Mercurial > hg > xemacs-beta

view man/lispref/ldap.texi @ 2367:ecf1ebac70d8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
[xemacs-hg @ 2004-11-04 23:05:23 by ben] commit mega-patch configure.in: Turn off -Winline and -Wchar-subscripts. Use the right set of cflags when compiling modules. Rewrite ldap configuration to separate the inclusion of lber (needed in recent Cygwin) from the basic checks for the needed libraries. add a function for MAKE_JUNK_C; initially code was added to generate xemacs.def using this, but it will need to be rewritten. add an rm -f for junk.c to avoid weird Cygwin bug with cp -f onto an existing file. Sort list of auto-detected functions and eliminate unused checks for stpcpy, setlocale and getwd. Add autodetection of Cygwin scanf problems BETA: Rewrite section on configure to indicate what flags are important and what not. digest-doc.c, make-dump-id.c, profile.c, sorted-doc.c: Add proper decls for main(). make-msgfile.c: Document that this is old junk. Move proposal to text.c. make-msgfile.lex: Move proposal to text.c. make-mswin-unicode.pl: Convert error-generating code so that the entire message will be seen as a single unrecognized token. mule/mule-ccl.el: Update docs. lispref/mule.texi: Update CCL docs. ldap/eldap.c: Mule-ize. Use EXTERNAL_LIST_LOOP_2 instead of deleted EXTERNAL_LIST_LOOP. * XEmacs 21.5.18 "chestnut" is released. --------------------------------------------------------------- MULE-RELATED WORK: --------------------------------------------------------------- --------------------------- byte-char conversion --------------------------- buffer.c, buffer.h, insdel.c, text.c: Port FSF algorithm for byte-char conversion, replacing broken previous version. Track the char position of the gap. Add functions to do char-byte conversion downwards as well as upwards. Move comments about algorithm workings to internals manual. --------------------------- work on types --------------------------- alloc.c, console-x-impl.h, dump-data.c, dump-data.h, dumper.c, dialog-msw.c, dired-msw.c, doc.c, editfns.c, esd.c, event-gtk.h, event-msw.c, events.c, file-coding.c, file-coding.h, fns.c, glyphs-eimage.c, glyphs-gtk.c, glyphs-msw.c, glyphs-shared.c, glyphs-x.c, glyphs.c, glyphs.h, gui.c, hpplay.c, imgproc.c, intl-win32.c, lrecord.h, lstream.c, keymap.c, lisp.h, libsst.c, linuxplay.c, miscplay.c, miscplay.h, mule-coding.c, nas.c, nt.c, ntheap.c, ntplay.c, objects-msw.c, objects-tty.c, objects-x.c, print.c, process-nt.c, process.c, redisplay.h, select-common.h, select-gtk.c, select-x.c, sgiplay.c, sound.c, sound.h, sunplay.c, sysfile.h, sysdep.c, syswindows.h, text.c, unexnt.c, win32.c, xgccache.c: Further work on types. This creates a full set of types for all the basic semantics of `char' that I have so far identified, so that its semantics can always be identified for the purposes of proper Mule-safe code, and the raw use of `char' always avoided. (1) More type renaming, for consistency of naming. Char_ASCII -> Ascbyte UChar_ASCII -> UAscbyte Char_Binary -> CBinbyte UChar_Binary -> Binbyte SChar_Binary -> SBinbyte (2) Introduce Rawbyte, CRawbyte, Boolbyte, Chbyte, UChbyte, and Bitbyte and use them. (3) New types Itext, Wexttext and Textcount for separating out the concepts of bytes and textual units (different under UTF-16 and UTF-32, which are potential internal encodings). (4) qxestr*_c -> qxestr*_ascii. lisp.h: New; goes with other qxe() functions. #### Maybe goes in a different section. lisp.h: Group generic int-type defs together with EMACS_INT defs. lisp.h: * lisp.h (WEXTTEXT_IS_WIDE) New defns. lisp.h: New type to replace places where int occurs as a boolean. It's signed because occasionally people may want to use -1 as an error value, and because unsigned ints are viral -- see comments in the internals manual against using them. dynarr.c: int -> Bytecount. --------------------------- Mule-izing --------------------------- device-x.c: Partially Mule-ize. dumper.c, dumper.h: Mule-ize. Use Rawbyte. Use stderr_out not printf. Use wext_*(). sysdep.c, syswindows.h, text.c: New Wexttext API for manipulation of external text that may be Unicode (e.g. startup code under Windows). emacs.c: Mule-ize. Properly deal with argv in external encoding. Use wext_*() and Wexttext. Use Rawbyte. #if 0 some old junk on SCO that is unlikely to be correct. Rewrite allocation code in run-temacs. emacs.c, symsinit.h, win32.c: Rename win32 init function and call it even earlier, to initialize mswindows_9x_p even earlier, for use in startup code (XEUNICODE_P). process.c: Use _wenviron not environ under Windows, to get Unicode environment variables. event-Xt.c: Mule-ize drag-n-drop related stuff. dragdrop.c, dragdrop.h, frame-x.c: Mule-ize. text.h: Add some more stand-in defines for particular kinds of conversion; use in Mule-ization work in frame-x.c etc. --------------------------- Freshening --------------------------- intl-auto-encap-win32.c, intl-auto-encap-win32.h: Regenerate. --------------------------- Unicode-work --------------------------- intl-win32.c, syswindows.h: Factor out common options to MultiByteToWideChar and WideCharToMultiByte. Add convert_unicode_to_multibyte_malloc() and convert_unicode_to_multibyte_dynarr() and use. Add stuff for alloca() conversion of multibyte/unicode. alloc.c: Use dfc_external_data_len() in case of unicode coding system. alloc.c, mule-charset.c: Don't zero out and reinit charset Unicode tables. This fucks up dump-time loading. Anyway, either we load them at dump time or run time, never both. unicode.c: Dump the blank tables as well. --------------------------------------------------------------- DOCUMENTATION, MOSTLY MULE-RELATED: --------------------------------------------------------------- EmacsFrame.c, emodules.c, event-Xt.c, fileio.c, input-method-xlib.c, mule-wnnfns.c, redisplay-gtk.c, redisplay-tty.c, redisplay-x.c, regex.c, sysdep.c: Add comment about Mule work needed. text.h: Add more documentation describing why DFC routines were not written to return their value. Add some other DFC documentation. console-msw.c, console-msw.h: Add pointer to docs in win32.c. emacs.c: Add comments on sources of doc info. text.c, charset.h, unicode.c, intl-win32.c, intl-encap-win32.c, text.h, file-coding.c, mule-coding.c: Collect background comments and related to text matters and internationalization, and proposals for work to be done, in text.c or Internals manual, stuff related to specific textual API's in text.h, and stuff related to internal implementation of Unicode conversion in unicode.c. Put lots of pointers to the comments to make them easier to find. s/mingw32.h, s/win32-common.h, s/win32-native.h, s/windowsnt.h, win32.c: Add bunches of new documentation on the different kinds of builds and environments under Windows and how they work. Collect this info in win32.c. Add pointers to these docs in the relevant s/* files. emacs.c: Document places with long comments. Remove comment about exiting, move to internals manual, put in pointer. event-stream.c: Move docs about event queues and focus to internals manual, put in pointer. events.h: Move docs about event stream callbacks to internals manual, put in pointer. profile.c, redisplay.c, signal.c: Move documentation to the Internals manual. process-nt.c: Add pointer to comment in win32-native.el. lisp.h: Add comments about some comment conventions. lisp.h: Add comment about the second argument. device-msw.c, redisplay-msw.c: @@#### comments are out-of-date. --------------------------------------------------------------- PDUMP WORK (MOTIVATED BY UNICODE CHANGES) --------------------------------------------------------------- alloc.c, buffer.c, bytecode.c, console-impl.h, console.c, device.c, dumper.c, lrecord.h, elhash.c, emodules.h, events.c, extents.c, frame.c, glyphs.c, glyphs.h, mule-charset.c, mule-coding.c, objects.c, profile.c, rangetab.c, redisplay.c, specifier.c, specifier.h, window.c, lstream.c, file-coding.h, file-coding.c: PDUMP: Properly implement dump_add_root_block(), which never worked before, and is necessary for dumping Unicode tables. Pdump name changes for accuracy: XD_STRUCT_PTR -> XD_BLOCK_PTR. XD_STRUCT_ARRAY -> XD_BLOCK_ARRAY. XD_C_STRING -> XD_ASCII_STRING. *_structure_* -> *_block_*. lrecord.h: some comments added about dump_add_root_block() vs dump_add_root_block_ptr(). extents.c: remove incorrect comment about pdump problems with gap array. --------------------------------------------------------------- ALLOCATION --------------------------------------------------------------- abbrev.c, alloc.c, bytecode.c, casefiddle.c, device-msw.c, device-x.c, dired-msw.c, doc.c, doprnt.c, dragdrop.c, editfns.c, emodules.c, file-coding.c, fileio.c, filelock.c, fns.c, glyphs-eimage.c, glyphs-gtk.c, glyphs-msw.c, glyphs-x.c, gui-msw.c, gui-x.c, imgproc.c, intl-win32.c, lread.c, menubar-gtk.c, menubar.c, nt.c, objects-msw.c, objects-x.c, print.c, process-nt.c, process-unix.c, process.c, realpath.c, redisplay.c, search.c, select-common.c, symbols.c, sysdep.c, syswindows.h, text.c, text.h, ui-byhand.c: New macros {alloca,xnew}_{itext,{i,ext,raw,bin,asc}bytes} for more convenient allocation of these commonly requested items. Modify functions to use alloca_ibytes, alloca_array, alloca_extbytes, xnew_ibytes, etc. also XREALLOC_ARRAY, xnew. alloc.c: Rewrite the allocation functions to factor out repeated code. Add assertions for freeing dumped data. lisp.h: Moved down and consolidated with other allocation stuff. lisp.h, dynarr.c: New functions for allocation that's very efficient when mostly in LIFO order. lisp.h, text.c, text.h: Factor out some stuff for general use by alloca()-conversion funs. text.h, lisp.h: Fill out convenience routines for allocating various kinds of bytes and put them in lisp.h. Use them in place of xmalloc(), ALLOCA(). text.h: Fill out the convenience functions so the _MALLOC() kinds match the alloca() kinds. --------------------------------------------------------------- ERROR-CHECKING --------------------------------------------------------------- text.h: Create ASSERT_ASCTEXT_ASCII() and ASSERT_ASCTEXT_ASCII_LEN() from similar Eistring checkers and change the Eistring checkers to use them instead. --------------------------------------------------------------- MACROS IN LISP.H --------------------------------------------------------------- lisp.h: Redo GCPRO declarations. Create a "base" set of functions that can be used to generate any kind of gcpro sets -- regular, ngcpro, nngcpro, private ones used in GC_EXTERNAL_LIST_LOOP_2. buffer.c, callint.c, chartab.c, console-msw.c, device-x.c, dialog-msw.c, dired.c, extents.c, ui-gtk.c, rangetab.c, nt.c, mule-coding.c, minibuf.c, menubar-msw.c, menubar.c, menubar-gtk.c, lread.c, lisp.h, gutter.c, glyphs.c, glyphs-widget.c, fns.c, fileio.c, file-coding.c, specifier.c: Eliminate EXTERNAL_LIST_LOOP, which does not check for circularities. Use EXTERNAL_LIST_LOOP_2 instead or EXTERNAL_LIST_LOOP_3 or EXTERNAL_PROPERTY_LIST_LOOP_3 or GC_EXTERNAL_LIST_LOOP_2 (new macro). Removed/redid comments on EXTERNAL_LIST_LOOP. --------------------------------------------------------------- SPACING FIXES --------------------------------------------------------------- callint.c, hftctl.c, number-gmp.c, process-unix.c: Spacing fixes. --------------------------------------------------------------- FIX FOR GEOMETRY PROBLEM IN FIRST FRAME --------------------------------------------------------------- unicode.c: Add workaround for newlib bug in sscanf() [should be fixed by release 1.5.12 of Cygwin]. toolbar.c: bug fix for problem of initial frame being 77 chars wide on Windows. will be overridden by my other ws. --------------------------------------------------------------- FIX FOR LEAKING PROCESS HANDLES: --------------------------------------------------------------- process-nt.c: Fixes for leaking handles. Inspired by work done by Adrian Aichner <adrian@xemacs.org>. --------------------------------------------------------------- FIX FOR CYGWIN BUG (Unicode-related): --------------------------------------------------------------- unicode.c: Add workaround for newlib bug in sscanf() [should be fixed by release 1.5.12 of Cygwin]. --------------------------------------------------------------- WARNING FIXES: --------------------------------------------------------------- console-stream.c: `reinit' is unused. compiler.h, event-msw.c, frame-msw.c, intl-encap-win32.c, text.h: Add stuff to deal with ANSI-aliasing warnings I got. regex.c: Gather includes together to avoid warning. --------------------------------------------------------------- CHANGES TO INITIALIZATION ROUTINES: --------------------------------------------------------------- buffer.c, emacs.c, console.c, debug.c, device-x.c, device.c, dragdrop.c, emodules.c, eval.c, event-Xt.c, event-gtk.c, event-msw.c, event-stream.c, event-tty.c, events.c, extents.c, faces.c, file-coding.c, fileio.c, font-lock.c, frame-msw.c, glyphs-widget.c, glyphs.c, gui-x.c, insdel.c, lread.c, lstream.c, menubar-gtk.c, menubar-x.c, minibuf.c, mule-wnnfns.c, objects-msw.c, objects.c, print.c, scrollbar-x.c, search.c, select-x.c, text.c, undo.c, unicode.c, window.c, symsinit.h: Call reinit_*() functions directly from emacs.c, for clarity. Factor out some redundant init code. Move disallowed stuff that had crept into vars_of_glyphs() into complex_vars_of_glyphs(). Call init_eval_semi_early() from eval.c not in the middle of vars_of_() in emacs.c since there should be no order dependency in the latter calls. --------------------------------------------------------------- ARMAGEDDON: --------------------------------------------------------------- alloc.c, emacs.c, lisp.h, print.c: Rename inhibit_non_essential_printing_operations to inhibit_non_essential_conversion_operations. text.c: Assert on !inhibit_non_essential_conversion_operations. console-msw.c, print.c: Don't do conversion in SetConsoleTitle or FindWindow to avoid problems during armageddon. Put #errors for NON_ASCII_INTERNAL_FORMAT in places where problems would arise. --------------------------------------------------------------- CHANGES TO THE BUILD PROCEDURE: --------------------------------------------------------------- config.h.in, s/cxux.h, s/usg5-4-2.h, m/powerpc.h: Add comment about correct ordering of this file. Rearrange everything to follow this -- put all #undefs together and before the s&m files. Add undefs for HAVE_ALLOCA, C_ALLOCA, BROKEN_ALLOCA_IN_FUNCTION_CALLS, STACK_DIRECTION. Remove unused HAVE_STPCPY, HAVE_GETWD, HAVE_SETLOCALE. m/gec63.h: Deleted; totally broken, not used at all, not in FSF. m/7300.h, m/acorn.h, m/alliant-2800.h, m/alliant.h, m/altos.h, m/amdahl.h, m/apollo.h, m/att3b.h, m/aviion.h, m/celerity.h, m/clipper.h, m/cnvrgnt.h, m/convex.h, m/cydra5.h, m/delta.h, m/delta88k.h, m/dpx2.h, m/elxsi.h, m/ews4800r.h, m/gould.h, m/hp300bsd.h, m/hp800.h, m/hp9000s300.h, m/i860.h, m/ibmps2-aix.h, m/ibmrs6000.h, m/ibmrt-aix.h, m/ibmrt.h, m/intel386.h, m/iris4d.h, m/iris5d.h, m/iris6d.h, m/irist.h, m/isi-ov.h, m/luna88k.h, m/m68k.h, m/masscomp.h, m/mg1.h, m/mips-nec.h, m/mips-siemens.h, m/mips.h, m/news.h, m/nh3000.h, m/nh4000.h, m/ns32000.h, m/orion105.h, m/pfa50.h, m/plexus.h, m/pmax.h, m/powerpc.h, m/pyrmips.h, m/sequent-ptx.h, m/sequent.h, m/sgi-challenge.h, m/symmetry.h, m/tad68k.h, m/tahoe.h, m/targon31.h, m/tekxd88.h, m/template.h, m/tower32.h, m/tower32v3.h, m/ustation.h, m/vax.h, m/wicat.h, m/xps100.h: Delete C_ALLOCA, HAVE_ALLOCA, STACK_DIRECTION, BROKEN_ALLOCA_IN_FUNCTION_CALLS. All of this is auto-detected. When in doubt, I followed recent FSF sources, which also have these things deleted.
author ben
date Thu, 04 Nov 2004 23:08:28 +0000
parents f43f9ca6c7d9
children 8d2106500793
line wrap: on
line source

@c -*-texinfo-*-
@c This is part of the XEmacs Lisp Reference Manual.
@c Copyright (C) 1998 Free Software Foundation, Inc.
@c See the file lispref.texi for copying conditions.
@setfilename ../../info/ldap.info
@node LDAP Support, PostgreSQL Support, ToolTalk Support, top
@chapter LDAP Support
@cindex LDAP

XEmacs can be linked with a LDAP client library to provide Elisp primitives
to access directory servers using the Lightweight Directory Access Protocol.

@menu
* Building XEmacs with LDAP support::  How to add LDAP support to XEmacs
* XEmacs LDAP API::             Lisp access to LDAP functions
* Syntax of Search Filters::    A brief summary of RFC 1558
@end menu

@node Building XEmacs with LDAP support, XEmacs LDAP API, LDAP Support, LDAP Support
@comment  node-name,  next,  previous,  up
@section Building XEmacs with LDAP support

LDAP support must be added to XEmacs at build time since it requires
linking to an external LDAP client library.  As of 21.2, XEmacs has been
successfully built and tested with

@itemize @bullet
@item OpenLDAP 1.2 (@url{http://www.openldap.org/})
@item University of Michigan's LDAP 3.3 (@url{http://www.umich.edu/~dirsvcs/ldap/})
@item LDAP SDK 1.0 from Netscape Corp. (@url{http://developer.netscape.com/})
@end itemize

Other libraries conforming to RFC 1823 will probably work also but may
require some minor tweaking at C level.

The standard XEmacs configure script auto-detects an installed LDAP
library provided the library itself and the corresponding header files
can be found in the library and include paths.  A successful detection
will be signalled in the final output of the configure script.



@node XEmacs LDAP API, Syntax of Search Filters, Building XEmacs with LDAP support, LDAP Support
@comment  node-name,  next,  previous,  up
@section XEmacs LDAP API

XEmacs LDAP API consists of two layers:  a low-level layer which tries
to stay as close as possible to the C API (where practical) and a
higher-level layer which provides more convenient primitives to
effectively use LDAP.

The low-level API should be used directly for very specific purposes
(such as multiple operations on a connection) only.  The higher-level
functions provide a more convenient way to access LDAP directories
hiding the subtleties of handling the connection, translating arguments
and ensuring compliance with LDAP internationalization rules and formats
(currently partly implemented only).

@menu
* LDAP Variables::              Lisp variables related to LDAP
* The High-Level LDAP API::     High-level LDAP lisp functions
* The Low-Level LDAP API::      Low-level LDAP lisp primitives
* LDAP Internationalization::   I18n variables and functions
@end menu


@node LDAP Variables, The High-Level LDAP API, XEmacs LDAP API, XEmacs LDAP API
@comment  node-name,  next,  previous,  up
@subsection LDAP Variables

@defvar ldap-default-host
The default LDAP server hostname.
A TCP port number can be appended to that name using a colon as
a separator.
@end defvar

@defvar ldap-default-port
Default TCP port for LDAP connections.
Initialized from the LDAP library. Default value is 389.
@end defvar

@defvar ldap-default-base
Default base for LDAP searches.
This is a string using the syntax of RFC 1779.
For instance, "o=ACME, c=US" limits the search to the
Acme organization in the United States.
@end defvar

@defvar ldap-host-parameters-alist
An alist of per host options for LDAP transactions.
The list elements look like @code{(HOST PROP1 VAL1 PROP2 VAL2 ...)}
@var{host} is the name of an LDAP server. A TCP port number can be
appended to that name using a colon as a separator.
@var{propn} and @var{valn} are
property/value pairs describing parameters for the server.  Valid
properties:
@table @code
@item binddn
The distinguished name of the user to bind as.  This may look like
@samp{cn=Babs Jensen,o=ACME,c=US}, see RFC 1779 for details.
@item passwd
The password to use for authentication.
@item auth
The authentication method to use, possible values depend on the LDAP
library XEmacs was compiled with, they may include @code{simple},
@code{krbv41} and @code{krbv42}.
@item base
The base for the search. This may look like @samp{cÿ, o¬me}, see
RFC 1779 for syntax details.
@item scope
One of the symbols @code{base}, @code{onelevel} or @code{subtree}
indicating the scope of the search limited to a base
object, to a single level or to the whole subtree.
@item deref
The dereference policy is one of the symbols @code{never},
@code{always}, @code{search} or @code{find} and defines how aliases are
dereferenced.
@table @code
@item never
Aliases are never dereferenced
@item always
Aliases are always dereferenced
@item search
Aliases are dereferenced when searching
@item find
Aliases are dereferenced when locating the base object for the search
@end table
@item timelimit
The timeout limit for the connection in seconds.
@item sizelimit
The maximum number of matches to return for searches performed on this connection.
@end table
@end defvar

@defvar ldap-verbose
If non-@code{nil}, LDAP operations will echo progress messages. Defaults to @code{nil}.
@end defvar


@node The High-Level LDAP API, The Low-Level LDAP API, LDAP Variables, XEmacs LDAP API
@comment  node-name,  next,  previous,  up
@subsection The High-Level LDAP API

The following functions provide the most convenient interface to perform
LDAP operations.  All of them open a connection to a host, perform an
operation (add/search/modify/delete) on one or several entries and
cleanly close the connection thus insulating the user from all the
details of the low-level interface such as LDAP Lisp objects @pxref{The
Low-Level LDAP API}.

Note that @code{ldap-search} which used to be the name of the high-level
search function in XEmacs 21.1 is now obsolete.  For consistency  in the
naming as well as backward compatibility, that function now acts as a
wrapper that calls either @code{ldap-search-basic} (low-level search
function) or @code{ldap-search-entries} (high-level search function)
according to the actual parameters.  A direct call to one of these two
functions is preferred since it is faster and unambiguous.

@deffn Command ldap-search-entries filter &optional host attributes attrsonly withdn
Perform an LDAP search.
@var{filter} is the search filter @pxref{Syntax of Search Filters}
@var{host} is the LDAP host on which to perform the search.
@var{attributes} is the specific attributes to retrieve, @code{nil} means
retrieve all.
@var{attrsonly} if non-@code{nil} retrieves the attributes only without
their associated values.
If @var{withdn} is non-@code{nil} each entry in the result will be prepended with
its distinguished name DN.
Additional search parameters can be specified through
@code{ldap-host-parameters-alist}.
The function returns a list of matching entries.  Each entry is itself
an alist of attribute/value pairs optionally preceded by the DN of the
entry according to the value of @var{withdn}.
@end deffn

@defun ldap-add-entries entries &optional host binddn passwd
Add entries to an LDAP directory.  @var{entries} is a list of entry
specifications of the form @code{(DN (ATTR . VALUE) (ATTR . VALUE) ...)}
where @var{dn} the distinguished name of an entry to add, the following
are cons cells containing attribute/value string pairs.
@var{host} is the LDAP host, defaulting to @code{ldap-default-host}.
@var{binddn} is the DN to bind as to the server.
@var{passwd} is the corresponding password.
@end defun

@defun ldap-modify-entries entry-mods &optional host binddn passwd
Modify entries of an LDAP directory.
@var{entry_mods} is a list of entry modifications of the form
@code{(DN MOD-SPEC1 MOD-SPEC2 ...)} where @var{dn} is the distinguished name of
the entry to modify, the following are modification specifications.
A modification specification is itself a list of the form
@code{(MOD-OP ATTR VALUE1 VALUE2 ...)} @var{mod-op} and @var{attr} are mandatory,
@var{values} are optional depending on @var{mod-op}.
@var{mod-op} is the type of modification, one of the symbols @code{add}, @code{delete}
or @code{replace}. @var{attr} is the LDAP attribute type to modify.
@var{host} is the LDAP host, defaulting to @code{ldap-default-host}.
@var{binddn} is the DN to bind as to the server.
@var{passwd} is the corresponding password.
@end defun

@defun ldap-delete-entries dn &optional host binddn passwd
Delete an entry from an LDAP directory.
@var{dn} is the distinguished name of an entry to delete or
a list of those.
@var{host} is the LDAP host, defaulting to @code{ldap-default-host}.
@var{binddn} is the DN to bind as to the server.
@var{passwd} is the corresponding password.
@end defun


@node The Low-Level LDAP API, LDAP Internationalization, The High-Level LDAP API, XEmacs LDAP API
@comment  node-name,  next,  previous,  up
@subsection The Low-Level LDAP API

The low-level API should be used directly for very specific purposes
(such as multiple operations on a connection) only.  The higher-level
functions provide a more convenient way to access LDAP directories
hiding the subtleties of handling the connection, translating arguments
and ensuring compliance with LDAP internationalization rules and formats
(currently partly implemented only). See @pxref{The High-Level LDAP API}

Note that the former functions @code{ldap-*-internal} functions have been
renamed in XEmacs 21.2

@menu
* The LDAP Lisp Object::
* Opening and Closing a LDAP Connection::
* Low-level Operations on a LDAP Server::
@end menu

@node The LDAP Lisp Object, Opening and Closing a LDAP Connection, The Low-Level LDAP API, The Low-Level LDAP API
@comment  node-name,  next,  previous,  up
@subsubsection The LDAP Lisp Object

An internal built-in @code{ldap} lisp object represents a LDAP
connection.

@defun ldapp object
This function returns non-@code{nil} if @var{object} is a @code{ldap} object.
@end defun

@defun ldap-host ldap
Return the server host of the connection represented by @var{ldap}.
@end defun

@defun ldap-live-p ldap
Return non-@code{nil} if @var{ldap} is an active LDAP connection.
@end defun


@node Opening and Closing a LDAP Connection, Low-level Operations on a LDAP Server, The LDAP Lisp Object, The Low-Level LDAP API
@comment  node-name,  next,  previous,  up
@subsubsection Opening and Closing a LDAP Connection

@defun ldap-open host &optional plist
Open a LDAP connection to @var{host}.
@var{plist} is a property list containing additional parameters for the connection.
Valid keys in that list are:
@table @code
@item port
The TCP port to use for the connection if different from
@code{ldap-default-port} or the library builtin value
@item auth
The authentication method to use, possible values depend on the LDAP
library XEmacs was compiled with, they may include @code{simple},
@code{krbv41} and @code{krbv42}.
@item binddn
The distinguished name of the user to bind as.  This may look like
@samp{c=com, o=Acme, cn=Babs Jensen}, see RFC 1779 for details.
@item passwd
The password to use for authentication.
@item deref
The dereference policy is one of the symbols @code{never},
@code{always}, @code{search} or @code{find} and defines how aliases are
dereferenced.
@table @code
@item never
Aliases are never dereferenced.
@item always
Aliases are always dereferenced.
@item search
Aliases are dereferenced when searching.
@item find
Aliases are dereferenced when locating the base object for the search.
@end table
The default is @code{never}.
@item timelimit
The timeout limit for the connection in seconds.
@item sizelimit
The maximum number of matches to return for searches performed on this connection.
@end table
@end defun

@defun ldap-close ldap
Close the connection represented by @var{ldap}.
@end defun


@node Low-level Operations on a LDAP Server,  , Opening and Closing a LDAP Connection, The Low-Level LDAP API
@comment  node-name,  next,  previous,  up
@subsubsection Low-level Operations on a LDAP Server

@code{ldap-search-basic} is the low-level primitive to perform a
search on a LDAP server.  It works directly on an open LDAP connection
thus requiring a preliminary call to @code{ldap-open}.  Multiple
searches can be made on the same connection, then the session must be
closed with @code{ldap-close}.

@defun ldap-search-basic ldap filter &optional base scope attrs attrsonly withdn verbose
Perform a search on an open connection @var{ldap} created with @code{ldap-open}.
@var{filter} is a filter string for the search @pxref{Syntax of Search Filters}
@var{base} is the distinguished name at which to start the search.
@var{scope} is one of the symbols @code{base}, @code{onelevel} or
@code{subtree} indicating the scope of the search limited to a base
object, to a single level or to the whole subtree.  The default is
@code{subtree}.
@var{attrs} is a list of strings indicating which attributes to retrieve
for each matching entry. If @code{nil} all available attributes are returned.
If @var{attrsonly} is non-@code{nil} then only the attributes are
retrieved, not their associated values.
If @var{withdn} is non-@code{nil} then each entry in the result is
prepended with its distinguished name DN.
If @var{verbose} is non-@code{nil} then progress messages are echoed
The function returns a list of matching entries.  Each entry  is itself
an alist of attribute/value pairs optionally preceded by the DN of the
entry according to the value of @var{withdn}.
@end defun

@defun ldap-add ldap dn entry
Add @var{entry} to a LDAP directory which a connection @var{ldap} has
been opened to with @code{ldap-open}.
@var{dn} is the distinguished name of the entry to add.
@var{entry} is an entry specification, i.e., a list of cons cells
containing attribute/value string pairs.
@end defun

@defun ldap-modify ldap dn mods
Modify an entry in an LDAP directory.
@var{ldap} is an LDAP connection object created with @code{ldap-open}.
@var{dn} is the distinguished name of the entry to modify.
@var{mods} is a list of modifications to apply.
A modification is a list of the form @code{(MOD-OP ATTR VALUE1 VALUE2 ...)}
@var{mod-op} and @var{attr} are mandatory, @var{values} are optional depending on @var{mod-op}.
@var{mod-op} is the type of modification, one of the symbols @code{add}, @code{delete}
or @code{replace}. @var{attr} is the LDAP attribute type to modify.
@end defun

@defun ldap-delete ldap dn
Delete an entry to an LDAP directory.
@var{ldap} is an LDAP connection object created with @code{ldap-open}.
@var{dn} is the distinguished name of the entry to delete.
@end defun



@node LDAP Internationalization,  , The Low-Level LDAP API, XEmacs LDAP API
@comment  node-name,  next,  previous,  up
@subsection LDAP Internationalization

The XEmacs LDAP API provides basic internationalization features based
on the LDAP v3 specification (essentially RFC2252 on "LDAP v3 Attribute
Syntax Definitions").  Unfortunately since there is currently no free
LDAP v3 server software, this part has not received much testing and
should be considered experimental.  The framework is in place though.

@defun ldap-decode-attribute attr
Decode the attribute/value pair @var{attr} according to LDAP rules.
The attribute name is looked up in @code{ldap-attribute-syntaxes-alist}
and the corresponding decoder is then retrieved from
@code{ldap-attribute-syntax-decoders}' and applied on the value(s).
@end defun

@menu
* LDAP Internationalization Variables::
* Encoder/Decoder Functions::
@end menu

@node LDAP Internationalization Variables, Encoder/Decoder Functions, LDAP Internationalization, LDAP Internationalization
@comment  node-name,  next,  previous,  up
@subsubsection LDAP Internationalization Variables

@defvar ldap-ignore-attribute-codings
If non-@code{nil}, no encoding/decoding will be performed LDAP attribute values
@end defvar

@defvar ldap-coding-system
Coding system of LDAP string values.
LDAP v3 specifies the coding system of strings to be UTF-8.
You need an XEmacs with Mule support for this.
@end defvar

@defvar ldap-default-attribute-decoder
Decoder function to use for attributes whose syntax is unknown.  Such a
function receives an encoded attribute value as a string and should
return the decoded value as a string.
@end defvar

@defvar ldap-attribute-syntax-encoders
A vector of functions used to encode LDAP attribute values.
The sequence of functions corresponds to the sequence of LDAP attribute syntax
object identifiers of the form 1.3.6.1.4.1.1466.1115.121.1.* as defined in
RFC2252 section 4.3.2. As of this writing, only a few encoder functions
are available.
@end defvar

@defvar ldap-attribute-syntax-decoders
A vector of functions used to decode LDAP attribute values.
The sequence of functions corresponds to the sequence of LDAP attribute syntax
object identifiers of the form 1.3.6.1.4.1.1466.1115.121.1.* as defined in
RFC2252 section 4.3.2. As of this writing, only a few decoder functions
are available.
@end defvar

@defvar ldap-attribute-syntaxes-alist
A map of LDAP attribute names to their type object id minor number.
This table is built from RFC2252 Section 5 and RFC2256 Section 5.
@end defvar

@node Encoder/Decoder Functions,  , LDAP Internationalization Variables, LDAP Internationalization
@comment  node-name,  next,  previous,  up
@subsubsection Encoder/Decoder Functions

@defun ldap-encode-boolean bool
A function that encodes an elisp boolean @var{bool} into a LDAP
boolean string representation.
@end defun

@defun ldap-decode-boolean str
A function that decodes a LDAP boolean string representation
@var{str} into an elisp boolean.
@end defun

@defun ldap-decode-string str
Decode a string @var{str} according to @code{ldap-coding-system}.
@end defun

@defun ldap-encode-string str
Encode a string @var{str} according to @code{ldap-coding-system}.
@end defun

@defun ldap-decode-address str
Decode an address @var{str} according to @code{ldap-coding-system} and
replacing $ signs with newlines as specified by LDAP encoding rules for
addresses.
@end defun

@defun ldap-encode-address str
Encode an address @var{str} according to @code{ldap-coding-system} and
replacing newlines with $ signs as specified by LDAP encoding rules for
addresses.
@end defun



@node Syntax of Search Filters,  , XEmacs LDAP API, LDAP Support
@comment  node-name,  next,  previous,  up
@section Syntax of Search Filters

LDAP search functions use RFC1558 syntax to describe the search filter.
In that syntax simple filters have the form:

@example
(<attr> <filtertype> <value>)
@end example

@code{<attr>} is an attribute name such as @code{cn} for Common Name,
@code{o} for Organization, etc...

@code{<value>} is the corresponding value.  This is generally an exact
string but may also contain @code{*} characters as wildcards

@code{filtertype} is one @code{=} @code{~=}, @code{<=}, @code{>=} which
respectively describe equality, approximate equality, inferiority and
superiority.

Thus @code{(cn=John Smith)} matches all records having a canonical name
equal to John Smith.

A special case is the presence filter @code{(<attr>=*} which matches
records containing a particular attribute.  For instance @code{(mail=*)}
matches all records containing a @code{mail} attribute.

Simple filters can be connected together with the logical operators
@code{&}, @code{|} and @code{!} which stand for the usual and, or and
not operators.

@code{(&(objectClass=Person)(mail=*)(|(sn=Smith)(givenname=John)))}
matches records of class @code{Person} containing a @code{mail}
attribute and corresponding to people whose last name is @code{Smith} or
whose first name is @code{John}.