Author: minfrin Date: Thu Jan 20 00:39:31 2005 New Revision: 125739 URL: http://svn.apache.org/viewcvs?view=rev&rev=125739 Log: Add documentation to the ldap_init functions.
Modified: apr/apr-util/trunk/include/apr_ldap_init.h Modified: apr/apr-util/trunk/include/apr_ldap_init.h Url: http://svn.apache.org/viewcvs/apr/apr-util/trunk/include/apr_ldap_init.h?view=diff&rev=125739&p1=apr/apr-util/trunk/include/apr_ldap_init.h&r1=125738&p2=apr/apr-util/trunk/include/apr_ldap_init.h&r2=125739 ============================================================================== --- apr/apr-util/trunk/include/apr_ldap_init.h (original) +++ apr/apr-util/trunk/include/apr_ldap_init.h Thu Jan 20 00:39:31 2005 @@ -13,20 +13,96 @@ * limitations under the License. */ +/** + * @file apr_ldap_init.h + * @brief APR-UTIL LDAP ldap_init() functions + */ #ifndef APR_LDAP_INIT_H #define APR_LDAP_INIT_H +/** + * @defgroup APR_Util_LDAP LDAP + * @ingroup APR_Util + * @{ + */ + #include "apr_ldap.h" #if APR_HAS_LDAP +/** + * APR LDAP SSL Initialise function + * + * This function initialises SSL on the underlying LDAP toolkit + * if this is necessary. + * + * If a CA certificate is provided, this is set, however the setting + * of certificates via this method has been deprecated and will be removed in + * APR v2.0. + * + * The apr_ldap_set_option() function with the APR_LDAP_OPT_TLS_CERT option + * should be used instead to set certificates. + * + * If SSL support is not available on this platform, or a problem + * was encountered while trying to set the certificate, the function + * will return APR_EGENERAL. Further LDAP specific error information + * can be found in result_err. + * @param pool The pool to use + * @param cert_auth_file The name of the certificate to use, can be NULL + * @param cert_file_type The type of certificate specified. See the + * apr_ldap_set_option() APR_LDAP_OPT_TLS_CERT option for details. + * @param result_err The returned result + */ APU_DECLARE(int) apr_ldap_ssl_init(apr_pool_t *pool, const char *cert_auth_file, int cert_file_type, apr_ldap_err_t **result_err); +/** + * APR LDAP SSL De-Initialise function + * + * This function tears down any SSL certificate setup previously + * set using apr_ldap_ssl_init(). It should be called to clean + * up if a graceful restart of a service is attempted. + * @todo currently we do not check whether apr_ldap_ssl_init() + * has been called first - we probably should. + */ APU_DECLARE(int) apr_ldap_ssl_deinit(void); +/** + * APR LDAP initialise function + * + * This function is responsible for initialising an LDAP + * connection in a toolkit independant way. It does the + * job of ldap_init() from the C api. + * + * It handles both the SSL and non-SSL case, and attempts + * to hide the complexity setup from the user. This function + * assumes that any certificate setup necessary has already + * been done. + * + * If SSL or STARTTLS needs to be enabled, and the underlying + * toolkit supports it, the following values are accepted for + * secure: + * + * APR_LDAP_NONE: No encryption + * APR_LDAP_SSL: SSL encryption (ldaps://) + * APR_LDAP_STARTTLS: Force STARTTLS on ldap:// + * @remark The Novell toolkit is only able to set the SSL mode via this + * function. To work around this limitation, set the SSL mode here if no + * per connection client certificates are present, otherwise set secure + * APR_LDAP_NONE here, then set the per connection client certificates, + * followed by setting the SSL mode via apr_ldap_set_option(). As Novell + * does not support per connection client certificates, this problem is + * worked around while still being compatible with other LDAP toolkits. + * @param pool The pool to use + * @param ldap The LDAP handle + * @param hostname The name of the host to connect to. This can be either a + * DNS name, or an IP address. + * @param portno The port to connect to + * @param secure The security mode to set + * @param result_err The returned result + */ APU_DECLARE(int) apr_ldap_init(apr_pool_t *pool, LDAP **ldap, const char *hostname, @@ -34,9 +110,19 @@ int secure, apr_ldap_err_t **result_err); +/** + * APR LDAP info function + * + * This function returns a string describing the LDAP toolkit + * currently in use. The string is placed inside result_err->reason. + * @param pool The pool to use + * @param result_err The returned result + */ APU_DECLARE(int) apr_ldap_info(apr_pool_t *pool, apr_ldap_err_t **result_err); #endif /* APR_HAS_LDAP */ + +/** @} */ #endif /* APR_LDAP_URL_H */
