home *** CD-ROM | disk | FTP | other *** search
Text File | 1993-09-16 | 149.9 KB | 4,554 lines | [ TEXT/MPS ]
{*********************************************************** Created: Sunday, February 7, 1993 at 4:54PM OCEAuthDir.p Pascal Interface to the Macintosh Libraries ••• Apple Confidential ••• ••• Provided with AOCE Beta seed under license agreement with ••• ••• Apple Computer, Inc. Use for any purpose other than ••• ••• development of AOCE-based Macintosh products is a violation ••• ••• of the license agreement. ••• Copyright Apple Computer, Inc. 1990-1993 All rights reserved ***********************************************************} {$IFC UNDEFINED UsingIncludes} {$SETC UsingIncludes:= 0} {$ENDC} {$IFC NOT UsingIncludes} UNIT OCEAuthDir; INTERFACE {$ENDC} {$IFC UNDEFINED UsingOCEAuthDir} {$SETC UsingOCEAuthDir:= 1} {$I+} {$SETC OCEAuthDirIncludes:= UsingIncludes} {$SETC UsingIncludes:= 1} {$IFC UNDEFINED UsingAppleTalk} {$I $$Shell(PInterfaces)AppleTalk.p} {$ENDC} {$IFC UNDEFINED UsingFiles} {$I $$Shell(PInterfaces)Files.p} {$ENDC} {$IFC UNDEFINED UsingOCE} {$I OCE.p} {$ENDC} {$IFC UNDEFINED UsingOSUtils} {$I $$Shell(PInterfaces)OSUtils.p} {$ENDC} {$IFC UNDEFINED UsingTypes} {$I $$Shell(PInterfaces)Types.p} {$ENDC} {$SETC UsingIncludes:= OCEAuthDirIncludes} {***************************************************************************} CONST kRC4KeySizeInBytes = 8; { size of an RC4 key } kRefNumUnknown = 0; kEnumDistinguishedNameBit = 0; kEnumAliasBit = 1; kEnumPseudonymBit = 2; kEnumDNodeBit = 3; kEnumInvisibleBit = 4; { Values of DirEnumChoices } kEnumDistinguishedNameMask = $00000001; {1<<kEnumDistinguishedNameBit} kEnumAliasMask = $00000002; {1<<kEnumAliasBit} kEnumPseudonymMask = $00000004; {1<<kEnumPseudonymBit} kEnumDNodeMask = $00000008; {1<<kEnumDNodeBit} kEnumInvisibleMask = $00000010; {1<<kEnumInvisibleBit} kEnumAllMask = (kEnumDistinguishedNameMask + kEnumAliasMask + kEnumPseudonymMask + kEnumDNodeMask + kEnumInvisibleMask); TYPE DirEnumChoices = LONGINT; CONST { Values of DirSortOption } kSortByName = 0; kSortByType = 1; { Values of DirSortDirection } kSortForwards = 0; kSortBackwards = 1; { Values of DirMatchWith } kMatchAll = 0; kExactMatch = 1; kBeginsWith = 2; kEndingWith = 3; kContaining = 4; TYPE DirMatchWith = Byte; CONST kCurrentOCESortVersion = 1; { Access controls are implemented on three levels: DNode, Record, and Attribute Type levels Some access control bits apply to the container itself, and some apply to its contents. The Directory Toolbox supports six functions. These calls are: DSSetDNodeAccessControl : to set Access Controls at the DNode level DSGetDNodeAccessControl : to get Access Controls at the DNode level DSSetRecordAccessControl : to set Access Controls at the record level DSGetRecordAccessControl : to get Access Controls at the record level DSSetAttributeAccessControl : to set Access Privileges at the attribute type level DSGetAttributeAccessControl : to get Access Privileges at the attribute type level The GetXXXAccessControl calls will return access control masks for various categories of users. Please refer to the access control document for a description of the categories of users. In general these are: ThisRecordOwner - means the identity of the record itself Friends - means any one of the assigned friends for the record AuthenticatedInDNode - means any valid user that is an authenticated entity in the DNode in which this record is located AuthenticatedInDirectory - means any valid authenticated directory user Guest - means an unauthenticated user. Depending on the access control for the user (identity of the user), a SetXXXAccessControl operation can be performed to set controls for various categories of users described above. Bit masks for various permitted access controls are defined below. GetXXXAccessControl calls will return access control masks for various categories of users for this record. In addition they also return the level of access controls that the user (who is making the GetXXXAccessControl call) has for the DNode, record, or attribute type. For records, the access control granted will be minimum of the DNode access control and record access control masks. For example, to add an attribute type to a record, a user must have access control kCreateAttributeTypes at the record and DNode levels. Similarly, at the attribute type level, access controls will be the minimum of the DNode, record, and attribute type access controls. } { access categories bit numbers } kThisRecordOwnerBit = 0; kFriendsBit = 1; kAuthenticatedInDNodeBit = 2; kAuthenticatedInDirectoryBit = 3; kGuestBit = 4; kMeBit = 5; { Values of CategoryMask } kThisRecordOwnerMask = $00000001; {1<<kThisRecordOwnerBit} kFriendsMask = $00000002; {1<<kFriendsBit} kAuthenticatedInDNodeMask = $00000004; {1<<kAuthenticatedInDNodeBit} kAuthenticatedInDirectoryMask = $00000008; {1<<kAuthenticatedInDirectoryBit} kGuestMask = $00000010; {1<<kGuestBit} kMeMask = $00000020; {1<<kMeBit} { access privileges bit numbers } kSeeBit = 0; kAddBit = 1; kDeleteBit = 2; kChangeBit = 3; kRenameBit = 4; kChangePrivsBit = 5; { Values of AccessMask } kSeeMask = $00000001; {1<<kSeeBit} kAddMask = $00000002; {1<<kAddBit} kDeleteMask = $00000004; {1<<kDeleteBit} kChangeMask = $00000008; {1<<kChangeBit} kRenameMask = $00000010; {1<<kRenameBit} kChangePrivsMask = $00000020; {1<<kChangePrivsBit} kAllPrivs = (kSeeMask+kAddMask+kDeleteMask+kChangeMask+kRenameMask+kChangePrivsMask); kNoPrivs = 0; { kSupportsDNodeNumberBit: If this bit is set, a DNode can be referenced using DNodeNumbers. RecordLocationInfo can be specified using DNodeNumber and PathName component can be nil. If this bit is not set, a DNode can be referenced only by PathName to the DNode. In the later case DNodeNumber component inside record location info must be set to zero. kSupportsRecordCreationIDBit: If this bit is set, a record can be referenced by specifying CreationID in most directory manager calls. If this bit is not set recordName and recordType are required in the recordID specification for all directory manager calls. kSupportsAttributeCreationIDBit: If this bit is set, an attribute value can be obtained by specifying it's CreationID in Lookup call staring point and also can be used in operations like DeleteAttributeValue and ChangeAttributeValue an Attribute can be specified by AttributeType and CreationID. Following three bits are for determining the sort order in enumeration. kSupportsWildCardOnlyinEnumerationBit: If this bit is set, directory supports only wild card (i.e. recordName as "="). kSupportsTrailingWildCardOnlyinEnumerationBit: This option is similar to "WildCardOnly",(i.e. recordName as "a="). If this is set, directory supports find capability (e.g. starts with option) kSupportsExactMatchBit: If this bit is set, existence of a record matching exact recordName and recordType specification can be found. The above three bits can be interpreted as: WildCardOnlyinEnumerationBit TrailingWildCardinEnumeration ExactMatch Result 1 0 0 Browse Only 0 1 0 Find Only 0 0 1 Exact Match Only 1 1 0 Browse/Find 0 1 1 Find/ExcatMatch 1 1 1 Browse/Find/ExactMatch Implicit assumption in all these is, record type can be specified either as wild card or a type list. The Following four bits will indicate sort ordering in enumeration. kSupportsOrderedEnumerationBit: If this bit is set, Enumerated records or in some order possibly in name order. kCanSupportNameOrderBit: If this is set, directory will support sortbyName option in Enumerate. kCanSupportTypeOrderBit: If this bit is set, directory will support sortbyType option in enumearte. kSupportSortBackwardsBit: If this bit is set, directory supports backward sorting. kSupportsEnumerationContinueBit: If this bit is set, directory supports enumeration continue. kSupportsLookupContinueBit: If this bit is set, directory supports lookup continue. kSupportsEnumerateAttributeTypeContinueBit: If this bit is set, directory supports EnumerateAttributeType continue. kSupportsEnumeratePseudonymContinueBit: If this bit is set, directory supports EnumeratePseudonym continue. kSupportsAliasesBit: If this bit is set, directory supports create/delte/enumerate of Alias Records. kSupportPseudonymBit: If this bit is set, directory supports create/delte/enumerate of pseudonyms for a record. kSupportsPartialPathNameBit: If this bit is set, directory nodes can be specified using DNodeNumber of a intermediate DNode and a partial name starting from that DNode to the intended DNode. kSupportsAuthenticationBit: If this bit is set, directory supports authentication manager calls. kSupportsProxiesBit: If this bit is set, directory supports proxy related calls in authentication manager. Bits and corresponding masks are as defined below. } kSupportsDNodeNumberBit = 0; kSupportsRecordCreationIDBit = 1; kSupportsAttributeCreationIDBit = 2; kSupportsMatchAllBit = 3; kSupportsBeginsWithBit = 4; kSupportsExactMatchBit = 5; kSupportsEndsWithBit = 6; kSupportsContainsBit = 7; kSupportsOrderedEnumerationBit = 8; kCanSupportNameOrderBit = 9; kCanSupportTypeOrderBit = 10; kSupportSortBackwardsBit = 11; kSupportIndexRatioBit = 12; kSupportsEnumerationContinueBit = 13; kSupportsLookupContinueBit = 14; kSupportsEnumerateAttributeTypeContinueBit = 15; kSupportsEnumeratePseudonymContinueBit = 16; kSupportsAliasesBit = 17; kSupportsPseudonymsBit = 18; kSupportsPartialPathNamesBit = 19; kSupportsAuthenticationBit = 20; kSupportsProxiesBit = 21; { values of DirGestalt } kSupportsDNodeNumberMask = $00000001; {1<<kSupportsDNodeNumberBit} kSupportsRecordCreationIDMask = $00000002; {1<<kSupportsRecordCreationIDBit} kSupportsAttributeCreationIDMask = $00000004; {1<<kSupportsAttributeCreationIDBit} kSupportsMatchAllMask = $00000008; {1<<kSupportsMatchAllBit} kSupportsBeginsWithMask = $00000010; {1<<kSupportsBeginsWithBit} kSupportsExactMatchMask = $00000020; {1<<kSupportsExactMatchBit} kSupportsEndsWithMask = $00000040; {1<<kSupportsEndsWithBit} kSupportsContainsMask = $00000080; {1<<kSupportsContainsBit} kSupportsOrderedEnumerationMask = $00000100; {1<<kSupportsOrderedEnumerationBit} kCanSupportNameOrderMask = $00000200; {1<<kCanSupportNameOrderBit} kCanSupportTypeOrderMask = $00000400; {1<<kCanSupportTypeOrderBit} kSupportSortBackwardsMask = $00000800; {1<<kSupportSortBackwardsBit} kSupportIndexRatioMask = $00001000; {1<<kSupportIndexRatioBit} kSupportsEnumerationContinueMask = $00002000; {1<<kSupportsEnumerationContinueBit} kSupportsLookupContinueMask = $00004000; {1<<kSupportsLookupContinueBit} kSupportsEnumerateAttributeTypeContinueMask = $00008000; {1<<kSupportsEnumerateAttributeTypeContinueBit} kSupportsEnumeratePseudonymContinueMask = $00010000; {1<<kSupportsEnumeratePseudonymContinueBit} kSupportsAliasesMask = $00020000; {1<<kSupportsAliasesBit} kSupportsPseudonymsMask = $00040000; {1<<kSupportsPseudonymsBit} kSupportsPartialPathNamesMask = $00080000; {1<<kSupportsPartialPathNamesBit} kSupportsAuthenticationMask = $00100000; {1<<kSupportsAuthenticationBit} kSupportsProxiesMask = $00200000; {1<<kSupportsProxiesBit} { Values of AuthLocalIdentityOp } kAuthLockLocalIdentityOp = 1; kAuthUnlockLocalIdentityOp = 2; kAuthLocalIdentityNameChangeOp = 3; { Values of AuthLocalIdentityLockAction } kAuthLockPending = 1; kAuthLockWillBeDone = 2; { Values of AuthNotifications } kNotifyLockBit = 0; kNotifyUnlockBit = 1; kNotifyNameChangeBit = 2; kNotifyLockMask = $00000001; {1<<kNotifyLockBit} kNotifyUnlockMask = $00000002; {1<<kNotifyUnlockBit} kNotifyNameChangeMask = $00000004; {1<<kNotifyNameChangeBit} kPersonalDirectoryFileCreator = 'kl03'; kPersonalDirectoryFileType = 'pabt'; kBusinessCardFileType = 'bust'; kDirectoryFileType = 'dirt'; kDNodeFileType = 'dnod'; kDirsRootFileType = 'drtt'; kRecordFileType = 'rcrd'; TYPE DirSortOption = INTEGER; DirSortDirection = INTEGER; CategoryMask = LONGINT; AccessMask = LONGINT; DirGestalt = LONGINT; AuthLocalIdentityOp = LONGINT; AuthLocalIdentityLockAction = LONGINT; AuthNotifications = LONGINT; DNodeID = RECORD dNodeNumber: DNodeNum; { dNodenumber } reserved1: LONGINT; name: RStringPtr; reserved2: LONGINT; END; DirEnumSpec = RECORD enumFlag: DirEnumChoices; indexRatio: INTEGER; { Approx Record Position between 1 and 100 If supported, 0 If not supported } CASE INTEGER OF 1: (recordIdentifier: LocalRecordID); 2: (dNodeIdentifier: DNodeID); END; DirMetaInfo = RECORD info: ARRAY[1..4] OF LONGINT; END; SLRV = RECORD script: ScriptCode; { Script code in which entries are sorted } language: INTEGER; { Language code in which entries are sorted } regionCode: INTEGER; { Region code in which entries are sorted } version: INTEGER; { version of oce sorting software } END; { Directory types and operations } AuthIdentity = LONGINT; { unique identifier for an identity } LocalIdentity = AuthIdentity; { Umbrella LocalIdentity } DESKey = RECORD { A DES key is 8 bytes of data } a: LONGINT; b: LONGINT; END; RC4Key = PACKED ARRAY[1..kRC4KeySizeInBytes] OF Byte; AuthKeyType = LONGINT; AuthKey = RECORD { key type followed by its data } keyType: AuthKeyType; CASE INTEGER OF 1: (des: DESKey); 2: (rc4: RC4Key); END; AuthKeyPtr = ^AuthKey; { This header is common to all the parameter blocks. Clients should not directly touch any of these fields except ioCompletion. ioCompletion is the completion routine pointer for async calls; it is ignored for sync calls. ioResult is the result code from the call. } AuthDirParamHeader = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; END; {**************************************************************************** Authentication Manager operations ****************************************************************************} { kAuthResolveCreationID: userRecord will contain the user information whose creationID has to be returned. A client must make this call when he does not know the creaitionID. The creationID must be set to nil before making the call. The server will attempt to match the recordid's in the data base which match the user name and type in the record. Depending on number of matchings, following results will be returned. Exactly One Match : CreationID in RecordID and also in buffer (if buffer is given) totalMatches = actualMatches = 1. > 1 Match: Buffer is Large Enough: totalMatches = actualMatches Buffer will contain all the CIDs, kOCEAmbiguousMatches error. > 1 Match: Buffer is not Large Enough: totalMatches > actualMatches Buffer will contain all the CIDs (equal to actualMatches), daMoreDataError error. 0 Matches: kOCENoSuchRecord error } AuthResolveCreationIDPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; userRecord: RecordIDPtr; { --> OCE name(Record) of the user } bufferLength: LONGINT; { --> Buffer Size to hold duplicate Info } buffer: Ptr; { --> Buffer to hold duplicate Info } totalMatches: LONGINT; { <-- Total Number of matching names found } actualMatches: LONGINT; { <-- Number of matches returned in the buffer } END; { kAuthBindSpecificIdentity: userRecord will contain the user information whose identity has to be verified. userKey will contain the userKey. An Identity is returned which binds the key and the userRecord. The identity returned can be used in the 'identity' field in the header portion (AuthDirParamHeader) for authenticating the Directory and Authentication manager calls. } AuthBindSpecificIdentityPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; userIdentity: AuthIdentity; { <-- binding identity } userRecord: RecordIDPtr; { --> OCE name(Record) of the user } userKey: AuthKeyPtr; { --> OCE Key for the user } END; { kAuthUnbindSpecificIdentity: This call will unbind the userRecord and key which were bind earlier. } AuthUnbindSpecificIdentityPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; userIdentity: AuthIdentity; { --> identity to be deleted } END; { kAuthGetSpecificIdentityInfo: This call will return the userRecord for the given identity. Note: key is not returned because this would compromise security. } AuthGetSpecificIdentityInfoPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; userIdentity: AuthIdentity; { --> identity of initiator } userRecord: RecordIDPtr; { <-- OCE name(Record) of the user } END; { kAuthAddKey: userRecord will contain the user information whose identity has to be created. userKey will point to the key to be created. password points to an RString containing the password used to generate the key. } AuthAddKeyPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; userRecord: RecordIDPtr; { --> OCE name(Record) of the user } userKey: AuthKeyPtr; { <-- OCE Key for the user } password: RStringPtr; { --> Pointer to password STRING } END; { kAuthChangeKey: userRecord will contain the user information whose identity has to be created. userKey will point to the key to be created. password points to an RString containing the password used to generate the key. } AuthChangeKeyPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; userRecord: RecordIDPtr; { --> OCE name(Record) of the user } userKey: AuthKeyPtr; { <-- New OCE Key for the user } password: RStringPtr; { -->Pointer to the new password STRING } END; { AuthDeleteKey: userRecord will contain the user information whose Key has to be deleted. } AuthDeleteKeyPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; userRecord: RecordIDPtr; { --> OCE name(Record) of the user } END; { AuthPasswordToKey: Converts an RString into a key. } AuthPasswordToKeyPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; userRecord: RecordIDPtr; { --> OCE name(Record) of the user } key: AuthKeyPtr; { <-- } password: RStringPtr; { -->Pointer to the new password STRING } END; { kAuthGetCredentials: userRecord will contain the user information whose identity has to be kMailDeletedMask. keyType (e.g. asDESKey) will indicate what type of key has to be deleted. } AuthGetCredentialsPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; userIdentity: AuthIdentity; { --> identity of initiator } recipient: RecordIDPtr; { --> OCE name of recipient } sessionKey: AuthKeyPtr; { <-- session key } expiry: UTCTime; { <--> desired/actual expiry } credentialsLength: LONGINT; { <--> max/actual credentials size } credentials: Ptr; { <-- buffer where credentials are returned } END; { AuthDecryptCredentialsPB: Changes: userKey is changed userIdentity. userRecord is changed to initiatorRecord. User must supply buffer to hold initiatorRecord. agentList has changed to agent. There wil be no call back. User must supply buffer to hold agent Record. An additional BOOLEAN parameter 'hasAgent' is included. Toolbox will set this if an 'Agent' record is found in the credentials. If RecordIDPtr is 'nil', no agent record will be copied. However user can examine 'hasAgent', If true user can reissue this call with apprpriate buffer for getting a recordID. agent has changed to intermediary. User must supply buffer to hold intermediary Record. The toolbox will set 'hasIntermediary' if an 'intermediary' record is found in the credentials. } AuthDecryptCredentialsPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; userIdentity: AuthIdentity; { --> user's Identity } initiatorRecord: RecordIDPtr; { <-- OCE name of the initiator } sessionKey: AuthKeyPtr; { <-- session key } expiry: UTCTime; { <-- credentials expiry time } credentialsLength: LONGINT; { --> actual credentials size } credentials: Ptr; { --> credentials to be decrypted } issueTime: UTCTime; { <-- credentials expiry time } hasIntermediary: BOOLEAN; { <-- if true, An intermediary Record was found in credentials } intermediary: RecordIDPtr; { <-- recordID of the intermediary } END; AuthMakeChallengePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; key: AuthKeyPtr; { --> UnEncrypted SessionKey } challenge: Ptr; { <-- Encrypted Challenge } challengeBufferLength: LONGINT; { ->length of challenge buffer } challengeLength: LONGINT; { <-length of Encrypted Challenge } END; AuthMakeReplyPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; key: AuthKeyPtr; { --> UnEncrypted SessionKey } challenge: Ptr; { --> Encrypted Challenge } reply: Ptr; { <-- Encrypted Reply } replyBufferLength: LONGINT; { -->length of challenge buffer } challengeLength: LONGINT; { --> length of Encrypted Challenge } replyLength: LONGINT; { <-- length of Encrypted Reply } END; AuthVerifyReplyPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; key: AuthKeyPtr; { --> UnEncrypted SessionKey } challenge: Ptr; { --> Encrypted Challenge } reply: Ptr; { --> Encrypted Reply } challengeLength: LONGINT; { --> length of Encrypted Challenge } replyLength: LONGINT; { --> length of Encrypted Reply } END; { kAuthGetUTCTime: RLI will contain a valid RLI for a cluster server. UTC(GMT) time from one of the cluster server will be returned. An 'offSet' from UTC(GMT) to Mac Local Time will also be returned. If RLI is nil Map DA is used to determine UTC(GMT). Mac Local Time = theUTCTime + theUTCOffset. } AuthGetUTCTimePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; pRLI: PackedRLIPtr; { --> packed RLI of the Node, whose server's UTC is requested } theUTCTime: UTCTime; { <-- current UTC(GMT) Time utc seconds since 1/1/1904 } theUTCOffset: UTCOffset; { <-- offset from UTC(GMT) seconds EAST of Greenwich } END; { kAuthMakeProxy: A user represented bu the 'userIdentity' can make a proxy using this call. 'recipient' is the RecordID of the recipient whom user is requesting proxy. 'intermediary' is the RecordID of the intermediary holding proxy for the user. 'firstValid' is time at which proxy becomes valid. 'expiry' is the time at which proxy must expire. 'proxyLength' will have the length of the buffer pointed by 'proxy' as input. When the call completes, it will hold the actual length of proxy. If the call completes 'kOCEMoreData' error, client can reissue the call with the buffer size as 'proxyLength' returned. expiry is a suggestion, and may be adjusted to be earlier by the ADAP/OCE server. The 'proxy' obtained like this might be used by the 'intermediary' to obtain credentials for the server using TradeProxyForCredentials call. authDataLength and authData are intended for possible future work, but are ignored for now. } AuthMakeProxyPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; userIdentity: AuthIdentity; { --> identity of principal } recipient: RecordIDPtr; { --> OCE name of recipient } firstValid: UTCTime; { --> time at which proxy becomes valid } expiry: UTCTime; { --> time at which proxy expires } authDataLength: LONGINT; { --> size of authorization data } authData: Ptr; { --> pointer to authorization data } proxyLength: LONGINT; { <--> max/actual proxy size } proxy: Ptr; { <--> buffer where proxy is returned } intermediary: RecordIDPtr; { --> RecordID of intermediary } END; { kAuthTradeProxyForCredentials: Using this call, intermediary holding a 'proxy' for a recipient may obtain credentials for that recipient. 'userIdentity' is the identity for the 'intermediary'. 'recipient' is the RecordID for whom credetials are requested. 'principal' is the RecordID of the user who created the proxy. 'proxyLength' is the length of data pointed by 'proxy. If the call is succesfull, credentials will be returned in the buffer pointed by 'credentials'. 'expiry' is the desired expiry time at input. When call succeds this will have expiry time of credentials. This is very similar to GetCredentials except that we (course: of) need the proxy, but we also need the name of the principal who created the proxy. } AuthTradeProxyForCredentialsPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; userIdentity: AuthIdentity; { --> identity of intermediary } recipient: RecordIDPtr; { --> OCE name of recipient } sessionKey: AuthKeyPtr; { <-- session key } expiry: UTCTime; { <--> desired/actual expiry } credentialsLength: LONGINT; { <--> max/actual credentials size } credentials: Ptr; { <--> buffer where credentials are returned } proxyLength: LONGINT; { --> actual proxy size } proxy: Ptr; { --> buffer containing proxy } principal: RecordIDPtr; { --> RecordID of principal } END; { API for Local Identity Interface } { AuthGetLocalIdentityPB: A Collaborative application intended to work under the umbrella of LocalIdentity for the OCE toolbox will have to make this call to obtain LocalIdentity. If LocalIdentity has not been created, then application will get 'daLocalIdentityNotExistsErr'. The calling application then guide the user to Login by making SDPPromptForLocalIdentity call. If the LocalIdentity has not been setup, then calling application will receieve 'daOCESetupRequiredErr'. In this case application should put the dialog recommended by the OCE Setup document and guide the user through OCE Setup. If a backGround application or stand alone code requires LocalIdentity, if it gets the OSErr from LocalIdentity and can not call SDPPromptForLocalIdentity, it should it self register with the toolbox using kAuthAddToLocalIdentityQueue call. It will be notified when a LocalIdentity gets created by a foreground application. } AuthGetLocalIdentityPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; theLocalIdentity: LocalIdentity; { <-- LocalIdentity } END; { kAuthUnlockLocalIdentity: The LocalIdentity can be created using this call. The userName and password correspond to the LocalIdentity setup. If the password matches, then collabIdentity will be returned. Typically SDPPromptForLocalIdentity call will make this call. All applications which are registered through kAuthAddToLocalIdentityQueue will be notified. } AuthUnlockLocalIdentityPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; theLocalIdentity: LocalIdentity; { <-- LocalIdentity } userName: RStringPtr; { --> userName } password: RStringPtr; { -->user password } END; { kAuthLockLocalIdentity: With this call existing LocalIdentity can be locked. If the ASDeleteLocalIdetity call fails with 'kOCEOperationDenied' error, name will contain the application which denied the operation. This name will be supplied by the application when it registered through kAuthAddToLocalIdentityQueue call } AuthLockLocalIdentityPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; theLocalIdentity: LocalIdentity; { --> LocalIdentity } name: StringPtr; { <-- name of the app which denied delete } END; NotificationProc = ProcPtr; { FUNCTION NotificationProc(clientData: LONGINT; callValue: AuthLocalIdentityOp; actionValue: AuthLocalIdentityLockAction; identity: LocalIdentity): BOOLEAN;} { kAuthAddToLocalIdentityQueue: An application requiring notification of locking/unlocking of the LocalIdentity can install itself using this call. The function provided in 'notifyProc' will be called whenever the requested event happens. When an AuthLockLocalIdentity call is made to the toolbox, the notificationProc will be called with 'kAuthLockPending'. The application may refuse the lock by returning a 'true' value. If all the registered entries return 'false' value, locking will be done successfully. Otherwise 'kOCEOperationDenied' error is returned to the caller. The appName (registered with the notificationProc) of the application which denied locking is also returned to the caller making the AuthLockIdentity call. } AuthAddToLocalIdentityQueuePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; notifyProc: NotificationProc; { --> notification procedure } notifyFlags: AuthNotifications; { --> notifyFlags } appName: StringPtr; { --> name of application to be returned in Delete/Stop } END; { kAuthRemoveFromLocalIdentityQueue:} AuthRemoveFromLocalIdentityQueuePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; nofityProc: NotificationProc; { --> notification procedure } END; { kAuthSetupLocalIdentity: The LocalIdentity can be Setup using this call. The userName and password correspond to the LocalIdentity setup. If a LocalIdentity Setup already exists 'kOCELocalIdentitySetupExists' error will be returned. } AuthSetupLocalIdentityPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aReserved: LONGINT; { -- } userName: RStringPtr; { --> userName } password: RStringPtr; { -->user password } END; { kAuthChangeLocalIdentity: An existing LocalIdentity Setup can be changed using this call. The userName and password correspond to the LocalIdentity setup. If a LocalIdentity Setup does not exists 'kOCELocalIdentityNotSetup' error will be returned. The user can use kAuthSetupLocalIdentity call to setit up. If the 'password' does not correspond to the existing setup, 'kOCELocalAuthenticationFail' OSErr will be returned. If successful, LocalID will have new name as 'userName' and password as 'newPassword'. } AuthChangeLocalIdentityPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aReserved: LONGINT; { -- } userName: RStringPtr; { --> userName } password: RStringPtr; { --> current password } newPassword: RStringPtr; { --> new password } END; { kAuthRemoveLocalIdentity: An existing LocalIdentity Setup can be removed using this call. The userName and password correspond to the LocalIdentity setup. If a LocalIdentity Setup does not exists 'kOCELocalIdentityNotSetup' error will be returned. If the 'password' does not correspond to the existing setup, 'kOCELocalAuthenticationFail' OSErr will be returned. If successful, LocalIdentity will be removed from the OCE Setup. This is a very distructive operation, user must be warned enough before actually making this call. } AuthRemoveLocalIdentityPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aReserved: LONGINT; { -- } userName: RStringPtr; { --> userName } password: RStringPtr; { --> current password } END; { kOCESetupAddDirectoryInfo: Using this call identity for a directory can be setup under LocalIdentity umbrella. ASCreateLocalIdentity should have been done succesfully before making this call. directoryRecordCID -> is the record creationID obtained when DirAddOCEDirectory or DirAddDSAMDirectory call was made. rid-> is the recordID in which the identity for the directory will be established. password-> the password associated with the rid in the directory world. } OCESetupAddDirectoryInfoPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; directoryRecordCID: CreationID; { --> CreationID for the directory } recordID: RecordIDPtr; { --> recordID for the identity } password: RStringPtr; { --> password in the directory world } END; { kOCESetupChangeDirectoryInfo: Using this call an existing identity for a directory under LocalIdentity umbrella can be changed. ASCreateLocalIdentity should have been done succesfully before making this call. directoryRecordCID -> is the record creationID obtained when DirAddOCEDirectory or DirAddDSAMDirectory call was made. rid-> is the recordID in which the identity for the directory will be established. password-> the password associated with the rid in the directory world. newPassword -> the new password for the directory } OCESetupChangeDirectoryInfoPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; directoryRecordCID: CreationID; { --> CreationID for the directory } recordID: RecordIDPtr; { --> recordID for the identity } password: RStringPtr; { --> password in the directory world } newPassword: RStringPtr; { --> new password in the directory } END; { kOCESetupRemoveDirectoryInfo: Using this call an existing identity for a directory under LocalIdentity umbrella can be changed. ASCreateLocalIdentity should have been done succesfully before making this call. directoryRecordCID -> is the record creationID obtained when DirAddOCEDirectory or } OCESetupRemoveDirectoryInfoPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; directoryRecordCID: CreationID; { --> CreationID for the directory } END; { kOCESetupGetDirectoryInfo: Using this call info on an existing identity for a particular directory under LocalIdentity umbrella can be obtained. For the specified directory 'directoryName' and 'discriminator', rid and nativeName will returned. Caller must provide appropriate buffer to get back rid and nativeName. 'password' will be returned for non-ADAP Directories.. } OCESetupGetDirectoryInfoPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; directoryName: DirectoryNamePtr; { --> directory name } discriminator: DirDiscriminator; { --> discriminator for the directory } recordID: RecordIDPtr; { <-- rid for the directory identity } nativeName: RStringPtr; { <-- user name in the directory world } password: RStringPtr; { <-- password in the directory world } END; {**************************************************************************** Directory Manager operations ****************************************************************************} { AddRecord } DirAddRecordPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { --> CreationID returned here } allowDuplicate: BOOLEAN; { --> } END; { DeleteRecord } DirDeleteRecordPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { --> } END; { aRecord must contain valid PackedRLI and a CreationID. } {********************************************************************************} { DirEnumerate: This call can be used to enumerate both DNodes and records under a specified DNode. A DNode is specified by the PackedRLIPtr 'aRLI'. startingPoint indicates where to start the enumeration. Initially, it should be set to a value of nil. After some records are enumerated, the client can issue the call again with the same aRLI and recordName and typeList. The last received DirEnumSpec in the startingPoint field. The server will continue the enumeration from that record on. if user wants to get back the value specified in the startingRecord also, the BOOLEAN 'includeStartingPoint' must be set to 'true'. If this is set to 'false', records specified after the startingPoint record will be returned. sortBy indicates to the server to return the records that match in name-first or type-first order. sortDirection indicates to the server to search in forward or backward sort order for RecordIDs Specified. RecordIDS and Enumeration Criteria: PackedRLIPtr parameter 'aRLI' will be accepted for DNode specification. One RStringPtr 'recordName' is provided. User is allowed to specify a wild card in the name. 'typeCount' parameter indicate how many types are in the 'typeList'. 'typeList' parmeter is a pointer to an RString array of size 'typeCount'. If 'typeCount' is exactly equal to one, a wild card can be specified for the entity type; otherwise types have to be completely specified. A nil value for 'startingPoint' is allowed when sortDirection specified is 'kSortBackwards'. This was not allowed previously. 'enumFlags' parameter is a bit field. The following bits can be set: kEnumDistinguishedNameMask to get back records in the cluster data base. kEnumAliasMask to get back record aliases kEnumPseudonymMask to get back record pseudonyms kEnumDNodeMask to get back any children dNodes for the DNode specified in the 'aRLI' parameter. kEnumAll is combination of all four values and can be used to enumerate everything under a specified DNode. 'requestScriptCode' is input parameter and should be ignored in the Release 1.0 by all directories (including DSAM directories). However clients are advised to set this to desired valid script code for future compatibility. 'responseScriptCode' is output parameter and this will be set when DirEnumerateGet call completes successfully (includes kOCEMoreData error case). If the 'responseScriptCode' is one of the defined script codes, it indicates that entries are sorted in that script code. This value need not be equal to the 'requsetScriptCode'. If the value returned is smInvalidScript, then the sort order returned can be determined by the feature flags for that directory. This may indicate entries may be sorted in some order or not sorted in any particular order. The results returned for each element will consist of a DirEnumSpec. The DirEnumSpec contains 'enumFlag' which indicates the type of entity and a union which will have either DNodeID or LocalRecordID depending on the value of 'enumFlag'. The 'enumFlag' will indicate whether the returned element is a record(bit: kEnumDistinguishedNameMask) or a alias(bit: kEnumAliasMask) or a Pseudonym(kEnumPseudonymMask) or a child DNode(bit: kEnumChildMask). If the 'enumFlag' value is kEnumChildMask, it indicates the value returned in the union is a DNodeID (i.e. 'dNodeNumber' is the 'dNodeNumber' of the child dnode(if the directory supports dNodeNumbers, otherwise this will be set to zero). The name will be the child dnode name. For other values of the 'enumFlag', the value in the union will be LocalRecordID. The results will be collected in the 'getBuffer' supplied by the user. If buffer can not hold all the data returned 'kOCEMoreData' error will be returned. If user receives 'noErr' or 'kOCEMoreData', buffer will contain valid results. A user can extract the results in the 'getBuffer' by making DirEnumerateParse' call. } DirEnumerateGetPB = PACKED RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRLI: PackedRLIPtr; { --> an RLI specifying the cluster to be enumerated } startingPoint: ^DirEnumSpec; { --> } sortBy: DirSortOption; { --> } sortDirection: DirSortDirection; { --> } dReserved: LONGINT; { -- } nameMatchString: RStringPtr; { --> name from which enumeration should start } typesList: ^RStringPtr; { --> list of entity types to be enumerated } typeCount: LONGINT; { --> number of types in the list } enumFlags: DirEnumChoices; { --> indicates what to enumerate } includeStartingPoint: BOOLEAN; { --> if true return the record specified in starting point } padByte: Byte; matchNameHow: DirMatchWith; { --> Matching Criteria for nameMatchString } matchTypeHow: DirMatchWith; { --> Matching Criteria for typeList } getBuffer: Ptr; { --> } getBufferSize: LONGINT; { --> } responseSLRV: SLRV; { <-- response SLRV } END; { The EnumerateRecords call-back function is defined as follows: } ForEachDirEnumSpec = ProcPtr; { FUNCTION ForEachDirEnumSpec( clientData: long; enumSpec: DirEnumSpec): BOOLEAN;} { EnumerateParse: After an EnumerateGet call has completed, call EnumerateParse to parse through the buffer that was filled in EnumerateGet. 'eachEnumSpec' will be called each time to return to the client a DirEnumSpec that matches the pattern for enumeration. 'enumFlag' indicates the type of information returned in the DirEnumSpec The clientData parameter that you pass in the parameter block will be passed to 'forEachEnumDSSpecFunc'. You are free to put anything in clientData - it is intended to allow you some way to match the call-back to the original call (example: for; you make more then one aysynchronous EnumerateGet calls and you want to associate returned results in some way). The client should return FALSE from 'eachEnumSpec' to continue processing of the EnumerateParse request. Returning TRUE will terminate the EnumerateParse request. For synchronous calls, the call-back routine actually runs as part of the same thread of execution as the thread that made the EnumerateParse call. That means that the same low-memory globals, A5, stack, etc. are in effect during the call-back that were in effect when the call was made. Because of this, the call-back routine has the same restrictions as the caller of EnumerateParse: if EnumerateParse was not called from interrupt level, then the call- back routine can allocate memory. For asynchronous calls, call-back routine is like a ioCompletion except that A5 will be preserved for the application. } DirEnumerateParsePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRLI: PackedRLIPtr; { --> an RLI specifying the cluster to be enumerated } bReserved: LONGINT; { -- } cReserved: LONGINT; { -- } eachEnumSpec: ForEachDirEnumSpec; { --> } eReserved: LONGINT; { -- } fReserved: LONGINT; { -- } gReserved: LONGINT; { -- } hReserved: LONGINT; { -- } iReserved: LONGINT; { -- } getBuffer: Ptr; { --> } getBufferSize: LONGINT; { --> } l1Reserved: INTEGER; { -- } l2Reserved: INTEGER; { -- } l3Reserved: INTEGER; { -- } l4Reserved: INTEGER; { -- } END; { LookupGet: aRecordList is an array of pointers to RecordIDs, each of which must contain valid PackedRLI and a CreationID. recordIDCount is the size of this array. attrTypeList is an array of pointers to AttributeTypes. attrTypeCount is the size of this array. staringRecordIndex is the record from which to continue the lookup. If you want to start from first record in the list, this must be 1 (zero: not). This value must always be <= recordIDCount. startingAttributeIndex is the AttributeType from which we want to continue the lookup. If you want to start from first attribute in the list, this must be 1 (zero: not). This value must always be <= attrTypeCount. startingAttribute is the value of the attribute value from which we want to continue lookup. In case of directories supporting creationIDs, startingAttribute may contain only a CID. Other directories may require the entire value. If a non-null cid is given and if an attribute value with that cid is not found, this call will terminate with kOCENoSuchAttribute error. A client should not make a LookupParse call after getting this error. 'includeStartingPoint' BOOLEAN can be set to 'true' to receive the value specified in the startingPoint in the results returned. If this is set to 'false', the value specified in the startingAttribute will not be returned. When LookupGet call fails with kOCEMoreData, the client will be able to find out where the call ended with a subsequent LookupParse call. When the LookupParse call completes with kOCEMoreData, lastRecordIndex, lastAttributeIndex and lastValueCID will point to the corresponding recordID, attributeType and the CreationID of the last value returned successfully. These parameters are exactly the same ones for the startingRecordIndex, startingAttributeIndex, and startingAttrValueCID so they can be used in a subsequent LookupGet call to continue the lookup. In an extreme case, It is possible that we had an attribute value that is too large to fit in the client's buffer. In such cases, if it was the only thing that we tried to fit into the buffer, the client will not able to proceed further because he will not know the attributeCID of the attribute to continue with. Also he does not know how big a buffer would be needed for the next call to get this 'mondo' attribute value successfully. to support this, LookupParse call will do the following: If LookupGet has failed with kOCEMoreData error, LookupParse will check to make sure that ForEachAttributeValueFunc has been called at least once. If so, the client has the option to continue from that attribute CreationID (for PAB/ADAP) in the next LookupGet call. However, if it was not even called once, then the attribute value may be too big to fit in the user's buffer. In this case, lastAttrValueCID (lastAttribute) and attrSize are returned in the parse buffer and the call will fail with kOCEMoreAttrValue. However, it is possible that ForEachAttributeValue was not called because the user does not have read access to some of the attributeTypes in the list, and the buffer was full before even reading the creationID of any of the attribute values. A kOCEMoreData error is returned. The Toolbox will check for duplicate RecordIDs in the aRecordList. If found, it will return 'daDuplicateRecordIDErr'. The Toolbox will check for duplicate AttributeTypes in the attrTypeList. If found it will return 'daDuplicateAttrTypeErr'. } DirLookupGetPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecordList: ^RecordIDPtr; { --> an array of RecordID pointers } attrTypeList: ^AttributeTypePtr; { --> an array of attribute types } cReserved: LONGINT; { -- } dReserved: LONGINT; { -- } eReserved: LONGINT; { -- } fReserved: LONGINT; { -- } recordIDCount: LONGINT; { --> } attrTypeCount: LONGINT; { --> } includeStartingPoint: BOOLEAN; { --> if true return the value specified by the starting indices } { padByte: Byte; } i1Reserved: INTEGER; { -- } getBuffer: Ptr; { --> } getBufferSize: LONGINT; { --> } startingRecordIndex: LONGINT; { --> start from this record } startingAttrTypeIndex: LONGINT; { --> start from this attribute type } startingAttribute: Attribute; { --> start from this attribute value } pReserved: LONGINT; { -- } END; { The Lookup call-back functions are defined as follows: } ForEachLookupRecordID = ProcPtr; { FUNCTION ForEachLookupRecordID(clientData: long; recordID: RecordID): BOOLEAN;} ForEachAttrTypeLookup = ProcPtr; { FUNCTION ForEachAttrTypeLookup(clientData: long; attrType: AttributeType; myAttrAccMask: AccessMask): BOOLEAN;} ForEachAttrValue = ProcPtr; { FUNCTION ForEachAttrValue(clientData: long; attribute: Attribute): BOOLEAN;} { LookupParse: After a LookupGet call has completed, call LookupParse to parse through the buffer that was filled in LookupGet. The toolbox will parse through the buffer and call the appropriate call-back routines for each item in the getBuffer. 'eachRecordID' will be called each time to return to the client one of the RecordIDs from aRecordList. The clientData parameter that you pass in the parameter block will be passed to eachRecordID. You are free to put anything in clientData - it is intended to allow you some way to match the call-back to the original call (case: in; example: for; you make simultaneous asynchronous LookupGet calls). If you don't want to get a call-back for each RecordID (example: for; if you're looking up attributes for only one RecordID), pass nil for eachRecordID. After forEachLocalRecordIDFunc is called, eachAttrType may be called to pass an attribute type (one from attrTypeList) that exists in the record specified in the last eachRecordID call. If you don't want to get a call-back for each AttributeType (example: for; if you're looking up only one attribute type, or you prefer to read the type from the Attribute struct during the eachAttrValue call-back routine), pass nil for eachAttrType. However access controls may prohibit you from reading some attribute types; in that case eachAttrValue may not be called even though the value exists. Hence the client should supply this call-back function to see the access controls for each attribute type. This will be followed by one or more calls to eachAttrValue, to pass the type, tag, and attribute value. NOTE THIS CHANGE: you are no longer expected to pass a pointer to a buffer in which to put the value. Now you get a pointer to the value, and you can process it within the call-back routine. After one or more values are returned, eachAttrType may be called again to pass another attribute type that exists in the last-specified RecordID. The client should return FALSE from eachRecordID, eachAttrType, and eachAttrValue to continue processing of the LookupParse request. Returning TRUE from any call-back will terminate the LookupParse request. If LookupGet has failed with kOCEMoreData error, LookupParse will check to make sure that ForEachAttributeValueFunc has been called at least once. If so, the client has the option to continue from that attribute CreationID (for PAB/ADAP) in the next LookupGet call. However, if it was not even called once, then the attribute value may be too big to fit in the user's buffer. In this case, lastAttrValueCID (lastAttribute) and attrSize are returned in the parse buffer and the call will fail with kOCEMoreAttrValue. However, it is possible that ForEachAttributeValue was not called because the user does not have read access to some of the attributeTypes in the list, and the buffer was full before even reading the creationID of any of the attribute values. A kOCEMoreData error is returned. For synchronous calls, the call-back routine actually runs as part of the same thread of execution as the thread that made the LookupParse call. That means that the same low-memory globals, A5, stack, etc. are in effect during the call-back that were in effect when the call was made. Because of this, the call-back routine has the same restrictions as the caller of LookupParse: if LookupParse was not called from interrupt level, then the call- back routine can allocate memory. For asynchronous calls, call-back routine is like a ioCompletion except that A5 will be preserved for the application. } DirLookupParsePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecordList: ^RecordIDPtr; { --> must be same from the corresponding Get call } attrTypeList: ^AttributeTypePtr; { --> must be same from the corresponding Get call } cReserved: LONGINT; { -- } eachRecordID: ForEachLookupRecordID;{ --> } eachAttrType: ForEachAttrTypeLookup;{ --> } eachAttrValue: ForEachAttrValue; { --> } recordIDCount: LONGINT; { --> must be same from the corresponding Get call } attrTypeCount: LONGINT; { --> must be same from the corresponding Get call } iReserved: LONGINT; { -- } getBuffer: Ptr; { --> must be same from the corresponding Get call} getBufferSize: LONGINT; { --> must be same from the corresponding Get call} lastRecordIndex: LONGINT; { <-- last RecordID processed when parse completed } lastAttributeIndex: LONGINT; { <-- last Attribute Type processed when parse completed } lastAttribute: Attribute; { <-- last attribute value (with this CreationID) processed when parse completed } attrSize: LONGINT; { <-- length of the attribute we did not return } END; { AddAttributeValue } DirAddAttributeValuePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { --> } attr: AttributePtr; { --> AttributeCreationID returned here } END; { aRecord must contain valid PackedRLI and a CreationID. Instead of passing type, length, and value in three separate fields, we take a pointer to an Attribute structure that contains all three, and has room for the AttributeCreationNumber. The AttributeCreationID will be returned in the attr itself. The AttributeTag tells the directory service that the attribute is an RString, binary, or a RecordID. } { DeleteAttributeType: This call is provided so that an existing AttributeType can be deleted. If any attribute values exist for this type, they will all be deleted (if the user has access rights to delete the values) and then the attribute type will be deleted. Otherwise dsAccessDenied error will be returned. } DirDeleteAttributeTypePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { --> } attrType: AttributeTypePtr; { --> } END; { DeleteAttributeValue } DirDeleteAttributeValuePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { -> } attr: AttributePtr; { -> } END; { ChangeAttributeValue: currentAttr ==> the attribute to be changed. For ADAS and PAB CreationID is sufficient newAttr ==> new value for the attribute. For ADAS and PAB CreationID field will be set when the call succeesfully completes aRecord ==> must contain valid PackedRecordLocationInfo and a CreationID. } DirChangeAttributeValuePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { -> } currentAttr: AttributePtr; { -> } newAttr: AttributePtr; { -> } END; { VerifyAttributeValue } DirVerifyAttributeValuePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { --> } attr: AttributePtr; { --> } END; { aRecord must contain valid PackedRLI and a CreationID. The attribute type and value are passed in the attribute structure. If the attribute CreationID is non-zero, the server will verify that an attribute with the specified value and creation number exists in aRecord. If the attribute CreationID is zero, the server will verify the attribute by type and value alone, and return the attribute CreationID in the Attribute struct if the attribute exists. } { EnumerateAttributeTypesGet: The following two calls can be used to enumerate the attribute types present in a specified RecordID. The first, EnumerateAttributeTypesGet, processes the request and reads the response into getBuffer, as much as will fit. A kOCEMoreData error will be returned if the buffer was not large enough. After this call completes, the client can call EnumerateAttributeTypesParse (below: see). The user will able to continue from a startingPoint by setting a startingAttrType. Typically, this should be the last value returned in EnumerateAttributeTypesParse call when 'kOCEMoreData' is returned. If 'includeStartingPoint' is true when a 'startingAttrType' is specified, the starting value will be included in the results, if it exists. If this is set to false, this value will not be included. AttributeTypes following this type will be returned. } DirEnumerateAttributeTypesGetPB = PACKED RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { --> } startingAttrType: AttributeTypePtr; { --> starting point } cReserved: LONGINT; { -- } dReserved: LONGINT; { -- } eReserved: LONGINT; { -- } fReserved: LONGINT; { -- } gReserved: LONGINT; { -- } hReserved: LONGINT; { -- } includeStartingPoint: BOOLEAN; { --> if true return the attrType specified by starting point } padByte: Byte; i1Reserved: INTEGER; { -- } getBuffer: Ptr; { --> } getBufferSize: LONGINT; { --> } END; { The call-back function is defined as follows: } ForEachAttrType = ProcPtr; { FUNCTION ForEachAttrType(clientData: long; attrType: AttributeType): BOOLEAN;} { EnumerateAttributeTypesParse: After an EnumerateAttributeTypesGet call has completed, call EnumerateAttributeTypesParse to parse through the buffer that was filled in EnumerateAttributeTypesGet. The toolbox will parse through the buffer and call the call-back routine for each attribute type in the getBuffer. The client should return false from eachAttrType to continue processing of the EnumerateAttributeTypesParse request. Returning true will terminate the EnumerateAttributeTypesParse request. The clientData parameter that you pass in the parameter block will be passed to eachAttrType. You are free to put anything in clientData - it is intended to allow you some way to match the call-back to the original call (case: in; example: for; you make simultaneous asynchronous calls). For synchronous calls, the call-back routine actually runs as part of the same thread of execution as the thread that made the EnumerateAttributeTypesParse call. That means that the same low-memory globals, A5, stack, etc. are in effect during the call-back that were in effect when the call was made. Because of this, the call-back routine has the same restrictions as the caller of EnumerateAttributeTypesParse. If EnumerateAttributeTypesParse was not called from interrupt level, then the call- back routine can allocate memory. For asynchronous calls, call-back routine is like a ioCompletion except that A5 will be preserved for the application. } DirEnumerateAttributeTypesParsePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { --> Same as DirEnumerateAttributeTypesGetPB } bReserved: LONGINT; { -- } cReserved: LONGINT; { -- } dReserved: LONGINT; { -- } eachAttrType: ForEachAttrType; { --> } fReserved: LONGINT; { -- } gReserved: LONGINT; { -- } hReserved: LONGINT; { -- } iReserved: LONGINT; { -- } getBuffer: Ptr; { --> } getBufferSize: LONGINT; { --> } END; { DirAbort: With this call a user will able to abort an outstanding directory service call. A user must pass a pointer to the parameter block for the outstanding call. In the current version of the product, the toolbox will process this call for NetSearchADAPDirectoriesGet or FindADAPDirectoryByNetSearch calls and if possible it will abort. For other calls for ADAP and PAB this will return 'daAbortFailErr'. For DSAM directories, this call will be passed to the corresponding DSAM driver. The DSAM driver may process this call or may return 'daAbortFailErr'. This call can be called only in synchronous mode. Since the abort call makes references to fields in the pb associated with the original call, this pb must not be disposed or or altered if the original call completes before the abort call has completed. } DirAbortPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; pb: Ptr; { --> pb for the call which must be aborted } { ^DirParamBlock } END; { AddPseudonym: An alternate name and type can be added to a given record. If allowDuplicate is set the name and type will be added even if the same name and type already exists. } DirAddPseudonymPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { --> RecordID to which pseudonym is to be added } pseudonymName: RStringPtr; { --> new name to be added as pseudonym } pseudonymType: RStringPtr; { --> new name to be added as pseudonym } allowDuplicate: BOOLEAN; { --> } END; { DeletePseudonym: An alternate name and type for a given record can be deleted. } DirDeletePseudonymPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { --> RecordID to which pseudonym to be added } pseudonymName: RStringPtr; { --> pseudonymName to be deleted } pseudonymType: RStringPtr; { --> pseudonymType to be deleted } END; { AddAlias: This call can be used to create an alias record. The alias can be created either in the same or different cluster. ADAS will not support this call for this release. A new directory capability flag 'kSupportsAlias' will indicate if the directory supports this call. PAB's will support this call. For the PAB implementation, this call will create a record with the name and type specified an aRecord. This call works exactly like AddRecord. If 'allowDuplicate' is false and another record with same name and type already exists 'daNoDupAllowed' error will be returned. } DirAddAliasPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { -> } allowDuplicate: BOOLEAN; { -> } END; { DirFindValue: This call can be used to find the occurrence of a value. The value to be matched is passed in the buffer 'matchingData' field. The current ADAP/PAB implementation will match a maximum of 32 bytes of data. For attribute values in the PAB/ADAP implementation, only the first 32 bytes will be used for comparing the occurrence of data. Search can be restricted to a particular record and/or attribute type by specifying 'aRecord' or 'aType'. After finding one occurrence, 'startingRecord' and 'startingAttribute' can be specified to find the next occurrence of the same value. 'sortDirection' can be specified with starting values to search forward or backward. When a matching value is found, the 'recordFound' indicates the reccordID in which the data occurrence was found, 'attributeFound' indicates the attribute with in which the matching data was found. ADAP/PAB implementation returns only the type and creationID of attributes. Directories which don't support creationIDs may return the complete value; hence this call may need a buffer to hold the data. For ADAP/PAB implementations the user has to make a DirLookup call to get the actual data. 'recordFound' and 'attributeFound' can be used to initialize 'startingRecord' and 'startingAttribute' to find the next occurrence of the value. } DirFindValuePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRLI: PackedRLIPtr; { --> an RLI specifying the cluster to be enumerated } aRecord: LocalRecordIDPtr; { --> if not nil, look only in this record } attrType: AttributeTypePtr; { --> if not nil, look only in this attribute type } startingRecord: LocalRecordIDPtr; { --> record in which to start searching } startingAttribute: AttributePtr; { --> attribute in which to start searching } recordFound: LocalRecordIDPtr; { <-- record in which data was found } attributeFound: Attribute; { <-- attribute in which data was found } matchSize: LONGINT; { --> length of matching bytes } matchingData: Ptr; { --> data bytes to be matched in search } sortDirection: DirSortDirection; { --> sort direction (forwards or backwards) } END; { EnumeratePseudonymGet: This call can be used to enumerate the existing pseudonyms for a given record specified in 'aRecord'. A starting point can be specified by 'startingName' and 'startingType'. If the 'includeStartingPoint' boolean is true and a starting point is specified, the name specified by startingName and startingType also is returned in the results, if it exists. If this is set to false, the pseudonym in startingName and Type is not included. Pseudonyms returned in the 'getBuffer' can be extracted by making an EnumeratePseudonymParse call. The results will consist of a RecordID with the name and type of the pseudonym. If the buffer could not hold all the results, then 'kOCEMoreData' error will be returned. The user will be able to continue the call by using the last result returned as starting point for the next call. } DirEnumeratePseudonymGetPB = PACKED RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { --> } startingName: RStringPtr; { --> } startingType: RStringPtr; { --> } dReserved: LONGINT; { -- } eReserved: LONGINT; { -- } fReserved: LONGINT; { -- } gReserved: LONGINT; { -- } hReserved: LONGINT; { -- } includeStartingPoint: BOOLEAN; { --> if true return the Pseudonym specified by starting point will be included } padByte: Byte; i1Reserved: INTEGER; { -- } getBuffer: Ptr; { --> } getBufferSize: LONGINT; { --> } END; { The call-back function is defined as follows: } ForEachRecordID = ProcPtr; { FUNCTION ForEachRecordID(clientData: long; recordID: RecordID): BOOLEAN;} { EnumeratePseudonymParse: The pseudonyms returned in the 'getBuffer' from the EnumeratePseudonymGet call can be extracted by using the EnumeratePseudonymParse call. 'eachRecordID' will be called for each pseudonym. Returning true from any call-back will terminate the EnumeratePseudonymParse call. For synchronous calls, the call-back routine actually runs as part of the same thread of execution as the thread that made the EnumeratePseudonymParse call. That means that the same low-memory globals, A5, stack, etc. are in effect during the call-back that were in effect when the call was made. Because of this, the call-back routine has the same restrictions as the caller of EnumeratePseudonymParse: if EnumeratePseudonymParse was not called from interrupt level, then the call- back routine can allocate memory. For asynchronous calls, call-back routine is like a ioCompletion except that A5 will be preserved for the application. } DirEnumeratePseudonymParsePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { --> same as DirEnumerateAliasesGetPB } bReserved: LONGINT; { -- } cReserved: LONGINT; { -- } eachRecordID: ForEachRecordID; { --> } eReserved: LONGINT; { -- } fReserved: LONGINT; { -- } gReserved: LONGINT; { -- } hReserved: LONGINT; { -- } iReserved: LONGINT; { -- } getBuffer: Ptr; { --> } getBufferSize: LONGINT; { --> } END; { GetNameAndType } DirGetNameAndTypePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { --> } END; { aRecord must contain valid RLI and a CreationID. It must also contain pointers to maximum-length RStrings (name and type fields) in which will be returned the record's distinguished name and type. } { SetNameAndType: This call can be used to change a name and type for a record. The record to be renamed is specified using 'aRecord'. 'newName' and 'newType' indicate the name and type to be set. 'allowDuplicate' if true indicates that name is to be set even if another name and type exactly matches the newName and newType specified. 'newName' and 'newType' are required since the directories not supporting CreationID require name and type fields in the recordID to identify a given record. } DirSetNameAndTypePB = PACKED RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { --> } allowDuplicate: BOOLEAN; { --> } padByte: Byte; newName: RStringPtr; { --> new name for the record } newType: RStringPtr; { --> new type for the record } END; { DirGetMetaRecordInfo: This call can be made to obtain the MetaRecordInfo for a given record. Information returned is 16 bytes of OPAQUE information about the record. } DirGetRecordMetaInfoPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { --> } metaInfo: DirMetaInfo; { <-- } END; { DirGetDNodeMetaInfo: This call can be made to obtain the DNodeMetaInfo for a given Packed RLI. Information returned is 16 bytes of OPAQUE information about the DNode. } DirGetDNodeMetaInfoPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; pRLI: PackedRLIPtr; { --> } metaInfo: DirMetaInfo; { <-- } END; { EnumerateDirectoriesGet: A user can enumerate all the directories installed. This includes installed ADAP and DSAM directories. The user can specify a signature as input to restrict the results. kDirADAPKind will return only ADAP directories, kDirDSAMKind will return all DSAM directories. kDirAllKinds will get both ADAP & DSAM directories. A specific signature (e.g. X.500) may be used to get directories with an X.500 signature. The information for each directory returned will have directoryName, discriminator and features. If the user receives 'noErr' or 'kOCEMoreData', the buffer will contain valid results. A user can extract the results in the 'getBuffer' by making an DirEnumerateDirectories call. If 'kOCEMoreData' is received, the user can continue enumeration by using the last directory and discriminator as startingDirectoryName and staringDirDiscriminator in the next call. If 'includeStartingPoint' is true and a starting point is specified, the staring point will be returned in the result. If false, it is not included. } DirEnumerateDirectoriesGetPB = PACKED RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; directoryKind: OCEDirectoryKind; { --> enumerate directories bearing this signature } startingDirectoryName: DirectoryNamePtr; { --> staring directory name } startingDirDiscriminator: DirDiscriminator; { --> staring directory discriminator } eReserved: LONGINT; { -- } fReserved: LONGINT; { -- } gReserved: LONGINT; { -- } hReserved: LONGINT; { -- } includeStartingPoint: BOOLEAN; { --> if true return the dir specified by starting point } padByte: Byte; i1Reserved: INTEGER; { -- } getBuffer: Ptr; { --> } getBufferSize: LONGINT; { --> } END; ForEachDirectory = ProcPtr; { FUNCTION ForEachDirectory(clientData: long; dirName: DirectoryName; discriminator: DirDiscriminator; features: DirGestalt): BOOLEAN;} { EnumerateDirectoriesParse: The directory info returned in 'getBuffer' from the EnumerateDirectoriesGet call can be extracted using the EnumerateDirectoriesParse call. 'eachDirectory' will be called for each directory. Returning true from any call-back will terminate the EnumerateDirectoriesParse call. For synchronous calls, the call-back routine actually runs as part of the same thread of execution as the thread that made the EnumerateDirectoriesParse call. That means that the same low-memory globals, A5, stack, etc. are in effect during the call-back that were in effect when the call was made. Because of this, the call-back routine has the same restrictions as the caller of EnumerateDirectoriesParse: if EnumerateDirectoriesParse was not called from interrupt level, then the call- back routine can allocate memory. For asynchronous calls, call-back routine is like a ioCompletion except that A5 will be preserved for the application. eachDirectory will be called each time to return to the client a DirectoryName, DirDiscriminator, and features for that directory. } DirEnumerateDirectoriesParsePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aReserved: LONGINT; { -- } bReserved: LONGINT; { -- } cReserved: LONGINT; { -- } dReserved: LONGINT; { -- } eachDirectory: ForEachDirectory; { --> } fReserved: LONGINT; { -- } gReserved: LONGINT; { -- } hReserved: LONGINT; { -- } iReserved: LONGINT; { -- } getBuffer: Ptr; { --> } getBufferSize: LONGINT; { --> } END; { The Following five call are specific to ADAP Directories. Toolbox remembers a list of directories across boots. If any directory service call is intended for a ADAP directory, then it must be in the list. In order for managing this list, A client (Probably DE will use these calls. DirAddADAPDirectoryPB: Add a new ADAP directory to the list. DirRemoveADAPDirectory: Remove a ADAP directory from the list. DirNetSearchADAPDirectoriesGet: search an internet for adas directories. DirNetSearchADAPDirectoriesParse: extract the results obtained NetSearchADAPDirectoriesGet. DirFindADAPDirectoryByNetSearch: Find a specified directory through net search. } { NetSearchADAPDirectoriesGet: This call can be used to make a network wide search for finding ADAP directories. This call will be supported only by 'ADAP' and involve highly expensive network operations, so the user is advised to use utmost discretion before making this call. The results will be collected in the 'getbuffer' and can be extracted using NetSearchADAPDirectoriesParse call. The directoryName, the directoryDiscriminator, features and serverHint (AppleTalk address for a PathFinder serving that directory) are collected for each directory found on the network. If buffer is too small to hold all the directories found on the network, a 'kOCEMoreData' error will be returned. } DirNetSearchADAPDirectoriesGetPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; getBuffer: Ptr; { --> } getBufferSize: LONGINT; { --> } cReserved: LONGINT; { -- } END; ForEachADAPDirectory = ProcPtr; { FUNCTION ForEachADAPDirectory( clientData: long; dirName: DirectoryName; discriminator: DirDiscriminator; features: DirGestalt; serverHint: AddrBlock): BOOLEAN;} { DirNetSearchADAPDirectoriesParse: This call can be used to extract the results obtained in the 'getBuffer'. The directoryName, directoryDiscriminator, features and serverHint (AppleTalk address for a PathFinder serving that directory) are returned in each call-back. These values may be used to make an AddADAPDirectory call. Returning TRUE from any call-back will terminate the NetSearchADAPDirectoriesParse request. For synchronous calls, the call-back routine actually runs as part of the same thread of execution as the thread that made the DirNetSearchADAPDirectoriesParse call. That means that the same low-memory globals, A5, stack, etc. are in effect during the call-back that were in effect when the call was made. Because of this, the call-back routine has the same restrictions as the caller of DirNetSearchADAPDirectoriesParse: if DirNetSearchADAPDirectoriesParse was not called from interrupt level, then the call- back routine can allocate memory. For asynchronous calls, call-back routine is like a ioCompletion except that A5 will be preserved for the application. } DirNetSearchADAPDirectoriesParsePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; getBuffer: Ptr; { --> } getBufferSize: LONGINT; { --> } eachADAPDirectory: ForEachADAPDirectory; { --> } END; { DirFindADAPDirectoryByNetSearch: This call can be used to make a network wide search to find an ADAP directory. This call will be supported only by 'ADAP' and involves highly expensive network operations, so the user is advised to use utmost discretion before making this call. The directory is specified using directoryName and discriminator. If 'addToOCESetup' is true, the directory will be automatically added to the setup list and will be visible through the EnumerateDirectories call and also also a creationID to the directoryRecord will be returned. If this parameter is set to 'false', the directory will be added to temporary list and will be available for making other directory service calls. The directories which are not in the preference directory list will not be visible through the EnumerateDirectories call. } DirFindADAPDirectoryByNetSearchPB = PACKED RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; directoryName: DirectoryNamePtr; { --> directory name } discriminator: DirDiscriminator; { --> discriminate between dup dir names } addToOCESetup: BOOLEAN; { --> add this directory to OCE Setup List } padByte: Byte; directoryRecordCID: CreationID; { <-- creationID for the directory record } END; { DirAddADAPDirectory: The directory specified by 'directoryName' and 'discriminator' will be added to the list of directories maintained by the Toolbox. Once added, the directory is available across boots, until the directory is removed explicitly through a DirRemoveADAPDirectory call. If 'serverHint' is not nil, the address provided will be used to contact a PathFinder for the directory specified. If 'serverHint' is nil or does not point to a valid PathFinder server for that directory, this call will fail. If 'addToOCESetup' is true, the directory will be automatically added to the setup directory list and will be visible through EnumerateDirectories calls and also a creationID to the directoryRecord will be returned. If this parameter is set to 'false', directory will be added to temprary list and will be available for making other directory service calls. The directories which are not in the setup list will not be visible through EnumerateDirectories call. } DirAddADAPDirectoryPB = PACKED RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; directoryName: DirectoryNamePtr; { --> directory name } discriminator: DirDiscriminator; { --> discriminate between dup dir names } addToOCESetup: BOOLEAN; { --> add this directory to OCE Setup } padByte: Byte; directoryRecordCID: CreationID; { <-- creationID for the directory record } END; { GetDirectoryInfo: DirGetDirectoryInfo will do: If a 'dsRefNum' is non-Zero, the directory information for the corresponding PAB will be returned. If 'dsRefNum' is zero and 'serverHint' is non-zero, If the 'serverHint' points to a valid ADAP Directory Server(Finder: Path), the directory information (i.e. directoryName, discriminator, features) for that directory will be returned. If a vlid directory name and discriminator are provided features (Set of capability flags) for that directory will be returned. } DirGetDirectoryInfoPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; directoryName: DirectoryNamePtr; { --> directory name } discriminator: DirDiscriminator; { <--> descriminate between dup dir names } features: DirGestalt; { <-- capability bit flags } END; { pass kThisRecordOwnerMask, kFriendsMask, kAuthenticatedInDNodeMask, kAuthenticatedInDirectoryMask, kGuestMask, or kMeMask to this routine, and it will return a pointer to a DSSpec that can be used in the Get or Set Access Controls calls. } FUNCTION OCEGetAccessControlDSSpec(categoryBitMask: CategoryMask): DSSpecPtr; INLINE $303C, kOCEGetAccessControlDSSpec, $AA5C; { Note on Access Controls: Access control is based on a list model. You can add Access Controls to a dsObject through set calls. You can get access controls list which gives dsObject and accMask for each dsObject. GetAccessControl can be limited to currently supplied identity by setting forCurrentUserOnly. There are special DSObjects are defined in ADASTypes.h for each of the category supported in ADAS Directories. (kOwner, kFriends, kAuthenticatedToCluster, kAuthenticatedToDirectory, kGuest) and DUGetActlDSSpec call can be used to obtain appropraiate DSSpec before making set calls to ADAS directories. } { DirSetDNodeAccessControl: pRLI -> RecordLocationInfo for which access controls should apply. dsObject -> Object to which access controls be granted. activeDnodeAccMask -> active access control mask for the DNode defaultRecordAccMask -> default access control mask for Records defaultAttributeAccMask -> default access control mask for Attributes } TYPE DirSetDNodeAccessControlPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; pRLI: PackedRLIPtr; { -> RLI of the DNode to which access controls are sought } bReserved: LONGINT; { -- unused } dsObject: ^DSSpec; { -> Object to which access controls be granted } activeDnodeAccMask: AccessMask; { -> access control mask to be granted } defaultRecordAccMask: AccessMask; { -> access control mask to be granted } defaultAttributeAccMask: AccessMask;{ -> access control mask to be granted } END; { SetRecordAccessControl: aRecord -> RecordID for which access controls should apply. dsObject -> Object to which access controls be granted. activeRecordAccMask -> active access control mask for the record defaultAttributeAccMask -> default access control mask for attributes } DirSetRecordAccessControlPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { -> RecordID to which access controls are sought } bReserved: LONGINT; { -- unused } dsObject: ^DSSpec; { -> Object to which access controls be granted } dReserved: LONGINT; { - } activeRecordAccMask: AccessMask; { -> access control mask to be granted } defaultAttributeAccMask: AccessMask;{ -> access control mask to be granted } END; { SetAttributeAccessControl: aRecord -> RecordID containing the attribute to which aaccess controls should apply. aType -> AttributeType to which access controls should apply dsObject -> Object to which access controls be granted. activeAttributeAccMask -> active access control mask for the attribute } DirSetAttributeAccessControlPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { -> RecordID to which access controls are sought } aType: AttributeTypePtr; { -> AttributeType to which access controls should apply } dsObject: ^DSSpec; { -> Object to which access controls be granted } dReserved: LONGINT; { -- } eReserved: LONGINT; { -- } activeAttributeAccMask: AccessMask; { -> access control mask to be granted } END; { GetDNodeAccessControlGet: This call can be done to get back access control list for a DNode. pRLI -> RLI of the DNode whose access control list is sought curUserAccMask -> If this is 'true', Access controls for the user specified by the identity parameter will be returned other wise entire list will be returned. startingDsObj -> If this is not nil, list should be started after this object. startingPointInclusive -> If staringDsObj is specified, include that in the returned results. The results will be collected in the 'getBuffer' supplied by the user. If buffer can not hold all the data returned 'daMoreData' error will be returned. If user receives 'noErr' or 'daMoreData', buffer will contain valid results. A user can extract the results in the 'getBuffer' by making 'DsGetDNodeAccessControlParse' call. Results returned for each DSObject will contain DSSpecPtr and three sets of access mask. } DirGetDNodeAccessControlGetPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; pRLI: PackedRLIPtr; { -> RLI of the cluster whose access control list is sought } bReserved: LONGINT; { -- unused } cReserved: LONGINT; { -- unused } dReserved: LONGINT; { -- unused } eResreved: LONGINT; { --> } forCurrentUserOnly: BOOLEAN; { --> } startingPoint: ^DSSpec; { --> starting Point } includeStartingPoint: BOOLEAN; { -> if true return the DsObject specified in starting point } getBuffer: Ptr; { -> } getBufferSize: LONGINT; { -> } END; { The Access Control call-back function is defined as follows: } ForEachDNodeAccessControl = ProcPtr; { FUNCTION ForEachDNodeAccessControl( clientData: long; dsObj: DSSpec; activeDnodeAccMask: AccessMask; defaultRecordAccMask: AccessMask; defaultAttributeAccMask: AccessMask): BOOLEAN;} { GetDNodeAccessControlParse: After an GetDNodeAccessControlGet call has completed, call GetDNodeAccessControlParse to parse through the buffer that that was filled in GetDNodeAccessControlGet. 'eachObject' will be called each time to return to the client a DsObject and a set of three accMasks (three LONGINT words) for that object. Acceesmasks returned apply to the dsObject in the callback : 1. Currently Active Access mask for the specified DNode. 2. Default Access mask for any Record in the DNode 3. Default Access mask for any Attribute in the DNode The clientData parameter that you pass in the parameter block will be passed to 'eachObject'. You are free to put anything in clientData - it is intended to allow you some way to match the call-back to the original call (example: for; you make more then one aysynchronous GetDNodeAccessControlGet calls and you want to associate returned results in some way). The client should return FALSE from 'eachObject' to continue processing of the GetDNodeAccessControlParse request. Returning TRUE will terminate the GetDNodeAccessControlParse request. For synchronous calls, the call-back routine actually runs as part of the same thread of execution as the thread that made the GetDNodeAccessControlParse call. That means that the same low-memory globals, A5, stack, etc. are in effect during the call-back that were in effect when the call was made. Because of this, the call-back routine has the same restrictions as the caller of GetDNodeAccessControlParse: if GetDNodeAccessControlParse was not called from interrupt level, then the call- back routine can allocate memory. For asynchronous calls, call-back routine is like a ioCompletion except that A5 will be preserved for the application. } DirGetDNodeAccessControlParsePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; pRLI: PackedRLIPtr; { -> RLI of the cluster } bReserved: LONGINT; { -- unused } cReserved: LONGINT; { -- unused } dReserved: LONGINT; { -- unused } eachObject: ForEachDNodeAccessControl; { --> } forCurrentUserOnly: BOOLEAN; { --> } startingPoint: ^DSSpec; { --> starting Point } includeStartingPoint: BOOLEAN; { -> if true return the record specified in starting point } getBuffer: Ptr; { -> } getBufferSize: LONGINT; { -> } END; { GetRecordAccessControlGet: This call can be done to get back access control list for a RecordID. aRecord -> RecordID to which access control list is sought curUserAccMask -> If this is 'true', Access controls for the user specified by the identity parameter will be returned other wise entire list will be returned. startingDsObj -> If this is not nil, list should be started after this object. startingPointInclusive -> If staringDsObj is specified, include that in the returned results. The results will be collected in the 'getBuffer' supplied by the user. If buffer can not hold all the data returned 'daMoreData' error will be returned. If user receives 'noErr' or 'daMoreData', buffer will contain valid results. A user can extract the results in the 'getBuffer' by making 'DsGetDNodeAccessControlParse' call. Results returned for each DSObject will contain DSSpecPtr and accMask. } DirGetRecordAccessControlGetPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { -> RecordID to which access control list is sought list is sought } bReserved: LONGINT; { -- unused } cReserved: LONGINT; { -- unused } dReserved: LONGINT; { -- unused } eResreved: LONGINT; { --> } forCurrentUserOnly: BOOLEAN; { --> } startingPoint: ^DSSpec; { --> starting Point } includeStartingPoint: BOOLEAN; { -> if true return the DsObject specified in starting point } getBuffer: Ptr; { -> } getBufferSize: LONGINT; { -> } END; { The Access Control call-back function is defined as follows: } ForEachRecordAccessControl = ProcPtr; { FUNCTION ForEachRecordAccessControl(clientData: long; dsObj: DSSpec; activeDnodeAccMask: AccessMask; activeRecordAccMask: AccessMask; defaultAttributeAccMask: AccessMask): BOOLEAN;} { GetRecordAccessControlParse: After an GetRecordAccessControlGet call has completed, call GetRecordAccessControlParse to parse through the buffer that that was filled in GetRecordAccessControlGet. 'eachObject' will be called each time to return to the client a DsObject and a set of three accMasks (three LONGINT words) for that object. Acceesmasks returned apply to the dsObject in the callback : 1. Active Access mask for the DNode Containing the Record. 2. Active Access mask for the Record specified. 3. Defualt Access mask for Attributes in the record. The clientData parameter that you pass in the parameter block will be passed to 'eachObject'. You are free to put anything in clientData - it is intended to allow you some way to match the call-back to the original call (example: for; you make more then one aysynchronous GetRecordAccessControlGet calls and you want to associate returned results in some way). The client should return FALSE from 'eachObject' to continue processing of the GetRecordAccessControlParse request. Returning TRUE will terminate the GetRecordAccessControlParse request. For synchronous calls, the call-back routine actually runs as part of the same thread of execution as the thread that made the GetRecordAccessControlParse call. That means that the same low-memory globals, A5, stack, etc. are in effect during the call-back that were in effect when the call was made. Because of this, the call-back routine has the same restrictions as the caller of GetRecordAccessControlParse: if GetRecordAccessControlParse was not called from interrupt level, then the call- back routine can allocate memory. For asynchronous calls, call-back routine is like a ioCompletion except that A5 will be preserved for the application. } DirGetRecordAccessControlParsePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { -> RecordID to which access control list is sought list is sought } bReserved: LONGINT; { -- unused } cReserved: LONGINT; { -- unused } dReserved: LONGINT; { -- unused } eachObject: ForEachRecordAccessControl; { --> } forCurrentUserOnly: BOOLEAN; { --> } startingPoint: ^DSSpec; { --> starting Point } includeStartingPoint: BOOLEAN; { -> if true return the record specified in starting point } getBuffer: Ptr; { -> } getBufferSize: LONGINT; { -> } END; { GetAttributeAccessControlGet: This call can be done to get back access control list for a attributeType with in a RecordID. aRecord -> RecordID to which access control list is sought aType -> Attribute Type to which access controls are sought curUserAccMask -> If this is 'true', Access controls for the user specified by the identity parameter will be returned other wise entire list will be returned. startingDsObj -> If this is not nil, list should be started after this object. startingPointInclusive -> If staringDsObj is specified, include that in the returned results. The results will be collected in the 'getBuffer' supplied by the user. If buffer can not hold all the data returned 'daMoreData' error will be returned. If user receives 'noErr' or 'daMoreData', buffer will contain valid results. A user can extract the results in the 'getBuffer' by making 'DsGetDNodeAccessControlParse' call. Results returned for each DSObject will contain DSSpecPtr and accMask. } DirGetAttributeAccessControlGetPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { -> RecordID to which access control list is sought list is sought } aType: AttributeTypePtr; { -> Attribute Type to which access controls are sought } cReserved: LONGINT; { -- unused } dReserved: LONGINT; { -- unused } eResreved: LONGINT; { --> } forCurrentUserOnly: BOOLEAN; { --> } startingPoint: ^DSSpec; { --> starting Point } includeStartingPoint: BOOLEAN; { -> if true return the DsObject specified in starting point } getBuffer: Ptr; { -> } getBufferSize: LONGINT; { -> } END; { The Access Control call-back function is defined as follows: } ForEachAttributeAccessControl = ProcPtr; { FUNCTION ForEachAttributeAccessControl(clientData: long; dsObj: DSSpec; activeDnodeAccMask: AccessMask; activeRecordAccMask: AccessMask; activeAttributeAccMask: AccessMask): BOOLEAN;} { GetAttributeAccessControlParse: After an GetAttributeAccessControlGet call has completed, call GetAttributeAccessControlParse to parse through the buffer that that was filled in GetAttributeAccessControlGet. 'eachObject' will be called each time to return to the client a DsObject and a set of three accMasks (three LONGINT words) for that object. Acceesmasks returned apply to the dsObject in the callback : 1. Active Access mask for the DNode Containing the Attribute. 2. Active Access mask for the Record in the Containing the Attribute. 3. Active Access mask for the specified Attribute. The clientData parameter that you pass in the parameter block will be passed to 'eachObject'. You are free to put anything in clientData - it is intended to allow you some way to match the call-back to the original call (example: for; you make more then one aysynchronous GetAttributeAccessControlGet calls and you want to associate returned results in some way). The client should return FALSE from 'eachObject' to continue processing of the GetAttributeAccessControlParse request. Returning TRUE will terminate the GetAttributeAccessControlParse request. For synchronous calls, the call-back routine actually runs as part of the same thread of execution as the thread that made the GetAttributeAccessControlParse call. That means that the same low-memory globals, A5, stack, etc. are in effect during the call-back that were in effect when the call was made. Because of this, the call-back routine has the same restrictions as the caller of GetAttributeAccessControlParse: if GetAttributeAccessControlParse was not called from interrupt level, then the call- back routine can allocate memory. For asynchronous calls, call-back routine is like a ioCompletion except that A5 will be preserved for the application. } DirGetAttributeAccessControlParsePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; aRecord: RecordIDPtr; { -> RecordID to which access control list is sought list is sought } aType: AttributeTypePtr; { -> Attribute Type to which access controls are sought } cReserved: LONGINT; { -- unused } dReserved: LONGINT; { -- unused } eachObject: ForEachAttributeAccessControl; { --> } forCurrentUserOnly: BOOLEAN; { --> } startingPoint: ^DSSpec; { --> starting Point } includeStartingPoint: BOOLEAN; { -> if true return the record specified in starting point } getBuffer: Ptr; { -> } getBufferSize: LONGINT; { -> } END; { MapPathNameToDNodeNumber: This call maps a given PathName within a directory to its DNodeNumber. } DirMapPathNameToDNodeNumberPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; directoryName: DirectoryNamePtr; { --> directory name } discriminator: DirDiscriminator; { --> discriminator } dNodeNumber: DNodeNum; { <-- dNodenumber to the path } path: PackedPathNamePtr; { --> Path Name to be mapped } END; { PathName in the path field will be mapped to the cooresponding dNodeNumber and returned in the DNodeNumber field. directoryName and descriminator Fields are ignored. DSRefNum is used to identify the directory. } { MapDNodeNumberToPathName: This call will map a given DNodeNumber with in a directory to the corresponding PathName. } DirMapDNodeNumberToPathNamePB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; directoryName: DirectoryNamePtr; { --> directory name } discriminator: DirDiscriminator; { --> discriminator } dNodeNumber: DNodeNum; { --> dNodenumber to be mapped } path: PackedPathNamePtr; { <-- Packed Path Name returned } lengthOfPathName: INTEGER; { --> length of packed pathName structure} END; { dNodeNumber in the DNodeNumber field will be mapped to the cooresponding pathName and returned in the PackedPathName field. lengthOfPathName is to be set the length of pathName structure. If length of PackedPathName is larger then the lengthOfPathName, kOCEMoreData OSErr will be returned. } { GetLocalNetworkSpec: This call will return the Local NetworkSpec. Client should supply an RString big enough to hold the NetworkSpec. } DirGetLocalNetworkSpecPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; directoryName: DirectoryNamePtr; { --> directory name } discriminator: DirDiscriminator; { --> discriminator } networkSpec: NetworkSpecPtr; { <-- NetworkSpec } END; { PathName in the path field must be set to nil. internetName should be large enough to hold the internetName. InterNetname returned indicates path finder's local internet (configured by administrator). } { GetDNodeInfo: This call will return the information (internetName and descriptor) for the given RLI of a DNode. } DirGetDNodeInfoPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; pRLI: PackedRLIPtr; { --> packed RLI whose info is requested } descriptor: DirNodeKind; { <-- dNode descriptor } networkSpec: NetworkSpecPtr; { <-- cluster's networkSpec if kIsCluster } END; { If DnodeNumber is set to a non zero value, path should be set to nil. if DnodeNumber is set to zero, pathName should point to a packed path name. internetName should be large enough to hold the internetName. (If the internetName is same as the one got by GetLocalInternetName call, it indicates cluster is reachable without forwarders, --> Tell me if I am wrong) } { DirCreatePersonalDirectory: A new personal directory can be created by specifying an FSSpec for the file. If a file already exists dupFNErr will be returned. This call is supported 'synchronous' mode only. } DirCreatePersonalDirectoryPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; fsSpec: FSSpecPtr; { --> FSSpec for the PersonalDirectory } fdType: OSType; { --> file type for the PersonalDirectory } fdCreator: OSType; { --> file creator for the PersonalDirectory } END; { DirOpenPersonalDirectory: An existing personal directory can be opened using this call. User can specify the personal directory by FSSpec for the AddressBook file. 'accessRequested' field specifies open permissions. 'fsRdPerm' & 'fsRdWrPerm' are the only accepted open modes for the address book. When the call completes successfully, a dsRefNum will be returned. The 'dsRefNum' field is in the DSParamBlockHeader. In addittion 'accessGranted' indicates actual permission with personal directory is opened and 'features' indicate the capabilty flags associated with the personal directory. This call is supported 'synchronous' mode only. } DirOpenPersonalDirectoryPB = PACKED RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; fsSpec: FSSpecPtr; { --> Open an existing PersonalDirectory } accessRequested: CHAR; { --> Open: permissions Requested(byte)} accessGranted: CHAR; { <-- Open: permissions (byte) (Granted)} features: DirGestalt; { <-- features for PersonalDirectory } END; { DirClosePersonalDirectory: This call lets a client close AddressBook opened by DirOpenPersonalDirectory. The PersonalDirectory specified by the 'dsRefNum' will be closed. This call is supported 'synchronous' mode only. } DirClosePersonalDirectoryPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; END; { DirMakePersonalDirectoryRLI: With this call a client can make an RLI for an PersonalDirectory opened by DirOpenPersonalDirectory Call. A packed RLI is created for the PersonalDirectory specified by the 'dsRefNum'. If a client has a need to make the AddressBook reference to persistent acrross boots it should make use of this call. In the current implementaion PackedRLI has an embeeded System7.0 'alias'. If in later time If client has a need to make reference to the AddressBook, it must use ADAPLibrary call 'DUExtractAlias' and resole the 'alias' to 'FSSpec' and make DirOpenPersonalDirectory call to get a 'dsRefNum'. 'fromFSSpec' FSPecPtr from which relative alias to be created. If nil, absolute alias is created. 'pRLIBufferSize' indicates the size of buffer pointed by 'pRLI' 'pRLISize' indicates the actual length of 'pRLI'. If the call fails with 'kOCEMoreData' error a client can reissue this call with a larger buffer of this length. 'pRLI' is pointer to the buffer in which 'PackedRLI' is returned. This call is supported in 'synchronous' mode only. } DirMakePersonalDirectoryRLIPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; fromFSSpec: FSSpecPtr; { --> FSSpec for creating relative alia } pRLIBufferSize: INTEGER; { --> Length of 'pRLI' buffer } pRLISize: INTEGER; { <-- Length of actual 'pRLI' } pRLI: PackedRLIPtr; { <-- pRLI for the specified AddressBook } END; {**************************************************************************** The calls described below apply only for DSAM Drivers: The following three calls provide capability to Install/Remove a DSAM at RunTime. DirAddDSAM DirRemoveDSAM DirInstantiateDSAM The following two calls provide capability to Install/Remove a DSAM Directory at RunTime. DirAddDSAMDirectory DirRemoveDirectory DirGetDirectoryIcon call is used by clients to get any special icon associated with a DSAM directory. ****************************************************************************} { DirAddDSAM: This call can be used to inorm the availability of a DSAM file after discovering the DSAM file. dsamName -> is generic DSAM name e.g. Untitled X.500 directory dsamSignature -> could be generic DSAM kind e.g. 'X500'. fsSpec -> is the FileSpec for the file containing DSAM resources. If the call is successfull 'DSAMRecordCID' will be returned. If the call returns 'daDSAMRecordCIDExists', record was already there and 'dsamRecordCID' will be returned. This call can be done only in synchronous mode. } DirAddDSAMPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; dsamRecordCID: CreationID; { <-- CreationID for the DSAM record } dsamName: RStringPtr; { --> DSAM name } dsamKind: OCEDirectoryKind; { --> DSAM kind } fsSpec: FSSpecPtr; { --> FSSpec for the file containing DSAM } END; { DirInstantiateDSAM: This call should be used by the DSAM driver in response Driver Open call to indicate the toolbox about the availability of the DSAM. dsamName -> is generic DSAM name e.g. Untitled X.500 directory dsamKind -> could be generic DSAM kind e.g. 'X500'. dsamData -> pointer to private DSAMData. This will be paased back to the DSAM when the DSAM functions (DSAMDirProc, DSAMDirParseProc, DSAMAuthProc) are called. DSAM should already be setup using DirAddDSAM call. DSAMDirProc -> This procedure will be called when any directory service call intended for the DSAM (other then parse calls) DSAMDirParseProc -> This procedure will be called when any of the parse calls are called. DSAMAuthProc -> This procedure will be called when any of the Authentication Calls are made to the DSAM. If the DSAM does not support authentication, this can be nil. This call can be done only in synchronous mode. } DirInstantiateDSAMPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; dsamName: RStringPtr; { --> dsamName name } dsamKind: OCEDirectoryKind; { --> DSAMKind } dsamData: Ptr; { --> dsamData } dsamDirProc: ProcPtr; { --> of type DSAMDirProc: for directory service calls } dsamDirParseProc: ProcPtr; { --> of type DSAMDirParseProc: for directory service parse calls } dsamAuthProc: ProcPtr; { --> of type DSAMAuthProc: for authetication service calls } END; { DirRemoveDSAM: This call can be used to remove a DSAM file from the OCE Setup. dsamRecordCID -> is the creationID of the DSAM record. This call can be made only in synchronous mode. } DirRemoveDSAMPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; dsamRecordCID: CreationID; { <-- CreationID for the DSAM record } END; { DirAddDSAMDirectory: This call can be used to inorm the availability of a DSAM directory. dsamRecordCID -> recordID for the DSAM serving this directory directoryName -> name of the directory discriminator -> discriminator for the directory directoryRecordCID -> If the call is successful, creationID for the record will be returned. } DirAddDSAMDirectoryPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; dsamRecordCID: CreationID; { --> CreationID for the DSAM record } directoryName: DirectoryNamePtr; { --> directory name } discriminator: DirDiscriminator; { --> dir discriminator } features: DirGestalt; { --> capabilty flags for the directory } directoryRecordCID: CreationID; { <-- creationID for the directory record } END; { DirRemoveDirectory: This call can be used to inform the toolbox that directory specified by 'directoryRecordCID' } DirRemoveDirectoryPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; directoryRecordCID: CreationID; { --> creationID for the directory record } END; { DSGetExtendedDirectoriesInfo:: This call can be used to get the information of various foreign directories supported. Typically a DE Template may make this call to create a Address template or a Gateway may make this call to findout directory name space in which MSAM may would support. Client will supply a buffer pointed by 'bufferPtr' of size 'bufferLength'. When the call completes with 'daMoreData' error, client can examine 'totalEntries' returned and reissue the call with increaing buffer. Toolbox will findout the private information of each of the Foreign Directories by polling DSAM's, Gateways, and MnMServers. The Information returned for each directory will be packed in the format: EachDirectoryData = RECORD pRLI: PackedRLIPtr; / packed RLI for the directory entnType: OSType; / Entn Type hasMailSlot: LONGINT; / If this directory has mail slot this will be 1 otherwise zero RealName: ProtoRString; / Packed RString for Real Name (padded to even boundary) comment: ProtoRString; / Packed RString holding any comment for Display (padded to even boundary) length: LONGINT; / data length data CHAR[1..length]; / data padded to even boundary END; myData = RECORD data: EacDirectoryData [1..numberOfEntries]; / data packed in the above format END; } DirGetExtendedDirectoriesInfoPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; buffer: Ptr; { --> Pointer to a buufer where data will be returned } bufferSize: LONGINT; { --> Length of the buffer, Length of actual data will be returned here } totalEntries: LONGINT; { <-- Total Number of Directories found } actualEntries: LONGINT; { <-- Total Number of Directories entries returned } END; { DirGetDirectoryIconPB: With this call a client can find out about the icons supported by the Directory. Both ADAP and PersonalDirectory will not support this call for now. A DSAM can support a call so that DE Extension can use this call to find appropriate Icons. } DirGetDirectoryIconPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; pRLI: PackedRLIPtr; { --> packed RLI for the directory } iconType: OSType; { --> Type of Icon requested } iconBuffer: Ptr; { --> Buffer to hold Icon Data } END; { DirGetOCESetupRefNum: This call will return 'dsRefnum' for the OCE Setup PersonalDirectory and oceSetupRecordCID for the oceSetup Record. Clients interested in manipulating OCE Setup PersonalDirectory directly should make this call to get 'dsRefNum'. 'dsRefNum' will be returned in the standard field in the AuthDirParamHeader. } DirGetOCESetupRefNumPB = RECORD qLink: Ptr; reserved1: LONGINT; reserved2: LONGINT; ioCompletion: ProcPtr; ioResult: OSErr; saveA5: LONGINT; reqCode: INTEGER; reserved: ARRAY[1..2] OF LONGINT; serverHint: AddrBlock; dsRefNum: INTEGER; callID: LONGINT; identity: AuthIdentity; gReserved1: LONGINT; gReserved2: LONGINT; gReserved3: LONGINT; clientData: LONGINT; oceSetupRecordCID: CreationID; { --> creationID for the directory record } END; {***************************************************************************} { Directory and Authentication control blocks and operation definitions } AuthParamBlock = RECORD CASE INTEGER OF 1: (header: AuthDirParamHeader); 2: (bindIdentityPB: AuthBindSpecificIdentityPB); 3: (unbindIdentityPB: AuthUnbindSpecificIdentityPB); 4: (resolveCreationIDPB: AuthResolveCreationIDPB); 5: (getIdentityInfoPB: AuthGetSpecificIdentityInfoPB); 6: (addKeyPB: AuthAddKeyPB); 7: (changeKeyPB: AuthChangeKeyPB); 8: (deleteKeyPB: AuthDeleteKeyPB); 9: (passwordToKeyPB: AuthPasswordToKeyPB); 10: (getCredentialsPB: AuthGetCredentialsPB); 11: (decryptCredentialsPB: AuthDecryptCredentialsPB); 12: (makeChallengePB: AuthMakeChallengePB); 13: (makeReplyPB: AuthMakeReplyPB); 14: (verifyReplyPB: AuthVerifyReplyPB); 15: (getUTCTimePB: AuthGetUTCTimePB); 16: (makeProxyPB: AuthMakeProxyPB); 17: (tradeProxyForCredentialsPB: AuthTradeProxyForCredentialsPB); 18: (getLocalIdentityPB: AuthGetLocalIdentityPB); 19: (unLockLocalIdentityPB: AuthUnlockLocalIdentityPB); 20: (lockLocalIdentityPB: AuthLockLocalIdentityPB); 21: (localIdentityQInstallPB: AuthAddToLocalIdentityQueuePB); 22: (localIdentityQRemovePB: AuthRemoveFromLocalIdentityQueuePB); 23: (setupLocalIdentityPB: AuthSetupLocalIdentityPB); 24: (changeLocalIdentityPB: AuthChangeLocalIdentityPB); 25: (removeLocalIdentityPB: AuthRemoveLocalIdentityPB); 26: (setupDirectoryIdentityPB: OCESetupAddDirectoryInfoPB); 27: (changeDirectoryIdentityPB: OCESetupChangeDirectoryInfoPB); 28: (removeDirectoryIdentityPB: OCESetupRemoveDirectoryInfoPB); 29: (getDirectoryIdentityInfoPB: OCESetupGetDirectoryInfoPB); END; AuthParamBlockPtr = ^AuthParamBlock; DirParamBlock = RECORD CASE INTEGER OF 1: (header: AuthDirParamHeader); 2: (addRecordPB: DirAddRecordPB); 3: (deleteRecordPB: DirDeleteRecordPB); 4: (enumerateGetPB: DirEnumerateGetPB); 5: (enumerateParsePB: DirEnumerateParsePB); 6: (lookupGetPB: DirLookupGetPB); 7: (lookupParsePB: DirLookupParsePB); 8: (addAttributeValuePB: DirAddAttributeValuePB); 9: (deleteAttributeTypePB: DirDeleteAttributeTypePB); 10: (deleteAttributeValuePB: DirDeleteAttributeValuePB); 11: (changeAttributeValuePB: DirChangeAttributeValuePB); 12: (verifyAttributeValuePB: DirVerifyAttributeValuePB); 13: (findValuePB: DirFindValuePB); 14: (enumeratePseudonymGetPB: DirEnumeratePseudonymGetPB); 15: (enumeratePseudonymParsePB: DirEnumeratePseudonymParsePB); 16: (addPseudonymPB: DirAddPseudonymPB); 17: (deletePseudonymPB: DirDeletePseudonymPB); 18: (addAliasPB: DirAddAliasPB); 19: (enumerateAttributeTypesGetPB: DirEnumerateAttributeTypesGetPB); 20: (enumerateAttributeTypesParsePB: DirEnumerateAttributeTypesParsePB); 21: (getNameAndTypePB: DirGetNameAndTypePB); 22: (setNameAndTypePB: DirSetNameAndTypePB); 23: (getRecordMetaInfoPB: DirGetRecordMetaInfoPB); 24: (getDNodeMetaInfoPB: DirGetDNodeMetaInfoPB); 25: (getDirectoryInfoPB: DirGetDirectoryInfoPB); 26: (getDNodeAccessControlPB: DirSetDNodeAccessControlPB); 27: (getDNodeAccessControlGetPB: DirGetDNodeAccessControlGetPB); 28: (getDNodeAccessControlParsePB: DirGetDNodeAccessControlParsePB); 29: (setRecordAccessControlPB: DirSetRecordAccessControlPB); 30: (getRecordAccessControlGetPB: DirGetRecordAccessControlGetPB); 31: (getRecordAccessControlParsePB: DirGetRecordAccessControlParsePB); 32: (getAttributeAccessControlPB: DirSetAttributeAccessControlPB); 33: (getAttributeAccessControlGetPB: DirGetAttributeAccessControlGetPB); 34: (getAttributeAccessControlParsePB: DirGetAttributeAccessControlParsePB); 35: (enumerateDirectoriesGetPB: DirEnumerateDirectoriesGetPB); 36: (enumerateDirectoriesParsePB: DirEnumerateDirectoriesParsePB); 37: (addADAPDirectoryPB: DirAddADAPDirectoryPB); 38: (removeDirectoryPB: DirRemoveDirectoryPB); 39: (netSearchADAPDirectoriesGetPB: DirNetSearchADAPDirectoriesGetPB); 40: (netSearchADAPDirectoriesParsePB: DirNetSearchADAPDirectoriesParsePB); 41: (findADAPDirectoryByNetSearchPB: DirFindADAPDirectoryByNetSearchPB); 42: (mapDNodeNumberToPathNamePB: DirMapDNodeNumberToPathNamePB); 43: (mapPathNameToDNodeNumberPB: DirMapPathNameToDNodeNumberPB); 44: (getLocalNetworkSpecPB: DirGetLocalNetworkSpecPB); 45: (getDNodeInfoPB: DirGetDNodeInfoPB); { Calls For PersonalDirectoryies } 46: (createPersonalDirectoryPB: DirCreatePersonalDirectoryPB); 47: (openPersonalDirectoryPB: DirOpenPersonalDirectoryPB); 48: (closePersonalDirectoryPB: DirClosePersonalDirectoryPB); 49: (makePersonalDirectoryRLIPB: DirMakePersonalDirectoryRLIPB); { Calls For DSAM's } 50: (addDSAMPB: DirAddDSAMPB); 51: (instantiateDSAMPB: DirInstantiateDSAMPB); 52: (removeDSAMPB: DirRemoveDSAMPB); 53: (addDSAMDirectoryPB: DirAddDSAMDirectoryPB); 54: (getExtendedDirectoriesInfoPB: DirGetExtendedDirectoriesInfoPB); 55: (getDirectoryIconPB: DirGetDirectoryIconPB); { Call to dsRefNum for System(Setup: OCE) PersonalDirectory } 56: (dirGetOCESetupRefNumPB: DirGetOCESetupRefNumPB); { Abort a aysnchronous call } 57: (abortPB: DirAbortPB); END; DirParamBlockPtr = ^DirParamBlock; DSAMDirProc = ProcPtr; { FUNCTION DSAMDirProc( dsamData: Ptr; paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr;} DSAMDirParseProc = ProcPtr; { FUNCTION DSAMDirParseProc( dsamData: Ptr; paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr;} DSAMAuthProc = ProcPtr; { FUNCTION DSAMAuthProc( dsamData: Ptr; pb: AuthParamBlockPtr; async: BOOLEAN): OSErr;} {***********************************************************} { These are the selector values used after the trap dispatch to determine just what call the client made to my toolbox. These bear no relationship to the procedure numbers used in the client-to-server protocol. } { Note: $21C, $21D are used internally } CONST kAuthBindSpecificIdentity = $200; kAuthUnbindSpecificIdentity = $201; kAuthResolveCreationID = $202; kAuthGetSpecificIdentityInfo = $203; kAuthGetLocalIdentity = $204; kAuthAddToLocalIdentityQueue = $205; kAuthRemoveFromLocalIdentityQueue = $206; kAuthAddKey = $207; kAuthChangeKey = $208; kAuthDeleteKey = $209; kAuthPasswordToKey = $20A; kAuthGetCredentials = $20B; kAuthDecryptCredentials = $20C; kOCESetupRemoveDirectoryInfo = $20D; kOCESetupGetDirectoryInfo = $20E; kAuthMakeChallenge = $20F; kAuthMakeReply = $210; kAuthVerifyReply = $211; kAuthMakeProxy = $212; kAuthTradeProxyForCredentials = $213; kAuthUnlockLocalIdentity = $214; kAuthLockLocalIdentity = $215; kAuthSetupLocalIdentity = $216; kAuthChangeLocalIdentity = $217; kAuthRemoveLocalIdentity = $218; kOCESetupAddDirectoryInfo = $219; kAuthGetUTCTime = $21A; kOCESetupChangeDirectoryInfo = $21B; { $100 is used as private command } kDirEnumerateParse = $101; kDirLookupParse = $102; kDirEnumerateAttributeTypesParse = $103; kDirEnumeratePseudonymParse = $104; kDirNetSearchADAPDirectoriesParse = $105; kDirEnumerateDirectoriesParse = $106; kDirFindADAPDirectoryByNetSearch = $107; kDirNetSearchADAPDirectoriesGet = $108; kDirAddRecord = $109; kDirDeleteRecord = $10A; kDirAddAttributeValue = $10B; kDirDeleteAttributeValue = $10C; kDirChangeAttributeValue = $10D; kDirVerifyAttributeValue = $10E; kDirAddPseudonym = $10F; kDirDeletePseudonym = $110; kDirEnumerateGet = $111; kDirEnumerateAttributeTypesGet = $112; kDirEnumeratePseudonymGet = $113; kDirGetNameAndType = $114; kDirSetNameAndType = $115; kDirGetRecordMetaInfo = $116; kDirLookupGet = $117; kDirGetDNodeMetaInfo = $118; kDirGetDirectoryInfo = $119; kDirEnumerateDirectoriesGet = $11A; kDirAbort = $11B; kDirAddAlias = $11C; kDirAddDSAM = $11D; kDirOpenPersonalDirectory = $11E; kDirCreatePersonalDirectory = $11F; kDirRemoveDSAM = $120; kDirGetDirectoryIcon = $121; kDirMapPathNameToDNodeNumber = $122; kDirMapDNodeNumberToPathName = $123; kDirGetLocalNetworkSpec = $124; kDirGetDNodeInfo = $125; kDirFindValue = $126; kDirInstantiateDSAM = $127; kDirGetOCESetupRefNum = $128; kDirSetDNodeAccessControl = $129; kDirGetDNodeAccessControlGet = $12A; kDirSetRecordAccessControl = $12B; kDirGetRecordAccessControlGet = $12C; kDirSetAttributeAccessControl = $12D; kDirGetAttributeAccessControlGet = $12E; kDirGetDNodeAccessControlParse = $12F; kDirDeleteAttributeType = $130; kDirClosePersonalDirectory = $131; kDirMakePersonalDirectoryRLI = $132; kDirAddDSAMDirectory = $133; kDirGetRecordAccessControlParse = $134; kDirRemoveDirectory = $135; kDirGetExtendedDirectoriesInfo = $136; kDirAddADAPDirectory = $137; kDirGetAttributeAccessControlParse = $138; FUNCTION AuthBindSpecificIdentity(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthBindSpecificIdentity, _oceTBDispatch; FUNCTION AuthUnbindSpecificIdentity(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthUnbindSpecificIdentity, _oceTBDispatch; FUNCTION AuthResolveCreationID(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthResolveCreationID, _oceTBDispatch; FUNCTION AuthGetSpecificIdentityInfo(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthGetSpecificIdentityInfo, _oceTBDispatch; FUNCTION AuthAddKey(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthAddKey, _oceTBDispatch; FUNCTION AuthChangeKey(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthChangeKey, _oceTBDispatch; FUNCTION AuthDeleteKey(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthDeleteKey, _oceTBDispatch; FUNCTION AuthPasswordToKey(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthPasswordToKey, _oceTBDispatch; FUNCTION AuthGetCredentials(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthGetCredentials, _oceTBDispatch; FUNCTION AuthDecryptCredentials(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthDecryptCredentials, _oceTBDispatch; FUNCTION AuthMakeChallenge(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthMakeChallenge, _oceTBDispatch; FUNCTION AuthMakeReply(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthMakeReply, _oceTBDispatch; FUNCTION AuthVerifyReply(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthVerifyReply, _oceTBDispatch; FUNCTION AuthGetUTCTime(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthGetUTCTime, _oceTBDispatch; FUNCTION AuthMakeProxy(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthMakeProxy, _oceTBDispatch; FUNCTION AuthTradeProxyForCredentials(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthTradeProxyForCredentials, _oceTBDispatch; { Local Identity API } FUNCTION AuthGetLocalIdentity(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthGetLocalIdentity, _oceTBDispatch; FUNCTION AuthUnlockLocalIdentity(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthUnlockLocalIdentity, _oceTBDispatch; FUNCTION AuthLockLocalIdentity(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthLockLocalIdentity, _oceTBDispatch; FUNCTION AuthAddToLocalIdentityQueue(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthAddToLocalIdentityQueue, _oceTBDispatch; FUNCTION AuthRemoveFromLocalIdentityQueue(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthRemoveFromLocalIdentityQueue, _oceTBDispatch; FUNCTION AuthSetupLocalIdentity(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthSetupLocalIdentity, _oceTBDispatch; FUNCTION AuthChangeLocalIdentity(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthChangeLocalIdentity, _oceTBDispatch; FUNCTION AuthRemoveLocalIdentity(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kAuthRemoveLocalIdentity, _oceTBDispatch; FUNCTION OCESetupAddDirectoryInfo(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kOCESetupAddDirectoryInfo, _oceTBDispatch; FUNCTION OCESetupChangeDirectoryInfo(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kOCESetupChangeDirectoryInfo, _oceTBDispatch; FUNCTION OCESetupRemoveDirectoryInfo(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kOCESetupRemoveDirectoryInfo, _oceTBDispatch; FUNCTION OCESetupGetDirectoryInfo(paramBlock: AuthParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kOCESetupGetDirectoryInfo, _oceTBDispatch; FUNCTION DirAddRecord(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirAddRecord, _oceTBDispatch; FUNCTION DirDeleteRecord(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirDeleteRecord, _oceTBDispatch; FUNCTION DirEnumerateGet(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirEnumerateGet, _oceTBDispatch; FUNCTION DirEnumerateParse(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirEnumerateParse, _oceTBDispatch; FUNCTION DirLookupGet(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirLookupGet, _oceTBDispatch; FUNCTION DirLookupParse(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirLookupParse, _oceTBDispatch; FUNCTION DirAddAttributeValue(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirAddAttributeValue, _oceTBDispatch; FUNCTION DirDeleteAttributeValue(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirDeleteAttributeValue, _oceTBDispatch; FUNCTION DirDeleteAttributeType(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirDeleteAttributeType, _oceTBDispatch; FUNCTION DirChangeAttributeValue(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirChangeAttributeValue, _oceTBDispatch; FUNCTION DirVerifyAttributeValue(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirVerifyAttributeValue, _oceTBDispatch; FUNCTION DirFindValue(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirFindValue, _oceTBDispatch; FUNCTION DirEnumerateAttributeTypesGet(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirEnumerateAttributeTypesGet, _oceTBDispatch; FUNCTION DirEnumerateAttributeTypesParse(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirEnumerateAttributeTypesParse, _oceTBDispatch; FUNCTION DirAddPseudonym(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirAddPseudonym, _oceTBDispatch; FUNCTION DirDeletePseudonym(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirDeletePseudonym, _oceTBDispatch; FUNCTION DirAddAlias(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirAddAlias, _oceTBDispatch; FUNCTION DirEnumeratePseudonymGet(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirEnumeratePseudonymGet, _oceTBDispatch; FUNCTION DirEnumeratePseudonymParse(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirEnumeratePseudonymParse, _oceTBDispatch; FUNCTION DirGetNameAndType(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirGetNameAndType, _oceTBDispatch; FUNCTION DirSetNameAndType(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirSetNameAndType, _oceTBDispatch; FUNCTION DirGetRecordMetaInfo(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirGetRecordMetaInfo, _oceTBDispatch; FUNCTION DirGetDNodeMetaInfo(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirGetDNodeMetaInfo, _oceTBDispatch; FUNCTION DirGetDirectoryInfo(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirGetDirectoryInfo, _oceTBDispatch; FUNCTION DirSetDNodeAccessControl(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirSetDNodeAccessControl, _oceTBDispatch; FUNCTION DirGetDNodeAccessControlGet(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirGetDNodeAccessControlGet, _oceTBDispatch; FUNCTION DirGetDNodeAccessControlParse(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirGetDNodeAccessControlParse, _oceTBDispatch; FUNCTION DirSetRecordAccessControl(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirSetRecordAccessControl, _oceTBDispatch; FUNCTION DirGetRecordAccessControlGet(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirGetRecordAccessControlGet, _oceTBDispatch; FUNCTION DirGetRecordAccessControlParse(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirGetRecordAccessControlParse, _oceTBDispatch; FUNCTION DirGetAttributeAccessControlGet(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirGetAttributeAccessControlGet, _oceTBDispatch; FUNCTION DirGetAttributeAccessControlParse(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirGetAttributeAccessControlParse, _oceTBDispatch; FUNCTION DirSetAttributeAccessControl(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirSetAttributeAccessControl, _oceTBDispatch; FUNCTION DirEnumerateDirectoriesGet(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirEnumerateDirectoriesGet, _oceTBDispatch; FUNCTION DirEnumerateDirectoriesParse(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirEnumerateDirectoriesParse, _oceTBDispatch; FUNCTION DirMapPathNameToDNodeNumber(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirMapPathNameToDNodeNumber, _oceTBDispatch; FUNCTION DirMapDNodeNumberToPathName(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirMapDNodeNumberToPathName, _oceTBDispatch; FUNCTION DirGetLocalNetworkSpec(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirGetLocalNetworkSpec, _oceTBDispatch; FUNCTION DirGetDNodeInfo(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirGetDNodeInfo, _oceTBDispatch; { Trap Dispatchers for Personal Address Book and DSAM Extensions } FUNCTION DirCreatePersonalDirectory(paramBlock: DirParamBlockPtr): OSErr; INLINE $7000, $1f00, $3F3C, kDirCreatePersonalDirectory, _oceTBDispatch; FUNCTION DirOpenPersonalDirectory(paramBlock: DirParamBlockPtr): OSErr; INLINE $7000, $1f00, $3F3C, kDirOpenPersonalDirectory, _oceTBDispatch; FUNCTION DirClosePersonalDirectory(paramBlock: DirParamBlockPtr): OSErr; INLINE $7000, $1f00, $3F3C, kDirClosePersonalDirectory, _oceTBDispatch; FUNCTION DirMakePersonalDirectoryRLI(paramBlock: DirParamBlockPtr): OSErr; INLINE $7000, $1f00, $3F3C, kDirMakePersonalDirectoryRLI, _oceTBDispatch; FUNCTION DirAddDSAM(paramBlock: DirParamBlockPtr): OSErr; INLINE $7000, $1f00, $3F3C, kDirAddDSAM, _oceTBDispatch; FUNCTION DirInstantiateDSAM(paramBlock: DirParamBlockPtr): OSErr; INLINE $7000, $1f00, $3F3C, kDirInstantiateDSAM, _oceTBDispatch; FUNCTION DirRemoveDSAM(paramBlock: DirParamBlockPtr): OSErr; INLINE $7000, $1f00, $3F3C, kDirRemoveDSAM, _oceTBDispatch; FUNCTION DirAddDSAMDirectory(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirAddDSAMDirectory, _oceTBDispatch; FUNCTION DirGetExtendedDirectoriesInfo(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirGetExtendedDirectoriesInfo, _oceTBDispatch; FUNCTION DirGetDirectoryIcon(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirGetDirectoryIcon, _oceTBDispatch; FUNCTION DirAddADAPDirectory(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirAddADAPDirectory, _oceTBDispatch; FUNCTION DirRemoveDirectory(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirRemoveDirectory, _oceTBDispatch; FUNCTION DirNetSearchADAPDirectoriesGet(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirNetSearchADAPDirectoriesGet, _oceTBDispatch; FUNCTION DirNetSearchADAPDirectoriesParse(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirNetSearchADAPDirectoriesParse, _oceTBDispatch; FUNCTION DirFindADAPDirectoryByNetSearch(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirFindADAPDirectoryByNetSearch, _oceTBDispatch; FUNCTION DirGetOCESetupRefNum(paramBlock: DirParamBlockPtr; async: BOOLEAN): OSErr; INLINE $3F3C, kDirGetOCESetupRefNum, _oceTBDispatch; FUNCTION DirAbort(paramBlock: DirParamBlockPtr): OSErr; INLINE $7000, $1f00, $3F3C, kDirAbort, _oceTBDispatch; {$ENDC} { UsingOCEAuthDir } {$IFC NOT UsingIncludes} END. {$ENDC} 
