You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@apr.apache.org by mi...@apache.org on 2005/01/20 09:39:34 UTC

svn commit: r125739 - /apr/apr-util/trunk/include/apr_ldap_init.h

Author: minfrin
Date: Thu Jan 20 00:39:31 2005
New Revision: 125739

URL: http://svn.apache.org/viewcvs?view=rev&rev=125739
Log:
Add documentation to the ldap_init functions.

Modified:
   apr/apr-util/trunk/include/apr_ldap_init.h

Modified: apr/apr-util/trunk/include/apr_ldap_init.h
Url: http://svn.apache.org/viewcvs/apr/apr-util/trunk/include/apr_ldap_init.h?view=diff&rev=125739&p1=apr/apr-util/trunk/include/apr_ldap_init.h&r1=125738&p2=apr/apr-util/trunk/include/apr_ldap_init.h&r2=125739
==============================================================================
--- apr/apr-util/trunk/include/apr_ldap_init.h	(original)
+++ apr/apr-util/trunk/include/apr_ldap_init.h	Thu Jan 20 00:39:31 2005
@@ -13,20 +13,96 @@
  * limitations under the License.
  */
 
+/**
+ * @file apr_ldap_init.h
+ * @brief  APR-UTIL LDAP ldap_init() functions
+ */
 #ifndef APR_LDAP_INIT_H
 #define APR_LDAP_INIT_H
 
+/**
+ * @defgroup APR_Util_LDAP LDAP
+ * @ingroup APR_Util
+ * @{
+ */
+
 #include "apr_ldap.h"
 
 #if APR_HAS_LDAP
 
+/**
+ * APR LDAP SSL Initialise function
+ *
+ * This function initialises SSL on the underlying LDAP toolkit
+ * if this is necessary.
+ *
+ * If a CA certificate is provided, this is set, however the setting
+ * of certificates via this method has been deprecated and will be removed in
+ * APR v2.0.
+ *
+ * The apr_ldap_set_option() function with the APR_LDAP_OPT_TLS_CERT option
+ * should be used instead to set certificates.
+ *
+ * If SSL support is not available on this platform, or a problem
+ * was encountered while trying to set the certificate, the function
+ * will return APR_EGENERAL. Further LDAP specific error information
+ * can be found in result_err.
+ * @param pool The pool to use
+ * @param cert_auth_file The name of the certificate to use, can be NULL
+ * @param cert_file_type The type of certificate specified. See the
+ * apr_ldap_set_option() APR_LDAP_OPT_TLS_CERT option for details.
+ * @param result_err The returned result
+ */
 APU_DECLARE(int) apr_ldap_ssl_init(apr_pool_t *pool,
                                    const char *cert_auth_file,
                                    int cert_file_type,
                                    apr_ldap_err_t **result_err);
 
+/**
+ * APR LDAP SSL De-Initialise function
+ *
+ * This function tears down any SSL certificate setup previously
+ * set using apr_ldap_ssl_init(). It should be called to clean
+ * up if a graceful restart of a service is attempted.
+ * @todo currently we do not check whether apr_ldap_ssl_init()
+ * has been called first - we probably should.
+ */
 APU_DECLARE(int) apr_ldap_ssl_deinit(void);
 
+/**
+ * APR LDAP initialise function
+ *
+ * This function is responsible for initialising an LDAP
+ * connection in a toolkit independant way. It does the
+ * job of ldap_init() from the C api.
+ *
+ * It handles both the SSL and non-SSL case, and attempts
+ * to hide the complexity setup from the user. This function
+ * assumes that any certificate setup necessary has already
+ * been done.
+ *
+ * If SSL or STARTTLS needs to be enabled, and the underlying
+ * toolkit supports it, the following values are accepted for
+ * secure:
+ *
+ * APR_LDAP_NONE: No encryption
+ * APR_LDAP_SSL: SSL encryption (ldaps://)
+ * APR_LDAP_STARTTLS: Force STARTTLS on ldap://
+ * @remark The Novell toolkit is only able to set the SSL mode via this
+ * function. To work around this limitation, set the SSL mode here if no
+ * per connection client certificates are present, otherwise set secure
+ * APR_LDAP_NONE here, then set the per connection client certificates,
+ * followed by setting the SSL mode via apr_ldap_set_option(). As Novell
+ * does not support per connection client certificates, this problem is
+ * worked around while still being compatible with other LDAP toolkits.
+ * @param pool The pool to use
+ * @param ldap The LDAP handle
+ * @param hostname The name of the host to connect to. This can be either a
+ * DNS name, or an IP address.
+ * @param portno The port to connect to
+ * @param secure The security mode to set
+ * @param result_err The returned result
+ */
 APU_DECLARE(int) apr_ldap_init(apr_pool_t *pool,
                                LDAP **ldap,
                                const char *hostname,
@@ -34,9 +110,19 @@
                                int secure,
                                apr_ldap_err_t **result_err);
 
+/**
+ * APR LDAP info function
+ *
+ * This function returns a string describing the LDAP toolkit
+ * currently in use. The string is placed inside result_err->reason.
+ * @param pool The pool to use
+ * @param result_err The returned result
+ */
 APU_DECLARE(int) apr_ldap_info(apr_pool_t *pool,
                                apr_ldap_err_t **result_err);
 
 #endif /* APR_HAS_LDAP */
+
+/** @} */
 
 #endif /* APR_LDAP_URL_H */