value of structure with the string .
Page 514: Functions For Handling Valueset
Functions for Handling Valueset Memory Concerns If the pointer to the , nothing is done and the function returns Slapi_Value NULL . If the already contains a value, it is freed from before the new NULL Slapi_Value one is set. When you are no longer using the structure, you should free it from Slapi_Value...
Page 515 Functions for Handling Valueset slapi_valueset_add_value() Adds a in the structure. Slapi_Value Slapi_ValueSet Syntax #include “slapi-plugin.h” void slapi_valueset_add_value(Slapi_ValueSet *vs, const Slapi_Value *addval); Parameters This function takes the following parameters: Pointer to the Slapi_ValueSet structure to which to add the value. Pointer to the Slapi_Value to add to the Slapi_ValueSet. addval Description This function adds a value in the form of a...
Page 516 Functions for Handling Valueset Syntax #include “slapi-plugin.h” void slapi_valueset_add_value_ext(Slapi_ValueSet *vs, Slapi_Value *addval, unsigned long flags); Parameters This function takes the following parameters: Pointer to the Slapi_ValueSet structure to which to add the value. Pointer to the Slapi_Value to add to the Slapi_ValueSet. addval If SLAPI_VALUE_FLAG_PASSIN bit is set in the flags, the flags...
Page 517 Functions for Handling Valueset Pointer to the Slap_ValueSet structure of which you wish to get the count. Returns This function returns the number of values contained in the Slapi_ValueSet structure. slapi_valueset_done() Frees the values contained in the structure. Slapi_ValueSet Syntax #include “slapi-plugin.h”...
Page 518 Functions for Handling Valueset Pointer to the attribute. This is used to determine the syntax of the values and how to match them. Pointer to the Slapi_ValueSet structure from which you wish to get the value. Address of the pointer to the Slapi_Value structure for the returned value.
Page 519 Functions for Handling Valueset • The index of the value in the Slapi_ValueSet • if there was no value. Description Call this function when you wish to get the first value of a , or you Slapi_ValueSet wish to iterate through all of the values. The returned value is the index of the value in the structure and must be passed to call Slapi_ValueSet...
Page 520 Functions for Handling Valueset slapi_valueset_init() Resets a structure to no values. Slapi_ValueSet Syntax #include “slapi-plugin.h” void slapi_valueset_init(Slapi_ValueSet *vs); Parameters This function takes the following parameter: Pointer to the Slapi_ValueSet to replace. Description This function returns the values contained in the structure (sets Slapi_ValueSet them to 0).
Page 521 Functions for Handling Valueset Returns This function returns a a pointer to the newly allocated structure. Slapi_ValueSet If no space could be allocated (for example, if no more virtual memory exists), the program terminates. slapd Description This function returns an empty structure.
Page 522 Functions for Handling Valueset • The index of the value in the Slapi_ValueSet • if there was no more value or the input index is incorrect. Description Call this function when you wish to get the next value of a , after Slapi_ValueSet having first called...
Page 523 Functions for Handling Valueset Memory Concerns This function does not verify that the structure already contains Slapi_ValueSet values, so it is your responsibility to verify that there are no values prior to calling this function. If you do not verify this, the allocated memory space will leak. You can free existing values by calling slapi_valueset_done() See Also...
Page 524: Functions Specific To Virtual Attribute Service
Functions Specific to Virtual Attribute Service Functions Specific to Virtual Attribute Service This section contains reference information on routines that are specific to virtual attribute services. Table 15-30 Virtual Attribute Service Routines Function Description slapi_vattr_list_attrs() Returns all the attribute types, both real and virtual, from an entry. slapi_vattr_attrs_free() Frees the attribute list returned by slapi_vattr_list_attrs().
Page 525 Functions Specific to Virtual Attribute Service Bit mask of options. Valid values include: flags SLAPI_VIRTUALATTRS_REQUEST_POINTERS SLAPI_VIRTUALATTRS_ONLY SLAPI_REALATTRS_ONLY Bit mask of options. Valid values include: buffer_flags SLAPI_VIRTUALATTRS_RETURNED_COPIES SLAPI_VIRTUALATTRS_RETURNED_POINTERS SLAPI_VIRTUALATTRS_REALATTRS_ONLY Memory Concerns The list that is returned from this API should be freed by the user by calling for that list.
Page 526 Functions Specific to Virtual Attribute Service Description This function should be used to free the list of attributes returned from slapi_vattrspi_add_type() Memory Concerns Free the pointer block using slapi_ch_free() See Also slapi_vattr_list_attrs() slapi_vattr_schema_check_type() Performs a schema check on the attribute types in the entry. Syntax #include “slapi-plugin.h”...
Page 527 Functions Specific to Virtual Attribute Service Entry to be compared. Attribute type name. type Value to be tested. test_this 0 if the compare is true, 1 if the compare is false. result Not used. You should pass 0 for this parameter. flags Returns This function returns 0 for success, in which case result contains the result of the...
Page 528 Functions Specific to Virtual Attribute Service The buffer flags returned from flags slapi_vattr_values_get_ex(). This contains information that this function needs to determine which objects need to be freed. Description This function should be used to free the valueset and type names returned from slapi_vattr_values_get_ex() See Also slapi_vattr_values_get_ex()
Page 529 Functions Specific to Virtual Attribute Service Bit mask of options. Valid value is as follows: buffer_flags SLAPI_VIRTUALATTRS_RETURNED_POINTERS Returns This function returns 0 for success. Otherwise, this function returns the following: • (failed to evaluate a SLAPI_VIRTUALATTRS_LOOP_DETECTED vattr • (type not recognized by any and not a real SLAPI_VIRTUAL_NOT_FOUND vattr...
Page 530 Functions Specific to Virtual Attribute Service Bit mask of options. Valid values are as follows: flags SLAPI_REALATTRS_ONLY SLAPI_VIRTURALATTRS_ONLY SLAPI_VIRTUALATTRS_REQUEST_POINTERS SLAPI_VIRTUALATTRS_LIST_OPERATIONAL_AT TRS Bit mask to be used as input flags for buffer_flags slapi_values_free(). Number of subtypes matched. subtype_count Returns This function returns 0 for success, in which case: •...
Page 531 Functions Specific to Virtual Attribute Service See Also slapi_vattr_values_free() slapi_vattr_values_type_thang_get() Gets values for an attribute type in the list only if the results field for that attribute type is NULL. Syntax #include “slapi-plugin.h” int slapi_vattr_values_type_thang_get Slapi_Entry *e, vattr_type_thang *type_thang, Slapi_ValueSet** results, int *type_name_disposition, char **actual_type_name, int flags,...
Page 532: Functions For Managing Locks And Synchronization
Functions for Managing Locks and Synchronization Description function is faster for getting the slapi_vattr_values_type_thang_get() values of an attribute when a list is returned from a vattr_type_thang call. However, when the list for that call returns slapi_vattr_list_types() NULL, the computation becomes similar to .
Page 533 Functions for Managing Locks and Synchronization Syntax #include “slapi-plugin.h” void slapi_destroy_condvar( Slapi_CondVar *cvar ); Parameters This function takes the following parameters: Pointer to the Slapi_CondVar structure that you want to free from memory. cvar Description This function frees a structure from memory. Before calling this Slapi_CondVer function, you should make sure that this condition variable is no longer in use.
Page 534 Functions for Managing Locks and Synchronization Syntax #include “slapi-plugin.h” void slapi_lock_mutex( Slapi_Mutex *mutex ); Parameters This function takes the following parameters: Pointer to a Slapi_Mutex structure representing the mutex mutex that you want to lock. Description This function locks the mutex specified by the structure.
Page 535 Functions for Managing Locks and Synchronization Description This function creates a new condition variable and returns a pointer to the structure. You can create the structure by calling the Slapi_CondVar Slapi_Mutex function. slapi_new_mutex() To wait on the condition variable, call the slapi_wait_condvar() function. To notify function.
Page 536 Functions for Managing Locks and Synchronization Parameters This function takes the following parameters: Pointer to an Slapi_CondVar structure representing the condition cvar variable. If 1, notifies all threads that are waiting on the condition variable. notify_all Returns This function returns one of the following values: •...
Page 537: Functions For Managing Computed Attributes
Functions for Managing Computed Attributes • 0 if the mutex was NULL or was not locked by the calling thread. Description This function unlocks the mutex specified by the structure. Slapi_Mutex slapi_wait_condvar() Waits on a condition variable. Syntax #include “slapi-plugin.h” int slapi_wait_condvar( Slapi_CondVar *cvar, struct timeval *timeout );...
Page 538 Functions for Managing Computed Attributes Table 15-32 Routines for Computed Attributes Function Description slapi_compute_add_evaluator() Registers a function as an evaluator that the server will call to generate a computed attribute. slapi_compute_add_search_rewriter() Registers callbacks for filter and search rewriting. functions to see if there is a match with a search compute_rewrite_search_filter() Call evaluator filter.
Page 539 Functions for Managing Computed Attributes To do this, the server calls each registered evaluator function for each individually requested attribute. An evaluator function has the type . If you want to set up the server to generate the value slapi_compute_callback_t of a computed attribute and send the attribute back with each entry, you can define an evaluator function and register the function with the server by calling the function.
Page 540: Functions For Manipulating Bits
Functions for Manipulating Bits compute_rewrite_search_filter() Calls evaluator functions to see if there is a match with a search filter. Syntax #include “slapi-plugin.h” int compute_rewrite_search_filter (Slapi_PBlock *pb); Parameters This function takes the following parameters: Parameter block that matches the rewrite search filter. Returns This function returns one of the following values: •...
Page 541 Functions for Manipulating Bits Table 15-33 Bit Manipulator Routines Function Description slapi_isbitset_int() Checks whether a particular bit is set in an integer. slapi_isbitset_uchar() Checks whether a particular bit is set in a character. slapi_setbit_int() Sets the specified bit in an integer. slapi_setbit_uchar() Sets the specified bit in a character.
Page 542 Functions for Manipulating Bits slapi_isbitset_uchar() Checks whether a particular bit is set in the specified character. #include “slapi-plugin.h” int slapi_isbitset_uchar(unsigned char f,unsigned char bitnum); Parameters This function takes the following parameters: The unsigned character, a bit of which is to be checked. The bit number in the unsigned character that needs to be bitnum checked.
Page 543 Functions for Manipulating Bits Returns This function returns the integer with the specified bit set. See Also slapi_isbitset_int() slapi_unsetbit_int() slapi_setbit_uchar() Sets the specified bit in a character. Syntax #include “slapi-plugin.h” unsigned char slapi_setbit_uchar(unsigned char f, unsigned char bitnum); Parameters This function takes the following parameters: The character in which a bit is to be set.
Page 544 Functions for Manipulating Bits Parameters This function takes the following parameters: The integer in which a bit is to be unset. The bit number that needs to be unset in the integer. bitnum Returns This function returns the integer with the specified bit unset. See Also slapi_isbitset_int() slapi_setbit_int()
Page 545: Functions For Registering Object Extensions
Functions for Registering Object Extensions Functions for Registering Object Extensions This section contains reference information on routines for registering object extensions. This set of functions provides a means for extending core server objects—this functionality is provided so that you can efficiently pass state information between plug-in calls.
Page 546 Functions for Registering Object Extensions Returns This function returns a pointer to the plug-in’s extension. Description A plug-in retrieves a pointer to its own extension by calling with the object from which the extension is to be slapi_get_object_extension retrieved. The factory uses to find the offset into the object of where objecttype the extension block is stored.
Page 547 Functions for Registering Object Extensions The function provided by the plug-in which is to be called when constructor an instance of the core server object is created. This function must allocate some memory and return a pointer to be stored in the extension block on the object.
Page 548: Functions Related To Data Interoperability
Functions Related to Data Interoperability Parameters This function takes the following parameters: Handle to find the offset into the object where the extension objecttype block is stored. A pointer to the core server object that needs to be changed. object Address for finding the extension within the block.
Page 549 Functions Related to Data Interoperability slapi_op_reserved() Allows a plug-in to recognize reserved default operations, such as the base-scope search on the rootdse and the operations on the reserved naming contexts, for handling by the core Directory Server and not by the DIOP plug-in. Syntax #include “slapi-plugin.h”...
Page 550 Functions Related to Data Interoperability Memory Concerns None. See Also None. slapi_operation_set_flag() Sets the specified flag for the operation. Syntax #include “slapi-plugin.h” void slapi_operation_set_flag( Slapi_Operation *op, unsigned long flag) Parameter This function takes the following parameters: Operation data structure. Flag to be set. By default, only one flag is supported, the flag SLAPI_OP_FLAG_NO_ACCESS_CHECK flag, which specifies that access control should not be checked.
Page 551 Functions Related to Data Interoperability slapi_operation_clear_flag() Clears the specified flag for the operation. Syntax #include “slapi-plugin.h” void slapi_operation_clear_flag( Slapi_Operation *op, unsigned long flag) Parameter This function takes the following parameters: Operation data structure. Flag to be cleared. By default, only one flag is supported, the flag SLAPI_OP_FLAG_NO_ACCESS_CHECK flag, which specifies that access control should not be checked.
Page 552: Functions For Registering Additional Plug-Ins
Functions for Registering Additional Plug-Ins Flag to check. By default, only one flag can be checked, the flag SLAPI_OP_FLAG_NO_ACCESS_CHECK flag, which specifies that access control should not be checked. Returns This function returns 0 if the flag is not set and a non-zero value if the flag is set. Description The code sample below demonstrates how ACL checks for internal operations are skipped if the plug-in specifies to not check for access control.
Page 553 Functions for Registering Additional Plug-Ins Syntax #include “slapi-plugin.h” int slapi_register_plugin( const char *plugintype, int enabled, const char *initsymbol, slapi_plugin_init_fnptr initfunc, const char *name, char **argv, void *group_identity); Parameters This function takes the following parameters: Handle to find the offset into the object where the extension plugintype block is stored.
Page 554 Functions for Registering Additional Plug-Ins Netscape Directory Server Plug-In Programmer’s Guide • August 2002...
Page 555: Chapter 16 Parameter Block Reference
Chapter 16 Parameter Block Reference This chapter describes the parameters available in the parameter Slapi_PBlock block, the type of data associated with each parameter, and the plug-in functions in which those parameters are accessible. To get the values of these parameters, call the function.
Page 556: Parameters For Registering Plug-In Functions
Parameters for Registering Plug-In Functions • Parameters for Filters • Parameters for Password Storage • Parameters for Resource Limits • Parameters for the Virtual Attribute Service Parameters for Registering Plug-In Functions The parameters listed in this section identify plug-in functions recognized by the server.
Page 557 Parameters for Registering Plug-In Functions Parameter ID Description This function is called before an LDAP bind operation SLAPI_PLUGIN_PRE_BIND_FN is completed. This function is called before an LDAP unbind SLAPI_PLUGIN_PRE_UNBIND_FN operation is completed. This function is called before an LDAP search SLAPI_PLUGIN_PRE_SEARCH_FN operation is completed.
Page 558: Post-Operation/Data Notification Plug-Ins
Parameters for Registering Plug-In Functions Parameter ID Description This function is called before an internal LDAP modify SLAPI_PLUGIN_INTERNAL_PRE_MODIFY_FN operation is completed. This function is called before an internal LDAP modify SLAPI_PLUGIN_INTERNAL_PRE_MODRDN_FN RDN operation is completed. Post-Operation/Data Notification Plug-Ins The parameters listed in this section are used to register post-operation/data notification plug-in functions.
Page 559: Matching Rule Plug-Ins
Parameters for Registering Plug-In Functions Parameter ID Description This function is called after the server starts up. You SLAPI_PLUGIN_START_FN can specify a start function for each post-operation plug-in. This function is called after an internal LDAP add SLAPI_PLUGIN_INTERNAL_POST_ADD_FN operation is completed. This function is called after an internal LDAP delete SLAPI_PLUGIN_INTERNAL_POST_DELETE_FN operation is completed.
Page 560: Entry Plug-Ins
Parameters Accessible to All Plug-Ins Entry Plug-Ins The parameters listed below are used for entry store and entry fetch plug-in functions. These plug-in functions are called by the server before writing an entry to disk and after reading an entry from disk. Entry store and entry fetch plug-in functions are passed using the string representation (in LDIF —...
Page 561: Information About The Database
Parameters Accessible to All Plug-Ins • Information About Attributes • Information About Targets Information About the Database The parameters listed below specify information about the back-end database. These parameters are available for all types of plug-ins. Note that these specific parameters cannot be set by calling .
Page 562 Parameters Accessible to All Plug-Ins Parameter ID Data Type Description Special value that is returned by a SLAPI_BE_ALL_BACKENDS distribution plug-in function to indicate that all back-ends should be searched. Used only for search operations. Indicates the maximum number of nesting SLAPI_BE_MAXNESTLEVEL int * levels allowed within groups for access...
Page 563: Information About The Connection
Parameters Accessible to All Plug-Ins Information About the Connection The parameters listed below specify information about the connection. These parameters are available for all types of plug-ins. Parameter ID Data Type Description The client certificate associated with the SLAPI_CONN_CERT CERTCertificate * connection (may be absent).
Page 564 Parameters Accessible to All Plug-Ins Parameter ID Data Type Description Method used to authenticate the current SLAPI_CONN_AUTHMETHOD char * user. If you call slapi_pblock_get() to get this value, you should call slapi_ch_free_string() to free the resulting value when done. This parameter can have one of the following values: •...
Page 565: Information About The Operation
Parameters Accessible to All Plug-Ins Parameter ID Data Type Description IP address that the client is connecting to. SLAPI_CONN_SERVERNETADDR* PRNetAddr You might want to use this parameter if, for example, your server accepts connections on multiple IP addresses. *These parameters use an NSPR structure. See for more information.
Page 566: Information About Extended Operations
Parameters Accessible to All Plug-Ins Parameter ID Data Type Description Specifies the DN to which the operation SLAPI_TARGET_DN char * applies (for example, the DN of the entry being added or removed). Array of the controls specified in the SLAPI_REQCONTROLS LDAPControl ** request.
Page 567: Information About Access Control Lists
Parameters Accessible to All Plug-Ins Information About Access Control Lists The parameters listed below are used with the access control list (ACL) plug-in functions to determine access control levels. Parameter ID Data Type Description Flag sent to the ACL plug-in when it is called SLAPI_PLUGIN_ACL_ALLOW_ACCESS that indicates that ACL access is allowed.
Page 568: Information About The Plug-In
Parameters Accessible to All Plug-Ins Information About the Plug-In The parameters listed below specify information about the plug-in that is available to all plug-in functions defined in the current library. These parameters are available for all types of plug-ins. Parameter ID Data Type Description Pointer to the internal server representation of this...
Page 569: Version Information
Parameters Accessible to All Plug-Ins Defined Constant Description Extended operation plug-in. SLAPI_PLUGIN_EXTENDEDOP Pre-operation/data validation plug-in. SLAPI_PLUGIN_PREOPERATION Post-operation/data notification plug-in. SLAPI_PLUGIN_POSTOPERATION Matching rule plug-in. SLAPI_PLUGIN_MATCHINGRULE Syntax plug-in. SLAPI_PLUGIN_SYNTAX Access control plug-in. SLAPI_PLUGIN_ACL Database pre-operation plug-in. SLAPI_PLUG_BEPREOPERATION Database post-operation plug-in. SLAPI_PLUGIN_BEPOSTOPERATION Password storage scheme plug-in. SLAPI_PLUGIN_PWD_STORAGE_SCHEME Reverse password storage scheme plug-in.
Page 570: Information About Command-Line Arguments
Parameters Accessible to All Plug-Ins Defined Constant Description Version 3 of the plug-in interface, which is SLAPI_PLUGIN_VERSION_03 supported by the Directory Server 6.1 release, but not by previous releases. Information About Command-Line Arguments The parameters listed below are used to determine the command-line arguments that a plug-in was invoked with.
Page 571: Attribute Flags
Parameters Accessible to All Plug-Ins Parameter ID Data Type Description The nsuniqueid (unique ID) attribute SLAPI_ATTR_UNIQUEID value. The nsParentUniqueID attribute value. SLAPI_ATTR_VALUE_PARENT_UNIQUEID The nsTombstone attribute value. SLAPI_ATTR_VALUE_TOMBSTONE Attribute Flags The parameters listed below are used by the function to slapi_attr_get_flags() get the flags associated with the specified attribute.
Page 572: Information About Targets
Parameters for the Bind Function Parameter ID Description Ignores the options on both names and compares SLAPI_TYPE_CMP_BASE the base names only. Compares the base name plus options as specified. SLAPI_TYPE_CMP_EXACT Ignores the options on the second name that are not SLAPI_TYPE_CMP_SUBTYPE in the first name.
Page 573: Parameters For The Search Function
Parameters for the Search Function Parameter ID Data Type Description Simple Authentication and Security Layer SLAPI_BIND_RET_SASLCREDS struct berval * (SASL) credentials that you want to send back to the client. (Set this before calling slapi_send_ldap_result().) Simple Authentication and Security Layer SLAPI_BIND_SASLMECHANISM char * (SASL) mechanism that is used (for...
Page 574: Parameters For Executing The Search
Parameters for the Search Function Parameter ID Data Type Description The scope of the search. The scope can be one of the SLAPI_SEARCH_SCOPE following values: • LDAP_SCOPE_BASE • LDAP_SCOPE_ONELEVEL • LDAP_SCOPE_SUBTREE Method for handling aliases in a search. This SLAPI_SEARCH_DEREF method can be one of the following values: •...
Page 575: Parameters For The Search Results
Parameters for the Search Function Parameter ID Data Type Description Entry returned from iterating through SLAPI_SEARCH_RESULT_ENTRY void * the results set. Reserved for future use. SLAPI_SEARCH_RESULT_ENTRY_EXT void * Number of search results found. SLAPI_NENTRIES Array of the URLs to other LDAP SLAPI_SEARCH_REFERRALS struct berval ** servers that the current server is...
Page 576: Parameters That Convert Strings To Entries
Parameters that Convert Strings to Entries Parameter ID Data Type Description A textual error message passed from SLAPI_PB_RESULT_TEXT char * internal subsystems to a plug-in. Currently used by the slapi_entry_schema_check() function to provide extra explantory information when it returns a non-zero value (that is, when the schema check fails).
Page 577: Parameters For The Add Function
Parameters for the Add Function Parameters for the Add Function The following table lists the parameters in the parameter block passed to the database add function. If you are writing a pre-operation, database, or post-operation add function, you can get these values by calling the function.
Page 578: Parameters For The Compare Function
Parameters for the Compare Function Parameters for the Compare Function The following table lists the parameters in the parameter block passed to the database compare function. If you are writing a pre-operation, database, or post-operation compare function, you can get these values by calling the function.
Page 579: Parameters For The Modify Function
Parameters for the Modify Function Parameters for the Modify Function The following table lists the parameters in the parameter block passed to the database modify function. If you are writing a pre-operation, database, or post-operation modify function, you can get these values by calling the function.
Page 580: Parameters For The Abandon Function
Parameters for the Abandon Function Parameter ID Data Type Description DN of the new parent of the entry, SLAPI_MODRDN_NEWSUPERIOR char * if the entry is being moved to a new location in the directory tree. Internal only — used by the SLAPI_MODRDN_EXISING_ENTRY Slapi_Entry * multimaster replication update...
Page 581: Parameters For The Matching Rule Function
Parameters for the Matching Rule Function See “Processing an LDAP Abandon Operation” on page 89 for more information on these parameters. Parameters for the Matching Rule Function The following table lists the parameters in the parameter block passed to the database matching rule function.
Page 582: Query Operators In Extensible Match Filters
Parameters for the Matching Rule Function Parameter ID Data Type Description Specifies the intended use of the SLAPI_PLUGIN_MR_USAGE unsigned int * indexer object. This parameter can have one of the following values: • SLAPI_PLUGIN_MR_USAGE_IND EX specifies that the indexer object should be used to index entries.
Page 583: Parameters For Ldbm Backend Pre- And Post-Operation Functions
Parameters for LDBM Backend Pre- and Post-Operation Functions Parameter ID Description Less than or equal to (<=) operator. SLAPI_OP_LESS_OR_EQUAL Equal to (=) operator. SLAPI_OP_EQUAL Greater than or equal to (>=) operator. SLAPI_OP_GREATER_OR_EQUAL Greater than (>) operator. SLAPI_OP_GREATER Allows an operation to use a wildcard (*) in a search SLAPI_OP_SUBSTRING filter.
Page 584: Post-Operation Plug-Ins
Parameters for the Database Parameter ID Description This function is called before a database modify SLAPI_PLUGIN_BE_PRE_MODRDN_FN RDN operation is completed. Post-Operation Plug-Ins The parameters listed in this section are used with post-operation database plug-in functions. Parameter ID Description This function is called after a database add SLAPI_PLUGIN_BE_POST_ADD_FN operation is completed.
Page 585: Information About Operations
Parameters for the Database Parameter ID Data Type Description A pointer to the backend database that is SLAPI_BACKEND Slapi_Backend * handling the operation. A value that indicates whether the backend SLAPI_BE_LASTMOD int * database is tracking modifiersName and modifyTimeStamp (true if the value is not zero).
Page 586: Information About Backend State Change
Parameters for LDAP Functions Parameter ID Data Type Description Flag that indicates this is a replicated SLAPI_IS_REPLICATED_OPERATION operation. Information About Backend State Change The following parameters can be used in the slapi_register_backend_state_change() functions to register for and slapi_unregister_backend_state_change() unregister callbacks when a backend state changes. Parameter ID Data Type Description...
Page 587: Parameters For Ldap Control
Parameters for LDAP Functions Parameter ID Data Type Description Array of entries found by an SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES Slapi_Entry ** internal LDAP search operation (see slapi_search_internal_ pb() for details). Array of referrals (in the form SLAPI_PLUGIN_INTOP_SEARCH_REFERRALS char ** of LDAP URLs) found by an internal LDAP search operation (see slapi_search_internal_...
Page 588: Parameters For Generating Ldif Strings
Parameters for LDAP Functions Parameter ID Data Type Description This control applies to the LDAP compare SLAPI_OPERATION_COMPARE LDAPControl * operation. This control applies to the LDAP delete SLAPI_OPERATION_DELETE LDAPControl * operation. This control applies to the LDAPv3 extended SLAPI_OPERATION_EXTENDED LDAPControl * operation.
Page 589: Parameters For Error Logging
Parameters for Error Logging Parameter ID Description A flag used to suppress the operational attributes. See SLAPI_DUMP_NOOPATTRS SLAPI_ATTR_FLAG_OPATTR. By default, lines will be wrapped as defined in the SLAPI_DUMP_NOWRAP LDIF specification. This flag disables line wrapping. This flag is only used internally by replication. This SLAPI_DUMP_STATEINFO flag allows access to the internal data used by multi-master replication.
Page 590: Parameters For Filters
Parameters for Filters Parameter ID Description This message is written to the error log if the log level SLAPI_LOG_FILTER setting “Search filter processing” is selected. This message is written to the error log if the log level SLAPI_LOG_CONFIG setting “Config file processing” is selected. This message is written to the error log if the log level SLAPI_LOG_ACL setting “Access control list processing”...
Page 591: Parameters For Comparison Filters
Parameters for Filters Parameters for Comparison Filters The parameters listed below are filters that are used to compare a value against an attribute. Parameter ID Description AND filter. For example: (&(ou=Accounting)(l=Sunnyvale)) LDAP_FILTER_AND Approximation filter. For example: (ou~=Sales) LDAP_FILTER_APPROX Equals filter. For example: (ou=Accounting) LDAP_FILTER_EQUALITY Extensible filter.
Page 592: Parameters For Password Storage
Parameters for Password Storage Parameters for Password Storage The following plug-in functions and parameters access password storage schemes to encode, decode, and compare passwords: • Password Storage Plug-Ins • Parameters for Password Storage Password Storage Plug-Ins The parameters listed below are used with functions that you can call to store passwords.
Page 593: Parameters For Resource Limits
Parameters for Resource Limits Parameters for Resource Limits The following parameters are used to provide information about resource limits: • Parameter for Binder-Based Resource Limits • Status Codes for Resource Limits Parameter for Binder-Based Resource Limits The following parameter is a valid value for the slapi_reslimit_register() function.
Page 594 Parameters for the Virtual Attribute Service These are identifiers are flags that can be passed to various functions in the flags parameter: slapi_vattr_values_XXX() Parameter Data Type Description Flag that indicates only real attributes SLAPI_REALATTRS_ONLY are used. Flag that indicates only virtual attributes SLAPI_VIRTUALATTRS_ONLY are used.
Page 595 Parameters for the Virtual Attribute Service Flag that indicates the attribute name SLAPI_VIRTUALATTRS_TYPE_NAME disposition value indicates a matching _MATCHED_EXACTLY_OR_ALIAS result. Flag that indicates the attribute name SLAPI_VIRTUALATTRS_TYPE_NAME matched the subtype. _MATCHED_SUBTYPE Chapter 16 Parameter Block Reference...
Page 596 Parameters for the Virtual Attribute Service Netscape Directory Server Plug-In Programmer’s Guide • August 2002...
Page 597: Glossary
Glossary This glossary defines terms commonly used when working with LDAP. base DN The distinguished name (DN) that identifies the starting point of a search. For example, if you want to search all of the entries that under the “ou=People,o=example.com” subtree of the directory, “ou=People,o=example.com”...
Page 598 operational attributes Attributes that are used by servers for administering the directory. For example, is an operational attribute that specifies the creatorsName DN of the user who added the entry. Operational attributes are not returned in any search results unless you specify the attribute by name in the search request. referral Refers an LDAP client to another LDAP server.
Page 599 subschema entry Entry containing all the schema definitions (definitions of object classes, attributes, matching rules, and so on) used by entries in part of a directory tree. Glossary...
Page 600 Netscape Directory Server Plug-In Programmer’s Guide • August 2002...
Page 601: Index
Index slapi_is_flag_set(), 551 slapi_op_reserved(), 549 attribute routines, 243 slapi_operation_clear_flag(), 551 slapi_operation_set_flag(), 550 data structures and types berval, 173 computed_attr_context, 174 LDAP_Mod, 176 backend routines, 262 LDAPControl, 174 LDAPMod, 176 berval, 173 mrFilterMatchFn, 179 bind routines, 368 plugin_referral_entry_callback, 180 bit-manipulator routines, 540 plugin_result_callback, 181 plugin_search_entry_callback, 182 send_ldap_referral_fn_ptr_t, 182...
Page 602 Slapi_Value, 210 distribution_plugin_entry_point(), 217 header file location, 28 DN routines, 298, 451 internal operation flag routines, 232 entry routines, 307 entry-flag routines, 345 extended-operation routines, 367 extensible match filter, 123, 124 lapi_matchingrule_free(), 376 LDAP slapi_get_supported_controls_copy(), 176 LDAPControl, 174 filter routines, 348 slapi_build_control(), 175 functions slapi_build_control_from_berval(), 175...
Page 603 slapi_acl_verify_aci_syntax(), 223 slapi_add_entry_internal_set_pb(), 233 new, 399 slapi_add_internal_pb(), 224 nsslapd-plugin-depends-on-name, 41 slapi_add_internal_set_pb(), 234 nsslapd-plugin-depends-on-type, 41 Slapi_Attr, 186 slapi_attr_add_value(), 186 slapi_attr_basetype(), 186 slapi_attr_dup(), 186 slapi_attr_first_value(), 186 slapi_attr_flag_is_set(), 186 operation routines, 419 slapi_attr_free(), 186 slapi_attr_get_bervals_copy(), 186 slapi_attr_get_flags(), 186 slapi_attr_get_numvalues(), 186 slapi_attr_get_oid_copy(), 186 slapi_attr_get_type(), 186 slapi_attr_get_valueset(), 186 parameter block, 21 slapi_attr_next_value(), 186...
Page 604 slapi_attr_syntax_normalize(), 256 slapi_be_logchanges(), 270 slapi_attr_type_cmp(), 258, 571 slapi_be_new(), 270 slapi_attr_type2plugin(), 257 slapi_be_private(), 271 slapi_attr_types_equivalent(), 259 slapi_be_select(), 271 slapi_attr_value_cmp(), 259 slapi_be_select_by_instance_name(), 272 slapi_attr_value_find(), 260 slapi_be_set_flag(), 273 Slapi_Backend, 187 slapi_be_set_instance_info(), 273 slapi_be_addsuffix(), 188 slapi_be_set_readonly(), 273 slapi_be_delete_onexit(), 188 slapi_be_setentrypoint(), 274 slapi_be_exist(), 188 slapi_berval_cmp(), 375 slapi_be_free(), 188 slapi_build_control(), 281 slapi_be_get_instance_info(), 188...
Page 605 slapi_dn_isparent(), 194 slapi_entry_delete_string(), 196 slapi_dn_isroot(), 194 slapi_entry_delete_values_sv(), 196 slapi_dn_issuffix(), 194 slapi_entry_dup(), 196 slapi_dn_normalize(), 194 slapi_entry_first_attr(), 197 slapi_dn_normalize_case(), 194 slapi_entry_free(), 197 slapi_dn_normalize_to_end(), 194 slapi_entry_get_dn(), 197 slapi_dn_parent(), 195 slapi_entry_get_dn_const(), 197 slapi_dn_plus_rdn(), 195 slapi_entry_get_ndn(), 197 slapi_entry_get_sdn(), 197 slapi_dn_beparent(), 299 slapi_entry_get_sdn_const(), 197 slapi_dn_ignore_case(), 300 slapi_entry_get_uniqueid(), 197 slapi_dn_isbesuffix(), 300 slapi_entry_has_children(), 197...
Page 606 slapi_entry_attr_set_ulong(), 327 slapi_filter_get_ava(), 353 slapi_entry_clear_flag(), 346 slapi_filter_get_choice(), 354 slapi_entry_delete_string(), 328 slapi_filter_get_subfilt(), 355 slapi_entry_delete_values_sv(), 328 slapi_filter_get_type(), 357 slapi_entry_dup(), 329 slapi_filter_join(), 358 slapi_entry_first_attr(), 330 slapi_filter_join_ex(), 359 slapi_entry_flag_is_set(), 346 slapi_filter_list_first(), 360 slapi_entry_free(), 331 slapi_filter_list_next(), 361 slapi_entry_get_dn(), 331 slapi_filter_test(), 362 slapi_entry_get_dn_const(), 332 slapi_filter_test_ext(), 363 slapi_entry_get_ndn(), 333 slapi_filter_test_simple(), 364 slapi_entry_get_sdn(), 333...
Page 607 slapi_matchingrule_new(), 199 slapi_mod_set_operation(), 397 slapi_matchingrule_register(), 199 slapi_mod_set_type(), 397 slapi_matchingrule_set(), 199 slapi_moddn_get_newdn(), 453 slapi_matchingrule_unregister(), 200 slapi_modify_internal_pb(), 227 slapi_mr_filter_index(), 199 slapi_modify_internal_set_pb(), 236 slapi_mr_indexer_create(), 199 slapi_modrdn_internal_pb(), 227 Slapi_Mod, 200 Slapi_Mods, 201 slapi_mod_add_value(), 200 slapi_mods_add(), 202 slapi_mod_done(), 200 slapi_mods_add_ldapmod(), 202 slapi_mod_dump(), 200 slapi_mods_add_mod_values, 202 slapi_mod_free(), 200 slapi_mods_add_mod_values(), 202 slapi_mod_get_first_value(), 200...
Page 608 slapi_mods_get_next_smod(), 409 slapi_rename_internal_set_pb(), 206 slapi_search_internal_callback_pb(), 206 slapi_mods_get_num_mods(), 410 slapi_search_internal_pb(), 206 slapi_mods_init(), 411 slapi_search_internal_set_pb(), 207 slapi_mods_init_byref(), 411 slapi_seq_internal_callback_pb(), 207 slapi_mods_init_passin(), 412 slapi_seq_internal_set_pb(), 207 slapi_mods_insert_after(), 413 Slapi_Pblock slapi_mods_insert_at(), 414 slapi_add_internal_pb(), 206 slapi_mods_insert_before(), 414 slapi_delete_internal_set_pb(), 206 slapi_mods_insert_smod_at(), 415 slapi_modrdn_internal_pb(), 206 slapi_pblock_new(), 206 slapi_mods_insert_smod_before(), 416 slapi_seq_internal_callback_pb(), 207 slapi_mods_iterator_backbone(), 417 slapi_pblock_destroy(), 421...
Page 609 slapi_rdn_compare(), 431 slapi_sdn_free(), 457 slapi_rdn_contains(), 431 slapi_sdn_get_backend_parent(), 457 slapi_rdn_contains_attr(), 432 slapi_sdn_get_dn(), 458 slapi_rdn_done(), 433 slapi_sdn_get_ndn(), 459 slapi_rdn_free(), 434 slapi_sdn_get_ndn_len(), 459 slapi_rdn_get_first(), 434 slapi_sdn_get_parent(), 460 slapi_rdn_get_index(), 435 slapi_sdn_get_rdn(), 460 slapi_rdn_get_index_attr(), 436 slapi_sdn_is_rdn_component(), 461 slapi_rdn_get_next(), 437 slapi_sdn_isempty(), 462 slapi_rdn_get_num_components(), 438 slapi_sdn_isgrandparent(), 463 slapi_rdn_get_rdn(), 439 slapi_sdn_isparent(), 463 slapi_rdn_init(), 440...
Page 610 slapi_unregister_backend_state_change, 280 slapi_valueset_done(), 213 slapi_valueset_find(), 213 slapi_unregister_backend_state_change(), 586 slapi_value_compare(), 495 slapi_unsetbit_int(), 543 slapi_value_dup(), 496 slapi_unsetbit_uchar(), 544 slapi_value_free(), 496 slapi_UTF8CASECMP(), 483 slapi_value_get_berval(), 497 slapi_utf8casecmp(), 482 slapi_value_get_int(), 498 slapi_UTF8ISLOWER(), 487 slapi_value_get_length(), 211, 498 slapi_utf8isLower(), 487 slapi_value_get_long(), 499 slapi_UTF8ISUPPER(), 488 slapi_value_get_string(), 500 slapi_utf8isUpper(), 488 slapi_value_get_uint(), 500 slapi_UTF8NCASECMP(), 485 slapi_value_get_ulong(), 501...
Page 611 slapi_valueset_first_value(), 518 slapi_valueset_free(), 519 slapi_valueset_init(), 520 slapi_valueset_new(), 520 slapi_valueset_next_value(), 521 slapi_valueset_set_from_smod(), 261, 522 slapi_valueset_set_valueset(), 523 slapi_vattr_filter_test(), 365 slapi_vattr_list_attrs(), 524 slapi_vattr_schema_check_type(), 526 slapi_vattr_value_compare(), 526 slapi_vattr_values_free(), 527 slapi_vattr_values_get(), 528 slapi_vattr_values_get_ex(), 529 slapi_vattr_values_type_thang_get(), 531 slapi_wait_condvar(), 537 slapi-plugin.h, 28 specifying plug-in dependencies, 41 syntax plug-in routines, 288 thread-safe LDAP connection routines, 369 types of plug-ins, 24 URLs...
Page 612 Netscape Directory Server Plug-In Programmer’s Guide • August 2002...

This manual is also suitable for:

Directory server 6.1

Netscape DIRECTORY SERVER 6.1 - PLUG-IN Manual

Preface

Part 1 Introduction to Directory Server Plug-Ins

Chapter 1 An Overview of Directory Server Plug-Ins

Chapter 2 Writing and Compiling Plug-Ins

Chapter 3 Configuring Plug-Ins

Chapter 4 A Quick Example

Part 2 Basic Plug-In Programming Techniques

Chapter 5 Front-End API Functions

Chapter 6 Writing Pre/Post-Operation Plug-Ins

Chapter 7 Defining Functions for LDAP Operations

Chapter 8 Defining Functions for Authentication

Part 3 Advanced Programming Techniques

Chapter 9 Writing Entry Store/Fetch Plug-Ins

Chapter 10 Writing Extended Operation Plug-Ins

Chapter 11 Writing Matching Rule Plug-Ins

Get the OID from the

You Can also Get any Data that You Set in the Parameter During Initialization. (See "Writing an Initialization Function

Set the Following Parameters

Slapi_Plugin_Mr_Oid

Slapi_Plugin_Private

Chapter 12 Using the Custom Distribution Logic

Chapter 13 Using Data Interoperability Plug-Ins

Part 4 Reference

Chapter 14 Data Type and Structure Reference

Chapter 15 Function Reference

Chapter 16 Parameter Block Reference

Glossary

Index

Quick Links

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Netscape NETSCAPE DIRECTORY SERVER 6.1 - PLUG-IN

Summary of Contents for Netscape NETSCAPE DIRECTORY SERVER 6.1 - PLUG-IN