Update comments to reflect RFC2251 specs.

libraries/libldap/abandon.c

@@ -9,6 +9,11 @@
  *  abandon.c
  */
 
+/*
+ * An abandon request looks like this:
+ *	AbandonRequest ::= MessageID
+ */
+
 #include "portable.h"
 
 #include <stdio.h>
@@ -90,11 +95,6 @@ do_abandon(
 	Sockbuf		*sb;
 	LDAPRequest	*lr;
 
-	/*
-	 * An abandon request looks like this:
-	 *	AbandonRequest ::= MessageID
-	 */
-
 	Debug( LDAP_DEBUG_TRACE, "do_abandon origid %d, msgid %d\n",
 		origid, msgid, 0 );
 

libraries/libldap/add.c

@@ -9,6 +9,17 @@
  *  add.c
  */
 
+/*
+ * An add request looks like this:
+ *	AddRequest ::= SEQUENCE {
+ *		entry	DistinguishedName,
+ *		attrs	SEQUENCE OF SEQUENCE {
+ *			type	AttributeType,
+ *			values	SET OF AttributeValue
+ *		}
+ *	}
+ */
+
 #include "portable.h"
 
 #include <stdio.h>
@@ -84,17 +95,6 @@ ldap_add_ext( LDAP *ld, LDAP_CONST char *dn, LDAPMod **attrs,
 	BerElement	*ber;
 	int		i, rc;
 
-	/*
-	 * An add request looks like this:
-	 *	AddRequest ::= SEQUENCE {
-	 *		entry	DistinguishedName,
-	 *		attrs	SEQUENCE OF SEQUENCE {
-	 *			type	AttributeType,
-	 *			values	SET OF AttributeValue
-	 *		}
-	 *	}
-	 */
-
 	Debug( LDAP_DEBUG_TRACE, "ldap_add\n", 0, 0, 0 );
 
 	/* create a message to send */

libraries/libldap/bind.c

@@ -9,6 +9,27 @@
  *  bind.c
  */
 
+/*
+ *	BindRequest ::= SEQUENCE {
+ *		version		INTEGER,
+ *		name		DistinguishedName,	 -- who
+ *		authentication	CHOICE {
+ *			simple		[0] OCTET STRING -- passwd
+#ifdef HAVE_KERBEROS
+ *			krbv42ldap	[1] OCTET STRING
+ *			krbv42dsa	[2] OCTET STRING
+#endif
+ *			sasl		[3] SaslCredentials	-- LDAPv3
+ *		}
+ *	}
+ *
+ *	BindResponse ::= SEQUENCE {
+ *		COMPONENTS OF LDAPResult,
+ *		serverSaslCreds		OCTET STRING OPTIONAL -- LDAPv3
+ *	}
+ *
+ */
+
 #include "portable.h"
 
 #include <stdio.h>
@@ -38,22 +59,6 @@
 int
 ldap_bind( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd, int authmethod )
 {
-	/*
-	 * The bind request looks like this:
-	 *	BindRequest ::= SEQUENCE {
-	 *		version		INTEGER,
-	 *		name		DistinguishedName,	 -- who
-	 *		authentication	CHOICE {
-	 *			simple		[0] OCTET STRING -- passwd
-#ifdef HAVE_KERBEROS
-	 *			krbv42ldap	[1] OCTET STRING
-	 *			krbv42dsa	[2] OCTET STRING
-#endif
-	 *		}
-	 *	}
-	 * all wrapped up in an LDAPMessage sequence.
-	 */
-
 	Debug( LDAP_DEBUG_TRACE, "ldap_bind\n", 0, 0, 0 );
 
 	switch ( authmethod ) {
@@ -68,6 +73,10 @@ ldap_bind( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd, int authmetho
 		return( ldap_kerberos_bind2( ld, dn ) );
 #endif
 
+	case LDAP_AUTH_SASL:
+		/* user must use ldap_sasl_bind */
+		/* FALL-THRU */
+
 	default:
 		ld->ld_errno = LDAP_AUTH_UNKNOWN;
 		return( -1 );
@@ -112,6 +121,10 @@ ldap_bind_s(
 		return( ldap_kerberos_bind2_s( ld, dn ) );
 #endif
 
+	case LDAP_AUTH_SASL:
+		/* user must use ldap_sasl_bind */
+		/* FALL-THRU */
+
 	default:
 		return( ld->ld_errno = LDAP_AUTH_UNKNOWN );
 	}

libraries/libldap/compare.c

@@ -9,6 +9,16 @@
  *  compare.c
  */
 
+/* The compare request looks like this:
+ *	CompareRequest ::= SEQUENCE {
+ *		entry	DistinguishedName,
+ *		ava	SEQUENCE {
+ *			type	AttributeType,
+ *			value	AttributeValue
+ *		}
+ *	}
+ */
+
 #include "portable.h"
 
 #include <stdio.h>
@@ -42,17 +52,6 @@ ldap_compare_ext(
 {
 	BerElement	*ber;
 
-	/* The compare request looks like this:
-	 *	CompareRequest ::= SEQUENCE {
-	 *		entry	DistinguishedName,
-	 *		ava	SEQUENCE {
-	 *			type	AttributeType,
-	 *			value	AttributeValue
-	 *		}
-	 *	}
-	 * and must be wrapped in an LDAPMessage.
-	 */
-
 	Debug( LDAP_DEBUG_TRACE, "ldap_compare\n", 0, 0, 0 );
 
 	/* create a message to send */
@@ -160,4 +159,4 @@ ldap_compare_s(
 	bvalue.bv_len = (value == NULL) ? 0 : strlen( value );
 
 	return ldap_compare_ext_s( ld, dn, attr, &bvalue, NULL, NULL );
-}
+}

libraries/libldap/controls.c

@@ -2,8 +2,16 @@
  * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
  */
-/*
- * LDAP controls
+
+/* LDAPv3 Controls (RFC2251)
+ *
+ *	Controls ::= SEQUENCE OF Control  
+ *
+ *	Control ::= SEQUENCE { 
+ *		controlType		LDAPOID,
+ *		criticality		BOOLEAN DEFAULT FALSE,
+ *		controlValue	OCTET STRING OPTIONAL
+ *	}
  */
 
 #include "portable.h"

libraries/libldap/delete.c

@@ -9,6 +9,11 @@
  *  delete.c
  */
 
+/*
+ * A delete request looks like this:
+ *	DelRequet ::= DistinguishedName,
+ */
+
 #include "portable.h"
 
 #include <stdio.h>
@@ -41,11 +46,6 @@ ldap_delete_ext(
 {
 	BerElement	*ber;
 
-	/*
-	 * A delete request looks like this:
-	 *	DelRequet ::= DistinguishedName,
-	 */
-
 	Debug( LDAP_DEBUG_TRACE, "ldap_delete\n", 0, 0, 0 );
 
 	/* create a message to send */

libraries/libldap/extended.c

@@ -3,6 +3,22 @@
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
  */
 
+/*
+ * LDAPv3 Extended Operation Request
+ *	ExtendedRequest ::= [APPLICATION 23] SEQUENCE {
+ *		requestName      [0] LDAPOID,
+ *		requestValue     [1] OCTET STRING OPTIONAL
+ *	}
+ *
+ * LDAPv3 Extended Operation Response
+ *	ExtendedResponse ::= [APPLICATION 24] SEQUENCE {
+ *		COMPONENTS OF LDAPResult,
+ *		responseName     [10] LDAPOID OPTIONAL,
+ *		response         [11] OCTET STRING OPTIONAL
+ *	}
+ *
+ */
+
 #include "portable.h"
 
 #include <stdio.h>

libraries/libldap/kbind.c

@@ -9,6 +9,27 @@
  *  kbind.c
  */
 
+/*
+ *	BindRequest ::= SEQUENCE {
+ *		version		INTEGER,
+ *		name		DistinguishedName,	 -- who
+ *		authentication	CHOICE {
+ *			simple		[0] OCTET STRING -- passwd
+#ifdef HAVE_KERBEROS
+ *			krbv42ldap	[1] OCTET STRING
+ *			krbv42dsa	[2] OCTET STRING
+#endif
+ *			sasl		[3] SaslCredentials	-- LDAPv3
+ *		}
+ *	}
+ *
+ *	BindResponse ::= SEQUENCE {
+ *		COMPONENTS OF LDAPResult,
+ *		serverSaslCreds		OCTET STRING OPTIONAL -- LDAPv3
+ *	}
+ *
+ */
+
 #include "portable.h"
 
 #ifdef HAVE_KERBEROS
@@ -44,19 +65,6 @@ ldap_kerberos_bind1( LDAP *ld, LDAP_CONST char *dn )
 	int		str_translation_on;
 #endif /* STR_TRANSLATION */
 
-	/*
-	 * The bind request looks like this:
-	 *	BindRequest ::= SEQUENCE {
-	 *		version		INTEGER,
-	 *		name		DistinguishedName,
-	 *		authentication	CHOICE {
-	 *			krbv42ldap	[1] OCTET STRING
-	 *			krbv42dsa	[2] OCTET STRING
-	 *		}
-	 *	}
-	 * all wrapped up in an LDAPMessage sequence.
-	 */
-
 	Debug( LDAP_DEBUG_TRACE, "ldap_kerberos_bind1\n", 0, 0, 0 );
 
 	if ( dn == NULL )

libraries/libldap/modrdn.c

@@ -8,7 +8,6 @@
  *
  *  modrdn.c
  */
-
 /*
  * Support for MODIFYDN REQUEST V3 (newSuperior) by:
  *
@@ -19,7 +18,16 @@
  * Redistribution and use in source and binary forms are permitted
  * without restriction or fee of any kind as long as this notice
  * is preserved.
- *
+ */
+
+/*
+ * A modify rdn request looks like this:
+ *	ModifyRDNRequest ::= SEQUENCE {
+ *		entry		DistinguishedName,
+ *		newrdn		RelativeDistinguishedName,
+ *		deleteoldrdn	BOOLEAN
+ *		newSuperior	[0] DistinguishedName	[v3 only]
+ *	}
  */
 
 #include "portable.h"
@@ -56,16 +64,6 @@ ldap_rename(
 	LDAPControl **cctrls,
 	int *msgidp )
 {
-	/*
-	 * A modify rdn request looks like this:
-	 *	ModifyRDNRequest ::= SEQUENCE {
-	 *		entry		DistinguishedName,
-	 *		newrdn		RelativeDistinguishedName,
-	 *		deleteoldrdn	BOOLEAN
-	 *		newSuperior	[0] DistinguishedName	[v3 only]
-	 *	}
-	 */
-
 	BerElement	*ber;
 	int rc;
 

libraries/libldap/result.c

@@ -9,6 +9,18 @@
  *  result.c - wait for an ldap result
  */
 
+/*
+ * LDAPv3 (RFC2251)
+ *	LDAPResult ::= SEQUENCE {
+ *		resultCode		ENUMERATED { ... },
+ *		matchedDN		LDAPDN,
+ *		errorMessage	LDAPString,
+ *		referral		Referral OPTIONAL
+ *	}
+ *	Referral ::= SEQUENCE OF LDAPURL	(one or more)
+ *	LDAPURL ::= LDAPString				(limited to URL chars)
+ */
+
 #include "portable.h"
 
 #include <stdio.h>

libraries/libldap/sbind.c

@@ -9,6 +9,27 @@
  *  sbind.c
  */
 
+/*
+ *	BindRequest ::= SEQUENCE {
+ *		version		INTEGER,
+ *		name		DistinguishedName,	 -- who
+ *		authentication	CHOICE {
+ *			simple		[0] OCTET STRING -- passwd
+#ifdef HAVE_KERBEROS
+ *			krbv42ldap	[1] OCTET STRING
+ *			krbv42dsa	[2] OCTET STRING
+#endif
+ *			sasl		[3] SaslCredentials	-- LDAPv3
+ *		}
+ *	}
+ *
+ *	BindResponse ::= SEQUENCE {
+ *		COMPONENTS OF LDAPResult,
+ *		serverSaslCreds		OCTET STRING OPTIONAL -- LDAPv3
+ *	}
+ *
+ */
+
 #include "portable.h"
 
 #include <stdio.h>
@@ -35,18 +56,6 @@ ldap_simple_bind( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd )
 {
 	BerElement	*ber;
 
-	/*
-	 * The bind request looks like this:
-	 *	BindRequest ::= SEQUENCE {
-	 *		version		INTEGER,
-	 *		name		DistinguishedName,	 -- who
-	 *		authentication	CHOICE {
-	 *			simple		[0] OCTET STRING -- passwd
-	 *		}
-	 *	}
-	 * all wrapped up in an LDAPMessage sequence.
-	 */
-
 	Debug( LDAP_DEBUG_TRACE, "ldap_simple_bind\n", 0, 0, 0 );
 
 	if ( dn == NULL )

libraries/libldap/search.c

@@ -383,8 +383,9 @@ put_filter( BerElement *ber, char *str )
 	 *              substrings      [4]     SubstringFilter,
 	 *              greaterOrEqual  [5]     AttributeValueAssertion,
 	 *              lessOrEqual     [6]     AttributeValueAssertion,
-	 *              present         [7]     AttributeType,,
-	 *              approxMatch     [8]     AttributeValueAssertion
+	 *              present         [7]     AttributeType,
+	 *              approxMatch     [8]     AttributeValueAssertion,
+	 *				extensibleMatch [9]		MatchingRuleAssertion -- LDAPv3
 	 *      }
 	 *
 	 *      SubstringFilter ::= SEQUENCE {
@@ -395,6 +396,13 @@ put_filter( BerElement *ber, char *str )
 	 *                      final            [2] IA5String
 	 *              }
 	 *      }
+	 *
+	 *		MatchingRuleAssertion ::= SEQUENCE {	-- LDAPv3
+	 *			matchingRule    [1] MatchingRuleId OPTIONAL,
+	 *			type            [2] AttributeDescription OPTIONAL,
+	 *			matchValue      [3] AssertionValue,
+	 *			dnAttributes    [4] BOOLEAN DEFAULT FALSE }
+	 *
 	 * Note: tags in a choice are always explicit
 	 */
 

libraries/libldap/unbind.c

@@ -9,6 +9,13 @@
  *  unbind.c
  */
 
+/* An Unbind Request looks like this:
+ *
+ *	UnbindRequest ::= NULL
+ *
+ * and has no response.
+ */
+
 #include "portable.h"
 
 #include <stdio.h>