Imported openldap-2.4.23

2010-12-12 15:17:36 +00:00 · 2010-12-12 15:17:36 +00:00 · ef2f90d39c
parent 939300d48c
commit ef2f90d39c
1000 changed files with 11282 additions and 4265 deletions
--- a/external/bsd/openldap/dist/ANNOUNCEMENT
+++ b/external/bsd/openldap/dist/ANNOUNCEMENT
@ -106,6 +106,6 @@ SUPPORTED PLATFORMS
 ---
 OpenLDAP is a registered trademark of the OpenLDAP Foundation.

-Copyright 1999-2009 The OpenLDAP Foundation, Redwood City,
+Copyright 1999-2010 The OpenLDAP Foundation, Redwood City,
 California, USA.  All Rights Reserved.  Permission to copy and
 distribute verbatim copies of this document is granted.
--- a/external/bsd/openldap/dist/CHANGES
+++ b/external/bsd/openldap/dist/CHANGES
@ -1,5 +1,81 @@
 OpenLDAP 2.4 Change Log

+OpenLDAP 2.4.23 Release (2010/06/30)
+	Fixed libldap to return server's error code (ITS#6569)
+	Fixed libldap memleaks (ITS#6568)
+	Fixed liblutil off-by-one with delta (ITS#6541)
+	Fixed slapd acls with glued databases (ITS#6468)
+	Fixed slapd syncrepl rid logging (ITS#6533)
+	Fixed slapd modrdn handling of invalid values (ITS#6570)
+	Fixed slapd-bdb hasSubordinates computation (ITS#6549)
+	Fixed slapd-bdb to use memcpy instead for strcpy (ITS#6474)
+	Fixed slapd-bdb entry cache delete failure (ITS#6577)
+	Fixed slapd-ldap to return control responses (ITS#6530)
+	Fixed slapo-ppolicy to use Debug (ITS#6566)
+	Fixed slapo-refint to zero out freed DN vals (ITS#6572)
+	Fixed slapo-rwm to use Debug (ITS#6566)
+	Fixed slapo-sssvlv to use Debug (ITS#6566)
+	Fixed slapo-syncprov lost deletes in refresh phase (ITS#6555)
+	Fixed slapo-valsort to use Debug (ITS#6566)
+ 	Fixed contrib/nssov network.c missing patch (ITS#6562)
+	Build Environment
+		Fixed test043 attribute sorting (ITS#6553)
+	Documentation
+	        slapd-config(5) note default rootdn (ITS#6546)
+
+OpenLDAP 2.4.22 Release (2010/04/24)
+	Added slapd SLAP_SCHEMA_EXPOSE flag for hidden schema elements (ITS#6435)
+	Added slapd tools selective iterations (ITS#6442)
+	Added slapd syncrepl TCP keepalive (ITS#6389)
+	Added slapo-ldap idassert-passthru (ITS#6456)
+	Added slapo-pbind
+	Fixed libldap gmtime re-entrancy (ITS#6262)
+	Fixed libldap gssapi off by one error (ITS#6223)
+	Fixed libldap GnuTLS serial length (ITS#6460)
+	Fixed libldap MozNSS context and PEM support (ITS#6432)
+	Fixed libldap referral on bind behavior(ITS#6510)
+	Fixed slapd acl non-entry internal searches (ITS#6481)
+	Fixed slapd acl attrval style initialization (ITS#6520)
+	Fixed slapd certificateListValidate (ITS#6466)
+	Fixed slapd empty URI parsing (ITS#6465)
+	Fixed slapd glued misplaced entries (ITS#6506)
+	Fixed slapd glued paged cookies (ITS#6507)
+	Fixed slapd glued paged results (ITS#6504)
+	Fixed slapd gmtime re-entrancy (ITS#6262)
+	Fixed slapd to ignore controls with unrecognized flags (ITS#6480)
+	Fixed slapd entry ownership (ITS#5340)
+	Fixed slapd sasl auxprop_lookup (ITS#6441)
+	Fixed slapd sasl auxprop ssf (ITS#5195)
+	Fixed slapd syncrepl for attributes with no matching rule (ITS#6458)
+	Fixed slapd syncrepl for unknown attrs and delta-sync (ITS#6473)
+	Fixed slapd syncrepl loop with moddn (ITS#6472)
+	Fixed slapo-accesslog to not replicate internal purges (ITS#6519)
+	Fixed slapd-bdb contextCSN updates from updatedn (ITS#6469)
+	Fixed slapd-bdb lockobj zeroing (ITS#6501)
+	Fixed slapd-ldap/meta control criticality (ITS#6523)
+	Fixed slapd-ldap/meta with ordered values (ITS#6516)
+	Fixed slapo-collect entry ownership (ITS#5340,ITS#6423)
+	Fixed slapo-dds with NULL backend (ITS#6490)
+	Fixed slapo-dynlist entry ownership (ITS#5340,ITS#6423)
+	Fixed slapo-memberof attr count (ITS#6508)
+	Fixed slapo-pcache to release its own entries (ITS#6484)
+	Fixed slapo-pcache with NULL backend (ITS#6490)
+	Fixed slapo-rwm entry release handling (ITS#6484)
+	Fixed slapo-rwm memory handling with rewrites (ITS#6526)
+	Fixed slapo-rwm olcRwmMap handling (ITS#6436)
+	Fixed slapo-rwm entry ownership (ITS#5340,ITS#6423)
+	Fixed slapo-syncprov memory leak (ITS#6459)
+	Fixed slapo-translucent counter increment (ITS#6497)
+	Fixed slapo-valsort entry ownership (ITS#5340,ITS#6423)	
+	Fixed contrib/sha2 adds mechs for more hashes (ITS#6433)
+	Fixed contrib/nssov to use nss-pam-ldapd (ITS#6488)
+	Build Environment
+		Added back-ldif, back-null test support (ITS#5810)
+	Documentation
+		admin24 avoid explicit moduleload statements (ITS#6486)
+		admin24 broken link fixes (ITS#6493,ITS#6515)
+	        slapd.access(5) val.regex explanation (ITS#5804)
+
 OpenLDAP 2.4.21 Release (2009/12/20)
 	Fixed liblutil for negative microsecond offsets (ITS#6405)
 	Fixed slapd global settings to work without restart (ITS#6428)
@ -142,6 +218,8 @@ OpenLDAP 2.4.18 Release (2009/09/06)
 	Documentation
 		admin24 fix broken link (ITS#6264)
 		ldap_open(3) document URI (ITS#6261)
+		ldap_set/get_option(3) SASL/TLS options added (ITS#6260)
+		man page format updates (ITS#6023)

 OpenLDAP 2.4.17 Release (2009/07/13)
 	Fixed liblber to use ber_strnlen (ITS#6080)
--- a/external/bsd/openldap/dist/COPYRIGHT
+++ b/external/bsd/openldap/dist/COPYRIGHT
@ -1,4 +1,4 @@
-Copyright 1998-2009 The OpenLDAP Foundation
+Copyright 1998-2010 The OpenLDAP Foundation
 All rights reserved.

 Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/INSTALL
+++ b/external/bsd/openldap/dist/INSTALL
@ -107,7 +107,7 @@ $OpenLDAP: pkg/openldap-guide/release/install.sdf,v 1.16 2002/02/18

 This work is part of OpenLDAP Software <http://www.openldap.org/>.

-Copyright 1998-2009 The OpenLDAP Foundation.
+Copyright 1998-2010 The OpenLDAP Foundation.
 All rights reserved.

 Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/Makefile.in
+++ b/external/bsd/openldap/dist/Makefile.in
@ -1,8 +1,8 @@
 # Master Makefile for OpenLDAP
-# OpenLDAP: pkg/ldap/Makefile.in,v 1.30.2.4 2009/01/22 00:00:34 kurt Exp
+# OpenLDAP: pkg/ldap/Makefile.in,v 1.30.2.5 2010/04/13 20:22:14 kurt Exp
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/README
+++ b/external/bsd/openldap/dist/README
@ -74,11 +74,11 @@ CONTRIBUTING
    <http://www.openldap.org/its/> to be considered.

 ---
-OpenLDAP: pkg/ldap/README,v 1.40.2.13 2009/10/13 16:52:06 quanah Exp
+OpenLDAP: pkg/ldap/README,v 1.40.2.14 2010/04/13 20:22:14 kurt Exp

 This work is part of OpenLDAP Software <http://www.openldap.org/>.

-Copyright 1998-2009 The OpenLDAP Foundation.
+Copyright 1998-2010 The OpenLDAP Foundation.
 All rights reserved.

 Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/config.guess
+++ b/external/bsd/openldap/dist/build/config.guess
@ -4,7 +4,7 @@
 #   2000, 2001, 2002, 2003 Free Software Foundation, Inc.

 timestamp='2003-07-02-OpenLDAP'
-# OpenLDAP: pkg/ldap/build/config.guess,v 1.19.2.4 2009/01/22 00:00:41 kurt Exp
+# OpenLDAP: pkg/ldap/build/config.guess,v 1.19.2.5 2010/04/13 20:22:20 kurt Exp

 # This file is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License as published by
@ -29,7 +29,7 @@ timestamp='2003-07-02-OpenLDAP'
 # configuration script generated by Autoconf, and is distributable
 # under the same distributions terms as OpenLDAP itself.

-## Portions Copyright 1998-2009 The OpenLDAP Foundation.
+## Portions Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/config.sub
+++ b/external/bsd/openldap/dist/build/config.sub
@ -4,7 +4,7 @@
 #   2000, 2001, 2002, 2003 Free Software Foundation, Inc.

 timestamp='2003-07-04-OpenLDAP'
-# OpenLDAP: pkg/ldap/build/config.sub,v 1.19.2.4 2009/01/22 00:00:41 kurt Exp
+# OpenLDAP: pkg/ldap/build/config.sub,v 1.19.2.5 2010/04/13 20:22:20 kurt Exp

 # This file is (in principle) common to ALL GNU software.
 # The presence of a machine in this file suggests that SOME GNU software
@ -34,7 +34,7 @@ timestamp='2003-07-04-OpenLDAP'
 # configuration script generated by Autoconf, and is distributable
 # under the same distributions terms as OpenLDAP itself.

-## Portions Copyright 1998-2009 The OpenLDAP Foundation.
+## Portions Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/dir.mk
+++ b/external/bsd/openldap/dist/build/dir.mk
@ -1,7 +1,7 @@
-# OpenLDAP: pkg/ldap/build/dir.mk,v 1.17.2.4 2009/01/22 00:00:41 kurt Exp
+# OpenLDAP: pkg/ldap/build/dir.mk,v 1.17.2.5 2010/04/13 20:22:20 kurt Exp
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/info.mk
+++ b/external/bsd/openldap/dist/build/info.mk
@ -1,7 +1,7 @@
-# OpenLDAP: pkg/ldap/build/info.mk,v 1.12.2.4 2009/01/22 00:00:41 kurt Exp
+# OpenLDAP: pkg/ldap/build/info.mk,v 1.12.2.5 2010/04/13 20:22:20 kurt Exp
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/lib-shared.mk
+++ b/external/bsd/openldap/dist/build/lib-shared.mk
@ -1,7 +1,7 @@
-# OpenLDAP: pkg/ldap/build/lib-shared.mk,v 1.22.2.4 2009/01/22 00:00:41 kurt Exp
+# OpenLDAP: pkg/ldap/build/lib-shared.mk,v 1.22.2.5 2010/04/13 20:22:20 kurt Exp
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/lib-static.mk
+++ b/external/bsd/openldap/dist/build/lib-static.mk
@ -1,7 +1,7 @@
-# OpenLDAP: pkg/ldap/build/lib-static.mk,v 1.13.2.4 2009/01/22 00:00:41 kurt Exp
+# OpenLDAP: pkg/ldap/build/lib-static.mk,v 1.13.2.5 2010/04/13 20:22:20 kurt Exp
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/lib.mk
+++ b/external/bsd/openldap/dist/build/lib.mk
@ -1,7 +1,7 @@
-# OpenLDAP: pkg/ldap/build/lib.mk,v 1.23.2.5 2009/04/28 00:17:09 quanah Exp
+# OpenLDAP: pkg/ldap/build/lib.mk,v 1.23.2.6 2010/04/13 20:22:20 kurt Exp
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/ltmain.sh
+++ b/external/bsd/openldap/dist/build/ltmain.sh
@ -28,7 +28,7 @@
 # configuration script generated by Autoconf, and is distributable
 # under the same distributions terms as OpenLDAP itself.

-## Portions Copyright 1998-2009 The OpenLDAP Foundation.
+## Portions Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/man.mk
+++ b/external/bsd/openldap/dist/build/man.mk
@ -1,7 +1,7 @@
-# OpenLDAP: pkg/ldap/build/man.mk,v 1.32.2.6 2009/06/27 18:46:30 quanah Exp
+# OpenLDAP: pkg/ldap/build/man.mk,v 1.32.2.7 2010/04/13 20:22:21 kurt Exp
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/missing
+++ b/external/bsd/openldap/dist/build/missing
@ -29,7 +29,7 @@
 # configuration script generated by Autoconf, and is distributable
 # under the same distributions terms as OpenLDAP itself.

-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/mkdep
+++ b/external/bsd/openldap/dist/build/mkdep
@ -1,8 +1,8 @@
 #! /bin/sh -
-# OpenLDAP: pkg/ldap/build/mkdep,v 1.32.2.4 2009/01/22 00:00:41 kurt Exp
+# OpenLDAP: pkg/ldap/build/mkdep,v 1.32.2.5 2010/04/13 20:22:21 kurt Exp
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/mkdep.aix
+++ b/external/bsd/openldap/dist/build/mkdep.aix
@ -1,7 +1,7 @@
 #! /bin/sh
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/mkrelease
+++ b/external/bsd/openldap/dist/build/mkrelease
@ -1,8 +1,8 @@
 #! /bin/sh
-# OpenLDAP: pkg/ldap/build/mkrelease,v 1.23.2.5 2009/01/22 00:00:41 kurt Exp
+# OpenLDAP: pkg/ldap/build/mkrelease,v 1.23.2.6 2010/04/13 20:22:21 kurt Exp
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/mkvers.bat
+++ b/external/bsd/openldap/dist/build/mkvers.bat
@ -1,7 +1,7 @@
-:: OpenLDAP: pkg/ldap/build/mkvers.bat,v 1.7.2.4 2009/01/22 00:00:41 kurt Exp
+:: OpenLDAP: pkg/ldap/build/mkvers.bat,v 1.7.2.5 2010/04/13 20:22:21 kurt Exp
 :: This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ::
-:: Copyright 1998-2009 The OpenLDAP Foundation.
+:: Copyright 1998-2010 The OpenLDAP Foundation.
 :: All rights reserved.
 ::
 :: Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/mod.mk
+++ b/external/bsd/openldap/dist/build/mod.mk
@ -1,7 +1,7 @@
-# OpenLDAP: pkg/ldap/build/mod.mk,v 1.25.2.4 2009/01/22 00:00:41 kurt Exp
+# OpenLDAP: pkg/ldap/build/mod.mk,v 1.25.2.5 2010/04/13 20:22:21 kurt Exp
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/openldap.m4
+++ b/external/bsd/openldap/dist/build/openldap.m4
@ -1,8 +1,8 @@
 dnl OpenLDAP Autoconf Macros
-dnl OpenLDAP: pkg/ldap/build/openldap.m4,v 1.157.2.9 2009/01/22 00:00:41 kurt Exp
+dnl OpenLDAP: pkg/ldap/build/openldap.m4,v 1.157.2.10 2010/04/13 20:22:21 kurt Exp
 dnl This work is part of OpenLDAP Software <http://www.openldap.org/>.
 dnl
-dnl Copyright 1998-2009 The OpenLDAP Foundation.
+dnl Copyright 1998-2010 The OpenLDAP Foundation.
 dnl All rights reserved.
 dnl
 dnl Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/rules.mk
+++ b/external/bsd/openldap/dist/build/rules.mk
@ -1,7 +1,7 @@
-# OpenLDAP: pkg/ldap/build/rules.mk,v 1.15.2.4 2009/01/22 00:00:42 kurt Exp
+# OpenLDAP: pkg/ldap/build/rules.mk,v 1.15.2.5 2010/04/13 20:22:22 kurt Exp
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/srv.mk
+++ b/external/bsd/openldap/dist/build/srv.mk
@ -1,7 +1,7 @@
-# OpenLDAP: pkg/ldap/build/srv.mk,v 1.18.2.4 2009/01/22 00:00:42 kurt Exp
+# OpenLDAP: pkg/ldap/build/srv.mk,v 1.18.2.5 2010/04/13 20:22:22 kurt Exp
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/top.mk
+++ b/external/bsd/openldap/dist/build/top.mk
@ -1,7 +1,7 @@
-# OpenLDAP: pkg/ldap/build/top.mk,v 1.103.2.10 2009/07/06 19:22:52 quanah Exp
+# OpenLDAP: pkg/ldap/build/top.mk,v 1.103.2.11 2010/04/13 20:22:22 kurt Exp
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/version.h
+++ b/external/bsd/openldap/dist/build/version.h
@ -1,8 +1,8 @@
-/*	$NetBSD: version.h,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: version.h,v 1.1.1.3 2010/12/12 15:18:09 adam Exp $	*/

 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
@ -15,6 +15,6 @@
 */

 static const char copyright[] =
-"Copyright 1998-2009 The OpenLDAP Foundation.  All rights reserved.\n"
+"Copyright 1998-2010 The OpenLDAP Foundation.  All rights reserved.\n"
 "COPYING RESTRICTIONS APPLY.\n";

--- a/external/bsd/openldap/dist/build/version.sh
+++ b/external/bsd/openldap/dist/build/version.sh
@ -1,8 +1,8 @@
 #! /bin/sh
-# OpenLDAP: pkg/ldap/build/version.sh,v 1.16.2.4 2009/01/22 00:00:42 kurt Exp
+# OpenLDAP: pkg/ldap/build/version.sh,v 1.16.2.5 2010/04/13 20:22:22 kurt Exp
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/build/version.var
+++ b/external/bsd/openldap/dist/build/version.var
@ -1,8 +1,8 @@
 #! /bin/sh
-# OpenLDAP: pkg/ldap/build/version.var,v 1.9.2.67 2009/12/19 23:49:46 kurt Exp
+# OpenLDAP: pkg/ldap/build/version.var,v 1.9.2.73 2010/06/29 15:23:31 kurt Exp
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
@ -15,9 +15,9 @@
 ol_package=OpenLDAP
 ol_major=2
 ol_minor=4
-ol_patch=21
-ol_api_inc=20421
+ol_patch=23
+ol_api_inc=20423
 ol_api_current=7
-ol_api_revision=4
+ol_api_revision=6
 ol_api_age=5
-ol_release_date="2009/12/20"
+ol_release_date="2010/06/30"
--- a/external/bsd/openldap/dist/clients/Makefile.in
+++ b/external/bsd/openldap/dist/clients/Makefile.in
@ -1,8 +1,8 @@
 # Clients Makefile.in for OpenLDAP
-# OpenLDAP: pkg/ldap/clients/Makefile.in,v 1.17.2.4 2009/01/22 00:00:42 kurt Exp
+# OpenLDAP: pkg/ldap/clients/Makefile.in,v 1.17.2.5 2010/04/13 20:22:22 kurt Exp
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/clients/tools/Makefile.in
+++ b/external/bsd/openldap/dist/clients/tools/Makefile.in
@ -1,8 +1,8 @@
 # Makefile for LDAP tools
-# OpenLDAP: pkg/ldap/clients/tools/Makefile.in,v 1.45.2.5 2009/01/22 00:00:42 kurt Exp
+# OpenLDAP: pkg/ldap/clients/tools/Makefile.in,v 1.45.2.6 2010/04/13 20:22:22 kurt Exp
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2009 The OpenLDAP Foundation.
+## Copyright 1998-2010 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/clients/tools/common.h
+++ b/external/bsd/openldap/dist/clients/tools/common.h
@ -1,10 +1,10 @@
-/*	$NetBSD: common.h,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: common.h,v 1.1.1.3 2010/12/12 15:18:11 adam Exp $	*/

 /* common.h - common definitions for the ldap client tools */
-/* OpenLDAP: pkg/ldap/clients/tools/common.h,v 1.24.2.5 2009/07/22 20:02:20 quanah Exp */
+/* OpenLDAP: pkg/ldap/clients/tools/common.h,v 1.24.2.6 2010/04/13 20:22:22 kurt Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/clients/tools/ldapcompare.c
+++ b/external/bsd/openldap/dist/clients/tools/ldapcompare.c
@ -1,10 +1,10 @@
-/*	$NetBSD: ldapcompare.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: ldapcompare.c,v 1.1.1.3 2010/12/12 15:18:11 adam Exp $	*/

 /* ldapcompare.c -- LDAP compare tool */
-/* OpenLDAP: pkg/ldap/clients/tools/ldapcompare.c,v 1.43.2.7 2009/08/13 00:55:06 quanah Exp */
+/* OpenLDAP: pkg/ldap/clients/tools/ldapcompare.c,v 1.43.2.9 2010/04/15 22:16:49 quanah Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
 * Portions Copyright 1998-2003 Kurt D. Zeilenga.
 * Portions Copyright 1998-2001 Net Boolean Incorporated.
 * All rights reserved.
@ -232,16 +232,6 @@ main( int argc, char **argv )

 	ld = tool_conn_setup( 0, 0 );

-	if ( pw_file || want_bindpw ) {
-		if ( pw_file ) {
-			rc = lutil_get_filed_password( pw_file, &passwd );
-			if( rc ) return EXIT_FAILURE;
-		} else {
-			passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
-			passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
-		}
-	}
-
 	tool_bind( ld );

 	if ( 0
--- a/external/bsd/openldap/dist/clients/tools/ldapdelete.c
+++ b/external/bsd/openldap/dist/clients/tools/ldapdelete.c
@ -1,10 +1,10 @@
-/*	$NetBSD: ldapdelete.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: ldapdelete.c,v 1.1.1.3 2010/12/12 15:18:11 adam Exp $	*/

 /* ldapdelete.c - simple program to delete an entry using LDAP */
-/* OpenLDAP: pkg/ldap/clients/tools/ldapdelete.c,v 1.118.2.11 2009/08/13 00:55:06 quanah Exp */
+/* OpenLDAP: pkg/ldap/clients/tools/ldapdelete.c,v 1.118.2.13 2010/04/15 22:16:50 quanah Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
 * Portions Copyright 1998-2003 Kurt D. Zeilenga.
 * All rights reserved.
 *
@ -186,24 +186,10 @@ main( int argc, char **argv )
 		if ( optind >= argc ) {
 			fp = stdin;
 		}
-    }
+	}

 	ld = tool_conn_setup( 0, &private_conn_setup );

-	if ( pw_file || want_bindpw ) {
-		if ( pw_file ) {
-			rc = lutil_get_filed_password( pw_file, &passwd );
-			if( rc ) {
-				if ( fp && fp != stdin )
-					fclose( fp );
-				return EXIT_FAILURE;
-			}
-		} else {
-			passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
-			passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
-		}
-	}
-
 	tool_bind( ld );

 	tool_server_controls( ld, NULL, 0 );
--- a/external/bsd/openldap/dist/clients/tools/ldapexop.c
+++ b/external/bsd/openldap/dist/clients/tools/ldapexop.c
@ -1,10 +1,10 @@
-/*	$NetBSD: ldapexop.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: ldapexop.c,v 1.1.1.3 2010/12/12 15:18:11 adam Exp $	*/

 /* ldapexop.c -- a tool for performing well-known extended operations */
-/* OpenLDAP: pkg/ldap/clients/tools/ldapexop.c,v 1.9.2.6 2009/08/14 20:51:14 quanah Exp */
+/* OpenLDAP: pkg/ldap/clients/tools/ldapexop.c,v 1.9.2.8 2010/04/15 22:16:50 quanah Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 2005-2009 The OpenLDAP Foundation.
+ * Copyright 2005-2010 The OpenLDAP Foundation.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
@ -91,16 +91,6 @@ main( int argc, char *argv[] )
 		usage();
 	}

-	if ( pw_file || want_bindpw ) {
-		if ( pw_file ) {
-			rc = lutil_get_filed_password( pw_file, &passwd );
-			if( rc ) return EXIT_FAILURE;
-		} else {
-			passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
-			passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
-		}
-	}
-
 	ld = tool_conn_setup( 0, 0 );

 	tool_bind( ld );
--- a/external/bsd/openldap/dist/clients/tools/ldapmodify.c
+++ b/external/bsd/openldap/dist/clients/tools/ldapmodify.c
@ -1,10 +1,10 @@
-/*	$NetBSD: ldapmodify.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: ldapmodify.c,v 1.1.1.3 2010/12/12 15:18:12 adam Exp $	*/

 /* ldapmodify.c - generic program to modify or add entries using LDAP */
-/* OpenLDAP: pkg/ldap/clients/tools/ldapmodify.c,v 1.186.2.12 2009/08/13 00:55:07 quanah Exp */
+/* OpenLDAP: pkg/ldap/clients/tools/ldapmodify.c,v 1.186.2.14 2010/04/15 22:16:50 quanah Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
 * Portions Copyright 2006 Howard Chu.
 * Portions Copyright 1998-2003 Kurt D. Zeilenga.
 * Portions Copyright 1998-2001 Net Boolean Incorporated.
@ -287,15 +287,6 @@ main( int argc, char **argv )
 	ld = tool_conn_setup( dont, 0 );

 	if ( !dont ) {
-		if ( pw_file || want_bindpw ) {
-			if ( pw_file ) {
-				rc = lutil_get_filed_password( pw_file, &passwd );
-				if( rc ) return EXIT_FAILURE;
-			} else {
-				passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
-				passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
-			}
-		}
 		tool_bind( ld );
 	}

--- a/external/bsd/openldap/dist/clients/tools/ldapmodrdn.c
+++ b/external/bsd/openldap/dist/clients/tools/ldapmodrdn.c
@ -1,10 +1,10 @@
-/*	$NetBSD: ldapmodrdn.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: ldapmodrdn.c,v 1.1.1.3 2010/12/12 15:18:12 adam Exp $	*/

 /* ldapmodrdn.c - generic program to modify an entry's RDN using LDAP */
-/* OpenLDAP: pkg/ldap/clients/tools/ldapmodrdn.c,v 1.116.2.8 2009/08/13 00:55:07 quanah Exp */
+/* OpenLDAP: pkg/ldap/clients/tools/ldapmodrdn.c,v 1.116.2.10 2010/04/15 22:16:50 quanah Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
 * Portions Copyright 1998-2003 Kurt D. Zeilenga.
 * Portions Copyright 1998-2001 Net Boolean Incorporated.
 * Portions Copyright 2001-2003 IBM Corporation.
@ -196,19 +196,6 @@ main(int argc, char **argv)

 	ld = tool_conn_setup( 0, 0 );

-	if ( pw_file || want_bindpw ) {
-		if ( pw_file ) {
-			rc = lutil_get_filed_password( pw_file, &passwd );
-			if( rc ) {
-				retval = EXIT_FAILURE;
-				goto fail;
-			}
-		} else {
-			passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
-			passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
-		}
-	}
-
 	tool_bind( ld );

 	tool_server_controls( ld, NULL, 0 );
--- a/external/bsd/openldap/dist/clients/tools/ldappasswd.c
+++ b/external/bsd/openldap/dist/clients/tools/ldappasswd.c
@ -1,10 +1,10 @@
-/*	$NetBSD: ldappasswd.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: ldappasswd.c,v 1.1.1.3 2010/12/12 15:18:12 adam Exp $	*/

 /* ldappasswd -- a tool for change LDAP passwords */
-/* OpenLDAP: pkg/ldap/clients/tools/ldappasswd.c,v 1.136.2.8 2009/03/09 23:16:47 quanah Exp */
+/* OpenLDAP: pkg/ldap/clients/tools/ldappasswd.c,v 1.136.2.10 2010/04/15 22:16:50 quanah Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
 * Portions Copyright 1998-2003 Kurt D. Zeilenga.
 * Portions Copyright 1998-2001 Net Boolean Incorporated.
 * Portions Copyright 2001-2003 IBM Corporation.
@ -247,18 +247,6 @@ main( int argc, char *argv[] )
 		newpw.bv_len = strlen( newpw.bv_val );
 	}

-	if ( pw_file ) {
-		rc = lutil_get_filed_password( pw_file, &passwd );
-		if( rc ) {
-			rc = EXIT_FAILURE;
-			goto done;
-		}
-
-	} else if ( want_bindpw ) {
-		passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
-		passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
-	}
-
 	ld = tool_conn_setup( 0, 0 );

 	tool_bind( ld );
--- a/external/bsd/openldap/dist/clients/tools/ldapsearch.c
+++ b/external/bsd/openldap/dist/clients/tools/ldapsearch.c
@ -1,10 +1,10 @@
-/*	$NetBSD: ldapsearch.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: ldapsearch.c,v 1.1.1.3 2010/12/12 15:18:13 adam Exp $	*/

 /* ldapsearch -- a tool for searching LDAP directories */
-/* OpenLDAP: pkg/ldap/clients/tools/ldapsearch.c,v 1.234.2.23 2009/08/25 22:58:08 quanah Exp */
+/* OpenLDAP: pkg/ldap/clients/tools/ldapsearch.c,v 1.234.2.25 2010/04/15 22:16:50 quanah Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
 * Portions Copyright 1998-2003 Kurt D. Zeilenga.
 * Portions Copyright 1998-2001 Net Boolean Incorporated.
 * Portions Copyright 2001-2003 IBM Corporation.
@ -901,16 +901,6 @@ main( int argc, char **argv )

 	ld = tool_conn_setup( 0, &private_conn_setup );

-	if ( pw_file || want_bindpw ) {
-		if ( pw_file ) {
-			rc = lutil_get_filed_password( pw_file, &passwd );
-			if( rc ) return EXIT_FAILURE;
-		} else {
-			passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
-			passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
-		}
-	}
-
 	tool_bind( ld );

 getNextPage:
--- a/external/bsd/openldap/dist/clients/tools/ldapurl.c
+++ b/external/bsd/openldap/dist/clients/tools/ldapurl.c
@ -1,10 +1,10 @@
-/*	$NetBSD: ldapurl.c,v 1.1.1.1 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: ldapurl.c,v 1.1.1.2 2010/12/12 15:18:13 adam Exp $	*/

 /* ldapurl -- a tool for generating LDAP URLs */
-/* OpenLDAP: pkg/ldap/clients/tools/ldapurl.c,v 1.1.2.2 2009/01/22 00:00:43 kurt Exp */
+/* OpenLDAP: pkg/ldap/clients/tools/ldapurl.c,v 1.1.2.3 2010/04/13 20:22:23 kurt Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 2008-2009 The OpenLDAP Foundation.
+ * Copyright 2008-2010 The OpenLDAP Foundation.
 * Portions Copyright 2008 Pierangelo Masarati, SysNet
 * All rights reserved.
 *
--- a/external/bsd/openldap/dist/clients/tools/ldapwhoami.c
+++ b/external/bsd/openldap/dist/clients/tools/ldapwhoami.c
@ -1,10 +1,10 @@
-/*	$NetBSD: ldapwhoami.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: ldapwhoami.c,v 1.1.1.3 2010/12/12 15:18:13 adam Exp $	*/

 /* ldapwhoami.c -- a tool for asking the directory "Who Am I?" */
-/* OpenLDAP: pkg/ldap/clients/tools/ldapwhoami.c,v 1.42.2.5 2009/01/22 00:00:43 kurt Exp */
+/* OpenLDAP: pkg/ldap/clients/tools/ldapwhoami.c,v 1.42.2.7 2010/04/15 22:16:50 quanah Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
 * Portions Copyright 1998-2003 Kurt D. Zeilenga.
 * Portions Copyright 1998-2001 Net Boolean Incorporated.
 * Portions Copyright 2001-2003 IBM Corporation.
@ -131,16 +131,6 @@ main( int argc, char *argv[] )
 		usage();
 	}

-	if ( pw_file || want_bindpw ) {
-		if ( pw_file ) {
-			rc = lutil_get_filed_password( pw_file, &passwd );
-			if( rc ) return EXIT_FAILURE;
-		} else {
-			passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
-			passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
-		}
-	}
-
 	ld = tool_conn_setup( 0, 0 );

 	tool_bind( ld );
--- a/external/bsd/openldap/dist/configure
+++ b/external/bsd/openldap/dist/configure
@ -1,9 +1,9 @@
 #! /bin/sh
-# From configure.in OpenLDAP: pkg/ldap/configure.in,v 1.631.2.27 2009/09/30 00:24:39 hyc Exp .
+# From configure.in OpenLDAP: pkg/ldap/configure.in,v 1.631.2.29 2010/04/19 16:53:00 quanah Exp .
 # Guess values for system-dependent variables and create Makefiles.
 # Generated by GNU Autoconf 2.61.
 #
-# Copyright 1998-2009 The OpenLDAP Foundation. All rights reserved.
+# Copyright 1998-2010 The OpenLDAP Foundation. All rights reserved.
 # Restrictions apply, see COPYRIGHT and LICENSE files.
 #
 # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@ -1716,7 +1716,7 @@ Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
 This configure script is free software; the Free Software Foundation
 gives unlimited permission to copy, distribute and modify it.

-Copyright 1998-2009 The OpenLDAP Foundation. All rights reserved.
+Copyright 1998-2010 The OpenLDAP Foundation. All rights reserved.
 Restrictions apply, see COPYRIGHT and LICENSE files.
 _ACEOF
  exit
@ -27409,8 +27409,11 @@ fi



+
+
 for ac_func in \
 	ctime_r			\
+	gmtime_r localtime_r \
 	gethostbyname_r	gethostbyaddr_r \

 do
@ -40122,7 +40125,7 @@ rm -f $BACKENDSC
 cat > $BACKENDSC << ENDX
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
@ -40173,7 +40176,7 @@ rm -f $OVERLAYSC
 cat > $OVERLAYSC << ENDX
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/configure.in
+++ b/external/bsd/openldap/dist/configure.in
@ -1,7 +1,7 @@
-dnl OpenLDAP: pkg/ldap/configure.in,v 1.631.2.27 2009/09/30 00:24:39 hyc Exp
+dnl OpenLDAP: pkg/ldap/configure.in,v 1.631.2.29 2010/04/19 16:53:00 quanah Exp
 dnl This work is part of OpenLDAP Software <http://www.openldap.org/>.
 dnl
-dnl Copyright 1998-2009 The OpenLDAP Foundation.
+dnl Copyright 1998-2010 The OpenLDAP Foundation.
 dnl All rights reserved.
 dnl
 dnl Redistribution and use in source and binary forms, with or without
@ -23,9 +23,9 @@ define([AC_LIBTOOL_LANG_F77_CONFIG], [:])dnl
 define([AC_LIBTOOL_LANG_GCJ_CONFIG], [:])dnl
 dnl ================================================================
 dnl Configure.in for OpenLDAP
-AC_COPYRIGHT([[Copyright 1998-2009 The OpenLDAP Foundation. All rights reserved.
+AC_COPYRIGHT([[Copyright 1998-2010 The OpenLDAP Foundation. All rights reserved.
 Restrictions apply, see COPYRIGHT and LICENSE files.]])
-AC_REVISION([OpenLDAP: pkg/ldap/configure.in,v 1.631.2.27 2009/09/30 00:24:39 hyc Exp])
+AC_REVISION([OpenLDAP: pkg/ldap/configure.in,v 1.631.2.29 2010/04/19 16:53:00 quanah Exp])
 AC_INIT([OpenLDAP],,[http://www.openldap.org/its/])
 m4_define([AC_PACKAGE_BUGREPORT],[<http://www.openldap.org/its/>])
 AC_CONFIG_SRCDIR(build/version.sh)dnl
@ -96,7 +96,7 @@ AH_TOP([
 /* begin of portable.h.pre */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 1998-2009 The OpenLDAP Foundation
+ * Copyright 1998-2010 The OpenLDAP Foundation
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
@ -1836,6 +1836,7 @@ dnl ----------------------------------------------------------------
 dnl Tests for reentrant functions necessary to build -lldap_r
 AC_CHECK_FUNCS(		\
 	ctime_r			\
+	gmtime_r localtime_r \
 	gethostbyname_r	gethostbyaddr_r \
 )

@ -3178,7 +3179,7 @@ rm -f $BACKENDSC
 cat > $BACKENDSC << ENDX
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
@ -3229,7 +3230,7 @@ rm -f $OVERLAYSC
 cat > $OVERLAYSC << ENDX
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/contrib/ldapc++/COPYRIGHT
+++ b/external/bsd/openldap/dist/contrib/ldapc++/COPYRIGHT
@ -1,4 +1,4 @@
-Copyright 1998-2009 The OpenLDAP Foundation
+Copyright 1998-2010 The OpenLDAP Foundation
 All rights reserved.

 Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/contrib/ldapc++/configure
+++ b/external/bsd/openldap/dist/contrib/ldapc++/configure
@ -5,7 +5,7 @@
 #
 # Report bugs to <http://www.openldap.org/its/ >.
 #
-# Copyright 2000-2009 The OpenLDAP Foundation. All rights reserved.
+# Copyright 2000-2010 The OpenLDAP Foundation. All rights reserved.
 # Restrictions apply, see COPYRIGHT and LICENSE files.
 #
 # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@ -1581,7 +1581,7 @@ Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
 This configure script is free software; the Free Software Foundation
 gives unlimited permission to copy, distribute and modify it.

-Copyright 2000-2009 The OpenLDAP Foundation. All rights reserved.
+Copyright 2000-2010 The OpenLDAP Foundation. All rights reserved.
 Restrictions apply, see COPYRIGHT and LICENSE files.
 _ACEOF
  exit
--- a/external/bsd/openldap/dist/contrib/ldapc++/configure.in
+++ b/external/bsd/openldap/dist/contrib/ldapc++/configure.in
@ -1,13 +1,13 @@
-dnl OpenLDAP: pkg/ldap/contrib/ldapc++/configure.in,v 1.8.2.8 2009/01/22 00:00:44 kurt Exp
+dnl OpenLDAP: pkg/ldap/contrib/ldapc++/configure.in,v 1.8.2.9 2010/04/13 20:22:24 kurt Exp

 dnl Copyright 2000-2008, OpenLDAP Foundation, All Rights Reserved.
 dnl COPYING RESTRICTIONS APPLY, see COPYRIGHT file

 dnl Process this file with autoconf to produce a configure script.

-AC_COPYRIGHT([[Copyright 2000-2009 The OpenLDAP Foundation. All rights reserved.
+AC_COPYRIGHT([[Copyright 2000-2010 The OpenLDAP Foundation. All rights reserved.
 Restrictions apply, see COPYRIGHT and LICENSE files.]])
-AC_REVISION([OpenLDAP: pkg/ldap/contrib/ldapc++/configure.in,v 1.8.2.8 2009/01/22 00:00:44 kurt Exp])
+AC_REVISION([OpenLDAP: pkg/ldap/contrib/ldapc++/configure.in,v 1.8.2.9 2010/04/13 20:22:24 kurt Exp])
 AC_INIT(ldapcpplib, [] , [http://www.openldap.org/its/] )
 AC_CONFIG_SRCDIR(src/LDAPConnection.h)
 AM_INIT_AUTOMAKE(foreign)
--- a/external/bsd/openldap/dist/contrib/ldapc++/doxygen.rc
+++ b/external/bsd/openldap/dist/contrib/ldapc++/doxygen.rc
@ -1,4 +1,4 @@
-# OpenLDAP: pkg/ldap/contrib/ldapc++/doxygen.rc,v 1.2.10.2 2008/04/14 23:20:12 quanah Exp
+# OpenLDAP: pkg/ldap/contrib/ldapc++/doxygen.rc,v 1.2.10.3 2010/04/14 23:50:43 quanah Exp

 # Doxyfile 1.5.4

@ -262,7 +262,7 @@ EXTRACT_ALL            = YES
 # If the EXTRACT_PRIVATE tag is set to YES all private members of a class 
 # will be included in the documentation.

-EXTRACT_PRIVATE        = YES
+EXTRACT_PRIVATE        = NO

 # If the EXTRACT_STATIC tag is set to YES all static members of a file 
 # will be included in the documentation.
@ -273,7 +273,7 @@ EXTRACT_STATIC         = NO
 # defined locally in source files will be included in the documentation. 
 # If set to NO only classes defined in header files are included.

-EXTRACT_LOCAL_CLASSES  = YES
+EXTRACT_LOCAL_CLASSES  = NO

 # This flag is only useful for Objective-C code. When set to YES local 
 # methods, which are defined in the implementation section but not in 
--- a/external/bsd/openldap/dist/contrib/ldapc++/examples/Makefile.am
+++ b/external/bsd/openldap/dist/contrib/ldapc++/examples/Makefile.am
@ -1,11 +1,11 @@
-# OpenLDAP: pkg/ldap/contrib/ldapc++/examples/Makefile.am,v 1.2.4.3 2008/04/14 23:18:59 quanah Exp
+# OpenLDAP: pkg/ldap/contrib/ldapc++/examples/Makefile.am,v 1.2.4.4 2010/04/14 23:50:43 quanah Exp

 ##
 # Copyright 2003, OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT file
 ##
 AM_CPPFLAGS = -I$(top_srcdir)/src
-noinst_PROGRAMS = main readSchema urlTest
+noinst_PROGRAMS = main readSchema startTls urlTest

 main_SOURCES = main.cpp
 main_LDADD = ../src/libldapcpp.la
@ -13,5 +13,8 @@ main_LDADD = ../src/libldapcpp.la
 readSchema_SOURCES = readSchema.cpp
 readSchema_LDADD = ../src/libldapcpp.la

+startTls_SOURCES = startTls.cpp
+startTls_LDADD = ../src/libldapcpp.la
+
 urlTest_SOURCES = urlTest.cpp
 urlTest_LDADD = ../src/libldapcpp.la
--- a/external/bsd/openldap/dist/contrib/ldapc++/examples/Makefile.in
+++ b/external/bsd/openldap/dist/contrib/ldapc++/examples/Makefile.in
@ -1,8 +1,9 @@
-# Makefile.in generated by automake 1.10.1 from Makefile.am.
+# Makefile.in generated by automake 1.11 from Makefile.am.
 # @configure_input@

 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008  Free Software Foundation, Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
+# Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@ -14,12 +15,13 @@

@SET_MAKE@

-# OpenLDAP: pkg/ldap/contrib/ldapc++/examples/Makefile.in,v 1.3.2.4 2008/07/09 22:48:25 quanah Exp
+# OpenLDAP: pkg/ldap/contrib/ldapc++/examples/Makefile.in,v 1.3.2.5 2010/04/14 23:50:43 quanah Exp

 VPATH = @srcdir@
 pkgdatadir = $(datadir)/@PACKAGE@
-pkglibdir = $(libdir)/@PACKAGE@
 pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
 am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
 install_sh_DATA = $(install_sh) -c -m 644
 install_sh_PROGRAM = $(install_sh) -c
@ -34,7 +36,8 @@ PRE_UNINSTALL = :
 POST_UNINSTALL = :
 build_triplet = @build@
 host_triplet = @host@
-noinst_PROGRAMS = main$(EXEEXT) readSchema$(EXEEXT) urlTest$(EXEEXT)
+noinst_PROGRAMS = main$(EXEEXT) readSchema$(EXEEXT) startTls$(EXEEXT) \
+	urlTest$(EXEEXT)
 subdir = examples
 DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
@ -44,6 +47,7 @@ am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/src/config.h
 CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
 PROGRAMS = $(noinst_PROGRAMS)
 am_main_OBJECTS = main.$(OBJEXT)
 main_OBJECTS = $(am_main_OBJECTS)
@ -51,12 +55,16 @@ main_DEPENDENCIES = ../src/libldapcpp.la
 am_readSchema_OBJECTS = readSchema.$(OBJEXT)
 readSchema_OBJECTS = $(am_readSchema_OBJECTS)
 readSchema_DEPENDENCIES = ../src/libldapcpp.la
+am_startTls_OBJECTS = startTls.$(OBJEXT)
+startTls_OBJECTS = $(am_startTls_OBJECTS)
+startTls_DEPENDENCIES = ../src/libldapcpp.la
 am_urlTest_OBJECTS = urlTest.$(OBJEXT)
 urlTest_OBJECTS = $(am_urlTest_OBJECTS)
 urlTest_DEPENDENCIES = ../src/libldapcpp.la
 DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/src
 depcomp = $(SHELL) $(top_srcdir)/depcomp
 am__depfiles_maybe = depfiles
+am__mv = mv -f
 CXXCOMPILE = $(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
 	$(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS)
 LTCXXCOMPILE = $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
@ -66,9 +74,10 @@ CXXLD = $(CXX)
 CXXLINK = $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
 	--mode=link $(CXXLD) $(AM_CXXFLAGS) $(CXXFLAGS) $(AM_LDFLAGS) \
 	$(LDFLAGS) -o $@
-SOURCES = $(main_SOURCES) $(readSchema_SOURCES) $(urlTest_SOURCES)
-DIST_SOURCES = $(main_SOURCES) $(readSchema_SOURCES) \
+SOURCES = $(main_SOURCES) $(readSchema_SOURCES) $(startTls_SOURCES) \
 	$(urlTest_SOURCES)
+DIST_SOURCES = $(main_SOURCES) $(readSchema_SOURCES) \
+	$(startTls_SOURCES) $(urlTest_SOURCES)
 ETAGS = etags
 CTAGS = ctags
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
@ -92,31 +101,36 @@ CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
 DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
 ECHO_N = @ECHO_N@
 ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
 GREP = @GREP@
 INSTALL = @INSTALL@
 INSTALL_DATA = @INSTALL_DATA@
 INSTALL_PROGRAM = @INSTALL_PROGRAM@
 INSTALL_SCRIPT = @INSTALL_SCRIPT@
 INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
 LDFLAGS = @LDFLAGS@
 LIBOBJS = @LIBOBJS@
 LIBS = @LIBS@
 LIBTOOL = @LIBTOOL@
+LIPO = @LIPO@
 LN_S = @LN_S@
 LTLIBOBJS = @LTLIBOBJS@
 MAKEINFO = @MAKEINFO@
 MKDIR_P = @MKDIR_P@
+NM = @NM@
 NMEDIT = @NMEDIT@
+OBJDUMP = @OBJDUMP@
 OBJEXT = @OBJEXT@
 OPENLDAP_CPP_API_VERSION = @OPENLDAP_CPP_API_VERSION@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
 PACKAGE = @PACKAGE@
 PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
 PACKAGE_NAME = @PACKAGE_NAME@
@ -136,7 +150,7 @@ abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
 am__leading_dot = @am__leading_dot@
 am__quote = @am__quote@
@ -167,6 +181,7 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@ -179,6 +194,7 @@ sharedstatedir = @sharedstatedir@
 srcdir = @srcdir@
 sysconfdir = @sysconfdir@
 target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
 top_builddir = @top_builddir@
 top_srcdir = @top_srcdir@

@ -189,6 +205,8 @@ main_SOURCES = main.cpp
 main_LDADD = ../src/libldapcpp.la
 readSchema_SOURCES = readSchema.cpp
 readSchema_LDADD = ../src/libldapcpp.la
+startTls_SOURCES = startTls.cpp
+startTls_LDADD = ../src/libldapcpp.la
 urlTest_SOURCES = urlTest.cpp
 urlTest_LDADD = ../src/libldapcpp.la
 all: all-am
@ -199,14 +217,14 @@ $(srcdir)/Makefile.in:  $(srcdir)/Makefile.am  $(am__configure_deps)
 	@for dep in $?; do \
 	  case '$(am__configure_deps)' in \
 	    *$$dep*) \
-	      cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
-		&& exit 0; \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
 	      exit 1;; \
 	  esac; \
 	done; \
-	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign  examples/Makefile'; \
-	cd $(top_srcdir) && \
-	  $(AUTOMAKE) --foreign  examples/Makefile
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign examples/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign examples/Makefile
 .PRECIOUS: Makefile
 Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
 	@case '$?' in \
@ -224,19 +242,25 @@ $(top_srcdir)/configure:  $(am__configure_deps)
 	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
 $(ACLOCAL_M4):  $(am__aclocal_m4_deps)
 	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):

 clean-noinstPROGRAMS:
-	@list='$(noinst_PROGRAMS)'; for p in $$list; do \
-	  f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
-	  echo " rm -f $$p $$f"; \
-	  rm -f $$p $$f ; \
-	done
+	@list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \
+	echo " rm -f" $$list; \
+	rm -f $$list || exit $$?; \
+	test -n "$(EXEEXT)" || exit 0; \
+	list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
+	echo " rm -f" $$list; \
+	rm -f $$list
 main$(EXEEXT): $(main_OBJECTS) $(main_DEPENDENCIES) 
 	@rm -f main$(EXEEXT)
 	$(CXXLINK) $(main_OBJECTS) $(main_LDADD) $(LIBS)
 readSchema$(EXEEXT): $(readSchema_OBJECTS) $(readSchema_DEPENDENCIES) 
 	@rm -f readSchema$(EXEEXT)
 	$(CXXLINK) $(readSchema_OBJECTS) $(readSchema_LDADD) $(LIBS)
+startTls$(EXEEXT): $(startTls_OBJECTS) $(startTls_DEPENDENCIES) 
+	@rm -f startTls$(EXEEXT)
+	$(CXXLINK) $(startTls_OBJECTS) $(startTls_LDADD) $(LIBS)
 urlTest$(EXEEXT): $(urlTest_OBJECTS) $(urlTest_DEPENDENCIES) 
 	@rm -f urlTest$(EXEEXT)
 	$(CXXLINK) $(urlTest_OBJECTS) $(urlTest_LDADD) $(LIBS)
@ -249,25 +273,26 @@ distclean-compile:

@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/main.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/readSchema.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/startTls.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/urlTest.Po@am__quote@

 .cpp.o:
@am__fastdepCXX_TRUE@	$(CXXCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCXX_TRUE@	mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCXX_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
@AMDEP_TRUE@@am__fastdepCXX_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCXX_FALSE@	DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCXX_FALSE@	$(CXXCOMPILE) -c -o $@ $<

 .cpp.obj:
@am__fastdepCXX_TRUE@	$(CXXCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
-@am__fastdepCXX_TRUE@	mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCXX_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
@AMDEP_TRUE@@am__fastdepCXX_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCXX_FALSE@	DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCXX_FALSE@	$(CXXCOMPILE) -c -o $@ `$(CYGPATH_W) '$<'`

 .cpp.lo:
@am__fastdepCXX_TRUE@	$(LTCXXCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCXX_TRUE@	mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@am__fastdepCXX_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
@AMDEP_TRUE@@am__fastdepCXX_FALSE@	source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCXX_FALSE@	DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCXX_FALSE@	$(LTCXXCOMPILE) -c -o $@ $<
@ -283,14 +308,14 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
 	unique=`for i in $$list; do \
 	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
 	  done | \
-	  $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
+	  $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
 	      END { if (nonempty) { for (i in files) print i; }; }'`; \
 	mkid -fID $$unique
 tags: TAGS

 TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 		$(TAGS_FILES) $(LISP)
-	tags=; \
+	set x; \
 	here=`pwd`; \
 	list='$(SOURCES) $(HEADERS)  $(LISP) $(TAGS_FILES)'; \
 	unique=`for i in $$list; do \
@ -298,29 +323,34 @@ TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 	  done | \
 	  $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
 	      END { if (nonempty) { for (i in files) print i; }; }'`; \
-	if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
 	  test -n "$$unique" || unique=$$empty_fix; \
-	  $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
-	    $$tags $$unique; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
 	fi
 ctags: CTAGS
 CTAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 		$(TAGS_FILES) $(LISP)
-	tags=; \
 	list='$(SOURCES) $(HEADERS)  $(LISP) $(TAGS_FILES)'; \
 	unique=`for i in $$list; do \
 	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
 	  done | \
 	  $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
 	      END { if (nonempty) { for (i in files) print i; }; }'`; \
-	test -z "$(CTAGS_ARGS)$$tags$$unique" \
+	test -z "$(CTAGS_ARGS)$$unique" \
 	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
-	     $$tags $$unique
+	     $$unique

 GTAGS:
 	here=`$(am__cd) $(top_builddir) && pwd` \
-	  && cd $(top_srcdir) \
-	  && gtags -i $(GTAGS_ARGS) $$here
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"

 distclean-tags:
 	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
@ -341,13 +371,17 @@ distdir: $(DISTFILES)
 	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
 	  if test -d $$d/$$file; then \
 	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
-	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
-	      cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
 	    fi; \
-	    cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
 	  else \
-	    test -f $(distdir)/$$file \
-	    || cp -p $$d/$$file $(distdir)/$$file \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
 	    || exit 1; \
 	  fi; \
 	done
@ -375,6 +409,7 @@ clean-generic:

 distclean-generic:
 	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)

 maintainer-clean-generic:
 	@echo "This command is intended for maintainers to use"
@ -396,6 +431,8 @@ dvi-am:

 html: html-am

+html-am:
+
 info: info-am

 info-am:
@ -404,18 +441,28 @@ install-data-am:

 install-dvi: install-dvi-am

+install-dvi-am:
+
 install-exec-am:

 install-html: install-html-am

+install-html-am:
+
 install-info: install-info-am

+install-info-am:
+
 install-man:

 install-pdf: install-pdf-am

+install-pdf-am:
+
 install-ps: install-ps-am

+install-ps-am:
+
 installcheck-am:

 maintainer-clean: maintainer-clean-am
@ -453,6 +500,7 @@ uninstall-am:
 	mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
 	pdf pdf-am ps ps-am tags uninstall uninstall-am

+
 # Tell versions [3.59,3.63) of GNU make to not export all variables.
 # Otherwise a system limit (for SysV at least) may be exceeded.
 .NOEXPORT:
--- a/external/bsd/openldap/dist/contrib/ldapc++/examples/startTls.cpp
+++ b/external/bsd/openldap/dist/contrib/ldapc++/examples/startTls.cpp
@ -0,0 +1,79 @@
+// OpenLDAP: pkg/ldap/contrib/ldapc++/examples/startTls.cpp,v 1.1.2.2 2010/04/14 23:50:43 quanah Exp
+/*
+ * Copyright 2010, OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include <iostream>
+#include <string>
+#include "LDAPAsynConnection.h"
+#include "TlsOptions.h"
+
+int main( int argc, char* argv[]){
+    if ( argc != 4 ){
+        std::cerr << "usage: " << argv[0] << " <ldap-uri> <cacertfile> <cacertdir>" << std::endl;
+        return(-1);
+    }
+    std::string uri(argv[1]);
+    std::string cacert(argv[2]);
+    std::string cadir(argv[3]);
+    TlsOptions tls;
+    std::cout << "Current global settings:" << std::endl;
+    std::cout << "    CaCertfile: " << tls.getStringOption( TlsOptions::CACERTFILE) << std::endl;
+    std::cout << "    CaCertDir: " << tls.getStringOption( TlsOptions::CACERTDIR ) << std::endl;
+    std::cout << "    Require Cert: " << tls.getIntOption( TlsOptions::REQUIRE_CERT ) << std::endl;
+    std::cout << "Applying new settings:" << std::endl;
+    tls.setOption( TlsOptions::CACERTFILE, cacert );
+    tls.setOption( TlsOptions::REQUIRE_CERT, TlsOptions::DEMAND );
+    std::cout << "    CaCertfile: " << tls.getStringOption( TlsOptions::CACERTFILE ) << std::endl;
+    std::cout << "    Require Cert: " << tls.getIntOption( TlsOptions::REQUIRE_CERT ) << std::endl;
+    
+    try {
+        // 1. connect using global options
+        LDAPAsynConnection l(uri);
+        try {
+            l.start_tls();
+            std::cout << "StartTLS successful." << std::endl;
+            l.unbind();
+        } catch ( LDAPException e ) {
+            std::cerr << e << std::endl;
+        }
+
+        // 2. connect using connection specific option
+        l = LDAPAsynConnection(uri);
+        tls=l.getTlsOptions();
+        std::cout << "Current connection specific settings:" << std::endl;
+        std::cout << "    CaCertfile: " << tls.getStringOption( TlsOptions::CACERTFILE) << std::endl;
+        std::cout << "    CaCertDir: " << tls.getStringOption( TlsOptions::CACERTDIR ) << std::endl;
+        std::cout << "    Require Cert: " << tls.getIntOption( TlsOptions::REQUIRE_CERT ) << std::endl;
+        std::cout << "Applying new settings:" << std::endl;
+        tls.setOption( TlsOptions::CACERTDIR, cadir );
+        tls.setOption( TlsOptions::REQUIRE_CERT, TlsOptions::DEMAND );
+        std::cout << "    CaCertDir: " << tls.getStringOption( TlsOptions::CACERTDIR ) << std::endl;
+        std::cout << "    Require Cert: " << tls.getIntOption( TlsOptions::REQUIRE_CERT ) << std::endl;
+        try {
+            l.start_tls();
+            std::cout << "StartTLS successful." << std::endl;
+            l.unbind();
+        } catch ( LDAPException e ) {
+            std::cerr << e << std::endl;
+        }
+        
+        // 3. and once again using the globals
+        try {
+            LDAPAsynConnection l2(uri);
+            TlsOptions tls2;
+            std::cout << "Current global settings:" << std::endl;
+            std::cout << "    CaCertfile: " << tls2.getStringOption( TlsOptions::CACERTFILE) << std::endl;
+            std::cout << "    CaCertDir: " << tls2.getStringOption( TlsOptions::CACERTDIR ) << std::endl;
+            std::cout << "    Require Cert: " << tls2.getIntOption( TlsOptions::REQUIRE_CERT ) << std::endl;
+            l2.start_tls();
+            std::cout << "StartTLS successful." << std::endl;
+            l2.unbind();
+        } catch ( LDAPException e ) {
+            std::cerr << e << std::endl;
+        }
+    } catch ( LDAPException e ) {
+        std::cerr << e << std::endl;
+    }
+}    
--- a/external/bsd/openldap/dist/contrib/ldapc++/src/LDAPAsynConnection.cpp
+++ b/external/bsd/openldap/dist/contrib/ldapc++/src/LDAPAsynConnection.cpp
@ -1,4 +1,4 @@
-// OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPAsynConnection.cpp,v 1.13.2.6 2008/04/14 23:09:26 quanah Exp
+// OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPAsynConnection.cpp,v 1.13.2.7 2010/04/14 23:50:44 quanah Exp
 /*
 * Copyright 2000-2006, OpenLDAP Foundation, All Rights Reserved.
 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@ -21,6 +21,7 @@
 #include "LDAPRebind.h"
 #include "LDAPRebindAuth.h"
 #include "LDAPSearchRequest.h"
+#include <lber.h>
 #include <sstream>

 using namespace std;
@ -42,12 +43,7 @@ LDAPAsynConnection::LDAPAsynConnection(const string& url, int port,
    this->setConstraints(cons);
 }

-LDAPAsynConnection::~LDAPAsynConnection(){
-    DEBUG(LDAP_DEBUG_DESTROY,
-            "LDAPAsynConnection::~LDAPAsynConnection()" << endl);
-    unbind();
-    //delete m_constr;        
-}
+LDAPAsynConnection::~LDAPAsynConnection(){}

 void LDAPAsynConnection::init(const string& hostname, int port){
    DEBUG(LDAP_DEBUG_TRACE,"LDAPAsynConnection::init" << endl);
@ -81,7 +77,8 @@ void LDAPAsynConnection::initialize(const std::string& uri){
 }

 void LDAPAsynConnection::start_tls(){
-    if( ldap_start_tls_s( cur_session, NULL, NULL ) != LDAP_SUCCESS ) {
+    int ret = ldap_start_tls_s( cur_session, NULL, NULL );
+    if( ret != LDAP_SUCCESS ) {
        throw LDAPException(this);
    }
 }
@ -288,6 +285,10 @@ const LDAPConstraints* LDAPAsynConnection::getConstraints() const {
    return m_constr;
 }
 
+TlsOptions LDAPAsynConnection::getTlsOptions() const {
+    return TlsOptions( cur_session );
+}
+
 LDAP* LDAPAsynConnection::getSessionHandle() const{ 
    DEBUG(LDAP_DEBUG_TRACE,"LDAPAsynConnection::getSessionHandle()" << endl);
    return cur_session;
--- a/external/bsd/openldap/dist/contrib/ldapc++/src/LDAPAsynConnection.h
+++ b/external/bsd/openldap/dist/contrib/ldapc++/src/LDAPAsynConnection.h
@ -1,6 +1,6 @@
-/*	$NetBSD: LDAPAsynConnection.h,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: LDAPAsynConnection.h,v 1.1.1.3 2010/12/12 15:18:43 adam Exp $	*/

-// OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPAsynConnection.h,v 1.11.2.4 2008/04/14 23:09:26 quanah Exp
+// OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPAsynConnection.h,v 1.11.2.6 2010/04/14 23:50:44 quanah Exp
 /*
 * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@ -14,7 +14,6 @@
 #include<string>

 #include<ldap.h>
-#include<lber.h>

 #include <LDAPEntry.h>
 #include <LDAPException.h>
@ -25,6 +24,7 @@
 #include <LDAPUrl.h>
 #include <LDAPUrlList.h>
 #include <SaslInteractionHandler.h>
+#include <TlsOptions.h>

 //* Main class for an asynchronous LDAP connection 
 /**
@ -75,7 +75,6 @@ class LDAPAsynConnection{

        //* Destructor
        virtual ~LDAPAsynConnection();
-
        /** 
         * Initializes a connection to a server. 
         * 
@ -154,7 +153,7 @@ class LDAPAsynConnection{
                                 const StringList& attrs=StringList(), 
                                 bool attrsOnly=false,
                                 const LDAPConstraints *cons=0);
-        
+
        /** Delete an entry from the directory
         *
         * This method sends a delete request to the server
@ -166,7 +165,7 @@ class LDAPAsynConnection{
         *              request
         */
        LDAPMessageQueue* del(const std::string& dn, const LDAPConstraints *cons=0);
-        
+
        /** 
         * Perform the COMPARE-operation on an attribute 
         *
@ -227,7 +226,7 @@ class LDAPAsynConnection{
                const std::string& newRDN,
                bool delOldRDN=false, const std::string& newParentDN="",
                const LDAPConstraints* cons=0);
-        
+
        /** Perform a LDAP extended Operation
         *
         * @throws LDAPException If the Request could not be sent to the
@ -241,14 +240,14 @@ class LDAPAsynConnection{
         */
        LDAPMessageQueue* extOperation(const std::string& oid, 
                const std::string& value="", const LDAPConstraints *cons=0);
-        
+
        /** End an outstanding request
         *
         * @param q All outstanding request related to this LDAPMessageQueue 
         *      will be abandoned
         */
        void abandon(LDAPMessageQueue *q);
-        
+
        /**
         * Performs the UNBIND-operation on the destination server
         * 
@ -273,20 +272,20 @@ class LDAPAsynConnection{
         *      the remote server. 
         */
        int getPort() const;
-        
+
        /** Change the default constraints of the connection
         *
         * @parameter cons cons New LDAPConstraints to use with the connection
         */
        void setConstraints(LDAPConstraints *cons);
-        
+
        /** Get the default constraints of the connection
         *
         * @return Pointer to the LDAPConstraints-Object that is currently
         *      used with the Connection
         */
        const LDAPConstraints* getConstraints() const;
-
+        TlsOptions getTlsOptions() const;
        /**
         * This method is used internally for automatic referral chasing.
         * It tries to bind to a destination server of the URLs of a
@ -311,7 +310,7 @@ class LDAPAsynConnection{
         * Private copy constructor. So nobody can call it.
         */
        LDAPAsynConnection(const LDAPAsynConnection& lc){};
-        
+
        /**
         * A pointer to the C-API LDAP-structure that is associated with
         * this connection
@ -330,7 +329,7 @@ class LDAPAsynConnection{
         */
        LDAPUrl m_uri;

- protected:
+    protected:
        /**
         * Is caching enabled?
         */
--- a/external/bsd/openldap/dist/contrib/ldapc++/src/LDAPConnection.cpp
+++ b/external/bsd/openldap/dist/contrib/ldapc++/src/LDAPConnection.cpp
@ -1,4 +1,4 @@
-// OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPConnection.cpp,v 1.10.4.3 2008/04/14 23:28:11 quanah Exp
+// OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPConnection.cpp,v 1.10.4.4 2010/04/14 23:50:44 quanah Exp
 /*
 * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@ -376,3 +376,7 @@ void LDAPConnection::setConstraints(LDAPConstraints* cons){
 const LDAPConstraints* LDAPConnection::getConstraints() const{
    return LDAPAsynConnection::getConstraints();
 }
+
+TlsOptions LDAPConnection::getTlsOptions() const {
+    return LDAPAsynConnection::getTlsOptions();
+}
--- a/external/bsd/openldap/dist/contrib/ldapc++/src/LDAPConnection.h
+++ b/external/bsd/openldap/dist/contrib/ldapc++/src/LDAPConnection.h
@ -1,6 +1,6 @@
-/*	$NetBSD: LDAPConnection.h,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: LDAPConnection.h,v 1.1.1.3 2010/12/12 15:18:45 adam Exp $	*/

-// OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPConnection.h,v 1.8.4.2 2008/04/14 23:28:11 quanah Exp
+// OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPConnection.h,v 1.8.4.3 2010/04/14 23:50:44 quanah Exp
 /*
 * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@ -237,6 +237,7 @@ class LDAPConnection : private LDAPAsynConnection {
        void setConstraints(LDAPConstraints *cons);
        
        const LDAPConstraints* getConstraints() const ;
+        TlsOptions getTlsOptions() const;
 };

 #endif //LDAP_CONNECTION_H
--- a/external/bsd/openldap/dist/contrib/ldapc++/src/LDAPConstraints.h
+++ b/external/bsd/openldap/dist/contrib/ldapc++/src/LDAPConstraints.h
@ -1,6 +1,6 @@
-/*	$NetBSD: LDAPConstraints.h,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: LDAPConstraints.h,v 1.1.1.3 2010/12/12 15:18:45 adam Exp $	*/

-// OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPConstraints.h,v 1.4.10.1 2008/04/14 23:09:26 quanah Exp
+// OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPConstraints.h,v 1.4.10.2 2010/04/14 23:34:42 quanah Exp
 /*
 * Copyright 2000, OpenLDAP Foundation, All Rights Reserved.
 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@ -28,32 +28,32 @@
 */
 class LDAPConstraints{
        
-	public :
+    public :
        static const int DEREF_NEVER = 0x00;   
        static const int DEREF_SEARCHING = 0x01;   
        static const int DEREF_FINDING = 0x02;   
        static const int DEREF_ALWAYS = 0x04;   
        
-		//* Constructs a LDAPConstraints object with default values
-		LDAPConstraints();
+        //* Constructs a LDAPConstraints object with default values
+        LDAPConstraints();

-		//* Copy constructor
-		LDAPConstraints(const LDAPConstraints& c);
+        //* Copy constructor
+        LDAPConstraints(const LDAPConstraints& c);

        ~LDAPConstraints();
-		
-		void setAliasDeref(int deref);
+            
+        void setAliasDeref(int deref);
        void setMaxTime(int t);
-		void setSizeLimit(int s);
-		void setReferralChase(bool rc);
+        void setSizeLimit(int s);
+        void setReferralChase(bool rc);
        void setHopLimit(int hop);
        void setReferralRebind(const LDAPRebind* rebind);
        void setServerControls(const LDAPControlSet* ctrls);
        void setClientControls(const LDAPControlSet* ctrls);
        
-		int getAliasDeref() const;
+        int getAliasDeref() const;
        int getMaxTime() const ;
-		int getSizeLimit() const;
+        int getSizeLimit() const;
        const LDAPRebind* getReferralRebind() const;
        const LDAPControlSet* getServerControls() const;
        const LDAPControlSet* getClientControls() const;
@ -66,20 +66,20 @@ class LDAPConstraints{
        
        //*for internal use only
        timeval* getTimeoutStruct() const;
-		bool getReferralChase() const ;
+        bool getReferralChase() const ;
        int getHopLimit() const;
-	
-	private :
+
+    private :
        int m_aliasDeref;

        //* max. time the server may spend for a search request
-		int m_maxTime;
+        int m_maxTime;

-		//* max number of entries to return from a search request
-		int m_maxSize;
-		
-		//* Flag for enabling automatic referral/reference chasing
-		bool m_referralChase;
+        //* max number of entries to return from a search request
+        int m_maxSize;
+
+        //* Flag for enabling automatic referral/reference chasing
+        bool m_referralChase;

        //* HopLimit for referral chasing
        int m_HopLimit;
@ -90,11 +90,11 @@ class LDAPConstraints{
        //* Object used to do bind for Referral chasing
        const LDAPRebind* m_refRebind;

-		//* List of Client Controls that should be used for each request	
-		LDAPControlSet* m_clientControls;
+        //* List of Client Controls that should be used for each request	
+        LDAPControlSet* m_clientControls;

-		//* List of Server Controls that should be used for each request	
-		LDAPControlSet* m_serverControls;
+        //* List of Server Controls that should be used for each request	
+        LDAPControlSet* m_serverControls;

 };
 #endif //LDAP_CONSTRAINTS_H
--- a/external/bsd/openldap/dist/contrib/ldapc++/src/LDAPUrl.cpp
+++ b/external/bsd/openldap/dist/contrib/ldapc++/src/LDAPUrl.cpp
@ -1,4 +1,4 @@
-// OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPUrl.cpp,v 1.3.10.5 2008/04/14 23:09:26 quanah Exp
+// OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPUrl.cpp,v 1.3.10.6 2010/04/14 23:50:44 quanah Exp
 /*
 * Copyright 2000-2006, OpenLDAP Foundation, All Rights Reserved.
 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@ -195,8 +195,7 @@ void LDAPUrl::parseUrl()
        // no hostname and port
        startpos++;
    } else {
-        std::string::size_type hostend;
-        std::string::size_type portstart;
+        std::string::size_type hostend, portstart=0;
        pos = m_urlString.find('/', startpos);

        // IPv6 Address?
--- a/external/bsd/openldap/dist/contrib/ldapc++/src/LDAPUrl.h
+++ b/external/bsd/openldap/dist/contrib/ldapc++/src/LDAPUrl.h
@ -1,6 +1,6 @@
-/*	$NetBSD: LDAPUrl.h,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: LDAPUrl.h,v 1.1.1.3 2010/12/12 15:18:48 adam Exp $	*/

-// OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPUrl.h,v 1.6.8.4 2008/04/14 23:09:26 quanah Exp
+// OpenLDAP: pkg/ldap/contrib/ldapc++/src/LDAPUrl.h,v 1.6.8.5 2010/04/14 23:50:44 quanah Exp
 /*
 * Copyright 2000-2006, OpenLDAP Foundation, All Rights Reserved.
 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@ -180,10 +180,12 @@ class LDAPUrl{
        enum mode { base, attrs, scope, filter, extensions };
 };

+/// @cond
 struct code2string_s {
    int code;
    const char* string;
 };
+/// @endcond

 class LDAPUrlException {
    public :
--- a/external/bsd/openldap/dist/contrib/ldapc++/src/Makefile.am
+++ b/external/bsd/openldap/dist/contrib/ldapc++/src/Makefile.am
@ -1,4 +1,4 @@
-# OpenLDAP: pkg/ldap/contrib/ldapc++/src/Makefile.am,v 1.10.2.7 2008/07/09 22:18:57 quanah Exp
+# OpenLDAP: pkg/ldap/contrib/ldapc++/src/Makefile.am,v 1.10.2.8 2010/04/14 23:50:44 quanah Exp

 ###
 # Copyright 2000-2008, OpenLDAP Foundation, All Rights Reserved.
@ -48,7 +48,8 @@ libldapcpp_la_SOURCES = LDAPAddRequest.cpp \
 			LdifWriter.cpp \
 			SaslInteraction.cpp \
 			SaslInteractionHandler.cpp \
-			StringList.cpp 
+			StringList.cpp \
+			TlsOptions.cpp

 include_HEADERS = LDAPAsynConnection.h \
 			LDAPAttribute.h \
@ -82,7 +83,8 @@ include_HEADERS = LDAPAsynConnection.h \
 			LdifWriter.h \
 			SaslInteraction.h \
 			SaslInteractionHandler.h \
-			StringList.h 
+			StringList.h \
+			TlsOptions.h

 noinst_HEADERS = ac/time.h \
 		debug.h \
--- a/external/bsd/openldap/dist/contrib/ldapc++/src/Makefile.in
+++ b/external/bsd/openldap/dist/contrib/ldapc++/src/Makefile.in
@ -1,8 +1,9 @@
-# Makefile.in generated by automake 1.10.1 from Makefile.am.
+# Makefile.in generated by automake 1.11 from Makefile.am.
 # @configure_input@

 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008  Free Software Foundation, Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
+# Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@ -14,7 +15,7 @@

@SET_MAKE@

-# OpenLDAP: pkg/ldap/contrib/ldapc++/src/Makefile.in,v 1.9.2.9 2008/07/09 22:48:25 quanah Exp
+# OpenLDAP: pkg/ldap/contrib/ldapc++/src/Makefile.in,v 1.9.2.10 2010/04/14 23:50:44 quanah Exp

 ###
 # Copyright 2000-2008, OpenLDAP Foundation, All Rights Reserved.
@ -23,8 +24,9 @@

 VPATH = @srcdir@
 pkgdatadir = $(datadir)/@PACKAGE@
-pkglibdir = $(libdir)/@PACKAGE@
 pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
 am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
 install_sh_DATA = $(install_sh) -c -m 644
 install_sh_PROGRAM = $(install_sh) -c
@ -50,14 +52,29 @@ am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = config.h
 CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
 am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
 am__vpath_adj = case $$p in \
    $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
    *) f=$$p;; \
  esac;
-am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+  srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+  for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+  for p in $$list; do echo "$$p $$p"; done | \
+  sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+  $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+    if (++n[$$2] == $(am__install_max)) \
+      { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+    END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+  sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+  sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
 am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)"
-libLTLIBRARIES_INSTALL = $(INSTALL)
 LTLIBRARIES = $(lib_LTLIBRARIES)
 libldapcpp_la_DEPENDENCIES =
 am_libldapcpp_la_OBJECTS = LDAPAddRequest.lo LDAPAsynConnection.lo \
@ -73,7 +90,8 @@ am_libldapcpp_la_OBJECTS = LDAPAddRequest.lo LDAPAsynConnection.lo \
 	LDAPSaslBindResult.lo LDAPSchema.lo LDAPSearchReference.lo \
 	LDAPSearchRequest.lo LDAPSearchResult.lo LDAPSearchResults.lo \
 	LDAPUrl.lo LDAPUrlList.lo LdifReader.lo LdifWriter.lo \
-	SaslInteraction.lo SaslInteractionHandler.lo StringList.lo
+	SaslInteraction.lo SaslInteractionHandler.lo StringList.lo \
+	TlsOptions.lo
 libldapcpp_la_OBJECTS = $(am_libldapcpp_la_OBJECTS)
 libldapcpp_la_LINK = $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) \
 	$(LIBTOOLFLAGS) --mode=link $(CXXLD) $(AM_CXXFLAGS) \
@ -81,6 +99,7 @@ libldapcpp_la_LINK = $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) \
 DEFAULT_INCLUDES = -I.@am__isrc@
 depcomp = $(SHELL) $(top_srcdir)/depcomp
 am__depfiles_maybe = depfiles
+am__mv = mv -f
 CXXCOMPILE = $(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
 	$(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS)
 LTCXXCOMPILE = $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
@ -92,7 +111,6 @@ CXXLINK = $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
 	$(LDFLAGS) -o $@
 SOURCES = $(libldapcpp_la_SOURCES)
 DIST_SOURCES = $(libldapcpp_la_SOURCES)
-includeHEADERS_INSTALL = $(INSTALL_HEADER)
 HEADERS = $(include_HEADERS) $(noinst_HEADERS)
 ETAGS = etags
 CTAGS = ctags
@ -117,31 +135,36 @@ CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
 DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
 ECHO_N = @ECHO_N@
 ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
 GREP = @GREP@
 INSTALL = @INSTALL@
 INSTALL_DATA = @INSTALL_DATA@
 INSTALL_PROGRAM = @INSTALL_PROGRAM@
 INSTALL_SCRIPT = @INSTALL_SCRIPT@
 INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
 LDFLAGS = @LDFLAGS@
 LIBOBJS = @LIBOBJS@
 LIBS = @LIBS@
 LIBTOOL = @LIBTOOL@
+LIPO = @LIPO@
 LN_S = @LN_S@
 LTLIBOBJS = @LTLIBOBJS@
 MAKEINFO = @MAKEINFO@
 MKDIR_P = @MKDIR_P@
+NM = @NM@
 NMEDIT = @NMEDIT@
+OBJDUMP = @OBJDUMP@
 OBJEXT = @OBJEXT@
 OPENLDAP_CPP_API_VERSION = @OPENLDAP_CPP_API_VERSION@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
 PACKAGE = @PACKAGE@
 PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
 PACKAGE_NAME = @PACKAGE_NAME@
@ -161,7 +184,7 @@ abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
 am__leading_dot = @am__leading_dot@
 am__quote = @am__quote@
@ -192,6 +215,7 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@ -204,6 +228,7 @@ sharedstatedir = @sharedstatedir@
 srcdir = @srcdir@
 sysconfdir = @sysconfdir@
 target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
 top_builddir = @top_builddir@
 top_srcdir = @top_srcdir@
 lib_LTLIBRARIES = libldapcpp.la
@ -248,7 +273,8 @@ libldapcpp_la_SOURCES = LDAPAddRequest.cpp \
 			LdifWriter.cpp \
 			SaslInteraction.cpp \
 			SaslInteractionHandler.cpp \
-			StringList.cpp 
+			StringList.cpp \
+			TlsOptions.cpp

 include_HEADERS = LDAPAsynConnection.h \
 			LDAPAttribute.h \
@ -282,7 +308,8 @@ include_HEADERS = LDAPAsynConnection.h \
 			LdifWriter.h \
 			SaslInteraction.h \
 			SaslInteractionHandler.h \
-			StringList.h 
+			StringList.h \
+			TlsOptions.h

 noinst_HEADERS = ac/time.h \
 		debug.h \
@ -307,14 +334,14 @@ $(srcdir)/Makefile.in:  $(srcdir)/Makefile.am  $(am__configure_deps)
 	@for dep in $?; do \
 	  case '$(am__configure_deps)' in \
 	    *$$dep*) \
-	      cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
-		&& exit 0; \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
 	      exit 1;; \
 	  esac; \
 	done; \
-	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign  src/Makefile'; \
-	cd $(top_srcdir) && \
-	  $(AUTOMAKE) --foreign  src/Makefile
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign src/Makefile
 .PRECIOUS: Makefile
 Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
 	@case '$?' in \
@ -332,6 +359,7 @@ $(top_srcdir)/configure:  $(am__configure_deps)
 	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
 $(ACLOCAL_M4):  $(am__aclocal_m4_deps)
 	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):

 config.h: stamp-h1
 	@if test ! -f $@; then \
@ -343,7 +371,7 @@ stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status
 	@rm -f stamp-h1
 	cd $(top_builddir) && $(SHELL) ./config.status src/config.h
 $(srcdir)/config.h.in:  $(am__configure_deps) 
-	cd $(top_srcdir) && $(AUTOHEADER)
+	($(am__cd) $(top_srcdir) && $(AUTOHEADER))
 	rm -f stamp-h1
 	touch $@

@ -352,20 +380,24 @@ distclean-hdr:
 install-libLTLIBRARIES: $(lib_LTLIBRARIES)
 	@$(NORMAL_INSTALL)
 	test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)"
-	@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+	@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+	list2=; for p in $$list; do \
 	  if test -f $$p; then \
-	    f=$(am__strip_dir) \
-	    echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \
-	    $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \
+	    list2="$$list2 $$p"; \
 	  else :; fi; \
-	done
+	done; \
+	test -z "$$list2" || { \
+	  echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
+	  $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
+	}

 uninstall-libLTLIBRARIES:
 	@$(NORMAL_UNINSTALL)
-	@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
-	  p=$(am__strip_dir) \
-	  echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \
-	  $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \
+	@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+	for p in $$list; do \
+	  $(am__strip_dir) \
+	  echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \
+	  $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \
 	done

 clean-libLTLIBRARIES:
@ -427,24 +459,25 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/SaslInteraction.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/SaslInteractionHandler.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/StringList.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/TlsOptions.Plo@am__quote@

 .cpp.o:
@am__fastdepCXX_TRUE@	$(CXXCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCXX_TRUE@	mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCXX_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
@AMDEP_TRUE@@am__fastdepCXX_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCXX_FALSE@	DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCXX_FALSE@	$(CXXCOMPILE) -c -o $@ $<

 .cpp.obj:
@am__fastdepCXX_TRUE@	$(CXXCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
-@am__fastdepCXX_TRUE@	mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCXX_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
@AMDEP_TRUE@@am__fastdepCXX_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCXX_FALSE@	DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCXX_FALSE@	$(CXXCOMPILE) -c -o $@ `$(CYGPATH_W) '$<'`

 .cpp.lo:
@am__fastdepCXX_TRUE@	$(LTCXXCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCXX_TRUE@	mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@am__fastdepCXX_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
@AMDEP_TRUE@@am__fastdepCXX_FALSE@	source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCXX_FALSE@	DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCXX_FALSE@	$(LTCXXCOMPILE) -c -o $@ $<
@ -457,34 +490,37 @@ clean-libtool:
 install-includeHEADERS: $(include_HEADERS)
 	@$(NORMAL_INSTALL)
 	test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)"
-	@list='$(include_HEADERS)'; for p in $$list; do \
+	@list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \
+	for p in $$list; do \
 	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
-	  f=$(am__strip_dir) \
-	  echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \
-	  $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \
+	  echo "$$d$$p"; \
+	done | $(am__base_list) | \
+	while read files; do \
+	  echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \
+	  $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \
 	done

 uninstall-includeHEADERS:
 	@$(NORMAL_UNINSTALL)
-	@list='$(include_HEADERS)'; for p in $$list; do \
-	  f=$(am__strip_dir) \
-	  echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \
-	  rm -f "$(DESTDIR)$(includedir)/$$f"; \
-	done
+	@list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \
+	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+	test -n "$$files" || exit 0; \
+	echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \
+	cd "$(DESTDIR)$(includedir)" && rm -f $$files

 ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
 	list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
 	unique=`for i in $$list; do \
 	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
 	  done | \
-	  $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
+	  $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
 	      END { if (nonempty) { for (i in files) print i; }; }'`; \
 	mkid -fID $$unique
 tags: TAGS

 TAGS:  $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \
 		$(TAGS_FILES) $(LISP)
-	tags=; \
+	set x; \
 	here=`pwd`; \
 	list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \
 	unique=`for i in $$list; do \
@ -492,29 +528,34 @@ TAGS:  $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \
 	  done | \
 	  $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
 	      END { if (nonempty) { for (i in files) print i; }; }'`; \
-	if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
 	  test -n "$$unique" || unique=$$empty_fix; \
-	  $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
-	    $$tags $$unique; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
 	fi
 ctags: CTAGS
 CTAGS:  $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \
 		$(TAGS_FILES) $(LISP)
-	tags=; \
 	list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \
 	unique=`for i in $$list; do \
 	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
 	  done | \
 	  $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
 	      END { if (nonempty) { for (i in files) print i; }; }'`; \
-	test -z "$(CTAGS_ARGS)$$tags$$unique" \
+	test -z "$(CTAGS_ARGS)$$unique" \
 	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
-	     $$tags $$unique
+	     $$unique

 GTAGS:
 	here=`$(am__cd) $(top_builddir) && pwd` \
-	  && cd $(top_srcdir) \
-	  && gtags -i $(GTAGS_ARGS) $$here
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"

 distclean-tags:
 	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
@ -535,13 +576,17 @@ distdir: $(DISTFILES)
 	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
 	  if test -d $$d/$$file; then \
 	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
-	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
-	      cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
 	    fi; \
-	    cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
 	  else \
-	    test -f $(distdir)/$$file \
-	    || cp -p $$d/$$file $(distdir)/$$file \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
 	    || exit 1; \
 	  fi; \
 	done
@ -572,6 +617,7 @@ clean-generic:

 distclean-generic:
 	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)

 maintainer-clean-generic:
 	@echo "This command is intended for maintainers to use"
@ -593,6 +639,8 @@ dvi-am:

 html: html-am

+html-am:
+
 info: info-am

 info-am:
@ -601,18 +649,28 @@ install-data-am: install-includeHEADERS

 install-dvi: install-dvi-am

+install-dvi-am:
+
 install-exec-am: install-libLTLIBRARIES

 install-html: install-html-am

+install-html-am:
+
 install-info: install-info-am

+install-info-am:
+
 install-man:

 install-pdf: install-pdf-am

+install-pdf-am:
+
 install-ps: install-ps-am

+install-ps-am:
+
 installcheck-am:

 maintainer-clean: maintainer-clean-am
@ -635,7 +693,7 @@ ps-am:

 uninstall-am: uninstall-includeHEADERS uninstall-libLTLIBRARIES

-.MAKE: install-am install-strip
+.MAKE: all install-am install-strip

 .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
 	clean-libLTLIBRARIES clean-libtool ctags distclean \
@ -653,6 +711,7 @@ uninstall-am: uninstall-includeHEADERS uninstall-libLTLIBRARIES
 	tags uninstall uninstall-am uninstall-includeHEADERS \
 	uninstall-libLTLIBRARIES

+
 # Tell versions [3.59,3.63) of GNU make to not export all variables.
 # Otherwise a system limit (for SysV at least) may be exceeded.
 .NOEXPORT:
--- a/external/bsd/openldap/dist/contrib/ldapc++/src/TlsOptions.cpp
+++ b/external/bsd/openldap/dist/contrib/ldapc++/src/TlsOptions.cpp
@ -0,0 +1,122 @@
+// OpenLDAP: pkg/ldap/contrib/ldapc++/src/TlsOptions.cpp,v 1.5.2.2 2010/04/14 23:50:44 quanah Exp
+/*
+ * Copyright 2010, OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "TlsOptions.h"
+#include "LDAPException.h"
+
+enum opttype {
+    INT=0,
+    STRING,
+    OTHER
+};
+
+typedef struct tls_optmap {
+    int optval;
+    opttype type;
+} tls_optmap_t;
+
+static tls_optmap_t optmap[] = {
+    { LDAP_OPT_X_TLS_CACERTFILE, STRING },
+    { LDAP_OPT_X_TLS_CACERTDIR, STRING },
+    { LDAP_OPT_X_TLS_CERTFILE, STRING },
+    { LDAP_OPT_X_TLS_KEYFILE, STRING },
+    { LDAP_OPT_X_TLS_REQUIRE_CERT, INT },
+    { LDAP_OPT_X_TLS_PROTOCOL_MIN, INT },
+    { LDAP_OPT_X_TLS_CIPHER_SUITE, STRING },
+    { LDAP_OPT_X_TLS_RANDOM_FILE, STRING },
+    { LDAP_OPT_X_TLS_CRLCHECK, INT },
+    { LDAP_OPT_X_TLS_DHFILE, STRING },
+    { LDAP_OPT_X_TLS_NEWCTX, INT }
+};
+#if 0 /* not implemented currently */
+        static const int TLS_CRLFILE /* GNUtls only */
+        static const int TLS_SSL_CTX  /* OpenSSL SSL* */
+        static const int TLS_CONNECT_CB
+        static const int TLS_CONNECT_ARG
+#endif 
+
+static void checkOpt( TlsOptions::tls_option opt, opttype type ) {
+    if ( opt < TlsOptions::CACERTFILE || opt >= TlsOptions::LASTOPT ){
+        throw( LDAPException( LDAP_PARAM_ERROR, "unknown Option" ) );
+    }
+
+    if ( optmap[opt].type != type ){
+        throw( LDAPException( LDAP_PARAM_ERROR, "not a string option" ) );
+    }
+}
+
+TlsOptions::TlsOptions() : m_ld(NULL) {}
+
+TlsOptions::TlsOptions( LDAP* ld ): m_ld(ld) { }
+
+void TlsOptions::setOption( tls_option opt, const std::string& value ) const {
+    checkOpt(opt, STRING);
+    this->setOption( opt, value.empty() ? NULL : (void*) value.c_str() );
+}
+
+void TlsOptions::setOption( tls_option opt, int value ) const {
+    checkOpt(opt, INT);
+    this->setOption( opt, (void*) &value);
+}
+
+void TlsOptions::setOption( tls_option opt, void *value ) const {
+    int ret = ldap_set_option( m_ld, optmap[opt].optval, value);
+    if ( ret != LDAP_OPT_SUCCESS )
+    {
+        if ( ret != LDAP_OPT_ERROR ){
+            throw( LDAPException( ret ));
+        } else {
+            throw( LDAPException( LDAP_PARAM_ERROR, "error while setting TLS option" ) );
+        }
+    }
+    if ( m_ld ){
+        this->newCtx();
+    }
+}
+
+void TlsOptions::getOption( tls_option opt, void* value ) const {
+    int ret = ldap_get_option( m_ld, optmap[opt].optval, value);
+    if ( ret != LDAP_OPT_SUCCESS )
+    {
+        if ( ret != LDAP_OPT_ERROR ){
+            throw( LDAPException( ret ));
+        } else {
+            throw( LDAPException( LDAP_PARAM_ERROR, "error while reading TLS option" ) );
+        }
+    }
+}
+
+int TlsOptions::getIntOption( tls_option opt ) const {
+    int value;
+    checkOpt(opt, INT);
+    ldap_get_option( m_ld, optmap[opt].optval, (void*) &value);
+    return value;
+}
+
+std::string TlsOptions::getStringOption( tls_option opt ) const {
+    char *value;
+    checkOpt(opt, STRING);
+    ldap_get_option( m_ld, optmap[opt].optval, (void*) &value);
+    std::string strval;
+    if (value)
+    {
+        strval=std::string(value);
+        ldap_memfree(value);
+    }
+    return strval;
+}
+
+void TlsOptions::newCtx() const {
+    int ret = ldap_set_option( m_ld, LDAP_OPT_X_TLS_NEWCTX, LDAP_OPT_ON);
+    if ( ret != LDAP_OPT_SUCCESS )
+    {
+        if ( ret != LDAP_OPT_ERROR ){
+            throw( LDAPException( ret ));
+        } else {
+            throw( LDAPException( LDAP_LOCAL_ERROR, "error while renewing TLS context" ) );
+        }
+    }
+}
--- a/external/bsd/openldap/dist/contrib/ldapc++/src/TlsOptions.h
+++ b/external/bsd/openldap/dist/contrib/ldapc++/src/TlsOptions.h
@ -0,0 +1,164 @@
+/*	$NetBSD: TlsOptions.h,v 1.1.1.1 2010/12/12 15:18:50 adam Exp $	*/
+
+// OpenLDAP: pkg/ldap/contrib/ldapc++/src/TlsOptions.h,v 1.6.2.2 2010/04/14 23:50:44 quanah Exp
+/*
+ * Copyright 2010, OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+#ifndef TLS_OPTIONS_H
+#define TLS_OPTIONS_H
+#include <string>
+#include <ldap.h>
+
+/**
+ * Class to access the global (and connection specific) TLS Settings
+ * To access the global TLS Settings just instantiate a TlsOption object
+ * using the default constructor.
+ *
+ * To access connection specific settings instantiate a TlsOption object
+ * through the getTlsOptions() method from the corresponding
+ * LDAPConnection/LDAPAsynConnection object.
+ *
+ */
+class TlsOptions {
+    public:
+
+        /**
+         * Available TLS Options
+         */
+        enum tls_option {
+            CACERTFILE=0, 
+            CACERTDIR,
+            CERTFILE,
+            KEYFILE,
+            REQUIRE_CERT,
+            PROTOCOL_MIN,
+            CIPHER_SUITE,
+            RANDOM_FILE,
+            CRLCHECK,
+            DHFILE,
+            /// @cond
+            LASTOPT /* dummy */
+            /// @endcond
+        };
+
+        /**
+         * Possible Values for the REQUIRE_CERT option
+         */
+        enum verifyMode {
+            NEVER=0,
+            HARD,
+            DEMAND,
+            ALLOW,
+            TRY
+        };
+
+        /**
+         * Possible Values for the CRLCHECK option
+         */
+        enum crlMode {
+            CRL_NONE=0,
+            CRL_PEER,
+            CRL_ALL
+        };
+
+
+        /**
+         * Default constructor. Gives access to the global TlsSettings
+         */
+        TlsOptions();
+
+        /**
+         * Set string valued options.
+         * @param opt The following string valued options are available:
+         *      - TlsOptions::CACERTFILE 
+         *      - TlsOptions::CACERTDIR
+         *      - TlsOptions::CERTFILE
+         *      - TlsOptions::KEYFILE
+         *      - TlsOptions::CIPHER_SUITE
+         *      - TlsOptions::RANDOM_FILE
+         *      - TlsOptions::DHFILE
+         *  @param value The value to apply to that option, 
+         *      - TlsOptions::CACERTFILE:
+         *          The path to the file containing all recognized Certificate
+         *          Authorities
+         *      - TlsOptions::CACERTDIR:
+         *          The path to a directory containing individual files of all
+         *          recognized Certificate Authority certificates
+         *      - TlsOptions::CERTFILE:
+         *          The path to the client certificate
+         *      - TlsOptions::KEYFILE:
+         *          The path to the file containing the private key matching the 
+         *          Certificate that as configured with TlsOptions::CERTFILE
+         *      - TlsOptions::CIPHER_SUITE
+         *          Specifies the cipher suite and preference order
+         *      - TlsOptions::RANDOM_FILE
+         *          Specifies the file to obtain random bits from when 
+         *          /dev/[u]random is not available.
+         *      - TlsOptions::DHFILE
+         *          File containing DH parameters
+         */
+        void setOption(tls_option opt, const std::string& value) const;
+
+        /** 
+         * Set integer valued options.
+         * @param opt The following string valued options are available:
+         *      - TlsOptions::REQUIRE_CERT
+         *      - TlsOptions::PROTOCOL_MIN
+         *      - TlsOptions::CRLCHECK
+         * @param value The value to apply to that option, 
+         *      - TlsOptions::REQUIRE_CERT:
+         *          Possible Values (For details see the ldap.conf(5) man-page):
+         *              - TlsOptions::NEVER
+         *              - TlsOptions::DEMAND
+         *              - TlsOptions::ALLOW
+         *              - TlsOptions::TRY
+         *      - TlsOptions::PROTOCOL_MIN
+         *      - TlsOptions::CRLCHECK
+         *          Possible Values:
+         *              - TlsOptions::CRL_NONE
+         *              - TlsOptions::CRL_PEER
+         *              - TlsOptions::CRL_ALL
+         */
+        void setOption(tls_option opt, int value) const;
+
+        /**
+         * Generic setOption variant. Generally you should prefer to use one 
+         * of the other variants
+         */
+        void setOption(tls_option opt, void *value) const;
+
+        /**
+         * Read integer valued options
+         * @return Option value
+         * @throws LDAPException in case of error (invalid on non-integer 
+         *      valued option is requested)
+         */
+        int getIntOption(tls_option opt) const;
+
+        /**
+         * Read string valued options
+         * @return Option value
+         * @throws LDAPException in case of error (invalid on non-string 
+         *      valued option is requested)
+         */
+        std::string getStringOption(tls_option opt) const;
+
+        /**
+         * Read options value. Usually you should prefer to use either 
+         * getIntOption() or getStringOption()
+         * @param value points to a buffer containing the option value
+         * @throws LDAPException in case of error (invalid on non-string 
+         *      valued option is requested)
+         */
+        void getOption(tls_option opt, void *value ) const;
+        
+    private:
+        TlsOptions( LDAP* ld );
+        void newCtx() const;
+        LDAP *m_ld;
+
+    friend class LDAPAsynConnection;
+};
+
+#endif /* TLS_OPTIONS_H */
--- a/external/bsd/openldap/dist/contrib/ldapc++/src/ac/time.h
+++ b/external/bsd/openldap/dist/contrib/ldapc++/src/ac/time.h
@ -1,9 +1,9 @@
-/*	$NetBSD: time.h,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: time.h,v 1.1.1.3 2010/12/12 15:18:50 adam Exp $	*/

 /* Generic time.h */
-/* OpenLDAP: pkg/ldap/contrib/ldapc++/src/ac/time.h,v 1.7.2.5 2009/01/22 00:00:44 kurt Exp */
+/* OpenLDAP: pkg/ldap/contrib/ldapc++/src/ac/time.h,v 1.7.2.6 2010/04/13 20:22:24 kurt Exp */
 /*
- * Copyright 1998-2009 The OpenLDAP Foundation, Redwood City, California, USA
+ * Copyright 1998-2010 The OpenLDAP Foundation, Redwood City, California, USA
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms are permitted only
--- a/external/bsd/openldap/dist/contrib/slapd-modules/README
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/README
@ -1,4 +1,4 @@
-Copyright 2008-2009 The OpenLDAP Foundation. All rights reserved.
+Copyright 2008-2010 The OpenLDAP Foundation. All rights reserved.

 Redistribution and use in source and binary forms, with or without
 modification, are permitted only as authorized by the OpenLDAP
@ -55,4 +55,4 @@ smbk5pwd (overlay)
 trace (overlay)
 	Trace overlay invocation.

-OpenLDAP: pkg/ldap/contrib/slapd-modules/README,v 1.3.2.3 2009/01/22 00:00:44 kurt Exp
+OpenLDAP: pkg/ldap/contrib/slapd-modules/README,v 1.3.2.4 2010/04/13 20:22:25 kurt Exp
--- a/external/bsd/openldap/dist/contrib/slapd-modules/acl/README
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/acl/README
@ -1,37 +1,5 @@
-This directory contains native slapd plugins that implement access rules.
+README.* for details on each specific dynacl module

-posixgroup.c contains a simple example that implements access control
-based on posixGroup membership, loosely inspired by ITS#3849.  It should
-be made clear that this access control policy does not reflect any
-standard track model of handling access control, and should be 
-essentially viewed as an illustration of the use of the dynamic 
-extension of access control within slapd.
-
-To use the acl-posixgroup plugin, add:
-
-moduleload acl-posixgroup.so
-
-to your slapd configuration file; it requires "nis.schema" to be loaded.
-It is configured using
-
-access to <what>
-	by dynacl/posixGroup[.{exact,expand}]=<dnpat> {<level>|<priv(s)}
-
-The default is "exact"; in case of "expand", "<dnpat>" results from
-the expansion of submatches in the "<what>" portion.  "<level>|<priv(s)>"
-describe the level of privilege this rule can assume.
-
-No Makefile is provided. Use a command line similar to:
-
-gcc -shared -I../../../include -I../../../servers/slapd -Wall -g \
-	-o acl-posixgroup.so posixgroup.c
-
-to compile the posixGroup ACL plugin.
-
---
-Copyright 2005-2009 The OpenLDAP Foundation. All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted only as authorized by the OpenLDAP
-Public License.
+Available modules:

+posixgroup.c
--- a/external/bsd/openldap/dist/contrib/slapd-modules/acl/README.posixgroup
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/acl/README.posixgroup
@ -0,0 +1,37 @@
+This directory contains native slapd plugins that implement access rules.
+
+posixgroup.c contains a simple example that implements access control
+based on posixGroup membership, loosely inspired by ITS#3849.  It should
+be made clear that this access control policy does not reflect any
+standard track model of handling access control, and should be 
+essentially viewed as an illustration of the use of the dynamic 
+extension of access control within slapd.
+
+To use the acl-posixgroup plugin, add:
+
+moduleload acl-posixgroup.so
+
+to your slapd configuration file; it requires "nis.schema" to be loaded.
+It is configured using
+
+access to <what>
+	by dynacl/posixGroup[.{exact,expand}]=<dnpat> {<level>|<priv(s)}
+
+The default is "exact"; in case of "expand", "<dnpat>" results from
+the expansion of submatches in the "<what>" portion.  "<level>|<priv(s)>"
+describe the level of privilege this rule can assume.
+
+No Makefile is provided. Use a command line similar to:
+
+gcc -shared -I../../../include -I../../../servers/slapd -Wall -g \
+	-o acl-posixgroup.so posixgroup.c
+
+to compile the posixGroup ACL plugin.
+
+---
+Copyright 2005-2010 The OpenLDAP Foundation. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted only as authorized by the OpenLDAP
+Public License.
+
--- a/external/bsd/openldap/dist/contrib/slapd-modules/acl/posixgroup.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/acl/posixgroup.c
@ -1,10 +1,10 @@
-/*	$NetBSD: posixgroup.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: posixgroup.c,v 1.1.1.3 2010/12/12 15:18:53 adam Exp $	*/

 /* posixgroup.c */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/acl/posixgroup.c,v 1.3.2.6 2009/08/17 21:48:55 quanah Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/acl/posixgroup.c,v 1.3.2.7 2010/04/13 20:22:25 kurt Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/contrib/slapd-modules/addpartial/README
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/addpartial/README
@ -59,7 +59,7 @@ CAVEATS
      syncprov overlay.

 ---
-Copyright 2004-2009 The OpenLDAP Foundation.
+Copyright 2004-2010 The OpenLDAP Foundation.
 Portions Copyright (C) Virginia Tech, David Hawes.
 All rights reserved.

--- a/external/bsd/openldap/dist/contrib/slapd-modules/addpartial/addpartial-overlay.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/addpartial/addpartial-overlay.c
@ -1,10 +1,10 @@
-/*	$NetBSD: addpartial-overlay.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: addpartial-overlay.c,v 1.1.1.3 2010/12/12 15:18:53 adam Exp $	*/

 /* addpartial-overlay.c */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/addpartial/addpartial-overlay.c,v 1.1.2.5 2009/08/17 21:48:56 quanah Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/addpartial/addpartial-overlay.c,v 1.1.2.6 2010/04/13 20:22:25 kurt Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 2004-2009 The OpenLDAP Foundation.
+ * Copyright 2004-2010 The OpenLDAP Foundation.
 * Portions Copyright (C) 2004 Virginia Tech, David Hawes.
 * All rights reserved.
 *
--- a/external/bsd/openldap/dist/contrib/slapd-modules/allop/README
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/allop/README
@ -20,7 +20,7 @@ gcc -shared -I../../../include -I../../../servers/slapd -Wall -g \
 to compile this overlay.

 ---
-Copyright 2004-2009 The OpenLDAP Foundation. All rights reserved.
+Copyright 2004-2010 The OpenLDAP Foundation. All rights reserved.

 Redistribution and use in source and binary forms, with or without
 modification, are permitted only as authorized by the OpenLDAP
--- a/external/bsd/openldap/dist/contrib/slapd-modules/allop/allop.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/allop/allop.c
@ -1,10 +1,10 @@
-/*	$NetBSD: allop.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: allop.c,v 1.1.1.3 2010/12/12 15:18:54 adam Exp $	*/

 /* allop.c - returns all operational attributes when appropriate */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/allop/allop.c,v 1.3.2.4 2009/01/22 00:00:45 kurt Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/allop/allop.c,v 1.3.2.5 2010/04/13 20:22:25 kurt Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 2005-2009 The OpenLDAP Foundation.
+ * Copyright 2005-2010 The OpenLDAP Foundation.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/contrib/slapd-modules/allop/slapo-allop.5
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/allop/slapo-allop.5
@ -1,7 +1,7 @@
 .TH SLAPO-ALLOP 5 "RELEASEDATE" "OpenLDAP LDVERSION"
-.\" Copyright 2005-2009 The OpenLDAP Foundation All Rights Reserved.
+.\" Copyright 2005-2010 The OpenLDAP Foundation All Rights Reserved.
 .\" Copying restrictions apply.  See COPYRIGHT/LICENSE.
-.\" OpenLDAP: pkg/ldap/contrib/slapd-modules/allop/slapo-allop.5,v 1.2.2.4 2009/01/22 00:00:45 kurt Exp
+.\" OpenLDAP: pkg/ldap/contrib/slapd-modules/allop/slapo-allop.5,v 1.2.2.5 2010/04/13 20:22:25 kurt Exp
 .SH NAME
 slapo-allop \- All Operational Attributes overlay
 .SH SYNOPSIS
--- a/external/bsd/openldap/dist/contrib/slapd-modules/allowed/Makefile
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/allowed/Makefile
@ -1,7 +1,7 @@
-# OpenLDAP: pkg/ldap/contrib/slapd-modules/allowed/Makefile,v 1.1.2.2 2009/08/25 23:39:37 quanah Exp
+# OpenLDAP: pkg/ldap/contrib/slapd-modules/allowed/Makefile,v 1.1.2.3 2010/04/13 20:22:26 kurt Exp
 # This work is part of OpenLDAP Software <http://www.openldap.org/>.
 #
-# Copyright 1998-2009 The OpenLDAP Foundation.
+# Copyright 1998-2010 The OpenLDAP Foundation.
 # Copyright 2004 Howard Chu, Symas Corp. All Rights Reserved.
 #
 # Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/contrib/slapd-modules/allowed/README
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/allowed/README
@ -10,22 +10,14 @@ It adds to entries returned by search operations the value of attributes
 "allowedAttributesEffective"
 	<http://msdn.microsoft.com/en-us/library/ms675218(VS.85).aspx>

-No other use is made of those attributes: they cannot be compared,
-they cannot be used in search filters, they cannot be used in ACLs, ...
-
-    --- o --- o --- o ---
-
-Other attributes like
-
 "allowedChildClasses"
 	<http://msdn.microsoft.com/en-us/library/ms675219(VS.85).aspx>
+
 "allowedChildClassesEffective"
 	<http://msdn.microsoft.com/en-us/library/ms675220(VS.85).aspx>

-make little sense within OpenLDAP's slapd right now, since any AUXILIARY
-objectClass can be added to an entry, while no STRUCTURAL objectClass can.
-This may change when DIT structure rules are implemented, while ACLs may
-restrict what AUXILIARY objectClasses can be added to an entry.
+No other use is made of those attributes: they cannot be compared,
+they cannot be used in search filters, they cannot be used in ACLs, ...

    --- o --- o --- o ---

@ -63,7 +55,7 @@ to compile this overlay, or even better use OpenLDAP's libtool as appropriate.
 ---
 This work is part of OpenLDAP Software <http://www.openldap.org/>.

-Copyright 2006-2009 The OpenLDAP Foundation. All rights reserved.
+Copyright 2006-2010 The OpenLDAP Foundation. All rights reserved.

 Redistribution and use in source and binary forms, with or without
 modification, are permitted only as authorized by the OpenLDAP
--- a/external/bsd/openldap/dist/contrib/slapd-modules/allowed/allowed.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/allowed/allowed.c
@ -1,10 +1,10 @@
-/*	$NetBSD: allowed.c,v 1.1.1.1 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: allowed.c,v 1.1.1.2 2010/12/12 15:18:55 adam Exp $	*/

 /* allowed.c - add allowed attributes based on ACL */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/allowed/allowed.c,v 1.3.2.2 2009/08/25 19:59:12 quanah Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/allowed/allowed.c,v 1.3.2.4 2010/04/15 20:35:22 quanah Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 2006-2009 The OpenLDAP Foundation.
+ * Copyright 2006-2010 The OpenLDAP Foundation.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
@ -178,9 +178,6 @@ aa_operational( Operation *op, SlapReply *rs )
 	struct berval		*v;
 	AttributeType		**atp = NULL;
 	ObjectClass		**ocp = NULL;
-	BerVarray		bv_allowed = NULL,
-				bv_effective = NULL;
-	int			i, ja = 0, je = 0;

 #define	GOT_NONE	(0x0U)
 #define	GOT_C		(0x1U)
@ -219,10 +216,13 @@ aa_operational( Operation *op, SlapReply *rs )
 	/* shouldn't be called without an entry; please check */
 	assert( rs->sr_entry != NULL );

+	for ( ap = &rs->sr_operational_attrs; *ap != NULL; ap = &(*ap)->a_next )
+		/* go to last */ ;
+
 	/* see caveats; this is not guaranteed for all backends */
 	a = attr_find( rs->sr_entry->e_attrs, slap_schema.si_ad_objectClass );
 	if ( a == NULL ) {
-		return SLAP_CB_CONTINUE;
+		goto do_oc;
 	}

 	/* if client has no access to objectClass attribute; don't compute */
@ -248,13 +248,21 @@ aa_operational( Operation *op, SlapReply *rs )
 		aa_add_oc( oc, &ocp, &atp );

 		if ( oc->soc_sups ) {
+			int i;
+
 			for ( i = 0; oc->soc_sups[ i ] != NULL; i++ ) {
 				aa_add_oc( oc->soc_sups[ i ], &ocp, &atp );
 			}
 		}
 	}

+	ch_free( ocp );
+
 	if ( atp != NULL ) {
+		BerVarray	bv_allowed = NULL,
+				bv_effective = NULL;
+		int		i, ja = 0, je = 0;
+
 		for ( i = 0; atp[ i ] != NULL; i++ )
 			/* just count */ ;
 	
@ -289,8 +297,7 @@ aa_operational( Operation *op, SlapReply *rs )
 			}
 		}

-		for ( ap = &rs->sr_operational_attrs; *ap != NULL; ap = &(*ap)->a_next )
-			/* go to last */ ;
+		ch_free( atp );

 		if ( ( got & GOT_A ) && ja > 0 ) {
 			BER_BVZERO( &bv_allowed[ ja ] );
@ -300,7 +307,7 @@ aa_operational( Operation *op, SlapReply *rs )
 			(*ap)->a_numvals = ja;
 			ap = &(*ap)->a_next;
 		}
-	
+
 		if ( ( got & GOT_AE ) && je > 0 ) {
 			BER_BVZERO( &bv_effective[ je ] );
 			*ap = attr_alloc( ad_allowedAttributesEffective );
@ -309,12 +316,97 @@ aa_operational( Operation *op, SlapReply *rs )
 			(*ap)->a_numvals = je;
 			ap = &(*ap)->a_next;
 		}
-	
+
 		*ap = NULL;
 	}

-	ch_free( atp );
-	ch_free( ocp );
+do_oc:;
+	if ( ( got & GOT_C ) || ( got & GOT_CE ) ) {
+		BerVarray	bv_allowed = NULL,
+				bv_effective = NULL;
+		int		i, ja = 0, je = 0;
+
+		ObjectClass	*oc;
+
+		for ( oc_start( &oc ); oc != NULL; oc_next( &oc ) ) {
+			/* we can only add AUXILIARY objectClasses */
+			if ( oc->soc_kind != LDAP_SCHEMA_AUXILIARY ) {
+				continue;
+			}
+
+			i++;
+		}
+
+		if ( got & GOT_C ) {
+			bv_allowed = ber_memalloc( sizeof( struct berval ) * ( i + 1 ) );
+		}
+		if ( got & GOT_CE ) {
+			bv_effective = ber_memalloc( sizeof( struct berval ) * ( i + 1 ) );
+		}
+
+		for ( oc_start( &oc ); oc != NULL; oc_next( &oc ) ) {
+			/* we can only add AUXILIARY objectClasses */
+			if ( oc->soc_kind != LDAP_SCHEMA_AUXILIARY ) {
+				continue;
+			}
+
+			if ( got & GOT_C ) {
+				ber_dupbv( &bv_allowed[ ja ], &oc->soc_cname );
+				ja++;
+			}
+
+			if ( got & GOT_CE ) {
+				if ( !access_allowed( op, rs->sr_entry,
+					slap_schema.si_ad_objectClass,
+					&oc->soc_cname, ACL_WRITE, NULL ) )
+				{
+					goto done_ce;
+				}
+
+				if ( oc->soc_required ) {
+					for ( i = 0; oc->soc_required[ i ] != NULL; i++ ) {
+						AttributeDescription	*ad = NULL;
+						const char		*text = NULL;
+	
+						if ( slap_bv2ad( &oc->soc_required[ i ]->sat_cname, &ad, &text ) ) {
+							/* log? */
+							continue;
+						}
+
+						if ( !access_allowed( op, rs->sr_entry,
+							ad, NULL, ACL_WRITE, NULL ) )
+						{
+							goto done_ce;
+						}
+					}
+				}
+
+				ber_dupbv( &bv_effective[ je ], &oc->soc_cname );
+				je++;
+			}
+done_ce:;
+		}
+
+		if ( ( got & GOT_C ) && ja > 0 ) {
+			BER_BVZERO( &bv_allowed[ ja ] );
+			*ap = attr_alloc( ad_allowedChildClasses );
+			(*ap)->a_vals = bv_allowed;
+			(*ap)->a_nvals = bv_allowed;
+			(*ap)->a_numvals = ja;
+			ap = &(*ap)->a_next;
+		}
+
+		if ( ( got & GOT_CE ) && je > 0 ) {
+			BER_BVZERO( &bv_effective[ je ] );
+			*ap = attr_alloc( ad_allowedChildClassesEffective );
+			(*ap)->a_vals = bv_effective;
+			(*ap)->a_nvals = bv_effective;
+			(*ap)->a_numvals = je;
+			ap = &(*ap)->a_next;
+		}
+
+		*ap = NULL;
+	}

 	return SLAP_CB_CONTINUE;
 }
--- a/external/bsd/openldap/dist/contrib/slapd-modules/autogroup/README
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/autogroup/README
@ -72,7 +72,7 @@ ACKNOWLEDGEMENTS
    This module was originally written in 2007 by Michał Szulczyński.

 ---
-Copyright 1998-2009 The OpenLDAP Foundation.
+Copyright 1998-2010 The OpenLDAP Foundation.
 Portions Copyright (C) 2007 Michał Szulczyński.
 All rights reserved.

--- a/external/bsd/openldap/dist/contrib/slapd-modules/autogroup/autogroup.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/autogroup/autogroup.c
@ -1,10 +1,10 @@
-/*	$NetBSD: autogroup.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: autogroup.c,v 1.1.1.3 2010/12/12 15:18:55 adam Exp $	*/

 /* autogroup.c - automatic group overlay */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/autogroup/autogroup.c,v 1.2.2.5 2009/09/29 21:52:13 quanah Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/autogroup/autogroup.c,v 1.2.2.6 2010/04/13 20:22:26 kurt Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 2007-2009 The OpenLDAP Foundation.
+ * Copyright 2007-2010 The OpenLDAP Foundation.
 * Portions Copyright 2007 Michał Szulczyński.
 * Portions Copyright 2009 Howard Chu.
 * All rights reserved.
--- a/external/bsd/openldap/dist/contrib/slapd-modules/cloak/cloak.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/cloak/cloak.c
@ -1,10 +1,10 @@
-/*	$NetBSD: cloak.c,v 1.1.1.1 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: cloak.c,v 1.1.1.2 2010/12/12 15:18:56 adam Exp $	*/

 /* cloak.c - Overlay to hide some attribute except if explicitely requested */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/cloak/cloak.c,v 1.2.2.3 2009/08/17 21:48:57 quanah Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/cloak/cloak.c,v 1.2.2.4 2010/04/13 20:22:26 kurt Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 2008-2009 The OpenLDAP Foundation.
+ * Copyright 2008-2010 The OpenLDAP Foundation.
 * Portions Copyright 2008 Emmanuel Dreyfus
 * All rights reserved.
 *
--- a/external/bsd/openldap/dist/contrib/slapd-modules/cloak/slapo-cloak.5
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/cloak/slapo-cloak.5
@ -1,7 +1,7 @@
 .TH SLAPO-CLOAK 5 "RELEASEDATE" "OpenLDAP LDVERSION"
-.\" Copyright 1998-2009 The OpenLDAP Foundation, All Rights Reserved.
+.\" Copyright 1998-2010 The OpenLDAP Foundation, All Rights Reserved.
 .\" Copying restrictions apply.  See the COPYRIGHT file.
-.\" OpenLDAP: pkg/ldap/contrib/slapd-modules/cloak/slapo-cloak.5,v 1.1.2.3 2009/08/17 21:48:57 quanah Exp
+.\" OpenLDAP: pkg/ldap/contrib/slapd-modules/cloak/slapo-cloak.5,v 1.1.2.4 2010/04/13 20:22:26 kurt Exp
 .SH NAME
 slapo-cloak \- Attribute cloak overlay to slapd
 .SH SYNOPSIS
--- a/external/bsd/openldap/dist/contrib/slapd-modules/comp_match/Makefile
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/comp_match/Makefile
@ -1,7 +1,7 @@
-# OpenLDAP: pkg/ldap/contrib/slapd-modules/comp_match/Makefile,v 1.11.2.4 2009/01/22 00:00:45 kurt Exp
+# OpenLDAP: pkg/ldap/contrib/slapd-modules/comp_match/Makefile,v 1.11.2.5 2010/04/13 20:22:26 kurt Exp
 # This work is part of OpenLDAP Software <http://www.openldap.org/>.
 #
-# Copyright 2003-2009 The OpenLDAP Foundation.
+# Copyright 2003-2010 The OpenLDAP Foundation.
 # Portions Copyright 2004 by IBM Corporation.
 # All rights reserved.

--- a/external/bsd/openldap/dist/contrib/slapd-modules/denyop/denyop.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/denyop/denyop.c
@ -1,10 +1,10 @@
-/*	$NetBSD: denyop.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: denyop.c,v 1.1.1.3 2010/12/12 15:19:05 adam Exp $	*/

 /* denyop.c - Denies operations */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/denyop/denyop.c,v 1.2.2.4 2009/01/22 00:00:45 kurt Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/denyop/denyop.c,v 1.2.2.5 2010/04/13 20:22:27 kurt Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 2004-2009 The OpenLDAP Foundation.
+ * Copyright 2004-2010 The OpenLDAP Foundation.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/contrib/slapd-modules/dsaschema/README
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/dsaschema/README
@ -1,4 +1,4 @@
-Copyright 2004-2009 The OpenLDAP Foundation. All rights reserved.
+Copyright 2004-2010 The OpenLDAP Foundation. All rights reserved.

 Redistribution and use in source and binary forms, with or without
 modification, are permitted only as authorized by the OpenLDAP
--- a/external/bsd/openldap/dist/contrib/slapd-modules/dsaschema/dsaschema.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/dsaschema/dsaschema.c
@ -1,10 +1,10 @@
-/*	$NetBSD: dsaschema.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: dsaschema.c,v 1.1.1.3 2010/12/12 15:19:05 adam Exp $	*/

 /* dsaschema.c */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/dsaschema/dsaschema.c,v 1.5.2.5 2009/08/17 21:48:57 quanah Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/dsaschema/dsaschema.c,v 1.5.2.6 2010/04/13 20:22:27 kurt Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 2004-2009 The OpenLDAP Foundation.
+ * Copyright 2004-2010 The OpenLDAP Foundation.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/contrib/slapd-modules/lastmod/lastmod.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/lastmod/lastmod.c
@ -1,10 +1,10 @@
-/*	$NetBSD: lastmod.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: lastmod.c,v 1.1.1.3 2010/12/12 15:19:07 adam Exp $	*/

 /* lastmod.c - returns last modification info */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/lastmod/lastmod.c,v 1.2.2.4 2009/01/22 00:00:45 kurt Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/lastmod/lastmod.c,v 1.2.2.6 2010/04/19 16:53:00 quanah Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 2004-2009 The OpenLDAP Foundation.
+ * Copyright 2004-2010 The OpenLDAP Foundation.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
@ -369,7 +369,7 @@ best_guess( Operation *op,
 		struct berval *bv_modifiersName, struct berval *bv_nmodifiersName )
 {
 	if ( bv_entryCSN ) {
-		char		csnbuf[ LDAP_LUTIL_CSNSTR_BUFSIZE ];
+		char		csnbuf[ LDAP_PVT_CSNSTR_BUFSIZE ];
 		struct berval	entryCSN;
 	
 		entryCSN.bv_val = csnbuf;
@ -838,7 +838,7 @@ lastmod_db_open(
 	char		buf[ 8192 ];
 	static char		tmbuf[ LDAP_LUTIL_GENTIME_BUFSIZE ];

-	char			csnbuf[ LDAP_LUTIL_CSNSTR_BUFSIZE ];
+	char			csnbuf[ LDAP_PVT_CSNSTR_BUFSIZE ];
 	struct berval		entryCSN;
 	struct berval timestamp;

--- a/external/bsd/openldap/dist/contrib/slapd-modules/lastmod/slapo-lastmod.5
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/lastmod/slapo-lastmod.5
@ -1,4 +1,4 @@
-.\" Copyright 2004-2009 The OpenLDAP Foundation All Rights Reserved.
+.\" Copyright 2004-2010 The OpenLDAP Foundation All Rights Reserved.
 .\" Copying restrictions apply.  See COPYRIGHT/LICENSE.
 .TH SLAPO_LASTMOD 5 "RELEASEDATE" "OpenLDAP LDVERSION"
 .SH NAME
--- a/external/bsd/openldap/dist/contrib/slapd-modules/nops/nops.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/nops/nops.c
@ -1,10 +1,10 @@
-/*	$NetBSD: nops.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: nops.c,v 1.1.1.3 2010/12/12 15:19:07 adam Exp $	*/

 /* nops.c - Overlay to filter idempotent operations */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nops/nops.c,v 1.1.2.4 2009/08/17 21:48:57 quanah Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nops/nops.c,v 1.1.2.5 2010/04/13 20:22:27 kurt Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>. 
 *
- * Copyright 2008-2009 The OpenLDAP Foundation.
+ * Copyright 2008-2010 The OpenLDAP Foundation.
 * Copyright 2008 Emmanuel Dreyfus.
 * All rights reserved.
 *
--- a/external/bsd/openldap/dist/contrib/slapd-modules/nssov/Makefile
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/nssov/Makefile
@ -1,7 +1,7 @@
-# OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/Makefile,v 1.1.2.5 2009/09/01 22:53:30 quanah Exp
+# OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/Makefile,v 1.1.2.7 2010/04/15 21:32:56 quanah Exp
 # This work is part of OpenLDAP Software <http://www.openldap.org/>.
 #
-# Copyright 2008-2009 The OpenLDAP Foundation.
+# Copyright 2008-2010 The OpenLDAP Foundation.
 # Portions Copyright 2008 Howard Chu, Symas Corp. All Rights Reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@ -24,7 +24,7 @@ OPT=-g -O2
 CC=gcc

 LDAP_INC=-I$(LDAPOBJ)/include -I$(LDAPSRC)/include -I$(LDAPSRC)/servers/slapd
-NLDAPD_INC=-Inss-ldapd
+NLDAPD_INC=-Inss-pam-ldapd
 INCS=$(LDAP_INC) $(NLDAPD_INC)

 LDAP_LIB=-lldap_r -llber
@ -40,7 +40,7 @@ moduledir = $(libexecdir)$(ldap_subdir)
 sysconfdir = $(prefix)/etc$(ldap_subdir)
 schemadir = $(sysconfdir)/schema

-all:	install
+all:	nssov.la

 XOBJS = tio.lo

@ -52,8 +52,8 @@ OBJS = alias.lo ether.lo group.lo host.lo netgroup.lo network.lo \
 .c.lo:
 	$(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $<

-tio.lo:	nss-ldapd/common/tio.c
-	$(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(NLDAPD_INC) -c $?
+tio.lo:	nss-pam-ldapd/tio.c
+	$(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $?

 $(OBJS):	nssov.h

@ -68,3 +68,4 @@ install: nssov.la

 clean:
 	rm -f *.*o *.la .libs/*
+	rm -rf .libs
--- a/external/bsd/openldap/dist/contrib/slapd-modules/nssov/README
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/nssov/README
@ -4,12 +4,15 @@ same IPC protocol as Arthur de Jong's nss-ldapd, and a complete
 copy of the nss-ldapd source is included here. It also handles
 PAM requests.

-To use this code, you will need the client-side stub library from
-nss-ldapd (which resides in nss-ldapd/nss). You will not need the
-nslcd daemon; this overlay replaces that part. You should already
-be familiar with the RFC2307 and RFC2307bis schema to use this
-overlay. See the nss-ldapd/README for more information on the
-schema and which features are supported.
+To use this code, you will need the client-side stuf library from
+nss-pam-ldapd.  You can get it from:
+http://arthurdejong.org/nss-pam-ldapd
+You will not need the nslcd daemon; this overlay replaces that part.
+To disable building of the nslcd daemon in nss-pam-ldapd, add the
+--disable-nslcd option to the nss-pam-ldapd configure script. You
+should already be familiar with the RFC2307 and RFC2307bis schema
+to use this overlay.  See the nss-pam-ldapd README for more information
+on the schema and which features are supported.

 To use the overlay, add:

@ -118,7 +121,7 @@ in the server for the given user.
 ---
 This work is part of OpenLDAP Software <http://www.openldap.org/>.

-Copyright 1998-2009 The OpenLDAP Foundation.
+Copyright 1998-2010 The OpenLDAP Foundation.
 Portions Copyright 2008-2009 Howard Chu, Symas Corp. All rights reserved.

 Redistribution and use in source and binary forms, with or without
--- a/external/bsd/openldap/dist/contrib/slapd-modules/nssov/alias.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/nssov/alias.c
@ -1,10 +1,10 @@
-/*	$NetBSD: alias.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: alias.c,v 1.1.1.3 2010/12/12 15:19:07 adam Exp $	*/

 /* alias.c - mail alias lookup routines */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/alias.c,v 1.1.2.3 2009/08/17 21:48:57 quanah Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/alias.c,v 1.1.2.5 2010/04/15 21:32:56 quanah Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>. 
 *
- * Copyright 2008-2009 The OpenLDAP Foundation.
+ * Copyright 2008-2010 The OpenLDAP Foundation.
 * Portions Copyright 2008 by Howard Chu, Symas Corp.
 * All rights reserved.
 *
@ -85,7 +85,7 @@ static int write_alias(nssov_alias_cbp *cbp,Entry *entry)
 	/* for each name, write an entry */
 	for (i=0;!BER_BVISNULL(&names[i]);i++)
 	{
-		WRITE_INT32(cbp->fp,NSLCD_RESULT_SUCCESS);
+		WRITE_INT32(cbp->fp,NSLCD_RESULT_BEGIN);
 		WRITE_BERVAL(cbp->fp,&names[i]);
 		WRITE_BVARRAY(cbp->fp,members);
 	}
@ -99,7 +99,7 @@ NSSOV_HANDLE(
 	char fbuf[1024];
 	struct berval filter = {sizeof(fbuf)};
 	filter.bv_val = fbuf;
-	READ_STRING_BUF2(fp,cbp.buf,sizeof(cbp.buf));
+	READ_STRING(fp,cbp.buf);
 	cbp.name.bv_len = tmpint32;
 	cbp.name.bv_val = cbp.buf;,
 	Debug(LDAP_DEBUG_TRACE,"nssov_alias_byname(%s)\n",cbp.name.bv_val,0,0);,
--- a/external/bsd/openldap/dist/contrib/slapd-modules/nssov/ether.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/nssov/ether.c
@ -1,10 +1,10 @@
-/*	$NetBSD: ether.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: ether.c,v 1.1.1.3 2010/12/12 15:19:07 adam Exp $	*/

 /* ether.c - ethernet address lookup routines */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/ether.c,v 1.1.2.3 2009/08/17 21:48:57 quanah Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/ether.c,v 1.1.2.5 2010/04/15 21:32:56 quanah Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 2008-2009 The OpenLDAP Foundation.
+ * Copyright 2008-2010 The OpenLDAP Foundation.
 * Copyright 2008 by Howard Chu, Symas Corp.
 * All rights reserved.
 *
@ -113,7 +113,7 @@ static int write_ether(nssov_ether_cbp *cbp,Entry *entry)
 	for (i=0;!BER_BVISNULL(&names[i]);i++)
 		for (j=0;!BER_BVISNULL(&ethers[j]);j++)
 		{
-			WRITE_INT32(cbp->fp,NSLCD_RESULT_SUCCESS);
+			WRITE_INT32(cbp->fp,NSLCD_RESULT_BEGIN);
 			WRITE_BERVAL(cbp->fp,&names[i]);
 			WRITE_ETHER(cbp->fp,ethers[j]);
 		}
@ -128,7 +128,7 @@ NSSOV_HANDLE(
 	struct berval filter = {sizeof(fbuf)};
 	filter.bv_val = fbuf;
 	BER_BVZERO(&cbp.addr);
-	READ_STRING_BUF2(fp,cbp.buf,sizeof(cbp.buf));
+	READ_STRING(fp,cbp.buf);
 	cbp.name.bv_len = tmpint32;
 	cbp.name.bv_val = cbp.buf;,
 	Debug(LDAP_DEBUG_TRACE,"nssov_ether_byname(%s)\n",cbp.name.bv_val,0,0);,
--- a/external/bsd/openldap/dist/contrib/slapd-modules/nssov/group.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/nssov/group.c
@ -1,10 +1,10 @@
-/*	$NetBSD: group.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: group.c,v 1.1.1.3 2010/12/12 15:19:07 adam Exp $	*/

 /* group.c - group lookup routines */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/group.c,v 1.1.2.4 2009/08/17 21:48:57 quanah Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/group.c,v 1.1.2.6 2010/04/15 21:32:56 quanah Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>. 
 *
- * Copyright 2008-2009 The OpenLDAP Foundation.
+ * Copyright 2008-2010 The OpenLDAP Foundation.
 * Portions Copyright 2008-2009 by Howard Chu, Symas Corp.
 * All rights reserved.
 *
@ -250,7 +250,7 @@ static int write_group(nssov_group_cbp *cbp,Entry *entry)
 						names[i].bv_val);
 					continue;
 				}
-				WRITE_INT32(cbp->fp,NSLCD_RESULT_SUCCESS);
+				WRITE_INT32(cbp->fp,NSLCD_RESULT_BEGIN);
 				WRITE_BERVAL(cbp->fp,&names[i]);
 				WRITE_BERVAL(cbp->fp,&passwd);
 				WRITE_TYPE(cbp->fp,gid,gid_t);
@ -279,7 +279,7 @@ NSSOV_HANDLE(
 	char fbuf[1024];
 	struct berval filter = {sizeof(fbuf)};
 	filter.bv_val = fbuf;
-	READ_STRING_BUF2(fp,cbp.buf,sizeof(cbp.buf));
+	READ_STRING(fp,cbp.buf);
 	cbp.name.bv_len = tmpint32;
 	cbp.name.bv_val = cbp.buf;
 	if (!isvalidgroupname(&cbp.name)) {
@ -318,7 +318,7 @@ NSSOV_HANDLE(
 	char fbuf[1024];
 	struct berval filter = {sizeof(fbuf)};
 	filter.bv_val = fbuf;
-	READ_STRING_BUF2(fp,cbp.buf,sizeof(cbp.buf));
+	READ_STRING(fp,cbp.buf);
 	cbp.user.bv_len = tmpint32;
 	cbp.user.bv_val = cbp.buf;
 	if (!isvalidusername(&cbp.user)) {
--- a/external/bsd/openldap/dist/contrib/slapd-modules/nssov/host.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/nssov/host.c
@ -1,10 +1,10 @@
-/*	$NetBSD: host.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: host.c,v 1.1.1.3 2010/12/12 15:19:08 adam Exp $	*/

 /* host.c - host lookup routines */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/host.c,v 1.1.2.4 2009/08/24 17:35:29 quanah Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/host.c,v 1.1.2.6 2010/04/15 21:32:56 quanah Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>. 
 *
- * Copyright 2008-2009 The OpenLDAP Foundation.
+ * Copyright 2008-2010 The OpenLDAP Foundation.
 * Portions Copyright 2008 by Howard Chu, Symas Corp.
 * All rights reserved.
 *
@ -93,7 +93,7 @@ static int write_host(nssov_host_cbp *cbp,Entry *entry)
 	addrs = a->a_vals;
 	numaddr = a->a_numvals;
 	/* write the entry */
-	WRITE_INT32(cbp->fp,NSLCD_RESULT_SUCCESS);
+	WRITE_INT32(cbp->fp,NSLCD_RESULT_BEGIN);
 	WRITE_BERVAL(cbp->fp,&name);
 	if ( dupname >= 0 ) {
 		WRITE_INT32(cbp->fp,numname-1);
@ -120,7 +120,7 @@ NSSOV_HANDLE(
 	struct berval filter = {sizeof(fbuf)};
 	filter.bv_val = fbuf;
 	BER_BVZERO(&cbp.addr);
-	READ_STRING_BUF2(fp,cbp.buf,sizeof(cbp.buf));
+	READ_STRING(fp,cbp.buf);
 	cbp.name.bv_len = tmpint32;
 	cbp.name.bv_val = cbp.buf;,
 	Debug(LDAP_DEBUG_TRACE,"nssov_host_byname(%s)\n",cbp.name.bv_val,0,0);,
--- a/external/bsd/openldap/dist/contrib/slapd-modules/nssov/netgroup.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/nssov/netgroup.c
@ -1,10 +1,10 @@
-/*	$NetBSD: netgroup.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: netgroup.c,v 1.1.1.3 2010/12/12 15:19:08 adam Exp $	*/

 /* netgroup.c - netgroup lookup routines */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/netgroup.c,v 1.1.2.3 2009/08/17 21:48:58 quanah Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/netgroup.c,v 1.1.2.5 2010/04/15 21:32:56 quanah Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>. 
 *
- * Copyright 2008-2009 The OpenLDAP Foundation.
+ * Copyright 2008-2010 The OpenLDAP Foundation.
 * Portions Copyright 2008 by Howard Chu, Symas Corp.
 * All rights reserved.
 *
@ -142,8 +142,8 @@ static int write_netgroup_triple(TFILE *fp,const char *triple)
 		return 0;
 	}
 	/* write strings */
-	WRITE_INT32(fp,NSLCD_RESULT_SUCCESS);
-	WRITE_INT32(fp,NETGROUP_TYPE_TRIPLE);
+	WRITE_INT32(fp,NSLCD_RESULT_BEGIN);
+	WRITE_INT32(fp,NSLCD_NETGROUP_TYPE_TRIPLE);
 	WRITE_STRING_STRIPSPACE_LEN(fp,triple+hostb,hoste-hostb)
 	WRITE_STRING_STRIPSPACE_LEN(fp,triple+userb,usere-userb)
 	WRITE_STRING_STRIPSPACE_LEN(fp,triple+domainb,domaine-domainb)
@ -173,9 +173,9 @@ static int write_netgroup(nssov_netgroup_cbp *cbp,Entry *entry)
 		for (i=0;i<a->a_numvals;i++)
 		{
 			/* write the result code */
-			WRITE_INT32(cbp->fp,NSLCD_RESULT_SUCCESS);
+			WRITE_INT32(cbp->fp,NSLCD_RESULT_BEGIN);
 			/* write triple indicator */
-			WRITE_INT32(cbp->fp,NETGROUP_TYPE_NETGROUP);
+			WRITE_INT32(cbp->fp,NSLCD_NETGROUP_TYPE_NETGROUP);
 			/* write netgroup name */
 			if (write_string_stripspace_len(cbp->fp,a->a_vals[i].bv_val,a->a_vals[i].bv_len))
 				return -1;
@ -192,7 +192,7 @@ NSSOV_HANDLE(
 	char fbuf[1024];
 	struct berval filter = {sizeof(fbuf)};
 	filter.bv_val = fbuf;
-	READ_STRING_BUF2(fp,cbp.buf,sizeof(cbp.buf));,
+	READ_STRING(fp,cbp.buf);,
 	cbp.name.bv_len = tmpint32;
 	cbp.name.bv_val = cbp.buf;
 	Debug(LDAP_DEBUG_TRACE,"nssov_netgroup_byname(%s)\n",cbp.name.bv_val,0,0);,
--- a/external/bsd/openldap/dist/contrib/slapd-modules/nssov/network.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/nssov/network.c
@ -1,10 +1,10 @@
-/*	$NetBSD: network.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: network.c,v 1.1.1.3 2010/12/12 15:19:08 adam Exp $	*/

 /* network.c - network address lookup routines */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/network.c,v 1.1.2.4 2009/08/24 17:35:29 quanah Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/network.c,v 1.1.2.7 2010/05/26 15:21:53 hyc Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>. 
 *
- * Copyright 2008-2009 The OpenLDAP Foundation.
+ * Copyright 2008-2010 The OpenLDAP Foundation.
 * Portions Copyright 2008 by Howard Chu, Symas Corp.
 * All rights reserved.
 *
@ -93,7 +93,7 @@ static int write_network(nssov_network_cbp *cbp,Entry *entry)
 	addrs = a->a_vals;
 	numaddr = a->a_numvals;
 	/* write the entry */
-	WRITE_INT32(cbp->fp,NSLCD_RESULT_SUCCESS);
+	WRITE_INT32(cbp->fp,NSLCD_RESULT_BEGIN);
 	WRITE_BERVAL(cbp->fp,&name);
 	if ( dupname >= 0 ) {
 		WRITE_INT32(cbp->fp,numname-1);
@ -120,7 +120,7 @@ NSSOV_HANDLE(
 	struct berval filter = {sizeof(fbuf)};
 	filter.bv_val = fbuf;
 	BER_BVZERO(&cbp.addr);
-	READ_STRING_BUF2(fp,cbp.buf,sizeof(cbp.buf));
+	READ_STRING(fp,cbp.buf);
 	cbp.name.bv_len = tmpint32;
 	cbp.name.bv_val = cbp.buf;,
 	Debug(LDAP_DEBUG_TRACE,"nssov_network_byname(%s)\n",cbp.name.bv_val,0,0);,
--- a/external/bsd/openldap/dist/contrib/slapd-modules/nssov/nss-pam-ldapd/README
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/nssov/nss-pam-ldapd/README
@ -0,0 +1,7 @@
+These files were pulled from the nss-pam-ldapd project version 0.7.3.  Copyright notices are in the individual files.
+
+This is not the full distribution of nss-pam-ldapd, and does not
+include the client-side stub libraries.  Get the latest release of
+nss-pam-ldapd from http://arthurdejong.org/nss-pam-ldapd/ to use
+this overlay.
+
--- a/external/bsd/openldap/dist/contrib/slapd-modules/nssov/nss-pam-ldapd/attrs.h
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/nssov/nss-pam-ldapd/attrs.h
@ -0,0 +1,93 @@
+/*	$NetBSD: attrs.h,v 1.1.1.1 2010/12/12 15:19:11 adam Exp $	*/
+
+/*
+   attrs.h - wrapper macros for the gcc __attribute__(()) directive
+
+   Copyright (C) 2007, 2008 Arthur de Jong
+
+   This library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   This library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with this library; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+   02110-1301 USA
+*/
+
+#ifndef _COMPAT_ATTRS_H
+#define _COMPAT_ATTRS_H 1
+
+/* macro for testing the version of GCC */
+#define GCC_VERSION(major,minor) \
+  ((__GNUC__ > (major)) || (__GNUC__ == (major) && __GNUC_MINOR__ >= (minor)))
+
+/* These are macros to use some gcc-specific flags in case the're available
+   and otherwise define them to empty strings. This allows us to give
+   the compiler some extra information.
+   See http://gcc.gnu.org/onlinedocs/gcc/Attribute-Syntax.html
+   for a list of attributes supported by gcc */
+
+/* this is used to flag function parameters that are not used in the function
+   body. */
+#if GCC_VERSION(3,0)
+#define UNUSED(x)   x __attribute__((__unused__))
+#else
+#define UNUSED(x)   x
+#endif
+
+/* this is used to add extra format checking to the function calls as if this
+   was a printf()-like function */
+#if GCC_VERSION(3,0)
+#define LIKE_PRINTF(format_idx,arg_idx) \
+                    __attribute__((__format__(__printf__,format_idx,arg_idx)))
+#else
+#define LIKE_PRINTF(format_idx,arg_idx) /* no attribute */
+#endif
+
+/* indicates that the function is "pure": it's result is purely based on
+   the parameters and has no side effects or used static data */
+#if GCC_VERSION(3,0)
+#define PURE        __attribute__((__pure__))
+#else
+#define PURE        /* no attribute */
+#endif
+
+/* the function returns a new data structure that has been freshly
+   allocated */
+#if GCC_VERSION(3,0)
+#define LIKE_MALLOC __attribute__((__malloc__))
+#else
+#define LIKE_MALLOC /* no attribute */
+#endif
+
+/* the function's return value should be used by the caller */
+#if GCC_VERSION(3,4)
+#define MUST_USE    __attribute__((__warn_unused_result__))
+#else
+#define MUST_USE    /* no attribute */
+#endif
+
+/* the function's return value should be used by the caller */
+#if GCC_VERSION(2,5)
+#define NORETURN    __attribute__((__noreturn__))
+#else
+#define NORETURN    /* no attribute */
+#endif
+
+/* define __STRING if it's not yet defined */
+#ifndef __STRING
+#ifdef __STDC__
+#define __STRING(x) #x
+#else /* __STDC__ */
+#define __STRING(x) "x"
+#endif /* not __STDC__ */
+#endif /* not __STRING */
+
+#endif /* not _COMPAT_ATTRS_H */
--- a/external/bsd/openldap/dist/contrib/slapd-modules/nssov/nss-pam-ldapd/nslcd-prot.h
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/nssov/nss-pam-ldapd/nslcd-prot.h
@ -0,0 +1,358 @@
+/*	$NetBSD: nslcd-prot.h,v 1.1.1.1 2010/12/12 15:19:11 adam Exp $	*/
+
+/*
+   nslcd-prot.h - helper macros for reading and writing in protocol streams
+
+   Copyright (C) 2006 West Consulting
+   Copyright (C) 2006, 2007, 2009 Arthur de Jong
+
+   This library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   This library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with this library; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+   02110-1301 USA
+*/
+
+#ifndef _NSLCD_PROT_H
+#define _NSLCD_PROT_H 1
+
+#include "tio.h"
+
+/* If you use these macros you should define the following macros to
+   handle error conditions (these marcos should clean up and return from the
+   function):
+     ERROR_OUT_WRITEERROR(fp)
+     ERROR_OUT_READERROR(fp)
+     ERROR_OUT_BUFERROR(fp)
+     ERROR_OUT_NOSUCCESS(fp) */
+
+
+/* Debugging marcos that can be used to enable detailed protocol logging,
+   pass -DDEBUG_PROT to do overall protocol debugging, and -DDEBUG_PROT_DUMP
+   to dump the actual bytestream. */
+
+#ifdef DEBUG_PROT
+/* define a debugging macro to output logging */
+#include <string.h>
+#include <errno.h>
+#define DEBUG_PRINT(fmt,arg) \
+  fprintf(stderr,"%s:%d:%s: " fmt "\n",__FILE__,__LINE__,__PRETTY_FUNCTION__,arg);
+#else /* DEBUG_PROT */
+/* define an empty debug macro to disable logging */
+#define DEBUG_PRINT(fmt,arg)
+#endif /* not DEBUG_PROT */
+
+#ifdef DEBUG_PROT_DUMP
+/* define a debugging macro to output detailed logging */
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif /* HAVE_STDINT_H */
+static void debug_dump(const void *ptr,size_t size)
+{
+  int i;
+  for (i=0;i<size;i++)
+    fprintf(stderr," %02x",((const uint8_t *)ptr)[i]);
+  fprintf(stderr,"\n");
+}
+#define DEBUG_DUMP(ptr,size) \
+  fprintf(stderr,"%s:%d:%s:",__FILE__,__LINE__,__PRETTY_FUNCTION__); \
+  debug_dump(ptr,size);
+#else /* DEBUG_PROT_DUMP */
+/* define an empty debug macro to disable logging */
+#define DEBUG_DUMP(ptr,size)
+#endif /* not DEBUG_PROT_DUMP */
+
+
+/* WRITE marcos, used for writing data, on write error they will
+   call the ERROR_OUT_WRITEERROR macro
+   these macros may require the availability of the following
+   variables:
+   int32_t tmpint32; - temporary variable
+   */
+
+#define WRITE(fp,ptr,size) \
+  DEBUG_PRINT("WRITE       : var="__STRING(ptr)" size=%d",(int)size); \
+  DEBUG_DUMP(ptr,size); \
+  if (tio_write(fp,ptr,(size_t)size)) \
+  { \
+    DEBUG_PRINT("WRITE       : var="__STRING(ptr)" error: %s",strerror(errno)); \
+    ERROR_OUT_WRITEERROR(fp); \
+  }
+
+#define WRITE_TYPE(fp,field,type) \
+  WRITE(fp,&(field),sizeof(type))
+
+#define WRITE_INT32(fp,i) \
+  DEBUG_PRINT("WRITE_INT32 : var="__STRING(i)" int32=%d",(int)i); \
+  tmpint32=(int32_t)(i); \
+  WRITE_TYPE(fp,tmpint32,int32_t)
+
+#define WRITE_STRING(fp,str) \
+  DEBUG_PRINT("WRITE_STRING: var="__STRING(str)" string=\"%s\"",(str)); \
+  if ((str)==NULL) \
+  { \
+    WRITE_INT32(fp,0); \
+  } \
+  else \
+  { \
+    WRITE_INT32(fp,strlen(str)); \
+    if (tmpint32>0) \
+      { WRITE(fp,(str),tmpint32); } \
+  }
+
+#define WRITE_STRINGLIST(fp,arr) \
+  if ((arr)==NULL) \
+  { \
+    DEBUG_PRINT("WRITE_STRLST: var="__STRING(arr)" num=%d",0); \
+    WRITE_INT32(fp,0); \
+  } \
+  else \
+  { \
+    /* first determin length of array */ \
+    for (tmp3int32=0;(arr)[tmp3int32]!=NULL;tmp3int32++) \
+      /*noting*/ ; \
+    /* write number of strings */ \
+    DEBUG_PRINT("WRITE_STRLST: var="__STRING(arr)" num=%d",(int)tmp3int32); \
+    WRITE_TYPE(fp,tmp3int32,int32_t); \
+    /* write strings */ \
+    for (tmp2int32=0;tmp2int32<tmp3int32;tmp2int32++) \
+    { \
+      WRITE_STRING(fp,(arr)[tmp2int32]); \
+    } \
+  }
+
+#define WRITE_STRINGLIST_EXCEPT(fp,arr,not) \
+  /* first determin length of array */ \
+  tmp3int32=0; \
+  for (tmp2int32=0;(arr)[tmp2int32]!=NULL;tmp2int32++) \
+    if (strcmp((arr)[tmp2int32],(not))!=0) \
+      tmp3int32++; \
+  /* write number of strings (mius one because we intend to skip one) */ \
+  DEBUG_PRINT("WRITE_STRLST: var="__STRING(arr)" num=%d",(int)tmp3int32); \
+  WRITE_TYPE(fp,tmp3int32,int32_t); \
+  /* write strings */ \
+  for (tmp2int32=0;(arr)[tmp2int32]!=NULL;tmp2int32++) \
+  { \
+    if (strcmp((arr)[tmp2int32],(not))!=0) \
+    { \
+      WRITE_STRING(fp,(arr)[tmp2int32]); \
+    } \
+  }
+
+
+/* READ macros, used for reading data, on read error they will
+   call the ERROR_OUT_READERROR or ERROR_OUT_BUFERROR macro
+   these macros may require the availability of the following
+   variables:
+   int32_t tmpint32; - temporary variable
+   */
+
+#define READ(fp,ptr,size) \
+  if (tio_read(fp,ptr,(size_t)size)) \
+  { \
+    DEBUG_PRINT("READ       : var="__STRING(ptr)" error: %s",strerror(errno)); \
+    ERROR_OUT_READERROR(fp); \
+  } \
+  DEBUG_PRINT("READ       : var="__STRING(ptr)" size=%d",(int)size); \
+  DEBUG_DUMP(ptr,size);
+
+#define READ_TYPE(fp,field,type) \
+  READ(fp,&(field),sizeof(type))
+
+#define READ_INT32(fp,i) \
+  READ_TYPE(fp,tmpint32,int32_t); \
+  i=tmpint32; \
+  DEBUG_PRINT("READ_INT32 : var="__STRING(i)" int32=%d",(int)i);
+
+/* read a string in a fixed-size "normal" buffer */
+#define READ_STRING(fp,buffer) \
+  /* read the size of the string */ \
+  READ_TYPE(fp,tmpint32,int32_t); \
+  DEBUG_PRINT("READ_STRING: var="__STRING(buffer)" strlen=%d",tmpint32); \
+  /* check if read would fit */ \
+  if (((size_t)tmpint32)>=sizeof(buffer)) \
+  { \
+    /* will not fit */ \
+    DEBUG_PRINT("READ       : buffer error: %d bytes too large",(tmpint32-sizeof(buffer))+1); \
+    ERROR_OUT_BUFERROR(fp); \
+  } \
+  /* read string from the stream */ \
+  if (tmpint32>0) \
+    { READ(fp,buffer,(size_t)tmpint32); } \
+  /* null-terminate string in buffer */ \
+  buffer[tmpint32]='\0'; \
+  DEBUG_PRINT("READ_STRING: var="__STRING(buffer)" string=\"%s\"",buffer);
+
+
+/* READ BUF macros that read data into a pre-allocated buffer.
+   these macros may require the availability of the following
+   variables:
+   int32_t tmpint32; - temporary variable
+   char *buffer;     - pointer to a buffer for reading strings
+   size_t buflen;    - the size of the buffer
+   size_t bufptr;    - the current position in the buffer
+   */
+
+/* current position in the buffer */
+#define BUF_CUR \
+  (buffer+bufptr)
+
+/* check that the buffer has sz bytes left in it */
+#define BUF_CHECK(fp,sz) \
+  if ((bufptr+(size_t)(sz))>buflen) \
+  { \
+    /* will not fit */ \
+    DEBUG_PRINT("READ       : buffer error: %d bytes too small",(bufptr+(sz)-(buflen))); \
+    ERROR_OUT_BUFERROR(fp); \
+  }
+
+/* move the buffer pointer */
+#define BUF_SKIP(sz) \
+  bufptr+=(size_t)(sz);
+
+/* move BUF_CUR foreward so that it is aligned to the specified
+   type width */
+#define BUF_ALIGN(fp,type) \
+  /* figure out number of bytes to skip foreward */ \
+  tmp2int32=(sizeof(type)-((BUF_CUR-(char *)NULL)%sizeof(type)))%sizeof(type); \
+  /* check and skip */ \
+  BUF_CHECK(fp,tmp2int32); \
+  BUF_SKIP(tmp2int32);
+
+/* allocate a piece of the buffer to store an array in */
+#define BUF_ALLOC(fp,ptr,type,num) \
+  /* align to the specified type width */ \
+  BUF_ALIGN(fp,type); \
+  /* check that we have enough room */ \
+  BUF_CHECK(fp,(size_t)(num)*sizeof(type)); \
+  /* store the pointer */ \
+  (ptr)=(type *)BUF_CUR; \
+  /* reserve the space */ \
+  BUF_SKIP((size_t)(num)*sizeof(type));
+
+/* read a binary blob into the buffer */
+#define READ_BUF(fp,ptr,sz) \
+  /* check that there is enough room and read */ \
+  BUF_CHECK(fp,sz); \
+  READ(fp,BUF_CUR,(size_t)sz); \
+  /* store pointer and skip */ \
+  (ptr)=BUF_CUR; \
+  BUF_SKIP(sz);
+
+/* read string in the buffer (using buffer, buflen and bufptr)
+   and store the actual location of the string in field */
+#define READ_BUF_STRING(fp,field) \
+  /* read the size of the string */ \
+  READ_TYPE(fp,tmpint32,int32_t); \
+  DEBUG_PRINT("READ_BUF_STRING: var="__STRING(field)" strlen=%d",tmpint32); \
+  /* check if read would fit */ \
+  BUF_CHECK(fp,tmpint32+1); \
+  /* read string from the stream */ \
+  if (tmpint32>0) \
+    { READ(fp,BUF_CUR,(size_t)tmpint32); } \
+  /* null-terminate string in buffer */ \
+  BUF_CUR[tmpint32]='\0'; \
+  DEBUG_PRINT("READ_BUF_STRING: var="__STRING(field)" string=\"%s\"",BUF_CUR); \
+  /* prepare result */ \
+  (field)=BUF_CUR; \
+  BUF_SKIP(tmpint32+1);
+
+/* read an array from a stram and store it as a null-terminated
+   array list (size for the array is allocated) */
+#define READ_BUF_STRINGLIST(fp,arr) \
+  /* read the number of entries */ \
+  READ_TYPE(fp,tmp3int32,int32_t); \
+  DEBUG_PRINT("READ_STRLST: var="__STRING(arr)" num=%d",(int)tmp3int32); \
+  /* allocate room for *char[num+1] */ \
+  BUF_ALLOC(fp,arr,char *,tmp3int32+1); \
+  /* read all entries */ \
+  for (tmp2int32=0;tmp2int32<tmp3int32;tmp2int32++) \
+  { \
+    READ_BUF_STRING(fp,(arr)[tmp2int32]); \
+  } \
+  /* set last entry to NULL */ \
+  (arr)[tmp2int32]=NULL;
+
+
+/* SKIP macros for skipping over certain parts of the protocol stream. */
+
+/* skip a number of bytes foreward */
+#define SKIP(fp,sz) \
+  DEBUG_PRINT("READ       : skip %d bytes",(int)(sz)); \
+  /* read (skip) the specified number of bytes */ \
+  if (tio_skip(fp,sz)) \
+  { \
+    DEBUG_PRINT("READ       : skip error: %s",strerror(errno)); \
+    ERROR_OUT_READERROR(fp); \
+  }
+
+/* read a string from the stream but don't do anything with the result */
+#define SKIP_STRING(fp) \
+  /* read the size of the string */ \
+  READ_TYPE(fp,tmpint32,int32_t); \
+  DEBUG_PRINT("READ_STRING: skip %d bytes",(int)tmpint32); \
+  /* read (skip) the specified number of bytes */ \
+  SKIP(fp,tmpint32);
+
+/* skip a list of strings */
+#define SKIP_STRINGLIST(fp) \
+  /* read the number of entries */ \
+  READ_TYPE(fp,tmp3int32,int32_t); \
+  DEBUG_PRINT("READ_STRLST: skip %d strings",(int)tmp3int32); \
+  /* read all entries */ \
+  for (tmp2int32=0;tmp2int32<tmp3int32;tmp2int32++) \
+  { \
+    SKIP_STRING(fp); \
+  }
+
+
+/* These are functions and macors for performing common operations in
+   the nslcd request/response protocol. */
+
+/* returns a socket to the server or NULL on error (see errno),
+   socket should be closed with tio_close() */
+TFILE *nslcd_client_open(void)
+  MUST_USE;
+
+/* generic request code */
+#define NSLCD_REQUEST(fp,action,writefn) \
+  /* open a client socket */ \
+  if ((fp=nslcd_client_open())==NULL) \
+    { ERROR_OUT_OPENERROR } \
+  /* write a request header with a request code */ \
+  WRITE_INT32(fp,(int32_t)NSLCD_VERSION) \
+  WRITE_INT32(fp,(int32_t)action) \
+  /* write the request parameters (if any) */ \
+  writefn; \
+  /* flush the stream */ \
+  if (tio_flush(fp)<0) \
+  { \
+    DEBUG_PRINT("WRITE_FLUSH : error: %s",strerror(errno)); \
+    ERROR_OUT_WRITEERROR(fp); \
+  } \
+  /* read and check response version number */ \
+  READ_TYPE(fp,tmpint32,int32_t); \
+  if (tmpint32!=(int32_t)NSLCD_VERSION) \
+    { ERROR_OUT_READERROR(fp) } \
+  /* read and check response request number */ \
+  READ_TYPE(fp,tmpint32,int32_t); \
+  if (tmpint32!=(int32_t)(action)) \
+    { ERROR_OUT_READERROR(fp) }
+
+/* Read the response code (the result code of the query) from
+   the stream. */
+#define READ_RESPONSE_CODE(fp) \
+  READ_TYPE(fp,tmpint32,int32_t); \
+  if (tmpint32!=(int32_t)NSLCD_RESULT_BEGIN) \
+    { ERROR_OUT_NOSUCCESS(fp) }
+
+#endif /* not _NSLCD_PROT_H */
--- a/external/bsd/openldap/dist/contrib/slapd-modules/nssov/nss-pam-ldapd/nslcd.h
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/nssov/nss-pam-ldapd/nslcd.h
@ -0,0 +1,258 @@
+/*	$NetBSD: nslcd.h,v 1.1.1.1 2010/12/12 15:19:12 adam Exp $	*/
+
+/*
+   nslcd.h - file describing client/server protocol
+
+   Copyright (C) 2006 West Consulting
+   Copyright (C) 2006, 2007, 2009, 2010 Arthur de Jong
+
+   This library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   This library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with this library; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+   02110-1301 USA
+*/
+
+#ifndef _NSLCD_H
+#define _NSLCD_H 1
+
+/*
+   The protocol used between the nslcd client and server is a simple binary
+   protocol. It is request/response based where the client initiates a
+   connection, does a single request and closes the connection again. Any
+   mangled or not understood messages will be silently ignored by the server.
+
+   A request looks like:
+     INT32  NSLCD_VERSION
+     INT32  NSLCD_ACTION_*
+     [request parameters if any]
+   A response looks like:
+     INT32  NSLCD_VERSION
+     INT32  NSLCD_ACTION_* (the original request type)
+     [result(s)]
+     INT32  NSLCD_RESULT_END
+   A single result entry looks like:
+     INT32  NSLCD_RESULT_BEGIN
+     [result value(s)]
+   If a response would return multiple values (e.g. for NSLCD_ACTION_*_ALL
+   functions) each return value will be preceded by a NSLCD_RESULT_BEGIN
+   value. After the last returned result the server sends
+   NSLCD_RESULT_END. If some error occurs (e.g. LDAP server unavailable,
+   error in the request, etc) the server terminates the connection to signal
+   an error condition (breaking the protocol).
+
+   These are the available basic data types:
+     INT32  - 32-bit integer value
+     TYPE   - a typed field that is transferred using sizeof()
+     STRING - a string length (32bit) followed by the string value (not
+              null-terminted) the string itself is assumed to be UTF-8
+     STRINGLIST - a 32-bit number noting the number of strings followed by
+                  the strings one at a time
+
+   Furthermore the ADDRESS compound data type is defined as:
+     INT32  type of address: e.g. AF_INET or AF_INET6
+     INT32  lenght of address
+     RAW    the address itself in network byte order
+   With the ADDRESSLIST using the same construct as with STRINGLIST.
+
+   The protocol uses host-byte order for all types (except in the raw
+   address above).
+*/
+
+/* The current version of the protocol. Note that version 1
+   is experimental and this version will be used until a
+   1.0 release of nss-pam-ldapd is made. */
+#define NSLCD_VERSION 1
+
+/* Email alias (/etc/aliases) NSS requests. The result values for a
+   single entry are:
+     STRING      alias name
+     STRINGLIST  alias rcpts */
+#define NSLCD_ACTION_ALIAS_BYNAME       4001
+#define NSLCD_ACTION_ALIAS_ALL          4002
+
+/* Ethernet address/name mapping NSS requests. The result values for a
+   single entry are:
+     STRING            ether name
+     TYPE(uint8_t[6])  ether address */
+#define NSLCD_ACTION_ETHER_BYNAME       3001
+#define NSLCD_ACTION_ETHER_BYETHER      3002
+#define NSLCD_ACTION_ETHER_ALL          3005
+
+/* Group and group membership related NSS requests. The result values
+   for a single entry are:
+     STRING       group name
+     STRING       group password
+     TYPE(gid_t)  group id
+     STRINGLIST   members (usernames) of the group
+     (not that the BYMEMER call returns an emtpy members list) */
+#define NSLCD_ACTION_GROUP_BYNAME       5001
+#define NSLCD_ACTION_GROUP_BYGID        5002
+#define NSLCD_ACTION_GROUP_BYMEMBER     5003
+#define NSLCD_ACTION_GROUP_ALL          5004
+
+/* Hostname (/etc/hosts) lookup NSS requests. The result values
+   for an entry are:
+     STRING       host name
+     STRINGLIST   host aliases
+     ADDRESSLIST  host addresses */
+#define NSLCD_ACTION_HOST_BYNAME        6001
+#define NSLCD_ACTION_HOST_BYADDR        6002
+#define NSLCD_ACTION_HOST_ALL           6005
+
+/* Netgroup NSS request return a number of results. Result values
+   can be either a reference to another netgroup:
+     INT32   NSLCD_NETGROUP_TYPE_NETGROUP
+     STRING  other netgroup name
+   or a netgroup triple:
+     INT32   NSLCD_NETGROUP_TYPE_TRIPLE
+     STRING  host
+     STRING  user
+     STRING  domain */
+#define NSLCD_ACTION_NETGROUP_BYNAME   12001
+#define NSLCD_NETGROUP_TYPE_NETGROUP 123
+#define NSLCD_NETGROUP_TYPE_TRIPLE   456
+
+/* Network name (/etc/networks) NSS requests. Result values for a single
+   entry are:
+     STRING       network name
+     STRINGLIST   network aliases
+     ADDRESSLIST  network addresses */
+#define NSLCD_ACTION_NETWORK_BYNAME     8001
+#define NSLCD_ACTION_NETWORK_BYADDR     8002
+#define NSLCD_ACTION_NETWORK_ALL        8005
+
+/* User account (/etc/passwd) NSS requests. Result values are:
+     STRING       user name
+     STRING       user password
+     TYPE(uid_t)  user id
+     TYPE(gid_t)  group id
+     STRING       gecos information
+     STRING       home directory
+     STRING       login shell */
+#define NSLCD_ACTION_PASSWD_BYNAME      1001
+#define NSLCD_ACTION_PASSWD_BYUID       1002
+#define NSLCD_ACTION_PASSWD_ALL         1004
+
+/* Protocol information requests. Result values are:
+     STRING      protocol name
+     STRINGLIST  protocol aliases
+     INT32       protocol number */
+#define NSLCD_ACTION_PROTOCOL_BYNAME    9001
+#define NSLCD_ACTION_PROTOCOL_BYNUMBER  9002
+#define NSLCD_ACTION_PROTOCOL_ALL       9003
+
+/* RPC information requests. Result values are:
+     STRING      rpc name
+     STRINGLIST  rpc aliases
+     INT32       rpc number */
+#define NSLCD_ACTION_RPC_BYNAME        10001
+#define NSLCD_ACTION_RPC_BYNUMBER      10002
+#define NSLCD_ACTION_RPC_ALL           10003
+
+/* Service (/etc/services) information requests. Result values are:
+     STRING      service name
+     STRINGLIST  service aliases
+     INT32       service (port) number
+     STRING      service protocol */
+#define NSLCD_ACTION_SERVICE_BYNAME    11001
+#define NSLCD_ACTION_SERVICE_BYNUMBER  11002
+#define NSLCD_ACTION_SERVICE_ALL       11005
+
+/* Extended user account (/etc/shadow) information requests. Result
+   values for a single entry are:
+     STRING  user name
+     STRING  user password
+     INT32   last password change
+     INT32   mindays
+     INT32   maxdays
+     INT32   warn
+     INT32   inact
+     INT32   expire
+     INT32   flag */
+#define NSLCD_ACTION_SHADOW_BYNAME      2001
+#define NSLCD_ACTION_SHADOW_ALL         2005
+
+/* PAM-related requests. The request parameters for all these requests
+   begin with:
+     STRING  user name
+     STRING  DN (if value is known already, otherwise empty)
+     STRING  service name
+   all requests, except the SESSION requests start the result value with:
+     STRING  user name (cannonical name)
+     STRING  DN (can be used to speed up requests) */
+
+/* PAM authentication check request. The extra request values are:
+     STRING  password
+   and the result value ends with:
+     INT32   authc NSLCD_PAM_* result code
+     INT32   authz NSLCD_PAM_* result code
+     STRING  authorisation error message
+   If the username is empty in this request an attempt is made to
+   authenticate as the administrator (set using rootpwmoddn). The returned DN
+   is that of the administrator. */
+#define NSLCD_ACTION_PAM_AUTHC         20001
+
+/* PAM authorisation check request. The extra request values are:
+     STRING ruser
+     STRING rhost
+     STRING tty
+   and the result value ends with:
+     INT32   authz NSLCD_PAM_* result code
+     STRING  authorisation error message */
+#define NSLCD_ACTION_PAM_AUTHZ         20002
+
+/* PAM session open and close requests. These requests have the following
+   extra request values:
+     STRING tty
+     STRING rhost
+     STRING ruser
+     INT32 session id (ignored for SESS_O)
+   and these calls only return the session ID:
+     INT32 session id
+   The SESS_C must contain the ID that is retured by SESS_O to close the
+   correct session. */
+#define NSLCD_ACTION_PAM_SESS_O        20003
+#define NSLCD_ACTION_PAM_SESS_C        20004
+
+/* PAM password modification request. This requests has the following extra
+   request values:
+     STRING old password
+     STRING new password
+   and returns there extra result values:
+     INT32   authz NSLCD_PAM_* result code
+     STRING  authorisation error message
+   In this request the DN may be set to the administrator's DN. In this
+   case old password should be the administrator's password. This allows
+   the administrator to change any user's password. */
+#define NSLCD_ACTION_PAM_PWMOD         20005
+
+/* Request result codes. */
+#define NSLCD_RESULT_BEGIN                 0
+#define NSLCD_RESULT_END                   3
+
+/* Partial list of PAM result codes. */
+#define NSLCD_PAM_SUCCESS             0 /* everything ok */
+#define NSLCD_PAM_PERM_DENIED         6 /* Permission denied */
+#define NSLCD_PAM_AUTH_ERR            7 /* Authc failure */
+#define NSLCD_PAM_CRED_INSUFFICIENT   8 /* Cannot access authc data */
+#define NSLCD_PAM_AUTHINFO_UNAVAIL    9 /* Cannot retrieve authc info */
+#define NSLCD_PAM_USER_UNKNOWN       10 /* User not known */
+#define NSLCD_PAM_MAXTRIES           11 /* Retry limit reached */
+#define NSLCD_PAM_NEW_AUTHTOK_REQD   12 /* Password expired */
+#define NSLCD_PAM_ACCT_EXPIRED       13 /* Account expired */
+#define NSLCD_PAM_SESSION_ERR        14 /* Cannot make/remove session record */
+#define NSLCD_PAM_AUTHTOK_DISABLE_AGING 23 /* Password aging disabled */
+#define NSLCD_PAM_IGNORE             25 /* Ignore module */
+#define NSLCD_PAM_ABORT              26 /* Fatal error */
+
+#endif /* not _NSLCD_H */
--- a/external/bsd/openldap/dist/contrib/slapd-modules/nssov/nss-pam-ldapd/tio.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/nssov/nss-pam-ldapd/tio.c
@ -0,0 +1,510 @@
+/*	$NetBSD: tio.c,v 1.1.1.1 2010/12/12 15:19:12 adam Exp $	*/
+
+/*
+   tio.c - timed io functions
+   This file is part of the nss-pam-ldapd library.
+
+   Copyright (C) 2007, 2008 Arthur de Jong
+
+   This library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   This library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with this library; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+   02110-1301 USA
+*/
+
+//#include "config.h"
+#include "portable.h"
+
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif /* HAVE_STDINT_H */
+#include <stdlib.h>
+#include <unistd.h>
+#include <sys/time.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <errno.h>
+#include <string.h>
+#include <signal.h>
+#include <stdio.h>
+
+#include "tio.h"
+
+/* for platforms that don't have ETIME use ETIMEDOUT */
+#ifndef ETIME
+#define ETIME ETIMEDOUT
+#endif /* ETIME */
+
+/* structure that holds a buffer
+   the buffer contains the data that is between the application and the
+   file descriptor that is used for efficient transfer
+   the buffer is built up as follows:
+   |.....********......|
+         ^start        ^size
+         ^--len--^           */
+struct tio_buffer {
+  uint8_t *buffer;
+  size_t size;      /* the size of the buffer */
+  size_t maxsize;   /* the maximum size of the buffer */
+  size_t start;     /* the start of the data (before start is unused) */
+  size_t len;       /* size of the data (from the start) */
+};
+
+/* structure that holds all the state for files */
+struct tio_fileinfo {
+  int fd;
+  struct tio_buffer readbuffer;
+  struct tio_buffer writebuffer;
+  struct timeval readtimeout;
+  struct timeval writetimeout;
+  int read_resettable; /* whether the tio_reset() function can be called */
+#ifdef DEBUG_TIO_STATS
+  /* this is used to collect statistics on the use of the streams
+     and can be used to tune the buffer sizes */
+  size_t byteswritten;
+  size_t bytesread;
+#endif /* DEBUG_TIO_STATS */
+};
+
+/* add the second timeval to the first modifing the first */
+static inline void tio_tv_add(struct timeval *tv1, const struct timeval *tv2)
+{
+  /* BUG: we hope that this does not overflow */
+  tv1->tv_usec+=tv2->tv_usec;
+  if (tv1->tv_usec>1000000)
+  {
+    tv1->tv_usec-=1000000;
+    tv1->tv_sec+=1;
+  }
+  tv1->tv_sec+=tv2->tv_sec;
+}
+
+/* build a timeval for comparison to when the operation should be finished */
+static inline void tio_tv_prepare(struct timeval *deadline, const struct timeval *timeout)
+{
+  if (gettimeofday(deadline,NULL))
+  {
+    /* just blank it in case of errors */
+    deadline->tv_sec=0;
+    deadline->tv_usec=0;
+    return;
+  }
+  tio_tv_add(deadline,timeout);
+}
+
+/* update the timeval to the value that is remaining before deadline
+   returns non-zero if there is no more time before the deadline */
+static inline int tio_tv_remaining(struct timeval *tv, const struct timeval *deadline)
+{
+  /* get the current time */
+  if (gettimeofday(tv,NULL))
+  {
+    /* 1 second default if gettimeofday() is broken */
+    tv->tv_sec=1;
+    tv->tv_usec=0;
+    return 0;
+  }
+  /* check if we're too late */
+  if ( (tv->tv_sec>deadline->tv_sec) ||
+       ( (tv->tv_sec==deadline->tv_sec) && (tv->tv_usec>deadline->tv_usec) ) )
+    return -1;
+  /* update tv */
+  tv->tv_sec=deadline->tv_sec-tv->tv_sec;
+  if (tv->tv_usec<deadline->tv_usec)
+    tv->tv_usec=deadline->tv_usec-tv->tv_usec;
+  else
+  {
+    tv->tv_sec--;
+    tv->tv_usec=1000000+deadline->tv_usec-tv->tv_usec;
+  }
+  return 0;
+}
+
+/* open a new TFILE based on the file descriptor */
+TFILE *tio_fdopen(int fd,struct timeval *readtimeout,struct timeval *writetimeout,
+                  size_t initreadsize,size_t maxreadsize,
+                  size_t initwritesize,size_t maxwritesize)
+{
+  struct tio_fileinfo *fp;
+  fp=(struct tio_fileinfo *)malloc(sizeof(struct tio_fileinfo));
+  if (fp==NULL)
+    return NULL;
+  fp->fd=fd;
+  /* initialize read buffer */
+  fp->readbuffer.buffer=(uint8_t *)malloc(initreadsize);
+  if (fp->readbuffer.buffer==NULL)
+  {
+    free(fp);
+    return NULL;
+  }
+  fp->readbuffer.size=initreadsize;
+  fp->readbuffer.maxsize=maxreadsize;
+  fp->readbuffer.start=0;
+  fp->readbuffer.len=0;
+  /* initialize write buffer */
+  fp->writebuffer.buffer=(uint8_t *)malloc(initwritesize);
+  if (fp->writebuffer.buffer==NULL)
+  {
+    free(fp->readbuffer.buffer);
+    free(fp);
+    return NULL;
+  }
+  fp->writebuffer.size=initwritesize;
+  fp->writebuffer.maxsize=maxwritesize;
+  fp->writebuffer.start=0;
+  fp->writebuffer.len=0;
+  /* initialize other attributes */
+  fp->readtimeout.tv_sec=readtimeout->tv_sec;
+  fp->readtimeout.tv_usec=readtimeout->tv_usec;
+  fp->writetimeout.tv_sec=writetimeout->tv_sec;
+  fp->writetimeout.tv_usec=writetimeout->tv_usec;
+  fp->read_resettable=0;
+#ifdef DEBUG_TIO_STATS
+  fp->byteswritten=0;
+  fp->bytesread=0;
+#endif /* DEBUG_TIO_STATS */
+  return fp;
+}
+
+/* wait for any activity on the specified file descriptor using
+   the specified deadline */
+static int tio_select(TFILE *fp, int readfd, const struct timeval *deadline)
+{
+  struct timeval tv;
+  fd_set fdset;
+  int rv;
+  while (1)
+  {
+    /* prepare our filedescriptorset */
+    FD_ZERO(&fdset);
+    FD_SET(fp->fd,&fdset);
+    /* figure out the time we need to wait */
+    if (tio_tv_remaining(&tv,deadline))
+    {
+      errno=ETIME;
+      return -1;
+    }
+    /* wait for activity */
+    if (readfd)
+    {
+      /* santiy check for moving clock */
+      if (tv.tv_sec>fp->readtimeout.tv_sec)
+        tv.tv_sec=fp->readtimeout.tv_sec;
+      rv=select(FD_SETSIZE,&fdset,NULL,NULL,&tv);
+    }
+    else
+    {
+      /* santiy check for moving clock */
+      if (tv.tv_sec>fp->writetimeout.tv_sec)
+        tv.tv_sec=fp->writetimeout.tv_sec;
+      rv=select(FD_SETSIZE,NULL,&fdset,NULL,&tv);
+    }
+    if (rv>0)
+      return 0; /* we have activity */
+    else if (rv==0)
+    {
+      /* no file descriptors were available within the specified time */
+      errno=ETIME;
+      return -1;
+    }
+    else if (errno!=EINTR)
+      /* some error ocurred */
+      return -1;
+    /* we just try again on EINTR */
+  }
+}
+
+/* do a read on the file descriptor, returning the data in the buffer
+   if no data was read in the specified time an error is returned */
+int tio_read(TFILE *fp, void *buf, size_t count)
+{
+  struct timeval deadline;
+  int rv;
+  uint8_t *tmp;
+  size_t newsz;
+  /* have a more convenient storage type for the buffer */
+  uint8_t *ptr=(uint8_t *)buf;
+  /* build a time by which we should be finished */
+  /* TODO: probably only set up deadline if we have to do select() */
+  tio_tv_prepare(&deadline,&(fp->readtimeout));
+  /* loop until we have returned all the needed data */
+  while (1)
+  {
+    /* check if we have enough data in the buffer */
+    if (fp->readbuffer.len >= count)
+    {
+      if (count>0)
+      {
+        if (ptr!=NULL)
+          memcpy(ptr,fp->readbuffer.buffer+fp->readbuffer.start,count);
+        /* adjust buffer position */
+        fp->readbuffer.start+=count;
+        fp->readbuffer.len-=count;
+      }
+      return 0;
+    }
+    /* empty what we have and continue from there */
+    if (fp->readbuffer.len>0)
+    {
+      if (ptr!=NULL)
+      {
+        memcpy(ptr,fp->readbuffer.buffer+fp->readbuffer.start,fp->readbuffer.len);
+        ptr+=fp->readbuffer.len;
+      }
+      count-=fp->readbuffer.len;
+      fp->readbuffer.start+=fp->readbuffer.len;
+      fp->readbuffer.len=0;
+    }
+    /* after this point until the read fp->readbuffer.len is 0 */
+    if (!fp->read_resettable)
+    {
+      /* the stream is not resettable, re-use the buffer */
+      fp->readbuffer.start=0;
+    }
+    else if (fp->readbuffer.start>=(fp->readbuffer.size-4))
+    {
+      /* buffer is running empty, try to grow buffer */
+      if (fp->readbuffer.size<fp->readbuffer.maxsize)
+      {
+        newsz=fp->readbuffer.size*2;
+        if (newsz>fp->readbuffer.maxsize)
+          newsz=fp->readbuffer.maxsize;
+        tmp=realloc(fp->readbuffer.buffer,newsz);
+        if (tmp!=NULL)
+        {
+          fp->readbuffer.buffer=tmp;
+          fp->readbuffer.size=newsz;
+        }
+      }
+      /* if buffer still does not contain enough room, clear resettable */
+      if (fp->readbuffer.start>=(fp->readbuffer.size-4))
+      {
+        fp->readbuffer.start=0;
+        fp->read_resettable=0;
+      }
+    }
+    /* wait until we have input */
+    if (tio_select(fp,1,&deadline))
+      return -1;
+    /* read the input in the buffer */
+    rv=read(fp->fd,fp->readbuffer.buffer+fp->readbuffer.start,fp->readbuffer.size-fp->readbuffer.start);
+    /* check for errors */
+    if ((rv==0)||((rv<0)&&(errno!=EINTR)&&(errno!=EAGAIN)))
+      return -1; /* something went wrong with the read */
+    /* skip the read part in the buffer */
+    fp->readbuffer.len=rv;
+#ifdef DEBUG_TIO_STATS
+    fp->bytesread+=rv;
+#endif /* DEBUG_TIO_STATS */
+  }
+}
+
+/* Read and discard the specified number of bytes from the stream. */
+int tio_skip(TFILE *fp, size_t count)
+{
+  return tio_read(fp,NULL,count);
+}
+
+/* the caller has assured us that we can write to the file descriptor
+   and we give it a shot */
+static int tio_writebuf(TFILE *fp)
+{
+  int rv;
+  /* write the buffer */
+#ifdef MSG_NOSIGNAL
+  rv=send(fp->fd,fp->writebuffer.buffer+fp->writebuffer.start,fp->writebuffer.len,MSG_NOSIGNAL);
+#else /* not MSG_NOSIGNAL */
+  /* on platforms that cannot use send() with masked signals, we change the
+     signal mask and change it back after the write (note that there is a
+     race condition here) */
+  struct sigaction act,oldact;
+  /* set up sigaction */
+  memset(&act,0,sizeof(struct sigaction));
+  act.sa_sigaction=NULL;
+  act.sa_handler=SIG_IGN;
+  sigemptyset(&act.sa_mask);
+  act.sa_flags=SA_RESTART;
+  /* ignore SIGPIPE */
+  if (sigaction(SIGPIPE,&act,&oldact)!=0)
+    return -1; /* error setting signal handler */
+  /* write the buffer */
+  rv=write(fp->fd,fp->writebuffer.buffer+fp->writebuffer.start,fp->writebuffer.len);
+  /* restore the old handler for SIGPIPE */
+  if (sigaction(SIGPIPE,&oldact,NULL)!=0)
+    return -1; /* error restoring signal handler */
+#endif
+  /* check for errors */
+  if ((rv==0)||((rv<0)&&(errno!=EINTR)&&(errno!=EAGAIN)))
+    return -1; /* something went wrong with the write */
+  /* skip the written part in the buffer */
+  if (rv>0)
+  {
+    fp->writebuffer.start+=rv;
+    fp->writebuffer.len-=rv;
+#ifdef DEBUG_TIO_STATS
+    fp->byteswritten+=rv;
+#endif /* DEBUG_TIO_STATS */
+    /* reset start if len is 0 */
+    if (fp->writebuffer.len==0)
+      fp->writebuffer.start=0;
+    /* move contents of the buffer to the front if it will save enough room */
+    if (fp->writebuffer.start>=(fp->writebuffer.size/4))
+    {
+      memmove(fp->writebuffer.buffer,fp->writebuffer.buffer+fp->writebuffer.start,fp->writebuffer.len);
+      fp->writebuffer.start=0;
+    }
+  }
+  return 0;
+}
+
+/* write all the data in the buffer to the stream */
+int tio_flush(TFILE *fp)
+{
+  struct timeval deadline;
+  /* build a time by which we should be finished */
+  tio_tv_prepare(&deadline,&(fp->writetimeout));
+  /* loop until we have written our buffer */
+  while (fp->writebuffer.len > 0)
+  {
+    /* wait until we can write */
+    if (tio_select(fp,0,&deadline))
+      return -1;
+    /* write one block */
+    if (tio_writebuf(fp))
+      return -1;
+  }
+  return 0;
+}
+
+/* try a single write of data in the buffer if the file descriptor
+   will accept data */
+static int tio_flush_nonblock(TFILE *fp)
+{
+  struct timeval tv;
+  fd_set fdset;
+  int rv;
+  /* prepare our filedescriptorset */
+  FD_ZERO(&fdset);
+  FD_SET(fp->fd,&fdset);
+  /* set the timeout to 0 to poll */
+  tv.tv_sec=0;
+  tv.tv_usec=0;
+  /* wait for activity */
+  rv=select(FD_SETSIZE,NULL,&fdset,NULL,&tv);
+  /* check if any file descriptors were ready (timeout) or we were
+     interrupted */
+  if ((rv==0)||((rv<0)&&(errno==EINTR)))
+    return 0;
+  /* any other errors? */
+  if (rv<0)
+    return -1;
+  /* so file descriptor will accept writes */
+  return tio_writebuf(fp);
+}
+
+int tio_write(TFILE *fp, const void *buf, size_t count)
+{
+  size_t fr;
+  uint8_t *tmp;
+  size_t newsz;
+  const uint8_t *ptr=(const uint8_t *)buf;
+  /* keep filling the buffer until we have bufferred everything */
+  while (count>0)
+  {
+    /* figure out free size in buffer */
+    fr=fp->writebuffer.size-(fp->writebuffer.start+fp->writebuffer.len);
+    if (count <= fr)
+    {
+      /* the data fits in the buffer */
+      memcpy(fp->writebuffer.buffer+fp->writebuffer.start+fp->writebuffer.len,ptr,count);
+      fp->writebuffer.len+=count;
+      return 0;
+    }
+    else if (fr > 0)
+    {
+      /* fill the buffer with data that will fit */
+      memcpy(fp->writebuffer.buffer+fp->writebuffer.start+fp->writebuffer.len,ptr,fr);
+      fp->writebuffer.len+=fr;
+      ptr+=fr;
+      count-=fr;
+    }
+    /* try to flush some of the data that is in the buffer */
+    if (tio_flush_nonblock(fp))
+      return -1;
+    /* if we have room now, try again */
+    if (fp->writebuffer.size>(fp->writebuffer.start+fp->writebuffer.len))
+      continue;
+    /* try to grow the buffer */
+    if (fp->writebuffer.size<fp->writebuffer.maxsize)
+    {
+      newsz=fp->writebuffer.size*2;
+      if (newsz>fp->writebuffer.maxsize)
+        newsz=fp->writebuffer.maxsize;
+      tmp=realloc(fp->writebuffer.buffer,newsz);
+      if (tmp!=NULL)
+      {
+        fp->writebuffer.buffer=tmp;
+        fp->writebuffer.size=newsz;
+        continue; /* try again */
+      }
+    }
+    /* write the buffer to the stream */
+    if (tio_flush(fp))
+      return -1;
+  }
+  return 0;
+}
+
+int tio_close(TFILE *fp)
+{
+  int retv;
+  /* write any buffered data */
+  retv=tio_flush(fp);
+#ifdef DEBUG_TIO_STATS
+  /* dump statistics to stderr */
+  fprintf(stderr,"DEBUG_TIO_STATS READ=%d WRITTEN=%d\n",fp->bytesread,fp->byteswritten);
+#endif /* DEBUG_TIO_STATS */
+  /* close file descriptor */
+  if (close(fp->fd))
+    retv=-1;
+  /* free any allocated buffers */
+  free(fp->readbuffer.buffer);
+  free(fp->writebuffer.buffer);
+  /* free the tio struct itself */
+  free(fp);
+  /* return the result of the earlier operations */
+  return retv;
+}
+
+void tio_mark(TFILE *fp)
+{
+  /* move any data in the buffer to the start of the buffer */
+  if ((fp->readbuffer.start>0)&&(fp->readbuffer.len>0))
+  {
+    memmove(fp->readbuffer.buffer,fp->readbuffer.buffer+fp->readbuffer.start,fp->readbuffer.len);
+    fp->readbuffer.start=0;
+  }
+  /* mark the stream as resettable */
+  fp->read_resettable=1;
+}
+
+int tio_reset(TFILE *fp)
+{
+  /* check if the stream is (still) resettable */
+  if (!fp->read_resettable)
+    return -1;
+  /* reset the buffer */
+  fp->readbuffer.len+=fp->readbuffer.start;
+  fp->readbuffer.start=0;
+  return 0;
+}
--- a/external/bsd/openldap/dist/contrib/slapd-modules/nssov/nss-pam-ldapd/tio.h
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/nssov/nss-pam-ldapd/tio.h
@ -0,0 +1,83 @@
+/*	$NetBSD: tio.h,v 1.1.1.1 2010/12/12 15:19:12 adam Exp $	*/
+
+/*
+   tio.h - timed io functions
+   This file is part of the nss-pam-ldapd library.
+
+   Copyright (C) 2007, 2008 Arthur de Jong
+
+   This library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   This library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with this library; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+   02110-1301 USA
+*/
+
+/*
+
+   TODO: Add some documentation here.
+
+   the SIGPIPE signal should be ignored (is ignored in this code)
+
+   This library is not thread safe. You cannot share TFILE objects between
+   threads and expect to be able to read and write from them in different
+   threads. All the state is in the TFILE object so calls to this library on
+   different objects can be done in parallel.
+
+*/
+
+#ifndef _TIO_H
+#define _TIO_H
+
+#include <sys/time.h>
+#include <sys/types.h>
+
+#include "attrs.h"
+
+/* This is a generic file handle used for reading and writing
+   (something like FILE from stdio.h). */
+typedef struct tio_fileinfo TFILE;
+
+/* Open a new TFILE based on the file descriptor. The timeout is set for any
+   operation. The timeout value is copied so may be dereferenced after the
+   call. */
+TFILE *tio_fdopen(int fd,struct timeval *readtimeout,struct timeval *writetimeout,
+                  size_t initreadsize,size_t maxreadsize,
+                  size_t initwritesize,size_t maxwritesize)
+  LIKE_MALLOC MUST_USE;
+
+/* Read the specified number of bytes from the stream. */
+int tio_read(TFILE *fp,void *buf,size_t count);
+
+/* Read and discard the specified number of bytes from the stream. */
+int tio_skip(TFILE *fp,size_t count);
+
+/* Write the specified buffer to the stream. */
+int tio_write(TFILE *fp,const void *buf,size_t count);
+
+/* Write out all buffered data to the stream. */
+int tio_flush(TFILE *fp);
+
+/* Flush the streams and closes the underlying file descriptor. */
+int tio_close(TFILE *fp);
+
+/* Store the current position in the stream so that we can jump back to it
+   with the tio_reset() function. */
+void tio_mark(TFILE *fp);
+
+/* Rewinds the stream to the point set by tio_mark(). Note that this only
+   resets the read stream and not the write stream. This function returns
+   whether the reset was successful (this function may fail if the buffers
+   were full). */
+int tio_reset(TFILE *fp);
+
+#endif /* _TIO_H */
--- a/external/bsd/openldap/dist/contrib/slapd-modules/nssov/nssov.c
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/nssov/nssov.c
@ -1,10 +1,10 @@
-/*	$NetBSD: nssov.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: nssov.c,v 1.1.1.3 2010/12/12 15:19:09 adam Exp $	*/

 /* nssov.c - nss-ldap overlay for slapd */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/nssov.c,v 1.1.2.5 2009/08/17 21:48:58 quanah Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/nssov.c,v 1.1.2.6 2010/04/13 20:22:28 kurt Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>. 
 *
- * Copyright 2008-2009 The OpenLDAP Foundation.
+ * Copyright 2008-2010 The OpenLDAP Foundation.
 * Portions Copyright 2008 by Howard Chu, Symas Corp.
 * All rights reserved.
 *
--- a/external/bsd/openldap/dist/contrib/slapd-modules/nssov/nssov.h
+++ b/external/bsd/openldap/dist/contrib/slapd-modules/nssov/nssov.h
@ -1,10 +1,10 @@
-/*	$NetBSD: nssov.h,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $	*/
+/*	$NetBSD: nssov.h,v 1.1.1.3 2010/12/12 15:19:09 adam Exp $	*/

 /* nssov.h - NSS overlay header file */
-/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/nssov.h,v 1.1.2.6 2009/09/29 18:11:40 quanah Exp */
+/* OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/nssov.h,v 1.1.2.8 2010/04/15 21:32:56 quanah Exp */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
- * Copyright 2008-2009 The OpenLDAP Foundation.
+ * Copyright 2008-2010 The OpenLDAP Foundation.
 * Portions Copyright 2008 Howard Chu.
 * All rights reserved.
 *
@ -31,9 +31,9 @@
 #include <stdio.h>

 #include "nslcd.h"
-#include "nslcd-common.h"
-#include "common/tio.h"
-#include "compat/attrs.h"
+#include "nslcd-prot.h"
+#include "tio.h"
+#include "attrs.h"

 #undef PACKAGE_BUGREPORT
 #undef PACKAGE_NAME
--- a/Show More
+++ b/Show More