ruby-ldap3 0.10.0

data/ldap.c

@@ -0,0 +1,650 @@
+/* -*- C -*-
+ *
+ * ldap.c
+ * $Id: ldap.c,v 1.14 2005/03/15 10:07:48 ianmacd Exp $
+ */
+
+#include "ruby.h"
+#include "rbldap.h"
+
+VALUE rb_mLDAP;
+VALUE rb_eLDAP_Error;
+VALUE rb_eLDAP_ResultError;
+VALUE rb_eLDAP_InvalidDataError;
+VALUE rb_eLDAP_InvalidEntryError;
+
+VALUE
+rb_ldap_class_new (int argc, VALUE argv[], VALUE klass)
+{
+  VALUE obj;
+
+  obj = rb_funcall (klass, rb_intern ("allocate"), 0);
+  rb_obj_call_init (obj, argc, argv);
+
+  return obj;
+}
+
+VALUE
+rb_ldap_dummy_method (int argc, VALUE argv[], VALUE self)
+{
+  /* do nothing */
+  return Qnil;
+}
+
+/*
+ * call-seq:
+ * LDAP.err2string(err)  => String
+ *
+ * Return the text string associated with the LDAP error, +err+.
+ */
+VALUE
+rb_ldap_err2string (VALUE self, VALUE err)
+{
+  char *cmsg;
+  VALUE msg;
+
+  cmsg = ldap_err2string (NUM2INT (err));
+  msg = rb_tainted_str_new2 (cmsg);
+
+  return msg;
+}
+
+/*
+ * call-seq:
+ * LDAP.dn2ufn(dn)  => String or nil
+ *
+ * Translate the DN, +dn+, to a more User-Friendly Name (UFN).
+ *
+ * For example:
+ *
+ * <code>LDAP.dn2ufn('uid=ianmacd,ou=People,dc=google,dc=com')</code>
+ *
+ * produces:
+ *
+ * ianmacd, People, google.com
+ *
+ * The UFN format is described in
+ * RFC1781[http://www.faqs.org/rfcs/rfc1781.html].
+ */
+VALUE
+rb_ldap_dn2ufn (VALUE self, VALUE dn)
+{
+  char *c_dn;
+  char *c_ufn;
+
+  if (dn == Qnil)
+    {
+      return Qnil;
+    }
+
+  c_dn = StringValueCStr (dn);
+  if ((c_ufn = ldap_dn2ufn (c_dn)))
+    {
+      return rb_tainted_str_new2 (c_ufn);
+    }
+  else
+    {
+      return Qnil;
+    }
+}
+
+VALUE
+rb_ldap_explode_dn (VALUE self, VALUE dn, VALUE notypes)
+{
+    char **c_arr, **p;
+    char *c_dn;
+    VALUE ary;
+
+    if (dn == Qnil) 
+    {
+        return Qnil;
+    }
+
+    c_dn = StringValueCStr (dn);
+    if ((c_arr = ldap_explode_dn (c_dn, RTEST (notypes) ? 1 : 0)))
+    {
+        ary = rb_ary_new ();
+        for (p = c_arr; *p != NULL; p++)
+        {
+            rb_ary_push (ary, rb_tainted_str_new2 (*p));
+        }
+        ldap_value_free (c_arr);
+
+        return ary;
+    } 
+    else 
+    {
+        return Qnil;
+    }
+}
+
+VALUE
+rb_ldap_explode_rdn (VALUE self, VALUE rdn, VALUE notypes)
+{
+    char **c_arr, **p;
+    char *c_dn;
+    VALUE ary;
+
+    if (rdn == Qnil) 
+    {
+        return Qnil;
+    }
+
+    c_dn = StringValueCStr (rdn);
+    if ((c_arr = ldap_explode_rdn (c_dn, RTEST (notypes) ? 1 : 0))) 
+    {
+        ary = rb_ary_new ();
+        for (p = c_arr; *p != NULL; p++) {
+            rb_ary_push (ary, rb_tainted_str_new2 (*p));
+        }
+        ldap_value_free (c_arr);
+
+        return ary;
+    } 
+    else 
+    {
+        return Qnil;
+    }
+}
+
+/*
+ * call-seq:
+ * LDAP.mod(mod_type, attr, vals)  => LDAP::Mod
+ *
+ * Create a new LDAP::Mod object of type, +mod_type+. This is most commonly
+ * *LDAP_MOD_ADD*, *LDAP_MOD_REPLACE* or *LDAP_MOD_DELETE*, although some LDAP
+ * servers may offer extension types. 
+ *
+ * +attr+ should be the name of the attribute on which to operate, whilst
+ * +vals+ is an array of values pertaining to +attr+. If +vals+ contains
+ * binary data, +mod_type+ should be logically OR'ed (|) with
+ * *LDAP_MOD_BVALUES*.
+ *
+ * LDAP::Mod objects can be passed to methods in the LDAP::Conn class, such as
+ * Conn#add, Conn#add_ext, Conn#modify and Conn#modify_ext.
+ */
+static VALUE
+rb_ldap_mod_s_new (int argc, VALUE argv[], VALUE klass)
+{
+  return rb_ldap_class_new (argc, argv, rb_cLDAP_Mod);
+}
+
+static VALUE
+rb_ldap_hash2mods_i (VALUE type_vals, VALUE tmp)
+{
+  VALUE type, vals, op, result;
+  VALUE args[3];
+
+  op = rb_ary_entry (tmp, 0);
+  result = rb_ary_entry (tmp, 1);
+
+  type = rb_ary_entry (type_vals, 0);
+  vals = rb_ary_entry (type_vals, 1);
+
+  args[0] = op, args[1] = type, args[2] = vals;
+  rb_ary_push (result, rb_ldap_mod_s_new (3, args, rb_cLDAP_Mod));
+  return Qnil;
+}
+
+/*
+ * call-seq:
+ * LDAP.hash2mods(mod_type, hash)  => Array of LDAP::Mod
+ *
+ * Convert a hash into an array of LDAP::Mod objects. +mod_type+ should
+ * contain the mod type, which is most commonly *LDAP_MOD_ADD*,
+ * *LDAP_MOD_REPLACE* or *LDAP_MOD_DELETE*, although some LDAP servers may
+ * offer extension types.
+ */
+VALUE
+rb_ldap_hash2mods (VALUE self, VALUE op, VALUE hash)
+{
+  VALUE tmp;
+
+  tmp = rb_assoc_new (op, rb_ary_new ());
+  rb_iterate (rb_each, hash, rb_ldap_hash2mods_i, tmp);
+
+  return rb_ary_entry (tmp, 1);
+}
+
+/*
+ * call-seq:
+ * LDAP.entry2hash(entry)  => Hash
+ *
+ * Convert the entry, +entry+, to a hash.
+ */
+VALUE
+rb_ldap_entry2hash (VALUE self, VALUE entry)
+{
+  return rb_ldap_entry_to_hash (entry);
+}
+
+
+
+extern void Init_ldap_entry ();
+extern void Init_ldap_conn ();
+extern void Init_ldap_sslconn ();
+extern void Init_ldap_saslconn ();
+#ifdef USE_SSL_CLIENTAUTH
+extern void Init_ldap_clientauth ();
+#endif
+extern void Init_ldap_mod ();
+extern void Init_ldap_misc ();
+
+/* Document-class: LDAP
+ *
+ * Container module for LDAP-related classes.
+ */
+void
+Init_ldap ()
+{
+  rb_mLDAP = rb_define_module ("LDAP");
+
+  rb_define_const (rb_mLDAP, "LDAP_VERSION", INT2NUM (LDAP_VERSION));
+
+#ifdef LDAP_VERSION1
+  rb_define_const (rb_mLDAP, "LDAP_VERSION1", INT2NUM (LDAP_VERSION1));
+#endif
+
+#ifdef LDAP_VERSION2
+  rb_define_const (rb_mLDAP, "LDAP_VERSION2", INT2NUM (LDAP_VERSION2));
+#endif
+
+#ifdef LDAP_VERSION3
+  rb_define_const (rb_mLDAP, "LDAP_VERSION3", INT2NUM (LDAP_VERSION3));
+#endif
+
+#ifdef LDAP_VERSION_MAX
+  rb_define_const (rb_mLDAP, "LDAP_VERSION_MAX", INT2NUM (LDAP_VERSION_MAX));
+#else
+  rb_define_const (rb_mLDAP, "LDAP_VERSION_MAX", INT2NUM (LDAP_VERSION));
+#endif
+
+  rb_define_const (rb_mLDAP, "VERSION",
+		   rb_tainted_str_new2 (RB_LDAP_VERSION));
+  rb_define_const (rb_mLDAP, "MAJOR_VERSION",
+		   INT2NUM (RB_LDAP_MAJOR_VERSION));
+  rb_define_const (rb_mLDAP, "MINOR_VERSION",
+		   INT2NUM (RB_LDAP_MINOR_VERSION));
+  rb_define_const (rb_mLDAP, "PATCH_VERSION",
+		   INT2NUM (RB_LDAP_PATCH_VERSION));
+
+#ifdef LDAP_API_INFO_VERSION
+  rb_define_const (rb_mLDAP, "LDAP_API_INFO_VERSION",
+		   INT2NUM (LDAP_API_INFO_VERSION));
+#else
+  rb_define_const (rb_mLDAP, "LDAP_API_INFO_VERSION", Qnil);
+#endif
+
+#ifdef LDAP_VENDOR_VERSION
+  rb_define_const (rb_mLDAP, "LDAP_VENDOR_VERSION",
+		   INT2NUM (LDAP_VENDOR_VERSION));
+#else
+  rb_define_const (rb_mLDAP, "LDAP_VENDOR_VERSION", Qnil);
+#endif
+#ifdef LDAP_VENDOR_NAME
+  rb_define_const (rb_mLDAP, "LDAP_VENDOR_NAME",
+		   rb_tainted_str_new2 (LDAP_VENDOR_NAME));
+#else
+  rb_define_const (rb_mLDAP, "LDAP_VENDOR_NAME", Qnil);
+#endif
+
+#ifdef LDAP_API_VERSION
+  rb_define_const (rb_mLDAP, "LDAP_API_VERSION", INT2NUM (LDAP_API_VERSION));
+#else
+  rb_define_const (rb_mLDAP, "LDAP_API_VERSION", Qnil);
+#endif
+
+  rb_define_const (rb_mLDAP, "LDAP_PORT", INT2NUM (389));
+  rb_define_const (rb_mLDAP, "LDAPS_PORT", INT2NUM (636));
+  rb_eLDAP_Error =
+    rb_define_class_under (rb_mLDAP, "Error", rb_eStandardError);
+  rb_eLDAP_ResultError =
+    rb_define_class_under (rb_mLDAP, "ResultError", rb_eLDAP_Error);
+  rb_eLDAP_InvalidDataError =
+    rb_define_class_under (rb_mLDAP, "InvalidDataError", rb_eLDAP_Error);
+  rb_eLDAP_InvalidEntryError =
+    rb_define_class_under (rb_mLDAP, "InvalidEntryError",
+			   rb_eLDAP_InvalidDataError);
+
+
+  rb_define_module_function (rb_mLDAP, "err2string", rb_ldap_err2string, 1);
+  rb_define_module_function (rb_mLDAP, "explode_dn", rb_ldap_explode_dn, 2);
+  rb_define_module_function (rb_mLDAP, "explode_rdn", rb_ldap_explode_rdn, 2);
+  rb_define_module_function (rb_mLDAP, "dn2ufn", rb_ldap_dn2ufn, 1);
+  rb_define_module_function (rb_mLDAP, "mod", rb_ldap_mod_s_new, -1);
+  rb_define_module_function (rb_mLDAP, "hash2mods", rb_ldap_hash2mods, 2);
+  rb_define_module_function (rb_mLDAP, "entry2hash", rb_ldap_entry2hash, 1);
+
+  /* the following error code must be defined in ldap.h */
+#define rb_ldap_define_err_code(code) rb_define_const(rb_mLDAP,#code,INT2NUM(code))
+  rb_ldap_define_err_code (LDAP_SUCCESS);
+  rb_ldap_define_err_code (LDAP_OPERATIONS_ERROR);
+  rb_ldap_define_err_code (LDAP_PROTOCOL_ERROR);
+  rb_ldap_define_err_code (LDAP_TIMELIMIT_EXCEEDED);
+  rb_ldap_define_err_code (LDAP_SIZELIMIT_EXCEEDED);
+  rb_ldap_define_err_code (LDAP_COMPARE_FALSE);
+  rb_ldap_define_err_code (LDAP_COMPARE_TRUE);
+#ifdef LDAP_STRONG_AUTH_NOT_SUPPORTED
+  rb_ldap_define_err_code (LDAP_STRONG_AUTH_NOT_SUPPORTED);
+#endif
+#ifdef LDAP_AUTH_METHOD_NOT_SUPPORTED
+  rb_ldap_define_err_code (LDAP_AUTH_METHOD_NOT_SUPPORTED);
+#endif
+  rb_ldap_define_err_code (LDAP_STRONG_AUTH_REQUIRED);
+#ifdef LDAP_REFERRAL
+  rb_ldap_define_err_code (LDAP_REFERRAL);
+#endif
+#ifdef LDAP_ADMINLIMIT_EXCEEDED
+  rb_ldap_define_err_code (LDAP_ADMINLIMIT_EXCEEDED);
+#endif
+#ifdef LDAP_UNAVAILABLE_CRITICAL_EXTENSION
+  rb_ldap_define_err_code (LDAP_UNAVAILABLE_CRITICAL_EXTENSION);
+#endif
+#ifdef LDAP_CONFIDENTIALITY_REQUIRED
+  rb_ldap_define_err_code (LDAP_CONFIDENTIALITY_REQUIRED);
+#endif
+#ifdef LDAP_SASL_BIND_IN_PROGRESS
+  rb_ldap_define_err_code (LDAP_SASL_BIND_IN_PROGRESS);
+#endif
+#ifdef LDAP_PARTIAL_RESULTS
+  rb_ldap_define_err_code (LDAP_PARTIAL_RESULTS);
+#endif
+  rb_ldap_define_err_code (LDAP_NO_SUCH_ATTRIBUTE);
+  rb_ldap_define_err_code (LDAP_UNDEFINED_TYPE);
+  rb_ldap_define_err_code (LDAP_INAPPROPRIATE_MATCHING);
+  rb_ldap_define_err_code (LDAP_CONSTRAINT_VIOLATION);
+  rb_ldap_define_err_code (LDAP_TYPE_OR_VALUE_EXISTS);
+  rb_ldap_define_err_code (LDAP_INVALID_SYNTAX);
+  rb_ldap_define_err_code (LDAP_NO_SUCH_OBJECT);
+  rb_ldap_define_err_code (LDAP_ALIAS_PROBLEM);
+  rb_ldap_define_err_code (LDAP_INVALID_DN_SYNTAX);
+  rb_ldap_define_err_code (LDAP_IS_LEAF);
+  rb_ldap_define_err_code (LDAP_ALIAS_DEREF_PROBLEM);
+  rb_ldap_define_err_code (LDAP_INAPPROPRIATE_AUTH);
+  rb_ldap_define_err_code (LDAP_INVALID_CREDENTIALS);
+  rb_ldap_define_err_code (LDAP_INSUFFICIENT_ACCESS);
+  rb_ldap_define_err_code (LDAP_BUSY);
+  rb_ldap_define_err_code (LDAP_UNAVAILABLE);
+  rb_ldap_define_err_code (LDAP_UNWILLING_TO_PERFORM);
+  rb_ldap_define_err_code (LDAP_LOOP_DETECT);
+  rb_ldap_define_err_code (LDAP_NAMING_VIOLATION);
+  rb_ldap_define_err_code (LDAP_OBJECT_CLASS_VIOLATION);
+  rb_ldap_define_err_code (LDAP_NOT_ALLOWED_ON_NONLEAF);
+  rb_ldap_define_err_code (LDAP_NOT_ALLOWED_ON_RDN);
+  rb_ldap_define_err_code (LDAP_ALREADY_EXISTS);
+  rb_ldap_define_err_code (LDAP_NO_OBJECT_CLASS_MODS);
+  rb_ldap_define_err_code (LDAP_RESULTS_TOO_LARGE);
+  rb_ldap_define_err_code (LDAP_OTHER);
+  rb_ldap_define_err_code (LDAP_SERVER_DOWN);
+  rb_ldap_define_err_code (LDAP_LOCAL_ERROR);
+  rb_ldap_define_err_code (LDAP_ENCODING_ERROR);
+  rb_ldap_define_err_code (LDAP_DECODING_ERROR);
+  rb_ldap_define_err_code (LDAP_TIMEOUT);
+  rb_ldap_define_err_code (LDAP_AUTH_UNKNOWN);
+  rb_ldap_define_err_code (LDAP_FILTER_ERROR);
+  rb_ldap_define_err_code (LDAP_USER_CANCELLED);
+  rb_ldap_define_err_code (LDAP_PARAM_ERROR);
+  rb_ldap_define_err_code (LDAP_NO_MEMORY);
+  /* rb_ldap_define_err_code(LDAP_CONNECT_ERROR); */
+#undef rb_ldap_define_err_code
+
+#define rb_ldap_define_opt(code) rb_define_const(rb_mLDAP,#code,INT2NUM((int)code))
+#ifdef LDAP_OPT_ON
+  rb_ldap_define_opt (LDAP_OPT_ON);
+#endif
+#ifdef LDAP_OPT_OFF
+  rb_ldap_define_opt (LDAP_OPT_OFF);
+#endif
+#ifdef LDAP_OPT_DESC
+  rb_ldap_define_opt (LDAP_OPT_DESC);
+#endif
+#ifdef LDAP_OPT_DEREF
+  rb_ldap_define_opt (LDAP_OPT_DEREF);
+#endif
+#ifdef LDAP_OPT_SIZELIMIT
+  rb_ldap_define_opt (LDAP_OPT_SIZELIMIT);
+#endif
+#ifdef LDAP_OPT_TIMELIMIT
+  rb_ldap_define_opt (LDAP_OPT_TIMELIMIT);
+#endif
+#ifdef LDAP_OPT_NETWORK_TIMEOUT
+  rb_ldap_define_opt (LDAP_OPT_NETWORK_TIMEOUT);
+#endif
+#ifdef LDAP_OPT_THREAD_FN_PTRS
+  rb_ldap_define_opt (LDAP_OPT_THREAD_FN_PTRS);
+#endif
+#ifdef LDAP_OPT_REBIND_FN
+  rb_ldap_define_opt (LDAP_OPT_REBIND_FN);
+#endif
+#ifdef LDAP_OPT_REBIND_ARG
+  rb_ldap_define_opt (LDAP_OPT_REBIND_ARG);
+#endif
+#ifdef LDAP_OPT_REFERRALS
+  rb_ldap_define_opt (LDAP_OPT_REFERRALS);
+#endif
+#ifdef LDAP_OPT_RESTART
+  rb_ldap_define_opt (LDAP_OPT_RESTART);
+#endif
+#ifdef LDAP_OPT_SSL
+  rb_ldap_define_opt (LDAP_OPT_SSL);
+#endif
+#ifdef LDAP_OPT_IO_FN_PTRS
+  rb_ldap_define_opt (LDAP_OPT_IO_FN_PTRS);
+#endif
+#ifdef LDAP_OPT_CACHE_FN_PTRS
+  rb_ldap_define_opt (LDAP_OPT_CACHE_FN_PTRS);
+#endif
+#ifdef LDAP_OPT_CACHE_STRATEGY
+  rb_ldap_define_opt (LDAP_OPT_CACHE_STRATEGY);
+#endif
+#ifdef LDAP_OPT_CACHE_ENABLE
+  rb_ldap_define_opt (LDAP_OPT_CACHE_ENABLE);
+#endif
+#ifdef LDAP_OPT_REFERRAL_HOP_LIMIT
+  rb_ldap_define_opt (LDAP_OPT_REFERRAL_HOP_LIMIT);
+#endif
+#ifdef LDAP_OPT_PROTOCOL_VERSION
+  rb_ldap_define_opt (LDAP_OPT_PROTOCOL_VERSION);
+#endif
+#ifdef LDAP_OPT_SERVER_CONTROLS
+  rb_ldap_define_opt (LDAP_OPT_SERVER_CONTROLS);
+#endif
+#ifdef LDAP_OPT_CLIENT_CONTROLS
+  rb_ldap_define_opt (LDAP_OPT_CLIENT_CONTROLS);
+#endif
+#ifdef LDAP_OPT_PREFERRED_LANGUAGE
+  rb_ldap_define_opt (LDAP_OPT_PREFERRED_LANGUAGE);
+#endif
+#ifdef LDAP_OPT_API_INFO
+  rb_ldap_define_opt (LDAP_OPT_API_INFO);
+#endif
+#ifdef LDAP_OPT_API_FEATURE_INFO
+  rb_ldap_define_opt (LDAP_OPT_API_FEATURE_INFO);
+#endif
+#ifdef LDAP_OPT_HOST_NAME
+  rb_ldap_define_opt (LDAP_OPT_HOST_NAME);
+#endif
+
+#ifdef USE_OPENLDAP2		/* OpenLDAP TLS,SASL options */
+#ifdef LDAP_OPT_X_TLS_CACERTFILE
+  rb_ldap_define_opt (LDAP_OPT_X_TLS_CACERTFILE);
+#endif
+#ifdef LDAP_OPT_X_TLS_CACERTDIR
+  rb_ldap_define_opt (LDAP_OPT_X_TLS_CACERTDIR);
+#endif
+#ifdef LDAP_OPT_X_TLS_CERT
+  rb_ldap_define_opt (LDAP_OPT_X_TLS_CERT);
+#endif
+#ifdef LDAP_OPT_X_TLS_CERTFILE
+  rb_ldap_define_opt (LDAP_OPT_X_TLS_CERTFILE);
+#endif
+#ifdef LDAP_OPT_X_TLS_KEYFILE
+  rb_ldap_define_opt (LDAP_OPT_X_TLS_KEYFILE);
+#endif
+#ifdef LDAP_OPT_X_TLS_REQUIRE_CERT
+  rb_ldap_define_opt (LDAP_OPT_X_TLS_REQUIRE_CERT);
+#endif
+#ifdef LDAP_OPT_X_TLS
+  rb_ldap_define_opt (LDAP_OPT_X_TLS);
+#endif
+#ifdef LDAP_OPT_X_TLS_PROTOCOL_MIN
+  rb_ldap_define_opt (LDAP_OPT_X_TLS_PROTOCOL_MIN);
+#endif
+#ifdef LDAP_OPT_X_TLS_CIPHER_SUITE
+  rb_ldap_define_opt (LDAP_OPT_X_TLS_CIPHER_SUITE);
+#endif
+#ifdef LDAP_OPT_X_TLS_RANDOM_FILE
+  rb_ldap_define_opt (LDAP_OPT_X_TLS_RANDOM_FILE);
+#endif
+#ifdef LDAP_OPT_X_TLS_NEWCTX
+  rb_ldap_define_opt (LDAP_OPT_X_TLS_NEWCTX);
+#endif
+#ifdef LDAP_OPT_X_TLS_NEVER
+  rb_ldap_define_opt (LDAP_OPT_X_TLS_NEVER);
+#endif
+#ifdef LDAP_OPT_X_TLS_HARD
+  rb_ldap_define_opt (LDAP_OPT_X_TLS_HARD);
+#endif
+#ifdef LDAP_OPT_X_TLS_DEMAND
+  rb_ldap_define_opt (LDAP_OPT_X_TLS_DEMAND);
+#endif
+#ifdef LDAP_OPT_X_TLS_ALLOW
+  rb_ldap_define_opt (LDAP_OPT_X_TLS_ALLOW);
+#endif
+#ifdef LDAP_OPT_X_TLS_TRY
+  rb_ldap_define_opt (LDAP_OPT_X_TLS_TRY);
+#endif
+#ifdef LDAP_OPT_X_SASL_MECH
+  rb_ldap_define_opt (LDAP_OPT_X_SASL_MECH);
+#endif
+#ifdef LDAP_OPT_X_SASL_REALM
+  rb_ldap_define_opt (LDAP_OPT_X_SASL_REALM);
+#endif
+#ifdef LDAP_OPT_X_SASL_AUTHCID
+  rb_ldap_define_opt (LDAP_OPT_X_SASL_AUTHCID);
+#endif
+#ifdef LDAP_OPT_X_SASL_AUTHZID
+  rb_ldap_define_opt (LDAP_OPT_X_SASL_AUTHZID);
+#endif
+#ifdef LDAP_OPT_X_SASL_SSF
+  rb_ldap_define_opt (LDAP_OPT_X_SASL_SSF);
+#endif
+#ifdef LDAP_OPT_X_SASL_SSF_EXTERNAL
+  rb_ldap_define_opt (LDAP_OPT_X_SASL_SSF_EXTERNAL);
+#endif
+#ifdef LDAP_OPT_X_SASL_SECPROPS
+  rb_ldap_define_opt (LDAP_OPT_X_SASL_SECPROPS);
+#endif
+#ifdef LDAP_OPT_X_SASL_SSF_MIN
+  rb_ldap_define_opt (LDAP_OPT_X_SASL_SSF_MIN);
+#endif
+#ifdef LDAP_OPT_X_SASL_SSF_MAX
+  rb_ldap_define_opt (LDAP_OPT_X_SASL_SSF_MAX);
+#endif
+#ifdef LDAP_OPT_X_SASL_MAXBUFSIZE
+  rb_ldap_define_opt (LDAP_OPT_X_SASL_MAXBUFSIZE);
+#endif
+#endif /* USE_OPENLDAP2 */
+
+
+#undef rb_ldap_define_opt
+
+  /* these constants indicate search scopes */
+#define rb_ldap_define_scope(scope) rb_define_const(rb_mLDAP,#scope,INT2NUM(scope))
+  rb_ldap_define_scope (LDAP_SCOPE_BASE);
+  rb_ldap_define_scope (LDAP_SCOPE_SUBTREE);
+  rb_ldap_define_scope (LDAP_SCOPE_ONELEVEL);
+#undef rb_ldap_define_scope
+
+#define rb_ldap_define_deref(x) rb_define_const(rb_mLDAP,#x,INT2NUM(x))
+#ifdef LDAP_DEREF_NEVER
+  rb_ldap_define_deref (LDAP_DEREF_NEVER);
+#endif
+#ifdef LDAP_DEREF_SEARCHING
+  rb_ldap_define_deref (LDAP_DEREF_SEARCHING);
+#endif
+#ifdef LDAP_DEREF_FINDING
+  rb_ldap_define_deref (LDAP_DEREF_FINDING);
+#endif
+#ifdef LDAP_DEREF_ALWAYS
+  rb_ldap_define_deref (LDAP_DEREF_ALWAYS);
+#endif
+#undef rb_ldap_define_deref
+
+#define rb_ldap_define_sasl_mech(c) \
+        (c ? rb_define_const(rb_mLDAP,#c,rb_str_new2(c)) : rb_define_const(rb_mLDAP,#c,Qnil))
+#ifdef LDAP_SASL_SIMPLE
+  rb_ldap_define_sasl_mech (LDAP_SASL_SIMPLE);
+#endif
+#undef rb_ldap_define_sasl_mech
+
+#define rb_ldap_define_auth_method(c) rb_define_const(rb_mLDAP,#c,INT2NUM(c))
+  rb_ldap_define_auth_method (LDAP_AUTH_NONE);
+  rb_ldap_define_auth_method (LDAP_AUTH_SIMPLE);
+#ifdef LDAP_AUTH_KRBV41
+  rb_ldap_define_auth_method (LDAP_AUTH_KRBV41);
+#endif
+#ifdef LDAP_AUTH_KRBV42
+  rb_ldap_define_auth_method (LDAP_AUTH_KRBV42);
+#endif
+#ifdef LDAP_AUTH_SASL
+  rb_ldap_define_auth_method (LDAP_AUTH_SASL);
+#endif
+#ifdef LDAP_KRBV4
+  rb_ldap_define_auth_method (LDAP_KRBV4);
+#endif
+  /* wldap32.h */
+#ifdef LDAP_AUTH_OTHERKIND
+  rb_ldap_define_auth_method (LDAP_AUTH_OTHERKIND);
+#endif
+#ifdef LDAP_AUTH_DPA
+  rb_ldap_define_auth_method (LDAP_AUTH_DPA);
+#endif
+#ifdef LDAP_AUTH_MSN
+  rb_ldap_define_auth_method (LDAP_AUTH_MSN);
+#endif
+#ifdef LDAP_AUTH_NEGOTIATE
+  rb_ldap_define_auth_method (LDAP_AUTH_NEGOTIATE);
+#endif
+#ifdef LDAP_AUTH_NTLM
+  rb_ldap_define_auth_method (LDAP_AUTH_NTLM);
+#endif
+#ifdef LDAP_AUTH_SICILY
+  rb_ldap_define_auth_method (LDAP_AUTH_SICILY);
+#endif
+#ifdef LDAP_AUTH_SSPI
+  rb_ldap_define_auth_method (LDAP_AUTH_SSPI);
+#endif
+#undef rb_ldap_define_auth_method
+
+#ifdef LDAP_CONTROL_PAGEDRESULTS
+  rb_define_const (rb_mLDAP, "LDAP_CONTROL_PAGEDRESULTS",
+		   rb_str_new2 (LDAP_CONTROL_PAGEDRESULTS));
+#endif
+
+#define rb_ldap_define_const(c) rb_define_const(rb_mLDAP,#c,INT2NUM(c))
+  rb_ldap_define_const (LDAP_MOD_ADD);
+  rb_ldap_define_const (LDAP_MOD_DELETE);
+  rb_ldap_define_const (LDAP_MOD_REPLACE);
+  rb_ldap_define_const (LDAP_MOD_BVALUES);
+#ifdef LDAP_MOD_INCREMENT
+  /*
+   * See http://www.ietf.org/internet-drafts/draft-zeilenga-ldap-incr-00.txt
+   */
+  rb_ldap_define_const (LDAP_MOD_INCREMENT);
+#endif
+#ifdef LDAP_MOD_OP
+  rb_ldap_define_const (LDAP_MOD_OP);
+#endif
+#undef rb_ldap_define_const
+
+  Init_ldap_conn ();
+  Init_ldap_sslconn ();
+  Init_ldap_saslconn ();
+#ifdef USE_SSL_CLIENTAUTH
+  Init_ldap_clientauth();
+#endif
+  Init_ldap_entry ();
+  Init_ldap_mod ();
+  Init_ldap_misc ();
+}

data/lib/ldap/control.rb

@@ -0,0 +1,50 @@
+# Manipulation of LDAP control data.
+#
+#--
+# $Id: control.rb,v 1.2 2005/02/28 05:02:25 ianmacd Exp $
+#++
+#
+# Copyright (C) 2004 Ian Macdonald <ian@caliban.org>
+#
+
+module LDAP
+  class Control
+
+    require 'openssl'
+
+    # Take +vals+, produce an Array of values in ASN.1 format and then
+    # convert the Array to DER.
+    #
+    def Control.encode( *vals )
+      encoded_vals = []
+
+      vals.each do |val|
+        encoded_vals <<
+          case val
+          when Integer
+            OpenSSL::ASN1::Integer( val )
+          when String
+            OpenSSL::ASN1::OctetString.new( val )
+          else
+            # What other types may exist?
+          end
+      end
+
+      OpenSSL::ASN1::Sequence.new( encoded_vals ).to_der
+    end
+
+
+    # Take an Array of ASN.1 data and return an Array of decoded values.
+    #
+    def decode
+      values = []
+
+      OpenSSL::ASN1::decode( self.value ).value.each do |val|
+        values << val.value
+      end
+
+      values
+    end
+
+  end
+end