--- include/slapi-plugin.h	2003/05/03 02:16:02	1.20
+++ include/slapi-plugin.h	2004/09/03 23:17:53	1.20.2.8
@@ -1,13 +1,23 @@
-/*
- * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* $OpenLDAP: pkg/ldap/include/slapi-plugin.h,v 1.20.2.7 2004/06/16 22:45:32 kurt Exp $ */
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2004 The OpenLDAP Foundation.
+ * Portions Copyright 1997,2002,2003 IBM Corporation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
  */
+
 /*
- * (C) Copyright IBM Corp. 1997,2002
- * Redistribution and use in source and binary forms are permitted
- * provided that this notice is preserved and that due credit is
- * given to IBM Corporation. This software is provided ``as is''
- * without express or implied warranty.
+ * This header is used in development of SLAPI plugins for
+ * OpenLDAP slapd(8) and other directory servers supporting
+ * this interface.  Your portability mileage may vary.
  */
 
 #ifndef _SLAPI_PLUGIN_H
@@ -42,13 +52,16 @@ int slapi_entry_attr_merge( Slapi_Entry
 int slapi_entry_attr_find( Slapi_Entry *e, char *type, Slapi_Attr **attr );
 char *slapi_entry_attr_get_charptr( const Slapi_Entry *e, const char *type );
 int slapi_entry_attr_get_int( const Slapi_Entry *e, const char *type );
-int slapi_entry_attr_get_long( const Slapi_Entry *e, const char *type );
-int slapi_entry_attr_get_uint( const Slapi_Entry *e, const char *type );
-int slapi_entry_attr_get_ulong( const Slapi_Entry *e, const char *type );
+long slapi_entry_attr_get_long( const Slapi_Entry *e, const char *type );
+unsigned int slapi_entry_attr_get_uint( const Slapi_Entry *e, const char *type );
+unsigned long slapi_entry_attr_get_ulong( const Slapi_Entry *e, const char *type );
 int slapi_attr_get_values( Slapi_Attr *attr, struct berval ***vals );
 char *slapi_dn_normalize( char *dn );
 char *slapi_dn_normalize_case( char *dn );
 int slapi_dn_issuffix( char *dn, char *suffix );
+char *slapi_dn_beparent( Slapi_PBlock *pb, const char *dn );
+char *slapi_dn_parent( const char *dn );
+int slapi_dn_isparent( const char *parentdn, const char *childdn );
 char *slapi_dn_ignore_case( char *dn );
 
 /* DS 5.x SLAPI */
@@ -130,6 +143,7 @@ int slapi_valueset_next_value( Slapi_Val
 int slapi_valueset_count( const Slapi_ValueSet *vs);
 void slapi_valueset_set_valueset(Slapi_ValueSet *vs1, const Slapi_ValueSet *vs2);
 
+/* locks and synchronization */
 typedef struct slapi_mutex	Slapi_Mutex;
 typedef struct slapi_condvar	Slapi_CondVar;
 Slapi_Mutex *slapi_new_mutex( void );
@@ -141,6 +155,10 @@ void slapi_destroy_condvar( Slapi_CondVa
 int slapi_wait_condvar( Slapi_CondVar *cvar, struct timeval *timeout );
 int slapi_notify_condvar( Slapi_CondVar *cvar, int notify_all );
 
+/* thread-safe LDAP connections */
+LDAP *slapi_ldap_init( char *ldaphost, int ldapport, int secure, int shared );
+void slapi_ldap_unbind( LDAP *ld );
+
 char *slapi_ch_malloc( unsigned long size );
 void slapi_ch_free( void **ptr );
 void slapi_ch_free_string( char **ptr );
@@ -181,6 +199,8 @@ void slapi_send_ldap_result( Slapi_PBloc
 	char *text, int nentries, struct berval **urls );
 int slapi_send_ldap_search_entry( Slapi_PBlock *pb, Slapi_Entry *e,
 	LDAPControl **ectrls, char **attrs, int attrsonly );
+int slapi_send_ldap_search_reference( Slapi_PBlock *pb, Slapi_Entry *e,
+	struct berval **urls, LDAPControl **ectrls, struct berval **v2refs );
 
 /* filter routines */
 Slapi_Filter *slapi_str2filter( char *str );
@@ -243,6 +263,35 @@ int compute_rewrite_search_filter(Slapi_
 int compute_evaluator(computed_attr_context *c, char *type, Slapi_Entry *e, slapi_compute_output_t outputfn);
 int slapi_x_compute_get_pblock(computed_attr_context *c, Slapi_PBlock **pb);
 
+/* ACL plugins; only SLAPI_PLUGIN_ACL_ALLOW_ACCESS supported now */
+typedef int (*slapi_acl_callback_t)(Slapi_PBlock *pb,
+	Slapi_Entry *e,
+	const char *attr,
+	struct berval *berval,
+	int access,
+	void *state);
+
+/* object extensions */
+typedef void *(*slapi_extension_constructor_fnptr)(void *object, void *parent);
+
+typedef void (*slapi_extension_destructor_fnptr)(void *extension,
+	void *object, void *parent);
+
+int slapi_register_object_extension( const char *pluginname,
+	const char *objectname, slapi_extension_constructor_fnptr constructor,
+	slapi_extension_destructor_fnptr destructor, int *objecttype,
+	int *extensionhandle);
+
+#define SLAPI_EXT_CONNECTION    "Connection"
+#define SLAPI_EXT_OPERATION     "Operation"
+#define SLAPI_EXT_ENTRY         "Entry"
+#define SLAPI_EXT_MTNODE        "Mapping Tree Node"
+
+void *slapi_get_object_extension(int objecttype, void *object,
+	int extensionhandle);
+void slapi_set_object_extension(int objecttype, void *object,
+	int extensionhandle, void *extension);
+
 /* parameters currently supported */
 
 /*
@@ -305,6 +354,8 @@ int slapi_x_compute_get_pblock(computed_
 #define SLAPI_X_CONN_CLIENTPATH			1300
 #define SLAPI_X_CONN_SERVERPATH			1301
 #define SLAPI_X_CONN_IS_UDP			1302
+#define SLAPI_X_CONN_SSF			1303
+#define SLAPI_X_CONN_SASL_CONTEXT		1304
 
 /*  Authentication types */
 #define SLAPD_AUTH_NONE   "none"
@@ -438,6 +489,12 @@ int slapi_x_compute_get_pblock(computed_
 #define SLAPI_PLUGIN_SYNTAX_FLAG_ORKEYS			1
 #define SLAPI_PLUGIN_SYNTAX_FLAG_ORDERING		2
 
+#define SLAPI_PLUGIN_ACL_INIT			730
+#define SLAPI_PLUGIN_ACL_SYNTAX_CHECK		731
+#define SLAPI_PLUGIN_ACL_ALLOW_ACCESS		732
+#define SLAPI_PLUGIN_ACL_MODS_ALLOWED		733
+#define SLAPI_PLUGIN_ACL_MODS_UPDATE		734
+
 #define SLAPI_OPERATION_AUTHTYPE                741
 #define SLAPI_OPERATION_ID                      742
 #define SLAPI_CONN_CERT                         743
@@ -447,12 +504,21 @@ int slapi_x_compute_get_pblock(computed_
 #define SLAPI_RESULT_TEXT                       882
 #define SLAPI_RESULT_MATCHED                    883
 
+/* managedsait control */
+#define SLAPI_MANAGEDSAIT       		1000
+
 /* audit plugin defines */
 #define SLAPI_PLUGIN_AUDIT_DATA                1100
 #define SLAPI_PLUGIN_AUDIT_FN                  1101
 
-/* managedsait control */
-#define SLAPI_MANAGEDSAIT       		1000
+/* backend_group extension */
+#define SLAPI_X_PLUGIN_PRE_GROUP_FN		1202 
+#define SLAPI_X_PLUGIN_POST_GROUP_FN		1203
+
+#define SLAPI_X_GROUP_ENTRY			1250 /* group entry */
+#define SLAPI_X_GROUP_ATTRIBUTE			1251 /* member attribute */
+#define SLAPI_X_GROUP_OPERATION_DN		1252 /* asserted value */
+#define SLAPI_X_GROUP_TARGET_ENTRY		1253 /* target entry */
 
 /* config stuff */
 #define SLAPI_CONFIG_FILENAME			40