[Pkg-openldap-devel] r1128 - in openldap/trunk: . build clients clients/tools contrib contrib/ldapc++ contrib/ldapc++/examples contrib/ldapc++/src contrib/ldapc++/src/ac contrib/slapd-modules contrib/slapd-modules/acl contrib/slapd-modules/allop contrib/slapd-modules/comp_match contrib/slapd-modules/denyop contrib/slapd-modules/dsaschema contrib/slapd-modules/lastmod contrib/slapd-modules/passwd contrib/slapd-modules/smbk5pwd contrib/slapd-modules/trace contrib/slapd-tools contrib/slapi-plugins/addrdnvalues debian doc doc/devel doc/guide doc/guide/admin doc/guide/images/src doc/guide/release doc/man doc/man/man1 doc/man/man3 doc/man/man5 doc/man/man8 include include/ac libraries libraries/liblber libraries/libldap libraries/libldap_r libraries/liblunicode libraries/liblunicode/ucdata libraries/liblunicode/ure libraries/liblunicode/utbm libraries/liblutil libraries/librewrite servers servers/slapd servers/slapd/back-bdb servers/slapd/back-dnssrv servers/slapd/back-hdb servers/slapd/back-ldap servers/slapd/back-ldif servers/slapd/back-meta servers/slapd/back-monitor servers/slapd/back-null servers/slapd/back-passwd servers/slapd/back-perl servers/slapd/back-relay servers/slapd/back-shell servers/slapd/back-sql servers/slapd/back-sql/rdbms_depend/timesten/dnreverse servers/slapd/overlays servers/slapd/schema servers/slapd/shell-backends servers/slapd/slapi tests tests/data tests/data/regressions/its4184 tests/data/regressions/its4326 tests/data/regressions/its4336 tests/data/regressions/its4337 tests/data/regressions/its4448 tests/progs tests/scripts

matthijs at alioth.debian.org matthijs at alioth.debian.org
Sun May 25 14:29:34 UTC 2008


Author: matthijs
Date: 2008-05-25 14:29:31 +0000 (Sun, 25 May 2008)
New Revision: 1128

Added:
   openldap/trunk/contrib/ldapc++/src/LDAPSaslBindResult.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPSaslBindResult.h
   openldap/trunk/contrib/ldapc++/src/LdifReader.cpp
   openldap/trunk/contrib/ldapc++/src/LdifReader.h
   openldap/trunk/contrib/ldapc++/src/LdifWriter.cpp
   openldap/trunk/contrib/ldapc++/src/LdifWriter.h
   openldap/trunk/contrib/ldapc++/src/SaslInteraction.cpp
   openldap/trunk/contrib/ldapc++/src/SaslInteraction.h
   openldap/trunk/contrib/ldapc++/src/SaslInteractionHandler.cpp
   openldap/trunk/contrib/ldapc++/src/SaslInteractionHandler.h
   openldap/trunk/contrib/slapd-modules/autogroup/
   openldap/trunk/doc/guide/admin/access-control.sdf
   openldap/trunk/doc/guide/admin/config_repl.png
   openldap/trunk/doc/guide/admin/set-following-references.png
   openldap/trunk/doc/guide/admin/set-memberUid.png
   openldap/trunk/doc/guide/admin/set-recursivegroup.png
   openldap/trunk/doc/guide/images/src/README.fonts
   openldap/trunk/doc/guide/images/src/config_dit.dia
   openldap/trunk/doc/guide/images/src/config_local.dia
   openldap/trunk/doc/guide/images/src/config_ref.dia
   openldap/trunk/doc/guide/images/src/config_repl.dia
   openldap/trunk/doc/guide/images/src/delta-syncrepl.dia
   openldap/trunk/doc/guide/images/src/intro_dctree.dia
   openldap/trunk/doc/guide/images/src/intro_tree.dia
   openldap/trunk/doc/guide/images/src/mirrormode.dia
   openldap/trunk/doc/guide/images/src/n-way-multi-master.dia
   openldap/trunk/doc/guide/images/src/set-following-references.svg
   openldap/trunk/doc/guide/images/src/set-memberUid.svg
   openldap/trunk/doc/guide/images/src/set-recursivegroup.svg
   openldap/trunk/doc/guide/images/src/syncrepl-firewalls.dia
   openldap/trunk/doc/guide/images/src/syncrepl-pull.dia
   openldap/trunk/doc/guide/images/src/syncrepl-push.dia
   openldap/trunk/doc/guide/images/src/syncrepl.dia
   openldap/trunk/doc/man/man5/slapd-sock.5
   openldap/trunk/servers/slapd/back-sock/
   openldap/trunk/tests/data/slapd-2db.conf
Removed:
   openldap/trunk/contrib/ldapc++/src/LDAPReferralException.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPReferralException.h
   openldap/trunk/doc/guide/admin/config_repl.gif
Modified:
   openldap/trunk/ANNOUNCEMENT
   openldap/trunk/CHANGES
   openldap/trunk/COPYRIGHT
   openldap/trunk/INSTALL
   openldap/trunk/Makefile.in
   openldap/trunk/README
   openldap/trunk/build/config.guess
   openldap/trunk/build/config.sub
   openldap/trunk/build/crupdate
   openldap/trunk/build/dir.mk
   openldap/trunk/build/info.mk
   openldap/trunk/build/lib-shared.mk
   openldap/trunk/build/lib-static.mk
   openldap/trunk/build/lib.mk
   openldap/trunk/build/ltmain.sh
   openldap/trunk/build/man.mk
   openldap/trunk/build/missing
   openldap/trunk/build/mkdep
   openldap/trunk/build/mkdep.aix
   openldap/trunk/build/mkrelease
   openldap/trunk/build/mkvers.bat
   openldap/trunk/build/mkversion
   openldap/trunk/build/mod.mk
   openldap/trunk/build/openldap.m4
   openldap/trunk/build/rules.mk
   openldap/trunk/build/srv.mk
   openldap/trunk/build/top.mk
   openldap/trunk/build/version.h
   openldap/trunk/build/version.sh
   openldap/trunk/build/version.var
   openldap/trunk/clients/Makefile.in
   openldap/trunk/clients/tools/Makefile.in
   openldap/trunk/clients/tools/common.c
   openldap/trunk/clients/tools/common.h
   openldap/trunk/clients/tools/ldapcompare.c
   openldap/trunk/clients/tools/ldapdelete.c
   openldap/trunk/clients/tools/ldapexop.c
   openldap/trunk/clients/tools/ldapmodify.c
   openldap/trunk/clients/tools/ldapmodrdn.c
   openldap/trunk/clients/tools/ldappasswd.c
   openldap/trunk/clients/tools/ldapsearch.c
   openldap/trunk/clients/tools/ldapwhoami.c
   openldap/trunk/configure
   openldap/trunk/configure.in
   openldap/trunk/contrib/ConfigOIDs
   openldap/trunk/contrib/ldapc++/COPYRIGHT
   openldap/trunk/contrib/ldapc++/Makefile.am
   openldap/trunk/contrib/ldapc++/Makefile.in
   openldap/trunk/contrib/ldapc++/configure
   openldap/trunk/contrib/ldapc++/configure.in
   openldap/trunk/contrib/ldapc++/doxygen.rc
   openldap/trunk/contrib/ldapc++/examples/Makefile.am
   openldap/trunk/contrib/ldapc++/examples/Makefile.in
   openldap/trunk/contrib/ldapc++/examples/main.cpp
   openldap/trunk/contrib/ldapc++/examples/readSchema.cpp
   openldap/trunk/contrib/ldapc++/examples/urlTest.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPAddRequest.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPAddRequest.h
   openldap/trunk/contrib/ldapc++/src/LDAPAsynConnection.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPAsynConnection.h
   openldap/trunk/contrib/ldapc++/src/LDAPAttrType.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPAttrType.h
   openldap/trunk/contrib/ldapc++/src/LDAPAttribute.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPAttribute.h
   openldap/trunk/contrib/ldapc++/src/LDAPAttributeList.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPAttributeList.h
   openldap/trunk/contrib/ldapc++/src/LDAPBindRequest.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPBindRequest.h
   openldap/trunk/contrib/ldapc++/src/LDAPCompareRequest.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPCompareRequest.h
   openldap/trunk/contrib/ldapc++/src/LDAPConnection.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPConnection.h
   openldap/trunk/contrib/ldapc++/src/LDAPConstraints.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPConstraints.h
   openldap/trunk/contrib/ldapc++/src/LDAPControl.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPControl.h
   openldap/trunk/contrib/ldapc++/src/LDAPControlSet.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPControlSet.h
   openldap/trunk/contrib/ldapc++/src/LDAPDeleteRequest.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPDeleteRequest.h
   openldap/trunk/contrib/ldapc++/src/LDAPEntry.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPEntry.h
   openldap/trunk/contrib/ldapc++/src/LDAPEntryList.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPEntryList.h
   openldap/trunk/contrib/ldapc++/src/LDAPException.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPException.h
   openldap/trunk/contrib/ldapc++/src/LDAPExtRequest.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPExtRequest.h
   openldap/trunk/contrib/ldapc++/src/LDAPExtResult.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPExtResult.h
   openldap/trunk/contrib/ldapc++/src/LDAPMessage.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPMessage.h
   openldap/trunk/contrib/ldapc++/src/LDAPMessageQueue.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPMessageQueue.h
   openldap/trunk/contrib/ldapc++/src/LDAPModDNRequest.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPModDNRequest.h
   openldap/trunk/contrib/ldapc++/src/LDAPModList.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPModList.h
   openldap/trunk/contrib/ldapc++/src/LDAPModification.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPModification.h
   openldap/trunk/contrib/ldapc++/src/LDAPModifyRequest.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPModifyRequest.h
   openldap/trunk/contrib/ldapc++/src/LDAPObjClass.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPObjClass.h
   openldap/trunk/contrib/ldapc++/src/LDAPRebind.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPRebind.h
   openldap/trunk/contrib/ldapc++/src/LDAPRebindAuth.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPRebindAuth.h
   openldap/trunk/contrib/ldapc++/src/LDAPReferenceList.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPReferenceList.h
   openldap/trunk/contrib/ldapc++/src/LDAPRequest.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPRequest.h
   openldap/trunk/contrib/ldapc++/src/LDAPResult.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPResult.h
   openldap/trunk/contrib/ldapc++/src/LDAPSchema.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPSchema.h
   openldap/trunk/contrib/ldapc++/src/LDAPSearchReference.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPSearchReference.h
   openldap/trunk/contrib/ldapc++/src/LDAPSearchRequest.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPSearchRequest.h
   openldap/trunk/contrib/ldapc++/src/LDAPSearchResult.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPSearchResult.h
   openldap/trunk/contrib/ldapc++/src/LDAPSearchResults.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPSearchResults.h
   openldap/trunk/contrib/ldapc++/src/LDAPUrl.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPUrl.h
   openldap/trunk/contrib/ldapc++/src/LDAPUrlList.cpp
   openldap/trunk/contrib/ldapc++/src/LDAPUrlList.h
   openldap/trunk/contrib/ldapc++/src/Makefile.am
   openldap/trunk/contrib/ldapc++/src/Makefile.in
   openldap/trunk/contrib/ldapc++/src/StringList.cpp
   openldap/trunk/contrib/ldapc++/src/StringList.h
   openldap/trunk/contrib/ldapc++/src/ac/time.h
   openldap/trunk/contrib/ldapc++/src/config.h.in
   openldap/trunk/contrib/ldapc++/src/debug.h
   openldap/trunk/contrib/slapd-modules/acl/README
   openldap/trunk/contrib/slapd-modules/acl/posixgroup.c
   openldap/trunk/contrib/slapd-modules/allop/README
   openldap/trunk/contrib/slapd-modules/allop/allop.c
   openldap/trunk/contrib/slapd-modules/allop/slapo-allop.5
   openldap/trunk/contrib/slapd-modules/comp_match/Makefile
   openldap/trunk/contrib/slapd-modules/denyop/denyop.c
   openldap/trunk/contrib/slapd-modules/dsaschema/README
   openldap/trunk/contrib/slapd-modules/dsaschema/dsaschema.c
   openldap/trunk/contrib/slapd-modules/lastmod/lastmod.c
   openldap/trunk/contrib/slapd-modules/lastmod/slapo-lastmod.5
   openldap/trunk/contrib/slapd-modules/passwd/README
   openldap/trunk/contrib/slapd-modules/passwd/kerberos.c
   openldap/trunk/contrib/slapd-modules/passwd/netscape.c
   openldap/trunk/contrib/slapd-modules/passwd/radius.c
   openldap/trunk/contrib/slapd-modules/smbk5pwd/smbk5pwd.c
   openldap/trunk/contrib/slapd-modules/trace/trace.c
   openldap/trunk/contrib/slapd-tools/README
   openldap/trunk/contrib/slapi-plugins/addrdnvalues/README
   openldap/trunk/debian/changelog
   openldap/trunk/debian/rules
   openldap/trunk/doc/Makefile.in
   openldap/trunk/doc/devel/args
   openldap/trunk/doc/guide/COPYRIGHT
   openldap/trunk/doc/guide/admin/Makefile
   openldap/trunk/doc/guide/admin/README.spellcheck
   openldap/trunk/doc/guide/admin/abstract.sdf
   openldap/trunk/doc/guide/admin/admin.sdf
   openldap/trunk/doc/guide/admin/appendix-changes.sdf
   openldap/trunk/doc/guide/admin/appendix-common-errors.sdf
   openldap/trunk/doc/guide/admin/appendix-configs.sdf
   openldap/trunk/doc/guide/admin/appendix-contrib.sdf
   openldap/trunk/doc/guide/admin/appendix-deployments.sdf
   openldap/trunk/doc/guide/admin/appendix-ldap-result-codes.sdf
   openldap/trunk/doc/guide/admin/appendix-recommended-versions.sdf
   openldap/trunk/doc/guide/admin/appendix-upgrading.sdf
   openldap/trunk/doc/guide/admin/aspell.en.pws
   openldap/trunk/doc/guide/admin/backends.sdf
   openldap/trunk/doc/guide/admin/config.sdf
   openldap/trunk/doc/guide/admin/dbtools.sdf
   openldap/trunk/doc/guide/admin/glossary.sdf
   openldap/trunk/doc/guide/admin/guide.html
   openldap/trunk/doc/guide/admin/guide.sdf
   openldap/trunk/doc/guide/admin/index.sdf
   openldap/trunk/doc/guide/admin/install.sdf
   openldap/trunk/doc/guide/admin/intro.sdf
   openldap/trunk/doc/guide/admin/maintenance.sdf
   openldap/trunk/doc/guide/admin/master.sdf
   openldap/trunk/doc/guide/admin/monitoringslapd.sdf
   openldap/trunk/doc/guide/admin/overlays.sdf
   openldap/trunk/doc/guide/admin/preface.sdf
   openldap/trunk/doc/guide/admin/quickstart.sdf
   openldap/trunk/doc/guide/admin/referrals.sdf
   openldap/trunk/doc/guide/admin/replication.sdf
   openldap/trunk/doc/guide/admin/runningslapd.sdf
   openldap/trunk/doc/guide/admin/sasl.sdf
   openldap/trunk/doc/guide/admin/schema.sdf
   openldap/trunk/doc/guide/admin/security.sdf
   openldap/trunk/doc/guide/admin/slapdconf2.sdf
   openldap/trunk/doc/guide/admin/slapdconfig.sdf
   openldap/trunk/doc/guide/admin/title.sdf
   openldap/trunk/doc/guide/admin/tls.sdf
   openldap/trunk/doc/guide/admin/troubleshooting.sdf
   openldap/trunk/doc/guide/admin/tuning.sdf
   openldap/trunk/doc/guide/plain.sdf
   openldap/trunk/doc/guide/preamble.sdf
   openldap/trunk/doc/guide/release/copyright-plain.sdf
   openldap/trunk/doc/guide/release/copyright.sdf
   openldap/trunk/doc/guide/release/install.sdf
   openldap/trunk/doc/guide/release/license-plain.sdf
   openldap/trunk/doc/guide/release/license.sdf
   openldap/trunk/doc/man/Makefile.in
   openldap/trunk/doc/man/man1/Makefile.in
   openldap/trunk/doc/man/man1/ldapcompare.1
   openldap/trunk/doc/man/man1/ldapdelete.1
   openldap/trunk/doc/man/man1/ldapmodify.1
   openldap/trunk/doc/man/man1/ldapmodrdn.1
   openldap/trunk/doc/man/man1/ldappasswd.1
   openldap/trunk/doc/man/man1/ldapsearch.1
   openldap/trunk/doc/man/man1/ldapwhoami.1
   openldap/trunk/doc/man/man3/Makefile.in
   openldap/trunk/doc/man/man3/lber-decode.3
   openldap/trunk/doc/man/man3/lber-encode.3
   openldap/trunk/doc/man/man3/lber-memory.3
   openldap/trunk/doc/man/man3/lber-sockbuf.3
   openldap/trunk/doc/man/man3/lber-types.3
   openldap/trunk/doc/man/man3/ldap.3
   openldap/trunk/doc/man/man3/ldap_abandon.3
   openldap/trunk/doc/man/man3/ldap_add.3
   openldap/trunk/doc/man/man3/ldap_bind.3
   openldap/trunk/doc/man/man3/ldap_compare.3
   openldap/trunk/doc/man/man3/ldap_controls.3
   openldap/trunk/doc/man/man3/ldap_delete.3
   openldap/trunk/doc/man/man3/ldap_error.3
   openldap/trunk/doc/man/man3/ldap_extended_operation.3
   openldap/trunk/doc/man/man3/ldap_first_attribute.3
   openldap/trunk/doc/man/man3/ldap_first_entry.3
   openldap/trunk/doc/man/man3/ldap_first_message.3
   openldap/trunk/doc/man/man3/ldap_first_reference.3
   openldap/trunk/doc/man/man3/ldap_get_dn.3
   openldap/trunk/doc/man/man3/ldap_get_option.3
   openldap/trunk/doc/man/man3/ldap_get_values.3
   openldap/trunk/doc/man/man3/ldap_memory.3
   openldap/trunk/doc/man/man3/ldap_modify.3
   openldap/trunk/doc/man/man3/ldap_modrdn.3
   openldap/trunk/doc/man/man3/ldap_open.3
   openldap/trunk/doc/man/man3/ldap_parse_reference.3
   openldap/trunk/doc/man/man3/ldap_parse_result.3
   openldap/trunk/doc/man/man3/ldap_parse_sort_control.3
   openldap/trunk/doc/man/man3/ldap_parse_vlv_control.3
   openldap/trunk/doc/man/man3/ldap_rename.3
   openldap/trunk/doc/man/man3/ldap_result.3
   openldap/trunk/doc/man/man3/ldap_schema.3
   openldap/trunk/doc/man/man3/ldap_search.3
   openldap/trunk/doc/man/man3/ldap_sort.3
   openldap/trunk/doc/man/man3/ldap_sync.3
   openldap/trunk/doc/man/man3/ldap_tls.3
   openldap/trunk/doc/man/man3/ldap_url.3
   openldap/trunk/doc/man/man5/Makefile.in
   openldap/trunk/doc/man/man5/ldap.conf.5
   openldap/trunk/doc/man/man5/ldif.5
   openldap/trunk/doc/man/man5/slapd-bdb.5
   openldap/trunk/doc/man/man5/slapd-config.5
   openldap/trunk/doc/man/man5/slapd-dnssrv.5
   openldap/trunk/doc/man/man5/slapd-ldap.5
   openldap/trunk/doc/man/man5/slapd-ldbm.5
   openldap/trunk/doc/man/man5/slapd-ldif.5
   openldap/trunk/doc/man/man5/slapd-meta.5
   openldap/trunk/doc/man/man5/slapd-monitor.5
   openldap/trunk/doc/man/man5/slapd-null.5
   openldap/trunk/doc/man/man5/slapd-passwd.5
   openldap/trunk/doc/man/man5/slapd-shell.5
   openldap/trunk/doc/man/man5/slapd.access.5
   openldap/trunk/doc/man/man5/slapd.backends.5
   openldap/trunk/doc/man/man5/slapd.conf.5
   openldap/trunk/doc/man/man5/slapd.overlays.5
   openldap/trunk/doc/man/man5/slapd.plugin.5
   openldap/trunk/doc/man/man5/slapo-accesslog.5
   openldap/trunk/doc/man/man5/slapo-auditlog.5
   openldap/trunk/doc/man/man5/slapo-chain.5
   openldap/trunk/doc/man/man5/slapo-constraint.5
   openldap/trunk/doc/man/man5/slapo-dds.5
   openldap/trunk/doc/man/man5/slapo-dyngroup.5
   openldap/trunk/doc/man/man5/slapo-dynlist.5
   openldap/trunk/doc/man/man5/slapo-memberof.5
   openldap/trunk/doc/man/man5/slapo-pcache.5
   openldap/trunk/doc/man/man5/slapo-ppolicy.5
   openldap/trunk/doc/man/man5/slapo-refint.5
   openldap/trunk/doc/man/man5/slapo-retcode.5
   openldap/trunk/doc/man/man5/slapo-rwm.5
   openldap/trunk/doc/man/man5/slapo-syncprov.5
   openldap/trunk/doc/man/man5/slapo-translucent.5
   openldap/trunk/doc/man/man5/slapo-unique.5
   openldap/trunk/doc/man/man5/slapo-valsort.5
   openldap/trunk/doc/man/man8/Makefile.in
   openldap/trunk/doc/man/man8/slapacl.8
   openldap/trunk/doc/man/man8/slapadd.8
   openldap/trunk/doc/man/man8/slapauth.8
   openldap/trunk/doc/man/man8/slapcat.8
   openldap/trunk/doc/man/man8/slapd.8
   openldap/trunk/doc/man/man8/slapdn.8
   openldap/trunk/doc/man/man8/slapindex.8
   openldap/trunk/doc/man/man8/slappasswd.8
   openldap/trunk/doc/man/man8/slaptest.8
   openldap/trunk/include/Makefile.in
   openldap/trunk/include/ac/alloca.h
   openldap/trunk/include/ac/assert.h
   openldap/trunk/include/ac/bytes.h
   openldap/trunk/include/ac/crypt.h
   openldap/trunk/include/ac/ctype.h
   openldap/trunk/include/ac/dirent.h
   openldap/trunk/include/ac/errno.h
   openldap/trunk/include/ac/fdset.h
   openldap/trunk/include/ac/localize.h
   openldap/trunk/include/ac/param.h
   openldap/trunk/include/ac/regex.h
   openldap/trunk/include/ac/setproctitle.h
   openldap/trunk/include/ac/signal.h
   openldap/trunk/include/ac/socket.h
   openldap/trunk/include/ac/stdarg.h
   openldap/trunk/include/ac/stdlib.h
   openldap/trunk/include/ac/string.h
   openldap/trunk/include/ac/sysexits.h
   openldap/trunk/include/ac/syslog.h
   openldap/trunk/include/ac/termios.h
   openldap/trunk/include/ac/time.h
   openldap/trunk/include/ac/unistd.h
   openldap/trunk/include/ac/wait.h
   openldap/trunk/include/avl.h
   openldap/trunk/include/getopt-compat.h
   openldap/trunk/include/lber.h
   openldap/trunk/include/lber_pvt.h
   openldap/trunk/include/lber_types.hin
   openldap/trunk/include/ldap.h
   openldap/trunk/include/ldap_cdefs.h
   openldap/trunk/include/ldap_config.hin
   openldap/trunk/include/ldap_defaults.h
   openldap/trunk/include/ldap_features.hin
   openldap/trunk/include/ldap_int_thread.h
   openldap/trunk/include/ldap_log.h
   openldap/trunk/include/ldap_pvt.h
   openldap/trunk/include/ldap_pvt_thread.h
   openldap/trunk/include/ldap_pvt_uc.h
   openldap/trunk/include/ldap_queue.h
   openldap/trunk/include/ldap_rq.h
   openldap/trunk/include/ldap_schema.h
   openldap/trunk/include/ldap_utf8.h
   openldap/trunk/include/ldif.h
   openldap/trunk/include/lutil.h
   openldap/trunk/include/lutil_hash.h
   openldap/trunk/include/lutil_ldap.h
   openldap/trunk/include/lutil_lockf.h
   openldap/trunk/include/lutil_md5.h
   openldap/trunk/include/lutil_sha1.h
   openldap/trunk/include/portable.hin
   openldap/trunk/include/rewrite.h
   openldap/trunk/include/slapi-plugin.h
   openldap/trunk/include/sysexits-compat.h
   openldap/trunk/libraries/Makefile.in
   openldap/trunk/libraries/liblber/Makefile.in
   openldap/trunk/libraries/liblber/assert.c
   openldap/trunk/libraries/liblber/bprint.c
   openldap/trunk/libraries/liblber/debug.c
   openldap/trunk/libraries/liblber/decode.c
   openldap/trunk/libraries/liblber/dtest.c
   openldap/trunk/libraries/liblber/encode.c
   openldap/trunk/libraries/liblber/etest.c
   openldap/trunk/libraries/liblber/idtest.c
   openldap/trunk/libraries/liblber/io.c
   openldap/trunk/libraries/liblber/lber-int.h
   openldap/trunk/libraries/liblber/memory.c
   openldap/trunk/libraries/liblber/nt_err.c
   openldap/trunk/libraries/liblber/options.c
   openldap/trunk/libraries/liblber/sockbuf.c
   openldap/trunk/libraries/liblber/stdio.c
   openldap/trunk/libraries/libldap/Makefile.in
   openldap/trunk/libraries/libldap/abandon.c
   openldap/trunk/libraries/libldap/add.c
   openldap/trunk/libraries/libldap/addentry.c
   openldap/trunk/libraries/libldap/apitest.c
   openldap/trunk/libraries/libldap/bind.c
   openldap/trunk/libraries/libldap/cancel.c
   openldap/trunk/libraries/libldap/charray.c
   openldap/trunk/libraries/libldap/compare.c
   openldap/trunk/libraries/libldap/controls.c
   openldap/trunk/libraries/libldap/cyrus.c
   openldap/trunk/libraries/libldap/dds.c
   openldap/trunk/libraries/libldap/delete.c
   openldap/trunk/libraries/libldap/dnssrv.c
   openldap/trunk/libraries/libldap/dntest.c
   openldap/trunk/libraries/libldap/error.c
   openldap/trunk/libraries/libldap/extended.c
   openldap/trunk/libraries/libldap/filter.c
   openldap/trunk/libraries/libldap/free.c
   openldap/trunk/libraries/libldap/ftest.c
   openldap/trunk/libraries/libldap/getattr.c
   openldap/trunk/libraries/libldap/getdn.c
   openldap/trunk/libraries/libldap/getentry.c
   openldap/trunk/libraries/libldap/getvalues.c
   openldap/trunk/libraries/libldap/init.c
   openldap/trunk/libraries/libldap/ldap-int.h
   openldap/trunk/libraries/libldap/ldap_sync.c
   openldap/trunk/libraries/libldap/messages.c
   openldap/trunk/libraries/libldap/modify.c
   openldap/trunk/libraries/libldap/modrdn.c
   openldap/trunk/libraries/libldap/open.c
   openldap/trunk/libraries/libldap/options.c
   openldap/trunk/libraries/libldap/os-ip.c
   openldap/trunk/libraries/libldap/os-local.c
   openldap/trunk/libraries/libldap/pagectrl.c
   openldap/trunk/libraries/libldap/passwd.c
   openldap/trunk/libraries/libldap/ppolicy.c
   openldap/trunk/libraries/libldap/print.c
   openldap/trunk/libraries/libldap/references.c
   openldap/trunk/libraries/libldap/request.c
   openldap/trunk/libraries/libldap/result.c
   openldap/trunk/libraries/libldap/sasl.c
   openldap/trunk/libraries/libldap/sbind.c
   openldap/trunk/libraries/libldap/schema.c
   openldap/trunk/libraries/libldap/search.c
   openldap/trunk/libraries/libldap/sort.c
   openldap/trunk/libraries/libldap/sortctrl.c
   openldap/trunk/libraries/libldap/stctrl.c
   openldap/trunk/libraries/libldap/string.c
   openldap/trunk/libraries/libldap/t61.c
   openldap/trunk/libraries/libldap/test.c
   openldap/trunk/libraries/libldap/tls.c
   openldap/trunk/libraries/libldap/turn.c
   openldap/trunk/libraries/libldap/txn.c
   openldap/trunk/libraries/libldap/unbind.c
   openldap/trunk/libraries/libldap/url.c
   openldap/trunk/libraries/libldap/urltest.c
   openldap/trunk/libraries/libldap/utf-8-conv.c
   openldap/trunk/libraries/libldap/utf-8.c
   openldap/trunk/libraries/libldap/util-int.c
   openldap/trunk/libraries/libldap/vlvctrl.c
   openldap/trunk/libraries/libldap/whoami.c
   openldap/trunk/libraries/libldap_r/Makefile.in
   openldap/trunk/libraries/libldap_r/ldap_thr_debug.h
   openldap/trunk/libraries/libldap_r/rdwr.c
   openldap/trunk/libraries/libldap_r/rmutex.c
   openldap/trunk/libraries/libldap_r/rq.c
   openldap/trunk/libraries/libldap_r/thr_cthreads.c
   openldap/trunk/libraries/libldap_r/thr_debug.c
   openldap/trunk/libraries/libldap_r/thr_lwp.c
   openldap/trunk/libraries/libldap_r/thr_nt.c
   openldap/trunk/libraries/libldap_r/thr_posix.c
   openldap/trunk/libraries/libldap_r/thr_pth.c
   openldap/trunk/libraries/libldap_r/thr_stub.c
   openldap/trunk/libraries/libldap_r/thr_thr.c
   openldap/trunk/libraries/libldap_r/threads.c
   openldap/trunk/libraries/libldap_r/tpool.c
   openldap/trunk/libraries/liblunicode/Makefile.in
   openldap/trunk/libraries/liblunicode/ucdata/ucdata.c
   openldap/trunk/libraries/liblunicode/ucdata/ucdata.h
   openldap/trunk/libraries/liblunicode/ucdata/ucgendat.c
   openldap/trunk/libraries/liblunicode/ucdata/ucpgba.c
   openldap/trunk/libraries/liblunicode/ucdata/ucpgba.h
   openldap/trunk/libraries/liblunicode/ucstr.c
   openldap/trunk/libraries/liblunicode/ure/ure.c
   openldap/trunk/libraries/liblunicode/ure/ure.h
   openldap/trunk/libraries/liblunicode/ure/urestubs.c
   openldap/trunk/libraries/liblunicode/utbm/utbm.c
   openldap/trunk/libraries/liblunicode/utbm/utbm.h
   openldap/trunk/libraries/liblunicode/utbm/utbmstub.c
   openldap/trunk/libraries/liblutil/Makefile.in
   openldap/trunk/libraries/liblutil/avl.c
   openldap/trunk/libraries/liblutil/base64.c
   openldap/trunk/libraries/liblutil/csn.c
   openldap/trunk/libraries/liblutil/detach.c
   openldap/trunk/libraries/liblutil/entropy.c
   openldap/trunk/libraries/liblutil/fetch.c
   openldap/trunk/libraries/liblutil/getopt.c
   openldap/trunk/libraries/liblutil/getpass.c
   openldap/trunk/libraries/liblutil/getpeereid.c
   openldap/trunk/libraries/liblutil/hash.c
   openldap/trunk/libraries/liblutil/ldif.c
   openldap/trunk/libraries/liblutil/lockf.c
   openldap/trunk/libraries/liblutil/md5.c
   openldap/trunk/libraries/liblutil/memcmp.c
   openldap/trunk/libraries/liblutil/ntservice.c
   openldap/trunk/libraries/liblutil/passfile.c
   openldap/trunk/libraries/liblutil/passwd.c
   openldap/trunk/libraries/liblutil/ptest.c
   openldap/trunk/libraries/liblutil/sasl.c
   openldap/trunk/libraries/liblutil/setproctitle.c
   openldap/trunk/libraries/liblutil/sha1.c
   openldap/trunk/libraries/liblutil/signal.c
   openldap/trunk/libraries/liblutil/sockpair.c
   openldap/trunk/libraries/liblutil/tavl.c
   openldap/trunk/libraries/liblutil/testavl.c
   openldap/trunk/libraries/liblutil/testtavl.c
   openldap/trunk/libraries/liblutil/utils.c
   openldap/trunk/libraries/liblutil/uuid.c
   openldap/trunk/libraries/librewrite/Makefile.in
   openldap/trunk/libraries/librewrite/config.c
   openldap/trunk/libraries/librewrite/context.c
   openldap/trunk/libraries/librewrite/info.c
   openldap/trunk/libraries/librewrite/ldapmap.c
   openldap/trunk/libraries/librewrite/map.c
   openldap/trunk/libraries/librewrite/params.c
   openldap/trunk/libraries/librewrite/parse.c
   openldap/trunk/libraries/librewrite/rewrite-int.h
   openldap/trunk/libraries/librewrite/rewrite-map.h
   openldap/trunk/libraries/librewrite/rewrite.c
   openldap/trunk/libraries/librewrite/rule.c
   openldap/trunk/libraries/librewrite/session.c
   openldap/trunk/libraries/librewrite/subst.c
   openldap/trunk/libraries/librewrite/var.c
   openldap/trunk/libraries/librewrite/xmap.c
   openldap/trunk/servers/Makefile.in
   openldap/trunk/servers/slapd/DB_CONFIG
   openldap/trunk/servers/slapd/Makefile.in
   openldap/trunk/servers/slapd/abandon.c
   openldap/trunk/servers/slapd/aci.c
   openldap/trunk/servers/slapd/acl.c
   openldap/trunk/servers/slapd/aclparse.c
   openldap/trunk/servers/slapd/ad.c
   openldap/trunk/servers/slapd/add.c
   openldap/trunk/servers/slapd/alock.c
   openldap/trunk/servers/slapd/alock.h
   openldap/trunk/servers/slapd/at.c
   openldap/trunk/servers/slapd/attr.c
   openldap/trunk/servers/slapd/ava.c
   openldap/trunk/servers/slapd/back-bdb/Makefile.in
   openldap/trunk/servers/slapd/back-bdb/add.c
   openldap/trunk/servers/slapd/back-bdb/attr.c
   openldap/trunk/servers/slapd/back-bdb/back-bdb.h
   openldap/trunk/servers/slapd/back-bdb/bind.c
   openldap/trunk/servers/slapd/back-bdb/cache.c
   openldap/trunk/servers/slapd/back-bdb/compare.c
   openldap/trunk/servers/slapd/back-bdb/config.c
   openldap/trunk/servers/slapd/back-bdb/dbcache.c
   openldap/trunk/servers/slapd/back-bdb/delete.c
   openldap/trunk/servers/slapd/back-bdb/dn2entry.c
   openldap/trunk/servers/slapd/back-bdb/dn2id.c
   openldap/trunk/servers/slapd/back-bdb/error.c
   openldap/trunk/servers/slapd/back-bdb/extended.c
   openldap/trunk/servers/slapd/back-bdb/filterindex.c
   openldap/trunk/servers/slapd/back-bdb/id2entry.c
   openldap/trunk/servers/slapd/back-bdb/idl.c
   openldap/trunk/servers/slapd/back-bdb/idl.h
   openldap/trunk/servers/slapd/back-bdb/index.c
   openldap/trunk/servers/slapd/back-bdb/init.c
   openldap/trunk/servers/slapd/back-bdb/key.c
   openldap/trunk/servers/slapd/back-bdb/modify.c
   openldap/trunk/servers/slapd/back-bdb/modrdn.c
   openldap/trunk/servers/slapd/back-bdb/monitor.c
   openldap/trunk/servers/slapd/back-bdb/nextid.c
   openldap/trunk/servers/slapd/back-bdb/operational.c
   openldap/trunk/servers/slapd/back-bdb/proto-bdb.h
   openldap/trunk/servers/slapd/back-bdb/referral.c
   openldap/trunk/servers/slapd/back-bdb/search.c
   openldap/trunk/servers/slapd/back-bdb/tools.c
   openldap/trunk/servers/slapd/back-bdb/trans.c
   openldap/trunk/servers/slapd/back-dnssrv/Makefile.in
   openldap/trunk/servers/slapd/back-dnssrv/bind.c
   openldap/trunk/servers/slapd/back-dnssrv/compare.c
   openldap/trunk/servers/slapd/back-dnssrv/config.c
   openldap/trunk/servers/slapd/back-dnssrv/init.c
   openldap/trunk/servers/slapd/back-dnssrv/proto-dnssrv.h
   openldap/trunk/servers/slapd/back-dnssrv/referral.c
   openldap/trunk/servers/slapd/back-dnssrv/search.c
   openldap/trunk/servers/slapd/back-hdb/Makefile.in
   openldap/trunk/servers/slapd/back-hdb/back-bdb.h
   openldap/trunk/servers/slapd/back-ldap/Makefile.in
   openldap/trunk/servers/slapd/back-ldap/add.c
   openldap/trunk/servers/slapd/back-ldap/back-ldap.h
   openldap/trunk/servers/slapd/back-ldap/bind.c
   openldap/trunk/servers/slapd/back-ldap/chain.c
   openldap/trunk/servers/slapd/back-ldap/compare.c
   openldap/trunk/servers/slapd/back-ldap/config.c
   openldap/trunk/servers/slapd/back-ldap/delete.c
   openldap/trunk/servers/slapd/back-ldap/distproc.c
   openldap/trunk/servers/slapd/back-ldap/extended.c
   openldap/trunk/servers/slapd/back-ldap/init.c
   openldap/trunk/servers/slapd/back-ldap/modify.c
   openldap/trunk/servers/slapd/back-ldap/modrdn.c
   openldap/trunk/servers/slapd/back-ldap/monitor.c
   openldap/trunk/servers/slapd/back-ldap/proto-ldap.h
   openldap/trunk/servers/slapd/back-ldap/search.c
   openldap/trunk/servers/slapd/back-ldap/unbind.c
   openldap/trunk/servers/slapd/back-ldif/Makefile.in
   openldap/trunk/servers/slapd/back-ldif/ldif.c
   openldap/trunk/servers/slapd/back-meta/Makefile.in
   openldap/trunk/servers/slapd/back-meta/add.c
   openldap/trunk/servers/slapd/back-meta/back-meta.h
   openldap/trunk/servers/slapd/back-meta/bind.c
   openldap/trunk/servers/slapd/back-meta/candidates.c
   openldap/trunk/servers/slapd/back-meta/compare.c
   openldap/trunk/servers/slapd/back-meta/config.c
   openldap/trunk/servers/slapd/back-meta/conn.c
   openldap/trunk/servers/slapd/back-meta/delete.c
   openldap/trunk/servers/slapd/back-meta/dncache.c
   openldap/trunk/servers/slapd/back-meta/init.c
   openldap/trunk/servers/slapd/back-meta/map.c
   openldap/trunk/servers/slapd/back-meta/modify.c
   openldap/trunk/servers/slapd/back-meta/modrdn.c
   openldap/trunk/servers/slapd/back-meta/proto-meta.h
   openldap/trunk/servers/slapd/back-meta/search.c
   openldap/trunk/servers/slapd/back-meta/suffixmassage.c
   openldap/trunk/servers/slapd/back-meta/unbind.c
   openldap/trunk/servers/slapd/back-monitor/Makefile.in
   openldap/trunk/servers/slapd/back-monitor/back-monitor.h
   openldap/trunk/servers/slapd/back-monitor/backend.c
   openldap/trunk/servers/slapd/back-monitor/bind.c
   openldap/trunk/servers/slapd/back-monitor/cache.c
   openldap/trunk/servers/slapd/back-monitor/compare.c
   openldap/trunk/servers/slapd/back-monitor/conn.c
   openldap/trunk/servers/slapd/back-monitor/database.c
   openldap/trunk/servers/slapd/back-monitor/entry.c
   openldap/trunk/servers/slapd/back-monitor/init.c
   openldap/trunk/servers/slapd/back-monitor/listener.c
   openldap/trunk/servers/slapd/back-monitor/log.c
   openldap/trunk/servers/slapd/back-monitor/modify.c
   openldap/trunk/servers/slapd/back-monitor/operation.c
   openldap/trunk/servers/slapd/back-monitor/operational.c
   openldap/trunk/servers/slapd/back-monitor/overlay.c
   openldap/trunk/servers/slapd/back-monitor/proto-back-monitor.h
   openldap/trunk/servers/slapd/back-monitor/rww.c
   openldap/trunk/servers/slapd/back-monitor/search.c
   openldap/trunk/servers/slapd/back-monitor/sent.c
   openldap/trunk/servers/slapd/back-monitor/thread.c
   openldap/trunk/servers/slapd/back-monitor/time.c
   openldap/trunk/servers/slapd/back-null/Makefile.in
   openldap/trunk/servers/slapd/back-null/null.c
   openldap/trunk/servers/slapd/back-passwd/Makefile.in
   openldap/trunk/servers/slapd/back-passwd/back-passwd.h
   openldap/trunk/servers/slapd/back-passwd/config.c
   openldap/trunk/servers/slapd/back-passwd/init.c
   openldap/trunk/servers/slapd/back-passwd/proto-passwd.h
   openldap/trunk/servers/slapd/back-passwd/search.c
   openldap/trunk/servers/slapd/back-perl/Makefile.in
   openldap/trunk/servers/slapd/back-perl/SampleLDAP.pm
   openldap/trunk/servers/slapd/back-perl/add.c
   openldap/trunk/servers/slapd/back-perl/asperl_undefs.h
   openldap/trunk/servers/slapd/back-perl/bind.c
   openldap/trunk/servers/slapd/back-perl/close.c
   openldap/trunk/servers/slapd/back-perl/compare.c
   openldap/trunk/servers/slapd/back-perl/config.c
   openldap/trunk/servers/slapd/back-perl/delete.c
   openldap/trunk/servers/slapd/back-perl/init.c
   openldap/trunk/servers/slapd/back-perl/modify.c
   openldap/trunk/servers/slapd/back-perl/modrdn.c
   openldap/trunk/servers/slapd/back-perl/perl_back.h
   openldap/trunk/servers/slapd/back-perl/proto-perl.h
   openldap/trunk/servers/slapd/back-perl/search.c
   openldap/trunk/servers/slapd/back-relay/Makefile.in
   openldap/trunk/servers/slapd/back-relay/back-relay.h
   openldap/trunk/servers/slapd/back-relay/init.c
   openldap/trunk/servers/slapd/back-relay/op.c
   openldap/trunk/servers/slapd/back-relay/proto-back-relay.h
   openldap/trunk/servers/slapd/back-shell/Makefile.in
   openldap/trunk/servers/slapd/back-shell/add.c
   openldap/trunk/servers/slapd/back-shell/bind.c
   openldap/trunk/servers/slapd/back-shell/compare.c
   openldap/trunk/servers/slapd/back-shell/config.c
   openldap/trunk/servers/slapd/back-shell/delete.c
   openldap/trunk/servers/slapd/back-shell/fork.c
   openldap/trunk/servers/slapd/back-shell/init.c
   openldap/trunk/servers/slapd/back-shell/modify.c
   openldap/trunk/servers/slapd/back-shell/modrdn.c
   openldap/trunk/servers/slapd/back-shell/proto-shell.h
   openldap/trunk/servers/slapd/back-shell/result.c
   openldap/trunk/servers/slapd/back-shell/search.c
   openldap/trunk/servers/slapd/back-shell/searchexample.conf
   openldap/trunk/servers/slapd/back-shell/searchexample.sh
   openldap/trunk/servers/slapd/back-shell/shell.h
   openldap/trunk/servers/slapd/back-shell/unbind.c
   openldap/trunk/servers/slapd/back-sql/Makefile.in
   openldap/trunk/servers/slapd/back-sql/add.c
   openldap/trunk/servers/slapd/back-sql/api.c
   openldap/trunk/servers/slapd/back-sql/back-sql.h
   openldap/trunk/servers/slapd/back-sql/bind.c
   openldap/trunk/servers/slapd/back-sql/compare.c
   openldap/trunk/servers/slapd/back-sql/config.c
   openldap/trunk/servers/slapd/back-sql/delete.c
   openldap/trunk/servers/slapd/back-sql/entry-id.c
   openldap/trunk/servers/slapd/back-sql/init.c
   openldap/trunk/servers/slapd/back-sql/modify.c
   openldap/trunk/servers/slapd/back-sql/modrdn.c
   openldap/trunk/servers/slapd/back-sql/operational.c
   openldap/trunk/servers/slapd/back-sql/proto-sql.h
   openldap/trunk/servers/slapd/back-sql/rdbms_depend/timesten/dnreverse/Makefile
   openldap/trunk/servers/slapd/back-sql/rdbms_depend/timesten/dnreverse/dnreverse.cpp
   openldap/trunk/servers/slapd/back-sql/schema-map.c
   openldap/trunk/servers/slapd/back-sql/search.c
   openldap/trunk/servers/slapd/back-sql/sql-wrap.c
   openldap/trunk/servers/slapd/back-sql/util.c
   openldap/trunk/servers/slapd/backend.c
   openldap/trunk/servers/slapd/backglue.c
   openldap/trunk/servers/slapd/backover.c
   openldap/trunk/servers/slapd/bconfig.c
   openldap/trunk/servers/slapd/bind.c
   openldap/trunk/servers/slapd/cancel.c
   openldap/trunk/servers/slapd/ch_malloc.c
   openldap/trunk/servers/slapd/compare.c
   openldap/trunk/servers/slapd/component.c
   openldap/trunk/servers/slapd/component.h
   openldap/trunk/servers/slapd/config.c
   openldap/trunk/servers/slapd/config.h
   openldap/trunk/servers/slapd/connection.c
   openldap/trunk/servers/slapd/controls.c
   openldap/trunk/servers/slapd/cr.c
   openldap/trunk/servers/slapd/ctxcsn.c
   openldap/trunk/servers/slapd/daemon.c
   openldap/trunk/servers/slapd/delete.c
   openldap/trunk/servers/slapd/dn.c
   openldap/trunk/servers/slapd/entry.c
   openldap/trunk/servers/slapd/extended.c
   openldap/trunk/servers/slapd/filter.c
   openldap/trunk/servers/slapd/filterentry.c
   openldap/trunk/servers/slapd/frontend.c
   openldap/trunk/servers/slapd/globals.c
   openldap/trunk/servers/slapd/index.c
   openldap/trunk/servers/slapd/init.c
   openldap/trunk/servers/slapd/ldapsync.c
   openldap/trunk/servers/slapd/limits.c
   openldap/trunk/servers/slapd/lock.c
   openldap/trunk/servers/slapd/main.c
   openldap/trunk/servers/slapd/matchedValues.c
   openldap/trunk/servers/slapd/modify.c
   openldap/trunk/servers/slapd/modrdn.c
   openldap/trunk/servers/slapd/mods.c
   openldap/trunk/servers/slapd/module.c
   openldap/trunk/servers/slapd/mr.c
   openldap/trunk/servers/slapd/mra.c
   openldap/trunk/servers/slapd/nt_svc.c
   openldap/trunk/servers/slapd/oc.c
   openldap/trunk/servers/slapd/oidm.c
   openldap/trunk/servers/slapd/operation.c
   openldap/trunk/servers/slapd/operational.c
   openldap/trunk/servers/slapd/overlays/Makefile.in
   openldap/trunk/servers/slapd/overlays/accesslog.c
   openldap/trunk/servers/slapd/overlays/auditlog.c
   openldap/trunk/servers/slapd/overlays/collect.c
   openldap/trunk/servers/slapd/overlays/constraint.c
   openldap/trunk/servers/slapd/overlays/dds.c
   openldap/trunk/servers/slapd/overlays/dyngroup.c
   openldap/trunk/servers/slapd/overlays/dynlist.c
   openldap/trunk/servers/slapd/overlays/memberof.c
   openldap/trunk/servers/slapd/overlays/overlays.c
   openldap/trunk/servers/slapd/overlays/pcache.c
   openldap/trunk/servers/slapd/overlays/ppolicy.c
   openldap/trunk/servers/slapd/overlays/refint.c
   openldap/trunk/servers/slapd/overlays/retcode.c
   openldap/trunk/servers/slapd/overlays/rwm.c
   openldap/trunk/servers/slapd/overlays/rwm.h
   openldap/trunk/servers/slapd/overlays/rwmconf.c
   openldap/trunk/servers/slapd/overlays/rwmdn.c
   openldap/trunk/servers/slapd/overlays/rwmmap.c
   openldap/trunk/servers/slapd/overlays/seqmod.c
   openldap/trunk/servers/slapd/overlays/syncprov.c
   openldap/trunk/servers/slapd/overlays/translucent.c
   openldap/trunk/servers/slapd/overlays/unique.c
   openldap/trunk/servers/slapd/overlays/valsort.c
   openldap/trunk/servers/slapd/passwd.c
   openldap/trunk/servers/slapd/phonetic.c
   openldap/trunk/servers/slapd/proto-slap.h
   openldap/trunk/servers/slapd/referral.c
   openldap/trunk/servers/slapd/result.c
   openldap/trunk/servers/slapd/root_dse.c
   openldap/trunk/servers/slapd/sasl.c
   openldap/trunk/servers/slapd/saslauthz.c
   openldap/trunk/servers/slapd/schema.c
   openldap/trunk/servers/slapd/schema/README
   openldap/trunk/servers/slapd/schema/cosine.ldif
   openldap/trunk/servers/slapd/schema/duaconf.schema
   openldap/trunk/servers/slapd/schema/dyngroup.schema
   openldap/trunk/servers/slapd/schema/inetorgperson.ldif
   openldap/trunk/servers/slapd/schema/inetorgperson.schema
   openldap/trunk/servers/slapd/schema/misc.schema
   openldap/trunk/servers/slapd/schema/nadf.schema
   openldap/trunk/servers/slapd/schema/nis.ldif
   openldap/trunk/servers/slapd/schema/nis.schema
   openldap/trunk/servers/slapd/schema/openldap.ldif
   openldap/trunk/servers/slapd/schema/openldap.schema
   openldap/trunk/servers/slapd/schema_check.c
   openldap/trunk/servers/slapd/schema_init.c
   openldap/trunk/servers/slapd/schema_prep.c
   openldap/trunk/servers/slapd/schemaparse.c
   openldap/trunk/servers/slapd/search.c
   openldap/trunk/servers/slapd/sets.c
   openldap/trunk/servers/slapd/sets.h
   openldap/trunk/servers/slapd/shell-backends/Makefile.in
   openldap/trunk/servers/slapd/shell-backends/passwd-shell.c
   openldap/trunk/servers/slapd/shell-backends/shellutil.c
   openldap/trunk/servers/slapd/shell-backends/shellutil.h
   openldap/trunk/servers/slapd/sl_malloc.c
   openldap/trunk/servers/slapd/slap.h
   openldap/trunk/servers/slapd/slapacl.c
   openldap/trunk/servers/slapd/slapadd.c
   openldap/trunk/servers/slapd/slapauth.c
   openldap/trunk/servers/slapd/slapcat.c
   openldap/trunk/servers/slapd/slapcommon.c
   openldap/trunk/servers/slapd/slapcommon.h
   openldap/trunk/servers/slapd/slapdn.c
   openldap/trunk/servers/slapd/slapi/Makefile.in
   openldap/trunk/servers/slapd/slapi/plugin.c
   openldap/trunk/servers/slapd/slapi/printmsg.c
   openldap/trunk/servers/slapd/slapi/proto-slapi.h
   openldap/trunk/servers/slapd/slapi/slapi.h
   openldap/trunk/servers/slapd/slapi/slapi_dn.c
   openldap/trunk/servers/slapd/slapi/slapi_ext.c
   openldap/trunk/servers/slapd/slapi/slapi_ops.c
   openldap/trunk/servers/slapd/slapi/slapi_overlay.c
   openldap/trunk/servers/slapd/slapi/slapi_pblock.c
   openldap/trunk/servers/slapd/slapi/slapi_utils.c
   openldap/trunk/servers/slapd/slapindex.c
   openldap/trunk/servers/slapd/slappasswd.c
   openldap/trunk/servers/slapd/slaptest.c
   openldap/trunk/servers/slapd/starttls.c
   openldap/trunk/servers/slapd/str2filter.c
   openldap/trunk/servers/slapd/syncrepl.c
   openldap/trunk/servers/slapd/syntax.c
   openldap/trunk/servers/slapd/txn.c
   openldap/trunk/servers/slapd/unbind.c
   openldap/trunk/servers/slapd/user.c
   openldap/trunk/servers/slapd/value.c
   openldap/trunk/servers/slapd/zn_malloc.c
   openldap/trunk/tests/Makefile.in
   openldap/trunk/tests/data/ditcontentrules.conf
   openldap/trunk/tests/data/dn.out
   openldap/trunk/tests/data/do_add.1
   openldap/trunk/tests/data/do_add.2
   openldap/trunk/tests/data/do_add.3
   openldap/trunk/tests/data/do_add.4
   openldap/trunk/tests/data/dynlist.out
   openldap/trunk/tests/data/emptydn.out
   openldap/trunk/tests/data/emptydn.out.slapadd
   openldap/trunk/tests/data/regressions/its4184/its4184
   openldap/trunk/tests/data/regressions/its4326/its4326
   openldap/trunk/tests/data/regressions/its4326/slapd.conf
   openldap/trunk/tests/data/regressions/its4336/its4336
   openldap/trunk/tests/data/regressions/its4336/slapd.conf
   openldap/trunk/tests/data/regressions/its4337/its4337
   openldap/trunk/tests/data/regressions/its4337/slapd.conf
   openldap/trunk/tests/data/regressions/its4448/its4448
   openldap/trunk/tests/data/regressions/its4448/slapd-meta.conf
   openldap/trunk/tests/data/relay.out
   openldap/trunk/tests/data/retcode.conf
   openldap/trunk/tests/data/slapd-aci.conf
   openldap/trunk/tests/data/slapd-acl.conf
   openldap/trunk/tests/data/slapd-cache-master.conf
   openldap/trunk/tests/data/slapd-chain1.conf
   openldap/trunk/tests/data/slapd-chain2.conf
   openldap/trunk/tests/data/slapd-component.conf
   openldap/trunk/tests/data/slapd-dds.conf
   openldap/trunk/tests/data/slapd-deltasync-master.conf
   openldap/trunk/tests/data/slapd-deltasync-slave.conf
   openldap/trunk/tests/data/slapd-dn.conf
   openldap/trunk/tests/data/slapd-dnssrv.conf
   openldap/trunk/tests/data/slapd-dynlist.conf
   openldap/trunk/tests/data/slapd-emptydn.conf
   openldap/trunk/tests/data/slapd-glue-ldap.conf
   openldap/trunk/tests/data/slapd-glue-syncrepl1.conf
   openldap/trunk/tests/data/slapd-glue-syncrepl2.conf
   openldap/trunk/tests/data/slapd-glue.conf
   openldap/trunk/tests/data/slapd-idassert.conf
   openldap/trunk/tests/data/slapd-ldapglue.conf
   openldap/trunk/tests/data/slapd-ldapgluegroups.conf
   openldap/trunk/tests/data/slapd-ldapgluepeople.conf
   openldap/trunk/tests/data/slapd-limits.conf
   openldap/trunk/tests/data/slapd-master.conf
   openldap/trunk/tests/data/slapd-meta-target1.conf
   openldap/trunk/tests/data/slapd-meta-target2.conf
   openldap/trunk/tests/data/slapd-meta.conf
   openldap/trunk/tests/data/slapd-nis-master.conf
   openldap/trunk/tests/data/slapd-passwd.conf
   openldap/trunk/tests/data/slapd-ppolicy.conf
   openldap/trunk/tests/data/slapd-proxycache.conf
   openldap/trunk/tests/data/slapd-pw.conf
   openldap/trunk/tests/data/slapd-ref-slave.conf
   openldap/trunk/tests/data/slapd-referrals.conf
   openldap/trunk/tests/data/slapd-refint.conf
   openldap/trunk/tests/data/slapd-relay.conf
   openldap/trunk/tests/data/slapd-repl-slave-remote.conf
   openldap/trunk/tests/data/slapd-retcode.conf
   openldap/trunk/tests/data/slapd-schema.conf
   openldap/trunk/tests/data/slapd-sql-syncrepl-master.conf
   openldap/trunk/tests/data/slapd-sql.conf
   openldap/trunk/tests/data/slapd-syncrepl-master.conf
   openldap/trunk/tests/data/slapd-syncrepl-multiproxy.conf
   openldap/trunk/tests/data/slapd-syncrepl-slave-persist-ldap.conf
   openldap/trunk/tests/data/slapd-syncrepl-slave-persist1.conf
   openldap/trunk/tests/data/slapd-syncrepl-slave-persist2.conf
   openldap/trunk/tests/data/slapd-syncrepl-slave-persist3.conf
   openldap/trunk/tests/data/slapd-syncrepl-slave-refresh1.conf
   openldap/trunk/tests/data/slapd-syncrepl-slave-refresh2.conf
   openldap/trunk/tests/data/slapd-translucent-local.conf
   openldap/trunk/tests/data/slapd-translucent-remote.conf
   openldap/trunk/tests/data/slapd-unique.conf
   openldap/trunk/tests/data/slapd-valsort.conf
   openldap/trunk/tests/data/slapd-whoami.conf
   openldap/trunk/tests/data/slapd.conf
   openldap/trunk/tests/data/slapd2.conf
   openldap/trunk/tests/data/test.schema
   openldap/trunk/tests/progs/Makefile.in
   openldap/trunk/tests/progs/slapd-addel.c
   openldap/trunk/tests/progs/slapd-bind.c
   openldap/trunk/tests/progs/slapd-common.c
   openldap/trunk/tests/progs/slapd-common.h
   openldap/trunk/tests/progs/slapd-modify.c
   openldap/trunk/tests/progs/slapd-modrdn.c
   openldap/trunk/tests/progs/slapd-read.c
   openldap/trunk/tests/progs/slapd-search.c
   openldap/trunk/tests/progs/slapd-tester.c
   openldap/trunk/tests/run.in
   openldap/trunk/tests/scripts/acfilter.sh
   openldap/trunk/tests/scripts/all
   openldap/trunk/tests/scripts/conf.sh
   openldap/trunk/tests/scripts/defines.sh
   openldap/trunk/tests/scripts/its-all
   openldap/trunk/tests/scripts/passwd-search
   openldap/trunk/tests/scripts/relay
   openldap/trunk/tests/scripts/sql-all
   openldap/trunk/tests/scripts/sql-test000-read
   openldap/trunk/tests/scripts/sql-test001-concurrency
   openldap/trunk/tests/scripts/sql-test900-write
   openldap/trunk/tests/scripts/sql-test901-syncrepl
   openldap/trunk/tests/scripts/start-server
   openldap/trunk/tests/scripts/start-server-nolog
   openldap/trunk/tests/scripts/start-server2
   openldap/trunk/tests/scripts/start-server2-nolog
   openldap/trunk/tests/scripts/startup_nis_ldap_server.sh
   openldap/trunk/tests/scripts/test000-rootdse
   openldap/trunk/tests/scripts/test001-slapadd
   openldap/trunk/tests/scripts/test002-populate
   openldap/trunk/tests/scripts/test003-search
   openldap/trunk/tests/scripts/test004-modify
   openldap/trunk/tests/scripts/test005-modrdn
   openldap/trunk/tests/scripts/test006-acls
   openldap/trunk/tests/scripts/test008-concurrency
   openldap/trunk/tests/scripts/test009-referral
   openldap/trunk/tests/scripts/test010-passwd
   openldap/trunk/tests/scripts/test011-glue-slapadd
   openldap/trunk/tests/scripts/test012-glue-populate
   openldap/trunk/tests/scripts/test013-language
   openldap/trunk/tests/scripts/test014-whoami
   openldap/trunk/tests/scripts/test015-xsearch
   openldap/trunk/tests/scripts/test016-subref
   openldap/trunk/tests/scripts/test017-syncreplication-refresh
   openldap/trunk/tests/scripts/test018-syncreplication-persist
   openldap/trunk/tests/scripts/test019-syncreplication-cascade
   openldap/trunk/tests/scripts/test020-proxycache
   openldap/trunk/tests/scripts/test021-certificate
   openldap/trunk/tests/scripts/test022-ppolicy
   openldap/trunk/tests/scripts/test023-refint
   openldap/trunk/tests/scripts/test024-unique
   openldap/trunk/tests/scripts/test025-limits
   openldap/trunk/tests/scripts/test026-dn
   openldap/trunk/tests/scripts/test027-emptydn
   openldap/trunk/tests/scripts/test028-idassert
   openldap/trunk/tests/scripts/test029-ldapglue
   openldap/trunk/tests/scripts/test030-relay
   openldap/trunk/tests/scripts/test031-component-filter
   openldap/trunk/tests/scripts/test032-chain
   openldap/trunk/tests/scripts/test033-glue-syncrepl
   openldap/trunk/tests/scripts/test034-translucent
   openldap/trunk/tests/scripts/test035-meta
   openldap/trunk/tests/scripts/test036-meta-concurrency
   openldap/trunk/tests/scripts/test037-manage
   openldap/trunk/tests/scripts/test038-retcode
   openldap/trunk/tests/scripts/test039-glue-ldap-concurrency
   openldap/trunk/tests/scripts/test040-subtree-rename
   openldap/trunk/tests/scripts/test041-aci
   openldap/trunk/tests/scripts/test042-valsort
   openldap/trunk/tests/scripts/test043-delta-syncrepl
   openldap/trunk/tests/scripts/test044-dynlist
   openldap/trunk/tests/scripts/test045-syncreplication-proxied
   openldap/trunk/tests/scripts/test046-dds
   openldap/trunk/tests/scripts/test047-ldap
   openldap/trunk/tests/scripts/test048-syncrepl-multiproxy
   openldap/trunk/tests/scripts/test049-sync-config
   openldap/trunk/tests/scripts/test050-syncrepl-multimaster
   openldap/trunk/tests/scripts/test051-config-undo
   openldap/trunk/tests/scripts/test052-memberof
Log:
 * Update to 2.4.9.


Modified: openldap/trunk/ANNOUNCEMENT
===================================================================
--- openldap/trunk/ANNOUNCEMENT	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/ANNOUNCEMENT	2008-05-25 14:29:31 UTC (rev 1128)
@@ -106,6 +106,6 @@
 ---
 OpenLDAP is a registered trademark of the OpenLDAP Foundation.
 
-Copyright 1999-2007 The OpenLDAP Foundation, Redwood City,
+Copyright 1999-2008 The OpenLDAP Foundation, Redwood City,
 California, USA.  All Rights Reserved.  Permission to copy and
 distribute verbatim copies of this document is granted.

Modified: openldap/trunk/CHANGES
===================================================================
--- openldap/trunk/CHANGES	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/CHANGES	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,127 @@
 OpenLDAP 2.4 Change Log
 
+OpenLDAP 2.4.9 Release (2008/05/07)
+	Fixed libldap to use unsigned port (ITS#5436)
+	Fixed libldap error message for missing close paren (ITS#5458)
+	Fixed libldap_r tpool pause checks (ITS#5364, #5407)
+	Fixed slapcat error checking (ITS#5387)
+	Fixed slapd abstract objectClass inheritance check (ITS#5474)
+	Fixed slapd add operations requiring naming attrs (ITS#5412)
+	Fixed slapd connection handling (ITS#5469)
+	Fixed slapd delta-syncrepl resync (ITS#5378)
+	Fixed slapd frontendDB backend selection (ITS#5419)
+	Fixed slapd pagedresults stale state (ITS#5409)
+	Fixed slapd pointer dereference (ITS#5388)
+	Fixed slapd null argument dereference (ITS#5435)
+	Fixed slapd REP_ENTRY flags (ITS#5340)
+	Fixed slapd sets attribute description parsing (ITS#5402)
+	Fixed slapd syncrepl hang on back-config (ITS#5407)
+	Fixed slapd syncrepl compare_csns crash (ITS#5413)
+	Fixed slapd syncrepl contextCSN update clash (ITS#5426)
+	Fixed slapd syncrepl/glue failure (ITS#5430)
+	Fixed slapd syncrepl crash on empty CSN (ITS#5432)
+	Fixed slapd syncrepl refreshAndPersist (ITS#5454)
+	Fixed slapd syncrepl modrdn processing (ITS#5397)
+	Fixed slapd syncrepl MMR partial refresh (ITS#5470)
+	Fixed slapd value list termination (ITS#5450)
+	Fixed slapd/slapo-accesslog rq mutex usage (ITS#5442)
+	Fixed slapd-bdb ID_NOCACHE handling (ITS#5439)
+	Fixed slapd-bdb entryinfo state if db_lock fails (ITS#5455)
+	Fixed slapd-bdb referral rewrite (ITS#5339)
+	Fixed slapd-config overlay stacking (ITS#5346)
+	Fixed slapd-config attribute publishing (ITS#5383)
+	Fixed slapd-ldap connection handler (ITS#5404)
+	Fixed slapd-ldif file name handling & multi-suffix/dir catch (ITS#5408)
+	Fixed slapd-meta connections on error (ITS#5440)
+	Fixed slapd-meta crash on search (ITS#5481)
+	Fixed slapo-accesslog null callback stack crash (ITS#5490)
+	Fixed slapo-auditlog unnecessary syscall (ITS#5441)
+	Added slapo-dynlist mapping to dynamic attrs generation (ITS#5466)
+	Fixed slapo-refint dnSubtreeMatch (ITS#5427)
+	Fixed slapo-refint global referential integrity (ITS#5428)
+	Fixed slapo-syncprov psearch on closed connection (ITS#5401)
+	Fixed slapo-syncprov psearch task delay (ITS#5405)
+	Fixed slapo-syncprov psearch filter identity (ITS#5418, #5486)
+	Fixed slapo-syncprov/glue contextCSN update (ITS#5433)
+	Fixed slapo-syncprov/glue search ops (ITS#5434)
+	Fixed slapo-syncprov null cookie (ITS#5437,#5444)
+	Fixed slapo-syncprov double-free (ITS#5445)
+	Fixed slapo-syncprov free syncop correctly (ITS#5484)
+	Fixed slapo-syncprov glue deadlock (ITS#5451)
+	Build Environment
+		Fixed leave function naming for OSF1 (ITS#5411)
+	Documentation
+		Fixed slapd.access(5) authz-regexp documented behavior (ITS#5400)
+		Fixed slapd.meta(5) idassert-* documentation (ITS#5406)
+		admin24 delta-syncrepl documentation (ITS#5476)
+		admin24 set documentation (ITS#5278,ITS#5279,ITS#5281)
+		admin24 slapo-ppolicy documentation (ITS#5479)
+		admin24 syncrepl directives update (ITS#5425)
+
+OpenLDAP 2.4.8 Release (2008/02/19)
+	Fixed ldapmodify verbose logging (ITS#5247)
+	Fixed ldapdelete with sizelimit (ITS#5294)
+	Fixed ldapdelete with subentries control (ITS#5293)
+	Fixed ldapsearch exit code init (ITS#5317)
+	Fixed libldap extended decoding (ITS#5304)
+	Fixed libldap filter abort (ITS#5300)
+	Fixed libldap ldap_parse_sasl_bind_result (ITS#5263)
+	Fixed libldap result codes for open (ITS#5338)
+	Fixed libldap search timeout crash (ITS#5291)
+	Fixed libldap paged results crash (ITS#5315)
+	Fixed libldap cipher suite with GnuTLS (ITS#5341)
+	Fixed slapd support for 2.1 CSN (ITS#5348)
+	Fixed slapd include handling (ITS#5276)
+	Fixed slapd modrdn check for valid new DN (ITS#5344)
+	Fixed slapd multi-step SASL binds (ITS#5298)
+	Fixed slapd non-atomic signal variables (ITS#5248)
+	Fixed slapd overlay ordering when moving to slapd.d (ITS#5284)
+	Fixed slapd NULL printf (ITS#5264)	
+	Fixed slapd NULL set values (ITS#5286)
+	Fixed slapd segv with SASL/OTP (ITS#5259)
+	Fixed slapd timestamp race condition (ITS#5370)
+	Fixed slapd cn=config crash on delete (ITS#5343)
+	Fixed slapd cn=config global acls (ITS#5352)
+	Fixed slapd truncated cookie (ITS#5362)
+	Fixed slapd sasl with CLEARTEXT (ITS#5368)
+	Fixed slapd str2entry with no attrs (ITS#5308)
+	Fixed slapd TLSVerifyClient default (ITS#5360)
+	Fixed slapd HAVE_TLS dependency (ITS#5379)
+	Fixed slapd delta-syncrepl refresh mode (ITS#5376)
+	Fixed slapd ACL sets URI attrs (ITS#5384)
+	Fixed slapd invalid entryUUID filter (ITS#5386)
+	Fixed slapd-bdb idlcache on adds (ITS#5086)
+	Fixed slapd-bdb crash with modrdn (ITS#5358)
+	Fixed slapd-bdb segv with bdb4.6 (ITS#5322)
+	Fixed slapd-bdb modrdn to same dn (ITS#5319)
+	Fixed slapd-bdb MMR (ITS#5332)
+	Added slapd-bdb/slapd-hdb DB encryption (ITS#5359)
+	Fixed slapd-ldif delete (ITS#5265)
+	Fixed slapd-meta link to slapd-ldap (ITS#5355)
+	Fixed slapd-meta setting of sm_nvalues (ITS#5375)
+	Fixed slapd-monitor crash (ITS#5311)
+	Fixed slapd-relay compare (ITS#4937)
+	Added slapd-sock (ITS#4094)
+	Fixed slapo-accesslog cleanup on successful response (ITS#5374)
+	Added slapo-autogroup contrib module (ITS#5145)
+	Added slapo-constraint cross-attribute constraints (ITS#4987)
+	Fixed slapo-memberof objectClass inheritance (ITS#5299)
+	Added slapo-memberof global overlay support (ITS#5301)
+	Fixed slapo-memberof leak (ITS#5302)
+	Fixed slapo-ppolicy only password check with policy (ITS#5285)
+	Fixed slapo-ppolicy del/replace password without new one (ITS#5373)
+	Fixed slapo-syncprov hang on checkpoint (ITS#5261)
+	Added slapo-translucent local searching (ITS#5283)
+	Removed lint
+	Build Environment
+		Fixed libldap_r threaded library linking (ITS#4982)
+		Fixed libldap use of %n (ITS#5324)
+		Fixed test047 to skip if rwm is not available (ITS#5292)
+	Documentation
+		DB_CONFIG.example URL wrong in comments (ITS#5288)
+		Add cn=config example for auditlog (ITS#5245)
+		ldapmodify(1) clarification for RFC2849 (ITS#5312)
+
 OpenLDAP 2.4.7 Release (2007/12/14)
 	Added slapd ordered indexing of integer attributes (ITS#5239)
 	Fixed slapd paged results control handling (ITS#5191)

Modified: openldap/trunk/COPYRIGHT
===================================================================
--- openldap/trunk/COPYRIGHT	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/COPYRIGHT	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,4 +1,4 @@
-Copyright 1998-2007 The OpenLDAP Foundation
+Copyright 1998-2008 The OpenLDAP Foundation
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
@@ -25,7 +25,7 @@
 
 ---
 
-Portions Copyright 1998-2006 Kurt D. Zeilenga.
+Portions Copyright 1998-2008 Kurt D. Zeilenga.
 Portions Copyright 1998-2006 Net Boolean Incorporated.
 Portions Copyright 2001-2006 IBM Corporation.
 All rights reserved.
@@ -39,8 +39,8 @@
 Portions Copyright 1999-2007 Howard Y.H. Chu.
 Portions Copyright 1999-2007 Symas Corporation.
 Portions Copyright 1998-2003 Hallvard B. Furuseth.
-Portions Copyright 2007 Gavin Henry
-Portions Copyright 2007 Suretec Systems
+Portions Copyright 2008 Gavin Henry
+Portions Copyright 2008 Suretec Systems
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/INSTALL
===================================================================
--- openldap/trunk/INSTALL	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/INSTALL	2008-05-25 14:29:31 UTC (rev 1128)
@@ -107,7 +107,7 @@
 
 This work is part of OpenLDAP Software <http://www.openldap.org/>.
 
-Copyright 1998-2007 The OpenLDAP Foundation.
+Copyright 1998-2008 The OpenLDAP Foundation.
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/Makefile.in
===================================================================
--- openldap/trunk/Makefile.in	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/Makefile.in	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 # Master Makefile for OpenLDAP
-# $OpenLDAP: pkg/ldap/Makefile.in,v 1.30.2.2 2007/08/31 23:13:44 quanah Exp $
+# $OpenLDAP: pkg/ldap/Makefile.in,v 1.30.2.3 2008/02/11 23:26:37 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/README
===================================================================
--- openldap/trunk/README	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/README	2008-05-25 14:29:31 UTC (rev 1128)
@@ -74,11 +74,11 @@
     <http://www.openldap.org/its/> to be considered.
 
 ---
-$OpenLDAP: pkg/ldap/README,v 1.40.2.6 2007/10/11 18:55:56 quanah Exp $
+$OpenLDAP: pkg/ldap/README,v 1.40.2.7 2008/02/11 23:26:37 kurt Exp $
 
 This work is part of OpenLDAP Software <http://www.openldap.org/>.
 
-Copyright 1998-2007 The OpenLDAP Foundation.
+Copyright 1998-2008 The OpenLDAP Foundation.
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/config.guess
===================================================================
--- openldap/trunk/build/config.guess	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/config.guess	2008-05-25 14:29:31 UTC (rev 1128)
@@ -4,7 +4,7 @@
 #   2000, 2001, 2002, 2003 Free Software Foundation, Inc.
 
 timestamp='2003-07-02-OpenLDAP'
-# $OpenLDAP: pkg/ldap/build/config.guess,v 1.19.2.2 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/build/config.guess,v 1.19.2.3 2008/02/11 23:26:37 kurt Exp $
 
 # This file is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License as published by
@@ -29,7 +29,7 @@
 # configuration script generated by Autoconf, and is distributable
 # under the same distributions terms as OpenLDAP itself.
 
-## Portions Copyright 1998-2007 The OpenLDAP Foundation.
+## Portions Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/config.sub
===================================================================
--- openldap/trunk/build/config.sub	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/config.sub	2008-05-25 14:29:31 UTC (rev 1128)
@@ -4,7 +4,7 @@
 #   2000, 2001, 2002, 2003 Free Software Foundation, Inc.
 
 timestamp='2003-07-04-OpenLDAP'
-# $OpenLDAP: pkg/ldap/build/config.sub,v 1.19.2.2 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/build/config.sub,v 1.19.2.3 2008/02/11 23:26:37 kurt Exp $
 
 # This file is (in principle) common to ALL GNU software.
 # The presence of a machine in this file suggests that SOME GNU software
@@ -34,7 +34,7 @@
 # configuration script generated by Autoconf, and is distributable
 # under the same distributions terms as OpenLDAP itself.
 
-## Portions Copyright 1998-2007 The OpenLDAP Foundation.
+## Portions Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/crupdate
===================================================================
--- openldap/trunk/build/crupdate	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/crupdate	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 #! /bin/sh
-# $OpenLDAP: pkg/ldap/build/crupdate,v 1.7.2.2 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/build/crupdate,v 1.7.2.3 2008/02/11 23:26:37 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
@@ -18,5 +18,5 @@
 
 set -e 		# exit immediately if any errors occur
 
-find . -type f -not -name 'LICENSE*' -print -exec perl -pi -e 's/Copyright ([0-9]{4})([,\-][0-9]{2,4})*,? The OpenLDAP Foundation/Copyright $1-2007 The OpenLDAP Foundation/g;' {} \;
+find . -type f -not -name 'LICENSE*' -print -exec perl -pi -e 's/Copyright ([0-9]{4})([,\-][0-9]{2,4})*,? The OpenLDAP Foundation/Copyright $1-2008 The OpenLDAP Foundation/g;' {} \;
 

Modified: openldap/trunk/build/dir.mk
===================================================================
--- openldap/trunk/build/dir.mk	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/dir.mk	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,7 +1,7 @@
-# $OpenLDAP: pkg/ldap/build/dir.mk,v 1.17.2.2 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/build/dir.mk,v 1.17.2.3 2008/02/11 23:26:37 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/info.mk
===================================================================
--- openldap/trunk/build/info.mk	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/info.mk	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,7 +1,7 @@
-# $OpenLDAP: pkg/ldap/build/info.mk,v 1.12.2.2 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/build/info.mk,v 1.12.2.3 2008/02/11 23:26:37 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/lib-shared.mk
===================================================================
--- openldap/trunk/build/lib-shared.mk	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/lib-shared.mk	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,7 +1,7 @@
-# $OpenLDAP: pkg/ldap/build/lib-shared.mk,v 1.22.2.2 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/build/lib-shared.mk,v 1.22.2.3 2008/02/11 23:26:37 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/lib-static.mk
===================================================================
--- openldap/trunk/build/lib-static.mk	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/lib-static.mk	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,7 +1,7 @@
-# $OpenLDAP: pkg/ldap/build/lib-static.mk,v 1.13.2.2 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/build/lib-static.mk,v 1.13.2.3 2008/02/11 23:26:37 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/lib.mk
===================================================================
--- openldap/trunk/build/lib.mk	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/lib.mk	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,7 +1,7 @@
-# $OpenLDAP: pkg/ldap/build/lib.mk,v 1.23.2.2 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/build/lib.mk,v 1.23.2.3 2008/02/11 23:26:37 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/ltmain.sh
===================================================================
--- openldap/trunk/build/ltmain.sh	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/ltmain.sh	2008-05-25 14:29:31 UTC (rev 1128)
@@ -28,7 +28,7 @@
 # configuration script generated by Autoconf, and is distributable
 # under the same distributions terms as OpenLDAP itself.
 
-## Portions Copyright 1998-2007 The OpenLDAP Foundation.
+## Portions Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/man.mk
===================================================================
--- openldap/trunk/build/man.mk	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/man.mk	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,7 +1,7 @@
-# $OpenLDAP: pkg/ldap/build/man.mk,v 1.32.2.3 2007/11/09 02:55:50 hyc Exp $
+# $OpenLDAP: pkg/ldap/build/man.mk,v 1.32.2.4 2008/02/11 23:26:37 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/missing
===================================================================
--- openldap/trunk/build/missing	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/missing	2008-05-25 14:29:31 UTC (rev 1128)
@@ -29,7 +29,7 @@
 # configuration script generated by Autoconf, and is distributable
 # under the same distributions terms as OpenLDAP itself.
 
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/mkdep
===================================================================
--- openldap/trunk/build/mkdep	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/mkdep	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 #! /bin/sh -
-# $OpenLDAP: pkg/ldap/build/mkdep,v 1.32.2.2 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/build/mkdep,v 1.32.2.3 2008/02/11 23:26:37 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/mkdep.aix
===================================================================
--- openldap/trunk/build/mkdep.aix	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/mkdep.aix	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,7 +1,7 @@
 #! /bin/sh
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/mkrelease
===================================================================
--- openldap/trunk/build/mkrelease	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/mkrelease	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 #! /bin/sh
-# $OpenLDAP: pkg/ldap/build/mkrelease,v 1.23.2.3 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/build/mkrelease,v 1.23.2.4 2008/02/11 23:26:37 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/mkvers.bat
===================================================================
--- openldap/trunk/build/mkvers.bat	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/mkvers.bat	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,7 +1,7 @@
-:: $OpenLDAP: pkg/ldap/build/mkvers.bat,v 1.7.2.2 2007/08/31 23:13:50 quanah Exp $
+:: $OpenLDAP: pkg/ldap/build/mkvers.bat,v 1.7.2.3 2008/02/11 23:26:37 kurt Exp $
 :: This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ::
-:: Copyright 1998-2007 The OpenLDAP Foundation.
+:: Copyright 1998-2008 The OpenLDAP Foundation.
 :: All rights reserved.
 ::
 :: Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/mkversion
===================================================================
--- openldap/trunk/build/mkversion	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/mkversion	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,9 +1,9 @@
 #! /bin/sh
 # Create a version.c file
-# $OpenLDAP: pkg/ldap/build/mkversion,v 1.14.2.2 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/build/mkversion,v 1.14.2.3 2008/02/11 23:26:37 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
@@ -55,7 +55,7 @@
 cat << __EOF__
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -68,7 +68,7 @@
  */
 
 static const char copyright[] =
-"Copyright 1998-2007 The OpenLDAP Foundation.  All rights reserved.\n"
+"Copyright 1998-2008 The OpenLDAP Foundation.  All rights reserved.\n"
 "COPYING RESTRICTIONS APPLY\n";
 
 $static $const char $SYMBOL[] =

Modified: openldap/trunk/build/mod.mk
===================================================================
--- openldap/trunk/build/mod.mk	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/mod.mk	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,7 +1,7 @@
-# $OpenLDAP: pkg/ldap/build/mod.mk,v 1.25.2.2 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/build/mod.mk,v 1.25.2.3 2008/02/11 23:26:37 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/openldap.m4
===================================================================
--- openldap/trunk/build/openldap.m4	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/openldap.m4	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 dnl OpenLDAP Autoconf Macros
-dnl $OpenLDAP: pkg/ldap/build/openldap.m4,v 1.157.2.4 2007/09/01 00:38:35 hyc Exp $
+dnl $OpenLDAP: pkg/ldap/build/openldap.m4,v 1.157.2.5 2008/02/11 23:26:37 kurt Exp $
 dnl This work is part of OpenLDAP Software <http://www.openldap.org/>.
 dnl
-dnl Copyright 1998-2007 The OpenLDAP Foundation.
+dnl Copyright 1998-2008 The OpenLDAP Foundation.
 dnl All rights reserved.
 dnl
 dnl Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/rules.mk
===================================================================
--- openldap/trunk/build/rules.mk	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/rules.mk	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,7 +1,7 @@
-# $OpenLDAP: pkg/ldap/build/rules.mk,v 1.15.2.2 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/build/rules.mk,v 1.15.2.3 2008/02/11 23:26:38 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/srv.mk
===================================================================
--- openldap/trunk/build/srv.mk	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/srv.mk	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,7 +1,7 @@
-# $OpenLDAP: pkg/ldap/build/srv.mk,v 1.18.2.2 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/build/srv.mk,v 1.18.2.3 2008/02/11 23:26:38 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/top.mk
===================================================================
--- openldap/trunk/build/top.mk	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/top.mk	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,7 +1,7 @@
-# $OpenLDAP: pkg/ldap/build/top.mk,v 1.103.2.4 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/build/top.mk,v 1.103.2.5 2008/02/11 23:26:38 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/version.h
===================================================================
--- openldap/trunk/build/version.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/version.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,6 +1,6 @@
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -13,6 +13,6 @@
  */
 
 static const char copyright[] =
-"Copyright 1998-2007 The OpenLDAP Foundation.  All rights reserved.\n"
+"Copyright 1998-2008 The OpenLDAP Foundation.  All rights reserved.\n"
 "COPYING RESTRICTIONS APPLY.\n";
 

Modified: openldap/trunk/build/version.sh
===================================================================
--- openldap/trunk/build/version.sh	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/version.sh	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 #! /bin/sh
-# $OpenLDAP: pkg/ldap/build/version.sh,v 1.16.2.2 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/build/version.sh,v 1.16.2.3 2008/02/11 23:26:38 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/build/version.var
===================================================================
--- openldap/trunk/build/version.var	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/build/version.var	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 #! /bin/sh
-# $OpenLDAP: pkg/ldap/build/version.var,v 1.9.2.19 2007/12/13 20:56:24 kurt Exp $
+# $OpenLDAP: pkg/ldap/build/version.var,v 1.9.2.26 2008/05/07 19:26:02 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
@@ -15,9 +15,9 @@
 ol_package=OpenLDAP
 ol_major=2
 ol_minor=4
-ol_patch=7
-ol_api_inc=20407
+ol_patch=9
+ol_api_inc=20409
 ol_api_current=2
-ol_api_revision=3
+ol_api_revision=5
 ol_api_age=0
-ol_release_date="2007/12/14"
+ol_release_date="2008/05/07"

Modified: openldap/trunk/clients/Makefile.in
===================================================================
--- openldap/trunk/clients/Makefile.in	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/clients/Makefile.in	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 # Clients Makefile.in for OpenLDAP
-# $OpenLDAP: pkg/ldap/clients/Makefile.in,v 1.17.2.2 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/clients/Makefile.in,v 1.17.2.3 2008/02/11 23:26:38 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/clients/tools/Makefile.in
===================================================================
--- openldap/trunk/clients/tools/Makefile.in	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/clients/tools/Makefile.in	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 # Makefile for LDAP tools
-# $OpenLDAP: pkg/ldap/clients/tools/Makefile.in,v 1.45.2.2 2007/08/31 23:13:50 quanah Exp $
+# $OpenLDAP: pkg/ldap/clients/tools/Makefile.in,v 1.45.2.3 2008/02/11 23:26:38 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/clients/tools/common.c
===================================================================
--- openldap/trunk/clients/tools/common.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/clients/tools/common.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 /* common.c - common routines for the ldap client tools */
-/* $OpenLDAP: pkg/ldap/clients/tools/common.c,v 1.78.2.4 2007/08/31 23:13:50 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/clients/tools/common.c,v 1.78.2.7 2008/02/11 23:26:38 kurt Exp $ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * Portions Copyright 2003 Kurt D. Zeilenga.
  * Portions Copyright 2003 IBM Corporation.
  * All rights reserved.
@@ -149,8 +149,8 @@
 };
 
 /* "features" */
-static int	gotintr;
-static int	abcan;
+enum { Intr_None = 0, Intr_Abandon, Intr_Cancel, Intr_Ignore }; 
+static volatile sig_atomic_t	gotintr, abcan;
 
 
 #ifdef LDAP_CONTROL_X_SESSION_TRACKING
@@ -223,6 +223,17 @@
 #ifdef HAVE_TLS
 	ldap_pvt_tls_destroy();
 #endif
+
+	if ( ldapuri != NULL ) {
+		ber_memfree( ldapuri );
+		ldapuri = NULL;
+	}
+
+	if ( pr_cookie.bv_val != NULL ) {
+		ber_memfree( pr_cookie.bv_val );
+		pr_cookie.bv_val = NULL;
+		pr_cookie.bv_len = 0;
+	}
 }
 
 void
@@ -558,19 +569,19 @@
 
 			/* this shouldn't go here, really; but it's a feature... */
 			} else if ( strcasecmp( control, "abandon" ) == 0 ) {
-				abcan = LDAP_REQ_ABANDON;
+				abcan = Intr_Abandon;
 				if ( crit ) {
 					gotintr = abcan;
 				}
 
 			} else if ( strcasecmp( control, "cancel" ) == 0 ) {
-				abcan = LDAP_REQ_EXTENDED;
+				abcan = Intr_Cancel;
 				if ( crit ) {
 					gotintr = abcan;
 				}
 
 			} else if ( strcasecmp( control, "ignore" ) == 0 ) {
-				abcan = -1;
+				abcan = Intr_Ignore;
 				if ( crit ) {
 					gotintr = abcan;
 				}
@@ -746,7 +757,7 @@
 		case 'P':
 			ival = strtol( optarg, &next, 10 );
 			if ( next == NULL || next[0] != '\0' ) {
-				fprintf( stderr, "%s: unabel to parse protocol version \"%s\"\n", prog, optarg );
+				fprintf( stderr, "%s: unable to parse protocol version \"%s\"\n", prog, optarg );
 				exit( EXIT_FAILURE );
 			}
 			switch( ival ) {
@@ -1720,19 +1731,19 @@
 	int	rc;
 
 	switch ( gotintr ) {
-	case LDAP_REQ_EXTENDED:
+	case Intr_Cancel:
 		rc = ldap_cancel_s( ld, msgid, NULL, NULL );
 		fprintf( stderr, "got interrupt, cancel got %d: %s\n",
 				rc, ldap_err2string( rc ) );
 		return -1;
 
-	case LDAP_REQ_ABANDON:
+	case Intr_Abandon:
 		rc = ldap_abandon_ext( ld, msgid, NULL, NULL );
 		fprintf( stderr, "got interrupt, abandon got %d: %s\n",
 				rc, ldap_err2string( rc ) );
 		return -1;
 
-	case -1:
+	case Intr_Ignore:
 		/* just unbind, ignoring the request */
 		return -1;
 	}

Modified: openldap/trunk/clients/tools/common.h
===================================================================
--- openldap/trunk/clients/tools/common.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/clients/tools/common.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 /* common.h - common definitions for the ldap client tools */
-/* $OpenLDAP: pkg/ldap/clients/tools/common.h,v 1.24.2.2 2007/08/31 23:13:50 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/clients/tools/common.h,v 1.24.2.3 2008/02/11 23:26:38 kurt Exp $ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/clients/tools/ldapcompare.c
===================================================================
--- openldap/trunk/clients/tools/ldapcompare.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/clients/tools/ldapcompare.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 /* ldapcompare.c -- LDAP compare tool */
-/* $OpenLDAP: pkg/ldap/clients/tools/ldapcompare.c,v 1.43.2.3 2007/08/31 23:13:50 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/clients/tools/ldapcompare.c,v 1.43.2.4 2008/02/11 23:26:38 kurt Exp $ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * Portions Copyright 1998-2003 Kurt D. Zeilenga.
  * Portions Copyright 1998-2001 Net Boolean Incorporated.
  * All rights reserved.

Modified: openldap/trunk/clients/tools/ldapdelete.c
===================================================================
--- openldap/trunk/clients/tools/ldapdelete.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/clients/tools/ldapdelete.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 /* ldapdelete.c - simple program to delete an entry using LDAP */
-/* $OpenLDAP: pkg/ldap/clients/tools/ldapdelete.c,v 1.118.2.4 2007/08/31 23:13:50 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/clients/tools/ldapdelete.c,v 1.118.2.7 2008/02/12 00:32:01 quanah Exp $ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * Portions Copyright 1998-2003 Kurt D. Zeilenga.
  * All rights reserved.
  *
@@ -51,6 +51,7 @@
 
 
 static int	prune = 0;
+static int sizelimit = -1;
 
 
 static int dodelete LDAP_P((
@@ -59,7 +60,8 @@
 
 static int deletechildren LDAP_P((
 	LDAP *ld,
-	const char *dn ));
+	const char *dn,
+	int subentries ));
 
 void
 usage( void )
@@ -76,11 +78,13 @@
 
 
 const char options[] = "r"
-	"cd:D:e:f:h:H:IMnO:o:p:P:QR:U:vVw:WxX:y:Y:Z";
+	"cd:D:e:f:h:H:IMnO:o:p:P:QR:U:vVw:WxX:y:Y:z:Z";
 
 int
 handle_private_option( int i )
 {
+	int ival;
+	char *next;
 	switch ( i ) {
 #if 0
 		int crit;
@@ -115,6 +119,29 @@
 		prune = 1;
 		break;
 
+	case 'z':	/* size limit */
+		if ( strcasecmp( optarg, "none" ) == 0 ) {
+			sizelimit = 0;
+
+		} else if ( strcasecmp( optarg, "max" ) == 0 ) {
+			sizelimit = LDAP_MAXINT;
+
+		} else {
+			ival = strtol( optarg, &next, 10 );
+			if ( next == NULL || next[0] != '\0' ) {
+				fprintf( stderr,
+					_("Unable to parse size limit \"%s\"\n"), optarg );
+				exit( EXIT_FAILURE );
+			}
+			sizelimit = ival;
+		}
+		if( sizelimit < 0 || sizelimit > LDAP_MAXINT ) {
+			fprintf( stderr, _("%s: invalid sizelimit (%d) specified\n"),
+				prog, sizelimit );
+			exit( EXIT_FAILURE );
+		}
+		break;
+
 	default:
 		return 0;
 	}
@@ -212,6 +239,7 @@
 	char *matcheddn = NULL, *text = NULL, **refs = NULL;
 	LDAPControl **ctrls = NULL;
 	LDAPMessage *res;
+	int subentries = 0;
 
 	if ( verbose ) {
 		printf( _("%sdeleting entry \"%s\"\n"),
@@ -225,7 +253,10 @@
 	/* If prune is on, remove a whole subtree.  Delete the children of the
 	 * DN recursively, then the DN requested.
 	 */
-	if ( prune ) deletechildren( ld, dn );
+	if ( prune ) {
+retry:;
+		deletechildren( ld, dn, subentries );
+	}
 
 	rc = ldap_delete_ext( ld, dn, NULL, NULL, &id );
 	if ( rc != LDAP_SUCCESS ) {
@@ -257,7 +288,18 @@
 
 	rc = ldap_parse_result( ld, res, &code, &matcheddn, &text, &refs, &ctrls, 1 );
 
-	if( rc != LDAP_SUCCESS ) {
+	switch ( rc ) {
+	case LDAP_SUCCESS:
+		break;
+
+	case LDAP_NOT_ALLOWED_ON_NONLEAF:
+		if ( prune && !subentries ) {
+			subentries = 1;
+			goto retry;
+		}
+		/* fallthru */
+
+	default:
 		fprintf( stderr, "%s: ldap_parse_result: %s (%d)\n",
 			prog, ldap_err2string( rc ), rc );
 		return rc;
@@ -290,7 +332,7 @@
 	if (ctrls) {
 		tool_print_ctrls( ld, ctrls );
 		ldap_controls_free( ctrls );
-    }
+	}
 
 	ber_memfree( text );
 	ber_memfree( matcheddn );
@@ -304,27 +346,55 @@
  */
 static int deletechildren(
 	LDAP *ld,
-	const char *dn )
+	const char *base,
+	int subentries )
 {
 	LDAPMessage *res, *e;
 	int entries;
-	int rc;
+	int rc = LDAP_SUCCESS, srch_rc;
 	static char *attrs[] = { LDAP_NO_ATTRS, NULL };
-	LDAPControl c, *ctrls[2];
+	LDAPControl c, *ctrls[2], **ctrlsp = NULL;
 	BerElement *ber = NULL;
-	LDAPMessage *res_se;
 
-	if ( verbose ) printf ( _("deleting children of: %s\n"), dn );
+	if ( verbose ) printf ( _("deleting children of: %s\n"), base );
 
+	if ( subentries ) {
+		/*
+		 * Do a one level search at base for subentry children.
+		 */
+
+		if ((ber = ber_alloc_t(LBER_USE_DER)) == NULL) {
+			return EXIT_FAILURE;
+		}
+		rc = ber_printf( ber, "b", 1 );
+		if ( rc == -1 ) {
+			ber_free( ber, 1 );
+			fprintf( stderr, _("Subentries control encoding error!\n"));
+			return EXIT_FAILURE;
+		}
+		if ( ber_flatten2( ber, &c.ldctl_value, 0 ) == -1 ) {
+			return EXIT_FAILURE;
+		}
+		c.ldctl_oid = LDAP_CONTROL_SUBENTRIES;
+		c.ldctl_iscritical = 1;
+		ctrls[0] = &c;
+		ctrls[1] = NULL;
+		ctrlsp = ctrls;
+	}
+
 	/*
-	 * Do a one level search at dn for children.  For each, delete its children.
+	 * Do a one level search at base for children.  For each, delete its children.
 	 */
-
-	rc = ldap_search_ext_s( ld, dn, LDAP_SCOPE_ONELEVEL, NULL, attrs, 1,
-		NULL, NULL, NULL, -1, &res );
-	if ( rc != LDAP_SUCCESS ) {
-		tool_perror( "ldap_search", rc, NULL, NULL, NULL, NULL );
-		return( rc );
+more:;
+	srch_rc = ldap_search_ext_s( ld, base, LDAP_SCOPE_ONELEVEL, NULL, attrs, 1,
+		ctrlsp, NULL, NULL, sizelimit, &res );
+	switch ( srch_rc ) {
+	case LDAP_SUCCESS:
+	case LDAP_SIZELIMIT_EXCEEDED:
+		break;
+	default:
+		tool_perror( "ldap_search", srch_rc, NULL, NULL, NULL, NULL );
+		return( srch_rc );
 	}
 
 	entries = ldap_count_entries( ld, res );
@@ -344,8 +414,8 @@
 				return rc;
 			}
 
-			rc = deletechildren( ld, dn );
-			if ( rc == -1 ) {
+			rc = deletechildren( ld, dn, 0 );
+			if ( rc != LDAP_SUCCESS ) {
 				tool_perror( "ldap_prune", rc, NULL, NULL, NULL, NULL );
 				ber_memfree( dn );
 				return rc;
@@ -356,7 +426,7 @@
 			}
 
 			rc = ldap_delete_ext_s( ld, dn, NULL, NULL );
-			if ( rc == -1 ) {
+			if ( rc != LDAP_SUCCESS ) {
 				tool_perror( "ldap_delete", rc, NULL, NULL, NULL, NULL );
 				ber_memfree( dn );
 				return rc;
@@ -373,72 +443,9 @@
 
 	ldap_msgfree( res );
 
-	/*
-	 * Do a one level search at dn for subentry children.
-	 */
-
-	if ((ber = ber_alloc_t(LBER_USE_DER)) == NULL) {
-		return EXIT_FAILURE;
+	if ( srch_rc == LDAP_SIZELIMIT_EXCEEDED ) {
+		goto more;
 	}
-	rc = ber_printf( ber, "b", 1 );
-	if ( rc == -1 ) {
-		ber_free( ber, 1 );
-		fprintf( stderr, _("Subentries control encoding error!\n"));
-		return EXIT_FAILURE;
-	}
-	if ( ber_flatten2( ber, &c.ldctl_value, 0 ) == -1 ) {
-		return EXIT_FAILURE;
-	}
-	c.ldctl_oid = LDAP_CONTROL_SUBENTRIES;
-	c.ldctl_iscritical = 1;
-	ctrls[0] = &c;
-	ctrls[1] = NULL;
 
-	rc = ldap_search_ext_s( ld, dn, LDAP_SCOPE_ONELEVEL, NULL, attrs, 1,
-		ctrls, NULL, NULL, -1, &res_se );
-	if ( rc != LDAP_SUCCESS ) {
-		tool_perror( "ldap_search", rc, NULL, NULL, NULL, NULL );
-		return( rc );
-	}
-	ber_free( ber, 1 );
-
-	entries = ldap_count_entries( ld, res_se );
-
-	if ( entries > 0 ) {
-		int i;
-
-		for (e = ldap_first_entry( ld, res_se ), i = 0; e != NULL;
-			e = ldap_next_entry( ld, e ), i++ )
-		{
-			char *dn = ldap_get_dn( ld, e );
-
-			if( dn == NULL ) {
-				ldap_get_option( ld, LDAP_OPT_RESULT_CODE, &rc );
-				tool_perror( "ldap_prune", rc, NULL, NULL, NULL, NULL );
-				ber_memfree( dn );
-				return rc;
-			}
-
-			if ( verbose ) {
-				printf( _("\tremoving %s\n"), dn );
-			}
-
-			rc = ldap_delete_ext_s( ld, dn, NULL, NULL );
-			if ( rc == -1 ) {
-				tool_perror( "ldap_delete", rc, NULL, NULL, NULL, NULL );
-				ber_memfree( dn );
-				return rc;
-
-			}
-			
-			if ( verbose ) {
-				printf( _("\t%s removed\n"), dn );
-			}
-
-			ber_memfree( dn );
-		}
-	}
-
-	ldap_msgfree( res_se );
 	return rc;
 }

Modified: openldap/trunk/clients/tools/ldapexop.c
===================================================================
--- openldap/trunk/clients/tools/ldapexop.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/clients/tools/ldapexop.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 /* ldapexop.c -- a tool for performing well-known extended operations */
-/* $OpenLDAP: pkg/ldap/clients/tools/ldapexop.c,v 1.9.2.2 2007/08/31 23:13:50 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/clients/tools/ldapexop.c,v 1.9.2.3 2008/02/11 23:26:38 kurt Exp $ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2005-2007 The OpenLDAP Foundation.
+ * Copyright 2005-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/clients/tools/ldapmodify.c
===================================================================
--- openldap/trunk/clients/tools/ldapmodify.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/clients/tools/ldapmodify.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 /* ldapmodify.c - generic program to modify or add entries using LDAP */
-/* $OpenLDAP: pkg/ldap/clients/tools/ldapmodify.c,v 1.186.2.3 2007/08/31 23:13:50 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/clients/tools/ldapmodify.c,v 1.186.2.7 2008/02/11 23:26:38 kurt Exp $ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * Portions Copyright 2006 Howard Chu.
  * Portions Copyright 1998-2003 Kurt D. Zeilenga.
  * Portions Copyright 1998-2001 Net Boolean Incorporated.
@@ -70,15 +70,14 @@
 
 #include "common.h"
 
-static int	ldapadd, force = 0;
+static int	ldapadd;
 static char *rejfile = NULL;
 static LDAP	*ld = NULL;
 
 #define	M_SEP	0x7f
 
-/* strings found in replog/LDIF entries (mostly lifted from slurpd/slurp.h) */
+/* strings found in LDIF entries */
 static struct berval BV_VERSION = BER_BVC("version");
-static struct berval BV_REPLICA = BER_BVC("replica");
 static struct berval BV_DN = BER_BVC("dn");
 static struct berval BV_CONTROL = BER_BVC("control");
 static struct berval BV_CHANGETYPE = BER_BVC("changetype");
@@ -144,7 +143,6 @@
  	fprintf( stderr,
 		_("             [!]txn=<commit|abort>         (transaction)\n"));
 #endif
-	fprintf( stderr, _("  -F         force all changes records to be used\n"));
 	fprintf( stderr, _("  -S file    write skipped modifications to `file'\n"));
 
 	tool_common_usage();
@@ -152,7 +150,7 @@
 }
 
 
-const char options[] = "aE:FrS:"
+const char options[] = "aE:rS:"
 	"cd:D:e:f:h:H:IMnO:o:p:P:QR:U:vVw:WxX:y:Y:Z";
 
 int
@@ -217,10 +215,6 @@
 		ldapadd = 1;
 		break;
 
-	case 'F':	/* force all changes records to be used */
-		force = 1;
-		break;
-
 	case 'r':	/* replace (obsolete) */
 		break;
 
@@ -408,10 +402,10 @@
 process_ldif_rec( char *rbuf, int linenum )
 {
 	char	*line, *dn, *newrdn, *newsup;
-	int		rc, modop, replicaport;
+	int		rc, modop;
 	int		expect_modop, expect_sep;
 	int		deleteoldrdn;
-	int		saw_replica, use_record, new_entry, delete_entry, got_all;
+	int		new_entry, delete_entry, got_all;
 	LDAPMod	**pmods, *lm = NULL;
 	int version;
 	LDAPControl **pctrls;
@@ -422,11 +416,10 @@
 
 	new_entry = ldapadd;
 
-	rc = got_all = saw_replica = delete_entry = modop = expect_modop = 0;
+	rc = got_all = delete_entry = modop = expect_modop = 0;
 	expect_sep = 0;
 	version = 0;
 	deleteoldrdn = 1;
-	use_record = force;
 	pmods = NULL;
 	pctrls = NULL;
 	dn = newrdn = newsup = NULL;
@@ -464,27 +457,7 @@
 		freeval[i] = freev;
 
 		if ( dn == NULL ) {
-			if ( !use_record && !BVICMP( btype+i, &BV_REPLICA )) {
-				char *p;
-				++saw_replica;
-				if (( p = strchr( vals[i].bv_val, ':' )) == NULL ) {
-					replicaport = 0;
-				} else {
-					*p++ = '\0';
-					if ( lutil_atoi( &replicaport, p ) != 0 ) {
-						fprintf( stderr, _("%s: unable to parse replica port \"%s\" (line %d) entry: \"%s\"\n"),
-							prog, p, linenum+i, dn == NULL ? "" : dn );
-						rc = LDAP_PARAM_ERROR;
-						break;
-					}
-				}
-				if ( ldaphost != NULL &&
-					strcasecmp( vals[i].bv_val, ldaphost ) == 0 &&
-					replicaport == ldapport )
-				{
-					use_record = 1;
-				}
-			} else if ( linenum+i == 1 && !BVICMP( btype+i, &BV_VERSION )) {
+			if ( linenum+i == 1 && !BVICMP( btype+i, &BV_VERSION )) {
 				int	v;
 				if( vals[i].bv_len == 0 || lutil_atoi( &v, vals[i].bv_val) != 0 || v != 1 ) {
 					fprintf( stderr,
@@ -496,13 +469,6 @@
 			} else if ( !BVICMP( btype+i, &BV_DN )) {
 				dn = vals[i].bv_val;
 				idn = i;
-				if ( !use_record && saw_replica ) {
-					printf(_("%s: skipping change record for entry: %s at line %d\n"),
-						prog, dn, linenum+i);
-					printf(_("\t(LDAP host/port does not match replica: lines)\n"));
-					rc = 0;
-					goto leave;
-				}
 			}
 			/* skip all lines until we see "dn:" */
 		}
@@ -1136,13 +1102,14 @@
 			tool_perror( newentry ? "ldap_add" : "ldap_modify",
 				rc, NULL, NULL, NULL, NULL );
 			goto done;
-		} else if ( verbose ) {
-			printf( _("modify complete\n") );
 		}
-
 		rc = process_response( ld, msgid,
 			newentry ? LDAP_RES_ADD : LDAP_RES_MODIFY, dn );
 
+		if ( verbose && rc == LDAP_SUCCESS ) {
+			printf( _("modify complete\n") );
+		}
+
 	} else {
 		rc = LDAP_SUCCESS;
 	}
@@ -1168,12 +1135,12 @@
 			fprintf( stderr, _("%s: delete failed: %s\n"), prog, dn );
 			tool_perror( "ldap_delete", rc, NULL, NULL, NULL, NULL );
 			goto done;
-		} else if ( verbose ) {
-			printf( _("delete complete") );
 		}
-
 		rc = process_response( ld, msgid, LDAP_RES_DELETE, dn );
 
+		if ( verbose && rc == LDAP_SUCCESS ) {
+			printf( _("delete complete\n") );
+		}
 	} else {
 		rc = LDAP_SUCCESS;
 	}
@@ -1207,12 +1174,12 @@
 			fprintf( stderr, _("%s: rename failed: %s\n"), prog, dn );
 			tool_perror( "ldap_rename", rc, NULL, NULL, NULL, NULL );
 			goto done;
-		} else {
-			printf( _("rename completed\n") );
 		}
-
 		rc = process_response( ld, msgid, LDAP_RES_RENAME, dn );
 
+		if ( verbose && rc == LDAP_SUCCESS ) {
+			printf( _("rename complete\n") );
+		}
 	} else {
 		rc = LDAP_SUCCESS;
 	}

Modified: openldap/trunk/clients/tools/ldapmodrdn.c
===================================================================
--- openldap/trunk/clients/tools/ldapmodrdn.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/clients/tools/ldapmodrdn.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 /* ldapmodrdn.c - generic program to modify an entry's RDN using LDAP */
-/* $OpenLDAP: pkg/ldap/clients/tools/ldapmodrdn.c,v 1.116.2.3 2007/08/31 23:13:51 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/clients/tools/ldapmodrdn.c,v 1.116.2.4 2008/02/11 23:26:38 kurt Exp $ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * Portions Copyright 1998-2003 Kurt D. Zeilenga.
  * Portions Copyright 1998-2001 Net Boolean Incorporated.
  * Portions Copyright 2001-2003 IBM Corporation.

Modified: openldap/trunk/clients/tools/ldappasswd.c
===================================================================
--- openldap/trunk/clients/tools/ldappasswd.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/clients/tools/ldappasswd.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 /* ldappasswd -- a tool for change LDAP passwords */
-/* $OpenLDAP: pkg/ldap/clients/tools/ldappasswd.c,v 1.136.2.3 2007/08/31 23:13:51 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/clients/tools/ldappasswd.c,v 1.136.2.4 2008/02/11 23:26:38 kurt Exp $ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * Portions Copyright 1998-2003 Kurt D. Zeilenga.
  * Portions Copyright 1998-2001 Net Boolean Incorporated.
  * Portions Copyright 2001-2003 IBM Corporation.

Modified: openldap/trunk/clients/tools/ldapsearch.c
===================================================================
--- openldap/trunk/clients/tools/ldapsearch.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/clients/tools/ldapsearch.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 /* ldapsearch -- a tool for searching LDAP directories */
-/* $OpenLDAP: pkg/ldap/clients/tools/ldapsearch.c,v 1.234.2.5 2007/08/31 23:13:51 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/clients/tools/ldapsearch.c,v 1.234.2.9 2008/02/12 19:59:52 quanah Exp $ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * Portions Copyright 1998-2003 Kurt D. Zeilenga.
  * Portions Copyright 1998-2001 Net Boolean Incorporated.
  * Portions Copyright 2001-2003 IBM Corporation.
@@ -95,6 +95,8 @@
 static int timelimit = -1;
 static int sizelimit = -1;
 
+static char *control;
+
 static char *def_tmpdir;
 static char *def_urlpre;
 
@@ -255,7 +257,7 @@
 handle_private_option( int i )
 {
 	int crit, ival;
-	char *control, *cvalue, *next;
+	char *cvalue, *next;
 	switch ( i ) {
 	case 'a':	/* set alias deref option */
 		if ( strcasecmp( optarg, "never" ) == 0 ) {
@@ -623,7 +625,7 @@
 {
 	char		*filtpattern, **attrs = NULL, line[BUFSIZ];
 	FILE		*fp = NULL;
-	int		rc, i, first;
+	int			rc, rc1, i, first;
 	LDAP		*ld = NULL;
 	BerElement	*seber = NULL, *vrber = NULL;
 
@@ -979,6 +981,7 @@
 			attrs, attrsonly, NULL, NULL, NULL, -1 );
 
 	} else {
+		rc = 0;
 		first = 1;
 		while ( fgets( line, sizeof( line ), fp ) != NULL ) { 
 			line[ strlen( line ) - 1 ] = '\0';
@@ -987,11 +990,13 @@
 			} else {
 				first = 0;
 			}
-			rc = dosearch( ld, base, scope, filtpattern, line,
+			rc1 = dosearch( ld, base, scope, filtpattern, line,
 				attrs, attrsonly, NULL, NULL, NULL, -1 );
 
-			if ( rc != 0 && !contoper ) {
-				break;
+			if ( rc1 != 0 ) {
+				rc = rc1;
+				if ( !contoper )
+					break;
 			}
 		}
 		if ( fp != stdin ) {
@@ -1040,6 +1045,12 @@
 
 	tool_unbind( ld );
 	tool_destroy();
+	if ( base != NULL ) {
+		ber_memfree( base );
+	}
+	if ( control != NULL ) {
+		ber_memfree( control );
+	}
 
 	if ( c ) {
 		for ( ; save_nctrls-- > 0; ) {

Modified: openldap/trunk/clients/tools/ldapwhoami.c
===================================================================
--- openldap/trunk/clients/tools/ldapwhoami.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/clients/tools/ldapwhoami.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 /* ldapwhoami.c -- a tool for asking the directory "Who Am I?" */
-/* $OpenLDAP: pkg/ldap/clients/tools/ldapwhoami.c,v 1.42.2.2 2007/08/31 23:13:51 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/clients/tools/ldapwhoami.c,v 1.42.2.3 2008/02/11 23:26:38 kurt Exp $ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * Portions Copyright 1998-2003 Kurt D. Zeilenga.
  * Portions Copyright 1998-2001 Net Boolean Incorporated.
  * Portions Copyright 2001-2003 IBM Corporation.

Modified: openldap/trunk/configure
===================================================================
--- openldap/trunk/configure	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/configure	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,9 +1,9 @@
 #! /bin/sh
-# From configure.in OpenLDAP: pkg/ldap/configure.in,v 1.631.2.7 2007/10/16 23:43:09 quanah Exp .
+# From configure.in OpenLDAP: pkg/ldap/configure.in,v 1.631.2.9 2008/02/11 23:26:37 kurt Exp .
 # Guess values for system-dependent variables and create Makefiles.
 # Generated by GNU Autoconf 2.59.
 #
-# Copyright 1998-2007 The OpenLDAP Foundation. All rights reserved.
+# Copyright 1998-2008 The OpenLDAP Foundation. All rights reserved.
 # Restrictions apply, see COPYRIGHT and LICENSE files.
 #
 # Copyright (C) 2003 Free Software Foundation, Inc.
@@ -465,7 +465,7 @@
 # include <unistd.h>
 #endif"
 
-ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS build build_cpu build_vendor build_os host host_cpu host_vendor host_os target target_cpu target_vendor target_os INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar OPENLDAP_LIBRELEASE OPENLDAP_LIBVERSION OPENLDAP_RELEASE_DATE top_builddir ldap_subdir CC AR CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE EGREP LN_S ECHO ac_ct_AR RANLIB ac_ct_RANLIB DLLTOOL ac_ct_DLLTOOL AS ac_ct_AS OBJDUMP ac_ct_OBJDUMP CPP LIBTOOL PERLBIN OL_MKDEP OL_MKDEP_FLAGS LTSTATIC LIBOBJS LIBSRCS PLAT WITH_SASL WITH_TLS WITH_MODULES_ENABLED WITH_ACI_ENABLED BUILD_THREAD BUILD_LIBS_DYNAMIC BUILD_SLAPD BUILD_SLAPI SLAPD_SLAPI_DEPEND BUILD_BDB BUILD_DNSSRV BUILD_HDB BUILD_LDAP BUILD_META BUILD_MONITOR BUILD_NULL BUILD_PASSWD BUILD_RELAY BUILD_PERL BUILD_SHELL BUILD_SQL BUILD_ACCESSLOG BUILD_AUDITLOG BUILD_CONSTRAINT BUILD_DDS BUILD_DENYOP BUILD_DYNGROUP BUILD_DYNLIST BUILD_LASTMOD BUILD_MEMBEROF BUILD_PPOLICY BUILD_PROXYCACHE BUILD_REFINT BUILD_RETCODE BUILD_RWM BUILD_SEQMOD BUILD_SYNCPROV BUILD_TRANSLUCENT BUILD_UNIQUE BUILD_VALSORT LDAP_LIBS SLAPD_LIBS BDB_LIBS LTHREAD_LIBS LUTIL_LIBS WRAP_LIBS SLAPD_MODULES_CPPFLAGS SLAPD_MODULES_LDFLAGS SLAPD_NO_STATIC SLAPD_STATIC_BACKENDS SLAPD_DYNAMIC_BACKENDS SLAPD_STATIC_OVERLAYS SLAPD_DYNAMIC_OVERLAYS PERL_CPPFLAGS SLAPD_PERL_LDFLAGS MOD_PERL_LDFLAGS KRB4_LIBS KRB5_LIBS SASL_LIBS TLS_LIBS MODULES_LIBS SLAPI_LIBS LIBSLAPI LIBSLAPITOOLS AUTH_LIBS ICU_LIBS SLAPD_SLP_LIBS SLAPD_GMP_LIBS SLAPD_SQL_LDFLAGS SLAPD_SQL_LIBS SLAPD_SQL_INCLUDES LTLIBOBJS'
+ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS build build_cpu build_vendor build_os host host_cpu host_vendor host_os target target_cpu target_vendor target_os INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar OPENLDAP_LIBRELEASE OPENLDAP_LIBVERSION OPENLDAP_RELEASE_DATE top_builddir ldap_subdir CC AR CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE EGREP LN_S ECHO ac_ct_AR RANLIB ac_ct_RANLIB DLLTOOL ac_ct_DLLTOOL AS ac_ct_AS OBJDUMP ac_ct_OBJDUMP CPP LIBTOOL PERLBIN OL_MKDEP OL_MKDEP_FLAGS LTSTATIC LIBOBJS LIBSRCS PLAT WITH_SASL WITH_TLS WITH_MODULES_ENABLED WITH_ACI_ENABLED BUILD_THREAD BUILD_LIBS_DYNAMIC BUILD_SLAPD BUILD_SLAPI SLAPD_SLAPI_DEPEND BUILD_BDB BUILD_DNSSRV BUILD_HDB BUILD_LDAP BUILD_META BUILD_MONITOR BUILD_NULL BUILD_PASSWD BUILD_RELAY BUILD_PERL BUILD_SHELL BUILD_SOCK BUILD_SQL BUILD_ACCESSLOG BUILD_AUDITLOG BUILD_CONSTRAINT BUILD_DDS BUILD_DENYOP BUILD_DYNGROUP BUILD_DYNLIST BUILD_LASTMOD BUILD_MEMBEROF BUILD_PPOLICY BUILD_PROXYCACHE BUILD_REFINT BUILD_RETCODE BUILD_RWM BUILD_SEQMOD BUILD_SYNCPROV BUILD_TRANSLUCENT BUILD_UNIQUE BUILD_VALSORT LDAP_LIBS SLAPD_LIBS BDB_LIBS LTHREAD_LIBS LUTIL_LIBS WRAP_LIBS SLAPD_MODULES_CPPFLAGS SLAPD_MODULES_LDFLAGS SLAPD_NO_STATIC SLAPD_STATIC_BACKENDS SLAPD_DYNAMIC_BACKENDS SLAPD_STATIC_OVERLAYS SLAPD_DYNAMIC_OVERLAYS PERL_CPPFLAGS SLAPD_PERL_LDFLAGS MOD_PERL_LDFLAGS KRB4_LIBS KRB5_LIBS SASL_LIBS TLS_LIBS MODULES_LIBS SLAPI_LIBS LIBSLAPI LIBSLAPITOOLS AUTH_LIBS ICU_LIBS SLAPD_SLP_LIBS SLAPD_GMP_LIBS SLAPD_SQL_LDFLAGS SLAPD_SQL_LIBS SLAPD_SQL_INCLUDES LTLIBOBJS'
 ac_subst_files=''
 
 # Initialize some variables set by options.
@@ -1041,6 +1041,7 @@
     --enable-perl	  enable perl backend no|yes|mod [no]
     --enable-relay  	  enable relay backend no|yes|mod [yes]
     --enable-shell	  enable shell backend no|yes|mod [no]
+    --enable-sock	  enable sock backend no|yes|mod [no]
     --enable-sql	  enable sql backend no|yes|mod [no]
 
 SLAPD Overlay Options:
@@ -1205,7 +1206,7 @@
 This configure script is free software; the Free Software Foundation
 gives unlimited permission to copy, distribute and modify it.
 
-Copyright 1998-2007 The OpenLDAP Foundation. All rights reserved.
+Copyright 1998-2008 The OpenLDAP Foundation. All rights reserved.
 Restrictions apply, see COPYRIGHT and LICENSE files.
 _ACEOF
   exit 0
@@ -2788,6 +2789,7 @@
 	perl \
 	relay \
 	shell \
+	sock \
 	sql"
 
 # Check whether --enable-xxslapbackends or --disable-xxslapbackends was given.
@@ -3070,6 +3072,29 @@
   	ol_enable_shell=${ol_enable_backends:-no}
 fi;
 # end --enable-shell
+# OpenLDAP --enable-sock
+
+	# Check whether --enable-sock or --disable-sock was given.
+if test "${enable_sock+set}" = set; then
+  enableval="$enable_sock"
+
+	ol_arg=invalid
+	for ol_val in no yes mod ; do
+		if test "$enableval" = "$ol_val" ; then
+			ol_arg="$ol_val"
+		fi
+	done
+	if test "$ol_arg" = "invalid" ; then
+		{ { echo "$as_me:$LINENO: error: bad value $enableval for --enable-sock" >&5
+echo "$as_me: error: bad value $enableval for --enable-sock" >&2;}
+   { (exit 1); exit 1; }; }
+	fi
+	ol_enable_sock="$ol_arg"
+
+else
+  	ol_enable_sock=${ol_enable_backends:-no}
+fi;
+# end --enable-sock
 # OpenLDAP --enable-sql
 
 	# Check whether --enable-sql or --disable-sql was given.
@@ -3683,6 +3708,7 @@
 	test $ol_enable_perl = no &&
 	test $ol_enable_relay = no &&
 	test $ol_enable_shell = no &&
+	test $ol_enable_sock = no &&
 	test $ol_enable_sql = no ; then
 
 	if test $ol_enable_slapd = yes ; then
@@ -3747,6 +3773,7 @@
 BUILD_PERL=no
 BUILD_RELAY=no
 BUILD_SHELL=no
+BUILD_SOCK=no
 BUILD_SQL=no
 
 BUILD_ACCESSLOG=no
@@ -5594,7 +5621,7 @@
   ;;
 *-*-irix6*)
   # Find out which ABI we are using.
-  echo '#line 5597 "configure"' > conftest.$ac_ext
+  echo '#line 5624 "configure"' > conftest.$ac_ext
   if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
   (eval $ac_compile) 2>&5
   ac_status=$?
@@ -7574,11 +7601,11 @@
    -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
    -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
    -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:7577: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:7604: $lt_compile\"" >&5)
    (eval "$lt_compile" 2>conftest.err)
    ac_status=$?
    cat conftest.err >&5
-   echo "$as_me:7581: \$? = $ac_status" >&5
+   echo "$as_me:7608: \$? = $ac_status" >&5
    if (exit $ac_status) && test -s "$ac_outfile"; then
      # The compiler can only warn and ignore the option if not recognized
      # So say no if there are warnings other than the usual output.
@@ -7836,11 +7863,11 @@
    -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
    -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
    -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:7839: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:7866: $lt_compile\"" >&5)
    (eval "$lt_compile" 2>conftest.err)
    ac_status=$?
    cat conftest.err >&5
-   echo "$as_me:7843: \$? = $ac_status" >&5
+   echo "$as_me:7870: \$? = $ac_status" >&5
    if (exit $ac_status) && test -s "$ac_outfile"; then
      # The compiler can only warn and ignore the option if not recognized
      # So say no if there are warnings other than the usual output.
@@ -7898,11 +7925,11 @@
    -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
    -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
    -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:7901: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:7928: $lt_compile\"" >&5)
    (eval "$lt_compile" 2>out/conftest.err)
    ac_status=$?
    cat out/conftest.err >&5
-   echo "$as_me:7905: \$? = $ac_status" >&5
+   echo "$as_me:7932: \$? = $ac_status" >&5
    if (exit $ac_status) && test -s out/conftest2.$ac_objext
    then
      # The compiler can only warn and ignore the option if not recognized
@@ -10146,7 +10173,7 @@
   lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
   lt_status=$lt_dlunknown
   cat > conftest.$ac_ext <<EOF
-#line 10149 "configure"
+#line 10176 "configure"
 #include "confdefs.h"
 
 #if HAVE_DLFCN_H
@@ -10244,7 +10271,7 @@
   lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
   lt_status=$lt_dlunknown
   cat > conftest.$ac_ext <<EOF
-#line 10247 "configure"
+#line 10274 "configure"
 #include "confdefs.h"
 
 #if HAVE_DLFCN_H
@@ -40474,6 +40501,23 @@
 
 fi
 
+if test "$ol_enable_sock" != no ; then
+	BUILD_SLAPD=yes
+	BUILD_SOCK=$ol_enable_sock
+	if test "$ol_enable_sock" = mod ; then
+		SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-sock"
+		MFLAG=SLAPD_MOD_DYNAMIC
+	else
+		SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-sock"
+		MFLAG=SLAPD_MOD_STATIC
+	fi
+
+cat >>confdefs.h <<_ACEOF
+#define SLAPD_SOCK $MFLAG
+_ACEOF
+
+fi
+
 if test "$ol_link_sql" != no ; then
 	BUILD_SLAPD=yes
 	BUILD_SQL=$ol_enable_sql
@@ -40875,6 +40919,7 @@
 
 
 
+
 # Check whether --with-xxinstall or --without-xxinstall was given.
 if test "${with_xxinstall+set}" = set; then
   withval="$with_xxinstall"
@@ -40882,7 +40927,7 @@
 fi;
 
 
-                                                                                                                                                                                                                                                                                                                                                                                            ac_config_files="$ac_config_files Makefile:build/top.mk:Makefile.in:build/dir.mk doc/Makefile:build/top.mk:doc/Makefile.in:build/dir.mk doc/man/Makefile:build/top.mk:doc/man/Makefile.in:build/dir.mk doc/man/man1/Makefile:build/top.mk:doc/man/man1/Makefile.in:build/man.mk doc/man/man3/Makefile:build/top.mk:doc/man/man3/Makefile.in:build/man.mk doc/man/man5/Makefile:build/top.mk:doc/man/man5/Makefile.in:build/man.mk doc/man/man8/Makefile:build/top.mk:doc/man/man8/Makefile.in:build/man.mk clients/Makefile:build/top.mk:clients/Makefile.in:build/dir.mk clients/tools/Makefile:build/top.mk:clients/tools/Makefile.in:build/rules.mk include/Makefile:build/top.mk:include/Makefile.in libraries/Makefile:build/top.mk:libraries/Makefile.in:build/dir.mk libraries/liblber/Makefile:build/top.mk:libraries/liblber/Makefile.in:build/lib.mk:build/lib-shared.mk libraries/libldap/Makefile:build/top.mk:libraries/libldap/Makefile.in:build/lib.mk:build/lib-shared.mk libraries/libldap_r/Makefile:build/top.mk:libraries/libldap_r/Makefile.in:build/lib.mk:build/lib-shared.mk libraries/liblunicode/Makefile:build/top.mk:libraries/liblunicode/Makefile.in:build/lib.mk:build/lib-static.mk libraries/liblutil/Makefile:build/top.mk:libraries/liblutil/Makefile.in:build/lib.mk:build/lib-static.mk libraries/librewrite/Makefile:build/top.mk:libraries/librewrite/Makefile.in:build/lib.mk:build/lib-static.mk servers/Makefile:build/top.mk:servers/Makefile.in:build/dir.mk servers/slapd/Makefile:build/top.mk:servers/slapd/Makefile.in:build/srv.mk servers/slapd/back-bdb/Makefile:build/top.mk:servers/slapd/back-bdb/Makefile.in:build/mod.mk servers/slapd/back-dnssrv/Makefile:build/top.mk:servers/slapd/back-dnssrv/Makefile.in:build/mod.mk servers/slapd/back-hdb/Makefile:build/top.mk:servers/slapd/back-hdb/Makefile.in:build/mod.mk servers/slapd/back-ldap/Makefile:build/top.mk:servers/slapd/back-ldap/Makefile.in:build/mod.mk servers/slapd/back-ldif/Makefile:build/top.mk:servers/slapd/back-ldif/Makefile.in:build/mod.mk servers/slapd/back-meta/Makefile:build/top.mk:servers/slapd/back-meta/Makefile.in:build/mod.mk servers/slapd/back-monitor/Makefile:build/top.mk:servers/slapd/back-monitor/Makefile.in:build/mod.mk servers/slapd/back-null/Makefile:build/top.mk:servers/slapd/back-null/Makefile.in:build/mod.mk servers/slapd/back-passwd/Makefile:build/top.mk:servers/slapd/back-passwd/Makefile.in:build/mod.mk servers/slapd/back-perl/Makefile:build/top.mk:servers/slapd/back-perl/Makefile.in:build/mod.mk servers/slapd/back-relay/Makefile:build/top.mk:servers/slapd/back-relay/Makefile.in:build/mod.mk servers/slapd/back-shell/Makefile:build/top.mk:servers/slapd/back-shell/Makefile.in:build/mod.mk servers/slapd/back-sql/Makefile:build/top.mk:servers/slapd/back-sql/Makefile.in:build/mod.mk servers/slapd/shell-backends/Makefile:build/top.mk:servers/slapd/shell-backends/Makefile.in:build/srv.mk servers/slapd/slapi/Makefile:build/top.mk:servers/slapd/slapi/Makefile.in:build/lib.mk:build/lib-shared.mk servers/slapd/overlays/Makefile:build/top.mk:servers/slapd/overlays/Makefile.in:build/lib.mk tests/Makefile:build/top.mk:tests/Makefile.in:build/dir.mk tests/run tests/progs/Makefile:build/top.mk:tests/progs/Makefile.in:build/rules.mk"
+                                                                                                                                                                                                                                                                                                                                                                                                      ac_config_files="$ac_config_files Makefile:build/top.mk:Makefile.in:build/dir.mk doc/Makefile:build/top.mk:doc/Makefile.in:build/dir.mk doc/man/Makefile:build/top.mk:doc/man/Makefile.in:build/dir.mk doc/man/man1/Makefile:build/top.mk:doc/man/man1/Makefile.in:build/man.mk doc/man/man3/Makefile:build/top.mk:doc/man/man3/Makefile.in:build/man.mk doc/man/man5/Makefile:build/top.mk:doc/man/man5/Makefile.in:build/man.mk doc/man/man8/Makefile:build/top.mk:doc/man/man8/Makefile.in:build/man.mk clients/Makefile:build/top.mk:clients/Makefile.in:build/dir.mk clients/tools/Makefile:build/top.mk:clients/tools/Makefile.in:build/rules.mk include/Makefile:build/top.mk:include/Makefile.in libraries/Makefile:build/top.mk:libraries/Makefile.in:build/dir.mk libraries/liblber/Makefile:build/top.mk:libraries/liblber/Makefile.in:build/lib.mk:build/lib-shared.mk libraries/libldap/Makefile:build/top.mk:libraries/libldap/Makefile.in:build/lib.mk:build/lib-shared.mk libraries/libldap_r/Makefile:build/top.mk:libraries/libldap_r/Makefile.in:build/lib.mk:build/lib-shared.mk libraries/liblunicode/Makefile:build/top.mk:libraries/liblunicode/Makefile.in:build/lib.mk:build/lib-static.mk libraries/liblutil/Makefile:build/top.mk:libraries/liblutil/Makefile.in:build/lib.mk:build/lib-static.mk libraries/librewrite/Makefile:build/top.mk:libraries/librewrite/Makefile.in:build/lib.mk:build/lib-static.mk servers/Makefile:build/top.mk:servers/Makefile.in:build/dir.mk servers/slapd/Makefile:build/top.mk:servers/slapd/Makefile.in:build/srv.mk servers/slapd/back-bdb/Makefile:build/top.mk:servers/slapd/back-bdb/Makefile.in:build/mod.mk servers/slapd/back-dnssrv/Makefile:build/top.mk:servers/slapd/back-dnssrv/Makefile.in:build/mod.mk servers/slapd/back-hdb/Makefile:build/top.mk:servers/slapd/back-hdb/Makefile.in:build/mod.mk servers/slapd/back-ldap/Makefile:build/top.mk:servers/slapd/back-ldap/Makefile.in:build/mod.mk servers/slapd/back-ldif/Makefile:build/top.mk:servers/slapd/back-ldif/Makefile.in:build/mod.mk servers/slapd/back-meta/Makefile:build/top.mk:servers/slapd/back-meta/Makefile.in:build/mod.mk servers/slapd/back-monitor/Makefile:build/top.mk:servers/slapd/back-monitor/Makefile.in:build/mod.mk servers/slapd/back-null/Makefile:build/top.mk:servers/slapd/back-null/Makefile.in:build/mod.mk servers/slapd/back-passwd/Makefile:build/top.mk:servers/slapd/back-passwd/Makefile.in:build/mod.mk servers/slapd/back-perl/Makefile:build/top.mk:servers/slapd/back-perl/Makefile.in:build/mod.mk servers/slapd/back-relay/Makefile:build/top.mk:servers/slapd/back-relay/Makefile.in:build/mod.mk servers/slapd/back-shell/Makefile:build/top.mk:servers/slapd/back-shell/Makefile.in:build/mod.mk servers/slapd/back-sock/Makefile:build/top.mk:servers/slapd/back-sock/Makefile.in:build/mod.mk servers/slapd/back-sql/Makefile:build/top.mk:servers/slapd/back-sql/Makefile.in:build/mod.mk servers/slapd/shell-backends/Makefile:build/top.mk:servers/slapd/shell-backends/Makefile.in:build/srv.mk servers/slapd/slapi/Makefile:build/top.mk:servers/slapd/slapi/Makefile.in:build/lib.mk:build/lib-shared.mk servers/slapd/overlays/Makefile:build/top.mk:servers/slapd/overlays/Makefile.in:build/lib.mk tests/Makefile:build/top.mk:tests/Makefile.in:build/dir.mk tests/run tests/progs/Makefile:build/top.mk:tests/progs/Makefile.in:build/rules.mk"
 
 
           ac_config_commands="$ac_config_commands default"
@@ -41425,6 +41470,7 @@
   "servers/slapd/back-perl/Makefile" ) CONFIG_FILES="$CONFIG_FILES servers/slapd/back-perl/Makefile:build/top.mk:servers/slapd/back-perl/Makefile.in:build/mod.mk" ;;
   "servers/slapd/back-relay/Makefile" ) CONFIG_FILES="$CONFIG_FILES servers/slapd/back-relay/Makefile:build/top.mk:servers/slapd/back-relay/Makefile.in:build/mod.mk" ;;
   "servers/slapd/back-shell/Makefile" ) CONFIG_FILES="$CONFIG_FILES servers/slapd/back-shell/Makefile:build/top.mk:servers/slapd/back-shell/Makefile.in:build/mod.mk" ;;
+  "servers/slapd/back-sock/Makefile" ) CONFIG_FILES="$CONFIG_FILES servers/slapd/back-sock/Makefile:build/top.mk:servers/slapd/back-sock/Makefile.in:build/mod.mk" ;;
   "servers/slapd/back-sql/Makefile" ) CONFIG_FILES="$CONFIG_FILES servers/slapd/back-sql/Makefile:build/top.mk:servers/slapd/back-sql/Makefile.in:build/mod.mk" ;;
   "servers/slapd/shell-backends/Makefile" ) CONFIG_FILES="$CONFIG_FILES servers/slapd/shell-backends/Makefile:build/top.mk:servers/slapd/shell-backends/Makefile.in:build/srv.mk" ;;
   "servers/slapd/slapi/Makefile" ) CONFIG_FILES="$CONFIG_FILES servers/slapd/slapi/Makefile:build/top.mk:servers/slapd/slapi/Makefile.in:build/lib.mk:build/lib-shared.mk" ;;
@@ -41619,6 +41665,7 @@
 s, at BUILD_RELAY@,$BUILD_RELAY,;t t
 s, at BUILD_PERL@,$BUILD_PERL,;t t
 s, at BUILD_SHELL@,$BUILD_SHELL,;t t
+s, at BUILD_SOCK@,$BUILD_SOCK,;t t
 s, at BUILD_SQL@,$BUILD_SQL,;t t
 s, at BUILD_ACCESSLOG@,$BUILD_ACCESSLOG,;t t
 s, at BUILD_AUDITLOG@,$BUILD_AUDITLOG,;t t
@@ -42362,7 +42409,7 @@
 cat > $BACKENDSC << ENDX
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -42413,7 +42460,7 @@
 cat > $OVERLAYSC << ENDX
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/configure.in
===================================================================
--- openldap/trunk/configure.in	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/configure.in	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,7 +1,7 @@
-dnl $OpenLDAP: pkg/ldap/configure.in,v 1.631.2.7 2007/10/16 23:43:09 quanah Exp $
+dnl $OpenLDAP: pkg/ldap/configure.in,v 1.631.2.9 2008/02/11 23:26:37 kurt Exp $
 dnl This work is part of OpenLDAP Software <http://www.openldap.org/>.
 dnl
-dnl Copyright 1998-2007 The OpenLDAP Foundation.
+dnl Copyright 1998-2008 The OpenLDAP Foundation.
 dnl All rights reserved.
 dnl
 dnl Redistribution and use in source and binary forms, with or without
@@ -23,9 +23,9 @@
 define([AC_LIBTOOL_LANG_GCJ_CONFIG], [:])dnl
 dnl ================================================================
 dnl Configure.in for OpenLDAP
-AC_COPYRIGHT([[Copyright 1998-2007 The OpenLDAP Foundation. All rights reserved.
+AC_COPYRIGHT([[Copyright 1998-2008 The OpenLDAP Foundation. All rights reserved.
 Restrictions apply, see COPYRIGHT and LICENSE files.]])
-AC_REVISION([$OpenLDAP: pkg/ldap/configure.in,v 1.631.2.7 2007/10/16 23:43:09 quanah Exp $])
+AC_REVISION([$OpenLDAP: pkg/ldap/configure.in,v 1.631.2.9 2008/02/11 23:26:37 kurt Exp $])
 AC_INIT([OpenLDAP],,[http://www.openldap.org/its/])
 m4_define([AC_PACKAGE_BUGREPORT],[<http://www.openldap.org/its/>])
 AC_CONFIG_SRCDIR(build/version.sh)dnl
@@ -96,7 +96,7 @@
 /* begin of portable.h.pre */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation
+ * Copyright 1998-2008 The OpenLDAP Foundation
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -291,6 +291,7 @@
 	perl \
 	relay \
 	shell \
+	sock \
 	sql"
 
 AC_ARG_ENABLE(xxslapbackends,[
@@ -320,6 +321,8 @@
 	yes, [no yes mod], ol_enable_backends)dnl
 OL_ARG_ENABLE(shell,[    --enable-shell	  enable shell backend],
 	no, [no yes mod], ol_enable_backends)dnl
+OL_ARG_ENABLE(sock,[    --enable-sock	  enable sock backend],
+	no, [no yes mod], ol_enable_backends)dnl
 OL_ARG_ENABLE(sql,[    --enable-sql	  enable sql backend],
 	no, [no yes mod], ol_enable_backends)dnl
 
@@ -462,6 +465,7 @@
 	test $ol_enable_perl = no &&
 	test $ol_enable_relay = no &&
 	test $ol_enable_shell = no &&
+	test $ol_enable_sock = no &&
 	test $ol_enable_sql = no ; then
 	dnl no slapd backend
 
@@ -519,6 +523,7 @@
 BUILD_PERL=no
 BUILD_RELAY=no
 BUILD_SHELL=no
+BUILD_SOCK=no
 BUILD_SQL=no
 
 BUILD_ACCESSLOG=no
@@ -2635,6 +2640,19 @@
 	AC_DEFINE_UNQUOTED(SLAPD_SHELL,$MFLAG,[define to support SHELL backend])
 fi
 
+if test "$ol_enable_sock" != no ; then
+	BUILD_SLAPD=yes
+	BUILD_SOCK=$ol_enable_sock
+	if test "$ol_enable_sock" = mod ; then
+		SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-sock"
+		MFLAG=SLAPD_MOD_DYNAMIC
+	else
+		SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-sock"
+		MFLAG=SLAPD_MOD_STATIC
+	fi
+	AC_DEFINE_UNQUOTED(SLAPD_SOCK,$MFLAG,[define to support SOCK backend])
+fi
+
 if test "$ol_link_sql" != no ; then
 	BUILD_SLAPD=yes
 	BUILD_SQL=$ol_enable_sql
@@ -2903,6 +2921,7 @@
   AC_SUBST(BUILD_RELAY)
   AC_SUBST(BUILD_PERL)
   AC_SUBST(BUILD_SHELL)
+  AC_SUBST(BUILD_SOCK)
   AC_SUBST(BUILD_SQL)
 dnl overlays
   AC_SUBST(BUILD_ACCESSLOG)
@@ -3003,6 +3022,7 @@
 [servers/slapd/back-perl/Makefile:build/top.mk:servers/slapd/back-perl/Makefile.in:build/mod.mk]
 [servers/slapd/back-relay/Makefile:build/top.mk:servers/slapd/back-relay/Makefile.in:build/mod.mk]
 [servers/slapd/back-shell/Makefile:build/top.mk:servers/slapd/back-shell/Makefile.in:build/mod.mk]
+[servers/slapd/back-sock/Makefile:build/top.mk:servers/slapd/back-sock/Makefile.in:build/mod.mk]
 [servers/slapd/back-sql/Makefile:build/top.mk:servers/slapd/back-sql/Makefile.in:build/mod.mk]
 [servers/slapd/shell-backends/Makefile:build/top.mk:servers/slapd/shell-backends/Makefile.in:build/srv.mk]
 [servers/slapd/slapi/Makefile:build/top.mk:servers/slapd/slapi/Makefile.in:build/lib.mk:build/lib-shared.mk]
@@ -3020,7 +3040,7 @@
 cat > $BACKENDSC << ENDX
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -3071,7 +3091,7 @@
 cat > $OVERLAYSC << ENDX
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/contrib/ConfigOIDs
===================================================================
--- openldap/trunk/contrib/ConfigOIDs	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ConfigOIDs	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
 List of OpenLDAP Configuration OIDs allocated to contrib modules
 
 OLcfgCt{Oc|At}:1	smbk5pwd
+OLcfgCt{Oc|At}:2	autogroup

Modified: openldap/trunk/contrib/ldapc++/COPYRIGHT
===================================================================
--- openldap/trunk/contrib/ldapc++/COPYRIGHT	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/COPYRIGHT	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,4 +1,4 @@
-Copyright 1998-2007 The OpenLDAP Foundation
+Copyright 1998-2008 The OpenLDAP Foundation
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/contrib/ldapc++/Makefile.am
===================================================================
--- openldap/trunk/contrib/ldapc++/Makefile.am	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/Makefile.am	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,5 @@
+# $OpenLDAP: pkg/ldap/contrib/ldapc++/Makefile.am,v 1.2.6.1 2008/04/14 23:20:12 quanah Exp $
+
 ##
 # Copyright 2000-2003, OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/Makefile.in
===================================================================
--- openldap/trunk/contrib/ldapc++/Makefile.in	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/Makefile.in	2008-05-25 14:29:31 UTC (rev 1128)
@@ -14,6 +14,8 @@
 
 @SET_MAKE@
 
+# $OpenLDAP: pkg/ldap/contrib/ldapc++/Makefile.in,v 1.11.2.3 2008/04/14 23:20:12 quanah Exp $
+
 # Copyright 2000-2003, OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT file
 VPATH = @srcdir@

Modified: openldap/trunk/contrib/ldapc++/configure
===================================================================
--- openldap/trunk/contrib/ldapc++/configure	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/configure	2008-05-25 14:29:31 UTC (rev 1128)
@@ -19719,18 +19719,24 @@
 
 fi
 
-if test "${ac_cv_header_ldap_h+set}" = set; then
-  { echo "$as_me:$LINENO: checking for ldap.h" >&5
-echo $ECHO_N "checking for ldap.h... $ECHO_C" >&6; }
-if test "${ac_cv_header_ldap_h+set}" = set; then
+
+
+for ac_header in termios.h ldap.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+  { echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
   echo $ECHO_N "(cached) $ECHO_C" >&6
 fi
-{ echo "$as_me:$LINENO: result: $ac_cv_header_ldap_h" >&5
-echo "${ECHO_T}$ac_cv_header_ldap_h" >&6; }
+ac_res=`eval echo '${'$as_ac_Header'}'`
+	       { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
 else
   # Is the header compilable?
-{ echo "$as_me:$LINENO: checking ldap.h usability" >&5
-echo $ECHO_N "checking ldap.h usability... $ECHO_C" >&6; }
+{ echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; }
 cat >conftest.$ac_ext <<_ACEOF
 /* confdefs.h.  */
 _ACEOF
@@ -19738,7 +19744,7 @@
 cat >>conftest.$ac_ext <<_ACEOF
 /* end confdefs.h.  */
 $ac_includes_default
-#include <ldap.h>
+#include <$ac_header>
 _ACEOF
 rm -f conftest.$ac_objext
 if { (ac_try="$ac_compile"
@@ -19770,15 +19776,15 @@
 echo "${ECHO_T}$ac_header_compiler" >&6; }
 
 # Is the header present?
-{ echo "$as_me:$LINENO: checking ldap.h presence" >&5
-echo $ECHO_N "checking ldap.h presence... $ECHO_C" >&6; }
+{ echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; }
 cat >conftest.$ac_ext <<_ACEOF
 /* confdefs.h.  */
 _ACEOF
 cat confdefs.h >>conftest.$ac_ext
 cat >>conftest.$ac_ext <<_ACEOF
 /* end confdefs.h.  */
-#include <ldap.h>
+#include <$ac_header>
 _ACEOF
 if { (ac_try="$ac_cpp conftest.$ac_ext"
 case "(($ac_try" in
@@ -19811,41 +19817,49 @@
 # So?  What about this header?
 case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
   yes:no: )
-    { echo "$as_me:$LINENO: WARNING: ldap.h: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: ldap.h: accepted by the compiler, rejected by the preprocessor!" >&2;}
-    { echo "$as_me:$LINENO: WARNING: ldap.h: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: ldap.h: proceeding with the compiler's result" >&2;}
+    { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+    { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
     ac_header_preproc=yes
     ;;
   no:yes:* )
-    { echo "$as_me:$LINENO: WARNING: ldap.h: present but cannot be compiled" >&5
-echo "$as_me: WARNING: ldap.h: present but cannot be compiled" >&2;}
-    { echo "$as_me:$LINENO: WARNING: ldap.h:     check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: ldap.h:     check for missing prerequisite headers?" >&2;}
-    { echo "$as_me:$LINENO: WARNING: ldap.h: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: ldap.h: see the Autoconf documentation" >&2;}
-    { echo "$as_me:$LINENO: WARNING: ldap.h:     section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: ldap.h:     section \"Present But Cannot Be Compiled\"" >&2;}
-    { echo "$as_me:$LINENO: WARNING: ldap.h: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: ldap.h: proceeding with the preprocessor's result" >&2;}
-    { echo "$as_me:$LINENO: WARNING: ldap.h: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: ldap.h: in the future, the compiler will take precedence" >&2;}
+    { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+    { echo "$as_me:$LINENO: WARNING: $ac_header:     check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header:     check for missing prerequisite headers?" >&2;}
+    { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+    { echo "$as_me:$LINENO: WARNING: $ac_header:     section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: $ac_header:     section \"Present But Cannot Be Compiled\"" >&2;}
+    { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+    { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
 
     ;;
 esac
-{ echo "$as_me:$LINENO: checking for ldap.h" >&5
-echo $ECHO_N "checking for ldap.h... $ECHO_C" >&6; }
-if test "${ac_cv_header_ldap_h+set}" = set; then
+{ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
   echo $ECHO_N "(cached) $ECHO_C" >&6
 else
-  ac_cv_header_ldap_h=$ac_header_preproc
+  eval "$as_ac_Header=\$ac_header_preproc"
 fi
-{ echo "$as_me:$LINENO: result: $ac_cv_header_ldap_h" >&5
-echo "${ECHO_T}$ac_cv_header_ldap_h" >&6; }
+ac_res=`eval echo '${'$as_ac_Header'}'`
+	       { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
 
 fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+  cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
 
+fi
 
+done
+
 cat >conftest.$ac_ext <<_ACEOF
 /* confdefs.h.  */
 _ACEOF

Modified: openldap/trunk/contrib/ldapc++/configure.in
===================================================================
--- openldap/trunk/contrib/ldapc++/configure.in	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/configure.in	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,7 +1,8 @@
+dnl $OpenLDAP: pkg/ldap/contrib/ldapc++/configure.in,v 1.8.2.5 2008/04/14 23:20:12 quanah Exp $
+
 dnl Copyright 2000-2003, OpenLDAP Foundation, All Rights Reserved.
 dnl COPYING RESTRICTIONS APPLY, see COPYRIGHT file
-  
-  
+
 dnl Process this file with autoconf to produce a configure script.
 
 dnl disable config.cache
@@ -67,7 +68,7 @@
     ])
 dnl Checks for header files.
 AC_HEADER_TIME
-AC_CHECK_HEADER(ldap.h)
+AC_CHECK_HEADERS(termios.h ldap.h)
 AC_EGREP_HEADER(ldap_add_ext,ldap.h,[
 dnl NOOP
         :

Modified: openldap/trunk/contrib/ldapc++/doxygen.rc
===================================================================
--- openldap/trunk/contrib/ldapc++/doxygen.rc	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/doxygen.rc	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,173 +1,492 @@
-# Doxyfile 1.0.0
+# $OpenLDAP: pkg/ldap/contrib/ldapc++/doxygen.rc,v 1.2.10.2 2008/04/14 23:20:12 quanah Exp $
 
-# This file describes the settings to be used by doxygen for a project
+# Doxyfile 1.5.4
+
+# This file describes the settings to be used by the documentation system
+# doxygen (www.doxygen.org) for a project
 #
 # All text after a hash (#) is considered a comment and will be ignored
 # The format is:
 #       TAG = value [value, ...]
+# For lists items can also be appended using:
+#       TAG += value [value, ...]
 # Values that contain spaces should be placed between quotes (" ")
 
 #---------------------------------------------------------------------------
-# General configuration options
+# Project related configuration options
 #---------------------------------------------------------------------------
 
-# The PROJECT_NAME tag is a single word (or a sequence of word surrounded
-# by quotes) that should identify the project. 
+# This tag specifies the encoding used for all characters in the config file that 
+# follow. The default is UTF-8 which is also the encoding used for all text before 
+# the first occurrence of this tag. Doxygen uses libiconv (or the iconv built into 
+# libc) for the transcoding. See http://www.gnu.org/software/libiconv for the list of 
+# possible encodings.
 
-PROJECT_NAME         = ldapsdk
+DOXYFILE_ENCODING      = UTF-8
 
-# The PROJECT_NUMBER tag can be used to enter a project or revision number.
+# The PROJECT_NAME tag is a single word (or a sequence of words surrounded 
+# by quotes) that should identify the project.
+
+PROJECT_NAME           = ldapsdk
+
+# The PROJECT_NUMBER tag can be used to enter a project or revision number. 
 # This could be handy for archiving the generated documentation or 
 # if some version control system is used.
 
-PROJECT_NUMBER       = 0.0.1
+PROJECT_NUMBER         = 0.0.1
 
 # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) 
 # base path where the generated documentation will be put. 
 # If a relative path is entered, it will be relative to the location 
 # where doxygen was started. If left blank the current directory will be used.
 
-OUTPUT_DIRECTORY     = srcdoc
+OUTPUT_DIRECTORY       = srcdoc
 
-# The OUTPUT_LANGUAGE tag is used to specify the language in which all
-# documentation generated by doxygen is written. Doxygen will use this
-# information to generate all constant output in the proper language.
+# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create 
+# 4096 sub-directories (in 2 levels) under the output directory of each output 
+# format and will distribute the generated files over these directories. 
+# Enabling this option can be useful when feeding doxygen a huge amount of 
+# source files, where putting all generated files in the same directory would 
+# otherwise cause performance problems for the file system.
+
+CREATE_SUBDIRS         = NO
+
+# The OUTPUT_LANGUAGE tag is used to specify the language in which all 
+# documentation generated by doxygen is written. Doxygen will use this 
+# information to generate all constant output in the proper language. 
 # The default language is English, other supported languages are: 
-# Dutch, French, Italian, Czech, Swedish, German and Japanese
+# Afrikaans, Arabic, Brazilian, Catalan, Chinese, Chinese-Traditional, 
+# Croatian, Czech, Danish, Dutch, Finnish, French, German, Greek, Hungarian, 
+# Italian, Japanese, Japanese-en (Japanese with English messages), Korean, 
+# Korean-en, Lithuanian, Norwegian, Polish, Portuguese, Romanian, Russian, 
+# Serbian, Slovak, Slovene, Spanish, Swedish, and Ukrainian.
 
-OUTPUT_LANGUAGE      = English
+OUTPUT_LANGUAGE        = English
 
-# The QUIET tag can be used to turn on/off the messages that are generated
-# by doxygen. Possible values are YES and NO. If left blank NO is used.
+# If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will 
+# include brief member descriptions after the members that are listed in 
+# the file and class documentation (similar to JavaDoc). 
+# Set to NO to disable this.
 
-QUIET                = NO
+BRIEF_MEMBER_DESC      = YES
 
-# The WARNINGS tag can be used to turn on/off the warning messages that are
-# generated by doxygen. Possible values are YES and NO. If left blank
-# NO is used.
+# If the REPEAT_BRIEF tag is set to YES (the default) Doxygen will prepend 
+# the brief description of a member or function before the detailed description. 
+# Note: if both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the 
+# brief descriptions will be completely suppressed.
 
-WARNINGS             = YES
+REPEAT_BRIEF           = yes
 
-# The DISABLE_INDEX tag can be used to turn on/off the condensed index at
-# top of each HTML page. The value NO (the default) enables the index and
-# the value YES disables it.
+# This tag implements a quasi-intelligent brief description abbreviator 
+# that is used to form the text in various listings. Each string 
+# in this list, if found as the leading text of the brief description, will be 
+# stripped from the text and the result after processing the whole list, is 
+# used as the annotated text. Otherwise, the brief description is used as-is. 
+# If left blank, the following values are used ("$name" is automatically 
+# replaced with the name of the entity): "The $name class" "The $name widget" 
+# "The $name file" "is" "provides" "specifies" "contains" 
+# "represents" "a" "an" "the"
 
-DISABLE_INDEX        = NO
+ABBREVIATE_BRIEF       = 
 
-# If the EXTRACT_ALL tag is set to YES all classes and functions will be
-# included in the documentation, even if no documentation was available.
+# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then 
+# Doxygen will generate a detailed section even if there is only a brief 
+# description.
 
-EXTRACT_ALL          = YES
+ALWAYS_DETAILED_SEC    = yes
 
-# If the EXTRACT_PRIVATE tag is set to YES all private members of a class
+# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all 
+# inherited members of a class in the documentation of that class as if those 
+# members were ordinary class members. Constructors, destructors and assignment 
+# operators of the base classes will not be shown.
+
+INLINE_INHERITED_MEMB  = NO
+
+# If the FULL_PATH_NAMES tag is set to YES then Doxygen will prepend the full 
+# path before files name in the file list and in the header files. If set 
+# to NO the shortest path that makes the file name unique will be used.
+
+FULL_PATH_NAMES        = NO
+
+# If the FULL_PATH_NAMES tag is set to YES then the STRIP_FROM_PATH tag 
+# can be used to strip a user-defined part of the path. Stripping is 
+# only done if one of the specified strings matches the left-hand part of 
+# the path. The tag can be used to show relative paths in the file list. 
+# If left blank the directory from which doxygen is run is used as the 
+# path to strip.
+
+STRIP_FROM_PATH        = 
+
+# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of 
+# the path mentioned in the documentation of a class, which tells 
+# the reader which header file to include in order to use a class. 
+# If left blank only the name of the header file containing the class 
+# definition is used. Otherwise one should specify the include paths that 
+# are normally passed to the compiler using the -I flag.
+
+STRIP_FROM_INC_PATH    = 
+
+# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter 
+# (but less readable) file names. This can be useful is your file systems 
+# doesn't support long names like on DOS, Mac, or CD-ROM.
+
+SHORT_NAMES            = NO
+
+# If the JAVADOC_AUTOBRIEF tag is set to YES then Doxygen 
+# will interpret the first line (until the first dot) of a JavaDoc-style 
+# comment as the brief description. If set to NO, the JavaDoc 
+# comments will behave just like regular Qt-style comments 
+# (thus requiring an explicit @brief command for a brief description.)
+
+JAVADOC_AUTOBRIEF      = YES
+
+# If the QT_AUTOBRIEF tag is set to YES then Doxygen will 
+# interpret the first line (until the first dot) of a Qt-style 
+# comment as the brief description. If set to NO, the comments 
+# will behave just like regular Qt-style comments (thus requiring 
+# an explicit \brief command for a brief description.)
+
+QT_AUTOBRIEF           = NO
+
+# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make Doxygen 
+# treat a multi-line C++ special comment block (i.e. a block of //! or /// 
+# comments) as a brief description. This used to be the default behaviour. 
+# The new default is to treat a multi-line C++ comment block as a detailed 
+# description. Set this tag to YES if you prefer the old behaviour instead.
+
+MULTILINE_CPP_IS_BRIEF = NO
+
+# If the DETAILS_AT_TOP tag is set to YES then Doxygen 
+# will output the detailed description near the top, like JavaDoc.
+# If set to NO, the detailed description appears after the member 
+# documentation.
+
+DETAILS_AT_TOP         = NO
+
+# If the INHERIT_DOCS tag is set to YES (the default) then an undocumented 
+# member inherits the documentation from any documented member that it 
+# re-implements.
+
+INHERIT_DOCS           = YES
+
+# If the SEPARATE_MEMBER_PAGES tag is set to YES, then doxygen will produce 
+# a new page for each member. If set to NO, the documentation of a member will 
+# be part of the file/class/namespace that contains it.
+
+SEPARATE_MEMBER_PAGES  = NO
+
+# The TAB_SIZE tag can be used to set the number of spaces in a tab. 
+# Doxygen uses this value to replace tabs by spaces in code fragments.
+
+TAB_SIZE               = 4
+
+# This tag can be used to specify a number of aliases that acts 
+# as commands in the documentation. An alias has the form "name=value". 
+# For example adding "sideeffect=\par Side Effects:\n" will allow you to 
+# put the command \sideeffect (or @sideeffect) in the documentation, which 
+# will result in a user-defined paragraph with heading "Side Effects:". 
+# You can put \n's in the value part of an alias to insert newlines.
+
+ALIASES                = 
+
+# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C 
+# sources only. Doxygen will then generate output that is more tailored for C. 
+# For instance, some of the names that are used will be different. The list 
+# of all members will be omitted, etc.
+
+OPTIMIZE_OUTPUT_FOR_C  = NO
+
+# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java 
+# sources only. Doxygen will then generate output that is more tailored for Java. 
+# For instance, namespaces will be presented as packages, qualified scopes 
+# will look different, etc.
+
+OPTIMIZE_OUTPUT_JAVA   = NO
+
+# If you use STL classes (i.e. std::string, std::vector, etc.) but do not want to 
+# include (a tag file for) the STL sources as input, then you should 
+# set this tag to YES in order to let doxygen match functions declarations and 
+# definitions whose arguments contain STL classes (e.g. func(std::string); v.s. 
+# func(std::string) {}). This also make the inheritance and collaboration 
+# diagrams that involve STL classes more complete and accurate.
+
+BUILTIN_STL_SUPPORT    = NO
+
+# If you use Microsoft's C++/CLI language, you should set this option to YES to
+# enable parsing support.
+
+CPP_CLI_SUPPORT        = NO
+
+# Set the SIP_SUPPORT tag to YES if your project consists of sip sources only. 
+# Doxygen will parse them like normal C++ but will assume all classes use public 
+# instead of private inheritance when no explicit protection keyword is present.
+
+SIP_SUPPORT            = NO
+
+# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC 
+# tag is set to YES, then doxygen will reuse the documentation of the first 
+# member in the group (if any) for the other members of the group. By default 
+# all members of a group must be documented explicitly.
+
+DISTRIBUTE_GROUP_DOC   = NO
+
+# Set the SUBGROUPING tag to YES (the default) to allow class member groups of 
+# the same type (for instance a group of public functions) to be put as a 
+# subgroup of that type (e.g. under the Public Functions section). Set it to 
+# NO to prevent subgrouping. Alternatively, this can be done per class using 
+# the \nosubgrouping command.
+
+SUBGROUPING            = YES
+
+# When TYPEDEF_HIDES_STRUCT is enabled, a typedef of a struct (or union) is 
+# documented as struct with the name of the typedef. So 
+# typedef struct TypeS {} TypeT, will appear in the documentation as a struct 
+# with name TypeT. When disabled the typedef will appear as a member of a file, 
+# namespace, or class. And the struct will be named TypeS. This can typically 
+# be useful for C code where the coding convention is that all structs are 
+# typedef'ed and only the typedef is referenced never the struct's name.
+
+TYPEDEF_HIDES_STRUCT   = NO
+
+#---------------------------------------------------------------------------
+# Build related configuration options
+#---------------------------------------------------------------------------
+
+# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in 
+# documentation are documented, even if no documentation was available. 
+# Private class members and static file members will be hidden unless 
+# the EXTRACT_PRIVATE and EXTRACT_STATIC tags are set to YES
+
+EXTRACT_ALL            = YES
+
+# If the EXTRACT_PRIVATE tag is set to YES all private members of a class 
 # will be included in the documentation.
 
-EXTRACT_PRIVATE      = YES
+EXTRACT_PRIVATE        = YES
 
-# If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all
-# undocumented members inside documented classes or files.
+# If the EXTRACT_STATIC tag is set to YES all static members of a file 
+# will be included in the documentation.
 
-HIDE_UNDOC_MEMBERS   = NO
+EXTRACT_STATIC         = NO
 
-# If the HIDE_UNDOC_CLASSESS tag is set to YES, Doxygen will hide all
-# undocumented classes.
+# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs) 
+# defined locally in source files will be included in the documentation. 
+# If set to NO only classes defined in header files are included.
 
-HIDE_UNDOC_CLASSES   = NO
+EXTRACT_LOCAL_CLASSES  = YES
 
-# If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will
-# include brief member descriptions after the members that are listed in 
-# the file and class documentation (similar to JavaDoc).
-# Set to NO to disable this.
+# This flag is only useful for Objective-C code. When set to YES local 
+# methods, which are defined in the implementation section but not in 
+# the interface are included in the documentation. 
+# If set to NO (the default) only methods in the interface are included.
 
-BRIEF_MEMBER_DESC    = YES
+EXTRACT_LOCAL_METHODS  = NO
 
-# If the REPEAT_BRIEF tag is set to YES (the default) Doxygen will prepend
-# the brief description of a member or function before the detailed description.
-# Note: if both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the 
-# brief descriptions will be completely suppressed.
+# If this flag is set to YES, the members of anonymous namespaces will be extracted 
+# and appear in the documentation as a namespace called 'anonymous_namespace{file}', 
+# where file will be replaced with the base name of the file that contains the anonymous 
+# namespace. By default anonymous namespace are hidden.
 
-REPEAT_BRIEF         = yes
+EXTRACT_ANON_NSPACES   = NO
 
-# If the ALWAYS_DETAILS_SEC and REPEAT_BRIEF tags are both set to YES then
-# Doxygen will generate a detailed section even if there is only a brief
-# description.
+# If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all 
+# undocumented members of documented classes, files or namespaces. 
+# If set to NO (the default) these members will be included in the 
+# various overviews, but no documentation section is generated. 
+# This option has no effect if EXTRACT_ALL is enabled.
 
-ALWAYS_DETAILED_SEC  = yes
+HIDE_UNDOC_MEMBERS     = NO
 
-# If the FULL_PATH_NAMES tag is set to YES then Doxygen will prepend the full
-# path before files name in the file list and in the header files. If set
-# to NO the shortest path that makes the file name unique will be used.
+# If the HIDE_UNDOC_CLASSES tag is set to YES, Doxygen will hide all 
+# undocumented classes that are normally visible in the class hierarchy. 
+# If set to NO (the default) these classes will be included in the various 
+# overviews. This option has no effect if EXTRACT_ALL is enabled.
 
-FULL_PATH_NAMES      = NO
+HIDE_UNDOC_CLASSES     = NO
 
-# If the FULL_PATH_NAMES tag is set to YES then the STRIP_FROM_PATH tag
-# can be used to strip a user defined part of the path. Stripping is
-# only done if one of the specified strings matches the left-hand part of
-# the path.
+# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, Doxygen will hide all 
+# friend (class|struct|union) declarations. 
+# If set to NO (the default) these declarations will be included in the 
+# documentation.
 
-STRIP_FROM_PATH      =
+HIDE_FRIEND_COMPOUNDS  = NO
 
-# The INTERNAL_DOCS tag determines if documentation
+# If the HIDE_IN_BODY_DOCS tag is set to YES, Doxygen will hide any 
+# documentation blocks found inside the body of a function. 
+# If set to NO (the default) these blocks will be appended to the 
+# function's detailed documentation block.
+
+HIDE_IN_BODY_DOCS      = NO
+
+# The INTERNAL_DOCS tag determines if documentation 
 # that is typed after a \internal command is included. If the tag is set 
-# to NO (the default) then the documentation will be excluded.
+# to NO (the default) then the documentation will be excluded. 
 # Set it to YES to include the internal documentation.
 
-INTERNAL_DOCS        = NO
+INTERNAL_DOCS          = NO
 
-# If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will
-# generate a class diagram (in Html and LaTeX) for classes with base or
-# super classes. Setting the tag to NO turns the diagrams off.
+# If the CASE_SENSE_NAMES tag is set to NO then Doxygen will only generate 
+# file names in lower-case letters. If set to YES upper-case letters are also 
+# allowed. This is useful if you have classes or files whose names only differ 
+# in case and if your file system supports case sensitive file names. Windows 
+# and Mac users are advised to set this option to NO.
 
-CLASS_DIAGRAMS       = YES
+CASE_SENSE_NAMES       = NO
 
-# If the SOURCE_BROWSER tag is set to YES then a list of source files will
-# be generated. Documented entities will be cross-referenced with these sources.
+# If the HIDE_SCOPE_NAMES tag is set to NO (the default) then Doxygen 
+# will show members with their full class and namespace scopes in the 
+# documentation. If set to YES the scope will be hidden.
 
-SOURCE_BROWSER       = no
+HIDE_SCOPE_NAMES       = NO
 
-# Setting the INLINE_SOURCES tag to YES will include the body
-# of functions and classes directly in the documentation.
+# If the SHOW_INCLUDE_FILES tag is set to YES (the default) then Doxygen 
+# will put a list of the files that are included by a file in the documentation 
+# of that file.
 
-INLINE_SOURCES       = NO
+SHOW_INCLUDE_FILES     = YES
 
-# If the CASE_SENSE_NAMES tag is set to NO (the default) then Doxygen
-# will only generate file names in lower case letters. If set to
-# YES upper case letters are also allowed. This is useful if you have
-# classes or files whose names only differ in case and if your file system
-# supports case sensitive file names.
+# If the INLINE_INFO tag is set to YES (the default) then a tag [inline] 
+# is inserted in the documentation for inline members.
 
-CASE_SENSE_NAMES     = NO
+INLINE_INFO            = YES
 
-# If the VERBATIM_HEADERS tag is set to YES (the default) then Doxygen
-# will generate a verbatim copy of the header file for each class for
-# which an include is specified. Set to NO to disable this.
+# If the SORT_MEMBER_DOCS tag is set to YES (the default) then doxygen 
+# will sort the (detailed) documentation of file and class members 
+# alphabetically by member name. If set to NO the members will appear in 
+# declaration order.
 
-VERBATIM_HEADERS     = YES
+SORT_MEMBER_DOCS       = YES
 
-# If the JAVADOC_AUTOBRIEF tag is set to YES (the default) then Doxygen
-# will interpret the first line (until the first dot) of a JavaDoc-style
-# comment as the brief description. If set to NO, the Javadoc-style will
-# behave just like the Qt-style comments.
+# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the 
+# brief documentation of file, namespace and class members alphabetically 
+# by member name. If set to NO (the default) the members will appear in 
+# declaration order.
 
-JAVADOC_AUTOBRIEF    = YES
+SORT_BRIEF_DOCS        = NO
 
-# if the INHERIT_DOCS tag is set to YES (the default) then an undocumented
-# member inherits the documentation from any documented member that it
-# reimplements.
+# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be 
+# sorted by fully-qualified names, including namespaces. If set to 
+# NO (the default), the class list will be sorted only by class name, 
+# not including the namespace part. 
+# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES.
+# Note: This option applies only to the class list, not to the 
+# alphabetical list.
 
-INHERIT_DOCS         = YES
+SORT_BY_SCOPE_NAME     = NO
 
-# if the INLINE_INFO tag is set to YES (the default) then a tag [inline]
-# is inserted in the documentation for inline members.
+# The GENERATE_TODOLIST tag can be used to enable (YES) or 
+# disable (NO) the todo list. This list is created by putting \todo 
+# commands in the documentation.
 
-INLINE_INFO          = YES
+GENERATE_TODOLIST      = YES
 
-# the TAB_SIZE tag can be used to set the number of spaces in a tab.
-# Doxygen uses this value to replace tabs by spaces in code fragments.
+# The GENERATE_TESTLIST tag can be used to enable (YES) or 
+# disable (NO) the test list. This list is created by putting \test 
+# commands in the documentation.
 
-TAB_SIZE             = 4
+GENERATE_TESTLIST      = YES
 
+# The GENERATE_BUGLIST tag can be used to enable (YES) or 
+# disable (NO) the bug list. This list is created by putting \bug 
+# commands in the documentation.
+
+GENERATE_BUGLIST       = YES
+
+# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or 
+# disable (NO) the deprecated list. This list is created by putting 
+# \deprecated commands in the documentation.
+
+GENERATE_DEPRECATEDLIST= YES
+
+# The ENABLED_SECTIONS tag can be used to enable conditional 
+# documentation sections, marked by \if sectionname ... \endif.
+
+ENABLED_SECTIONS       = 
+
+# The MAX_INITIALIZER_LINES tag determines the maximum number of lines 
+# the initial value of a variable or define consists of for it to appear in 
+# the documentation. If the initializer consists of more lines than specified 
+# here it will be hidden. Use a value of 0 to hide initializers completely. 
+# The appearance of the initializer of individual variables and defines in the 
+# documentation can be controlled using \showinitializer or \hideinitializer 
+# command in the documentation regardless of this setting.
+
+MAX_INITIALIZER_LINES  = 30
+
+# Set the SHOW_USED_FILES tag to NO to disable the list of files generated 
+# at the bottom of the documentation of classes and structs. If set to YES the 
+# list will mention the files that were used to generate the documentation.
+
+SHOW_USED_FILES        = YES
+
+# If the sources in your project are distributed over multiple directories 
+# then setting the SHOW_DIRECTORIES tag to YES will show the directory hierarchy 
+# in the documentation. The default is NO.
+
+SHOW_DIRECTORIES       = NO
+
+# The FILE_VERSION_FILTER tag can be used to specify a program or script that 
+# doxygen should invoke to get the current version for each file (typically from the 
+# version control system). Doxygen will invoke the program by executing (via 
+# popen()) the command <command> <input-file>, where <command> is the value of 
+# the FILE_VERSION_FILTER tag, and <input-file> is the name of an input file 
+# provided by doxygen. Whatever the program writes to standard output 
+# is used as the file version. See the manual for examples.
+
+FILE_VERSION_FILTER    = 
+
 #---------------------------------------------------------------------------
+# configuration options related to warning and progress messages
+#---------------------------------------------------------------------------
+
+# The QUIET tag can be used to turn on/off the messages that are generated 
+# by doxygen. Possible values are YES and NO. If left blank NO is used.
+
+QUIET                  = NO
+
+# The WARNINGS tag can be used to turn on/off the warning messages that are 
+# generated by doxygen. Possible values are YES and NO. If left blank 
+# NO is used.
+
+WARNINGS               = YES
+
+# If WARN_IF_UNDOCUMENTED is set to YES, then doxygen will generate warnings 
+# for undocumented members. If EXTRACT_ALL is set to YES then this flag will 
+# automatically be disabled.
+
+WARN_IF_UNDOCUMENTED   = YES
+
+# If WARN_IF_DOC_ERROR is set to YES, doxygen will generate warnings for 
+# potential errors in the documentation, such as not documenting some 
+# parameters in a documented function, or documenting parameters that 
+# don't exist or using markup commands wrongly.
+
+WARN_IF_DOC_ERROR      = YES
+
+# This WARN_NO_PARAMDOC option can be abled to get warnings for 
+# functions that are documented, but have no documentation for their parameters 
+# or return value. If set to NO (the default) doxygen will only warn about 
+# wrong or incomplete parameter documentation, but not about the absence of 
+# documentation.
+
+WARN_NO_PARAMDOC       = NO
+
+# The WARN_FORMAT tag determines the format of the warning messages that 
+# doxygen can produce. The string should contain the $file, $line, and $text 
+# tags, which will be replaced by the file and line number from which the 
+# warning originated and the warning text. Optionally the format may contain 
+# $version, which will be replaced by the version of the file (if it could 
+# be obtained via FILE_VERSION_FILTER)
+
+WARN_FORMAT            = "$file:$line: $text "
+
+# The WARN_LOGFILE tag can be used to specify a file to which warning 
+# and error messages should be written. If left blank the output is written 
+# to stderr.
+
+WARN_LOGFILE           = 
+
+#---------------------------------------------------------------------------
 # configuration options related to the input files
 #---------------------------------------------------------------------------
 
@@ -176,291 +495,819 @@
 # directories like "/usr/src/myproject". Separate the files or directories 
 # with spaces.
 
-INPUT                = ./src
+INPUT                  = ./src
 
+# This tag can be used to specify the character encoding of the source files that 
+# doxygen parses. Internally doxygen uses the UTF-8 encoding, which is also the default 
+# input encoding. Doxygen uses libiconv (or the iconv built into libc) for the transcoding. 
+# See http://www.gnu.org/software/libiconv for the list of possible encodings.
+
+INPUT_ENCODING         = UTF-8
+
 # If the value of the INPUT tag contains directories, you can use the 
 # FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp 
 # and *.h) to filter out the source-files in the directories. If left 
-# blank all files are included.
+# blank the following patterns are tested: 
+# *.c *.cc *.cxx *.cpp *.c++ *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh *.hxx 
+# *.hpp *.h++ *.idl *.odl *.cs *.php *.php3 *.inc *.m *.mm *.py *.f90
 
-FILE_PATTERNS        = *.cpp *.h
+FILE_PATTERNS          = *.cpp \
+                         *.h
 
-# The RECURSIVE tag can be used to turn specify whether or not subdirectories
-# should be searched for input files as well. Possible values are YES and NO.
+# The RECURSIVE tag can be used to turn specify whether or not subdirectories 
+# should be searched for input files as well. Possible values are YES and NO. 
 # If left blank NO is used.
 
-RECURSIVE            = yes
+RECURSIVE              = yes
 
-# The EXCLUDE tag can be used to specify files and/or directories that should
+# The EXCLUDE tag can be used to specify files and/or directories that should 
 # excluded from the INPUT source files. This way you can easily exclude a 
 # subdirectory from a directory tree whose root is specified with the INPUT tag.
 
-EXCLUDE              =
+EXCLUDE                = 
 
-# If the value of the INPUT tag contains directories, you can use the
-# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude
-# certain files from those directories.
+# The EXCLUDE_SYMLINKS tag can be used select whether or not files or 
+# directories that are symbolic links (a Unix filesystem feature) are excluded 
+# from the input.
 
-EXCLUDE_PATTERNS     =
+EXCLUDE_SYMLINKS       = NO
 
+# If the value of the INPUT tag contains directories, you can use the 
+# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude 
+# certain files from those directories. Note that the wildcards are matched 
+# against the file with absolute path, so to exclude all test directories 
+# for example use the pattern */test/*
+
+EXCLUDE_PATTERNS       = 
+
+# The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names 
+# (namespaces, classes, functions, etc.) that should be excluded from the output. 
+# The symbol name can be a fully qualified name, a word, or if the wildcard * is used, 
+# a substring. Examples: ANamespace, AClass, AClass::ANamespace, ANamespace::*Test
+
+EXCLUDE_SYMBOLS        = 
+
 # The EXAMPLE_PATH tag can be used to specify one or more files or 
 # directories that contain example code fragments that are included (see 
 # the \include command).
 
-EXAMPLE_PATH         =
+EXAMPLE_PATH           = 
 
-# If the value of the EXAMPLE_PATH tag contains directories, you can use the
+# If the value of the EXAMPLE_PATH tag contains directories, you can use the 
 # EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp 
 # and *.h) to filter out the source-files in the directories. If left 
 # blank all files are included.
 
-EXAMPLE_PATTERNS     =
+EXAMPLE_PATTERNS       = 
 
+# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be 
+# searched for input files to be used with the \include or \dontinclude 
+# commands irrespective of the value of the RECURSIVE tag. 
+# Possible values are YES and NO. If left blank NO is used.
+
+EXAMPLE_RECURSIVE      = NO
+
 # The IMAGE_PATH tag can be used to specify one or more files or 
 # directories that contain image that are included in the documentation (see 
 # the \image command).
 
-IMAGE_PATH           =
+IMAGE_PATH             = 
 
-# The INPUT_FILTER tag can be used to specify a program that doxygen should
+# The INPUT_FILTER tag can be used to specify a program that doxygen should 
 # invoke to filter for each input file. Doxygen will invoke the filter program 
-# by executing (via popen()) the command <filter> <input-file>, where <filter>
-# is the value of the INPUT_FILTER tag, and <input-file> is the name of an
-# input file. Doxygen will then use the output that the filter program writes
-# to standard output.
+# by executing (via popen()) the command <filter> <input-file>, where <filter> 
+# is the value of the INPUT_FILTER tag, and <input-file> is the name of an 
+# input file. Doxygen will then use the output that the filter program writes 
+# to standard output.  If FILTER_PATTERNS is specified, this tag will be 
+# ignored.
 
-INPUT_FILTER         =
+INPUT_FILTER           = 
 
+# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern 
+# basis.  Doxygen will compare the file name with each pattern and apply the 
+# filter if there is a match.  The filters are a list of the form: 
+# pattern=filter (like *.cpp=my_cpp_filter). See INPUT_FILTER for further 
+# info on how filters are used. If FILTER_PATTERNS is empty, INPUT_FILTER 
+# is applied to all files.
+
+FILTER_PATTERNS        = 
+
+# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using 
+# INPUT_FILTER) will be used to filter the input files when producing source 
+# files to browse (i.e. when SOURCE_BROWSER is set to YES).
+
+FILTER_SOURCE_FILES    = NO
+
 #---------------------------------------------------------------------------
+# configuration options related to source browsing
+#---------------------------------------------------------------------------
+
+# If the SOURCE_BROWSER tag is set to YES then a list of source files will 
+# be generated. Documented entities will be cross-referenced with these sources. 
+# Note: To get rid of all source code in the generated output, make sure also 
+# VERBATIM_HEADERS is set to NO. If you have enabled CALL_GRAPH or CALLER_GRAPH 
+# then you must also enable this option. If you don't then doxygen will produce 
+# a warning and turn it on anyway
+
+SOURCE_BROWSER         = no
+
+# Setting the INLINE_SOURCES tag to YES will include the body 
+# of functions and classes directly in the documentation.
+
+INLINE_SOURCES         = NO
+
+# Setting the STRIP_CODE_COMMENTS tag to YES (the default) will instruct 
+# doxygen to hide any special comment blocks from generated source code 
+# fragments. Normal C and C++ comments will always remain visible.
+
+STRIP_CODE_COMMENTS    = YES
+
+# If the REFERENCED_BY_RELATION tag is set to YES (the default) 
+# then for each documented function all documented 
+# functions referencing it will be listed.
+
+REFERENCED_BY_RELATION = YES
+
+# If the REFERENCES_RELATION tag is set to YES (the default) 
+# then for each documented function all documented entities 
+# called/used by that function will be listed.
+
+REFERENCES_RELATION    = YES
+
+# If the REFERENCES_LINK_SOURCE tag is set to YES (the default)
+# and SOURCE_BROWSER tag is set to YES, then the hyperlinks from
+# functions in REFERENCES_RELATION and REFERENCED_BY_RELATION lists will
+# link to the source code.  Otherwise they will link to the documentstion.
+
+REFERENCES_LINK_SOURCE = YES
+
+# If the USE_HTAGS tag is set to YES then the references to source code 
+# will point to the HTML generated by the htags(1) tool instead of doxygen 
+# built-in source browser. The htags tool is part of GNU's global source 
+# tagging system (see http://www.gnu.org/software/global/global.html). You 
+# will need version 4.8.6 or higher.
+
+USE_HTAGS              = NO
+
+# If the VERBATIM_HEADERS tag is set to YES (the default) then Doxygen 
+# will generate a verbatim copy of the header file for each class for 
+# which an include is specified. Set to NO to disable this.
+
+VERBATIM_HEADERS       = YES
+
+#---------------------------------------------------------------------------
+# configuration options related to the alphabetical class index
+#---------------------------------------------------------------------------
+
+# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index 
+# of all compounds will be generated. Enable this if the project 
+# contains a lot of classes, structs, unions or interfaces.
+
+ALPHABETICAL_INDEX     = NO
+
+# If the alphabetical index is enabled (see ALPHABETICAL_INDEX) then 
+# the COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns 
+# in which this list will be split (can be a number in the range [1..20])
+
+COLS_IN_ALPHA_INDEX    = 5
+
+# In case all classes in a project start with a common prefix, all 
+# classes will be put under the same header in the alphabetical index. 
+# The IGNORE_PREFIX tag can be used to specify one or more prefixes that 
+# should be ignored while generating the index headers.
+
+IGNORE_PREFIX          = 
+
+#---------------------------------------------------------------------------
 # configuration options related to the HTML output
 #---------------------------------------------------------------------------
 
-# If the GENERATE_HTML tag is set to YES (the default) Doxygen will
-# generate HTML output
+# If the GENERATE_HTML tag is set to YES (the default) Doxygen will 
+# generate HTML output.
 
-GENERATE_HTML        = YES
+GENERATE_HTML          = YES
 
-# The HTML_OUTPUT tag is used to specify where the HTML docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# The HTML_OUTPUT tag is used to specify where the HTML docs will be put. 
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be 
 # put in front of it. If left blank `html' will be used as the default path.
 
-HTML_OUTPUT          =
+HTML_OUTPUT            = 
 
+# The HTML_FILE_EXTENSION tag can be used to specify the file extension for 
+# each generated HTML page (for example: .htm,.php,.asp). If it is left blank 
+# doxygen will generate files with .html extension.
+
+HTML_FILE_EXTENSION    = .html
+
 # The HTML_HEADER tag can be used to specify a personal HTML header for 
 # each generated HTML page. If it is left blank doxygen will generate a 
 # standard header.
 
-HTML_HEADER          =
+HTML_HEADER            = 
 
 # The HTML_FOOTER tag can be used to specify a personal HTML footer for 
 # each generated HTML page. If it is left blank doxygen will generate a 
 # standard footer.
 
-HTML_FOOTER          = 
+HTML_FOOTER            = 
 
-# The HTML_STYLESHEET tag can be used to specify a user defined cascading
+# The HTML_STYLESHEET tag can be used to specify a user-defined cascading 
 # style sheet that is used by each HTML page. It can be used to 
-# fine-tune the look of the HTML output. If the tag is left blank doxygen
-# will generate a default style sheet
+# fine-tune the look of the HTML output. If the tag is left blank doxygen 
+# will generate a default style sheet. Note that doxygen will try to copy 
+# the style sheet file to the HTML output directory, so don't put your own 
+# stylesheet in the HTML output directory as well, or it will be erased!
 
-HTML_STYLESHEET      =
+HTML_STYLESHEET        = 
 
-# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes,
-# files or namespaces will be aligned in HTML using tables. If set to
+# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes, 
+# files or namespaces will be aligned in HTML using tables. If set to 
 # NO a bullet list will be used.
 
-HTML_ALIGN_MEMBERS   = YES
+HTML_ALIGN_MEMBERS     = YES
 
-# If the GENERATE_HTMLHELP tag is set to YES, additional index files
-# will be generated that can be used as input for tools like the
-# Microsoft HTML help workshop to generate a compressed HTML help file (.chm)
+# If the GENERATE_HTMLHELP tag is set to YES, additional index files 
+# will be generated that can be used as input for tools like the 
+# Microsoft HTML help workshop to generate a compressed HTML help file (.chm) 
 # of the generated HTML documentation.
 
-GENERATE_HTMLHELP    = NO
+GENERATE_HTMLHELP      = NO
 
-# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index
-# of all compounds will be generated. Enable this if the project
-# contains a lot of classes, structs, unions or interfaces.
+# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML 
+# documentation will contain sections that can be hidden and shown after the 
+# page has loaded. For this to work a browser that supports 
+# JavaScript and DHTML is required (for instance Mozilla 1.0+, Firefox 
+# Netscape 6.0+, Internet explorer 5.0+, Konqueror, or Safari).
 
-ALPHABETICAL_INDEX   = NO
+HTML_DYNAMIC_SECTIONS  = NO
 
-# If the alphabetical index is enabled (see ALPHABETICAL_INDEX) then
-# the COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns
-# in which this list will be split (can be a number in the range [1..20])
+# If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can 
+# be used to specify the file name of the resulting .chm file. You 
+# can add a path in front of the file if the result should not be 
+# written to the html output directory.
 
-COLS_IN_ALPHA_INDEX  = 5
+CHM_FILE               = 
 
+# If the GENERATE_HTMLHELP tag is set to YES, the HHC_LOCATION tag can 
+# be used to specify the location (absolute path including file name) of 
+# the HTML help compiler (hhc.exe). If non-empty doxygen will try to run 
+# the HTML help compiler on the generated index.hhp.
+
+HHC_LOCATION           = 
+
+# If the GENERATE_HTMLHELP tag is set to YES, the GENERATE_CHI flag 
+# controls if a separate .chi index file is generated (YES) or that 
+# it should be included in the master .chm file (NO).
+
+GENERATE_CHI           = NO
+
+# If the GENERATE_HTMLHELP tag is set to YES, the BINARY_TOC flag 
+# controls whether a binary table of contents is generated (YES) or a 
+# normal table of contents (NO) in the .chm file.
+
+BINARY_TOC             = NO
+
+# The TOC_EXPAND flag can be set to YES to add extra items for group members 
+# to the contents of the HTML help documentation and to the tree view.
+
+TOC_EXPAND             = NO
+
+# The DISABLE_INDEX tag can be used to turn on/off the condensed index at 
+# top of each HTML page. The value NO (the default) enables the index and 
+# the value YES disables it.
+
+DISABLE_INDEX          = NO
+
+# This tag can be used to set the number of enum values (range [1..20]) 
+# that doxygen will group on one line in the generated HTML documentation.
+
+ENUM_VALUES_PER_LINE   = 4
+
+# If the GENERATE_TREEVIEW tag is set to YES, a side panel will be
+# generated containing a tree-like index structure (just like the one that 
+# is generated for HTML Help). For this to work a browser that supports 
+# JavaScript, DHTML, CSS and frames is required (for instance Mozilla 1.0+, 
+# Netscape 6.0+, Internet explorer 5.0+, or Konqueror). Windows users are 
+# probably better off using the HTML help feature.
+
+GENERATE_TREEVIEW      = NO
+
+# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be 
+# used to set the initial width (in pixels) of the frame in which the tree 
+# is shown.
+
+TREEVIEW_WIDTH         = 250
+
 #---------------------------------------------------------------------------
 # configuration options related to the LaTeX output
 #---------------------------------------------------------------------------
 
-# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will
+# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will 
 # generate Latex output.
 
-GENERATE_LATEX       = no
+GENERATE_LATEX         = no
 
-# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put. 
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be 
 # put in front of it. If left blank `latex' will be used as the default path.
 
-LATEX_OUTPUT         =
+LATEX_OUTPUT           = 
 
-# If the COMPACT_LATEX tag is set to YES Doxygen generates more compact
-# LaTeX documents. This may be useful for small projects and may help to
+# The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be 
+# invoked. If left blank `latex' will be used as the default command name.
+
+LATEX_CMD_NAME         = latex
+
+# The MAKEINDEX_CMD_NAME tag can be used to specify the command name to 
+# generate index for LaTeX. If left blank `makeindex' will be used as the 
+# default command name.
+
+MAKEINDEX_CMD_NAME     = makeindex
+
+# If the COMPACT_LATEX tag is set to YES Doxygen generates more compact 
+# LaTeX documents. This may be useful for small projects and may help to 
 # save some trees in general.
 
-COMPACT_LATEX        = NO
+COMPACT_LATEX          = NO
 
-# The PAPER_TYPE tag can be used to set the paper type that is used
+# The PAPER_TYPE tag can be used to set the paper type that is used 
 # by the printer. Possible values are: a4, a4wide, letter, legal and 
 # executive. If left blank a4wide will be used.
 
-PAPER_TYPE           = a4wide
+PAPER_TYPE             = a4wide
 
-# The EXTRA_PACKAGES tag can be to specify one or more names of LaTeX
+# The EXTRA_PACKAGES tag can be to specify one or more names of LaTeX 
 # packages that should be included in the LaTeX output.
 
-EXTRA_PACKAGES       =
+EXTRA_PACKAGES         = 
 
 # The LATEX_HEADER tag can be used to specify a personal LaTeX header for 
-# the generated latex document. The header should contain everything until
+# the generated latex document. The header should contain everything until 
 # the first chapter. If it is left blank doxygen will generate a 
 # standard header. Notice: only use this tag if you know what you are doing!
 
-LATEX_HEADER         =
+LATEX_HEADER           = 
 
-# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated
-# is prepared for conversion to pdf (using ps2pdf). The pdf file will
-# contain links (just like the HTML output) instead of page references
+# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated 
+# is prepared for conversion to pdf (using ps2pdf). The pdf file will 
+# contain links (just like the HTML output) instead of page references 
 # This makes the output suitable for online browsing using a pdf viewer.
 
-PDF_HYPERLINKS       = NO
+PDF_HYPERLINKS         = NO
 
+# If the USE_PDFLATEX tag is set to YES, pdflatex will be used instead of 
+# plain latex in the generated Makefile. Set this option to YES to get a 
+# higher quality PDF documentation.
+
+USE_PDFLATEX           = NO
+
+# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \\batchmode. 
+# command to the generated LaTeX files. This will instruct LaTeX to keep 
+# running if errors occur, instead of asking the user for help. 
+# This option is also used when generating formulas in HTML.
+
+LATEX_BATCHMODE        = NO
+
+# If LATEX_HIDE_INDICES is set to YES then doxygen will not 
+# include the index chapters (such as File Index, Compound Index, etc.) 
+# in the output.
+
+LATEX_HIDE_INDICES     = NO
+
 #---------------------------------------------------------------------------
+# configuration options related to the RTF output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_RTF tag is set to YES Doxygen will generate RTF output 
+# The RTF output is optimized for Word 97 and may not look very pretty with 
+# other RTF readers or editors.
+
+GENERATE_RTF           = NO
+
+# The RTF_OUTPUT tag is used to specify where the RTF docs will be put. 
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be 
+# put in front of it. If left blank `rtf' will be used as the default path.
+
+RTF_OUTPUT             = rtf
+
+# If the COMPACT_RTF tag is set to YES Doxygen generates more compact 
+# RTF documents. This may be useful for small projects and may help to 
+# save some trees in general.
+
+COMPACT_RTF            = NO
+
+# If the RTF_HYPERLINKS tag is set to YES, the RTF that is generated 
+# will contain hyperlink fields. The RTF file will 
+# contain links (just like the HTML output) instead of page references. 
+# This makes the output suitable for online browsing using WORD or other 
+# programs which support those fields. 
+# Note: wordpad (write) and others do not support links.
+
+RTF_HYPERLINKS         = NO
+
+# Load stylesheet definitions from file. Syntax is similar to doxygen's 
+# config file, i.e. a series of assignments. You only have to provide 
+# replacements, missing definitions are set to their default value.
+
+RTF_STYLESHEET_FILE    = 
+
+# Set optional variables used in the generation of an rtf document. 
+# Syntax is similar to doxygen's config file.
+
+RTF_EXTENSIONS_FILE    = 
+
+#---------------------------------------------------------------------------
 # configuration options related to the man page output
 #---------------------------------------------------------------------------
 
-# If the GENERATE_MAN tag is set to YES (the default) Doxygen will
+# If the GENERATE_MAN tag is set to YES (the default) Doxygen will 
 # generate man pages
 
-GENERATE_MAN         = no
+GENERATE_MAN           = no
 
-# The MAN_OUTPUT tag is used to specify where the man pages will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# The MAN_OUTPUT tag is used to specify where the man pages will be put. 
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be 
 # put in front of it. If left blank `man' will be used as the default path.
 
-MAN_OUTPUT           =
+MAN_OUTPUT             = 
 
-# The MAN_EXTENSION tag determines the extension that is added to
+# The MAN_EXTENSION tag determines the extension that is added to 
 # the generated man pages (default is the subroutine's section .3)
 
-MAN_EXTENSION        = .3
+MAN_EXTENSION          = .3
 
+# If the MAN_LINKS tag is set to YES and Doxygen generates man output, 
+# then it will generate one additional man file for each entity 
+# documented in the real man page(s). These additional files 
+# only source the real man page, but without them the man command 
+# would be unable to find the correct page. The default is NO.
+
+MAN_LINKS              = NO
+
 #---------------------------------------------------------------------------
-# Configuration options related to the preprocessor 
+# configuration options related to the XML output
 #---------------------------------------------------------------------------
 
-# If the ENABLE_PREPROCESSING tag is set to YES (the default) Doxygen will
-# evaluate all C-preprocessor directives found in the sources and include
+# If the GENERATE_XML tag is set to YES Doxygen will 
+# generate an XML file that captures the structure of 
+# the code including all documentation.
+
+GENERATE_XML           = NO
+
+# The XML_OUTPUT tag is used to specify where the XML pages will be put. 
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be 
+# put in front of it. If left blank `xml' will be used as the default path.
+
+XML_OUTPUT             = xml
+
+# The XML_SCHEMA tag can be used to specify an XML schema, 
+# which can be used by a validating XML parser to check the 
+# syntax of the XML files.
+
+XML_SCHEMA             = 
+
+# The XML_DTD tag can be used to specify an XML DTD, 
+# which can be used by a validating XML parser to check the 
+# syntax of the XML files.
+
+XML_DTD                = 
+
+# If the XML_PROGRAMLISTING tag is set to YES Doxygen will 
+# dump the program listings (including syntax highlighting 
+# and cross-referencing information) to the XML output. Note that 
+# enabling this will significantly increase the size of the XML output.
+
+XML_PROGRAMLISTING     = YES
+
+#---------------------------------------------------------------------------
+# configuration options for the AutoGen Definitions output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_AUTOGEN_DEF tag is set to YES Doxygen will 
+# generate an AutoGen Definitions (see autogen.sf.net) file 
+# that captures the structure of the code including all 
+# documentation. Note that this feature is still experimental 
+# and incomplete at the moment.
+
+GENERATE_AUTOGEN_DEF   = NO
+
+#---------------------------------------------------------------------------
+# configuration options related to the Perl module output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_PERLMOD tag is set to YES Doxygen will 
+# generate a Perl module file that captures the structure of 
+# the code including all documentation. Note that this 
+# feature is still experimental and incomplete at the 
+# moment.
+
+GENERATE_PERLMOD       = NO
+
+# If the PERLMOD_LATEX tag is set to YES Doxygen will generate 
+# the necessary Makefile rules, Perl scripts and LaTeX code to be able 
+# to generate PDF and DVI output from the Perl module output.
+
+PERLMOD_LATEX          = NO
+
+# If the PERLMOD_PRETTY tag is set to YES the Perl module output will be 
+# nicely formatted so it can be parsed by a human reader.  This is useful 
+# if you want to understand what is going on.  On the other hand, if this 
+# tag is set to NO the size of the Perl module output will be much smaller 
+# and Perl will parse it just the same.
+
+PERLMOD_PRETTY         = YES
+
+# The names of the make variables in the generated doxyrules.make file 
+# are prefixed with the string contained in PERLMOD_MAKEVAR_PREFIX. 
+# This is useful so different doxyrules.make files included by the same 
+# Makefile don't overwrite each other's variables.
+
+PERLMOD_MAKEVAR_PREFIX = 
+
+#---------------------------------------------------------------------------
+# Configuration options related to the preprocessor   
+#---------------------------------------------------------------------------
+
+# If the ENABLE_PREPROCESSING tag is set to YES (the default) Doxygen will 
+# evaluate all C-preprocessor directives found in the sources and include 
 # files.
 
-ENABLE_PREPROCESSING = YES
+ENABLE_PREPROCESSING   = YES
 
-# If the MACRO_EXPANSION tag is set to YES Doxygen will expand all macro
+# If the MACRO_EXPANSION tag is set to YES Doxygen will expand all macro 
 # names in the source code. If set to NO (the default) only conditional 
-# compilation will be performed.
+# compilation will be performed. Macro expansion can be done in a controlled 
+# way by setting EXPAND_ONLY_PREDEF to YES.
 
-MACRO_EXPANSION      = NO
+MACRO_EXPANSION        = NO
 
-# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files
+# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES 
+# then the macro expansion is limited to the macros specified with the 
+# PREDEFINED and EXPAND_AS_DEFINED tags.
+
+EXPAND_ONLY_PREDEF     = NO
+
+# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files 
 # in the INCLUDE_PATH (see below) will be search if a #include is found.
 
-SEARCH_INCLUDES      = YES
+SEARCH_INCLUDES        = YES
 
-# The INCLUDE_PATH tag can be used to specify one or more directories that
-# contain include files that are not input files but should be processed by
+# The INCLUDE_PATH tag can be used to specify one or more directories that 
+# contain include files that are not input files but should be processed by 
 # the preprocessor.
 
-INCLUDE_PATH         =
+INCLUDE_PATH           = 
 
-# The PREDEFINED tag can be used to specify one or more macro names that
-# are defined before the preprocessor is started (similar to the -D option of
-# gcc). The argument of the tag is a list of macros of the form: name
+# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard 
+# patterns (like *.h and *.hpp) to filter out the header-files in the 
+# directories. If left blank, the patterns specified with FILE_PATTERNS will 
+# be used.
+
+INCLUDE_FILE_PATTERNS  = 
+
+# The PREDEFINED tag can be used to specify one or more macro names that 
+# are defined before the preprocessor is started (similar to the -D option of 
+# gcc). The argument of the tag is a list of macros of the form: name 
 # or name=definition (no spaces). If the definition and the = are 
-# omitted =1 is assumed.
+# omitted =1 is assumed. To prevent a macro definition from being 
+# undefined via #undef or recursively expanded use the := operator 
+# instead of the = operator.
 
-PREDEFINED           =
+PREDEFINED             = 
 
-# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES
-# then the macro expansion is limited to the macros specified with the
-# PREDEFINED tag.
+# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then 
+# this tag can be used to specify a list of macro names that should be expanded. 
+# The macro definition that is found in the sources will be used. 
+# Use the PREDEFINED tag if you want to use a different macro definition.
 
-EXPAND_ONLY_PREDEF   = NO
+EXPAND_AS_DEFINED      = 
 
+# If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then 
+# doxygen's preprocessor will remove all function-like macros that are alone 
+# on a line, have an all uppercase name, and do not end with a semicolon. Such 
+# function macros are typically used for boiler-plate code, and will confuse 
+# the parser if not removed.
+
+SKIP_FUNCTION_MACROS   = YES
+
 #---------------------------------------------------------------------------
-# Configuration options related to external references 
+# Configuration::additions related to external references   
 #---------------------------------------------------------------------------
 
-# The TAGFILES tag can be used to specify one or more tagfiles. 
+# The TAGFILES option can be used to specify one or more tagfiles. 
+# Optionally an initial location of the external documentation 
+# can be added for each tagfile. The format of a tag file without 
+# this location is as follows: 
+#   TAGFILES = file1 file2 ... 
+# Adding location for the tag files is done as follows: 
+#   TAGFILES = file1=loc1 "file2 = loc2" ... 
+# where "loc1" and "loc2" can be relative or absolute paths or 
+# URLs. If a location is present for each tag, the installdox tool 
+# does not have to be run to correct the links.
+# Note that each tag file must have a unique name
+# (where the name does NOT include the path)
+# If a tag file is not located in the directory in which doxygen 
+# is run, you must also specify the path to the tagfile here.
 
-TAGFILES             =
+TAGFILES               = 
 
-# When a file name is specified after GENERATE_TAGFILE, doxygen will create
+# When a file name is specified after GENERATE_TAGFILE, doxygen will create 
 # a tag file that is based on the input files it reads.
 
-GENERATE_TAGFILE     =
+GENERATE_TAGFILE       = 
 
-# If the ALLEXTERNALS tag is set to YES all external classes will be listed
-# in the class index. If set to NO only the inherited external classes
+# If the ALLEXTERNALS tag is set to YES all external classes will be listed 
+# in the class index. If set to NO only the inherited external classes 
 # will be listed.
 
-ALLEXTERNALS         = NO
+ALLEXTERNALS           = NO
 
-# The PERL_PATH should be the absolute path and name of the perl script
+# If the EXTERNAL_GROUPS tag is set to YES all external groups will be listed 
+# in the modules index. If set to NO, only the current project's groups will 
+# be listed.
+
+EXTERNAL_GROUPS        = YES
+
+# The PERL_PATH should be the absolute path and name of the perl script 
 # interpreter (i.e. the result of `which perl').
 
-PERL_PATH            = /usr/bin/perl
+PERL_PATH              = /usr/bin/perl
 
 #---------------------------------------------------------------------------
-# Configuration options related to the search engine 
+# Configuration options related to the dot tool   
 #---------------------------------------------------------------------------
 
-# The SEARCHENGINE tag specifies whether or not a search engine should be 
-# used. If set to NO the values of all tags below this one will be ignored.
+# If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will 
+# generate a inheritance diagram (in HTML, RTF and LaTeX) for classes with base 
+# or super classes. Setting the tag to NO turns the diagrams off. Note that 
+# this option is superseded by the HAVE_DOT option below. This is only a 
+# fallback. It is recommended to install and use dot, since it yields more 
+# powerful graphs.
 
-SEARCHENGINE         = NO
+CLASS_DIAGRAMS         = YES
 
-# The CGI_NAME tag should be the name of the CGI script that
-# starts the search engine (doxysearch) with the correct parameters.
-# A script with this name will be generated by doxygen.
+# You can define message sequence charts within doxygen comments using the \msc 
+# command. Doxygen will then run the mscgen tool (see http://www.mcternan.me.uk/mscgen/) to 
+# produce the chart and insert it in the documentation. The MSCGEN_PATH tag allows you to 
+# specify the directory where the mscgen tool resides. If left empty the tool is assumed to 
+# be found in the default search path.
 
-CGI_NAME             = search.cgi
+MSCGEN_PATH            = 
 
-# The CGI_URL tag should be the absolute URL to the directory where the
-# cgi binaries are located. See the documentation of your http daemon for 
-# details.
+# If set to YES, the inheritance and collaboration graphs will hide 
+# inheritance and usage relations if the target is undocumented 
+# or is not a class.
 
-CGI_URL              =
+HIDE_UNDOC_RELATIONS   = YES
 
-# The DOC_URL tag should be the absolute URL to the directory where the
-# documentation is located. If left blank the absolute path to the 
-# documentation, with file:// prepended to it, will be used.
+# If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is 
+# available from the path. This tool is part of Graphviz, a graph visualization 
+# toolkit from AT&T and Lucent Bell Labs. The other options in this section 
+# have no effect if this option is set to NO (the default)
 
-DOC_URL              =
+HAVE_DOT               = NO
 
-# The DOC_ABSPATH tag should be the absolute path to the directory where the
-# documentation is located. If left blank the directory on the local machine
-# will be used.
+# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen 
+# will generate a graph for each documented class showing the direct and 
+# indirect inheritance relations. Setting this tag to YES will force the 
+# the CLASS_DIAGRAMS tag to NO.
 
-DOC_ABSPATH          =
+CLASS_GRAPH            = YES
 
-# The BIN_ABSPATH tag must point to the directory where the doxysearch binary
-# is installed.
+# If the COLLABORATION_GRAPH and HAVE_DOT tags are set to YES then doxygen 
+# will generate a graph for each documented class showing the direct and 
+# indirect implementation dependencies (inheritance, containment, and 
+# class references variables) of the class with other documented classes.
 
-BIN_ABSPATH          = /usr/local/bin/
+COLLABORATION_GRAPH    = YES
 
-# The EXT_DOC_PATHS tag can be used to specify one or more paths to 
-# documentation generated for other projects. This allows doxysearch to search
-# the documentation for these projects as well.
+# If the GROUP_GRAPHS and HAVE_DOT tags are set to YES then doxygen 
+# will generate a graph for groups, showing the direct groups dependencies
 
-EXT_DOC_PATHS        =
+GROUP_GRAPHS           = YES
+
+# If the UML_LOOK tag is set to YES doxygen will generate inheritance and 
+# collaboration diagrams in a style similar to the OMG's Unified Modeling 
+# Language.
+
+UML_LOOK               = NO
+
+# If set to YES, the inheritance and collaboration graphs will show the 
+# relations between templates and their instances.
+
+TEMPLATE_RELATIONS     = NO
+
+# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDE_GRAPH, and HAVE_DOT 
+# tags are set to YES then doxygen will generate a graph for each documented 
+# file showing the direct and indirect include dependencies of the file with 
+# other documented files.
+
+INCLUDE_GRAPH          = YES
+
+# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDED_BY_GRAPH, and 
+# HAVE_DOT tags are set to YES then doxygen will generate a graph for each 
+# documented header file showing the documented files that directly or 
+# indirectly include this file.
+
+INCLUDED_BY_GRAPH      = YES
+
+# If the CALL_GRAPH, SOURCE_BROWSER and HAVE_DOT tags are set to YES then doxygen will 
+# generate a call dependency graph for every global function or class method. 
+# Note that enabling this option will significantly increase the time of a run. 
+# So in most cases it will be better to enable call graphs for selected 
+# functions only using the \callgraph command.
+
+CALL_GRAPH             = NO
+
+# If the CALLER_GRAPH, SOURCE_BROWSER and HAVE_DOT tags are set to YES then doxygen will 
+# generate a caller dependency graph for every global function or class method. 
+# Note that enabling this option will significantly increase the time of a run. 
+# So in most cases it will be better to enable caller graphs for selected 
+# functions only using the \callergraph command.
+
+CALLER_GRAPH           = NO
+
+# If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen 
+# will graphical hierarchy of all classes instead of a textual one.
+
+GRAPHICAL_HIERARCHY    = YES
+
+# If the DIRECTORY_GRAPH, SHOW_DIRECTORIES and HAVE_DOT tags are set to YES 
+# then doxygen will show the dependencies a directory has on other directories 
+# in a graphical way. The dependency relations are determined by the #include
+# relations between the files in the directories.
+
+DIRECTORY_GRAPH        = YES
+
+# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images 
+# generated by dot. Possible values are png, jpg, or gif
+# If left blank png will be used.
+
+DOT_IMAGE_FORMAT       = png
+
+# The tag DOT_PATH can be used to specify the path where the dot tool can be 
+# found. If left blank, it is assumed the dot tool can be found in the path.
+
+DOT_PATH               = 
+
+# The DOTFILE_DIRS tag can be used to specify one or more directories that 
+# contain dot files that are included in the documentation (see the 
+# \dotfile command).
+
+DOTFILE_DIRS           = 
+
+# The MAX_DOT_GRAPH_MAX_NODES tag can be used to set the maximum number of 
+# nodes that will be shown in the graph. If the number of nodes in a graph 
+# becomes larger than this value, doxygen will truncate the graph, which is 
+# visualized by representing a node as a red box. Note that doxygen if the number 
+# of direct children of the root node in a graph is already larger than 
+# MAX_DOT_GRAPH_NOTES then the graph will not be shown at all. Also note 
+# that the size of a graph can be further restricted by MAX_DOT_GRAPH_DEPTH.
+
+DOT_GRAPH_MAX_NODES    = 50
+
+# The MAX_DOT_GRAPH_DEPTH tag can be used to set the maximum depth of the 
+# graphs generated by dot. A depth value of 3 means that only nodes reachable 
+# from the root by following a path via at most 3 edges will be shown. Nodes 
+# that lay further from the root node will be omitted. Note that setting this 
+# option to 1 or 2 may greatly reduce the computation time needed for large 
+# code bases. Also note that the size of a graph can be further restricted by 
+# DOT_GRAPH_MAX_NODES. Using a depth of 0 means no depth restriction.
+
+MAX_DOT_GRAPH_DEPTH    = 0
+
+# Set the DOT_TRANSPARENT tag to YES to generate images with a transparent 
+# background. This is disabled by default, which results in a white background. 
+# Warning: Depending on the platform used, enabling this option may lead to 
+# badly anti-aliased labels on the edges of a graph (i.e. they become hard to 
+# read).
+
+DOT_TRANSPARENT        = YES
+
+# Set the DOT_MULTI_TARGETS tag to YES allow dot to generate multiple output 
+# files in one run (i.e. multiple -o and -T options on the command line). This 
+# makes dot run faster, but since only newer versions of dot (>1.8.10) 
+# support this, this feature is disabled by default.
+
+DOT_MULTI_TARGETS      = NO
+
+# If the GENERATE_LEGEND tag is set to YES (the default) Doxygen will 
+# generate a legend page explaining the meaning of the various boxes and 
+# arrows in the dot generated graphs.
+
+GENERATE_LEGEND        = YES
+
+# If the DOT_CLEANUP tag is set to YES (the default) Doxygen will 
+# remove the intermediate dot files that are used to generate 
+# the various graphs.
+
+DOT_CLEANUP            = YES
+
+#---------------------------------------------------------------------------
+# Configuration::additions related to the search engine   
+#---------------------------------------------------------------------------
+
+# The SEARCHENGINE tag specifies whether or not a search engine should be 
+# used. If set to NO the values of all tags below this one will be ignored.
+
+SEARCHENGINE           = NO

Modified: openldap/trunk/contrib/ldapc++/examples/Makefile.am
===================================================================
--- openldap/trunk/contrib/ldapc++/examples/Makefile.am	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/examples/Makefile.am	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,5 @@
+# $OpenLDAP: pkg/ldap/contrib/ldapc++/examples/Makefile.am,v 1.2.4.3 2008/04/14 23:18:59 quanah Exp $
+
 ##
 # Copyright 2003, OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/examples/Makefile.in
===================================================================
--- openldap/trunk/contrib/ldapc++/examples/Makefile.in	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/examples/Makefile.in	2008-05-25 14:29:31 UTC (rev 1128)
@@ -14,6 +14,8 @@
 
 @SET_MAKE@
 
+# $OpenLDAP: pkg/ldap/contrib/ldapc++/examples/Makefile.in,v 1.3.2.3 2008/04/14 23:18:59 quanah Exp $
+
 VPATH = @srcdir@
 pkgdatadir = $(datadir)/@PACKAGE@
 pkglibdir = $(libdir)/@PACKAGE@

Modified: openldap/trunk/contrib/ldapc++/examples/main.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/examples/main.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/examples/main.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/examples/main.cpp,v 1.1.8.3 2008/04/14 23:18:59 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -3,6 +4,6 @@
  */
 
-#include<iostream>
-#include<sstream>
+#include <iostream>
+#include <sstream>
 #include "LDAPConnection.h"
 #include "LDAPConstraints.h"
@@ -14,9 +15,8 @@
 #include "LDAPEntry.h"
 #include "LDAPException.h"
 #include "LDAPModification.h"
-#include "LDAPReferralException.h"
 
-#include"debug.h"
+#include "debug.h"
 
 int main(){
     LDAPConstraints* cons=new LDAPConstraints;
@@ -69,7 +69,7 @@
         
         lc->unbind();
         delete lc;
-   }catch (LDAPException e){
+   }catch (LDAPException &e){
         std::cout << "-------------- caught Exception ---------"<< std::endl;
         std::cout << e << std::endl;
     }

Modified: openldap/trunk/contrib/ldapc++/examples/readSchema.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/examples/readSchema.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/examples/readSchema.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,11 @@
-#include<iostream>
-#include<sstream>
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/examples/readSchema.cpp,v 1.1.6.3 2008/04/14 23:18:59 quanah Exp $
+/*
+ * Copyright 2008, OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include <iostream>
+#include <sstream>
 #include "LDAPConnection.h"
 #include "LDAPConstraints.h"
 #include "LDAPSearchReference.h"
@@ -9,10 +15,9 @@
 #include "LDAPEntry.h"
 #include "LDAPException.h"
 #include "LDAPModification.h"
-#include "LDAPReferralException.h"
 #include "LDAPSchema.h"
 
-#include"debug.h"
+#include "debug.h"
 
 int main(){
     LDAPConnection *lc=new LDAPConnection("192.168.3.128",389);

Modified: openldap/trunk/contrib/ldapc++/examples/urlTest.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/examples/urlTest.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/examples/urlTest.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,9 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/examples/urlTest.cpp,v 1.1.2.3 2008/04/14 23:18:59 quanah Exp $
+/*
+ * Copyright 2008, OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
 #include <LDAPUrl.h>
 #include <LDAPException.h>
 #include <cstdlib>

Modified: openldap/trunk/contrib/ldapc++/src/LDAPAddRequest.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPAddRequest.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPAddRequest.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPAddRequest.cpp,v 1.6.6.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPAddRequest.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPAddRequest.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPAddRequest.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPAddRequest.h,v 1.3.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPAsynConnection.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPAsynConnection.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPAsynConnection.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPAsynConnection.cpp,v 1.13.2.6 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000-2006, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -24,15 +25,20 @@
 
 using namespace std;
 
-LDAPAsynConnection::LDAPAsynConnection(const string& hostname, int port,
+LDAPAsynConnection::LDAPAsynConnection(const string& url, int port,
                                LDAPConstraints *cons ){
     DEBUG(LDAP_DEBUG_CONSTRUCT,"LDAPAsynConnection::LDAPAsynConnection()"
             << endl);
     DEBUG(LDAP_DEBUG_CONSTRUCT | LDAP_DEBUG_PARAMETER,
-            "   host:" << hostname << endl << "   port:" << port << endl);
+            "   URL:" << url << endl << "   port:" << port << endl);
     cur_session=0;
     m_constr = 0;
-    this->init(hostname, port);
+    // Is this an LDAP URI?
+    if ( url.find("://") == std::string::npos ) {
+    	this->init(url, port);
+    } else {
+    	this->initialize(url);
+    }
     this->setConstraints(cons);
 }
 
@@ -95,6 +101,41 @@
     }
 }
 
+LDAPMessageQueue* LDAPAsynConnection::saslBind(const std::string &mech,
+		const std::string &cred,
+		const LDAPConstraints *cons)
+{
+    DEBUG(LDAP_DEBUG_TRACE, "LDAPAsynConnection::saslBind()" <<  endl);
+    LDAPSaslBindRequest *req = new LDAPSaslBindRequest(mech, cred, this, cons);
+    try{
+        LDAPMessageQueue *ret = req->sendRequest();
+        return ret;
+    }catch(LDAPException e){
+        delete req;
+        throw;
+    }
+
+}
+
+LDAPMessageQueue* LDAPAsynConnection::saslInteractiveBind(
+                        const std::string &mech,
+                        int flags,
+                        SaslInteractionHandler *sih,
+                        const LDAPConstraints *cons)
+{
+    DEBUG(LDAP_DEBUG_TRACE, "LDAPAsynConnection::saslInteractiveBind" 
+            << std::endl);
+    LDAPSaslInteractiveBind *req = 
+            new LDAPSaslInteractiveBind(mech, flags, sih, this, cons);
+    try {
+        LDAPMessageQueue *ret = req->sendRequest();
+        return ret;
+    }catch(LDAPException e){
+        delete req;
+        throw;
+    } 
+}
+
 LDAPMessageQueue* LDAPAsynConnection::search(const string& base,int scope, 
                                          const string& filter, 
                                          const StringList& attrs, 

Modified: openldap/trunk/contrib/ldapc++/src/LDAPAsynConnection.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPAsynConnection.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPAsynConnection.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPAsynConnection.h,v 1.11.2.4 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -21,6 +22,7 @@
 #include <LDAPModList.h>
 #include <LDAPUrl.h>
 #include <LDAPUrlList.h>
+#include <SaslInteractionHandler.h>
 
 //* Main class for an asynchronous LDAP connection 
 /**
@@ -59,9 +61,6 @@
          * Search
          */
         static const int SEARCH_SUB=2;
-//        static const int SEARCH_SUB=LDAP_SCOPE_SUBTREE;
-//        static const int SEARCH_ONE=LDAP_SCOPE_ONELEVEL;
-//        static const int SEARCH_SUB=LDAP_SCOPE_SUBTREE;
 
         /** Construtor that initializes a connection to a server
          * @param hostname Name (or IP-Adress) of the destination host
@@ -69,7 +68,7 @@
          * @param cons Default constraints to use with operations over 
          *      this connection
          */
-        LDAPAsynConnection(const std::string& hostname=std::string("localhost"),
+        LDAPAsynConnection(const std::string& url=std::string("localhost"),
                 int port=0, LDAPConstraints *cons=new LDAPConstraints() );
 
         //* Destructor
@@ -116,9 +115,19 @@
          * @param dn the distiguished name to bind as
          * @param passwd cleartext password to use
          */
-        LDAPMessageQueue* bind(const std::string& dn="", const std::string& passwd="",
+        LDAPMessageQueue* bind(const std::string& dn="", 
+                const std::string& passwd="",
                 const LDAPConstraints *cons=0);
 
+        LDAPMessageQueue* saslBind(const std::string& mech, 
+                const std::string& cred, 
+                const LDAPConstraints *cons=0);
+
+        LDAPMessageQueue* saslInteractiveBind(const std::string& mech,
+                int flags=0,
+                SaslInteractionHandler *sih=0,
+                const LDAPConstraints *cons=0);
+
         /** Performing a search on a directory tree.
          *
          * Use the search method to perform a search on the LDAP-Directory

Modified: openldap/trunk/contrib/ldapc++/src/LDAPAttrType.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPAttrType.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPAttrType.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPAttrType.cpp,v 1.3.4.3 2008/05/01 21:28:42 quanah Exp $
 /*
  * Copyright 2003, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -18,17 +19,6 @@
     usage = 0;
 }
 
-LDAPAttrType::LDAPAttrType (const LDAPAttrType &at){
-    DEBUG(LDAP_DEBUG_CONSTRUCT,
-            "LDAPAttrType::LDAPAttrType( )" << endl);
-
-    oid = at.oid;
-    desc = at.desc;
-    names = at.names;
-    single = at.single;
-    usage = at.usage;
-}
-
 LDAPAttrType::LDAPAttrType (string at_item) { 
 
     DEBUG(LDAP_DEBUG_CONSTRUCT,
@@ -45,6 +35,11 @@
 	this->setOid( a->at_oid );
 	this->setSingle( a->at_single_value );
 	this->setUsage( a->at_usage );
+        this->setSuperiorOid( a->at_sup_oid );
+        this->setEqualityOid( a->at_equality_oid );
+        this->setOrderingOid( a->at_ordering_oid );
+        this->setSubstringOid( a->at_substr_oid );
+        this->setSyntaxOid( a->at_syntax_oid );
     }
     // else? -> error
 }
@@ -57,17 +52,17 @@
     single = (at_single == 1);
 }
     
-void LDAPAttrType::setNames (char **at_names) {
-    names = StringList (at_names);
+void LDAPAttrType::setNames ( char **at_names ) {
+    names = StringList(at_names);
 }
 
-void LDAPAttrType::setDesc (char *at_desc) {
+void LDAPAttrType::setDesc (const char *at_desc) {
     desc = string ();
     if (at_desc)
 	desc = at_desc;
 }
 
-void LDAPAttrType::setOid (char *at_oid) {
+void LDAPAttrType::setOid (const char *at_oid) {
     oid = string ();
     if (at_oid)
 	oid = at_oid;
@@ -77,23 +72,48 @@
     usage = at_usage;
 }
 
-bool LDAPAttrType::isSingle () {
-    return single;
+void LDAPAttrType::setSuperiorOid( const char *oid ){
+    if ( oid )
+        superiorOid = oid;
 }
 
-string LDAPAttrType::getOid () {
+void LDAPAttrType::setEqualityOid( const char *oid ){
+    if ( oid )
+        equalityOid = oid;
+}
+
+void LDAPAttrType::setOrderingOid( const char *oid ){
+    if ( oid )
+        orderingOid = oid;
+}
+
+void LDAPAttrType::setSubstringOid( const char *oid ){
+    if ( oid )
+        substringOid = oid;
+}
+
+void LDAPAttrType::setSyntaxOid( const char *oid ){
+    if ( oid )
+        syntaxOid = oid;
+}
+
+bool LDAPAttrType::isSingle() const {
+    return single;
+} 
+
+string LDAPAttrType::getOid() const {
     return oid;
 }
 
-string LDAPAttrType::getDesc () {
+string LDAPAttrType::getDesc() const {
     return desc;
 }
 
-StringList LDAPAttrType::getNames () {
+StringList LDAPAttrType::getNames() const {
     return names;
 }
 
-string LDAPAttrType::getName () {
+string LDAPAttrType::getName() const {
 
     if (names.empty())
 	return "";
@@ -101,6 +121,28 @@
 	return *(names.begin());
 }
 
-int LDAPAttrType::getUsage () {
+int LDAPAttrType::getUsage() const {
     return usage;
 }
+
+std::string LDAPAttrType::getSuperiorOid() const {
+    return superiorOid;
+}
+
+std::string LDAPAttrType::getEqualityOid() const {
+    return equalityOid;
+}
+
+std::string LDAPAttrType::getOrderingOid() const {
+    return orderingOid;
+}
+
+std::string LDAPAttrType::getSubstringOid() const {
+    return substringOid;
+}
+
+std::string LDAPAttrType::getSyntaxOid() const {
+    return syntaxOid;
+}
+
+

Modified: openldap/trunk/contrib/ldapc++/src/LDAPAttrType.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPAttrType.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPAttrType.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPAttrType.h,v 1.3.4.3 2008/05/01 21:28:42 quanah Exp $
 /*
  * Copyright 2003, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -22,10 +23,11 @@
 class LDAPAttrType{
     private :
 	StringList names;
-	string desc, oid;
+	std::string desc, oid, superiorOid, equalityOid;
+        std::string orderingOid, substringOid, syntaxOid;
 	bool single;
 	int usage;
-	
+
     public :
 
         /**
@@ -34,11 +36,6 @@
         LDAPAttrType();
 
         /**
-         * Copy constructor
-         */   
-	LDAPAttrType (const LDAPAttrType& oc);
-
-        /**
 	 * Constructs new object and fills the data structure by parsing the
 	 * argument.
 	 * @param at_item description of attribute type is string returned
@@ -57,40 +54,50 @@
 	/**
 	 * Returns attribute description
 	 */
-	string getDesc ();
+	string getDesc() const;
 	
 	/**
 	 * Returns attribute oid
 	 */
-	string getOid ();
+	string getOid() const;
 
 	/**
 	 * Returns attribute name (first one if there are more of them)
 	 */
-	string getName ();
+	string getName() const;
 
 	/**
 	 * Returns all attribute names
 	 */
-	StringList getNames();
+	StringList getNames() const;
 	
 	/**
 	 * Returns true if attribute type allows only single value
 	 */
-	bool isSingle();
+	bool isSingle() const;
 	
 	/**
  	 * Return the 'usage' value:
  	 * (0=userApplications, 1=directoryOperation, 2=distributedOperation, 
 	 *  3=dSAOperation)
  	 */
- 	int getUsage ();
+ 	int getUsage () const;
+        std::string getSuperiorOid() const;
+        std::string getEqualityOid() const;
+        std::string getOrderingOid() const;
+        std::string getSubstringOid() const;
+        std::string getSyntaxOid() const;
 
-	void setNames (char **at_names);
-	void setDesc (char *at_desc);
-	void setOid (char *at_oid);
-	void setSingle (int at_single_value);
-	void setUsage (int at_usage );
+	void setNames( char **at_names);
+	void setDesc(const char *at_desc);
+	void setOid(const char *at_oid);
+	void setSingle(int at_single_value);
+	void setUsage(int at_usage );
+        void setSuperiorOid( const char *oid );
+        void setEqualityOid( const char *oid );
+        void setOrderingOid( const char *oid );
+        void setSubstringOid( const char *oid );
+        void setSyntaxOid( const char *oid );
 };
 
 #endif // LDAP_ATTRTYPE_H

Modified: openldap/trunk/contrib/ldapc++/src/LDAPAttribute.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPAttribute.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPAttribute.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,6 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPAttribute.cpp,v 1.6.10.2 2008/04/14 23:09:26 quanah Exp $
 /*
- * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 2000-2007, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
  */
 

Modified: openldap/trunk/contrib/ldapc++/src/LDAPAttribute.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPAttribute.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPAttribute.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPAttribute.h,v 1.6.8.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000-2002, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPAttributeList.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPAttributeList.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPAttributeList.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,6 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPAttributeList.cpp,v 1.7.6.3 2008/04/14 23:09:26 quanah Exp $
 /*
- * Copyright 2000-2002, OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 2000-2007, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
  */
 
@@ -139,6 +140,24 @@
     }
 }
 
+void LDAPAttributeList::replaceAttribute(const LDAPAttribute& attr)
+{
+    DEBUG(LDAP_DEBUG_TRACE,"LDAPAttribute::replaceAttribute()" << endl);
+    DEBUG(LDAP_DEBUG_TRACE | LDAP_DEBUG_PARAMETER,
+            "   attr:" << attr << endl);
+    
+    LDAPAttributeList::iterator i;
+    for( i = m_attrs.begin(); i != m_attrs.end(); i++){
+	if(attr.getName().size() == i->getName().size()){
+	    if(equal(attr.getName().begin(), attr.getName().end(), i->getName().begin(),
+		    nocase_compare)){
+                m_attrs.erase(i);
+                break;
+            }
+        }
+    }
+    m_attrs.push_back(attr);
+}
 
 LDAPMod** LDAPAttributeList::toLDAPModArray() const{
     DEBUG(LDAP_DEBUG_TRACE,"LDAPAttribute::toLDAPModArray()" << endl);

Modified: openldap/trunk/contrib/ldapc++/src/LDAPAttributeList.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPAttributeList.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPAttributeList.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPAttributeList.h,v 1.9.6.2 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000-2002, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -84,7 +85,6 @@
 	 */
 	const LDAPAttribute* getAttributeByName(const std::string& name) const;
 
-
         /**
          * Adds one element to the end of the list.
          * @param attr The attribute to add to the list.
@@ -92,6 +92,12 @@
         void addAttribute(const LDAPAttribute& attr);
 
         /**
+         * Replace an Attribute in the List
+         * @param attr The attribute to add to the list.
+         */
+        void replaceAttribute(const LDAPAttribute& attr);
+
+        /**
          * Translates the list of Attributes to a 0-terminated array of
          * LDAPMod-structures as needed by the C-API
          */

Modified: openldap/trunk/contrib/ldapc++/src/LDAPBindRequest.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPBindRequest.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPBindRequest.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,6 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPBindRequest.cpp,v 1.6.8.3 2008/04/14 23:09:26 quanah Exp $
 /*
- * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 2000-2007, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
  */
 
@@ -9,8 +10,11 @@
 
 #include "LDAPBindRequest.h"
 #include "LDAPException.h"
+#include "SaslInteractionHandler.h"
+#include "SaslInteraction.h"
 
 #include <cstdlib>
+#include <sasl/sasl.h>
 
 using namespace std;
 
@@ -73,10 +77,97 @@
     }
 }
 
-LDAPRequest* LDAPBindRequest::followReferral(LDAPMsg* /*urls*/){
-    DEBUG(LDAP_DEBUG_TRACE,"LDAPBindRequest::followReferral()" << endl);
-    DEBUG(LDAP_DEBUG_TRACE,
-            "ReferralChasing for bind-operation not implemented yet" << endl);
-    return 0;
+LDAPSaslBindRequest::LDAPSaslBindRequest(const std::string& mech,
+        const std::string& cred, 
+        LDAPAsynConnection *connect,
+        const LDAPConstraints *cons, 
+        bool isReferral) : LDAPRequest(connect, cons, isReferral),m_mech(mech), m_cred(cred) {}
+
+LDAPMessageQueue* LDAPSaslBindRequest::sendRequest()
+{
+    DEBUG(LDAP_DEBUG_TRACE,"LDAPSaslBindRequest::sendRequest()" << endl);
+    int msgID=0;
+    
+    BerValue tmpcred;
+    tmpcred.bv_val = (char*) malloc( m_cred.size() * sizeof(char));
+    m_cred.copy(tmpcred.bv_val,string::npos);
+    tmpcred.bv_len = m_cred.size();
+    
+    LDAPControl** tmpSrvCtrls=m_cons->getSrvCtrlsArray();
+    LDAPControl** tmpClCtrls=m_cons->getClCtrlsArray();
+    int err=ldap_sasl_bind(m_connection->getSessionHandle(), "", m_mech.c_str(), 
+            &tmpcred, tmpSrvCtrls, tmpClCtrls, &msgID);
+    LDAPControlSet::freeLDAPControlArray(tmpSrvCtrls);
+    LDAPControlSet::freeLDAPControlArray(tmpClCtrls);
+    free(tmpcred.bv_val);
+
+    if(err != LDAP_SUCCESS){
+        throw LDAPException(err);
+    }else{
+        m_msgID=msgID;
+        return new LDAPMessageQueue(this);
+    }
 }
 
+LDAPSaslBindRequest::~LDAPSaslBindRequest()
+{
+    DEBUG(LDAP_DEBUG_DESTROY,"LDAPSaslBindRequest::~LDAPSaslBindRequest()" << endl);
+}
+
+LDAPSaslInteractiveBind::LDAPSaslInteractiveBind( const std::string& mech, 
+        int flags, SaslInteractionHandler *sih, LDAPAsynConnection *connect,
+        const LDAPConstraints *cons, bool isReferral) : 
+            LDAPRequest(connect, cons, isReferral),
+            m_mech(mech), m_flags(flags), m_sih(sih), m_res(0)
+{
+}
+
+static int my_sasl_interact(LDAP *l, unsigned flags, void *cbh, void *interact)
+{
+    DEBUG(LDAP_DEBUG_TRACE, "LDAPSaslInteractiveBind::my_sasl_interact()" 
+            << std::endl );
+    std::list<SaslInteraction*> interactions;
+
+    sasl_interact_t *iter = (sasl_interact_t*) interact;
+    while ( iter->id != SASL_CB_LIST_END ) {
+        SaslInteraction *si = new SaslInteraction(iter);
+        interactions.push_back( si );
+        iter++;
+    }
+    ((SaslInteractionHandler*)cbh)->handleInteractions(interactions);
+    return LDAP_SUCCESS;
+}
+
+/* This kind of fakes an asynchronous operation, ldap_sasl_interactive_bind_s
+ * is synchronous */
+LDAPMessageQueue *LDAPSaslInteractiveBind::sendRequest()
+{
+    DEBUG(LDAP_DEBUG_TRACE, "LDAPSaslInteractiveBind::sendRequest()" <<
+            m_mech << std::endl);
+
+    LDAPControl** tmpSrvCtrls=m_cons->getSrvCtrlsArray();
+    LDAPControl** tmpClCtrls=m_cons->getClCtrlsArray();
+    int res = ldap_sasl_interactive_bind_s( m_connection->getSessionHandle(),
+            "", m_mech.c_str(), tmpSrvCtrls, tmpClCtrls, m_flags, 
+            my_sasl_interact, m_sih );
+
+    DEBUG(LDAP_DEBUG_TRACE, "ldap_sasl_interactive_bind_s returned: " 
+            << res << std::endl);
+    if(res != LDAP_SUCCESS){
+        throw LDAPException(res);
+    } else {
+        m_res = new LDAPResult(LDAPMsg::BIND_RESPONSE, res, ""); 
+    }
+    return new LDAPMessageQueue(this);
+}
+
+LDAPMsg* LDAPSaslInteractiveBind::getNextMessage() const 
+{
+    return m_res;
+}
+
+LDAPSaslInteractiveBind::~LDAPSaslInteractiveBind()
+{
+    DEBUG(LDAP_DEBUG_DESTROY,"LDAPSaslInteractiveBind::~LDAPSaslInteractiveBind()" << endl);
+}
+

Modified: openldap/trunk/contrib/ldapc++/src/LDAPBindRequest.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPBindRequest.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPBindRequest.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPBindRequest.h,v 1.4.10.2 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -7,6 +8,8 @@
 #define LDAP_BIND_REQUEST_H
 
 #include <LDAPRequest.h>
+#include <LDAPResult.h>
+#include <SaslInteractionHandler.h>
 
 class LDAPBindRequest : LDAPRequest {
     private:
@@ -15,14 +18,44 @@
         std::string m_mech;
 
     public:
-        LDAPBindRequest(const LDAPBindRequest& req);
+        LDAPBindRequest( const LDAPBindRequest& req);
         //just for simple authentication
         LDAPBindRequest(const std::string&, const std::string& passwd, 
                 LDAPAsynConnection *connect, const LDAPConstraints *cons, 
                 bool isReferral=false);
         virtual ~LDAPBindRequest();
         virtual LDAPMessageQueue *sendRequest();
-        virtual LDAPRequest* followReferral(LDAPMsg* urls);
 };
+
+class LDAPSaslBindRequest : LDAPRequest
+{
+    public:
+        LDAPSaslBindRequest( const std::string& mech, const std::string& cred, 
+        LDAPAsynConnection *connect, const LDAPConstraints *cons, 
+                bool isReferral=false);
+        virtual LDAPMessageQueue *sendRequest();
+        virtual ~LDAPSaslBindRequest();
+
+    private:
+        std::string m_mech;
+        std::string m_cred;
+};
+
+class LDAPSaslInteractiveBind : LDAPRequest
+{
+    public:
+        LDAPSaslInteractiveBind( const std::string& mech, int flags,
+                SaslInteractionHandler *sih, LDAPAsynConnection *connect, 
+                const LDAPConstraints *cons, bool isReferral=false);
+        virtual LDAPMessageQueue *sendRequest();
+        virtual LDAPMsg* getNextMessage() const;
+        virtual ~LDAPSaslInteractiveBind();
+
+    private:
+        std::string m_mech;
+        int m_flags;
+        SaslInteractionHandler *m_sih;
+        LDAPResult *m_res;
+};
 #endif //LDAP_BIND_REQUEST_H
 

Modified: openldap/trunk/contrib/ldapc++/src/LDAPCompareRequest.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPCompareRequest.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPCompareRequest.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPCompareRequest.cpp,v 1.4.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPCompareRequest.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPCompareRequest.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPCompareRequest.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPCompareRequest.h,v 1.4.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPConnection.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPConnection.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPConnection.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPConnection.cpp,v 1.10.4.3 2008/04/14 23:28:11 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -7,7 +8,6 @@
 
 #include "LDAPResult.h"
 #include "LDAPException.h"
-#include "LDAPReferralException.h"
 #include "LDAPUrlList.h"
 
 #include "LDAPConnection.h"
@@ -60,6 +60,40 @@
     delete msg;   // memcheck
 }
 
+void LDAPConnection::saslInteractiveBind( const std::string &mech,
+                        int flags,
+                        SaslInteractionHandler *sih,
+                        const LDAPConstraints *cons)
+{
+    DEBUG(LDAP_DEBUG_TRACE,"LDAPConnection::bind" << endl);
+    LDAPMessageQueue* msg=0;
+    LDAPResult* res=0;
+    try{
+        msg = LDAPAsynConnection::saslInteractiveBind(mech, flags, sih, cons);
+        res = (LDAPResult*)msg->getNext();
+    }catch(LDAPException e){
+        delete msg;
+        delete res;
+        throw;
+    }
+    int resCode=res->getResultCode();
+    if(resCode != LDAPResult::SUCCESS) {
+        if(resCode == LDAPResult::REFERRAL){
+            LDAPUrlList urls = res->getReferralUrls();
+            delete res;
+            delete msg;
+            throw LDAPReferralException(urls);
+        }else{
+            string srvMsg = res->getErrMsg();
+            delete res;
+            delete msg;
+            throw LDAPException(resCode, srvMsg);
+        }
+    }
+    delete res;
+    delete msg;
+}
+
 void LDAPConnection::unbind(){
     LDAPAsynConnection::unbind();
 }

Modified: openldap/trunk/contrib/ldapc++/src/LDAPConnection.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPConnection.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPConnection.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPConnection.h,v 1.8.4.2 2008/04/14 23:28:11 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -88,6 +89,10 @@
          */
         void bind(const std::string& dn="", const std::string& passwd="",
                 LDAPConstraints* cons=0);
+        void saslInteractiveBind(const std::string& mech,
+                int flags=0,
+                SaslInteractionHandler *sih=0,
+                const LDAPConstraints *cons=0);
         
         /**
          * Performs the UNBIND-operation on the destination server

Modified: openldap/trunk/contrib/ldapc++/src/LDAPConstraints.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPConstraints.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPConstraints.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPConstraints.cpp,v 1.4.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPConstraints.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPConstraints.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPConstraints.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPConstraints.h,v 1.4.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPControl.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPControl.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPControl.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPControl.cpp,v 1.4.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPControl.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPControl.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPControl.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPControl.h,v 1.5.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPControlSet.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPControlSet.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPControlSet.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPControlSet.cpp,v 1.4.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPControlSet.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPControlSet.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPControlSet.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPControlSet.h,v 1.6.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPDeleteRequest.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPDeleteRequest.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPDeleteRequest.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPDeleteRequest.cpp,v 1.7.6.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPDeleteRequest.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPDeleteRequest.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPDeleteRequest.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPDeleteRequest.h,v 1.4.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPEntry.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPEntry.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPEntry.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPEntry.cpp,v 1.5.8.4 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -22,8 +23,11 @@
 LDAPEntry::LDAPEntry(const string& dn, const LDAPAttributeList *attrs){
     DEBUG(LDAP_DEBUG_CONSTRUCT,"LDAPEntry::LDAPEntry()" << endl);
     DEBUG(LDAP_DEBUG_CONSTRUCT | LDAP_DEBUG_PARAMETER,
-            "   dn:" << dn << endl << " attrs:" << *attrs << endl);
-    m_attrs=new LDAPAttributeList(*attrs);
+            "   dn:" << dn << endl);
+    if ( attrs )
+        m_attrs=new LDAPAttributeList(*attrs);
+    else
+        m_attrs=new LDAPAttributeList();
     m_dn=dn;
 }
 
@@ -40,6 +44,13 @@
     delete m_attrs;
 }
 
+LDAPEntry& LDAPEntry::operator=(const LDAPEntry& from){
+    m_dn = from.m_dn;
+    delete m_attrs;
+    m_attrs = new LDAPAttributeList( *(from.m_attrs));
+    return *this;
+}
+
 void LDAPEntry::setDN(const string& dn){
     DEBUG(LDAP_DEBUG_TRACE,"LDAPEntry::setDN()" << endl);
     DEBUG(LDAP_DEBUG_TRACE | LDAP_DEBUG_PARAMETER,
@@ -67,6 +78,21 @@
     return m_attrs;
 }
 
+const LDAPAttribute* LDAPEntry::getAttributeByName(const std::string& name) const 
+{
+    return m_attrs->getAttributeByName(name);
+}
+
+void LDAPEntry::addAttribute(const LDAPAttribute& attr)
+{
+    m_attrs->addAttribute(attr);
+}
+
+void LDAPEntry::replaceAttribute(const LDAPAttribute& attr)
+{
+    m_attrs->replaceAttribute(attr); 
+}
+
 ostream& operator << (ostream& s, const LDAPEntry& le){
     s << "DN: " << le.m_dn << ": " << *(le.m_attrs); 
     return s;

Modified: openldap/trunk/contrib/ldapc++/src/LDAPEntry.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPEntry.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPEntry.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPEntry.h,v 1.6.8.5 2008/04/14 23:30:47 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -17,11 +18,11 @@
  */
 class LDAPEntry{
 
-	public :
+    public :
         /**
          * Copy-constructor
          */
-		LDAPEntry(const LDAPEntry& entry);
+        LDAPEntry(const LDAPEntry& entry);
 
         /**
          * Constructs a new entry (also used as standard constructor).
@@ -29,8 +30,8 @@
          * @param dn    The Distinguished Name for the new entry.
          * @param attrs The attributes for the new entry.
          */
-		LDAPEntry(const std::string& dn=std::string(), 
-                const LDAPAttributeList *attrs=new LDAPAttributeList());
+        LDAPEntry(const std::string& dn=std::string(), 
+                const LDAPAttributeList *attrs=0);
 
         /**
          * Used internally only.
@@ -38,44 +39,71 @@
          * The constructor is used internally to create a LDAPEntry from
          * the C-API's data structurs.
          */ 
-		LDAPEntry(const LDAPAsynConnection *ld, LDAPMessage *msg);
+        LDAPEntry(const LDAPAsynConnection *ld, LDAPMessage *msg);
 
         /**
          * Destructor
          */
-		~LDAPEntry();
-        
+        ~LDAPEntry();
+
         /**
+         * Assignment operator
+         */
+        LDAPEntry& operator=(const LDAPEntry& from);
+
+        /**
          * Sets the DN-attribute.
          * @param dn: The new DN for the entry.
          */
-		void setDN(const std::string& dn);
+        void setDN(const std::string& dn);
 
         /**
          * Sets the attributes of the entry.
          * @param attr: A pointer to a std::list of the new attributes.
          */
-		void setAttributes(LDAPAttributeList *attrs);
+        void setAttributes(LDAPAttributeList *attrs);
 
+	/**
+	 * Get an Attribute by its AttributeType (simple wrapper around
+         * LDAPAttributeList::getAttributeByName() )
+	 * @param name The name of the Attribute to look for
+	 * @return a pointer to the LDAPAttribute with the AttributeType 
+	 *	"name" or 0, if there is no Attribute of that Type
+	 */
+	const LDAPAttribute* getAttributeByName(const std::string& name) const;
+
         /**
+         * Adds one Attribute to the List of Attributes (simple wrapper around
+         * LDAPAttributeList::addAttribute() ).
+         * @param attr The attribute to add to the list.
+         */
+        void addAttribute(const LDAPAttribute& attr);
+
+        /**
+         * Replace an Attribute in the List of Attributes (simple wrapper
+         * around LDAPAttributeList::replaceAttribute() ).
+         * @param attr The attribute to add to the list.
+         */
+        void replaceAttribute(const LDAPAttribute& attr);
+
+        /**
          * @returns The current DN of the entry.
          */
-		const std::string& getDN() const ;
+        const std::string& getDN() const ;
 
         /**
          * @returns A const pointer to the attributes of the entry.  
          */
-		const LDAPAttributeList* getAttributes() const;
+        const LDAPAttributeList* getAttributes() const;
 
         /**
          * This method can be used to dump the data of a LDAPResult-Object.
          * It is only useful for debugging purposes at the moment
          */
-		friend std::ostream& operator << (std::ostream& s, const LDAPEntry& le);
+        friend std::ostream& operator << (std::ostream& s, const LDAPEntry& le);
 	
     private :
-
-		LDAPAttributeList *m_attrs;
-		std::string m_dn;
+        LDAPAttributeList *m_attrs;
+        std::string m_dn;
 };
 #endif  //LDAP_ENTRY_H

Modified: openldap/trunk/contrib/ldapc++/src/LDAPEntryList.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPEntryList.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPEntryList.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPEntryList.cpp,v 1.2.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPEntryList.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPEntryList.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPEntryList.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPEntryList.h,v 1.6.6.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPException.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPException.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPException.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPException.cpp,v 1.8.2.5 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -3,22 +4,24 @@
  */
 
-
-
 #include <ldap.h>
 #include "config.h"
 #include "LDAPException.h"
-#include "LDAPReferralException.h"
 
 #include "LDAPAsynConnection.h"
+#include "LDAPResult.h"
 
 using namespace std;
 
-LDAPException::LDAPException(int res_code, const string& err_string){
+LDAPException::LDAPException(int res_code, const string& err_string) throw()
+    : std::runtime_error(err_string)
+{
 	m_res_code=res_code;
 	m_res_string=string(ldap_err2string(res_code));
     m_err_string=err_string;
 }
 
-LDAPException::LDAPException(const LDAPAsynConnection *lc){
+LDAPException::LDAPException(const LDAPAsynConnection *lc) throw()
+    : std::runtime_error("")
+{
     LDAP *l = lc->getSessionHandle();
     ldap_get_option(l,LDAP_OPT_RESULT_CODE,&m_res_code);
@@ -43,22 +46,32 @@
     }
 }
 
-LDAPException::~LDAPException(){
+LDAPException::~LDAPException() throw()
+{
 }
 
-int LDAPException::getResultCode() const{
+int LDAPException::getResultCode() const throw()
+{
 	return m_res_code;
 }
 
-const string& LDAPException::getResultMsg() const{
+const string& LDAPException::getResultMsg() const throw()
+{
 	return m_res_string;
 }
 
-const string& LDAPException::getServerMsg() const{
+const string& LDAPException::getServerMsg() const throw()
+{
     return m_err_string;
 }
 
-ostream& operator << (ostream& s, LDAPException e){
+const char* LDAPException::what() const throw()
+{
+    return this->m_res_string.c_str(); 
+}
+
+ostream& operator << (ostream& s, LDAPException e) throw()
+{
 	s << "Error " << e.m_res_code << ": " << e.m_res_string;
 	if (!e.m_err_string.empty()) {
 		s << endl <<  "additional info: " << e.m_err_string ;
@@ -66,3 +79,18 @@
 	return s;
 }
 
+
+LDAPReferralException::LDAPReferralException(const LDAPUrlList& urls) throw() 
+        : LDAPException(LDAPResult::REFERRAL) , m_urlList(urls)
+{
+}
+
+LDAPReferralException::~LDAPReferralException() throw()
+{
+}
+
+const LDAPUrlList& LDAPReferralException::getUrls() throw()
+{
+    return m_urlList;
+}
+

Modified: openldap/trunk/contrib/ldapc++/src/LDAPException.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPException.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPException.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPException.h,v 1.5.8.3 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -9,14 +10,18 @@
 
 #include <iostream>
 #include <string>
+#include <stdexcept>
 
+#include <LDAPUrlList.h>
+
 class LDAPAsynConnection;
 
 /**
  * This class is only thrown as an Exception and used to signalize error
  * conditions during LDAP-operations
  */
-class LDAPException{
+class LDAPException : public std::runtime_error
+{
 		
     public :
         /**
@@ -26,7 +31,7 @@
          *                      that happend (optional)
          */
         LDAPException(int res_code, 
-                const std::string& err_string=std::string());
+                const std::string& err_string=std::string()) throw();
 		
         /**
          * Constructs a LDAPException-object from the error state of a
@@ -34,38 +39,69 @@
          * @param lc A LDAP-Connection for that an error has happend. The
          *          Constructor tries to read its error state.
          */
-        LDAPException(const LDAPAsynConnection *lc);
+        LDAPException(const LDAPAsynConnection *lc) throw();
 
         /**
          * Destructor
          */
-        virtual ~LDAPException();
+        virtual ~LDAPException() throw();
 
         /**
          * @return The Result code of the object
          */
-        int getResultCode() const;
+        int getResultCode() const throw();
 
         /**
          * @return The error message that is corresponding to the result
          *          code .
          */
-        const std::string& getResultMsg() const;
+        const std::string& getResultMsg() const throw();
         
         /**
          * @return The addional error message of the error (if it was set)
          */
-        const std::string& getServerMsg() const;
+        const std::string& getServerMsg() const throw();
 
+        
+        virtual const char* what() const throw();
+
         /**
          * This method can be used to dump the data of a LDAPResult-Object.
          * It is only useful for debugging purposes at the moment
          */
-        friend std::ostream& operator << (std::ostream &s, LDAPException e);
+        friend std::ostream& operator << (std::ostream &s, LDAPException e) throw();
 
     private :
         int m_res_code;
         std::string m_res_string;
         std::string m_err_string;
 };
+
+/**
+ * This class extends LDAPException and is used to signalize Referrals
+ * there were received during synchronous LDAP-operations
+ */
+class LDAPReferralException : public LDAPException
+{
+
+    public :
+        /**
+         * Creates an object that is initialized with a list of URLs
+         */
+        LDAPReferralException(const LDAPUrlList& urls) throw();
+
+        /**
+         * Destructor
+         */
+        ~LDAPReferralException() throw();
+
+        /**
+         * @return The List of URLs of the Referral/Search Reference
+         */
+        const LDAPUrlList& getUrls() throw();
+
+    private :
+        LDAPUrlList m_urlList;
+};
+
 #endif //LDAP_EXCEPTION_H

Modified: openldap/trunk/contrib/ldapc++/src/LDAPExtRequest.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPExtRequest.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPExtRequest.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,5 @@
 /*
- * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 2000-2007, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
  */
 

Modified: openldap/trunk/contrib/ldapc++/src/LDAPExtRequest.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPExtRequest.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPExtRequest.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPExtRequest.h,v 1.4.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPExtResult.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPExtResult.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPExtResult.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPExtResult.cpp,v 1.2.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPExtResult.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPExtResult.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPExtResult.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPExtResult.h,v 1.4.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPMessage.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPMessage.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPMessage.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPMessage.cpp,v 1.4.10.2 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -8,6 +9,7 @@
 
 #include "LDAPResult.h"
 #include "LDAPExtResult.h"
+#include "LDAPSaslBindResult.h"
 #include "LDAPRequest.h"
 #include "LDAPSearchResult.h"
 #include "LDAPSearchReference.h"
@@ -22,6 +24,13 @@
     m_hasControls=false;
 }
 
+LDAPMsg::LDAPMsg(int type, int id=0){
+    DEBUG(LDAP_DEBUG_CONSTRUCT,"LDAPMsg::LDAPMsg()" << endl);
+    msgType = type;
+    msgID = id;
+    m_hasControls=false;
+}
+
 LDAPMsg* LDAPMsg::create(const LDAPRequest *req, LDAPMessage *msg){
     DEBUG(LDAP_DEBUG_TRACE,"LDAPMsg::create()" << endl);
     switch(ldap_msgtype(msg)){
@@ -34,6 +43,8 @@
         case EXTENDED_RESPONSE :
             return new LDAPExtResult(req,msg);
         break;
+        case BIND_RESPONSE :
+            return new LDAPSaslBindResult(req,msg);
         default :
             return new LDAPResult(req, msg);
     }

Modified: openldap/trunk/contrib/ldapc++/src/LDAPMessage.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPMessage.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPMessage.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPMessage.h,v 1.4.10.3 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -21,7 +22,7 @@
  */
 class LDAPMsg{
     public:
-        //public Constants defining the Message types
+        //public Constants defining the response message types
         static const int BIND_RESPONSE=LDAP_RES_BIND;
         static const int SEARCH_ENTRY=LDAP_RES_SEARCH_ENTRY;
         static const int SEARCH_DONE=LDAP_RES_SEARCH_RESULT;
@@ -32,6 +33,17 @@
         static const int MODDN_RESPONSE=LDAP_RES_MODDN;
         static const int COMPARE_RESPONSE=LDAP_RES_COMPARE;
         static const int EXTENDED_RESPONSE=LDAP_RES_EXTENDED;
+        //public Constants defining the request message types
+        static const int BIND_REQUEST=LDAP_REQ_BIND;
+        static const int UNBIND_REQUEST=LDAP_REQ_UNBIND;
+        static const int SEARCH_REQUEST=LDAP_REQ_SEARCH;
+        static const int MODIFY_REQUEST=LDAP_REQ_MODIFY;
+        static const int ADD_REQUEST=LDAP_REQ_ADD;
+        static const int DELETE_REQUEST=LDAP_REQ_DELETE;
+        static const int MODRDN_REQUEST=LDAP_REQ_MODRDN;
+        static const int COMPARE_REQUEST=LDAP_REQ_COMPARE;
+        static const int ABANDON_REQUEST=LDAP_REQ_ABANDON;
+        static const int EXTENDED_REQUEST=LDAP_REQ_EXTENDED;
        
         /**
          * The destructor has no implemenation, because this is an abstract
@@ -98,6 +110,7 @@
          * Only for internal use.
          */
         LDAPMsg(LDAPMessage *msg);
+        LDAPMsg(int msgType, int msgID);
        
         /**
          * This attribute stores Server-Control that were returned with the

Modified: openldap/trunk/contrib/ldapc++/src/LDAPMessageQueue.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPMessageQueue.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPMessageQueue.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPMessageQueue.cpp,v 1.6.10.6 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -6,10 +7,8 @@
 
 #include "config.h"
 #include "debug.h"
-#include <ldap.h>
 #include "LDAPMessageQueue.h"
 #include "LDAPRequest.h"
-#include "LDAPAsynConnection.h"
 #include "LDAPResult.h"
 #include "LDAPSearchReference.h"
 #include "LDAPSearchRequest.h"
@@ -40,110 +39,102 @@
 
 LDAPMsg *LDAPMessageQueue::getNext(){
     DEBUG(LDAP_DEBUG_TRACE,"LDAPMessageQueue::getNext()" << endl);
-    LDAPMessage *msg;
+
+    if ( m_activeReq.empty() ) {
+        return 0;
+    }
+
     LDAPRequest *req=m_activeReq.top();
-    int msg_id = req->getMsgID();
-    int res;
-    const  LDAPAsynConnection *con=req->getConnection();
-    res=ldap_result(con->getSessionHandle(),msg_id,0,0,&msg);
-    if (res <= 0){
-        if(msg != 0){
-            ldap_msgfree(msg);
-        }
-	throw  LDAPException(con);
-    }else{	
-        const LDAPConstraints *constr=req->getConstraints();
-        LDAPMsg *ret=0;
-        //this can  throw an exception (Decoding Error)
-        try{
-            ret = LDAPMsg::create(req,msg);
-            ldap_msgfree(msg);
-        }catch(LDAPException e){
-            //do some clean up
-            delete req;
-            m_activeReq.top();
-            throw;   
-        }
-        switch (ret->getMessageType()) {
-            case LDAPMsg::SEARCH_REFERENCE : 
-                if (constr->getReferralChase() ){
-                    //throws Exception (limit Exceeded)
-                    LDAPRequest *refReq=chaseReferral(ret);
-                    if(refReq != 0){
-                        m_activeReq.push(refReq);
-                        m_issuedReq.push_back(refReq);
-                        delete ret;
-                        return getNext();
-                    }
+    LDAPMsg *ret=0;
+
+    try{
+        ret = req->getNextMessage();
+    }catch(LDAPException e){
+        //do some clean up
+        m_activeReq.pop();
+        throw;   
+    }
+
+    const LDAPConstraints *constr=req->getConstraints();
+    switch (ret->getMessageType()) {
+        case LDAPMsg::SEARCH_REFERENCE : 
+            if (constr->getReferralChase() ){
+                //throws Exception (limit Exceeded)
+                LDAPRequest *refReq=chaseReferral(ret);
+                if(refReq != 0){
+                    m_activeReq.push(refReq);
+                    m_issuedReq.push_back(refReq);
+                    delete ret;
+                    return getNext();
                 }
-                return ret;
-            break;
-            case LDAPMsg::SEARCH_ENTRY :
-                return ret;
-            break;
-            case LDAPMsg::SEARCH_DONE :
-                if(req->isReferral()){
-                    req->unbind();
-                }
-                switch ( ((LDAPResult*)ret)->getResultCode()) {
-                    case LDAPResult::REFERRAL :
-                        if(constr->getReferralChase()){
-                            //throws Exception (limit Exceeded)
-                            LDAPRequest *refReq=chaseReferral(ret);
-                            if(refReq != 0){
-                                m_activeReq.pop();
-                                m_activeReq.push(refReq);
-                                m_issuedReq.push_back(refReq);
-                                delete ret;
-                                return getNext();
-                            }
-                        }    
-                        return ret;
-                    break;
-                    case LDAPResult::SUCCESS :
-                        if(req->isReferral()){
-                            delete ret;
+            }
+            return ret;
+        break;
+        case LDAPMsg::SEARCH_ENTRY :
+            return ret;
+        break;
+        case LDAPMsg::SEARCH_DONE :
+            if(req->isReferral()){
+                req->unbind();
+            }
+            switch ( ((LDAPResult*)ret)->getResultCode()) {
+                case LDAPResult::REFERRAL :
+                    if(constr->getReferralChase()){
+                        //throws Exception (limit Exceeded)
+                        LDAPRequest *refReq=chaseReferral(ret);
+                        if(refReq != 0){
                             m_activeReq.pop();
+                            m_activeReq.push(refReq);
+                            m_issuedReq.push_back(refReq);
+                            delete ret;
                             return getNext();
-                        }else{
-                            m_activeReq.pop();
-                            return ret;
                         }
-                    break;
-                    default:
+                    }    
+                    return ret;
+                break;
+                case LDAPResult::SUCCESS :
+                    if(req->isReferral()){
+                        delete ret;
                         m_activeReq.pop();
-                        return ret;
-                    break;
-                }
-            break;
-            //must be some kind of LDAPResultMessage
-            default:
-                if(req->isReferral()){
-                    req->unbind();
-                }
-                LDAPResult* res_p=(LDAPResult*)ret;
-                switch (res_p->getResultCode()) {
-                    case LDAPResult::REFERRAL :
-                        if(constr->getReferralChase()){
-                            //throws Exception (limit Exceeded)
-                            LDAPRequest *refReq=chaseReferral(ret);
-                            if(refReq != 0){
-                                m_activeReq.pop();
-                                m_activeReq.push(refReq);
-                                m_issuedReq.push_back(refReq);
-                                delete ret;
-                                return getNext();
-                            }
-                        }    
-                        return ret;
-                    break;
-                    default:
+                        return getNext();
+                    }else{
                         m_activeReq.pop();
                         return ret;
-                }
-            break;
-        }
-    }	
+                    }
+                break;
+                default:
+                    m_activeReq.pop();
+                    return ret;
+                break;
+            }
+        break;
+        //must be some kind of LDAPResultMessage
+        default:
+            if(req->isReferral()){
+                req->unbind();
+            }
+            LDAPResult* res_p=(LDAPResult*)ret;
+            switch (res_p->getResultCode()) {
+                case LDAPResult::REFERRAL :
+                    if(constr->getReferralChase()){
+                        //throws Exception (limit Exceeded)
+                        LDAPRequest *refReq=chaseReferral(ret);
+                        if(refReq != 0){
+                            m_activeReq.pop();
+                            m_activeReq.push(refReq);
+                            m_issuedReq.push_back(refReq);
+                            delete ret;
+                            return getNext();
+                        }
+                    }    
+                    return ret;
+                break;
+                default:
+                    m_activeReq.pop();
+                    return ret;
+            }
+        break;
+    }
 }
 
 // TODO Maybe moved to LDAPRequest::followReferral seems more reasonable

Modified: openldap/trunk/contrib/ldapc++/src/LDAPMessageQueue.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPMessageQueue.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPMessageQueue.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPMessageQueue.h,v 1.5.10.2 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPModDNRequest.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPModDNRequest.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPModDNRequest.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPModDNRequest.cpp,v 1.6.6.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPModDNRequest.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPModDNRequest.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPModDNRequest.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPModDNRequest.h,v 1.4.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPModList.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPModList.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPModList.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPModList.cpp,v 1.5.6.3 2008/04/14 23:29:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -37,3 +38,11 @@
     }
     return ret;
 }
+
+bool LDAPModList::empty() const {
+    return m_modList.empty();
+}
+
+unsigned int LDAPModList::size() const {
+    return m_modList.size();
+}

Modified: openldap/trunk/contrib/ldapc++/src/LDAPModList.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPModList.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPModList.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPModList.h,v 1.7.6.2 2008/04/14 23:29:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -15,9 +16,9 @@
  * This container class is used to store multiple LDAPModification-objects.
  */
 class LDAPModList{
-        typedef std::list<LDAPModification> ListType;
+    typedef std::list<LDAPModification> ListType;
 
-	public : 
+    public : 
         /**
          * Constructs an empty list.
          */   
@@ -40,7 +41,17 @@
          */
         LDAPMod** toLDAPModArray();
 
-	private : 
+        /**
+         * @returns true, if the ModList contains no Operations
+         */
+        bool empty() const;
+        
+        /**
+         * @returns number of Modifications in the ModList
+         */
+        unsigned int size() const;
+
+    private : 
         ListType m_modList;
 };
 #endif //LDAP_MOD_LIST_H

Modified: openldap/trunk/contrib/ldapc++/src/LDAPModification.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPModification.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPModification.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPModification.cpp,v 1.4.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPModification.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPModification.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPModification.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPModification.h,v 1.3.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPModifyRequest.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPModifyRequest.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPModifyRequest.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPModifyRequest.cpp,v 1.8.6.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPModifyRequest.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPModifyRequest.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPModifyRequest.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPModifyRequest.h,v 1.4.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPObjClass.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPObjClass.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPObjClass.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPObjClass.cpp,v 1.3.6.2 2008/05/01 21:28:42 quanah Exp $
 /*
  * Copyright 2003, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -90,31 +91,31 @@
 	oid = oc_oid;
 }
 
-string LDAPObjClass::getOid () {
+string LDAPObjClass::getOid() const {
     return oid;
 }
 
-string LDAPObjClass::getDesc () {
+string LDAPObjClass::getDesc() const {
     return desc;
 }
 
-StringList LDAPObjClass::getNames () {
+StringList LDAPObjClass::getNames() const {
     return names;
 }
 
-StringList LDAPObjClass::getMust () {
+StringList LDAPObjClass::getMust() const {
     return must;
 }
 
-StringList LDAPObjClass::getMay () {
+StringList LDAPObjClass::getMay() const {
     return may;
 }
 
-StringList LDAPObjClass::getSup () {
+StringList LDAPObjClass::getSup() const {
     return sup;
 }
 
-string LDAPObjClass::getName () {
+string LDAPObjClass::getName() const {
 
     if (names.empty())
 	return "";
@@ -122,7 +123,7 @@
 	return *(names.begin());
 }
 
-int LDAPObjClass::getKind () {
+int LDAPObjClass::getKind() const {
      return kind;
 }
 

Modified: openldap/trunk/contrib/ldapc++/src/LDAPObjClass.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPObjClass.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPObjClass.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPObjClass.h,v 1.3.6.2 2008/05/01 21:28:42 quanah Exp $
 /*
  * Copyright 2003, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -55,42 +56,42 @@
 	/**
 	 * Returns object class description
 	 */
-	string getDesc ();
+	string getDesc() const;
 	
 	/**
 	 * Returns object class oid
 	 */
-	string getOid ();
+	string getOid() const;
 
 	/**
 	 * Returns object class name (first one if there are more of them)
 	 */
-	string getName ();
+	string getName() const;
 
 	/**
 	 * Returns object class kind: 0=ABSTRACT, 1=STRUCTURAL, 2=AUXILIARY
 	 */
-	int getKind ();
+	int getKind() const;
 
 	/**
 	 * Returns all object class names
 	 */
-	StringList getNames();
+	StringList getNames() const;
 	
 	/**
 	 * Returns list of required attributes
 	 */
-	StringList getMust();
+	StringList getMust() const;
 	
 	/**
 	 * Returns list of allowed (and not required) attributes
 	 */
-	StringList getMay();
+	StringList getMay() const;
 	
         /**
 	 * Returns list of the OIDs of the superior ObjectClasses
 	 */
-	StringList getSup();
+	StringList getSup() const;
 
 	void setNames (char **oc_names);
 	void setMay (char **oc_may);

Modified: openldap/trunk/contrib/ldapc++/src/LDAPRebind.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPRebind.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPRebind.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPRebind.cpp,v 1.1.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPRebind.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPRebind.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPRebind.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPRebind.h,v 1.3.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPRebindAuth.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPRebindAuth.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPRebindAuth.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPRebindAuth.cpp,v 1.2.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPRebindAuth.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPRebindAuth.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPRebindAuth.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPRebindAuth.h,v 1.3.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPReferenceList.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPReferenceList.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPReferenceList.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPReferenceList.cpp,v 1.2.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPReferenceList.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPReferenceList.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPReferenceList.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPReferenceList.h,v 1.7.6.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Deleted: openldap/trunk/contrib/ldapc++/src/LDAPReferralException.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPReferralException.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPReferralException.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,24 +0,0 @@
-/*
- * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
- */
-
-
-#include <iostream>
-#include "LDAPException.h"
-#include "LDAPReferralException.h"
-#include "LDAPResult.h"
-#include "LDAPRequest.h"
-#include "LDAPUrl.h"
-
-LDAPReferralException::LDAPReferralException(const LDAPUrlList& urls) : 
-        LDAPException(LDAPResult::REFERRAL) , m_urlList(urls){
-}
-
-LDAPReferralException::~LDAPReferralException(){
-}
-
-const LDAPUrlList& LDAPReferralException::getUrls(){
-    return m_urlList;
-}
-

Deleted: openldap/trunk/contrib/ldapc++/src/LDAPReferralException.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPReferralException.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPReferralException.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,42 +0,0 @@
-/*
- * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
- */
-
-
-#ifndef LDAP_REFERRAL_EXCEPTION_H
-#define LDAP_REFERRAL_EXCEPTION_H
-
-#include <list>
-#include <LDAPMessage.h>
-#include <LDAPUrlList.h>
-
-class LDAPUrlList;
-
-/**
- * This class extends LDAPException and is used to signalize Referrals
- * there were received during synchronous LDAP-operations
- */
-class LDAPReferralException : public LDAPException{
-
-    public :
-        /**
-         * Creates an object that is initialized with a list of URLs
-         */
-        LDAPReferralException(const LDAPUrlList& urls);
-
-        /**
-         * Destructor
-         */
-        ~LDAPReferralException();
-
-        /**
-         * @return The List of URLs of the Referral/Search Reference
-         */
-        const LDAPUrlList& getUrls();
-
-    private :
-        LDAPUrlList m_urlList;
-};
-
-#endif //LDAP_REFERRAL_EXCEPTION_H

Modified: openldap/trunk/contrib/ldapc++/src/LDAPRequest.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPRequest.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPRequest.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPRequest.cpp,v 1.3.10.3 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -47,6 +48,36 @@
     delete m_cons;
 }
 
+LDAPMsg* LDAPRequest::getNextMessage() const 
+{
+    DEBUG(LDAP_DEBUG_DESTROY,"LDAPRequest::getNextMessage()" << endl);
+    int res;
+    LDAPMessage *msg;
+
+    res=ldap_result(this->m_connection->getSessionHandle(),
+            this->m_msgID,0,0,&msg);
+
+    if (res <= 0){
+        if(msg != 0){
+            ldap_msgfree(msg);
+        }
+        throw  LDAPException(this->m_connection);
+    }else{	
+        LDAPMsg *ret=0;
+        //this can  throw an exception (Decoding Error)
+        ret = LDAPMsg::create(this,msg);
+        ldap_msgfree(msg);
+        return ret;
+    }
+}
+
+LDAPRequest* LDAPRequest::followReferral(LDAPMsg* /*urls*/){
+    DEBUG(LDAP_DEBUG_TRACE,"LDAPBindRequest::followReferral()" << endl);
+    DEBUG(LDAP_DEBUG_TRACE,
+            "ReferralChasing not implemented for this operation" << endl);
+    return 0;
+}
+
 const LDAPConstraints* LDAPRequest::getConstraints() const{
     DEBUG(LDAP_DEBUG_TRACE,"LDAPRequest::getConstraints()" << endl);
     return m_cons;

Modified: openldap/trunk/contrib/ldapc++/src/LDAPRequest.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPRequest.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPRequest.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPRequest.h,v 1.4.10.3 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -40,6 +41,7 @@
         
         const LDAPConstraints* getConstraints() const;
         const LDAPAsynConnection* getConnection() const;
+        virtual LDAPMsg *getNextMessage() const;
         int getType()const;
         int getMsgID() const;
         int getHopCount() const;
@@ -63,7 +65,7 @@
          * functions of the C-API to send the Request to a LDAP-Server
          */
         virtual LDAPMessageQueue* sendRequest()=0;
-        virtual LDAPRequest* followReferral(LDAPMsg* ref)=0;
+        virtual LDAPRequest* followReferral(LDAPMsg* ref);
 
         /**
          * Compare this request with another on. And returns true if they

Modified: openldap/trunk/contrib/ldapc++/src/LDAPResult.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPResult.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPResult.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,6 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPResult.cpp,v 1.5.2.3 2008/04/14 23:09:26 quanah Exp $
 /*
- * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 2000-2007, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
  */
 
@@ -53,6 +54,11 @@
     }
 }
 
+LDAPResult::LDAPResult(int type, int resultCode, const std::string &msg) : 
+        LDAPMsg(type,0), m_resCode(resultCode), m_errMsg(msg)
+{}
+
+
 LDAPResult::~LDAPResult(){
     DEBUG(LDAP_DEBUG_DESTROY,"LDAPResult::~LDAPResult()" << endl);
 }

Modified: openldap/trunk/contrib/ldapc++/src/LDAPResult.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPResult.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPResult.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPResult.h,v 1.5.10.2 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -103,6 +104,7 @@
          *              Message.
          */
         LDAPResult(const LDAPRequest *req, LDAPMessage *msg);
+        LDAPResult(int type, int resultCode, const std::string &msg); 
         
         /**
          * The destructor.

Copied: openldap/trunk/contrib/ldapc++/src/LDAPSaslBindResult.cpp (from rev 1127, openldap/vendor/openldap-2.4.9/contrib/ldapc++/src/LDAPSaslBindResult.cpp)
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPSaslBindResult.cpp	                        (rev 0)
+++ openldap/trunk/contrib/ldapc++/src/LDAPSaslBindResult.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -0,0 +1,45 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPSaslBindResult.cpp,v 1.1.2.2 2008/04/14 23:09:26 quanah Exp $
+/*
+ * Copyright 2007, OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "debug.h"
+#include <lber.h>
+#include "LDAPRequest.h"
+#include "LDAPException.h"
+
+#include "LDAPResult.h"
+#include "LDAPSaslBindResult.h"
+
+using namespace std;
+
+LDAPSaslBindResult::LDAPSaslBindResult(const LDAPRequest* req, LDAPMessage* msg) :
+        LDAPResult(req, msg){
+    DEBUG(LDAP_DEBUG_CONSTRUCT,"LDAPSaslBindResult::LDAPSaslBindResult()" 
+            << std::endl);
+    BerValue* data = 0;
+    LDAP* lc = req->getConnection()->getSessionHandle();
+    int err = ldap_parse_sasl_bind_result(lc, msg, &data, 0);
+    if( err != LDAP_SUCCESS && err != LDAP_SASL_BIND_IN_PROGRESS ){
+        ber_bvfree(data);
+        throw LDAPException(err);
+    }else{
+        if(data){
+            DEBUG(LDAP_DEBUG_TRACE, "   creds present" << std::endl);
+            m_creds=string(data->bv_val, data->bv_len);
+            ber_bvfree(data);
+        } else {
+            DEBUG(LDAP_DEBUG_TRACE, "   no creds present" << std::endl);
+        }
+    }
+}
+
+LDAPSaslBindResult::~LDAPSaslBindResult(){
+    DEBUG(LDAP_DEBUG_DESTROY,"LDAPSaslBindResult::~LDAPSaslBindResult()" << endl);
+}
+
+const string& LDAPSaslBindResult::getServerCreds() const{
+    return m_creds;
+}
+

Copied: openldap/trunk/contrib/ldapc++/src/LDAPSaslBindResult.h (from rev 1127, openldap/vendor/openldap-2.4.9/contrib/ldapc++/src/LDAPSaslBindResult.h)
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPSaslBindResult.h	                        (rev 0)
+++ openldap/trunk/contrib/ldapc++/src/LDAPSaslBindResult.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -0,0 +1,43 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPSaslBindResult.h,v 1.1.2.2 2008/04/14 23:09:26 quanah Exp $
+/*
+ * Copyright 2007, OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#ifndef LDAP_SASL_BIND_RESULT_H
+#define LDAP_SASL_BIND_RESULT_H
+
+#include <ldap.h>
+
+#include <LDAPResult.h>
+
+class LDAPRequest;
+
+/**
+ * Object of this class are created by the LDAPMsg::create method if
+ * results for an Extended Operation were returned by a LDAP server.
+ */
+class LDAPSaslBindResult : public LDAPResult {
+    public :
+        /**
+         * Constructor that creates an LDAPExtResult-object from the C-API
+         * structures
+         */
+        LDAPSaslBindResult(const LDAPRequest* req, LDAPMessage* msg);
+
+        /**
+         * The Destructor
+         */
+        virtual ~LDAPSaslBindResult();
+
+        /**
+         * @returns If the result contained data this method will return
+         *          the data to the caller as a std::string.
+         */
+        const std::string& getServerCreds() const;
+
+    private:
+        std::string m_creds;
+};
+
+#endif // LDAP_SASL_BIND_RESULT_H

Modified: openldap/trunk/contrib/ldapc++/src/LDAPSchema.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPSchema.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPSchema.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPSchema.cpp,v 1.2.6.2 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2003, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -3,10 +4,13 @@
  */
 
-#include "debug.h"
-#include "StringList.h"
 #include "LDAPSchema.h"
 
 #include <ctype.h>
+#include <ldap.h>
 
+#include "debug.h"
+#include "StringList.h"
+
+
 using namespace std;
 

Modified: openldap/trunk/contrib/ldapc++/src/LDAPSchema.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPSchema.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPSchema.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPSchema.h,v 1.1.8.2 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2003, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -6,7 +7,6 @@
 #ifndef LDAP_SCHEMA_H
 #define LDAP_SCHEMA_H
 
-#include <ldap.h>
 #include <string>
 #include <map>
 
@@ -44,8 +44,8 @@
          * Fill the object_classes map
 	 * @param oc description of one objectclass (string returned by search
 	 * command), in form:
-	 * "( SuSE.YaST.OC:5 NAME 'userTemplate' SUP objectTemplate STRUCTURAL
-	 *    DESC 'User object template' MUST ( cn ) MAY ( secondaryGroup ))"
+	 * "( 1.2.3.4.5 NAME '<name>' SUP <supname> STRUCTURAL
+	 *    DESC '<description>' MUST ( <attrtype> ) MAY ( <attrtype> ))"
          */
 	void setObjectClasses (const StringList &oc);
 
@@ -53,7 +53,7 @@
          * Fill the attr_types map
 	 * @param at description of one attribute type
 	 *  (string returned by search command), in form:
-	 * "( SuSE.YaST.Attr:19 NAME ( 'skelDir' ) DESC ''
+	 * "( 1.2.3.4.6 NAME ( '<name>' ) DESC '<desc>'
 	 *    EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )"
          */
 	void setAttributeTypes (const StringList &at);

Modified: openldap/trunk/contrib/ldapc++/src/LDAPSearchReference.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPSearchReference.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPSearchReference.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPSearchReference.cpp,v 1.4.2.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPSearchReference.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPSearchReference.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPSearchReference.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPSearchReference.h,v 1.4.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPSearchRequest.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPSearchRequest.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPSearchRequest.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPSearchRequest.cpp,v 1.7.2.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPSearchRequest.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPSearchRequest.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPSearchRequest.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPSearchRequest.h,v 1.4.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPSearchResult.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPSearchResult.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPSearchResult.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPSearchResult.cpp,v 1.4.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPSearchResult.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPSearchResult.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPSearchResult.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPSearchResult.h,v 1.4.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPSearchResults.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPSearchResults.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPSearchResults.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPSearchResults.cpp,v 1.1.10.2 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -7,7 +8,6 @@
 #include "LDAPException.h"
 #include "LDAPSearchResult.h"
 #include "LDAPResult.h"
-#include "LDAPReferralException.h"
 
 #include "LDAPSearchResults.h"
 

Modified: openldap/trunk/contrib/ldapc++/src/LDAPSearchResults.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPSearchResults.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPSearchResults.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPSearchResults.h,v 1.3.10.2 2008/04/14 23:30:47 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -28,14 +29,14 @@
         /**
          * For internal use only.
          *
-         * This method read Search result entries from a
+         * This method reads Search result entries from a
          * LDAPMessageQueue-object.
          * @param msg The message queue to read
          */
         LDAPResult* readMessageQueue(LDAPMessageQueue* msg);
 
         /**
-         * The methode is used by the client-application to read the
+         * The method is used by the client-application to read the
          * result entries of the  SEARCH-Operation. Every call of this
          * method returns one entry. If all entries were read it return 0.
          * @throws LDAPReferralException  If a Search Reference was

Modified: openldap/trunk/contrib/ldapc++/src/LDAPUrl.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPUrl.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPUrl.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPUrl.cpp,v 1.3.10.5 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000-2006, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -6,6 +7,7 @@
 
 #include "LDAPUrl.h"
 #include <sstream>
+#include <iomanip>
 #include "debug.h"
 
 using namespace std;
@@ -163,7 +165,7 @@
     DEBUG(LDAP_DEBUG_TRACE, "LDAPUrl::parseUrl()" << std::endl);
     // reading Scheme
     std::string::size_type pos = m_urlString.find(':');
-    std::string::size_type startpos = m_urlString.find(':');
+    std::string::size_type startpos = pos;
     if (pos == std::string::npos) {
         throw LDAPUrlException(LDAPUrlException::INVALID_URL,
                 "No colon found in URL");
@@ -190,28 +192,42 @@
         startpos = pos + 3;
     }
     if ( m_urlString[startpos] == '/' ) {
+        // no hostname and port
         startpos++;
     } else {
+        std::string::size_type hostend;
+        std::string::size_type portstart;
         pos = m_urlString.find('/', startpos);
-        std::string hostport = m_urlString.substr(startpos, 
-                pos - startpos);
-        DEBUG(LDAP_DEBUG_TRACE, "    hostport: <" << hostport << ">" 
-                << std::endl);
-        std::string::size_type portstart = m_urlString.find(':', startpos);
-        if (portstart == std::string::npos || portstart > pos ) {
-            percentDecode(hostport, m_Host);
+
+        // IPv6 Address?
+        if ( m_urlString[startpos] == '[' ) {
+            // skip
+            startpos++;
+            hostend =  m_urlString.find(']', startpos);
+            if ( hostend == std::string::npos ){
+                throw LDAPUrlException(LDAPUrlException::INVALID_URL);
+            }
+            portstart = hostend + 1;
+        } else {
+            hostend = m_urlString.find(':', startpos);
+            if ( hostend == std::string::npos || portstart > pos ) {
+                hostend = pos;
+            }
+            portstart = hostend;
+        }
+        std::string host = m_urlString.substr(startpos, hostend - startpos);
+        DEBUG(LDAP_DEBUG_TRACE, "    host: <" << host << ">" << std::endl);
+        percentDecode(host, m_Host);
+
+        if (portstart >= m_urlString.length() || portstart >= pos ) {
             if ( m_Scheme == "ldap" || m_Scheme == "cldap" ) {
                 m_Port = LDAP_DEFAULT_PORT;
             } else if ( m_Scheme == "ldaps" ) {
                 m_Port = LDAPS_DEFAULT_PORT;
             }
         } else {
-            std::string tmp = m_urlString.substr(startpos, 
-                        portstart - startpos);
-            percentDecode(tmp, m_Host);
-            DEBUG(LDAP_DEBUG_TRACE, "Host: <" << m_Host << ">" << std::endl);
             std::string port = m_urlString.substr(portstart+1, 
-                    pos-portstart-1);
+                    (pos == std::string::npos ? pos : pos-portstart-1) );
             if ( port.length() > 0 ) {
                 std::istringstream i(port);
                 i >> m_Port;
@@ -222,8 +238,8 @@
             DEBUG(LDAP_DEBUG_TRACE, "    Port: <" << m_Port << ">" 
                     << std::endl);
         }
+        startpos = pos + 1;
     }
-    startpos = pos + 1;
     int parserMode = base;
     while ( pos != std::string::npos ) {
         pos = m_urlString.find('?', startpos);
@@ -327,8 +343,15 @@
 {
     std::ostringstream url; 
     std::string encoded = "";
-    this->percentEncode(m_Host, encoded, PCT_ENCFLAG_SLASH);
-    url << m_Scheme << "://" << encoded;
+    
+    url << m_Scheme << "://";
+    // IPv6 ?
+    if ( m_Host.find( ':', 0 ) != std::string::npos ) {
+        url <<  "[" << this->percentEncode(m_Host, encoded) <<  "]";
+    } else {
+        url << this->percentEncode(m_Host, encoded, PCT_ENCFLAG_SLASH);
+    }
+
     if ( m_Port != 0 ) {
         url << ":" << m_Port;
     }
@@ -393,7 +416,7 @@
 }
 
 
-void LDAPUrl::percentEncode( const std::string &src, 
+std::string& LDAPUrl::percentEncode( const std::string &src, 
         std::string &dest, 
         int flags) const
 {
@@ -453,12 +476,13 @@
             break;
         }
         if ( escape ) {
-            o << "%" << (int)(unsigned char)*i ;
+            o << "%" << std::setw(2) << std::setfill('0') << (int)(unsigned char)*i ;
         } else {
             o.put(*i);
         }
     }
     dest = o.str();
+    return dest;
 }
 
 const code2string_s LDAPUrlException::code2string[] = {

Modified: openldap/trunk/contrib/ldapc++/src/LDAPUrl.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPUrl.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPUrl.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPUrl.h,v 1.6.8.4 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000-2006, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -138,7 +139,7 @@
          * @param dest The encoded result string
          * @param flags
          */
-        void percentEncode( const std::string& src, 
+        std::string& percentEncode( const std::string& src, 
                     std::string& dest, 
                     int flags=0 ) const;
    

Modified: openldap/trunk/contrib/ldapc++/src/LDAPUrlList.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPUrlList.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPUrlList.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPUrlList.cpp,v 1.6.6.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000-2002 OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/LDAPUrlList.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LDAPUrlList.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/LDAPUrlList.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPUrlList.h,v 1.8.6.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Copied: openldap/trunk/contrib/ldapc++/src/LdifReader.cpp (from rev 1127, openldap/vendor/openldap-2.4.9/contrib/ldapc++/src/LdifReader.cpp)
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LdifReader.cpp	                        (rev 0)
+++ openldap/trunk/contrib/ldapc++/src/LdifReader.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -0,0 +1,348 @@
+/*
+ * Copyright 2008, OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "LdifReader.h"
+#include "LDAPMessage.h"
+#include "LDAPEntry.h"
+#include "LDAPAttributeList.h"
+#include "LDAPAttribute.h"
+#include "LDAPUrl.h"
+#include "debug.h"
+
+#include <string>
+#include <sstream>
+#include <stdexcept>
+
+#include <sasl/saslutil.h> // For base64 routines
+
+typedef std::pair<std::string, std::string> stringpair;
+
+LdifReader::LdifReader( std::istream &input ) 
+        : m_ldifstream(input), m_lineNumber(0)
+{
+    DEBUG(LDAP_DEBUG_TRACE, "<> LdifReader::LdifReader()" << std::endl);
+    this->m_version = 0;
+    // read the first record to find out version and type of the LDIF
+    this->readNextRecord(true);
+    this->m_currentIsFirst = true;
+}
+
+int LdifReader::readNextRecord( bool first )
+{
+    DEBUG(LDAP_DEBUG_TRACE, "-> LdifReader::readRecord()" << std::endl);
+    std::string line;
+    std::string type;
+    std::string value;
+    int numLine = 0;
+    int recordType = 0;
+
+    if ( (! first) && this->m_currentIsFirst == true )
+    {
+        this->m_currentIsFirst = false;
+        return m_curRecType;
+    }
+
+    m_currentRecord.clear();
+
+    while ( !this->getLdifLine(line) )
+    {
+        DEBUG(LDAP_DEBUG_TRACE, "  Line: " << line << std::endl );
+
+        // skip comments and empty lines between entries
+        if ( line[0] == '#' || ( numLine == 0 && line.size() == 0 ) )
+        {
+            DEBUG(LDAP_DEBUG_TRACE, "skipping empty line or comment" << std::endl );
+            continue;
+        }
+        if ( line.size() == 0 ) 
+        {
+            // End of Entry
+            break;
+        }
+
+        this->splitLine(line, type, value);
+
+        if ( numLine == 0 )
+        {
+            if ( type == "version" )
+            {
+                std::istringstream valuestream(value);
+                valuestream >> this->m_version;
+                if ( this->m_version != 1 ) // there is no other Version than LDIFv1 
+                {
+                    std::ostringstream err;
+                    err << "Line " << this->m_lineNumber 
+                        << ": Unsuported LDIF Version";
+                    throw( std::runtime_error(err.str()) );
+                }
+                continue;
+            }
+            if ( type == "dn" ) // Record should start with the DN ...
+            {
+                DEBUG(LDAP_DEBUG_TRACE, " Record DN:" << value << std::endl);
+            }
+            else if ( type == "include" ) // ... or it might be an "include" line
+            {
+                DEBUG(LDAP_DEBUG_TRACE, " Include directive: " << value << std::endl);
+                if ( this->m_version == 1 )
+                {
+                    std::ostringstream err;
+                    err << "Line " << this->m_lineNumber 
+                        << ": \"include\" not allowed in LDIF version 1.";
+                    throw( std::runtime_error(err.str()) );
+                }
+                else
+                {
+                    std::ostringstream err;
+                    err << "Line " << this->m_lineNumber 
+                        << ": \"include\" not yet suppported.";
+                    throw( std::runtime_error(err.str()) );
+                }
+            }
+            else
+            {
+                DEBUG(LDAP_DEBUG_TRACE, " Record doesn't start with a DN" 
+                            << std::endl);
+                std::ostringstream err;
+                err << "Line " << this->m_lineNumber 
+                    << ": LDIF record does not start with a DN.";
+                throw( std::runtime_error(err.str()) );
+            }
+        }
+        if ( numLine == 1 ) // might contain "changtype" to indicate a change request
+        {
+            if ( type == "changetype" ) 
+            {
+                if ( first ) 
+                {
+                    this->m_ldifTypeRequest = true;
+                }
+                else if (! this->m_ldifTypeRequest )
+                {
+                    // Change Request in Entry record LDIF, should we accept it?
+                    std::ostringstream err;
+                    err << "Line " << this->m_lineNumber 
+                        << ": Change Request in an entry-only LDIF.";
+                    throw( std::runtime_error(err.str()) );
+                }
+                if ( value == "modify" )
+                {
+                    recordType = LDAPMsg::MODIFY_REQUEST;
+                }
+                else if ( value == "add" )
+                {
+                    recordType = LDAPMsg::ADD_REQUEST;
+                }
+                else if ( value == "delete" )
+                {
+                    recordType = LDAPMsg::DELETE_REQUEST;
+                }
+                else if ( value == "modrdn" )
+                {   
+                    recordType = LDAPMsg::MODRDN_REQUEST;
+                }
+                else
+                {
+                    DEBUG(LDAP_DEBUG_TRACE, " Unknown change request <" 
+                            << value << ">" << std::endl);
+                    std::ostringstream err;
+                    err << "Line " << this->m_lineNumber 
+                        << ": Unknown changetype: \"" << value << "\".";
+                    throw( std::runtime_error(err.str()) );
+                }
+            }
+            else
+            {
+                if ( first ) 
+                {
+                    this->m_ldifTypeRequest = false;
+                }
+                else if (this->m_ldifTypeRequest )
+                {
+                    // Entry record in Change record LDIF, should we accept 
+                    // it (e.g. as AddRequest)?
+                }
+                recordType = LDAPMsg::SEARCH_ENTRY;
+            }
+        }
+        m_currentRecord.push_back( stringpair(type, value) );
+        numLine++;
+    }
+    DEBUG(LDAP_DEBUG_TRACE, "<- LdifReader::readRecord() return: " 
+            << recordType << std::endl);
+    m_curRecType = recordType;
+    return recordType;
+}
+
+LDAPEntry LdifReader::getEntryRecord()
+{
+    if ( m_curRecType != LDAPMsg::SEARCH_ENTRY )
+    {
+        // Error
+    }
+    std::list<stringpair>::const_iterator i = m_currentRecord.begin();
+    LDAPEntry resEntry(i->second);
+    i++;
+    LDAPAttribute curAttr(i->first);
+    LDAPAttributeList *curAl = new LDAPAttributeList();
+    for ( ; i != m_currentRecord.end(); i++ )
+    {
+        if ( i->first == curAttr.getName() )
+        {
+            curAttr.addValue(i->second);
+        }
+        else
+        {
+            if ( curAl->getAttributeByName( i->first ) )
+            {
+                // Attribute exists already -> Syntax Error
+                std::ostringstream err;
+                err << "Line " << this->m_lineNumber 
+                    << ": Attribute \"" << i->first 
+                    << "\" specified multiple times.";
+                throw( std::runtime_error(err.str()) );
+            }
+            else
+            {
+                curAl->addAttribute( curAttr );
+                curAttr = LDAPAttribute( i->first, i->second );
+            }
+        }
+    }
+    curAl->addAttribute( curAttr );
+    resEntry.setAttributes( curAl );
+    return resEntry;
+}
+
+int LdifReader::getLdifLine(std::string &ldifline)
+{
+    DEBUG(LDAP_DEBUG_TRACE, "-> LdifReader::getLdifLine()" << std::endl);
+
+    this->m_lineNumber++;
+    if ( ! getline(m_ldifstream, ldifline) )
+    {
+        return -1;
+    }
+    while ( m_ldifstream &&
+        (m_ldifstream.peek() == ' ' || m_ldifstream.peek() == '\t'))
+    {
+        std::string cat;
+        m_ldifstream.ignore();
+        getline(m_ldifstream, cat);
+        ldifline += cat;
+        this->m_lineNumber++;
+    }
+
+    DEBUG(LDAP_DEBUG_TRACE, "<- LdifReader::getLdifLine()" << std::endl);
+    return 0;
+}
+
+void LdifReader::splitLine(
+            const std::string& line, 
+            std::string &type,
+            std::string &value) const
+{
+    std::string::size_type pos = line.find(':');
+    if ( pos == std::string::npos )
+    {
+        DEBUG(LDAP_DEBUG_ANY, "Invalid LDIF line. No `:` separator" 
+                << std::endl );
+        std::ostringstream err;
+        err << "Line " << this->m_lineNumber << ": Invalid LDIF line. No `:` separator";
+        throw( std::runtime_error( err.str() ));
+    }
+
+    type = line.substr(0, pos);
+    if ( pos == line.size() )
+    {
+        // empty value
+        value = "";
+        return;
+    }
+
+    pos++;
+    char delim = line[pos];
+    if ( delim == ':' || delim == '<' )
+    {
+        pos++;
+    }
+
+    for( ; pos < line.size() && isspace(line[pos]); pos++ )
+    { /* empty */ }
+
+    value = line.substr(pos);
+
+    if ( delim == ':' )
+    {
+        // Base64 encoded value
+        DEBUG(LDAP_DEBUG_TRACE, "  base64 encoded value" << std::endl );
+        char outbuf[value.size()];
+        int rc = sasl_decode64(value.c_str(), value.size(), 
+                outbuf, value.size(), NULL);
+        if( rc == SASL_OK )
+        {
+            value = std::string(outbuf);
+        }
+        else if ( rc == SASL_BADPROT )
+        {
+            value = "";
+            DEBUG( LDAP_DEBUG_TRACE, " invalid base64 content" << std::endl );
+            std::ostringstream err;
+            err << "Line " << this->m_lineNumber << ": Can't decode Base64 data";
+            throw( std::runtime_error( err.str() ));
+        }
+        else if ( rc == SASL_BUFOVER )
+        {
+            value = "";
+            DEBUG( LDAP_DEBUG_TRACE, " not enough space in output buffer" 
+                    << std::endl );
+            std::ostringstream err;
+            err << "Line " << this->m_lineNumber 
+                << ": Can't decode Base64 data. Buffer too small";
+            throw( std::runtime_error( err.str() ));
+        }
+    }
+    else if ( delim == '<' )
+    {
+        // URL value
+        DEBUG(LDAP_DEBUG_TRACE, "  url value" << std::endl );
+        std::ostringstream err;
+        err << "Line " << this->m_lineNumber 
+            << ": URLs are currently not supported";
+        throw( std::runtime_error( err.str() ));
+    }
+    else 
+    {
+        // "normal" value
+        DEBUG(LDAP_DEBUG_TRACE, "  string value" << std::endl );
+    }
+    DEBUG(LDAP_DEBUG_TRACE, "  Type: <" << type << ">" << std::endl );
+    DEBUG(LDAP_DEBUG_TRACE, "  Value: <" << value << ">" << std::endl );
+    return;
+}
+
+std::string LdifReader::readIncludeLine( const std::string& line ) const
+{
+    std::string::size_type pos = sizeof("file:") - 1;
+    std::string scheme = line.substr( 0, pos );
+    std::string file;
+
+    // only file:// URLs supported currently
+    if ( scheme != "file:" )
+    {
+        DEBUG( LDAP_DEBUG_TRACE, "unsupported scheme: " << scheme 
+                << std::endl);
+    }
+    else if ( line[pos] == '/' )
+    {
+        if ( line[pos+1] == '/' )
+        {
+            pos += 2;
+        }
+        file = line.substr(pos, std::string::npos);
+        DEBUG( LDAP_DEBUG_TRACE, "target file: " << file << std::endl);
+    }
+    return file;
+}

Copied: openldap/trunk/contrib/ldapc++/src/LdifReader.h (from rev 1127, openldap/vendor/openldap-2.4.9/contrib/ldapc++/src/LdifReader.h)
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LdifReader.h	                        (rev 0)
+++ openldap/trunk/contrib/ldapc++/src/LdifReader.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2008, OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#ifndef LDIF_READER_H
+#define LDIF_READER_H
+
+#include <LDAPEntry.h>
+#include <iosfwd>
+#include <list>
+
+typedef std::list< std::pair<std::string, std::string> > LdifRecord;
+class LdifReader
+{
+    public:
+        LdifReader( std::istream &input );
+
+        inline bool isEntryRecords() const
+        {
+            return !m_ldifTypeRequest;
+        }
+
+        inline bool isChangeRecords() const
+        {
+            return m_ldifTypeRequest;
+        }
+
+        inline int getVersion() const
+        {
+            return m_version;
+        }
+
+        LDAPEntry getEntryRecord();
+        int readNextRecord( bool first=false );
+        //LDAPRequest getChangeRecord();
+
+    private:
+        int getLdifLine(std::string &line);
+
+        void splitLine(const std::string& line, 
+                    std::string &type,
+                    std::string &value ) const;
+
+        std::string readIncludeLine( const std::string &line) const;
+
+        std::istream &m_ldifstream;
+        LdifRecord m_currentRecord;
+        int m_version;
+        int m_curRecType;
+        int m_lineNumber;
+        bool m_ldifTypeRequest;
+        bool m_currentIsFirst;
+};
+
+#endif /* LDIF_READER_H */

Copied: openldap/trunk/contrib/ldapc++/src/LdifWriter.cpp (from rev 1127, openldap/vendor/openldap-2.4.9/contrib/ldapc++/src/LdifWriter.cpp)
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LdifWriter.cpp	                        (rev 0)
+++ openldap/trunk/contrib/ldapc++/src/LdifWriter.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -0,0 +1,116 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LdifWriter.cpp,v 1.2.2.1 2008/04/14 22:58:58 quanah Exp $
+/*
+ * Copyright 2008, OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "LdifWriter.h"
+#include "StringList.h"
+#include "LDAPAttribute.h"
+#include "debug.h"
+#include <sstream>
+#include <stdexcept>
+
+LdifWriter::LdifWriter( std::ostream& output, int version ) :
+        m_ldifstream(output), m_version(version), m_addSeparator(false)
+{
+    if ( version )
+    {
+        if ( version == 1 )
+        {
+            m_ldifstream << "version: " << version << std::endl;
+            m_addSeparator = true;
+        } else {
+            std::ostringstream err;
+            err << "Unsuported LDIF Version";
+            throw( std::runtime_error(err.str()) );
+        }
+    }
+    
+}
+
+void LdifWriter::writeRecord(const LDAPEntry& le)
+{
+    std::ostringstream line;
+
+    if ( m_addSeparator )
+    {
+        m_ldifstream << std::endl;
+    } else {
+        m_addSeparator = true;
+    }
+
+    line << "dn: " << le.getDN();
+    this->breakline( line.str(), m_ldifstream );
+
+    const LDAPAttributeList *al = le.getAttributes();
+    LDAPAttributeList::const_iterator i = al->begin();
+    for ( ; i != al->end(); i++ )
+    {
+        StringList values = i->getValues();
+        StringList::const_iterator j = values.begin();
+        for( ; j != values.end(); j++)
+        {
+            // clear output stream
+            line.str("");
+            line << i->getName() << ": " << *j;
+            this->breakline( line.str(), m_ldifstream );
+        }
+    }
+}
+
+void LdifWriter::writeIncludeRecord( const std::string& target )
+{
+    DEBUG(LDAP_DEBUG_TRACE, "writeIncludeRecord: " << target << std::endl);
+    std::string scheme = target.substr( 0, sizeof("file:")-1 );
+    
+    if ( m_version == 1 )
+    {
+        std::ostringstream err;
+        err << "\"include\" not allowed in LDIF version 1.";
+        throw( std::runtime_error(err.str()) );
+    }
+    
+    if ( m_addSeparator )
+    {
+        m_ldifstream << std::endl;
+    } else {
+        m_addSeparator = true;
+    }
+
+    m_ldifstream << "include: ";
+    if ( scheme != "file:" )
+    {
+        m_ldifstream << "file://";
+    }
+
+    m_ldifstream << target << std::endl;
+}
+
+void LdifWriter::breakline( const std::string &line, std::ostream &out )
+{
+    std::string::size_type pos = 0;
+    std::string::size_type linelength = 76;
+    bool first = true;
+    
+    if ( line.length() >= linelength )
+    {
+        while ( pos < line.length() )
+        {
+            if (! first )
+            {
+                out << " ";
+            }
+            out << line.substr(pos, linelength) << std::endl;
+            pos += linelength;
+            if ( first )
+            {
+                first = false;
+                linelength--; //account for the leading space
+            }
+        }
+    } else {
+        out << line << std::endl;
+    }
+}
+

Copied: openldap/trunk/contrib/ldapc++/src/LdifWriter.h (from rev 1127, openldap/vendor/openldap-2.4.9/contrib/ldapc++/src/LdifWriter.h)
===================================================================
--- openldap/trunk/contrib/ldapc++/src/LdifWriter.h	                        (rev 0)
+++ openldap/trunk/contrib/ldapc++/src/LdifWriter.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -0,0 +1,31 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/LdifWriter.h,v 1.2.2.1 2008/04/14 22:58:58 quanah Exp $
+/*
+ * Copyright 2008, OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#ifndef LDIF_WRITER_H
+#define LDIF_WRITER_H
+
+#include <LDAPEntry.h>
+#include <iosfwd>
+#include <list>
+
+class LdifWriter
+{
+    public:
+        LdifWriter( std::ostream& output, int version = 0 );
+        void writeRecord(const LDAPEntry& le);
+        void writeIncludeRecord(const std::string& target);
+
+    private:
+        void breakline( const std::string &line, std::ostream &out );
+
+        std::ostream& m_ldifstream;
+        int m_version;
+        bool m_addSeparator;
+
+};
+
+#endif /* LDIF_WRITER_H */
+

Modified: openldap/trunk/contrib/ldapc++/src/Makefile.am
===================================================================
--- openldap/trunk/contrib/ldapc++/src/Makefile.am	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/Makefile.am	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,4 +1,6 @@
-##
+# $OpenLDAP: pkg/ldap/contrib/ldapc++/src/Makefile.am,v 1.10.2.5 2008/04/14 23:02:35 quanah Exp $
+
+###
 # Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT file
 ##
@@ -6,73 +8,81 @@
 lib_LTLIBRARIES = libldapcpp.la
 
 libldapcpp_la_SOURCES = LDAPAddRequest.cpp \
-                        LDAPAsynConnection.cpp \
-                        LDAPAttribute.cpp \
-                        LDAPAttributeList.cpp \
-                        LDAPAttrType.cpp \
-                        LDAPBindRequest.cpp \
-                        LDAPCompareRequest.cpp \
-                        LDAPConnection.cpp \
-                        LDAPConstraints.cpp \
-                        LDAPControl.cpp \
-                        LDAPControlSet.cpp \
-                        LDAPDeleteRequest.cpp \
-                        LDAPEntry.cpp \
-                        LDAPEntryList.cpp \
-                        LDAPException.cpp \
-                        LDAPExtRequest.cpp \
-                        LDAPExtResult.cpp \
-                        LDAPMessage.cpp \
-                        LDAPMessageQueue.cpp \
-                        LDAPModDNRequest.cpp \
-                        LDAPModification.cpp \
-                        LDAPModifyRequest.cpp \
-                        LDAPModList.cpp \
-                        LDAPObjClass.cpp \
-                        LDAPRebind.cpp \
-                        LDAPRebindAuth.cpp \
-                        LDAPReferralException.cpp \
-                        LDAPReferenceList.cpp \
-                        LDAPRequest.cpp \
-                        LDAPResult.cpp \
-                        LDAPSchema.cpp \
-                        LDAPSearchReference.cpp \
-                        LDAPSearchRequest.cpp \
-                        LDAPSearchResult.cpp \
-                        LDAPSearchResults.cpp \
-                        LDAPUrl.cpp \
-                        LDAPUrlList.cpp \
-                        StringList.cpp 
+			LDAPAsynConnection.cpp \
+			LDAPAttribute.cpp \
+			LDAPAttributeList.cpp \
+			LDAPAttrType.cpp \
+			LDAPBindRequest.cpp \
+			LDAPCompareRequest.cpp \
+			LDAPConnection.cpp \
+			LDAPConstraints.cpp \
+			LDAPControl.cpp \
+			LDAPControlSet.cpp \
+			LDAPDeleteRequest.cpp \
+			LDAPEntry.cpp \
+			LDAPEntryList.cpp \
+			LDAPException.cpp \
+			LDAPExtRequest.cpp \
+			LDAPExtResult.cpp \
+			LDAPMessage.cpp \
+			LDAPMessageQueue.cpp \
+			LDAPModDNRequest.cpp \
+			LDAPModification.cpp \
+			LDAPModifyRequest.cpp \
+			LDAPModList.cpp \
+			LDAPObjClass.cpp \
+			LDAPRebind.cpp \
+			LDAPRebindAuth.cpp \
+			LDAPReferenceList.cpp \
+			LDAPRequest.cpp \
+			LDAPResult.cpp \
+			LDAPSaslBindResult.cpp \
+			LDAPSchema.cpp \
+			LDAPSearchReference.cpp \
+			LDAPSearchRequest.cpp \
+			LDAPSearchResult.cpp \
+			LDAPSearchResults.cpp \
+			LDAPUrl.cpp \
+			LDAPUrlList.cpp \
+			LdifReader.cpp \
+			LdifWriter.cpp \
+			SaslInteraction.cpp \
+			SaslInteractionHandler.cpp \
+			StringList.cpp 
 
 include_HEADERS = LDAPAsynConnection.h \
-                        LDAPAttribute.h \
-                        LDAPAttributeList.h \
-                        LDAPAttrType.h \
-                        LDAPConnection.h \
-                        LDAPConstraints.h \
-                        LDAPControl.h \
-                        LDAPControlSet.h \
-                        LDAPEntry.h \
-                        LDAPEntryList.h \
-                        LDAPException.h \
-                        LDAPExtResult.h \
-                        LDAPMessage.h \
-                        LDAPMessageQueue.h \
-                        LDAPModification.h \
-                        LDAPModList.h \
-                        LDAPObjClass.h \
-                        LDAPRebind.h \
-                        LDAPRebindAuth.h \
-                        LDAPReferralException.h \
-                        LDAPReferenceList.h \
-                        LDAPResult.h \
-                        LDAPSchema.h \
-                        LDAPSearchReference.h \
-                        LDAPSearchResult.h \
-                        LDAPSearchResults.h \
-                        LDAPUrl.h \
-                        LDAPUrlList.h \
-                        StringList.h 
+			LDAPAttribute.h \
+			LDAPAttributeList.h \
+			LDAPAttrType.h \
+			LDAPConnection.h \
+			LDAPConstraints.h \
+			LDAPControl.h \
+			LDAPControlSet.h \
+			LDAPEntry.h \
+			LDAPEntryList.h \
+			LDAPException.h \
+			LDAPExtResult.h \
+			LDAPMessage.h \
+			LDAPMessageQueue.h \
+			LDAPModification.h \
+			LDAPModList.h \
+			LDAPObjClass.h \
+			LDAPRebind.h \
+			LDAPRebindAuth.h \
+			LDAPReferenceList.h \
+			LDAPResult.h \
+			LDAPSaslBindResult.h \
+			LDAPSchema.h \
+			LDAPSearchReference.h \
+			LDAPSearchResult.h \
+			LDAPSearchResults.h \
+			LDAPUrl.h \
+			LDAPUrlList.h \
+			LdifReader.h \
+			LdifWriter.h \
+			SaslInteraction.h \
+			SaslInteractionHandler.h \
+			StringList.h 
 
 noinst_HEADERS = LDAPAddRequest.h \
                 LDAPBindRequest.h \

Modified: openldap/trunk/contrib/ldapc++/src/Makefile.in
===================================================================
--- openldap/trunk/contrib/ldapc++/src/Makefile.in	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/Makefile.in	2008-05-25 14:29:31 UTC (rev 1128)
@@ -14,6 +14,9 @@
 
 @SET_MAKE@
 
+# $OpenLDAP: pkg/ldap/contrib/ldapc++/src/Makefile.in,v 1.9.2.7 2008/04/14 23:02:35 quanah Exp $
+
+###
 # Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT file
 
@@ -66,10 +69,11 @@
 	LDAPMessage.lo LDAPMessageQueue.lo LDAPModDNRequest.lo \
 	LDAPModification.lo LDAPModifyRequest.lo LDAPModList.lo \
 	LDAPObjClass.lo LDAPRebind.lo LDAPRebindAuth.lo \
-	LDAPReferralException.lo LDAPReferenceList.lo LDAPRequest.lo \
-	LDAPResult.lo LDAPSchema.lo LDAPSearchReference.lo \
+	LDAPReferenceList.lo LDAPRequest.lo LDAPResult.lo \
+	LDAPSaslBindResult.lo LDAPSchema.lo LDAPSearchReference.lo \
 	LDAPSearchRequest.lo LDAPSearchResult.lo LDAPSearchResults.lo \
-	LDAPUrl.lo LDAPUrlList.lo StringList.lo
+	LDAPUrl.lo LDAPUrlList.lo LdifReader.lo LdifWriter.lo \
+	SaslInteraction.lo SaslInteractionHandler.lo StringList.lo
 libldapcpp_la_OBJECTS = $(am_libldapcpp_la_OBJECTS)
 libldapcpp_la_LINK = $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) \
 	$(LIBTOOLFLAGS) --mode=link $(CXXLD) $(AM_CXXFLAGS) \
@@ -201,73 +205,81 @@
 top_srcdir = @top_srcdir@
 lib_LTLIBRARIES = libldapcpp.la
 libldapcpp_la_SOURCES = LDAPAddRequest.cpp \
-                        LDAPAsynConnection.cpp \
-                        LDAPAttribute.cpp \
-                        LDAPAttributeList.cpp \
-                        LDAPAttrType.cpp \
-                        LDAPBindRequest.cpp \
-                        LDAPCompareRequest.cpp \
-                        LDAPConnection.cpp \
-                        LDAPConstraints.cpp \
-                        LDAPControl.cpp \
-                        LDAPControlSet.cpp \
-                        LDAPDeleteRequest.cpp \
-                        LDAPEntry.cpp \
-                        LDAPEntryList.cpp \
-                        LDAPException.cpp \
-                        LDAPExtRequest.cpp \
-                        LDAPExtResult.cpp \
-                        LDAPMessage.cpp \
-                        LDAPMessageQueue.cpp \
-                        LDAPModDNRequest.cpp \
-                        LDAPModification.cpp \
-                        LDAPModifyRequest.cpp \
-                        LDAPModList.cpp \
-                        LDAPObjClass.cpp \
-                        LDAPRebind.cpp \
-                        LDAPRebindAuth.cpp \
-                        LDAPReferralException.cpp \
-                        LDAPReferenceList.cpp \
-                        LDAPRequest.cpp \
-                        LDAPResult.cpp \
-                        LDAPSchema.cpp \
-                        LDAPSearchReference.cpp \
-                        LDAPSearchRequest.cpp \
-                        LDAPSearchResult.cpp \
-                        LDAPSearchResults.cpp \
-                        LDAPUrl.cpp \
-                        LDAPUrlList.cpp \
-                        StringList.cpp 
+			LDAPAsynConnection.cpp \
+			LDAPAttribute.cpp \
+			LDAPAttributeList.cpp \
+			LDAPAttrType.cpp \
+			LDAPBindRequest.cpp \
+			LDAPCompareRequest.cpp \
+			LDAPConnection.cpp \
+			LDAPConstraints.cpp \
+			LDAPControl.cpp \
+			LDAPControlSet.cpp \
+			LDAPDeleteRequest.cpp \
+			LDAPEntry.cpp \
+			LDAPEntryList.cpp \
+			LDAPException.cpp \
+			LDAPExtRequest.cpp \
+			LDAPExtResult.cpp \
+			LDAPMessage.cpp \
+			LDAPMessageQueue.cpp \
+			LDAPModDNRequest.cpp \
+			LDAPModification.cpp \
+			LDAPModifyRequest.cpp \
+			LDAPModList.cpp \
+			LDAPObjClass.cpp \
+			LDAPRebind.cpp \
+			LDAPRebindAuth.cpp \
+			LDAPReferenceList.cpp \
+			LDAPRequest.cpp \
+			LDAPResult.cpp \
+			LDAPSaslBindResult.cpp \
+			LDAPSchema.cpp \
+			LDAPSearchReference.cpp \
+			LDAPSearchRequest.cpp \
+			LDAPSearchResult.cpp \
+			LDAPSearchResults.cpp \
+			LDAPUrl.cpp \
+			LDAPUrlList.cpp \
+			LdifReader.cpp \
+			LdifWriter.cpp \
+			SaslInteraction.cpp \
+			SaslInteractionHandler.cpp \
+			StringList.cpp 
 
 include_HEADERS = LDAPAsynConnection.h \
-                        LDAPAttribute.h \
-                        LDAPAttributeList.h \
-                        LDAPAttrType.h \
-                        LDAPConnection.h \
-                        LDAPConstraints.h \
-                        LDAPControl.h \
-                        LDAPControlSet.h \
-                        LDAPEntry.h \
-                        LDAPEntryList.h \
-                        LDAPException.h \
-                        LDAPExtResult.h \
-                        LDAPMessage.h \
-                        LDAPMessageQueue.h \
-                        LDAPModification.h \
-                        LDAPModList.h \
-                        LDAPObjClass.h \
-                        LDAPRebind.h \
-                        LDAPRebindAuth.h \
-                        LDAPReferralException.h \
-                        LDAPReferenceList.h \
-                        LDAPResult.h \
-                        LDAPSchema.h \
-                        LDAPSearchReference.h \
-                        LDAPSearchResult.h \
-                        LDAPSearchResults.h \
-                        LDAPUrl.h \
-                        LDAPUrlList.h \
-                        StringList.h 
+			LDAPAttribute.h \
+			LDAPAttributeList.h \
+			LDAPAttrType.h \
+			LDAPConnection.h \
+			LDAPConstraints.h \
+			LDAPControl.h \
+			LDAPControlSet.h \
+			LDAPEntry.h \
+			LDAPEntryList.h \
+			LDAPException.h \
+			LDAPExtResult.h \
+			LDAPMessage.h \
+			LDAPMessageQueue.h \
+			LDAPModification.h \
+			LDAPModList.h \
+			LDAPObjClass.h \
+			LDAPRebind.h \
+			LDAPRebindAuth.h \
+			LDAPReferenceList.h \
+			LDAPResult.h \
+			LDAPSaslBindResult.h \
+			LDAPSchema.h \
+			LDAPSearchReference.h \
+			LDAPSearchResult.h \
+			LDAPSearchResults.h \
+			LDAPUrl.h \
+			LDAPUrlList.h \
+			LdifReader.h \
+			LdifWriter.h \
+			SaslInteraction.h \
+			SaslInteractionHandler.h \
+			StringList.h 
 
 noinst_HEADERS = LDAPAddRequest.h \
                 LDAPBindRequest.h \
@@ -395,9 +407,9 @@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/LDAPRebind.Plo at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/LDAPRebindAuth.Plo at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/LDAPReferenceList.Plo at am__quote@
- at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/LDAPReferralException.Plo at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/LDAPRequest.Plo at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/LDAPResult.Plo at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/LDAPSaslBindResult.Plo at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/LDAPSchema.Plo at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/LDAPSearchReference.Plo at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/LDAPSearchRequest.Plo at am__quote@
@@ -405,6 +417,10 @@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/LDAPSearchResults.Plo at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/LDAPUrl.Plo at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/LDAPUrlList.Plo at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/LdifReader.Plo at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/LdifWriter.Plo at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/SaslInteraction.Plo at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/SaslInteractionHandler.Plo at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/StringList.Plo at am__quote@
 
 .cpp.o:

Copied: openldap/trunk/contrib/ldapc++/src/SaslInteraction.cpp (from rev 1127, openldap/vendor/openldap-2.4.9/contrib/ldapc++/src/SaslInteraction.cpp)
===================================================================
--- openldap/trunk/contrib/ldapc++/src/SaslInteraction.cpp	                        (rev 0)
+++ openldap/trunk/contrib/ldapc++/src/SaslInteraction.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -0,0 +1,44 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/SaslInteraction.cpp,v 1.1.2.2 2008/04/14 23:09:26 quanah Exp $
+/*
+ * Copyright 2007, OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include <SaslInteraction.h>
+#include <iostream>
+#include "debug.h"
+
+SaslInteraction::SaslInteraction( sasl_interact_t *interact ) :
+        m_interact(interact) {}
+
+SaslInteraction::~SaslInteraction()
+{
+    DEBUG(LDAP_DEBUG_TRACE, "SaslInteraction::~SaslInteraction()" << std::endl);
+}
+
+unsigned long SaslInteraction::getId() const
+{
+    return m_interact->id;
+}
+
+const std::string SaslInteraction::getPrompt() const
+{
+    return std::string(m_interact->prompt);
+}
+
+const std::string SaslInteraction::getChallenge() const
+{
+    return std::string(m_interact->challenge);
+}
+
+const std::string SaslInteraction::getDefaultResult() const
+{
+    return std::string(m_interact->defresult);
+}
+
+void SaslInteraction::setResult(const std::string &res)
+{
+    m_result = res;
+    m_interact->result = m_result.data();
+    m_interact->len = m_result.size();
+}

Copied: openldap/trunk/contrib/ldapc++/src/SaslInteraction.h (from rev 1127, openldap/vendor/openldap-2.4.9/contrib/ldapc++/src/SaslInteraction.h)
===================================================================
--- openldap/trunk/contrib/ldapc++/src/SaslInteraction.h	                        (rev 0)
+++ openldap/trunk/contrib/ldapc++/src/SaslInteraction.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -0,0 +1,29 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/SaslInteraction.h,v 1.1.2.2 2008/04/14 23:09:26 quanah Exp $
+/*
+ * Copyright 2007, OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#ifndef SASL_INTERACTION_H
+#define SASL_INTERACTION_H
+
+#include <string>
+#include <sasl/sasl.h>
+
+class SaslInteraction {
+    public:
+        SaslInteraction( sasl_interact_t *interact );
+        ~SaslInteraction();
+        unsigned long getId() const;
+        const std::string getPrompt() const;
+        const std::string getChallenge() const;
+        const std::string getDefaultResult() const;
+
+        void setResult(const std::string &res);
+
+    private:
+        sasl_interact_t *m_interact;
+        std::string m_result;
+
+};
+#endif /* SASL_INTERACTION_H */

Copied: openldap/trunk/contrib/ldapc++/src/SaslInteractionHandler.cpp (from rev 1127, openldap/vendor/openldap-2.4.9/contrib/ldapc++/src/SaslInteractionHandler.cpp)
===================================================================
--- openldap/trunk/contrib/ldapc++/src/SaslInteractionHandler.cpp	                        (rev 0)
+++ openldap/trunk/contrib/ldapc++/src/SaslInteractionHandler.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -0,0 +1,99 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/SaslInteractionHandler.cpp,v 1.3.2.2 2008/04/14 23:09:26 quanah Exp $
+/*
+ * Copyright 2007, OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include <iostream>
+#include <iomanip>
+#include <limits>
+#include "config.h"
+
+#ifdef HAVE_TERMIOS_H
+#include <termios.h>
+#endif
+
+#include <string.h>
+#include "SaslInteractionHandler.h"
+#include "SaslInteraction.h"
+#include "debug.h"
+
+void DefaultSaslInteractionHandler::handleInteractions( 
+        const std::list<SaslInteraction*> &cb ) 
+{
+    DEBUG(LDAP_DEBUG_TRACE, "DefaultSaslInteractionHandler::handleCallbacks()" 
+            << std::endl );
+    std::list<SaslInteraction*>::const_iterator i;
+
+    for (i = cb.begin(); i != cb.end(); i++ ) {
+        bool noecho;
+
+        cleanupList.push_back(*i);
+
+        std::cout << (*i)->getPrompt();
+        if (! (*i)->getDefaultResult().empty() ) {
+            std::cout << "(" << (*i)->getDefaultResult() << ")" ;
+        }
+        std:: cout << ": ";
+
+        switch ( (*i)->getId() ) {
+            case SASL_CB_PASS:
+            case SASL_CB_ECHOPROMPT:
+                noecho = true;
+                noecho = true;
+            break;
+            default:
+                noecho = false;
+            break;
+        }
+#ifdef HAVE_TERMIOS_H
+        /* turn off terminal echo if needed */
+        struct termios old_attr;
+        if ( noecho ) {
+            struct termios attr;
+            if (tcgetattr(STDIN_FILENO, &attr) < 0) {
+                perror("tcgetattr");
+            }
+
+            /* save terminal attributes */
+            memcpy(&old_attr, &attr, sizeof(attr));
+
+            /* disable echo */
+            attr.c_lflag &= ~(ECHO);
+
+            /* write attributes to terminal */
+            if (tcsetattr(STDIN_FILENO, TCSAFLUSH, &attr) < 0) {
+                perror("tcsetattr");
+            }
+        }
+#endif /* HAVE_TERMIOS_H */
+        std::string input;
+        std::cin >> std::noskipws >> input;
+        std::cin >> std::skipws;
+        (*i)->setResult(input);
+        if( std::cin.fail() ) {
+            std::cin.clear();
+        }
+        /* ignore the rest of the input line */
+        std::cin.ignore(std::numeric_limits<std::streamsize>::max(), '\n');
+
+#ifdef HAVE_TERMIOS_H
+        /* restore terminal settings */
+        if ( noecho ) {
+            tcsetattr(STDIN_FILENO, TCSANOW, &old_attr);
+            std::cout << std::endl;
+        }
+#endif /* HAVE_TERMIOS_H */
+    }
+}
+
+DefaultSaslInteractionHandler::~DefaultSaslInteractionHandler()
+{
+    DEBUG(LDAP_DEBUG_TRACE, "DefaultSaslInteractionHandler::~DefaultSaslInteractionHandler()"
+            << std::endl );
+
+    std::list<SaslInteraction*>::const_iterator i;
+    for (i = cleanupList.begin(); i != cleanupList.end(); i++ ) {
+        delete(*i);
+    }
+}

Copied: openldap/trunk/contrib/ldapc++/src/SaslInteractionHandler.h (from rev 1127, openldap/vendor/openldap-2.4.9/contrib/ldapc++/src/SaslInteractionHandler.h)
===================================================================
--- openldap/trunk/contrib/ldapc++/src/SaslInteractionHandler.h	                        (rev 0)
+++ openldap/trunk/contrib/ldapc++/src/SaslInteractionHandler.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -0,0 +1,27 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/SaslInteractionHandler.h,v 1.1.2.2 2008/04/14 23:09:26 quanah Exp $
+/*
+ * Copyright 2007, OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#ifndef SASL_INTERACTION_HANDLER_H
+#define SASL_INTERACTION_HANDLER_H
+#include <list>
+
+class SaslInteraction;
+
+class SaslInteractionHandler {
+    public:
+        virtual void handleInteractions( const std::list<SaslInteraction*> &cb )=0;
+        virtual ~SaslInteractionHandler() {}
+};
+
+class DefaultSaslInteractionHandler {
+    public:
+        virtual void handleInteractions( const std::list<SaslInteraction*> &cb );
+        virtual ~DefaultSaslInteractionHandler();
+
+    private:
+        std::list<SaslInteraction*> cleanupList;
+};
+#endif /* SASL_INTERACTION_HANDLER_H */

Modified: openldap/trunk/contrib/ldapc++/src/StringList.cpp
===================================================================
--- openldap/trunk/contrib/ldapc++/src/StringList.cpp	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/StringList.cpp	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,6 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/StringList.cpp,v 1.6.6.2 2008/04/14 23:09:26 quanah Exp $
 /*
- * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 2000-2007, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
  */
 

Modified: openldap/trunk/contrib/ldapc++/src/StringList.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/StringList.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/StringList.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/StringList.h,v 1.7.6.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/ldapc++/src/ac/time.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/ac/time.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/ac/time.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,7 +1,7 @@
 /* Generic time.h */
-/* $OpenLDAP: pkg/ldap/contrib/ldapc++/src/ac/time.h,v 1.7.2.3 2007/10/02 02:24:57 ralf Exp $ */
+/* $OpenLDAP: pkg/ldap/contrib/ldapc++/src/ac/time.h,v 1.7.2.4 2008/02/11 23:26:38 kurt Exp $ */
 /*
- * Copyright 1998-2007 The OpenLDAP Foundation, Redwood City, California, USA
+ * Copyright 1998-2008 The OpenLDAP Foundation, Redwood City, California, USA
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms are permitted only

Modified: openldap/trunk/contrib/ldapc++/src/config.h.in
===================================================================
--- openldap/trunk/contrib/ldapc++/src/config.h.in	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/config.h.in	2008-05-25 14:29:31 UTC (rev 1128)
@@ -6,6 +6,9 @@
 /* Define to 1 if you have the <inttypes.h> header file. */
 #undef HAVE_INTTYPES_H
 
+/* Define to 1 if you have the <ldap.h> header file. */
+#undef HAVE_LDAP_H
+
 /* Define to 1 if you have the `resolv' library (-lresolv). */
 #undef HAVE_LIBRESOLV
 
@@ -30,6 +33,9 @@
 /* Define to 1 if you have the <sys/types.h> header file. */
 #undef HAVE_SYS_TYPES_H
 
+/* Define to 1 if you have the <termios.h> header file. */
+#undef HAVE_TERMIOS_H
+
 /* Define to 1 if you have the <unistd.h> header file. */
 #undef HAVE_UNISTD_H
 

Modified: openldap/trunk/contrib/ldapc++/src/debug.h
===================================================================
--- openldap/trunk/contrib/ldapc++/src/debug.h	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/ldapc++/src/debug.h	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,3 +1,4 @@
+// $OpenLDAP: pkg/ldap/contrib/ldapc++/src/debug.h,v 1.5.10.1 2008/04/14 23:09:26 quanah Exp $
 /*
  * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file

Modified: openldap/trunk/contrib/slapd-modules/acl/README
===================================================================
--- openldap/trunk/contrib/slapd-modules/acl/README	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-modules/acl/README	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,4 +1,4 @@
-Copyright 2005-2007 The OpenLDAP Foundation. All rights reserved.
+Copyright 2005-2008 The OpenLDAP Foundation. All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted only as authorized by the OpenLDAP

Modified: openldap/trunk/contrib/slapd-modules/acl/posixgroup.c
===================================================================
--- openldap/trunk/contrib/slapd-modules/acl/posixgroup.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-modules/acl/posixgroup.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,6 +1,6 @@
-/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/acl/posixgroup.c,v 1.3.2.3 2007/08/31 23:13:51 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/acl/posixgroup.c,v 1.3.2.4 2008/02/11 23:26:38 kurt Exp $ */
 /*
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/contrib/slapd-modules/allop/README
===================================================================
--- openldap/trunk/contrib/slapd-modules/allop/README	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-modules/allop/README	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,4 +1,4 @@
-Copyright 2004-2007 The OpenLDAP Foundation. All rights reserved.
+Copyright 2004-2008 The OpenLDAP Foundation. All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted only as authorized by the OpenLDAP

Modified: openldap/trunk/contrib/slapd-modules/allop/allop.c
===================================================================
--- openldap/trunk/contrib/slapd-modules/allop/allop.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-modules/allop/allop.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 /* allop.c - returns all operational attributes when appropriate */
-/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/allop/allop.c,v 1.3.2.2 2007/08/31 23:13:51 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/allop/allop.c,v 1.3.2.3 2008/02/11 23:26:38 kurt Exp $ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2005-2007 The OpenLDAP Foundation.
+ * Copyright 2005-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/contrib/slapd-modules/allop/slapo-allop.5
===================================================================
--- openldap/trunk/contrib/slapd-modules/allop/slapo-allop.5	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-modules/allop/slapo-allop.5	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,7 +1,7 @@
 .TH SLAPO-ALLOP 5 "RELEASEDATE" "OpenLDAP LDVERSION"
-.\" Copyright 2005-2007 The OpenLDAP Foundation All Rights Reserved.
+.\" Copyright 2005-2008 The OpenLDAP Foundation All Rights Reserved.
 .\" Copying restrictions apply.  See COPYRIGHT/LICENSE.
-.\" $OpenLDAP: pkg/ldap/contrib/slapd-modules/allop/slapo-allop.5,v 1.2.2.2 2007/08/31 23:13:51 quanah Exp $
+.\" $OpenLDAP: pkg/ldap/contrib/slapd-modules/allop/slapo-allop.5,v 1.2.2.3 2008/02/11 23:26:38 kurt Exp $
 .SH NAME
 slapo-allop \- All Operational Attributes overlay
 .SH SYNOPSIS

Copied: openldap/trunk/contrib/slapd-modules/autogroup (from rev 1127, openldap/vendor/openldap-2.4.9/contrib/slapd-modules/autogroup)

Modified: openldap/trunk/contrib/slapd-modules/comp_match/Makefile
===================================================================
--- openldap/trunk/contrib/slapd-modules/comp_match/Makefile	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-modules/comp_match/Makefile	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,7 +1,7 @@
-# $OpenLDAP: pkg/ldap/contrib/slapd-modules/comp_match/Makefile,v 1.11.2.2 2007/08/31 23:13:51 quanah Exp $
+# $OpenLDAP: pkg/ldap/contrib/slapd-modules/comp_match/Makefile,v 1.11.2.3 2008/02/11 23:26:38 kurt Exp $
 # This work is part of OpenLDAP Software <http://www.openldap.org/>.
 #
-# Copyright 2003-2007 The OpenLDAP Foundation.
+# Copyright 2003-2008 The OpenLDAP Foundation.
 # Portions Copyright 2004 by IBM Corporation.
 # All rights reserved.
 

Modified: openldap/trunk/contrib/slapd-modules/denyop/denyop.c
===================================================================
--- openldap/trunk/contrib/slapd-modules/denyop/denyop.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-modules/denyop/denyop.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 /* denyop.c - Denies operations */
-/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/denyop/denyop.c,v 1.2.2.2 2007/08/31 23:13:51 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/denyop/denyop.c,v 1.2.2.3 2008/02/11 23:26:38 kurt Exp $ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2004-2007 The OpenLDAP Foundation.
+ * Copyright 2004-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/contrib/slapd-modules/dsaschema/README
===================================================================
--- openldap/trunk/contrib/slapd-modules/dsaschema/README	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-modules/dsaschema/README	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,4 +1,4 @@
-Copyright 2004-2007 The OpenLDAP Foundation. All rights reserved.
+Copyright 2004-2008 The OpenLDAP Foundation. All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted only as authorized by the OpenLDAP

Modified: openldap/trunk/contrib/slapd-modules/dsaschema/dsaschema.c
===================================================================
--- openldap/trunk/contrib/slapd-modules/dsaschema/dsaschema.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-modules/dsaschema/dsaschema.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,6 +1,6 @@
-/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/dsaschema/dsaschema.c,v 1.5.2.2 2007/08/31 23:13:51 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/dsaschema/dsaschema.c,v 1.5.2.3 2008/02/11 23:26:38 kurt Exp $ */
 /*
- * Copyright 2004-2007 The OpenLDAP Foundation.
+ * Copyright 2004-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/contrib/slapd-modules/lastmod/lastmod.c
===================================================================
--- openldap/trunk/contrib/slapd-modules/lastmod/lastmod.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-modules/lastmod/lastmod.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 /* lastmod.c - returns last modification info */
-/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/lastmod/lastmod.c,v 1.2.2.2 2007/08/31 23:13:51 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/lastmod/lastmod.c,v 1.2.2.3 2008/02/11 23:26:38 kurt Exp $ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2004-2007 The OpenLDAP Foundation.
+ * Copyright 2004-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/contrib/slapd-modules/lastmod/slapo-lastmod.5
===================================================================
--- openldap/trunk/contrib/slapd-modules/lastmod/slapo-lastmod.5	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-modules/lastmod/slapo-lastmod.5	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,4 +1,4 @@
-.\" Copyright 2004-2007 The OpenLDAP Foundation All Rights Reserved.
+.\" Copyright 2004-2008 The OpenLDAP Foundation All Rights Reserved.
 .\" Copying restrictions apply.  See COPYRIGHT/LICENSE.
 .TH SLAPO_LASTMOD 5 "RELEASEDATE" "OpenLDAP LDVERSION"
 .SH NAME

Modified: openldap/trunk/contrib/slapd-modules/passwd/README
===================================================================
--- openldap/trunk/contrib/slapd-modules/passwd/README	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-modules/passwd/README	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,4 +1,4 @@
-Copyright 2004-2007 The OpenLDAP Foundation. All rights reserved.
+Copyright 2004-2008 The OpenLDAP Foundation. All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted only as authorized by the OpenLDAP

Modified: openldap/trunk/contrib/slapd-modules/passwd/kerberos.c
===================================================================
--- openldap/trunk/contrib/slapd-modules/passwd/kerberos.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-modules/passwd/kerberos.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,6 +1,6 @@
-/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/passwd/kerberos.c,v 1.5.2.2 2007/08/31 23:13:52 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/passwd/kerberos.c,v 1.5.2.3 2008/02/11 23:26:38 kurt Exp $ */
 /*
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/contrib/slapd-modules/passwd/netscape.c
===================================================================
--- openldap/trunk/contrib/slapd-modules/passwd/netscape.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-modules/passwd/netscape.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,6 +1,6 @@
-/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/passwd/netscape.c,v 1.5.2.2 2007/08/31 23:13:52 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/passwd/netscape.c,v 1.5.2.3 2008/02/11 23:26:38 kurt Exp $ */
 /*
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/contrib/slapd-modules/passwd/radius.c
===================================================================
--- openldap/trunk/contrib/slapd-modules/passwd/radius.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-modules/passwd/radius.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,6 +1,6 @@
-/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/passwd/radius.c,v 1.2.2.3 2007/08/31 23:13:52 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/passwd/radius.c,v 1.2.2.4 2008/02/11 23:26:38 kurt Exp $ */
 /*
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/contrib/slapd-modules/smbk5pwd/smbk5pwd.c
===================================================================
--- openldap/trunk/contrib/slapd-modules/smbk5pwd/smbk5pwd.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-modules/smbk5pwd/smbk5pwd.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,5 @@
 /* smbk5pwd.c - Overlay for managing Samba and Heimdal passwords */
-/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/smbk5pwd/smbk5pwd.c,v 1.17.2.5 2007/10/09 00:18:47 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/smbk5pwd/smbk5pwd.c,v 1.17.2.10 2008/04/14 21:58:37 quanah Exp $ */
 /*
  * Copyright 2004-2005 by Howard Chu, Symas Corp.
  * All rights reserved.
@@ -91,8 +91,8 @@
 #ifdef DO_SAMBA
 	/* How many seconds before forcing a password change? */
 	time_t	smb_must_change;
-        /* How many seconds after allowing a password change? */
-        time_t  smb_can_change;
+	/* How many seconds after allowing a password change? */
+	time_t  smb_can_change;
 #endif
 } smbk5pwd_t;
 
@@ -215,7 +215,7 @@
 
 	/* clear out the current key */
 	ldap_pvt_thread_pool_setkey( op->o_threadctx, smbk5pwd_op_cleanup,
-		NULL, NULL );
+		NULL, 0, NULL, NULL );
 
 	/* free the callback */
 	cb = op->o_callback;
@@ -234,8 +234,8 @@
 	 */
 	if ( op->oq_bind.rb_method == LDAP_AUTH_SIMPLE ) {
 		slap_callback *cb;
-		ldap_pvt_thread_pool_setkey( op->o_threadctx, smbk5pwd_op_cleanup, op,
-			NULL );
+		ldap_pvt_thread_pool_setkey( op->o_threadctx,
+			smbk5pwd_op_cleanup, op, 0, NULL, NULL );
 		cb = op->o_tmpcalloc( 1, sizeof(slap_callback), op->o_tmpmemctx );
 		cb->sc_cleanup = smbk5pwd_op_cleanup;
 		cb->sc_next = op->o_callback;
@@ -268,7 +268,7 @@
 	const struct berval *cred,
 	const char **text )
 {
-	void *ctx;
+	void *ctx, *op_tmp;
 	Operation *op;
 	int rc;
 	Entry *e;
@@ -281,9 +281,10 @@
 	/* Find our thread context, find our Operation */
 	ctx = ldap_pvt_thread_pool_context();
 
-	if ( ldap_pvt_thread_pool_getkey( ctx, smbk5pwd_op_cleanup, (void **)&op, NULL ) ||
-		!op )
+	if ( ldap_pvt_thread_pool_getkey( ctx, smbk5pwd_op_cleanup, &op_tmp, NULL )
+		 || !op_tmp )
 		return LUTIL_PASSWD_ERR;
+	op = op_tmp;
 
 	rc = be_entry_get_rw( op, &op->o_req_ndn, NULL, NULL, 0, &e );
 	if ( rc != LDAP_SUCCESS ) return LUTIL_PASSWD_ERR;
@@ -532,9 +533,9 @@
 		qpw->rs_mods = ml;
 
 		keys = ch_malloc( 2 * sizeof(struct berval) );
-		keys[0].bv_val = ch_malloc( STRLENOF( "9223372036854775807L" ) + 1 );
+		keys[0].bv_val = ch_malloc( LDAP_PVT_INTTYPE_CHARS(long) );
 		keys[0].bv_len = snprintf(keys[0].bv_val,
-			STRLENOF( "9223372036854775807L" ) + 1,
+			LDAP_PVT_INTTYPE_CHARS(long),
 			"%ld", slap_get_time());
 		BER_BVZERO( &keys[1] );
 		
@@ -554,9 +555,9 @@
 			qpw->rs_mods = ml;
 
 			keys = ch_malloc( 2 * sizeof(struct berval) );
-			keys[0].bv_val = ch_malloc( STRLENOF( "9223372036854775807L" ) + 1 );
+			keys[0].bv_val = ch_malloc( LDAP_PVT_INTTYPE_CHARS(long) );
 			keys[0].bv_len = snprintf(keys[0].bv_val,
-					STRLENOF( "9223372036854775807L" ) + 1,
+					LDAP_PVT_INTTYPE_CHARS(long),
 					"%ld", slap_get_time() + pi->smb_must_change);
 			BER_BVZERO( &keys[1] );
 
@@ -570,28 +571,28 @@
 			ml->sml_nvalues = NULL;
 		}
 
-                if (pi->smb_can_change)
-                {
-                        ml = ch_malloc(sizeof(Modifications));
-                        ml->sml_next = qpw->rs_mods;
-                        qpw->rs_mods = ml;
+		if (pi->smb_can_change)
+		{
+			ml = ch_malloc(sizeof(Modifications));
+			ml->sml_next = qpw->rs_mods;
+			qpw->rs_mods = ml;
 
-                        keys = ch_malloc( 2 * sizeof(struct berval) );
-                        keys[0].bv_val = ch_malloc( STRLENOF( "9223372036854775807L" ) + 1 );
-                        keys[0].bv_len = snprintf(keys[0].bv_val,
-                                        STRLENOF( "9223372036854775807L" ) + 1,
-                                        "%ld", slap_get_time() + pi->smb_can_change);
-                        BER_BVZERO( &keys[1] );
+			keys = ch_malloc( 2 * sizeof(struct berval) );
+			keys[0].bv_val = ch_malloc( LDAP_PVT_INTTYPE_CHARS(long) );
+			keys[0].bv_len = snprintf(keys[0].bv_val,
+					LDAP_PVT_INTTYPE_CHARS(long),
+					"%ld", slap_get_time() + pi->smb_can_change);
+			BER_BVZERO( &keys[1] );
 
-                        ml->sml_desc = ad_sambaPwdCanChange;
-                        ml->sml_op = LDAP_MOD_REPLACE;
+			ml->sml_desc = ad_sambaPwdCanChange;
+			ml->sml_op = LDAP_MOD_REPLACE;
 #ifdef SLAP_MOD_INTERNAL
-                        ml->sml_flags = SLAP_MOD_INTERNAL;
+			ml->sml_flags = SLAP_MOD_INTERNAL;
 #endif
-						ml->sml_numvals = 1;
-                        ml->sml_values = keys;
-                        ml->sml_nvalues = NULL;
-                }
+			ml->sml_numvals = 1;
+			ml->sml_values = keys;
+			ml->sml_nvalues = NULL;
+		}
 	}
 #endif /* DO_SAMBA */
 	be_entry_release_r( op, e );
@@ -625,11 +626,11 @@
 		"( OLcfgCtAt:1.2 NAME 'olcSmbK5PwdMustChange' "
 		"DESC 'Credentials validity interval' "
 		"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
-        { "smbk5pwd-can-change", "time",
-                2, 2, 0, ARG_MAGIC|ARG_INT|PC_SMB_CAN_CHANGE, smbk5pwd_cf_func,
-                "( OLcfgCtAt:1.3 NAME 'olcSmbK5PwdCanChange' "
-                "DESC 'Credentials minimum validity interval' "
-                "SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
+	{ "smbk5pwd-can-change", "time",
+		2, 2, 0, ARG_MAGIC|ARG_INT|PC_SMB_CAN_CHANGE, smbk5pwd_cf_func,
+		"( OLcfgCtAt:1.3 NAME 'olcSmbK5PwdCanChange' "
+		"DESC 'Credentials minimum validity interval' "
+		"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
 
 	{ NULL, NULL, 0, 0, 0, ARG_IGNORED }
 };
@@ -676,13 +677,13 @@
 #endif /* ! DO_SAMBA */
 			break;
 
-                case PC_SMB_CAN_CHANGE:
+		case PC_SMB_CAN_CHANGE:
 #ifdef DO_SAMBA
-                        c->value_int = pi->smb_can_change;
+			c->value_int = pi->smb_can_change;
 #else /* ! DO_SAMBA */
-                        c->value_int = 0;
+			c->value_int = 0;
 #endif /* ! DO_SAMBA */
-                        break;
+			break;
 
 		case PC_SMB_ENABLE:
 			c->rvalue_vals = NULL;
@@ -843,7 +844,7 @@
 		{ "sambaNTPassword",		&ad_sambaNTPassword },
 		{ "sambaPwdLastSet",		&ad_sambaPwdLastSet },
 		{ "sambaPwdMustChange",		&ad_sambaPwdMustChange },
-                { "sambaPwdCanChange",          &ad_sambaPwdCanChange },
+		{ "sambaPwdCanChange",		&ad_sambaPwdCanChange },
 		{ NULL }
 	},
 #endif /* DO_SAMBA */

Modified: openldap/trunk/contrib/slapd-modules/trace/trace.c
===================================================================
--- openldap/trunk/contrib/slapd-modules/trace/trace.c	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-modules/trace/trace.c	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 /* trace.c - traces overlay invocation */
-/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/trace/trace.c,v 1.2.2.2 2007/08/31 23:13:52 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/trace/trace.c,v 1.2.2.3 2008/02/11 23:26:38 kurt Exp $ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2006-2007 The OpenLDAP Foundation.
+ * Copyright 2006-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/contrib/slapd-tools/README
===================================================================
--- openldap/trunk/contrib/slapd-tools/README	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapd-tools/README	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,4 +1,4 @@
-Copyright 2004-2007 The OpenLDAP Foundation. All rights reserved.
+Copyright 2004-2008 The OpenLDAP Foundation. All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted only as authorized by the OpenLDAP

Modified: openldap/trunk/contrib/slapi-plugins/addrdnvalues/README
===================================================================
--- openldap/trunk/contrib/slapi-plugins/addrdnvalues/README	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/contrib/slapi-plugins/addrdnvalues/README	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,4 +1,4 @@
-Copyright 2003-2007 The OpenLDAP Foundation. All rights reserved.
+Copyright 2003-2008 The OpenLDAP Foundation. All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted only as authorized by the OpenLDAP

Modified: openldap/trunk/debian/changelog
===================================================================
--- openldap/trunk/debian/changelog	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/debian/changelog	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,4 +1,4 @@
-openldap2.3 (2.4.7-7) UNRELEASED; urgency=low
+openldap2.3 (2.4.9-1) unstable; urgency=low
 
   [ Updated debconf translations ]
   * French, thanks to Christian Perrier <bubulle at debian.org>.
@@ -13,7 +13,7 @@
   * Galician, thanks to Jacobo Tarrio <jtarrio at trasno.net>.  Closes: #480218.
   * Japanese, thanks to Kenshi Muto <kmuto at debian.org>.  Closes: #480247.
 
- -- Steve Langasek <vorlon at debian.org>  Thu, 28 Feb 2008 22:32:44 -0800
+ -- Matthijs Mohlmann <matthijs at cacholong.nl>  Sun, 25 May 2008 11:58:39 +0200
 
 openldap2.3 (2.4.7-6) unstable; urgency=low
 

Modified: openldap/trunk/debian/rules
===================================================================
--- openldap/trunk/debian/rules	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/debian/rules	2008-05-25 14:29:31 UTC (rev 1128)
@@ -41,7 +41,7 @@
 
 # These variables are used only by get-orig-source, which will normally only
 # be run by maintainers.
-VERSION = 2.4.7
+VERSION = 2.4.9
 URL     = http://www.openldap.org/software/download/OpenLDAP/openldap-release/
 
 # Download the upstream source and make changes as required for DFSG reasons.

Modified: openldap/trunk/doc/Makefile.in
===================================================================
--- openldap/trunk/doc/Makefile.in	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/Makefile.in	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 ## doc Makefile.in for OpenLDAP
-# $OpenLDAP: pkg/ldap/doc/Makefile.in,v 1.11.2.2 2007/08/31 23:13:52 quanah Exp $
+# $OpenLDAP: pkg/ldap/doc/Makefile.in,v 1.11.2.3 2008/02/11 23:26:39 kurt Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2007 The OpenLDAP Foundation.
+## Copyright 1998-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/doc/devel/args
===================================================================
--- openldap/trunk/doc/devel/args	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/devel/args	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,6 +1,6 @@
 Tools           ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
 ldapcompare      * DE**HI*K M*OPQR  UVWXYZ   de *h**k *nop*    vwxyz
-ldapdelete       *CDE**HI*K M*OPQR  UVWXYZ  cdef*h**k *nop*    vwxy
+ldapdelete       *CDE**HI*K M*OPQR  UVWXYZ  cdef*h**k *nop*    vwxyz
 ldapmodify       *CDE**HI*K M*OPQRS UVWXYZabcde *h**k *nop*r t vwxy
 ldapmodrdn       *CDE**HI*K M*OPQR  UVWXYZ  cdef*h**k *nop*rs  vwxy
 ldappasswd      A*CDE**HI*   *O QRS UVWXYZa  def*h**  * o * s  vwxy  
@@ -56,4 +56,4 @@
 
 
 ---
-$OpenLDAP: pkg/ldap/doc/devel/args,v 1.29.2.2 2007/08/31 23:13:52 quanah Exp $
+$OpenLDAP: pkg/ldap/doc/devel/args,v 1.29.2.3 2008/02/09 00:53:37 quanah Exp $

Modified: openldap/trunk/doc/guide/COPYRIGHT
===================================================================
--- openldap/trunk/doc/guide/COPYRIGHT	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/COPYRIGHT	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,4 +1,4 @@
-Copyright 1998-2007 The OpenLDAP Foundation
+Copyright 1998-2008 The OpenLDAP Foundation
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
@@ -12,11 +12,11 @@
 OpenLDAP is a registered trademark of the OpenLDAP Foundation.
 
 Individual files and/or contributed packages may be copyright by
-other parties and subject to additional restrictions.
+other parties and/or subject to additional restrictions.
 
 This work is derived from the University of Michigan LDAP v3.3
 distribution.  Information concerning this software is available
-at <http://www.umich.edu/~dirsvcs/ldap/>.
+at <http://www.umich.edu/~dirsvcs/ldap/ldap.html>.
 
 This work also contains materials derived from public sources.
 
@@ -25,9 +25,9 @@
 
 ---
 
-Portions Copyright 1998-2005 Kurt D. Zeilenga.
-Portions Copyright 1998-2005 Net Boolean Incorporated.
-Portions Copyright 2001-2005 IBM Corporation.
+Portions Copyright 1998-2006 Kurt D. Zeilenga.
+Portions Copyright 1998-2006 Net Boolean Incorporated.
+Portions Copyright 2001-2006 IBM Corporation.
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
@@ -39,8 +39,8 @@
 Portions Copyright 1999-2007 Howard Y.H. Chu.
 Portions Copyright 1999-2007 Symas Corporation.
 Portions Copyright 1998-2003 Hallvard B. Furuseth.
-Portions Copyright 2007 Gavin Henry
-Portions Copyright 2007 Suretec Systems
+Portions Copyright 2007-2008 Gavin Henry
+Portions Copyright 2007-2008 Suretec Systems Limited.
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without

Modified: openldap/trunk/doc/guide/admin/Makefile
===================================================================
--- openldap/trunk/doc/guide/admin/Makefile	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/Makefile	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,8 +1,8 @@
 ## Makefile for OpenLDAP Administrator's Guide
-# $OpenLDAP: pkg/openldap-guide/admin/Makefile,v 1.5.2.6 2007/11/29 22:51:25 quanah Exp $
+# $OpenLDAP: pkg/openldap-guide/admin/Makefile,v 1.5.2.9 2008/04/14 20:43:48 quanah Exp $
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 2005-2007 The OpenLDAP Foundation.
+## Copyright 2005-2008 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
@@ -21,6 +21,7 @@
 	../plain.sdf \
 	../preamble.sdf \
 	abstract.sdf \
+	access-control.sdf \
 	appendix-changes.sdf \
 	appendix-common-errors.sdf \
 	appendix-configs.sdf \
@@ -61,11 +62,14 @@
 	config_dit.png \
 	config_local.png \
 	config_ref.png \
-	config_repl.gif \
+	config_repl.png \
 	dual_dc.png \
 	intro_dctree.png \
 	intro_tree.png \
-	refint.png 
+	refint.png \
+	set-following-references.png \
+	set-memberUid.png \
+	set-recursivegroup.png 
 
 guide.html: guide.sdf sdf-src sdf-img
 	sdf -2html guide.sdf

Modified: openldap/trunk/doc/guide/admin/README.spellcheck
===================================================================
--- openldap/trunk/doc/guide/admin/README.spellcheck	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/README.spellcheck	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,5 @@
-# $OpenLDAP: pkg/openldap-guide/admin/README.spellcheck,v 1.2.2.2 2007/10/23 19:06:09 quanah Exp $
-# Copyright 2007 The OpenLDAP Foundation, All Rights Reserved.
+# $OpenLDAP: pkg/openldap-guide/admin/README.spellcheck,v 1.2.2.3 2008/02/11 23:26:39 kurt Exp $
+# Copyright 2007-2008 The OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
 #
 # README.spellcheck 

Modified: openldap/trunk/doc/guide/admin/abstract.sdf
===================================================================
--- openldap/trunk/doc/guide/admin/abstract.sdf	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/abstract.sdf	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,5 @@
-# $OpenLDAP: pkg/openldap-guide/admin/abstract.sdf,v 1.7.2.4 2007/11/07 23:01:35 ghenry Exp $
-# Copyright 1999-2007 The OpenLDAP Foundation, All Rights Reserved.
+# $OpenLDAP: pkg/openldap-guide/admin/abstract.sdf,v 1.7.2.5 2008/02/11 23:26:39 kurt Exp $
+# Copyright 1999-2008 The OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
 # 
 # OpenLDAP Administrator's Guide: Abstract

Copied: openldap/trunk/doc/guide/admin/access-control.sdf (from rev 1127, openldap/vendor/openldap-2.4.9/doc/guide/admin/access-control.sdf)
===================================================================
--- openldap/trunk/doc/guide/admin/access-control.sdf	                        (rev 0)
+++ openldap/trunk/doc/guide/admin/access-control.sdf	2008-05-25 14:29:31 UTC (rev 1128)
@@ -0,0 +1,1539 @@
+# $OpenLDAP: pkg/openldap-guide/admin/access-control.sdf,v 1.3.2.1 2008/04/14 20:35:10 quanah Exp $
+# Copyright 1999-2008 The OpenLDAP Foundation, All Rights Reserved.
+# COPYING RESTRICTIONS APPLY, see COPYRIGHT.
+
+H1: Access Control
+
+H2: Introduction
+
+As the directory gets populated with more and more data of varying sensitivity, 
+controlling the kinds of access granted to the directory becomes more and more
+critical. For instance, the directory may contain data of a confidential nature 
+that you may need to protect by contract or by law. Or, if using the directory 
+to control access to other services, inappropriate access to the directory may 
+create avenues of attack to your sites security that result in devastating 
+damage to your assets.
+
+Access to your directory can be configured via two methods, the first using
+{{SECT:The slapd Configuration File}} and the second using the {{slapd-config}}(5) 
+format ({{SECT:Configuring slapd}}).
+
+The default access control policy is allow read by all clients. Regardless of 
+what access control policy is defined, the {{rootdn}} is always allowed full 
+rights (i.e. auth, search, compare, read and write) on everything and anything.
+
+As a consequence, it's useless (and results in a performance penalty) to explicitly 
+list the {{rootdn}} among the {{<by>}} clauses.
+
+The following sections will describe Access Control Lists in more details and 
+follow with some examples and recommendations. 
+
+H2: Access Control via Static Configuration
+
+Access to entries and attributes is controlled by the
+access configuration file directive. The general form of an
+access line is:
+
+>    <access directive> ::= access to <what>
+>        [by <who> [<access>] [<control>] ]+
+>    <what> ::= * |
+>        [dn[.<basic-style>]=<regex> | dn.<scope-style>=<DN>]
+>        [filter=<ldapfilter>] [attrs=<attrlist>]
+>    <basic-style> ::= regex | exact
+>    <scope-style> ::= base | one | subtree | children
+>    <attrlist> ::= <attr> [val[.<basic-style>]=<regex>] | <attr> , <attrlist>
+>    <attr> ::= <attrname> | entry | children
+>    <who> ::= * | [anonymous | users | self
+>            | dn[.<basic-style>]=<regex> | dn.<scope-style>=<DN>] 
+>        [dnattr=<attrname>]
+>        [group[/<objectclass>[/<attrname>][.<basic-style>]]=<regex>]
+>        [peername[.<basic-style>]=<regex>]
+>        [sockname[.<basic-style>]=<regex>]
+>        [domain[.<basic-style>]=<regex>]
+>        [sockurl[.<basic-style>]=<regex>]
+>        [set=<setspec>]
+>        [aci=<attrname>]
+>    <access> ::= [self]{<level>|<priv>}
+>    <level> ::= none | disclose | auth | compare | search | read | write | manage
+>    <priv> ::= {=|+|-}{m|w|r|s|c|x|d|0}+
+>    <control> ::= [stop | continue | break]
+
+where the <what> part selects the entries and/or attributes to which
+the access applies, the {{EX:<who>}} part specifies which entities
+are granted access, and the {{EX:<access>}} part specifies the
+access granted. Multiple {{EX:<who> <access> <control>}} triplets
+are supported, allowing many entities to be granted different access
+to the same set of entries and attributes. Not all of these access
+control options are described here; for more details see the
+{{slapd.access}}(5) man page.
+
+
+H3: What to control access to
+
+The <what> part of an access specification determines the entries
+and attributes to which the access control applies.  Entries are
+commonly selected in two ways: by DN and by filter.  The following
+qualifiers select entries by DN:
+
+>    to *
+>    to dn[.<basic-style>]=<regex>
+>    to dn.<scope-style>=<DN>
+
+The first form is used to select all entries.  The second form may
+be used to select entries by matching a regular expression against
+the target entry's {{normalized DN}}.   (The second form is not
+discussed further in this document.)  The third form is used to
+select entries which are within the requested scope of DN.  The
+<DN> is a string representation of the Distinguished Name, as
+described in {{REF:RFC4514}}.
+
+The scope can be either {{EX:base}}, {{EX:one}}, {{EX:subtree}},
+or {{EX:children}}.  Where {{EX:base}} matches only the entry with
+provided DN, {{EX:one}} matches the entries whose parent is the
+provided DN, {{EX:subtree}} matches all entries in the subtree whose
+root is the provided DN, and {{EX:children}} matches all entries
+under the DN (but not the entry named by the DN).
+
+For example, if the directory contained entries named:
+
+>    0: o=suffix
+>    1: cn=Manager,o=suffix
+>    2: ou=people,o=suffix
+>    3: uid=kdz,ou=people,o=suffix
+>    4: cn=addresses,uid=kdz,ou=people,o=suffix
+>    5: uid=hyc,ou=people,o=suffix
+
+\Then:
+. {{EX:dn.base="ou=people,o=suffix"}} match 2;
+. {{EX:dn.one="ou=people,o=suffix"}} match 3, and 5;
+. {{EX:dn.subtree="ou=people,o=suffix"}} match 2, 3, 4, and 5; and
+. {{EX:dn.children="ou=people,o=suffix"}} match 3, 4, and 5.
+
+
+Entries may also be selected using a filter:
+
+>    to filter=<ldap filter>
+
+where <ldap filter> is a string representation of an LDAP
+search filter, as described in {{REF:RFC4515}}.  For example:
+
+>    to filter=(objectClass=person)
+
+Note that entries may be selected by both DN and filter by
+including both qualifiers in the <what> clause.
+
+>    to dn.one="ou=people,o=suffix" filter=(objectClass=person)
+
+Attributes within an entry are selected by including a comma-separated
+list of attribute names in the <what> selector:
+
+>    attrs=<attribute list>
+
+A specific value of an attribute is selected by using a single
+attribute name and also using a value selector:
+
+>    attrs=<attribute> val[.<style>]=<regex>
+
+There are two special {{pseudo}} attributes {{EX:entry}} and
+{{EX:children}}.  To read (and hence return) a target entry, the
+subject must have {{EX:read}} access to the target's {{entry}}
+attribute.  To add or delete an entry, the subject must have
+{{EX:write}} access to the entry's {{EX:entry}} attribute AND must
+have {{EX:write}} access to the entry's parent's {{EX:children}}
+attribute.  To rename an entry, the subject must have {{EX:write}}
+access to entry's {{EX:entry}} attribute AND have {{EX:write}}
+access to both the old parent's and new parent's {{EX:children}}
+attributes.  The complete examples at the end of this section should
+help clear things up.
+
+Lastly, there is a special entry selector {{EX:"*"}} that is used to
+select any entry.  It is used when no other {{EX:<what>}}
+selector has been provided.  It's equivalent to "{{EX:dn=.*}}"
+
+
+H3: Who to grant access to
+
+The <who> part identifies the entity or entities being granted
+access. Note that access is granted to "entities" not "entries."
+The following table summarizes entity specifiers:
+
+!block table; align=Center; coltags="EX,N"; \
+    title="Table 6.3: Access Entity Specifiers"
+Specifier|Entities
+*|All, including anonymous and authenticated users
+anonymous|Anonymous (non-authenticated) users
+users|Authenticated users
+self|User associated with target entry
+dn[.<basic-style>]=<regex>|Users matching a regular expression
+dn.<scope-style>=<DN>|Users within scope of a DN
+!endblock
+
+The DN specifier behaves much like <what> clause DN specifiers.
+
+Other control factors are also supported.  For example, a {{EX:<who>}}
+can be restricted by an entry listed in a DN-valued attribute in
+the entry to which the access applies:
+
+>    dnattr=<dn-valued attribute name>
+
+The dnattr specification is used to give access to an entry
+whose DN is listed in an attribute of the entry (e.g., give
+access to a group entry to whoever is listed as the owner of
+the group entry).
+
+Some factors may not be appropriate in all environments (or any).
+For example, the domain factor relies on IP to domain name lookups.
+As these can easily be spoofed, the domain factor should be avoided.
+
+
+H3: The access to grant
+
+The kind of <access> granted can be one of the following:
+
+!block table; colaligns="LRL"; coltags="EX,EX,N"; align=Center; \
+    title="Table 6.4: Access Levels"
+Level        Privileges    Description
+none        =0             no access
+disclose    =d             needed for information disclosure on error
+auth        =dx            needed to authenticate (bind)
+compare     =cdx           needed to compare
+search      =scdx          needed to apply search filters
+read        =rscdx         needed to read search results
+write       =wrscdx        needed to modify/rename
+manage      =mwrscdx       needed to manage
+!endblock
+
+Each level implies all lower levels of access. So, for example,
+granting someone {{EX:write}} access to an entry also grants them
+{{EX:read}}, {{EX:search}}, {{EX:compare}}, {{EX:auth}} and
+{{EX:disclose}} access.  However, one may use the privileges specifier
+to grant specific permissions.
+
+
+H3: Access Control Evaluation
+
+When evaluating whether some requester should be given access to
+an entry and/or attribute, slapd compares the entry and/or attribute
+to the {{EX:<what>}} selectors given in the configuration file.
+For each entry, access controls provided in the database which holds
+the entry (or the first database if not held in any database) apply
+first, followed by the global access directives.  Within this
+priority, access directives are examined in the order in which they
+appear in the config file.  Slapd stops with the first {{EX:<what>}}
+selector that matches the entry and/or attribute. The corresponding
+access directive is the one slapd will use to evaluate access.
+
+Next, slapd compares the entity requesting access to the {{EX:<who>}}
+selectors within the access directive selected above in the order
+in which they appear. It stops with the first {{EX:<who>}} selector
+that matches the requester. This determines the access the entity
+requesting access has to the entry and/or attribute.
+
+Finally, slapd compares the access granted in the selected
+{{EX:<access>}} clause to the access requested by the client. If
+it allows greater or equal access, access is granted. Otherwise,
+access is denied.
+
+The order of evaluation of access directives makes their placement
+in the configuration file important. If one access directive is
+more specific than another in terms of the entries it selects, it
+should appear first in the config file. Similarly, if one {{EX:<who>}}
+selector is more specific than another it should come first in the
+access directive. The access control examples given below should
+help make this clear.
+
+
+
+H3: Access Control Examples
+
+The access control facility described above is quite powerful.  This
+section shows some examples of its use for descriptive purposes.
+
+A simple example:
+
+>    access to * by * read
+
+This access directive grants read access to everyone.
+
+>    access to *
+>        by self write
+>        by anonymous auth
+>        by * read
+
+This directive allows the user to modify their entry, allows anonymous
+to authentication against these entries, and allows all others to
+read these entries.  Note that only the first {{EX:by <who>}} clause
+which matches applies.  Hence, the anonymous users are granted
+{{EX:auth}}, not {{EX:read}}.  The last clause could just as well
+have been "{{EX:by users read}}".
+
+It is often desirable to restrict operations based upon the level
+of protection in place.  The following shows how security strength
+factors (SSF) can be used.
+
+>    access to *
+>        by ssf=128 self write
+>        by ssf=64 anonymous auth
+>        by ssf=64 users read
+
+This directive allows users to modify their own entries if security
+protections have of strength 128 or better have been established,
+allows authentication access to anonymous users, and read access
+when 64 or better security protections have been established.  If
+client has not establish sufficient security protections, the
+implicit {{EX:by * none}} clause would be applied.
+
+The following example shows the use of a style specifiers to select
+the entries by DN in two access directives where ordering is
+significant.
+
+>    access to dn.children="dc=example,dc=com"
+>         by * search
+>    access to dn.children="dc=com"
+>         by * read
+
+Read access is granted to entries under the {{EX:dc=com}} subtree,
+except for those entries under the {{EX:dc=example,dc=com}} subtree,
+to which search access is granted.  No access is granted to
+{{EX:dc=com}} as neither access directive matches this DN.  If the
+order of these access directives was reversed, the trailing directive
+would never be reached, since all entries under {{EX:dc=example,dc=com}}
+are also under {{EX:dc=com}} entries.
+
+Also note that if no {{EX:access to}} directive matches or no {{EX:by
+<who>}} clause, {{B:access is denied}}.  That is, every {{EX:access
+to}} directive ends with an implicit {{EX:by * none}} clause and
+every access list ends with an implicit {{EX:access to * by * none}}
+directive.
+
+The next example again shows the importance of ordering, both of
+the access directives and the {{EX:by <who>}} clauses.  It also
+shows the use of an attribute selector to grant access to a specific
+attribute and various {{EX:<who>}} selectors.
+
+>    access to dn.subtree="dc=example,dc=com" attrs=homePhone
+>        by self write
+>        by dn.children="dc=example,dc=com" search
+>        by peername.regex=IP:10\..+ read
+>    access to dn.subtree="dc=example,dc=com"
+>        by self write
+>        by dn.children="dc=example,dc=com" search
+>        by anonymous auth
+
+This example applies to entries in the "{{EX:dc=example,dc=com}}"
+subtree. To all attributes except {{EX:homePhone}}, an entry can
+write to itself, entries under {{EX:example.com}} entries can search
+by them, anybody else has no access (implicit {{EX:by * none}})
+excepting for authentication/authorization (which is always done
+anonymously).  The {{EX:homePhone}} attribute is writable by the
+entry, searchable by entries under {{EX:example.com}}, readable by
+clients connecting from network 10, and otherwise not readable
+(implicit {{EX:by * none}}).  All other access is denied by the
+implicit {{EX:access to * by * none}}.
+
+Sometimes it is useful to permit a particular DN to add or
+remove itself from an attribute. For example, if you would like to
+create a group and allow people to add and remove only
+their own DN from the member attribute, you could accomplish
+it with an access directive like this:
+
+>    access to attrs=member,entry
+>         by dnattr=member selfwrite
+
+The dnattr {{EX:<who>}} selector says that the access applies to
+entries listed in the {{EX:member}} attribute. The {{EX:selfwrite}} access
+selector says that such members can only add or delete their
+own DN from the attribute, not other values. The addition of
+the entry attribute is required because access to the entry is
+required to access any of the entry's attributes.
+
+!if 0
+For more details on how to use the {{EX:access}} directive,
+consult the {{Advanced Access Control}} chapter.
+!endif
+
+
+H3: Configuration File Example
+
+The following is an example configuration file, interspersed
+with explanatory text. It defines two databases to handle
+different parts of the {{TERM:X.500}} tree; both are {{TERM:BDB}}
+database instances. The line numbers shown are provided for
+reference only and are not included in the actual file. First, the
+global configuration section:
+
+E:  1.    # example config file - global configuration section
+E:  2.    include /usr/local/etc/schema/core.schema
+E:  3.    referral ldap://root.openldap.org
+E:  4.    access to * by * read
+ 
+Line 1 is a comment. Line 2 includes another config file
+which contains {{core}} schema definitions.
+The {{EX:referral}} directive on line 3
+means that queries not local to one of the databases defined
+below will be referred to the LDAP server running on the
+standard port (389) at the host {{EX:root.openldap.org}}.
+
+Line 4 is a global access control.  It applies to all
+entries (after any applicable database-specific access
+controls).
+
+The next section of the configuration file defines a BDB
+backend that will handle queries for things in the
+"dc=example,dc=com" portion of the tree. The
+database is to be replicated to two slave slapds, one on
+truelies, the other on judgmentday. Indices are to be
+maintained for several attributes, and the {{EX:userPassword}}
+attribute is to be protected from unauthorized access.
+
+E:  5.    # BDB definition for the example.com
+E:  6.    database bdb
+E:  7.    suffix "dc=example,dc=com"
+E:  8.    directory /usr/local/var/openldap-data
+E:  9.    rootdn "cn=Manager,dc=example,dc=com"
+E: 10.    rootpw secret
+E: 11.    # indexed attribute definitions
+E: 12.    index uid pres,eq
+E: 13.    index cn,sn,uid pres,eq,approx,sub
+E: 14.    index objectClass eq
+E: 15.    # database access control definitions
+E: 16.    access to attrs=userPassword
+E: 17.        by self write
+E: 18.        by anonymous auth
+E: 19.        by dn.base="cn=Admin,dc=example,dc=com" write
+E: 20.        by * none
+E: 21.    access to *
+E: 22.        by self write
+E: 23.        by dn.base="cn=Admin,dc=example,dc=com" write
+E: 24.        by * read
+
+Line 5 is a comment. The start of the database definition is marked
+by the database keyword on line 6. Line 7 specifies the DN suffix
+for queries to pass to this database. Line 8 specifies the directory
+in which the database files will live.
+
+Lines 9 and 10 identify the database {{super-user}} entry and associated
+password. This entry is not subject to access control or size or
+time limit restrictions.
+
+Lines 12 through 14 indicate the indices to maintain for various
+attributes.
+
+Lines 16 through 24 specify access control for entries in this
+database.  As this is the first database, the controls also apply
+to entries not held in any database (such as the Root DSE).  For
+all applicable entries, the {{EX:userPassword}} attribute is writable
+by the entry itself and by the "admin" entry.  It may be used for
+authentication/authorization purposes, but is otherwise not readable.
+All other attributes are writable by the entry and the "admin"
+entry, but may be read by all users (authenticated or not).
+
+The next section of the example configuration file defines another
+BDB database. This one handles queries involving the
+{{EX:dc=example,dc=net}} subtree but is managed by the same entity
+as the first database.  Note that without line 39, the read access
+would be allowed due to the global access rule at line 4.
+
+E: 33.    # BDB definition for example.net
+E: 34.    database bdb
+E: 35.    suffix "dc=example,dc=net"
+E: 36.    directory /usr/local/var/openldap-data-net
+E: 37.    rootdn "cn=Manager,dc=example,dc=com"
+E: 38.    index objectClass eq
+E: 39.    access to * by users read
+
+H2: Access Control via Dynamic Configuration
+
+Access to slapd entries and attributes is controlled by the
+olcAccess attribute, whose values are a sequence of access directives.
+The general form of the olcAccess configuration is:
+
+>    olcAccess: <access directive>
+>    <access directive> ::= to <what>
+>        [by <who> [<access>] [<control>] ]+
+>    <what> ::= * |
+>        [dn[.<basic-style>]=<regex> | dn.<scope-style>=<DN>]
+>        [filter=<ldapfilter>] [attrs=<attrlist>]
+>    <basic-style> ::= regex | exact
+>    <scope-style> ::= base | one | subtree | children
+>    <attrlist> ::= <attr> [val[.<basic-style>]=<regex>] | <attr> , <attrlist>
+>    <attr> ::= <attrname> | entry | children
+>    <who> ::= * | [anonymous | users | self
+>            | dn[.<basic-style>]=<regex> | dn.<scope-style>=<DN>] 
+>        [dnattr=<attrname>]
+>        [group[/<objectclass>[/<attrname>][.<basic-style>]]=<regex>]
+>        [peername[.<basic-style>]=<regex>]
+>        [sockname[.<basic-style>]=<regex>]
+>        [domain[.<basic-style>]=<regex>]
+>        [sockurl[.<basic-style>]=<regex>]
+>        [set=<setspec>]
+>        [aci=<attrname>]
+>    <access> ::= [self]{<level>|<priv>}
+>    <level> ::= none | disclose | auth | compare | search | read | write | manage
+>    <priv> ::= {=|+|-}{m|w|r|s|c|x|d|0}+
+>    <control> ::= [stop | continue | break]
+
+where the <what> part selects the entries and/or attributes to which
+the access applies, the {{EX:<who>}} part specifies which entities
+are granted access, and the {{EX:<access>}} part specifies the
+access granted. Multiple {{EX:<who> <access> <control>}} triplets
+are supported, allowing many entities to be granted different access
+to the same set of entries and attributes. Not all of these access
+control options are described here; for more details see the
+{{slapd.access}}(5) man page.
+
+
+H3: What to control access to
+
+The <what> part of an access specification determines the entries
+and attributes to which the access control applies.  Entries are
+commonly selected in two ways: by DN and by filter.  The following
+qualifiers select entries by DN:
+
+>    to *
+>    to dn[.<basic-style>]=<regex>
+>    to dn.<scope-style>=<DN>
+
+The first form is used to select all entries.  The second form may
+be used to select entries by matching a regular expression against
+the target entry's {{normalized DN}}.   (The second form is not
+discussed further in this document.)  The third form is used to
+select entries which are within the requested scope of DN.  The
+<DN> is a string representation of the Distinguished Name, as
+described in {{REF:RFC4514}}.
+
+The scope can be either {{EX:base}}, {{EX:one}}, {{EX:subtree}},
+or {{EX:children}}.  Where {{EX:base}} matches only the entry with
+provided DN, {{EX:one}} matches the entries whose parent is the
+provided DN, {{EX:subtree}} matches all entries in the subtree whose
+root is the provided DN, and {{EX:children}} matches all entries
+under the DN (but not the entry named by the DN).
+
+For example, if the directory contained entries named:
+
+>    0: o=suffix
+>    1: cn=Manager,o=suffix
+>    2: ou=people,o=suffix
+>    3: uid=kdz,ou=people,o=suffix
+>    4: cn=addresses,uid=kdz,ou=people,o=suffix
+>    5: uid=hyc,ou=people,o=suffix
+
+\Then:
+. {{EX:dn.base="ou=people,o=suffix"}} match 2;
+. {{EX:dn.one="ou=people,o=suffix"}} match 3, and 5;
+. {{EX:dn.subtree="ou=people,o=suffix"}} match 2, 3, 4, and 5; and
+. {{EX:dn.children="ou=people,o=suffix"}} match 3, 4, and 5.
+
+
+Entries may also be selected using a filter:
+
+>    to filter=<ldap filter>
+
+where <ldap filter> is a string representation of an LDAP
+search filter, as described in {{REF:RFC4515}}.  For example:
+
+>    to filter=(objectClass=person)
+
+Note that entries may be selected by both DN and filter by
+including both qualifiers in the <what> clause.
+
+>    to dn.one="ou=people,o=suffix" filter=(objectClass=person)
+
+Attributes within an entry are selected by including a comma-separated
+list of attribute names in the <what> selector:
+
+>    attrs=<attribute list>
+
+A specific value of an attribute is selected by using a single
+attribute name and also using a value selector:
+
+>    attrs=<attribute> val[.<style>]=<regex>
+
+There are two special {{pseudo}} attributes {{EX:entry}} and
+{{EX:children}}.  To read (and hence return) a target entry, the
+subject must have {{EX:read}} access to the target's {{entry}}
+attribute.  To add or delete an entry, the subject must have
+{{EX:write}} access to the entry's {{EX:entry}} attribute AND must
+have {{EX:write}} access to the entry's parent's {{EX:children}}
+attribute.  To rename an entry, the subject must have {{EX:write}}
+access to entry's {{EX:entry}} attribute AND have {{EX:write}}
+access to both the old parent's and new parent's {{EX:children}}
+attributes.  The complete examples at the end of this section should
+help clear things up.
+
+Lastly, there is a special entry selector {{EX:"*"}} that is used to
+select any entry.  It is used when no other {{EX:<what>}}
+selector has been provided.  It's equivalent to "{{EX:dn=.*}}"
+
+
+H3: Who to grant access to
+
+The <who> part identifies the entity or entities being granted
+access. Note that access is granted to "entities" not "entries."
+The following table summarizes entity specifiers:
+
+!block table; align=Center; coltags="EX,N"; \
+    title="Table 5.3: Access Entity Specifiers"
+Specifier|Entities
+*|All, including anonymous and authenticated users
+anonymous|Anonymous (non-authenticated) users
+users|Authenticated users
+self|User associated with target entry
+dn[.<basic-style>]=<regex>|Users matching a regular expression
+dn.<scope-style>=<DN>|Users within scope of a DN
+!endblock
+
+The DN specifier behaves much like <what> clause DN specifiers.
+
+Other control factors are also supported.  For example, a {{EX:<who>}}
+can be restricted by an entry listed in a DN-valued attribute in
+the entry to which the access applies:
+
+>    dnattr=<dn-valued attribute name>
+
+The dnattr specification is used to give access to an entry
+whose DN is listed in an attribute of the entry (e.g., give
+access to a group entry to whoever is listed as the owner of
+the group entry).
+
+Some factors may not be appropriate in all environments (or any).
+For example, the domain factor relies on IP to domain name lookups.
+As these can easily be spoofed, the domain factor should be avoided.
+
+
+H3: The access to grant
+
+The kind of <access> granted can be one of the following:
+
+!block table; colaligns="LRL"; coltags="EX,EX,N"; align=Center; \
+    title="Table 5.4: Access Levels"
+Level        Privileges    Description
+none         =0            no access
+disclose     =d            needed for information disclosure on error
+auth         =dx           needed to authenticate (bind)
+compare      =cdx          needed to compare
+search       =scdx         needed to apply search filters
+read         =rscdx        needed to read search results
+write        =wrscdx       needed to modify/rename
+manage       =mwrscdx      needed to manage
+!endblock
+
+Each level implies all lower levels of access. So, for example,
+granting someone {{EX:write}} access to an entry also grants them
+{{EX:read}}, {{EX:search}}, {{EX:compare}}, {{EX:auth}} and
+{{EX:disclose}} access.  However, one may use the privileges specifier
+to grant specific permissions.
+
+
+H3: Access Control Evaluation
+
+When evaluating whether some requester should be given access to
+an entry and/or attribute, slapd compares the entry and/or attribute
+to the {{EX:<what>}} selectors given in the configuration.  For
+each entry, access controls provided in the database which holds
+the entry (or the first database if not held in any database) apply
+first, followed by the global access directives (which are held in
+the {{EX:frontend}} database definition).  Within this priority,
+access directives are examined in the order in which they appear
+in the configuration attribute.  Slapd stops with the first
+{{EX:<what>}} selector that matches the entry and/or attribute. The
+corresponding access directive is the one slapd will use to evaluate
+access.
+
+Next, slapd compares the entity requesting access to the {{EX:<who>}}
+selectors within the access directive selected above in the order
+in which they appear. It stops with the first {{EX:<who>}} selector
+that matches the requester. This determines the access the entity
+requesting access has to the entry and/or attribute.
+
+Finally, slapd compares the access granted in the selected
+{{EX:<access>}} clause to the access requested by the client. If
+it allows greater or equal access, access is granted. Otherwise,
+access is denied.
+
+The order of evaluation of access directives makes their placement
+in the configuration file important. If one access directive is
+more specific than another in terms of the entries it selects, it
+should appear first in the configuration. Similarly, if one {{EX:<who>}}
+selector is more specific than another it should come first in the
+access directive. The access control examples given below should
+help make this clear.
+
+
+
+H3: Access Control Examples
+
+The access control facility described above is quite powerful.  This
+section shows some examples of its use for descriptive purposes.
+
+A simple example:
+
+>    olcAccess: to * by * read
+
+This access directive grants read access to everyone.
+
+>    olcAccess: to *
+>        by self write
+>        by anonymous auth
+>        by * read
+
+This directive allows the user to modify their entry, allows anonymous
+to authenticate against these entries, and allows all others to
+read these entries.  Note that only the first {{EX:by <who>}} clause
+which matches applies.  Hence, the anonymous users are granted
+{{EX:auth}}, not {{EX:read}}.  The last clause could just as well
+have been "{{EX:by users read}}".
+
+It is often desirable to restrict operations based upon the level
+of protection in place.  The following shows how security strength
+factors (SSF) can be used.
+
+>    olcAccess: to *
+>        by ssf=128 self write
+>        by ssf=64 anonymous auth
+>        by ssf=64 users read
+
+This directive allows users to modify their own entries if security
+protections of strength 128 or better have been established,
+allows authentication access to anonymous users, and read access
+when strength 64 or better security protections have been established.  If
+the client has not establish sufficient security protections, the
+implicit {{EX:by * none}} clause would be applied.
+
+The following example shows the use of style specifiers to select
+the entries by DN in two access directives where ordering is
+significant.
+
+>    olcAccess: to dn.children="dc=example,dc=com"
+>         by * search
+>    olcAccess: to dn.children="dc=com"
+>         by * read
+
+Read access is granted to entries under the {{EX:dc=com}} subtree,
+except for those entries under the {{EX:dc=example,dc=com}} subtree,
+to which search access is granted.  No access is granted to
+{{EX:dc=com}} as neither access directive matches this DN.  If the
+order of these access directives was reversed, the trailing directive
+would never be reached, since all entries under {{EX:dc=example,dc=com}}
+are also under {{EX:dc=com}} entries.
+
+Also note that if no {{EX:olcAccess: to}} directive matches or no {{EX:by
+<who>}} clause, {{B:access is denied}}.  That is, every {{EX:olcAccess:
+to}} directive ends with an implicit {{EX:by * none}} clause and
+every access list ends with an implicit {{EX:olcAccess: to * by * none}}
+directive.
+
+The next example again shows the importance of ordering, both of
+the access directives and the {{EX:by <who>}} clauses.  It also
+shows the use of an attribute selector to grant access to a specific
+attribute and various {{EX:<who>}} selectors.
+
+>    olcAccess: to dn.subtree="dc=example,dc=com" attrs=homePhone
+>        by self write
+>        by dn.children=dc=example,dc=com" search
+>        by peername.regex=IP:10\..+ read
+>    olcAccess: to dn.subtree="dc=example,dc=com"
+>        by self write
+>        by dn.children="dc=example,dc=com" search
+>        by anonymous auth
+
+This example applies to entries in the "{{EX:dc=example,dc=com}}"
+subtree. To all attributes except {{EX:homePhone}}, an entry can
+write to itself, entries under {{EX:example.com}} entries can search
+by them, anybody else has no access (implicit {{EX:by * none}})
+excepting for authentication/authorization (which is always done
+anonymously).  The {{EX:homePhone}} attribute is writable by the
+entry, searchable by entries under {{EX:example.com}}, readable by
+clients connecting from network 10, and otherwise not readable
+(implicit {{EX:by * none}}).  All other access is denied by the
+implicit {{EX:access to * by * none}}.
+
+Sometimes it is useful to permit a particular DN to add or
+remove itself from an attribute. For example, if you would like to
+create a group and allow people to add and remove only
+their own DN from the member attribute, you could accomplish
+it with an access directive like this:
+
+>    olcAccess: to attrs=member,entry
+>         by dnattr=member selfwrite
+
+The dnattr {{EX:<who>}} selector says that the access applies to
+entries listed in the {{EX:member}} attribute. The {{EX:selfwrite}} access
+selector says that such members can only add or delete their
+own DN from the attribute, not other values. The addition of
+the entry attribute is required because access to the entry is
+required to access any of the entry's attributes.
+
+
+
+H3: Access Control Ordering
+
+Since the ordering of {{EX:olcAccess}} directives is essential to their
+proper evaluation, but LDAP attributes normally do not preserve the
+ordering of their values, OpenLDAP uses a custom schema extension to
+maintain a fixed ordering of these values. This ordering is maintained
+by prepending a {{EX:"{X}"}} numeric index to each value, similarly to
+the approach used for ordering the configuration entries. These index
+tags are maintained automatically by slapd and do not need to be specified
+when originally defining the values. For example, when you create the
+settings
+
+>    olcAccess: to attrs=member,entry
+>         by dnattr=member selfwrite
+>    olcAccess: to dn.children="dc=example,dc=com"
+>         by * search
+>    olcAccess: to dn.children="dc=com"
+>         by * read
+
+when you read them back using slapcat or ldapsearch they will contain
+
+>    olcAccess: {0}to attrs=member,entry
+>         by dnattr=member selfwrite
+>    olcAccess: {1}to dn.children="dc=example,dc=com"
+>         by * search
+>    olcAccess: {2}to dn.children="dc=com"
+>         by * read
+
+The numeric index may be used to specify a particular value to change
+when using ldapmodify to edit the access rules. This index can be used
+instead of (or in addition to) the actual access value. Using this 
+numeric index is very helpful when multiple access rules are being managed.
+
+For example, if we needed to change the second rule above to grant
+write access instead of search, we could try this LDIF:
+
+>    changetype: modify
+>    delete: olcAccess
+>    olcAccess: to dn.children="dc=example,dc=com" by * search
+>    -
+>    add: olcAccess
+>    olcAccess: to dn.children="dc=example,dc=com" by * write
+>    -
+
+But this example {{B:will not}} guarantee that the existing values remain in
+their original order, so it will most likely yield a broken security
+configuration. Instead, the numeric index should be used:
+
+>    changetype: modify
+>    delete: olcAccess
+>    olcAccess: {1}
+>    -
+>    add: olcAccess
+>    olcAccess: {1}to dn.children="dc=example,dc=com" by * write
+>    -
+
+This example deletes whatever rule is in value #1 of the {{EX:olcAccess}}
+attribute (regardless of its value) and adds a new value that is
+explicitly inserted as value #1. The result will be
+
+>    olcAccess: {0}to attrs=member,entry
+>         by dnattr=member selfwrite
+>    olcAccess: {1}to dn.children="dc=example,dc=com"
+>         by * write
+>    olcAccess: {2}to dn.children="dc=com"
+>         by * read
+
+which is exactly what was intended.
+
+!if 0
+For more details on how to use the {{EX:access}} directive,
+consult the {{Advanced Access Control}} chapter.
+!endif
+
+
+H3: Configuration Example
+
+The following is an example configuration, interspersed
+with explanatory text. It defines two databases to handle
+different parts of the {{TERM:X.500}} tree; both are {{TERM:BDB}}
+database instances. The line numbers shown are provided for
+reference only and are not included in the actual file. First, the
+global configuration section:
+
+E:  1.    # example config file - global configuration entry
+E:  2.    dn: cn=config
+E:  3.    objectClass: olcGlobal
+E:  4.    cn: config
+E:  5.    olcReferral: ldap://root.openldap.org
+E:  6.    
+
+Line 1 is a comment. Lines 2-4 identify this as the global
+configuration entry.
+The {{EX:olcReferral:}} directive on line 5
+means that queries not local to one of the databases defined
+below will be referred to the LDAP server running on the
+standard port (389) at the host {{EX:root.openldap.org}}.
+Line 6 is a blank line, indicating the end of this entry.
+
+E:  7.    # internal schema
+E:  8.    dn: cn=schema,cn=config
+E:  9.    objectClass: olcSchemaConfig
+E: 10.    cn: schema
+E: 11.    
+
+Line 7 is a comment. Lines 8-10 identify this as the root of
+the schema subtree. The actual schema definitions in this entry
+are hardcoded into slapd so no additional attributes are specified here.
+Line 11 is a blank line, indicating the end of this entry.
+
+E: 12.    # include the core schema
+E: 13.    include: file:///usr/local/etc/openldap/schema/core.ldif
+E: 14.    
+
+Line 12 is a comment. Line 13 is an LDIF include directive which
+accesses the {{core}} schema definitions in LDIF format. Line 14
+is a blank line.
+
+Next comes the database definitions. The first database is the
+special {{EX:frontend}} database whose settings are applied globally
+to all the other databases.
+
+E: 15.    # global database parameters
+E: 16.    dn: olcDatabase=frontend,cn=config
+E: 17.    objectClass: olcDatabaseConfig
+E: 18.    olcDatabase: frontend
+E: 19.    olcAccess: to * by * read
+E: 20.    
+
+Line 15 is a comment. Lines 16-18 identify this entry as the global
+database entry. Line 19 is a global access control. It applies to all
+entries (after any applicable database-specific access controls).
+
+The next entry defines a BDB backend that will handle queries for things
+in the "dc=example,dc=com" portion of the tree. Indices are to be maintained
+for several attributes, and the {{EX:userPassword}} attribute is to be
+protected from unauthorized access.
+
+E: 21.    # BDB definition for example.com
+E: 22.    dn: olcDatabase=bdb,cn=config
+E: 23.    objectClass: olcDatabaseConfig
+E: 24.    objectClass: olcBdbConfig
+E: 25.    olcDatabase: bdb
+E: 26.    olcSuffix: "dc=example,dc=com"
+E: 27.    olcDbDirectory: /usr/local/var/openldap-data
+E: 28.    olcRootDN: "cn=Manager,dc=example,dc=com"
+E: 29.    olcRootPW: secret
+E: 30.    olcDbIndex: uid pres,eq
+E: 31.    olcDbIndex: cn,sn,uid pres,eq,approx,sub
+E: 32.    olcDbIndex: objectClass eq
+E: 33.    olcAccess: to attrs=userPassword
+E: 34.      by self write
+E: 35.      by anonymous auth
+E: 36.      by dn.base="cn=Admin,dc=example,dc=com" write
+E: 37.      by * none
+E: 38.    olcAccess: to *
+E: 39.      by self write
+E: 40.      by dn.base="cn=Admin,dc=example,dc=com" write
+E: 41.      by * read
+E: 42.    
+
+Line 21 is a comment. Lines 22-25 identify this entry as a BDB database
+configuration entry.  Line 26 specifies the DN suffix
+for queries to pass to this database. Line 27 specifies the directory
+in which the database files will live.
+
+Lines 28 and 29 identify the database {{super-user}} entry and associated
+password. This entry is not subject to access control or size or
+time limit restrictions.
+
+Lines 30 through 32 indicate the indices to maintain for various
+attributes.
+
+Lines 33 through 41 specify access control for entries in this
+database.  As this is the first database, the controls also apply
+to entries not held in any database (such as the Root DSE).  For
+all applicable entries, the {{EX:userPassword}} attribute is writable
+by the entry itself and by the "admin" entry.  It may be used for
+authentication/authorization purposes, but is otherwise not readable.
+All other attributes are writable by the entry and the "admin"
+entry, but may be read by all users (authenticated or not).
+
+Line 42 is a blank line, indicating the end of this entry.
+
+The next section of the example configuration file defines another
+BDB database. This one handles queries involving the
+{{EX:dc=example,dc=net}} subtree but is managed by the same entity
+as the first database.  Note that without line 52, the read access
+would be allowed due to the global access rule at line 19.
+
+E: 43.    # BDB definition for example.net
+E: 44.    dn: olcDatabase=bdb,cn=config
+E: 45.    objectClass: olcDatabaseConfig
+E: 46.    objectClass: olcBdbConfig
+E: 47.    olcDatabase: bdb
+E: 48.    olcSuffix: "dc=example,dc=net"
+E: 49.    olcDbDirectory: /usr/local/var/openldap-data-net
+E: 50.    olcRootDN: "cn=Manager,dc=example,dc=com"
+E: 51.    olcDbIndex: objectClass eq
+E: 52.    olcAccess: to * by users read
+
+
+H3: Converting from {{slapd.conf}}(5) to a {{B:cn=config}} directory format
+
+Discuss slap* -f slapd.conf -F slapd.d/  (man slapd-config)
+
+
+H2: Access Control Common Examples
+
+H3: Basic ACLs
+
+Generally one should start with some basic ACLs such as:
+
+>    access to attr=userPassword
+>        by self =xw
+>        by anonymous auth
+>        by * none
+>
+>
+>      access to *
+>        by self write
+>        by users read
+>        by * none
+
+The first ACL allows users to update (but not read) their passwords, anonymous 
+users to authenticate against this attribute, and (implicitly) denying all 
+access to others.
+
+The second ACL allows users full access to their entry, authenticated users read 
+access to anything, and (implicitly) denying all access to others (in this case, 
+anonymous users). 
+
+
+H3: Matching Anonymous and Authenticated users
+
+An anonymous user has a empty DN. While the {{dn.exact=""}} or {{dn.regex="^$"}}
+ could be used, {{slapd}}(8)) offers an anonymous shorthand which should be 
+used instead.
+
+>    access to *
+>      by anonymous none
+>      by * read
+
+denies all access to anonymous users while granting others read. 
+
+Authenticated users have a subject DN. While {{dn.regex=".+"}} will match any 
+authenticated user, OpenLDAP provides the users short hand which should be used 
+instead.
+
+>    access to *
+>      by users read
+>      by * none
+
+This ACL grants read permissions to authenticated users while denying others 
+(i.e.: anonymous users).
+
+
+H3: Controlling rootdn access
+
+You could specify the {{rootdn}} in {{slapd.conf}}(5) or {[slapd.d}} without 
+specifying a {{rootpw}}. Then you have to add an actual directory entry with 
+the same dn, e.g.:
+
+>    dn: cn=Manager,o=MyOrganization
+>    cn: Manager
+>    sn: Manager
+>    objectClass: person
+>    objectClass: top
+>    userPassword: {SSHA}someSSHAdata
+
+Then binding as the {{rootdn}} will require a regular bind to that DN, which 
+in turn requires auth access to that entry's DN and {{userPassword}}, and this 
+can be restricted via ACLs. E.g.:
+
+>    access to dn.base="cn=Manager,o=MyOrganization"
+>      by peername.regex=127\.0\.0\.1 auth
+>      by peername.regex=192\.168\.0\..* auth
+>      by users none
+>      by * none
+
+The ACLs above will only allow binding using rootdn from localhost and 
+192.168.0.0/24.
+
+
+H3: Managing access with Groups
+
+There are a few ways to do this. One approach is illustrated here. Consider the 
+following DIT layout:
+
+>    +-dc=example,dc=com
+>    +---cn=administrators,dc=example,dc=com
+>    +---cn=fred blogs,dc=example,dc=com 
+
+and the following group object (in LDIF format):
+
+>    dn: cn=administrators,dc=example,dc=com
+>    cn: administrators of this region
+>    objectclass: groupOfNames  (important for the group acl feature)
+>    member: cn=fred blogs,dc=example,dc=com 
+>    member: cn=somebody else,dc=example,dc=com
+
+One can then grant access to the members of this this group by adding appropriate 
+{{by group}} clause to an access directive in {{slapd.conf}}(5). For instance,
+
+>    access to dn.children="dc=example,dc=com" 
+>        by self write 
+>        by group.exact="cn=Administrators,dc=example,dc=com" write  
+>        by * auth
+
+Like by {[dn}} clauses, one can also use {{expand}} to expand the group name 
+based upon the regular expression matching of the target, that is, the to {{dn.regex}}). 
+For instance,
+
+>    access to dn.regex="(.+,)?ou=People,(dc=[^,]+,dc=[^,]+)$"
+>             attrs=children,entry,uid
+>        by group.expand="cn=Managers,$2" write
+>        by users read
+>        by * auth
+
+
+The above illustration assumed that the group members are to be found in the 
+{{member}} attribute type of the {{groupOfNames}} object class. If you need to 
+use a different group object and/or a different attribute type then use the 
+following {{slapd.conf}}(5) (abbreviated) syntax:
+
+>    access to <what>
+>            by group/<objectclass>/<attributename>=<DN> <access>
+
+For example:
+
+>    access to *
+>      by group/organizationalRole/roleOccupant="cn=Administrator,dc=example,dc=com" write
+
+In this case, we have an ObjectClass {{organizationalRole}} which contains the 
+administrator DN's in the {{roleOccupant}} attribute. For instance:
+
+>    dn: cn=Administrator,dc=example,dc=com
+>    cn: Administrator
+>    objectclass: organizationalRole
+>    roleOccupant: cn=Jane Doe,dc=example,dc=com 
+
+Note: the specified member attribute type MUST be of DN or {{NameAndOptionalUID}} syntax, 
+and the specified object class SHOULD allow the attribute type.
+
+Dynamic Groups are also supported in Access Control. Please see {{slapo-dynlist}}(5)
+and the {{SECT:Dynamic Lists}} overlay section.
+
+
+H3:  Granting access to a subset of attributes
+
+You can grant access to a set of attributes by specifying a list of attribute names 
+in the ACL {{to}} clause. To be useful, you also need to grant access to the 
+{{entry}} itself. Also note how {{children}} controls the ability to add, delete, 
+and rename entries.
+
+>    # mail: self may write, authenticated users may read
+>    access to attrs=mail
+>      by self write
+>      by users read
+>      by * none
+>    
+>    # cn, sn: self my write, all may read
+>    access to attrs=cn,sn
+>      by self write
+>      by * read
+>    
+>    # immediate children: only self can add/delete entries under this entry
+>    access to attrs=children
+>      by self write
+>    
+>    # entry itself: self may write, all may read
+>    access to attrs=entry
+>      by self write
+>      by * read
+>    
+>    # other attributes: self may write, others have no access
+>    access to *
+>      by self write
+>      by * none
+
+ObjectClass names may also be specified in this list, which will affect 
+all the attributes that are required and/or allowed by that {{objectClass}}. 
+Actually, names in {{attrlist}} that are prefixed by {{@}} are directly treated 
+as objectClass names. A name prefixed by {{!}} is also treated as an objectClass, 
+but in this case the access rule affects the attributes that are not required 
+nor allowed by that {{objectClass}}. 
+
+
+H3: Allowing a user write to all entries below theirs
+
+For a setup where a user can write to its own record and to all of its children:
+
+>    access to dn.regex="(.+,)?(uid=[^,]+,o=Company)$"
+>       by dn.exact,expand="$2" write
+>       by anonymous auth
+
+(Add more examples for above)
+
+
+H3: Allowing entry creation
+
+Let's say, you have it like this:
+
+>        o=<basedn>
+>            ou=domains
+>                associatedDomain=<somedomain>
+>                    ou=users
+>                        uid=<someuserid>            
+>                        uid=<someotheruserid>
+>                    ou=addressbooks
+>                        uid=<someuserid>
+>                            cn=<someone>
+>                            cn=<someoneelse>
+
+and, for another domain <someotherdomain>:
+
+>        o=<basedn>
+>            ou=domains
+>                associatedDomain=<someotherdomain>
+>                    ou=users
+>                        uid=<someuserid>            
+>                        uid=<someotheruserid>
+>                    ou=addressbooks
+>                        uid=<someotheruserid>
+>                            cn=<someone>
+>                            cn=<someoneelse>
+
+then, if you wanted user {{uid=<someuserid>}} to {{B:ONLY}} create an entry 
+for its own thing, you could write an ACL like this:
+
+>    # this rule lets users of "associatedDomain=<matcheddomain>"
+>    # write under "ou=addressbook,associatedDomain=<matcheddomain>,ou=domains,o=<basedn>",
+>    # i.e. a user can write ANY entry below its domain's address book;
+>    # this permission is necessary, but not sufficient, the next 
+>    # will restrict this permission further
+>    
+>    
+>    access to dn.regex="^ou=addressbook,associatedDomain=([^,]+),ou=domains,o=<basedn>$" attrs=children
+>            by dn.regex="^uid=([^,]+),ou=users,associatedDomain=$1,ou=domains,o=<basedn>$$" write
+>            by * none
+>    
+>    
+>    # Note that above the "by" clause needs a "regex" style to make sure
+>    # it expands to a DN that starts with a "uid=<someuserid>" pattern
+>    # while substituting the associatedDomain submatch from the "what" clause.
+>    
+>    
+>    # This rule lets a user with "uid=<matcheduid>" of "<associatedDomain=matcheddomain>"
+>    # write (i.e. add, modify, delete) the entry whose DN is exactly
+>    # "uid=<matcheduid>,ou=addressbook,associatedDomain=<matcheddomain>,ou=domains,o=<basedn>"
+>    # and ANY entry as subtree of it
+>    
+>    
+>    access to dn.regex="^(.+,)?uid=([^,]+),ou=addressbook,associatedDomain=([^,]+),ou=domains,o=<basedn>$"
+>            by dn.exact,expand="uid=$2,ou=users,associatedDomain=$3,ou=domains,o=<basedn>" write
+>            by * none 
+>    
+>    
+>    # Note that above the "by" clause uses the "exact" style with the "expand"
+>    # modifier because now the whole pattern can be rebuilt by means of the
+>    # submatches from the "what" clause, so a "regex" compilation and evaluation
+>    # is no longer required.
+
+
+H3: Tips for using regular expressions in Access Control 
+
+Always use {{dn.regex=<pattern>}} when you intend to use regular expression 
+matching. {{dn=<pattern>}} alone defaults to {{dn.exact<pattern>}}.
+
+Use {{(.+)}} instead of {{(.*)}} when you want at least one char to be matched. 
+{{(.*)}} matches the empty string as well.
+
+Don't use regular expressions for matches that can be done otherwise in a safer 
+and cheaper manner. Examples:
+
+>    dn.regex=".*dc=example,dc=com"
+
+is unsafe and expensive:
+
+    * unsafe because any string containing {{dc=example,dc=com }}will match, 
+not only those that end with the desired pattern; use {{.*dc=example,dc=com$}} instead.
+    * unsafe also because it would allow any {{attributeType}} ending with {{dc}}
+ as naming attribute for the first RDN in the string, e.g. a custom attributeType 
+{{mydc}} would match as well. If you really need a regular expression that allows 
+just {{dc=example,dc=com}} or any of its subtrees, use {{^(.+,)?dc=example,dc=com$}}, 
+which means: anything to the left of dc=..., if any (the question mark after the 
+pattern within brackets), must end with a comma;
+    * expensive because if you don't need submatches, you could use scoping styles, e.g.
+
+>    dn.subtree="dc=example,dc=com"
+
+to include {{dc=example,dc=com}} in the matching patterns,
+
+>    dn.children="dc=example,dc=com"
+
+to exclude {{dc=example,dc=com}} from the matching patterns, or
+
+>    dn.onelevel="dc=example,dc=com"
+
+to allow exactly one sublevel matches only. 
+
+Always use {{^}} and {{$}} in regexes, whenever appropriate, because 
+{{ou=(.+),ou=(.+),ou=addressbooks,o=basedn}} will match 
+{{something=bla,ou=xxx,ou=yyy,ou=addressbooks,o=basedn,ou=addressbooks,o=basedn,dc=some,dc=org}}
+
+Always use {{([^,]+)}} to indicate exactly one RDN, because {{(.+)}} can 
+include any number of RDNs; e.g. {{ou=(.+),dc=example,dc=com}} will match 
+{{ou=My,o=Org,dc=example,dc=com}}, which might not be what you want.
+
+Never add the rootdn to the by clauses. ACLs are not even processed for operations 
+performed with rootdn identity (otherwise there would be no reason to define a 
+rootdn at all).
+
+Use shorthands. The user directive matches authenticated users and the anonymous
+directive matches anonymous users.
+
+Don't use the {{dn.regex}} form for <by> clauses if all you need is scoping 
+and/or substring replacement; use scoping styles (e.g. {{exact}}, {{onelevel}}, 
+{{children}} or {{subtree}}) and the style modifier expand to cause substring expansion.
+
+For instance,
+
+>    access to dn.regex=".+,dc=([^,]+),dc=([^,]+)$"
+>      by dn.regex="^[^,],ou=Admin,dc=$1,dc=$2$$" write
+
+although correct, can be safely and efficiently replaced by
+
+>    access to dn.regex=".+,(dc=[^,]+,dc=[^,]+)$"
+>      by dn.onelevel,expand="ou=Admin,$1" write
+
+where the regex in the {{<what>}} clause is more compact, and the one in the {{<by>}} 
+clause is replaced by a much more efficient scoping style of onelevel with substring expansion. 
+
+
+H3: Granting and Denying access based on security strength factors (ssf)
+
+You can restrict access based on the security strength factor (SSF)
+
+>    access to dn="cn=example,cn=edu"
+>          by * ssf=256 read
+
+0 (zero) implies no protection,
+1 implies integrity protection only,
+56 DES or other weak ciphers,
+112 triple DES and other strong ciphers,
+128 RC4, Blowfish and other modern strong ciphers.
+
+Other possibilities:
+
+>    transport_ssf=<n>
+>    tls_ssf=<n>
+>    sasl_ssf=<n>
+
+256 is recommended.
+
+See {{slapd.conf}}(5) for information on {{ssf}}.
+
+
+H3: When things aren't working as expected
+
+Consider this example:
+
+>    access to *
+>      by anonymous auth
+>    
+>    access to *
+>      by self write
+>    
+>    access to *
+>      by users read 
+
+You may think this will allow any user to login, to read everything and change 
+his own data if he is logged in. But in this example only the login works and 
+an ldapsearch returns no data. The Problem is that SLAPD goes through its access 
+config line by line and stops as soon as it finds a match in the part of the 
+access rule.(here: {{to *}})
+
+To get what we wanted the file has to read:
+
+>    access to *
+>      by anonymous auth
+>      by self write
+>      by users read 
+
+The general rule is: "special access rules first, generic access rules last"
+
+See also {{slapd.access}}(8), loglevel 128 and {{slapacl}}(8) for debugging
+information.
+
+
+H2: Sets - Granting rights based on relationships
+
+Sets are best illustrated via examples. The following sections will present 
+a few set ACL examples in order to facilitate their understanding.
+
+(Sets in Access Controls FAQ Entry: {{URL:http://www.openldap.org/faq/data/cache/1133.html}})
+
+Note: Sets are considered experimental. 
+
+
+H3: Groups of Groups
+
+The OpenLDAP ACL for groups doesn't expand groups within groups, which are
+groups that have another group as a member. For example:
+
+> dn: cn=sudoadm,ou=group,dc=example,dc=com
+> cn: sudoadm
+> objectClass: groupOfNames
+> member: uid=john,ou=people,dc=example,dc=com
+> member: cn=accountadm,ou=group,dc=example,dc=com
+>
+> dn: cn=accountadm,ou=group,dc=example,dc=com
+> cn: accountadm
+> objectClass: groupOfNames
+> member: uid=mary,ou=people,dc=example,dc=com
+
+If we use standard group ACLs with the above entries and allow members of the
+{{F:sudoadm}} group to write somewhere, {{F:mary}} won't be included:
+
+> access to dn.subtree="ou=sudoers,dc=example,dc=com"
+>         by group.exact="cn=sudoadm,ou=group,dc=example,dc=com" write
+>         by * read
+
+With sets we can make the ACL be recursive and consider group within groups. So
+for each member that is a group, it is further expanded:
+
+> access to dn.subtree="ou=sudoers,dc=example,dc=com"
+>       by set="[cn=sudoadm,ou=group,dc=example,dc=com]/member* & user" write
+>       by * read
+
+This set ACL means: take the {{F:cn=sudoadm}} DN, check its {{F:member}}
+attribute(s) (where the "{{F:*}}" means recursively) and intersect the result
+with the authenticated user's DN. If the result is non-empty, the ACL is
+considered a match and write access is granted.
+
+The following drawing explains how this set is built:
+!import "set-recursivegroup.png"; align="center"; title="Building a recursive group"
+FT[align="Center"] Figure X.Y: Populating a recursive group set
+
+First we get the {{F:uid=john}} DN. This entry doesn't have a {{F:member}}
+attribute, so the expansion stops here.  Now we get to {{F:cn=accountadm}}.
+This one does have a {{F:member}} attribute, which is {{F:uid=mary}}. The
+{{F:uid=mary}} entry, however, doesn't have member, so we stop here again. The
+end comparison is:
+
+> {"uid=john,ou=people,dc=example,dc=com","uid=mary,ou=people,dc=example,dc=com"} & user
+
+If the authenticated user's DN is any one of those two, write access is
+granted. So this set will include {{F:mary}} in the {{F:sudoadm}} group and she
+will be allowed the write access.
+
+H3: Group ACLs without DN syntax
+
+The traditional group ACLs, and even the previous example about recursive groups, require
+that the members are specified as DNs instead of just usernames.
+
+With sets, however, it's also possible to use simple names in group ACLs, as this example will
+show.
+
+Let's say we want to allow members of the {{F:sudoadm}} group to write to the
+{{F:ou=suders}} branch of our tree. But our group definition now is using {{F:memberUid}} for
+the group members:
+
+> dn: cn=sudoadm,ou=group,dc=example,dc=com
+> cn: sudoadm
+> objectClass: posixGroup
+> gidNumber: 1000
+> memberUid: john
+
+With this type of group, we can't use group ACLs. But with a set ACL we can
+grant the desired access:
+
+> access to dn.subtree="ou=sudoers,dc=example,dc=com"
+>       by set="[cn=sudoadm,ou=group,dc=example,dc=com]/memberUid & user/uid" write
+>       by * read
+
+We use a simple intersection where we compare the {{F:uid}} attribute
+of the connecting (and authenticated) user with the {{F:memberUid}} attributes
+of the group. If they match, the intersection is non-empty and the ACL will
+grant write access.
+
+This drawing illustrates this set when the connecting user is authenticated as
+{{F:uid=john,ou=people,dc=example,dc=com}}:
+!import "set-memberUid.png"; align="center"; title="Sets with memberUid"
+FT[align="Center"] Figure X.Y: Sets with {{F:memberUid}}
+
+In this case, it's a match. If it were {{F:mary}} authenticating, however, she
+would be denied write access to {{F:ou=sudoers}} because her {{F:uid}}
+attribute is not listed in the group's {{F:memberUid}}.
+
+H3: Following references
+
+We will now show a quite powerful example of what can be done with sets. This
+example tends to make OpenLDAP administrators smile after they have understood
+it and its implications.
+
+Let's start with an user entry:
+
+> dn: uid=john,ou=people,dc=example,dc=com
+> uid: john
+> objectClass: inetOrgPerson
+> givenName: John
+> sn: Smith
+> cn: john
+> manager: uid=mary,ou=people,dc=example,dc=com
+
+Writing an ACL to allow the manager to update some attributes is quite simple
+using sets:
+
+> access to dn.exact="uid=john,ou=people,dc=example,dc=com"
+>    attrs=carLicense,homePhone,mobile,pager,telephoneNumber
+>    by self write
+>    by set="this/manager & user" write
+>    by * read
+
+In that set, {{F:this}} expands to the entry being accessed, so that
+{{F:this/manager}} expands to {{F:uid=mary,ou=people,dc=example,dc=com}} when
+john's entry is accessed.  If the manager herself is accessing John's entry,
+the ACL will match and write access to those attributes will be granted.
+
+So far, this same behavior can be obtained with the {{F:dnattr}} keyword. With
+sets, however, we can further enhance this ACL. Let's say we want to allow the
+secretary of the manager to also update these attributes. This is how we do it:
+
+> access to dn.exact="uid=john,ou=people,dc=example,dc=com"
+>    attrs=carLicense,homePhone,mobile,pager,telephoneNumber
+>    by self write
+>    by set="this/manager & user" write
+>    by set="this/manager/secretary & user" write
+>    by * read
+
+Now we need a picture to help explain what is happening here (entries shortened
+for clarity):
+
+!import "set-following-references.png"; align="center"; title="Sets jumping through entries"
+FT[align="Center"] Figure X.Y: Sets jumping through entries
+
+In this example, Jane is the secretary of Mary, which is the manager of John.
+This whole relationship is defined with the {{F:manager}} and {{F:secretary}}
+attributes, which are both of the distinguishedName syntax (i.e., full DNs).
+So, when the {{F:uid=john}} entry is being accessed, the
+{{F:this/manager/secretary}} set becomes
+{{F:{"uid=jane,ou=people,dc=example,dc=com"}}} (follow the references in the
+picture):
+
+> this = [uid=john,ou=people,dc=example,dc=com]
+> this/manager = \
+>   [uid=john,ou=people,dc=example,dc=com]/manager = uid=mary,ou=people,dc=example,dc=com
+> this/manager/secretary = \
+>   [uid=mary,ou=people,dc=example,dc=com]/secretary = uid=jane,ou=people,dc=example,dc=com
+
+The end result is that when Jane accesses John's entry, she will be granted
+write access to the specified attributes. Better yet, this will happen to any
+entry she accesses which has Mary as the manager.
+
+This is all cool and nice, but perhaps gives to much power to secretaries. Maybe we need to further
+restrict it. For example, let's only allow executive secretaries to have this power:
+
+> access to dn.exact="uid=john,ou=people,dc=example,dc=com"
+>   attrs=carLicense,homePhone,mobile,pager,telephoneNumber
+>   by self write
+>   by set="this/manager & user" write
+>   by set="this/manager/secretary & 
+>           [cn=executive,ou=group,dc=example,dc=com]/member* & 
+>           user" write
+>   by * read
+
+It's almost the same ACL as before, but we now also require that the connecting user be a member
+of the (possibly nested) {{F:cn=executive}} group.
+
+

Modified: openldap/trunk/doc/guide/admin/admin.sdf
===================================================================
--- openldap/trunk/doc/guide/admin/admin.sdf	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/admin.sdf	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,5 @@
-# $OpenLDAP: pkg/openldap-guide/admin/admin.sdf,v 1.2.2.4 2007/11/07 23:01:35 ghenry Exp $
-# Copyright 1999-2007 The OpenLDAP Foundation, All Rights Reserved.
+# $OpenLDAP: pkg/openldap-guide/admin/admin.sdf,v 1.2.2.5 2008/02/11 23:26:39 kurt Exp $
+# Copyright 1999-2008 The OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
 #
 # guide.sdf 

Modified: openldap/trunk/doc/guide/admin/appendix-changes.sdf
===================================================================
--- openldap/trunk/doc/guide/admin/appendix-changes.sdf	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/appendix-changes.sdf	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,5 @@
-# $OpenLDAP: pkg/openldap-guide/admin/appendix-changes.sdf,v 1.8.2.3 2007/11/07 23:01:35 ghenry Exp $
-# Copyright 2007 The OpenLDAP Foundation, All Rights Reserved.
+# $OpenLDAP: pkg/openldap-guide/admin/appendix-changes.sdf,v 1.8.2.6 2008/04/14 22:36:18 quanah Exp $
+# Copyright 2007-2008 The OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
 
 H1: Changes Since Previous Release
@@ -15,6 +15,7 @@
 * {{SECT:When should I use LDAP?}}
 * {{SECT:When should I not use LDAP?}}
 * {{SECT:LDAP vs RDBMS}}
+* {{SECT:Access Control}}
 * {{SECT:Backends}}
 * {{SECT:Overlays}}
 * {{SECT:Replication}}
@@ -178,7 +179,11 @@
 * monitoring of back-{b,h}db: cache fill-in, non-indexed searches,
 * session tracking control (draft-wahl-ldap-session)
 * subtree delete in back-sql (draft-armijo-ldap-treedelete)
+* sorted values in multivalued attributes for faster matching 
+* lightweight dispatcher for greater throughput under heavy load and on
+multiprocessor machines. (33% faster than 2.3 on AMD quad-socket dual-core server.)
 
+
 H3: New features in libldap
 
 * ldap_sync client API (LDAP Content Sync Operation, RFC 4533)

Modified: openldap/trunk/doc/guide/admin/appendix-common-errors.sdf
===================================================================
--- openldap/trunk/doc/guide/admin/appendix-common-errors.sdf	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/appendix-common-errors.sdf	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,5 @@
-# $OpenLDAP: pkg/openldap-guide/admin/appendix-common-errors.sdf,v 1.4.2.2 2007/11/07 23:01:35 ghenry Exp $
-# Copyright 2007 The OpenLDAP Foundation, All Rights Reserved.
+# $OpenLDAP: pkg/openldap-guide/admin/appendix-common-errors.sdf,v 1.4.2.3 2008/02/11 23:26:39 kurt Exp $
+# Copyright 2007-2008 The OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
 
 H1: Common errors encountered when using OpenLDAP Software

Modified: openldap/trunk/doc/guide/admin/appendix-configs.sdf
===================================================================
--- openldap/trunk/doc/guide/admin/appendix-configs.sdf	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/appendix-configs.sdf	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,5 @@
-# $OpenLDAP: pkg/openldap-guide/admin/appendix-configs.sdf,v 1.2.2.3 2007/11/07 23:01:35 ghenry Exp $
-# Copyright 2007 The OpenLDAP Foundation, All Rights Reserved.
+# $OpenLDAP: pkg/openldap-guide/admin/appendix-configs.sdf,v 1.2.2.4 2008/02/11 23:26:39 kurt Exp $
+# Copyright 2007-2008 The OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
 
 H1: Configuration File Examples

Modified: openldap/trunk/doc/guide/admin/appendix-contrib.sdf
===================================================================
--- openldap/trunk/doc/guide/admin/appendix-contrib.sdf	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/appendix-contrib.sdf	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,5 @@
-# $OpenLDAP: pkg/openldap-guide/admin/appendix-contrib.sdf,v 1.1.2.2 2007/11/07 23:01:35 ghenry Exp $
-# Copyright 2007 The OpenLDAP Foundation, All Rights Reserved.
+# $OpenLDAP: pkg/openldap-guide/admin/appendix-contrib.sdf,v 1.1.2.3 2008/02/11 23:26:39 kurt Exp $
+# Copyright 2007-2008 The OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
 
 H1: OpenLDAP Software Contributions

Modified: openldap/trunk/doc/guide/admin/appendix-deployments.sdf
===================================================================
--- openldap/trunk/doc/guide/admin/appendix-deployments.sdf	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/appendix-deployments.sdf	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,5 @@
-# $OpenLDAP: pkg/openldap-guide/admin/appendix-deployments.sdf,v 1.1.2.2 2007/11/07 23:01:35 ghenry Exp $
-# Copyright 2007 The OpenLDAP Foundation, All Rights Reserved.
+# $OpenLDAP: pkg/openldap-guide/admin/appendix-deployments.sdf,v 1.1.2.3 2008/02/11 23:26:39 kurt Exp $
+# Copyright 2007-2008 The OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
 
 H1: Real World OpenLDAP Deployments and Examples

Modified: openldap/trunk/doc/guide/admin/appendix-ldap-result-codes.sdf
===================================================================
--- openldap/trunk/doc/guide/admin/appendix-ldap-result-codes.sdf	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/appendix-ldap-result-codes.sdf	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,5 @@
-# $OpenLDAP: pkg/openldap-guide/admin/appendix-ldap-result-codes.sdf,v 1.1.2.3 2007/11/07 23:01:35 ghenry Exp $
-# Copyright 2007 The OpenLDAP Foundation, All Rights Reserved.
+# $OpenLDAP: pkg/openldap-guide/admin/appendix-ldap-result-codes.sdf,v 1.1.2.4 2008/02/11 23:26:39 kurt Exp $
+# Copyright 2007-2008 The OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
 
 H1:  LDAP Result Codes

Modified: openldap/trunk/doc/guide/admin/appendix-recommended-versions.sdf
===================================================================
--- openldap/trunk/doc/guide/admin/appendix-recommended-versions.sdf	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/appendix-recommended-versions.sdf	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,5 @@
-# $OpenLDAP: pkg/openldap-guide/admin/appendix-recommended-versions.sdf,v 1.3.2.2 2007/11/07 23:01:35 ghenry Exp $
-# Copyright 1999-2007 The OpenLDAP Foundation, All Rights Reserved.
+# $OpenLDAP: pkg/openldap-guide/admin/appendix-recommended-versions.sdf,v 1.3.2.3 2008/02/11 23:26:39 kurt Exp $
+# Copyright 1999-2008 The OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
 
 H1: Recommended OpenLDAP Software Dependency Versions

Modified: openldap/trunk/doc/guide/admin/appendix-upgrading.sdf
===================================================================
--- openldap/trunk/doc/guide/admin/appendix-upgrading.sdf	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/appendix-upgrading.sdf	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,5 @@
-# $OpenLDAP: pkg/openldap-guide/admin/appendix-upgrading.sdf,v 1.1.2.3 2007/11/07 23:01:35 ghenry Exp $
-# Copyright 2007 The OpenLDAP Foundation, All Rights Reserved.
+# $OpenLDAP: pkg/openldap-guide/admin/appendix-upgrading.sdf,v 1.1.2.4 2008/02/11 23:26:39 kurt Exp $
+# Copyright 2007-2008 The OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
 
 H1: Upgrading from 2.3.x

Modified: openldap/trunk/doc/guide/admin/aspell.en.pws
===================================================================
--- openldap/trunk/doc/guide/admin/aspell.en.pws	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/aspell.en.pws	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,1492 +1,1599 @@
-personal_ws-1.1 en 1491 
-nattrsets
-inappropriateAuthentication
+personal_ws-1.1 en 1598 
+commonName
+bla
+Masarati
+subjectAltName
 api
-olcAttributeTypes
 BhY
-reqEnd
-olcOverlayConfig
-shoesize
-olcTLSCACertificateFile
+olcSyncrepl
+olcSyncRepl
+adamsom
+adamson
+CER
+intermediateResponse
+bjensen
+cdx
 CGI
-cdx
 DCE
 DAP
-attributename
-lsei
-dbconfig
+chainingRequired
 arg
-kurt
-authzID
-authzid
-authzId
+ddd
 DAs
-ddd
-userApplications
+TLSCACertificateFile
 BNF
-attrs
-mixin
-wholeSubtree
-chainingRequired
-ldapport
-hallvard
+TLSEphemeralDHParamFile
+ppolicy
 ASN
-acknowledgements
+ava
 Chu
-ava
-monitorCounter
 del
+libexecdir
 DDR
-testObject
-OrgPerson
-IGJlZ
-olcUpdateref
+numericoid
+dsaschema
 ECC
-deleteDN
 cli
-ltdl
-CAPI
+DIB
 dev
-serverctrls
-olcDbDirectory
-xvfB
+reqNewSuperior
+librewrite
+memberOf
+memberof
 BSI
-modv
-nonleaf
-errCode
-PhotoURI
+updateref
 buf
-cdef
-monitorConnectionLocalAddress
+changetype
 dir
 EGD
+pwdMustChange
+Debian
 dit
-retoidp
-ando
+AlmostASearchRequest
+EXEEXT
 edu
-caseExactSubstringsMatch
-bvstrdup
-AUTHNAME
-memrealloc
-auditExtended
-replog
-ludp
-metainformation
+Heimdal
+organizationalPerson
+olcTimeLimit
+CAPI
+tokenization
+INSTALLFLAGS
 CRL
+reqcert
 CRP
-olcReferral
-XLDFLAGS
-metadirectory
+postread
 csn
-siiiib
-stateful
-olcModulePath
-maxentries
-authc
-seeAlso
-searchbase
-searchBase
-realnamingcontext
+xvfB
+neverDerefaliases
+dns
+DN's
+DNs
 dn's
-DNs
-DN's
-dns
-dereference
-sortKey
-authzTo
-lossy
+cdef
+Helvetica
+DOP
+requestdata
 gcc
+gecos
+reqData
 CWD
-lssl
-organizationalRole
+ando
+reqDeleteOldRDN
 DSA
-derefInSearching
-pwdGraceUseTime
+msgfree
 DSE
-groupOfURLs
-modrdn
-ModRDN
-modrDN
-pwdFailureCountInterval
-homePhone
+keycol
+dlopen
 eng
-paramName
-errUnsolicitedData
-Heimdal
+AttributeValue
+attributevalue
 EOF
-authz
-XINCPATH
-LTFINISH
-plaintext
-indices
-reqAssertion
-olcDbUri
+DUA
+inputfile
+DSP
+refreshDone
 dst
+NOSYNC
 env
-oplist
-MirrorMode
-mirrormode
-objclass
-Bint
 dup
 hdb
+LDIFv
+syslog
+monitorTimestamp
+subschemaSubentry
+interoperate
 gid
-stderr
-caseIgnoreOrderingMatch
-moduledir
 gif
-jpegPhoto
-lsasl
-judgmentday
-prepend
-subentry
-dbcache
-mkversion
-objectClasses
-objectclasses
-adminLimitExceeded
-searchResultReference
+memfree
+struct
+IAB
 fmt
-qdescrs
-olcSuffix
-objectClassModsProhibited
-unavailableCriticalExtension
-supportedControl
+SysNet
+olcConstraintAttribute
 GHz
-libpath
-INADDR
-compareDN
-sizelimit
-unixODBC
-notAllowedOnNonLeaf
-APIs
-blen
-attrsOnly
-attrsonly
-slappasswd
-referralsPreferred
-oids
-OIDs
-wBDARESEhgVG
-syncIdSet
-olcTLSCipherSuite
-username
-aliasProblem
-sizeLimitExceeded
-subst
+Bint
+memalloc
+FSF
+usernames
+strtol
 idl
-chroot
+IDN
+DESTDIR
 iff
-auditDelete
-numbits
+contextCSN
+auditModify
+auditSearch
+openldap
+OpenLDAP
+resultCode
+resultcode
+sysconfig
+indices
+blen
+APIs
+lresolv
+Contribware
+directoryString
+database's
+iscritical
+gss
 ZKKuqbEKJfKSXhUbHG
-reqRespControls
-TLSCertificateKeyFile
-olcAccess
-aliasDereferencingProblem
-proxyTemplates
-neverDerefaliases
-RootDN
-rootdn
-loglevel
+invalidAttributeSyntax
+subtree
+Kartik
+newparent
+memcalloc
+ing
+filtertype
+regcomp
+ldapmodify
+includedir
+IPC
+resync
+ldapsearch
+reqAttr
+dynlist
 args
-caseExactOrderingMatch
-olcDbQuarantine
-RELEASEDATE
-baseDN
-basedn
+hardcoded
 argv
-gss
-schemachecking
-whoami
-WhoAmI
-syslogd
-dataflow
-subentries
-attrpair
-balancer
-entryAlreadyExists
-BerkeleyDB's
+kdz
 notAllowedOnRDN
-singleLevel
-entryDN
-dSAOperation
-includedir
-inplace
-LDAPAPIFeatureInfo
-logbase
-ldapmaster
-ing
-moduleload
-IPC
-Makefile
-getpid
-GETREALM
-numericString
-MANSECT
-XXXX
-domainstyle
-bvarray
-Choi
-iscritical
-subschema
-slapindex
-plugin
-distinguishedNameMatch
-derefAliases
-baseObject
-kdz
-reqMod
+hostport
+starttls
+StartTLS
 ldb
-srcdir
-pwdExpireWarning
+servercredp
 ldd
-localstatedir
-sockbuf
-PENs
 ipv
 IPv
-ghenry
 hyc
-multimaster
-noop
-DEFS
 joe
-testAttr
-syncrepl
-pwdFailureTime
-timestamp
-whitespaces
+bindmethods
+armijo
+ldp
 ISP
-ldp
-monitorInfo
-PDUs
-bjensen
-newPasswd
-irresponsive
 len
-perl
-dynlist
-browseable
-posixGroup
-attrvalue
-pers
-retcode
-rootpw
-matchedDN
-auditReadObject
-idletimeout
-intermediateResponse
-myOID
-structuralObjectClass
-integerMatch
-openldap
-OpenLDAP
-moddn
-rewriteEngine
-AVAs
-accesslog
-searchDN
-reqOld
+carLicense
+Choi
+Clatworthy
+scherr
+virtualnamingcontext
+ITU
+XXXX
+Stringprep
+Apurva
+labeledURI
+DEFS
 MDn
-aspell
-TLSCACertificateFile
+attrstyle
+directoryOperation
+creatorsName
 mem
-peername
-syncUUIDs
-database's
+oldpasswdfile
+oldPasswdFile
+uniqueMember
 krb
-bool
-logins
+libpath
+acknowledgements
 jts
-memberAttr
-newpasswdfile
-newPasswdFile
-ucdata
+createTimestamp
 LLL
-confdir
-invalidCredentials
-BerValues
-olcDbLinearIndex
-Elfrink
-AUTOREMOVE
-countp
-realloc
-bsize
-CThreads
-structs
+MIB
+OpenSSL
+openssl
+LOF
+AVAs
+associatedDomain
+organizationalRole
+initgroups
+olcDbCachesize
+olcDbCacheSize
+ETCDIR
+colaligns
+olcReadOnly
+olcReadonly
+reqResult
+LDAPMatchingRule
+bool
+LRL
+CPPFLAGS
+schemadir
 desc
-LTCOMPILE
-bindmethod
-olcDbCheckpoint
-addprinc
-modme
-refreshOnly
-PIII
-pwdPolicySubentry
-supportedSASLmechanism
-supportedSASLMechanism
-FIXME
-realanonymous
-caseExactMatch
-olcSizeLimit
-Bourne
-attr
-objectidentifier
-objectIdentifier
-refint
-msgtype
-OBJEXT
-LRL
-subtrees
-realdnattr
-entrymods
-admittable
-libtool's
-dupbv
-searchResultEntry
 lud
-modifyTimestamp
-TLSEphemeralDHParamFile
+newrdn
 LRU
-syncprov
-strvals
-preread
-auth
+memvfree
+dbtools
 nis
-regexec
-adamsom
-objclasses
-deallocation
-strdup
-gsMatch
-adamson
-UniqueName
+rewriteRule
+postoperation
 LVL
-ppErrStr
-DESTDIR
 oid
-saslpasswd
-interoperate
-bindwhen
-Solaris
-oOjM
 msg
-submatch
-refreshAndPersist
-monitorServer
-attributeUsage
-soelim
-objectIdentiferMatch
+attr
+caseExactOrderingMatch
+Subbarao
+aeeiib
+oidlen
+submatches
 olc
 PEM
-Autoconf
-alloc
 PDU
 OLF
-inetorgperson
-inetOrgPerson
-deleteoldrdn
-monitorCounterObject
+LDAPSchemaExtensionItem
+auth
+Pierangelo
+authzFrom
 pid
-CPAN
-sharedstatedir
+subdirectories
 OLP
-LDFLAGS
-dereferencing
-allop
-errcodep
-xeXBkeFxlZ
-accessor's
-extendedop
+pwdPolicyChecker
+subst
+singleLevel
+cleartext
+numattrsets
+requestDN
+caseExactSubstringsMatch
+PKI
+olcSyncProvConfig
 ple
 NTP
-reqSizeLimit
-ORed
+auditModRDN
+checkpointing
 NUL
-namingContexts
 num
-reqAttrsOnly
-ldappasswd
-online
-libdir
-unindexed
-ObjectClassDescription
-attrdesc
-jsmith
-efgh
-exopPasswdDN
-ranlib
-olcAttributeOptions
-lineno
-storages
-nameAndOptionalUID
+objectIdentifierMatch
+sharedstatedir
 png
-INCPATH
-organizationalPerson
-integerOrderingMatch
+CPAN
 OSI
-subschemaSubentry
-cond
-conf
+extendedop
+distinguishedName
+distinguishedname
+preinstalled
 rfc
-bvec
+LDAPCONF
 rdn
-ECHOPROMPT
-RDBM
-subany
-runningslapd
-configs
-datagram
-crlcheck
-conn
-builddir
+wZFQrDD
 OTP
-entrylimit
-attrdescN
-logold
+olcSizeLimit
 pos
 sbi
 PRD
-reqEntries
 pre
-bvals
-unixusers
-olcReadonly
-olcReadOnly
-pwdChangedTime
-mySQL
-DITs
+sudoadm
+stringal
+retoidp
 sdf
-suffixmassage
-referralDN
+efgh
+accesslog
 sed
-statslog
-perror
-ldapexop
-bvecadd
-distributedOperation
+cond
+qdescrs
+modifyDN
+conf
+ldapmodrdn
 sel
-versa
+bvec
 TBC
-telephonenumber
-telephoneNumber
-DLDAP
-peernamestyle
+stringbv
 Sep
 SHA
-filename
-rpath
-argsfile
 ptr
-INCDIR
+conn
 pwd
-dctree
+DISP
+newsup
 rnd
-quanah
-lastmod
 TCL
-sprintf
 shm
-logops
-dnattr
-subdir
-searchAttrDN
-cctrls
+DITs
 tcp
-kadmin
-undefinedAttributeType
-strlen
-spellcheck
-ludpp
-typedef
-olcDbIDLcacheSize
-ostring
-toolsets
-mwrscdx
+INCPATH
+RPC
+myOID
+supportedSASLMechanism
+supportedSASLmechanism
+realnamingcontext
 SMD
 UCD
-cancelled
-crit
-organizationalUnit
-lucyB
+keytab
+portnumber
+uncached
 slp
-rdns
-CPUs
+derefInSearching
+UMich's
 TGT
-modulepath
-quickstart
-mySNMP
+numbits
+sasldb
+UCS
+searchDN
+keytbl
 tgz
 UDP
-RDBMs
-rdbms
-Matic
-qdstring
-gunzip
-librewrite
+freemods
+prepend
+errText
+groupnaam
 UFl
 src
-lastName
+matchedDN
 ufn
-cron
-RelativeLDAPDN
+allusersgroup
+FIXME
 sql
-pwdPolicyChecker
 uid
-olcDbConfig
-refreshDone
+crit
+objectClassViolation
 ssf
-replogfile
+ldapfilter
 rwm
 TOC
 vec
-LDAPDN
-compareAttrDN
-endmacro
+pwdChangedTime
 tls
-repl
-monitoringslapd
-referralsp
+peernamestyle
+xpasswd
 tmp
 SRP
-olcDbNosync
-conns
 SSL
-PDkzODdASFxOQ
+dupbv
+CPUs
 SRV
+entrymods
 rwx
 sss
-deallocators
-Contribware
-URLlist
+reqNewRDN
+nopresent
+rebindproc
+olcOverlayConfig
 str
-subinitial
-CSNs
-sbin
-dbtools
-datasource
-sbio
-posp
-errText
-prepended
-labeledURI
-scdx
-startup
-const
-wBDABALD
-octetStringSubstringsStringMatch
+syncIdSet
+cron
+accesslevel
+accessor's
+keyval
+alloc
+saslpasswd
+README
+maxentries
 ttl
-bvalue
-bvdup
-stringa
-stringb
-hasSubordinates
-oldPasswd
+undefinedAttributeType
+peercred
 sys
-pwdPolicy
-slapd
-affectsMultipleDSAs
-sasl
-slapauth
-MANCOMPRESS
-octetStringOrderingStringMatch
-updatedn
-UpdateDN
-slapdindex
-searchFilter
+allop
+memberUid
+CSNs
+wildcards
 uri
-slapi
 tty
-liblunicode
 url
-entryExpireTimestamp
-priv
-slapo
+XED
+sortKey
 UTF
 vlv
-ctrl
 TXN
-virtualnamingcontext
-eatBlanks
-slimit
-ldaprc
+auditExtended
 usr
 txt
-proc
-generalizedTime
-loopback
-unmassaged
-mechs
-freemods
-initgroups
-auditCompare
+UTR
+XER
+olcDbIDLcacheSize
+namespace
+LDAPControl
+dbconfig
+olcAttributeOptions
+dsaparam
+searchResult
+ctrl
+ldapwhoami
+extensibleObject
+clientctrls
+monitorServer
+MANCOMPRESSSUFFIX
+memberAttr
+multiclassing
+memberURL
+sudoers
+pwdMaxFailure
+pseudorootdn
 GDBM
+LIBRELEASE
 DSAs
 DSA's
-dsaschema
-compareFalse
-resultCode
-resultcode
-noSuchObject
-params
-groupnummer
-searchEntryDN
-negttl
-chainingPreferred
-TABs
-retdatap
-errAuxObject
-postoperation
+realloc
+booleanMatch
+compareTrue
+mySQL
+passwd
+printf
+idassert
+rwxrwxrwx
+al
 realself
-olcPasswordHash
-concat
-debuglevel
-addAttrDN
-credp
-ldaphost
-pwdMaxFailure
-octetStringMatch
-extparam
-auditWriteObject
-colaligns
-Diffie
-offsite
-attributevalue
-AttributeValue
-SIGTERM
-MyCompany
-al
-AAQSkZJRgABAAAAAQABAAD
 cd
-contextCSN
 ar
-pthreads
-monitorTimestamp
+olcDatabaseConfig
 de
-reqAuthzID
-backend's
-backends
-requestName
+derated
+auditDelete
 cn
-lcrypto
-infodir
-groupstyle
-ldapsearch
+versa
 cp
-displayName
+bv
 eg
-bv
-olcBackendConfig
+fd
 dn
-fd
-LDAPSync
-olcReplicationInterval
 fG
-gidNumber
+DS
 fi
-Instanstantiation
+allmail
+du
 eq
-FIPS
+pwdAllowUserChange
 dx
 et
 eu
+syncUUIDs
 hh
-olcLogLevel
-slurpd
-logevels
+regexec
 IG
-addDN
-tbls
-ldapmodify
+msgidp
 kb
-syslog
+organizationalUnit
+Warper
+logfilter
 io
 ip
-dynacl
-aXRoIGEgc
-enum
-slapdconf
-reqFilter
+referralsRequired
 ld
-xyz
-TLSCertificateFile
-idassert
-failover
-kerberos
-lookups
+Matic
+regexes
+subfinal
+pseudorootpw
 md
+preread
+pwdMinLength
 iZ
-SysNet
-BerValue
-idlcachesize
-struct
-UCASE
-errno
-syslogged
+ldapdelete
+xyz
+RDBMs
+rdbms
+extparam
 mk
 ng
 oc
-invalidAttributeSyntax
-errOp
-pwdMaxAge
-insufficientAccessRights
-truelies
+FIPS
 NL
+logfiles
 mr
-reindex
-newentry
 ok
 mv
-preinstalled
-regex
-saslmech
+LTVERSION
+someotheruserid
 rc
-config
+realdn
 ou
-policyDN
+yyy
 sb
-olcSyncrepl
+enum
+auditContext
 QN
-strtol
-runtime
-NOSYNC
-slapover
+contrib
 RL
-sockname
-noSuchAttribute
-MANCOMPRESSSUFFIX
-makeinfo
-coltags
+errMatchedDN
+auditContainer
 ro
 rp
-EXEEXT
-sockurl
 th
 sn
 ru
 UG
 ss
+behera
+TP
 su
-TP
-reqMethod
-XLIBS
-PhotoObject
+invalidCredentials
 tt
-keycol
-namingContext
-rlookups
-searchstack
-NOECHOPROMPT
-sldb
+wildcard
 wi
-AlmostASearchRequest
+syslogd
+newPasswd
 xf
-param
-MChAODQ
-caseExactIA
+deallocation
+whitespaces
+retdatap
+attrlist
+Vu
 Za
-Vu
-idlecachesize
-objectClassViolation
-allusers
+PDkzODdASFxOQ
+MyOrganization
 ws
-errSleepTime
-INSTALLFLAGS
-pthread
-pwdHistory
+cacert
+notAllowedOnNonLeaf
+attrname
+olcTLSCipherSuite
 x's
-Debian
-slen
-errUnsolicitedOID
-dyngroup
-filtertype
-rewriteRules
-criticality
-preoperation
-smbk
-subord
-reqVersion
+xw
+octetStringMatch
+mechs
+ZZ
+LDVERSION
+testAttr
+backend
+backend's
+backends
+BerValues
+Solaris
+structs
+reqTimeLimit
+judgmentday
+reqAuthzID
 errp
-ZZ
-entryCSNs
-dlopen
-continuated
-newsuperior
-newSuperior
-Preprocessor
-XXLIBS
-deallocate
-reqScope
-llber
-bitstringa
-sbindir
-apache's
-noidlen
-monitorContext
-testrun
-resync
+ostring
+policyDN
+testObject
+pwdMaxAge
+bindDn
+bindDN
+binddn
+distributedOperation
+schemachecking
+strvals
+dataflow
+robert
 fqdn
-authPassword
-LDAPMatchingRule
-olcIdleTimeout
-treedelete
-auditAdd
-reqSession
-derated
-LDVERSION
+admittable
+Makefile
 IANA
-olcDbSearchStack
-bitstrings
-rscdx
-schemas
-minssf
-ldapadd
-pseudorootdn
-lldap
-gssapi
-applicatio
-nelems
-liblutil
-wrscdx
-scherr
-internet
-logfilter
-lutil
-themself
-libexec
-dnpattern
-proxying
-reqType
-Kartik
-libexecdir
-inetd
-pwdSafeModify
-contrib
-FQDNs
-bjorn
-myldap
-myLDAP
-peercred
-SNMP
-myObjectClass
-thru
-olcLastMod
-commonName
-testTwo
-olcFrontendConfig
-LDAPObjectClass
-attributeTypes
-LTINSTALL
-hostname
-Symas
-numattrsets
-msgid
-ldapmodrdn
-ldapbis
-attributeoptions
-serverID
-memberOf
-memberof
-pseudorootpw
-allmail
-CFLAGS
-operationsError
-substr
-pwdAllowUserChange
-rewriteRule
-XXXXXXXXXX
-credlen
-departmentNumber
-rewriteMap
-logfile
-vals
-LDAPAVA
-modifyAttrDN
-dcedn
-olcOverlay
+localhost
+offsite
+bindir
+fred
+olcUpdateref
+bindwhen
+UMLDAP
+searchResultDone
+MAXLEN
+pwdInHistory
+reqAttrsOnly
+sysconfdir
+searchResultReference
+olcAttributeTypes
+everytime
+protocolError
+errno
+errOp
+serverctrls
+recursivegroup
+integerMatch
+moduledir
+dynstyle
+bindpw
+AUTHNAME
+UniqueName
+saslmech
+pthreads
+IEEE
+regex
+SIGINT
+slappasswd
+errAbsObject
+errABsObject
+ldapexop
+objectidentifier
+objectIdentifier
+deallocators
+MirrorMode
+mirrormode
+loopDetect
+SIGHUP
+authMethodNotSupported
+IDNA
+bvecfree
+pwdLockoutDuration
+attrset
+displayName
+subentry
+reqScope
+oldPasswd
 exop
-berelement
-BerElement
-olcRootDN
-octetString
-SampleLDAP
+filtercomp
 expr
-allusersgroup
-PostgreSQL
-bvstr
-filesystem
-pathtest
-objectClass
-objectclass
-submatches
-newrdn
-armijo
-addBlanks
-reqMessage
+syntaxes
+memrealloc
+returnCode
+returncode
+OpenLDAP's
 exts
-SSHA
+bitstringa
+caseIgnoreOrderingMatch
+searchFilterAttrDN
 func
-filterlist
-modifyDN
 jane
-syncuser
-Masarati
-LDAPSyntax
-oldpasswdfile
-oldPasswdFile
-reqDN
-SSFs
+IESG
+llber
+attrval
 ietf
-unwillingToPerform
-oidlen
-searchFilterAttrDN
-CPPFLAGS
-slapadd
-Clatworthy
-urldesc
-substrings
-Apurva
-slapacl
-multiclassing
-monitoredInfo
-LTLINK
-addrdnvalues
-KTNAME
-ETCDIR
-reqId
-setspec
-scanf
-TLSv
-distinguishedname
-distinguishedName
-BerVarray
-caseIgnoreSubstrin
-ldapwhoami
-URLattr
-generalizedTimeOrderingMatch
-requestdata
-timelimit
-subr
+olcSchemaConfig
+bitstrings
+bvalues
+realdnattr
+attrpair
+affectsMultipleDSAs
+Preprocessor
+lastName
+lldap
 cachesize
-olcRootPW
-SSLv
-proxyOld
-domainScope
-LDAPMessage
-LTVERSION
-memalloc
-refreshDeletes
-BerkeleyDB
-pathspec
-uint
-Poitou
-whitespace
-dynstyle
-slaptest
-zeilenga
-WebUpdate
-numericoid
-changelog
-ChangeLog
-creatorsName
-ascii
-wahl
-uniqueMember
-slapcat
-lwrap
-ldapfilter
-errDisconnect
-sermersheim
-rootdns
-searchResult
-libtool
-servercredp
-AttributeTypeDescription
-LTFLAGS
-simplebinddn
-authcDN
-TLSCipherSuite
-supportedSASLMechanisms
-rootdse
-rootDSE
-dsaparam
-cachefree
-UMich's
-uidNumber
-schemadir
-attribute's
-extern
-varchar
-olcDbCacheSize
-olcDbCachesize
-authcid
-authcID
-POSIX
+slapauth
+attributetype
+attributeType
+GSER
+olcDbNosync
+typedef
+bjorn
+datagram
+strcasecmp
+selfstyle
+preoperation
+FQDNs
+exopPasswdDN
+userid
+subentries
+monitoredObject
+TLSVerifyClient
+noidlen
+LDAPNOINIT
+pwdGraceAuthNLimit
+pwdGraceAuthnLimit
 hnPk
-ldapext
-authzFrom
-Google
-olcSchemaConfig
-newsup
-sbiod
-XXXLIBS
-LDAPBASE
-Supr
-olcDatabaseConfig
-rwxrwxrwx
-aeeiib
-SUPs
-reqStart
-sasldb
-somevalue
-LIBRELEASE
-randkey
-starttls
-StartTLS
-LDAPSchemaExtensionItem
+userPassword
+noanonymous
+LIBVERSION
+symas
+dcedn
+sublevel
+chroot
+posixGroup
+nretries
+testgroup
+ldaphost
+frontend
+someotherdomain
+proxying
+organisations
+rewriteMap
+monitoredInfo
+modrdn
+ModRDN
+modrDN
+HREF
+inline
+multiproxy
+reqSizeLimit
+kerberos
+loglevel
+bvstrdup
 reqReferral
-shtool
-Pierangelo
-attrstyle
-backend
-portnumber
-subjectAltName
-errObject
-gsskrb
-valsort
-bervals
-berval's
-derefFindingBaseObj
-checkpointed
-keytab
-groupnaam
-frontend
-sctrls
-dbnum
-olcLdapConfig
-sessionlog
-attrset
-organizationPerson
-entryCSN
-strcast
-kbyte
-modifiersName
-keytbl
-olcHdbConfig
-constraintViolation
-README
-memcalloc
+rlookups
+siiiib
+LTSTATIC
+timeLimitExceeded
+timelimitExceeded
+XKYnrjvGT
+subtrees
+unixODBC
+hostnames
+AutoConfig
+libtool
+submatch
+reqDN
+dnstyle
 inet
-saslargs
-givenname
-givenName
-olcDbMode
-pidfile
-olcLimits
-memvfree
-tuple
-superset
-directoryString
-ktadd
-proxyTemplate
-proxytemplate
-wildcards
-monitoredObject
-TTLs
-LxsdLy
-olcTimeLimit
-stringal
+schemas
+pwdPolicySubEntry
+pwdPolicySubentry
+reqId
+scanf
+olcBackend
+TLSCACertificatePath
+Arial
 init
-Locators
-bvalues
-reqResult
+runtime
+onelevel
 impl
-strongerAuthRequired
-outvalue
-returnCode
-returncode
-attributeDescription
-attrval
-dnssrv
-ciphersuite
-auditlog
-reqControls
-protocolError
-notypes
-myAttributeType
-stringbv
-keyval
-calloc
-chmod
-Subbarao
-setstyle
-subdirectories
-errlist
-addpartial
-slapdn
-uncached
-ldapapiinfo
-groupOfUniqueNames
-dhparam
-slapd's
-slapds
-inputfile
-RDBMSes
-wildcard
-Locator
-errAbsObject
-errABsObject
-SASL's
+Autoconf
+stderr
+ascii
+MANCOMPRESS
+authPassword
+attrdescN
+aspell
+allusers
+statslog
+alwaysDerefAliases
+RELEASEDATE
+olcModuleList
+pwdSafeModify
 html
-searchResultDone
-olcBdbConfig
-ldapmod
-LDAPMod
-olcHidden
-userPassword
-TLSRandFile
-use'd
-auditBind
-requestDN
-lockdetect
-selfstyle
-liblber
-ERXRTc
-printf
-AutoConfig
-localhost
+multimaster
+testrun
+rewriteEngine
+slapdindex
+LTFINISH
+olcOverlay
 lber
-noprompt
-databasenumber
-hasSubordintes
-URIs
-denyop
+serverID
+blogs
+numResponses
 lang
-auditSearch
-ldapdelete
-reqTimeLimit
-cacertdir
-queryid
-Warper
-XDEFS
-urls
-URL's
-postalAddress
-postaladdress
-passwd
-plugins
-george
+POSIX
+pathname
+noSuchObject
+proxyOld
+berelement
+BerElement
+sbiod
+plugin
 http
-uppercased
-Poobah
-libldap
-invalidDNSyntax
+olcModuleLoad
 ldap
 ldbm
-ursula
-LDAPModifying
+numericStringSubstringsMatch
+internet
+storages
+whoami
+WhoAmI
+criticality
+addBlanks
+logins
+syncrepl
+dbnum
+operationsError
+homePhone
+testTwo
+ldif
+entryAlreadyExists
+plaintext
+someoneelse
+errDisconnect
+username
+accessee
+LDAPURLDesc
+ISOC
+IRTF
+jpeg
+ktadd
+tuple
+refint
+makeinfo
+chmod
+auditWriteObject
+Jong
+addressbooks
+setspec
+syncprov
+dctree
+hallvard
+cctrls
+debuglevel
+dSAOperation
+datadir
+slapadd
+reqFilter
+matcheddomain
+CThreads
+slapacl
+requestName
+randkey
+Cryptosystem
+groupOfNames
+themself
+jsmith
+filesystems
+lineno
+SASL's
+lockdetect
+addrdnvalues
+Hyuk
+rewriteContext
+soelim
 slapdconfig
-sysconfig
-dnSubtreeMatch
-olcSaslSecProps
-olcSaslSecprops
-auditModify
-groupOfNames
-jensen
-reloadHint
-prepending
-olcGlobal
-matchingRule
-matchingrule
-SmVuc
-MSSQL
-nisMailAlias
-hostnames
-ctrlp
+entrylimit
+departmentNumber
+immSupr
+addressbook
+pidfile
+online
+logold
+proxyattrset
+proxyAttrSet
+proxyAttrset
+mary
+crlcheck
+olcBdbConfig
+kadmin
+mech
+slapcat
+insufficientAccessRights
+XDEFS
+olcDbLinearIndex
+MKDEPFLAG
+rootdns
+caseExactIA
+notypes
+numericStringMatch
+octothorpe
 lltdl
-ctrls
+rootDSE
+rootdse
+logops
 rewriter
-secprops
-namespace
-whsp
-realusers
-dnstyle
-suffixalias
-proxyAttrset
-proxyAttrSet
-proxyattrset
-pwdMustChange
-ldif
-bvfree
-sleeptime
-pwdCheckQuality
-msgidp
-confidentialityRequired
-pwdAttribute
-authMethodNotSupported
 chown
+attributeUsage
+slapdconf
+olcDbUri
+subany
+Authorizaiton
+bvalue
+manpage
+olcLimits
 PRNGD
-LDAPRDN
-entryUUIDs
-proxycache
-proxyCache
-SERATGCgaGBYWGDEjJR
-noanonymous
-accessee
-createTimestamp
-nretries
-auditAbandon
-LDAPAttributeType
+BerVarray
+abcdefgh
+matchingrule
+matchingRule
+modifiersName
+inetOrgPerson
+inetorgperson
+secprops
 logdb
+postaladdress
+postalAddress
+quanah
+ManageDsaIT
+manageDSAit
+subinitial
 procs
-realdn
-alwaysDerefAliases
-ppolicy
-jpeg
-functionalities
-pcache
-caseIgnoreMatch
-sysconfdir
-checkpointing
-rebindproc
-dryrun
-noplain
-exattrs
-Jong
-ldaptcl
-proxied
-firstName
-accesslevel
+varchar
+RDBMSes
+XLDFLAGS
+caseExactMatch
+urldesc
+liblutil
+olcObjectIdentifier
+subdir
+suffixmassage
+auditAdd
+pwdMinAge
+olcModulePath
+URLattr
+reqSession
 login
-rewriteContext
-dcObject
-newparent
-numericStringMatch
-TLSVerifyClient
-subtree
-multi
-immSupr
-manpage
-assciated
-wZFQrDD
-serverctrlsp
-onelevel
-abcd
-reqcert
-referralsRequired
-Hyuk
-olcServerID
-reqDerefAliases
+RetCodes
+userApplications
+NDBM
 newSuperiorDN
-passwdfile
-errMatchedDN
-everytime
+browseable
+auditBind
+setstyle
+newSuperior
+newsuperior
+concat
+realanonymous
+invalue
+refreshOnly
+filesystem
+Naur
+unwillingToPerform
+PhotoURI
+MyCompany
 mkdep
-olcDbindex
-olcDbIndex
-syntaxOID
-reqData
-databasetype
-woid
-numericStringOrderingMatch
-clientctrls
-inappropriateMatching
-RetCodes
-ldapc
-pwdAccountLockedTime
-attrtype
-LIBVERSION
+idlcachesize
+irresponsive
+readOnly
+readonly
+CLDAP
 proto
-endif
-logfiles
-reqNewRDN
-ldapi
-notoc
-matcheddnp
 mkdir
-mech
-pwdMinAge
-ldaps
-userCertificate
-LDAPv
-IPsec
-tokenization
-olcModuleList
-robert
-generalizedTimeMatch
-UMLDAP
-OpenLDAP's
-lookup
-ABNF
-olcDbShmKey
-pwdLockoutDuration
-TLSCACertificatePath
-ldapuri
-ldapurl
-ACIs
-behera
-olcObjectIdentifier
-endblock
+peername
+pwdFailureTime
+compareDN
+reqVersion
+negttl
+logevels
+AAQSkZJRgABAAAAAQABAAD
+strcast
+failover
+constraintViolation
+cacheable
+sambaPwdCanChange
+errCode
+queryid
+olcReferral
+dynacl
+mkln
+structuralObjectClass
 proxyAuthz
-pagedResults
-saslBindInProgress
-bitstring
-ACLs
-berptr
-olcModuleLoad
-namingViolation
-attributetype
-attributeType
-auditModRDN
-cacert
-memberUid
-freebuf
+config
 IDSET
-pwdGraceAuthnLimit
-invalue
-XKYnrjvGT
-srvtab
-referralAttrDN
-requestoid
+ODBC
+searchFilter
+wholeSubtree
+SASLprep
+nisMailAlias
+attributeDescription
+groupnummer
+lsei
+kurt
+OrgPerson
+generalizedTime
+filename
+pwdCheckQuality
+methodp
+Verdana
+deref
+proxied
+endmacro
+backload
+ECHOPROMPT
+bvarray
+ltdl
+slapdconfigfile
+modv
+ObjectClassDescription
+truelies
+slurpd
 basename
-substring
-booleanMatch
-babs
+groupOfUniqueNames
+DHAVE
+ludp
+entryUUID
+ldapapiinfo
+SampleLDAP
+compareAttrDN
+lssl
+newentry
+applicatio
+addpartial
+confdir
+entryDN
+pwdFailureCountInterval
+XXXLIBS
+Kumar
+LTHREAD
+distinguishedNameMatch
+timestamp
+UUIDs
+olcDbCheckpoint
+LTINSTALL
+gssapi
+continuated
+localstatedir
+devel
+errcodep
+Elfrink
+olcPidFile
+attribute's
 pPasswd
-msgfree
-slapdconfigfile
+metadirectory
+assciated
+myObjectClass
+OIDs
+oids
+sermersheim
+chainingPreferred
+CFLAGS
+minssf
+ModName
+attrs
+typeA
+objclasses
+typeB
+nelems
+subord
+namingViolation
+inappropriateAuthentication
+mixin
+suders
+syntaxOID
+olcTLSCACertificateFile
+IGJlZ
+TLSCipherSuite
+auditlog
+runningslapd
+myLDAP
+myldap
+configs
+datasource
+refreshAndPersist
+authc
+PENs
+referralDN
+MANAGERDN
+noop
+errObject
+XXLIBS
+reqAssertion
+PDUs
+baseObject
+bvecadd
+perl
+inplace
+lossy
+pers
+authz
+pwdReset
+wrscdx
+adminLimitExceeded
+LDAPMessage
+serverctrlsp
+simplebinddn
+nonleaf
+compareFalse
+lsasl
+caseIgnoreSubstringsMatch
+AUTOREMOVE
+mydc
+searchResultEntry
+PIII
+olcDbShmKey
+substr
+reqRespControls
+XXXXXXXXXX
+MANSECT
+bindmethod
+KTNAME
+referralsp
+pwdExpireWarning
+suretecsystems
+timeval
+LTLINK
+gsMatch
+attributeTypes
+pwdCheckModule
 olcDatabase
-builtin
-hardcoded
-SIGINT
-MAXLEN
-xpasswd
-cleartext
-extensibleObject
+PKCS
+syncuser
+oOjM
+extern
+dcObject
+supportedControl
+addprinc
+logbase
+filterlist
+generalizedTimeMatch
+Google
+sessionlog
+balancer
+NSSR
+PKIX
+urandom
+derefFindingBaseObj
+Poitou
+dereferencing
+dereferenced
+ORed
+caseIgnoreSubstrin
+superset
+Locators
+qdstring
+olcAccess
+dereferences
+shoesize
+monitorContext
+RDBM
+PostgreSQL
+ppErrStr
+olcFrontendConfig
+aliasDereferencingProblem
+gsskrb
+unindexed
+whitespace
+seeAlso
+monitorRuntimeConfig
+olcAuditlogFile
+namingContexts
+referralAttrDN
+idlecachesize
+moddn
+calloc
+LDFLAGS
+attributeOrValueExists
+olcHdbConfig
+bsize
+auditObject
+dnssrv
+dynamicObject
+objectclass
+objectClass
+sizeLimitExceeded
+accountadm
+reqControls
+modme
+shtool
+aXRoIGEgc
+RDNs
+rdns
+modifyTimestamp
+objectIdentiferMatch
+sleeptime
+derefAliases
+pagedResults
+denyop
+sctrls
+ldapport
+octetString
+repl
+ERXRTc
+LxsdLy
+lastmod
+integerOrderingMatch
+searchEntryDN
 pwdLockout
-SIGHUP
-reqDeleteOldRDN
-reqAttr
-subfinal
+sbin
+olcSuffix
+sbio
+posp
+TLSCertificateKeyFile
+george
+LDAPSyntax
+apache's
+scdx
+someuserid
+attrtype
+msgtype
+pathtest
+ldapcompare
+coltags
+sasl
+unixusers
+bvfree
+xeXBkeFxlZ
+priv
+proxyTemplates
+bvals
+givenName
+givenname
+jensen
+auditReadObject
+proc
+unavailableCriticalExtension
+slapdn
+noSuchAttribute
+retcode
+slapds
+slapd's
+DLDAP
+TABs
+dyngroup
+pathspec
+domainstyle
+requestoid
+rpath
+Blowfish
+dryrun
+Poobah
+searchable
+SDSE
+olcDbDirectory
+ludpp
+spellcheck
+logsuccess
+lucyB
+entryUUIDs
+reqEntries
+sockbuf
+olcSaslSecprops
+olcSaslSecProps
+dnSubtreeMatch
+conns
+pcache
+ChangeLog
+changelog
+ursula
+monitorConnectionLocalAddress
+requestor's
+requestors
+TLSCertificateFile
+pwdPolicy
+infodir
+suretec
+tbls
+const
+bvdup
+mkversion
+olcDbSearchStack
+numericStringOrderingMatch
+checkpointed
+strongerAuthRequired
+treedelete
+olcObjectClasses
+berptr
+errSleepTime
+substrings
+slapd
+sambaNTPassword
+slapi
+lcrypto
+slapo
+mwrscdx
+credlen
+deleteDN
+substring
+prepending
+sldb
+credp
+numEntries
+searchBase
+searchbase
 berval
-octothorpe
+slen
+lookup
+databasetype
+rewriteRules
+smbk
+userCertificate
+entryCSN
+errAuxObject
+replogfile
+reloadhint
+reloadHint
+moduleload
+hasSubordinates
+contextp
+LDAPModifying
+nameAndOptionalUID
+addDN
+berval's
+bervals
+passwdfile
+reqDerefAliases
+authcDN
+groupstyle
+cancelled
+stateful
+proxytemplate
+proxyTemplate
+entryExpireTimestamp
+referralsPreferred
+authcID
+authcid
+AuthcId
+MChAODQ
+lookups
+GnuTLS
+GNUtls
+gnutls
 LTONLY
-filesystems
-urandom
-NDBM
-abcdefgh
-olcBackend
-errmsgp
-boolean
-updateref
-regcomp
-contextp
-filtercomp
-LDAPNOINIT
-deref
-preallocated
-syntaxes
-memberURL
-monitorRuntimeConfig
-bindDn
-bindDN
-binddn
-methodp
-timeLimitExceeded
-timelimitExceeded
-pwdInHistory
-LTSTATIC
-requestors
-requestor's
-LDAPCONF
+SNMP
+timelimit
+UCASE
+thru
 saslauthd
-MKDEPFLAG
-gecos
-entryUUID
-gnutls
-GNUtls
-GnuTLS
-postread
-timeval
-DHAVE
-loopDetect
-caseIgnoreSubstringsMatch
+logpurge
+SMTP
+srvtab
+ldapadd
+sprintf
+monitorCounterObject
+Instanstantiation
+olcDbConfig
+olcLastMod
+vals
+param
+matcheddnp
+malloc
+XLIBS
+freeit
+invalidDNSyntax
+zeilenga
+addAttrDN
+syncdata
+somedomain
+attrsonly
+attrsOnly
+numericString
+libexec
+entryCSNs
+noprompt
+LTCOMPILE
+ldapbis
+SSHA
+mandir
+RXER
+SSFs
+octetStringOrderingStringMatch
+auditCompare
+pEntry
+endblock
+LDAPAVA
+startup
+olcReplicationInterval
+TLSv
+libtool's
+slapindex
+rscdx
+dhparam
+subr
+SSLv
+SIGTERM
+liblunicode
+uint
+stringa
+reindex
+stringb
+lutil
+inetd
+SERATGCgaGBYWGDEjJR
+wahl
+olcDbQuarantine
+reqEnd
+modifyAttrDN
+monitorContainer
+searchstack
+cachefree
+errUnsolicitedOID
+WebUpdate
+RelativeLDAPDN
+URLlist
+monitorInfo
+argsfile
+attrvalue
+deallocate
+msgid
+modulepath
+logfile
+Supr
+inappropriateMatching
+SUPs
+myAttributeType
+BerValue
+basedn
+baseDN
+bvstr
+replog
+adressbooks
+databasenumber
+subschema
+PhotoObject
+INADDR
+pthread
+errlist
+olcDbIndex
+olcDbindex
+ldapext
+caseIgnoreMatch
+suffixalias
+sbindir
+gidNumber
+LDAPSync
+bitstring
+objclass
+oplist
+LDAPObjectClass
+sockurl
+somevalue
+getpid
 monitorIsShadow
-syncdata
-BDB's
-olcPidFile
-hostport
-backload
-bindir
-olcObjectClasses
-auditObject
-LDIFv
-strcasecmp
-LTHREAD
-dereferenced
+confidentialityRequired
+groupOfURLs
+preallocated
+hostname
+TTLs
+attrdesc
+ghenry
+reqType
+slapover
+BerkeleyDB's
+attributename
+lwrap
+reqStart
+errUnsolicitedData
+objectclasses
+objectClasses
+countp
+dereference
+sizelimit
+use'd
+rootdn
+RootDN
+LTFLAGS
+Bourne
+URIs
+pwdAttribute
+uppercased
+cacertdir
+ciphersuite
+URL's
+urls
+olcAuditLogConfig
+reqMod
+pwdHistory
 entryTtl
-LDAPControl
-pwdMinLength
-ldapcompare
-readonly
-readOnly
+olcIdleTimeout
+TLSRandFile
+unmassaged
+LDAPMod
+ldapmod
+srcdir
+someSSHAdata
+whsp
+exattrs
+reqOld
+kbyte
+monitorCounter
+quickstart
+UUID
+olcConstraintConfig
+roleOccupant
+rootpw
+veryclean
+syslogged
+olcRootDN
+idletimeout
+sockname
+telephoneNumber
+telephonenumber
+objectClassModsProhibited
+nattrsets
+saslargs
+OBJEXT
+LDAPAttributeType
+newPasswdFile
+newpasswdfile
+boolean
+liblber
+ucdata
+toolsets
+builddir
+builtin
+matcheduid
+Locator
+ldapmaster
+olcMirrorMode
+libldap
+refreshDeletes
+aliasProblem
+eMail
+outvalue
+LDAPRDN
+olcBackendConfig
+wBDABALD
+libdir
+deleteoldrdn
+abcd
+olcRootPW
+dnattr
+AttributeTypeDescription
+strdup
+domainScope
+prepended
+saslBindInProgress
+olcDbMode
+selfwrite
+olcLdapConfig
+pwdGraceUseTime
+titleCatalog
+woid
+organizationPerson
+ldaptcl
+INCDIR
+ACDF
+realusers
+ranlib
+eatBlanks
+reqMessage
+paramName
+ctrlp
+freebuf
+ctrls
+firstName
+ABNF
+dnpattern
+perror
+MSSQL
+SmVuc
+ACIs
+errmsgp
+authzDN
+gunzip
+jpegPhoto
+supportedSASLMechanisms
+ACLs
+reqMethod
+authzId
+authzid
+authzID
+hasSubordintes
+proxyCache
+proxycache
+slaptest
+olcLogLevel
+LDAPDN
+XINCPATH
+monitoringslapd
+babs
+DSAIT
+olcHidden
+mySNMP
+metainformation
+BerkeleyDB
+ldapuri
+auditAbandon
 RANDFILE
-attrlist
+ldapurl
+strlen
+pwdAccountLockedTime
+searchAttrDN
+dbcache
+sambaPwdLastSet
+wBDARESEhgVG
+multi
+aaa
+ldaprc
+updatedn
+UpdateDN
+LDAPBASE
+LDAPAPIFeatureInfo
+authzTo
+valsort
+plugins
+Diffie
+ldappasswd
+olcGlobal
+ABI
 aci
-directoryOperation
-compareTrue
-selfwrite
-pwdReset
+endif
+unescaped
 acl
-attrname
 ADH
-searchable
-bindmethods
-logpurge
-reqNewSuperior
-multiproxy
-dereferences
-datadir
-malloc
-UUIDs
-veryclean
-userid
-Kumar
+olcPasswordHash
+ldapc
+loopback
+ldapi
+BDB's
+GETREALM
+functionalities
+noplain
+NOECHOPROMPT
 AES
+ldaps
+notoc
 bdb
-attributeOrValueExists
-manageDSAit
-ManageDsaIT
-bindpw
-monitorContainer
-pEntry
+LDAPv
+IPsec
+olcServerID
+BCP
 baz
-memfree
-lresolv
-objectIdentifierMatch
-Blowfish
-mkln
-numericStringSubstringsMatch
-testgroup
-openssl
-OpenSSL
-ModName
-cacheable
-freeit
-pathname
+params
+generalizedTimeOrderingMatch
+octetStringSubstringsStringMatch
 ber
+slimit
 ali
-mandir
-changetype
+attributeoptions
+uidNumber
 CAs
 CA's
-typeA
-bvecfree
-ODBC
-typeB
-unescaped
-devel
-pwdCheckModule
-LDAPURLDesc
-authzDN
+namingContext

Modified: openldap/trunk/doc/guide/admin/backends.sdf
===================================================================
--- openldap/trunk/doc/guide/admin/backends.sdf	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/backends.sdf	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,5 @@
-# $OpenLDAP: pkg/openldap-guide/admin/backends.sdf,v 1.8.2.3 2007/11/07 23:01:35 ghenry Exp $
-# Copyright 2007 The OpenLDAP Foundation, All Rights Reserved.
+# $OpenLDAP: pkg/openldap-guide/admin/backends.sdf,v 1.8.2.5 2008/04/14 19:00:49 quanah Exp $
+# Copyright 2007-2008 The OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
 
 H1: Backends
@@ -44,7 +44,7 @@
 their own private connection to the remote LDAP server. Anonymous sessions 
 will share a single anonymous connection to the remote server. For sessions 
 bound through other mechanisms, all sessions with the same DN will share the 
-same connection. This connection pooling strategy can enhance the proxy’s 
+same connection. This connection pooling strategy can enhance the proxy's 
 efficiency by reducing the overhead of repeatedly making/breaking multiple 
 connections.
 

Modified: openldap/trunk/doc/guide/admin/config.sdf
===================================================================
--- openldap/trunk/doc/guide/admin/config.sdf	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/config.sdf	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,5 @@
-# $OpenLDAP: pkg/openldap-guide/admin/config.sdf,v 1.14.2.4 2007/11/07 23:01:35 ghenry Exp $
-# Copyright 1999-2007 The OpenLDAP Foundation, All Rights Reserved.
+# $OpenLDAP: pkg/openldap-guide/admin/config.sdf,v 1.14.2.6 2008/04/14 20:43:48 quanah Exp $
+# Copyright 1999-2008 The OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
 H1: The Big Picture - Configuration Choices
 
@@ -47,9 +47,10 @@
 information on multiple directory servers.   In its most basic
 configuration, the {{master}} is a syncrepl provider and one or more
 {{slave}} (or {{shadow}}) are syncrepl consumers.  An example
-master-slave configuration is shown in figure 3.3.
+master-slave configuration is shown in figure 3.3. Multi-Master 
+configurations are also supported.
 
-!import "config_repl.gif"; align="center"; title="Replicated Directory Services"
+!import "config_repl.png"; align="center"; title="Replicated Directory Services"
 FT[align="Center"] Figure 3.3: Replicated Directory Services
 
 This configuration can be used in conjunction with either of the

Deleted: openldap/trunk/doc/guide/admin/config_repl.gif
===================================================================
(Binary files differ)

Copied: openldap/trunk/doc/guide/admin/config_repl.png (from rev 1127, openldap/vendor/openldap-2.4.9/doc/guide/admin/config_repl.png)
===================================================================
(Binary files differ)

Modified: openldap/trunk/doc/guide/admin/dbtools.sdf
===================================================================
--- openldap/trunk/doc/guide/admin/dbtools.sdf	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/dbtools.sdf	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,5 @@
-# $OpenLDAP: pkg/openldap-guide/admin/dbtools.sdf,v 1.24.2.5 2007/11/07 23:01:35 ghenry Exp $
-# Copyright 1999-2007 The OpenLDAP Foundation, All Rights Reserved.
+# $OpenLDAP: pkg/openldap-guide/admin/dbtools.sdf,v 1.24.2.6 2008/02/11 23:26:39 kurt Exp $
+# Copyright 1999-2008 The OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
 
 H1: Database Creation and Maintenance Tools

Modified: openldap/trunk/doc/guide/admin/glossary.sdf
===================================================================
--- openldap/trunk/doc/guide/admin/glossary.sdf	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/glossary.sdf	2008-05-25 14:29:31 UTC (rev 1128)
@@ -1,5 +1,5 @@
-# $OpenLDAP: pkg/openldap-guide/admin/glossary.sdf,v 1.5.2.4 2007/11/07 23:01:35 ghenry Exp $
-# Copyright 2006-2007 The OpenLDAP Foundation, All Rights Reserved.
+# $OpenLDAP: pkg/openldap-guide/admin/glossary.sdf,v 1.5.2.5 2008/02/11 23:26:39 kurt Exp $
+# Copyright 2006-2008 The OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
 H1: Glossary
 

Modified: openldap/trunk/doc/guide/admin/guide.html
===================================================================
--- openldap/trunk/doc/guide/admin/guide.html	2008-05-25 14:24:14 UTC (rev 1127)
+++ openldap/trunk/doc/guide/admin/guide.html	2008-05-25 14:29:31 UTC (rev 1128)
@@ -23,7 +23,7 @@
 <DIV CLASS="title">
 <H1 CLASS="doc-title">OpenLDAP Software 2.4 Administrator's Guide</H1>
 <ADDRESS CLASS="doc-author">The OpenLDAP Project &lt;<A HREF="http://www.openldap.org/">http://www.openldap.org/</A>&gt;</ADDRESS>
-<ADDRESS CLASS="doc-modified">13 December 2007</ADDRESS>
+<ADDRESS CLASS="doc-modified">7 May 2008</ADDRESS>
 <BR CLEAR="All">
 </DIV>
 <DIV CLASS="contents">
@@ -100,25 +100,8 @@
 <BR>
 <A HREF="#Database-specific Directives">5.2.5. Database-specific Directives</A>
 <BR>
-<A HREF="#BDB and HDB Database Directives">5.2.6. BDB and HDB Database Directives</A></UL>
+<A HREF="#BDB and HDB Database Directives">5.2.6. BDB and HDB Database Directives</A></UL></UL>
 <BR>
-<A HREF="#Access Control">5.3. Access Control</A><UL>
-<A HREF="#What to control access to">5.3.1. What to control access to</A>
-<BR>
-<A HREF="#Who to grant access to">5.3.2. Who to grant access to</A>
-<BR>
-<A HREF="#The access to grant">5.3.3. The access to grant</A>
-<BR>
-<A HREF="#Access Control Evaluation">5.3.4. Access Control Evaluation</A>
-<BR>
-<A HREF="#Access Control Examples">5.3.5. Access Control Examples</A>
-<BR>
-<A HREF="#Access Control Ordering">5.3.6. Access Control Ordering</A></UL>
-<BR>
-<A HREF="#Configuration Example">5.4. Configuration Example</A>
-<BR>
-<A HREF="#Converting from slapd.conf(8) to a {{B:cn=config}} directory format">5.5. Converting from slapd.conf(8) to a <B>cn=config</B> directory format</A></UL>
-<BR>
 <A HREF="#The slapd Configuration File">6. The slapd Configuration File</A><UL>
 <A HREF="#Configuration File Format">6.1. Configuration File Format</A>
 <BR>
@@ -129,403 +112,443 @@
 <BR>
 <A HREF="#General Database Directives">6.2.3. General Database Directives</A>
 <BR>
-<A HREF="#BDB and HDB Database Directives">6.2.4. BDB and HDB Database Directives</A></UL>
+<A HREF="#BDB and HDB Database Directives">6.2.4. BDB and HDB Database Directives</A></UL></UL>
 <BR>
-<A HREF="#The access Configuration Directive">6.3. The access Configuration Directive</A><UL>
-<A HREF="#What to control access to">6.3.1. What to control access to</A>
+<A HREF="#Access Control">7. Access Control</A><UL>
+<A HREF="#Introduction">7.1. Introduction</A>
 <BR>
-<A HREF="#Who to grant access to">6.3.2. Who to grant access to</A>
+<A HREF="#Access Control via Static Configuration">7.2. Access Control via Static Configuration</A><UL>
+<A HREF="#What to control access to">7.2.1. What to control access to</A>
 <BR>
-<A HREF="#The access to grant">6.3.3. The access to grant</A>
+<A HREF="#Who to grant access to">7.2.2. Who to grant access to</A>
 <BR>
-<A HREF="#Access Control Evaluation">6.3.4. Access Control Evaluation</A>
+<A HREF="#The access to grant">7.2.3. The access to grant</A>
 <BR>
-<A HREF="#Access Control Examples">6.3.5. Access Control Examples</A></UL>
+<A HREF="#Access Control Evaluation">7.2.4. Access Control Evaluation</A>
 <BR>
-<A HREF="#Configuration File Example">6.4. Configuration File Example</A></UL>
+<A HREF="#Access Control Examples">7.2.5. Access Control Examples</A>
 <BR>
-<A HREF="#Running slapd">7. Running slapd</A><UL>
-<A HREF="#Command-Line Options">7.1. Command-Line Options</A>
+<A HREF="#Configuration File Example">7.2.6. Configuration File Example</A></UL>
 <BR>
-<A HREF="#Starting slapd">7.2. Starting slapd</A>
+<A HREF="#Access Control via Dynamic Configuration">7.3. Access Control via Dynamic Configuration</A><UL>
+<A HREF="#What to control access to">7.3.1. What to control access to</A>
 <BR>
-<A HREF="#Stopping slapd">7.3. Stopping slapd</A></UL>
+<A HREF="#Who to grant access to">7.3.2. Who to grant access to</A>
 <BR>
-<A HREF="#Database Creation and Maintenance Tools">8. Database Creation and Maintenance Tools</A><UL>
-<A HREF="#Creating a database over LDAP">8.1. Creating a database over LDAP</A>
+<A HREF="#The access to grant">7.3.3. The access to grant</A>
 <BR>
-<A HREF="#Creating a database off-line">8.2. Creating a database off-line</A><UL>
-<A HREF="#The {{EX:slapadd}} program">8.2.1. The <TT>slapadd</TT> program</A>
+<A HREF="#Access Control Evaluation">7.3.4. Access Control Evaluation</A>
 <BR>
-<A HREF="#The {{EX:slapindex}} program">8.2.2. The <TT>slapindex</TT> program</A>
+<A HREF="#Access Control Examples">7.3.5. Access Control Examples</A>
 <BR>
-<A HREF="#The {{EX:slapcat}} program">8.2.3. The <TT>slapcat</TT> program</A></UL>
+<A HREF="#Access Control Ordering">7.3.6. Access Control Ordering</A>
 <BR>
-<A HREF="#The LDIF text entry format">8.3. The LDIF text entry format</A></UL>
+<A HREF="#Configuration Example">7.3.7. Configuration Example</A>
 <BR>
-<A HREF="#Backends">9. Backends</A><UL>
-<A HREF="#Berkeley DB Backends">9.1. Berkeley DB Backends</A><UL>
-<A HREF="#Overview">9.1.1. Overview</A>
+<A HREF="#Converting from {{slapd.conf}}(5) to a {{B:cn=config}} directory format">7.3.8. Converting from <EM>slapd.conf</EM>(5) to a <B>cn=config</B> directory format</A></UL>
 <BR>
-<A HREF="#back-bdb/back-hdb Configuration">9.1.2. back-bdb/back-hdb Configuration</A>
+<A HREF="#Access Control Common Examples">7.4. Access Control Common Examples</A><UL>
+<A HREF="#Basic ACLs">7.4.1. Basic ACLs</A>
 <BR>
-<A HREF="#Further Information">9.1.3. Further Information</A></UL>
+<A HREF="#Matching Anonymous and Authenticated users">7.4.2. Matching Anonymous and Authenticated users</A>
 <BR>
-<A HREF="#LDAP">9.2. LDAP</A><UL>
-<A HREF="#Overview">9.2.1. Overview</A>
+<A HREF="#Controlling rootdn access">7.4.3. Controlling rootdn access</A>
 <BR>
-<A HREF="#back-ldap Configuration">9.2.2. back-ldap Configuration</A>
+<A HREF="#Managing access with Groups">7.4.4. Managing access with Groups</A>
 <BR>
-<A HREF="#Further Information">9.2.3. Further Information</A></UL>
+<A HREF="#Granting access to a subset of attributes">7.4.5. Granting access to a subset of attributes</A>
 <BR>
-<A HREF="#LDIF">9.3. LDIF</A><UL>
-<A HREF="#Overview">9.3.1. Overview</A>
+<A HREF="#Allowing a user write to all entries below theirs">7.4.6. Allowing a user write to all entries below theirs</A>
 <BR>
-<A HREF="#back-ldif Configuration">9.3.2. back-ldif Configuration</A>
+<A HREF="#Allowing entry creation">7.4.7. Allowing entry creation</A>
 <BR>
-<A HREF="#Further Information">9.3.3. Further Information</A></UL>
+<A HREF="#Tips for using regular expressions in Access Control">7.4.8. Tips for using regular expressions in Access Control</A>
 <BR>
-<A HREF="#Metadirectory">9.4. Metadirectory</A><UL>
-<A HREF="#Overview">9.4.1. Overview</A>
+<A HREF="#Granting and Denying access based on security strength factors (ssf)">7.4.9. Granting and Denying access based on security strength factors (ssf)</A>
 <BR>
-<A HREF="#back-meta Configuration">9.4.2. back-meta Configuration</A>
+<A HREF="#When things aren\'t working as expected">7.4.10. When things aren't working as expected</A></UL>
 <BR>
-<A HREF="#Further Information">9.4.3. Further Information</A></UL>
+<A HREF="#Sets - Granting rights based on relationships">7.5. Sets - Granting rights based on relationships</A><UL>
+<A HREF="#Groups of Groups">7.5.1. Groups of Groups</A>
 <BR>
-<A HREF="#Monitor">9.5. Monitor</A><UL>
-<A HREF="#Overview">9.5.1. Overview</A>
+<A HREF="#Group ACLs without DN syntax">7.5.2. Group ACLs without DN syntax</A>
 <BR>
-<A HREF="#back-monitor Configuration">9.5.2. back-monitor Configuration</A>
+<A HREF="#Following references">7.5.3. Following references</A></UL></UL>
 <BR>
-<A HREF="#Further Information">9.5.3. Further Information</A></UL>
+<A HREF="#Running slapd">8. Running slapd</A><UL>
+<A HREF="#Command-Line Options">8.1. Command-Line Options</A>
 <BR>
-<A HREF="#Null">9.6. Null</A><UL>
-<A HREF="#Overview">9.6.1. Overview</A>
+<A HREF="#Starting slapd">8.2. Starting slapd</A>
 <BR>
-<A HREF="#back-null Configuration">9.6.2. back-null Configuration</A>
+<A HREF="#Stopping slapd">8.3. Stopping slapd</A></UL>
 <BR>
-<A HREF="#Further Information">9.6.3. Further Information</A></UL>
+<A HREF="#Database Creation and Maintenance Tools">9. Database Creation and Maintenance Tools</A><UL>
+<A HREF="#Creating a database over LDAP">9.1. Creating a database over LDAP</A>
 <BR>
-<A HREF="#Passwd">9.7. Passwd</A><UL>
-<A HREF="#Overview">9.7.1. Overview</A>
+<A HREF="#Creating a database off-line">9.2. Creating a database off-line</A><UL>
+<A HREF="#The {{EX:slapadd}} program">9.2.1. The <TT>slapadd</TT> program</A>
 <BR>
-<A HREF="#back-passwd Configuration">9.7.2. back-passwd Configuration</A>
+<A HREF="#The {{EX:slapindex}} program">9.2.2. The <TT>slapindex</TT> program</A>
 <BR>
-<A HREF="#Further Information">9.7.3. Further Information</A></UL>
+<A HREF="#The {{EX:slapcat}} program">9.2.3. The <TT>slapcat</TT> program</A></UL>
 <BR>
-<A HREF="#Perl/Shell">9.8. Perl/Shell</A><UL>
-<A HREF="#Overview">9.8.1. Overview</A>
+<A HREF="#The LDIF text entry format">9.3. The LDIF text entry format</A></UL>
 <BR>
-<A HREF="#back-perl/back-shell Configuration">9.8.2. back-perl/back-shell Configuration</A>
+<A HREF="#Backends">10. Backends</A><UL>
+<A HREF="#Berkeley DB Backends">10.1. Berkeley DB Backends</A><UL>
+<A HREF="#Overview">10.1.1. Overview</A>
 <BR>
-<A HREF="#Further Information">9.8.3. Further Information</A></UL>
+<A HREF="#back-bdb/back-hdb Configuration">10.1.2. back-bdb/back-hdb Configuration</A>
 <BR>
-<A HREF="#Relay">9.9. Relay</A><UL>
-<A HREF="#Overview">9.9.1. Overview</A>
+<A HREF="#Further Information">10.1.3. Further Information</A></UL>
 <BR>
-<A HREF="#back-relay Configuration">9.9.2. back-relay Configuration</A>
+<A HREF="#LDAP">10.2. LDAP</A><UL>
+<A HREF="#Overview">10.2.1. Overview</A>
 <BR>
-<A HREF="#Further Information">9.9.3. Further Information</A></UL>
+<A HREF="#back-ldap Configuration">10.2.2. back-ldap Configuration</A>
 <BR>
-<A HREF="#SQL">9.10. SQL</A><UL>
-<A HREF="#Overview">9.10.1. Overview</A>
+<A HREF="#Further Information">10.2.3. Further Information</A></UL>
 <BR>
-<A HREF="#back-sql Configuration">9.10.2. back-sql Configuration</A>
-<BR>
-<A HREF="#Further Information">9.10.3. Further Information</A></UL></UL>
-<BR>
-<A HREF="#Overlays">10. Overlays</A><UL>
-<A HREF="#Access Logging">10.1. Access Logging</A><UL>
-<A HREF="#Overview">10.1.1. Overview</A>
-<BR>
-<A HREF="#Access Logging Configuration">10.1.2. Access Logging Configuration</A></UL>
-<BR>
-<A HREF="#Audit Logging">10.2. Audit Logging</A><UL>
-<A HREF="#Overview