2 * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
3 * Copyright (C) 2003-2012 Match Grun and the Claws Mail team
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 3 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
21 * Functions for LDAP control data.
26 #include "claws-features.h"
37 #include "passcrypt.h"
38 #include "editaddress_other_attributes_ldap.h"
39 #include "common/utils.h"
40 #include "common/quoted-printable.h"
43 * Create new LDAP control block object.
44 * \return Initialized control object.
46 LdapControl *ldapctl_create( void ) {
49 ctl = g_new0( LdapControl, 1 );
51 ctl->port = LDAPCTL_DFL_PORT;
55 ctl->listCriteria = NULL;
56 ctl->attribEMail = g_strdup( LDAPCTL_ATTR_EMAIL );
57 ctl->attribCName = g_strdup( LDAPCTL_ATTR_COMMONNAME );
58 ctl->attribFName = g_strdup( LDAPCTL_ATTR_GIVENNAME );
59 ctl->attribLName = g_strdup( LDAPCTL_ATTR_SURNAME );
60 ctl->attribDName = g_strdup( LDAPCTL_ATTR_DISPLAYNAME );
61 ctl->maxEntries = LDAPCTL_MAX_ENTRIES;
62 ctl->timeOut = LDAPCTL_DFL_TIMEOUT;
63 ctl->maxQueryAge = LDAPCTL_DFL_QUERY_AGE;
64 ctl->matchingOption = LDAPCTL_MATCH_BEGINWITH;
66 ctl->enableTLS = FALSE;
67 ctl->enableSSL = FALSE;
69 /* Mutex to protect control block */
70 ctl->mutexCtl = g_malloc0( sizeof( pthread_mutex_t ) );
71 pthread_mutex_init( ctl->mutexCtl, NULL );
77 * Specify hostname to be used.
78 * \param ctl Control object to process.
79 * \param value Host name.
81 void ldapctl_set_host( LdapControl* ctl, const gchar *value ) {
82 ctl->hostName = mgu_replace_string( ctl->hostName, value );
84 if ( ctl->hostName == NULL )
87 g_strstrip( ctl->hostName );
88 debug_print("setting hostname: %s\n", ctl->hostName);
92 * Specify port to be used.
93 * \param ctl Control object to process.
96 void ldapctl_set_port( LdapControl* ctl, const gint value ) {
101 ctl->port = LDAPCTL_DFL_PORT;
103 debug_print("setting port: %d\n", ctl->port);
107 * Specify base DN to be used.
108 * \param ctl Control object to process.
109 * \param value Base DN.
111 void ldapctl_set_base_dn( LdapControl* ctl, const gchar *value ) {
112 ctl->baseDN = mgu_replace_string( ctl->baseDN, value );
114 if ( ctl->baseDN == NULL )
117 g_strstrip( ctl->baseDN );
118 debug_print("setting baseDN: %s\n", ctl->baseDN);
122 * Specify bind DN to be used.
123 * \param ctl Control object to process.
124 * \param value Bind DN.
126 void ldapctl_set_bind_dn( LdapControl* ctl, const gchar *value ) {
127 ctl->bindDN = mgu_replace_string( ctl->bindDN, value );
129 if ( ctl->bindDN == NULL )
132 g_strstrip( ctl->bindDN );
133 debug_print("setting bindDN: %s\n", ctl->bindDN);
137 * Specify bind password to be used.
138 * \param ctl Control object to process.
139 * \param value Password.
140 * \param encrypt Encrypt password
141 * \param change Save encrypted
143 void ldapctl_set_bind_password(
144 LdapControl* ctl, const gchar *value, gboolean encrypt, gboolean change ) {
147 ctl->bindPass = mgu_replace_string( ctl->bindPass, value );
149 if ( ctl->bindPass == NULL )
152 g_strstrip( ctl->bindPass );
156 /* If first char is not ! the password is not encrypted */
157 if (ctl->bindPass[0] == '!' || change) {
158 if (ctl->bindPass[0] != '!' && change)
159 buf = mgu_replace_string( buf, ctl->bindPass );
161 if (ctl->bindPass[1] != '|')
162 buf = mgu_replace_string( buf, ctl->bindPass + 1 );
164 /* quoted printable decode */
165 buf = mgu_replace_string( buf, ctl->bindPass + 2 );
170 passcrypt_encrypt( buf, strlen(buf) );
171 if (ctl->bindPass[0] != '!' && change) {
172 /* quoted printable encode */
173 tmp = g_malloc0(qp_get_q_encoding_len(buf) + 1);
174 qp_q_encode(tmp, buf);
176 buf = g_strconcat( "!|", tmp, NULL );
180 ctl->bindPass = mgu_replace_string( ctl->bindPass, buf );
185 debug_print("setting bindPassword\n");
189 * Fetch bind password to be used.
190 * \param ctl Control object to process.
191 * \return Decrypted password.
193 gchar* ldapctl_get_bind_password( LdapControl* ctl ) {
194 gchar *pwd = NULL, *buf;
196 if ( ctl->bindPass != NULL ) {
197 pwd = mgu_replace_string( pwd, ctl->bindPass );
198 /* If first char is not ! the password is not encrypted */
199 if (pwd && pwd[0] == '!') {
200 if (pwd[1] && pwd[1] == '|') {
201 buf = g_strdup(pwd + 2);
202 /* quoted printable decode */
206 buf = g_strdup(pwd + 1);
210 passcrypt_decrypt( buf, strlen(buf) );
217 debug_print("getting bindPassword\n");
223 * Specify maximum number of entries to retrieve.
224 * \param ctl Control object to process.
225 * \param value Maximum entries.
227 void ldapctl_set_max_entries( LdapControl* ctl, const gint value ) {
229 ctl->maxEntries = value;
232 ctl->maxEntries = LDAPCTL_MAX_ENTRIES;
234 debug_print("setting maxEntries: %d\n", ctl->maxEntries);
238 * Specify timeout value for LDAP operation (in seconds).
239 * \param ctl Control object to process.
240 * \param value Timeout.
242 void ldapctl_set_timeout( LdapControl* ctl, const gint value ) {
244 ctl->timeOut = value;
247 ctl->timeOut = LDAPCTL_DFL_TIMEOUT;
249 debug_print("setting timeOut: %d\n", ctl->timeOut);
253 * Specify maximum age of query (in seconds) before query is retired.
254 * \param ctl Control object to process.
255 * \param value Maximum age.
257 void ldapctl_set_max_query_age( LdapControl* ctl, const gint value ) {
258 if( value > LDAPCTL_MAX_QUERY_AGE ) {
259 ctl->maxQueryAge = LDAPCTL_MAX_QUERY_AGE;
261 else if( value < 1 ) {
262 ctl->maxQueryAge = LDAPCTL_DFL_QUERY_AGE;
265 ctl->maxQueryAge = value;
267 debug_print("setting maxAge: %d\n", ctl->maxQueryAge);
271 * Specify matching option to be used for searches.
272 * \param ctl Control object to process.
273 * \param value Matching option, as follows:
275 * <li><code>LDAPCTL_MATCH_BEGINWITH</code> for "begins with" search</li>
276 * <li><code>LDAPCTL_MATCH_CONTAINS</code> for "contains" search</li>
279 void ldapctl_set_matching_option( LdapControl* ctl, const gint value ) {
280 if( value < LDAPCTL_MATCH_BEGINWITH ) {
281 ctl->matchingOption = LDAPCTL_MATCH_BEGINWITH;
283 else if( value > LDAPCTL_MATCH_CONTAINS ) {
284 ctl->matchingOption = LDAPCTL_MATCH_BEGINWITH;
287 ctl->matchingOption = value;
289 debug_print("setting matchingOption: %d\n", ctl->matchingOption);
293 * Specify TLS option.
294 * \param ctl Control object to process.
295 * \param value <i>TRUE</i> to enable TLS.
297 void ldapctl_set_tls( LdapControl* ctl, const gboolean value ) {
298 #if (defined USE_LDAP_TLS || defined G_OS_WIN32)
299 ctl->enableTLS = value;
300 debug_print("setting TLS: %d\n", ctl->enableTLS);
304 void ldapctl_set_ssl( LdapControl* ctl, const gboolean value ) {
305 #if (defined USE_LDAP_TLS || defined G_OS_WIN32)
306 ctl->enableSSL = value;
307 debug_print("setting SSL: %d\n", ctl->enableSSL);
312 * Return search criteria list.
313 * \param ctl Control data object.
314 * \return Linked list of character strings containing LDAP attribute names to
315 * use for a search. This should not be modified directly. Use the
316 * <code>ldapctl_set_criteria_list()</code>,
317 * <code>ldapctl_criteria_list_clear()</code> and
318 * <code>ldapctl_criteria_list_add()</code> functions for this purpose.
320 GList *ldapctl_get_criteria_list( const LdapControl* ctl ) {
321 cm_return_val_if_fail( ctl != NULL, NULL );
322 return ctl->listCriteria;
326 * Clear list of LDAP search attributes.
327 * \param ctl Control data object.
329 void ldapctl_criteria_list_clear( LdapControl *ctl ) {
330 cm_return_if_fail( ctl != NULL );
331 mgu_free_dlist( ctl->listCriteria );
332 ctl->listCriteria = NULL;
336 * Add LDAP attribute to criteria list.
337 * \param ctl Control object to process.
338 * \param attr Attribute name to append. If not NULL and unique, a copy will
339 * be appended to the list.
341 void ldapctl_criteria_list_add( LdapControl *ctl, gchar *attr ) {
342 cm_return_if_fail( ctl != NULL );
344 if( mgu_list_test_unq_nc( ctl->listCriteria, attr ) ) {
345 debug_print("adding to criteria list: %s\n", attr);
346 ctl->listCriteria = g_list_append(
347 ctl->listCriteria, g_strdup( attr ) );
353 * Clear LDAP server member variables.
354 * \param ctl Control object to clear.
356 static void ldapctl_clear( LdapControl *ctl ) {
357 cm_return_if_fail( ctl != NULL );
359 debug_print("clearing ldap controller members\n");
360 /* Free internal stuff */
361 g_free( ctl->hostName );
362 g_free( ctl->baseDN );
363 g_free( ctl->bindDN );
364 g_free( ctl->bindPass );
365 g_free( ctl->attribEMail );
366 g_free( ctl->attribCName );
367 g_free( ctl->attribFName );
368 g_free( ctl->attribLName );
369 g_free( ctl->attribDName );
371 ldapctl_criteria_list_clear( ctl );
374 ctl->hostName = NULL;
378 ctl->bindPass = NULL;
379 ctl->attribEMail = NULL;
380 ctl->attribCName = NULL;
381 ctl->attribFName = NULL;
382 ctl->attribLName = NULL;
383 ctl->attribDName = NULL;
386 ctl->maxQueryAge = 0;
387 ctl->matchingOption = LDAPCTL_MATCH_BEGINWITH;
389 ctl->enableTLS = FALSE;
390 ctl->enableSSL = FALSE;
394 * Free up LDAP server interface object by releasing internal memory.
395 * \param ctl Control object to free.
397 void ldapctl_free( LdapControl *ctl ) {
398 cm_return_if_fail( ctl != NULL );
400 debug_print("releasing requested memory for ldap controller\n");
401 /* Free internal stuff */
402 ldapctl_clear( ctl );
405 pthread_mutex_destroy( ctl->mutexCtl );
406 g_free( ctl->mutexCtl );
407 ctl->mutexCtl = NULL;
409 /* Now release LDAP control object */
414 * Display object to specified stream.
415 * \param ctl Control object to process.
416 * \param stream Output stream.
418 void ldapctl_print( const LdapControl *ctl, FILE *stream ) {
419 cm_return_if_fail( ctl != NULL );
422 pthread_mutex_lock( ctl->mutexCtl );
423 fprintf( stream, "LdapControl:\n" );
424 fprintf( stream, "host name: '%s'\n", ctl->hostName?ctl->hostName:"null" );
425 fprintf( stream, " port: %d\n", ctl->port );
426 fprintf( stream, " base dn: '%s'\n", ctl->baseDN?ctl->baseDN:"null" );
427 fprintf( stream, " bind dn: '%s'\n", ctl->bindDN?ctl->bindDN:"null" );
428 pwd = ldapctl_get_bind_password((LdapControl *) ctl);
429 fprintf( stream, "bind pass: '%s'\n", pwd?pwd:"null" );
431 fprintf( stream, "attr mail: '%s'\n", ctl->attribEMail?ctl->attribEMail:"null" );
432 fprintf( stream, "attr comn: '%s'\n", ctl->attribCName?ctl->attribCName:"null" );
433 fprintf( stream, "attr frst: '%s'\n", ctl->attribFName?ctl->attribFName:"null" );
434 fprintf( stream, "attr last: '%s'\n", ctl->attribLName?ctl->attribLName:"null" );
435 fprintf( stream, "attr disn: '%s'\n", ctl->attribDName?ctl->attribDName:"null" );
436 fprintf( stream, "max entry: %d\n", ctl->maxEntries );
437 fprintf( stream, " timeout: %d\n", ctl->timeOut );
438 fprintf( stream, " max age: %d\n", ctl->maxQueryAge );
439 fprintf( stream, "match opt: %d\n", ctl->matchingOption );
440 fprintf( stream, " version: %d\n", ctl->version );
441 fprintf( stream, " TLS: %s\n", ctl->enableTLS ? "yes" : "no" );
442 fprintf( stream, " SSL: %s\n", ctl->enableSSL ? "yes" : "no" );
443 fprintf( stream, "crit list:\n" );
444 if( ctl->listCriteria ) {
445 mgu_print_dlist( ctl->listCriteria, stream );
448 fprintf( stream, "\t!!!none!!!\n" );
450 pthread_mutex_unlock( ctl->mutexCtl );
454 * Copy member variables to specified object. Mutex lock object is
456 * \param ctlFrom Object to copy from.
457 * \param ctlTo Destination object.
459 void ldapctl_copy( const LdapControl *ctlFrom, LdapControl *ctlTo ) {
462 cm_return_if_fail( ctlFrom != NULL );
463 cm_return_if_fail( ctlTo != NULL );
465 debug_print("ldap controller copy\n");
466 /* Lock both objects */
467 pthread_mutex_lock( ctlFrom->mutexCtl );
468 pthread_mutex_lock( ctlTo->mutexCtl );
470 /* Clear our destination */
471 ldapctl_clear( ctlTo );
474 ctlTo->hostName = g_strdup( ctlFrom->hostName );
475 ctlTo->baseDN = g_strdup( ctlFrom->baseDN );
476 ctlTo->bindDN = g_strdup( ctlFrom->bindDN );
477 ctlTo->bindPass = g_strdup( ctlFrom->bindPass );
478 ctlTo->attribEMail = g_strdup( ctlFrom->attribEMail );
479 ctlTo->attribCName = g_strdup( ctlFrom->attribCName );
480 ctlTo->attribFName = g_strdup( ctlFrom->attribFName );
481 ctlTo->attribLName = g_strdup( ctlFrom->attribLName );
482 ctlTo->attribDName = g_strdup( ctlFrom->attribDName );
484 /* Copy search criteria */
485 node = ctlFrom->listCriteria;
487 ctlTo->listCriteria = g_list_append(
488 ctlTo->listCriteria, g_strdup( node->data ) );
489 node = g_list_next( node );
492 /* Copy other members */
493 ctlTo->port = ctlFrom->port;
494 ctlTo->maxEntries = ctlFrom->maxEntries;
495 ctlTo->timeOut = ctlFrom->timeOut;
496 ctlTo->maxQueryAge = ctlFrom->maxQueryAge;
497 ctlTo->matchingOption = ctlFrom->matchingOption;
498 ctlTo->version = ctlFrom->version;
499 ctlTo->enableTLS = ctlFrom->enableTLS;
500 ctlTo->enableSSL = ctlFrom->enableSSL;
503 pthread_mutex_unlock( ctlTo->mutexCtl );
504 pthread_mutex_unlock( ctlFrom->mutexCtl );
508 * Search criteria fragment - two terms - begin with (default).
510 static gchar *_criteria2BeginWith = "(&(givenName=%s*)(sn=%s*))";
513 * Search criteria fragment - two terms - contains.
515 static gchar *_criteria2Contains = "(&(givenName=*%s*)(sn=*%s*))";
518 * Create an LDAP search criteria by parsing specified search term. The search
519 * term may contain two names separated by the first embedded space found in
520 * the search term. It is assumed that the two tokens are first name and last
521 * name, or vice versa. An appropriate search criteria will be constructed.
523 * \param searchTerm Reference to search term to process.
524 * \param matchOption Set to the following:
526 * <li><code>LDAPCTL_MATCH_BEGINWITH</code> for "begins with" search</li>
527 * <li><code>LDAPCTL_MATCH_CONTAINS</code> for "contains" search</li>
530 * \return Formatted search criteria, or <code>NULL</code> if there is no
531 * embedded spaces. The search term should be g_free() when no
534 static gchar *ldapctl_build_ldap_criteria(
535 const gchar *searchTerm, const gint matchOption )
544 if( matchOption == LDAPCTL_MATCH_CONTAINS ) {
545 criteriaFmt = _criteria2Contains;
548 criteriaFmt = _criteria2BeginWith;
551 term = g_strdup( searchTerm );
554 /* Find first space character */
559 t2 = g_strdup( 1 + p );
566 /* Format search criteria */
570 p1 = g_strdup_printf( criteriaFmt, t1, t2 );
571 p2 = g_strdup_printf( criteriaFmt, t2, t1 );
572 crit = g_strdup_printf( "(&(|%s%s)(mail=*))", p1, p2 );
579 debug_print("search criteria: %s\n", crit?crit:"null");
585 * Search criteria fragment - single term - begin with (default).
587 static gchar *_criteriaBeginWith = "(%s=%s*)";
590 * Search criteria fragment - single term - contains.
592 static gchar *_criteriaContains = "(%s=*%s*)";
595 * Build a formatted LDAP search criteria string from criteria list.
596 * \param ctl Control object to process.
597 * \param searchVal Value to search for.
598 * \return Formatted string. Should be g_free() when done.
600 gchar *ldapctl_format_criteria( LdapControl *ctl, const gchar *searchVal ) {
602 gchar *p1, *p2, *retVal;
605 cm_return_val_if_fail( ctl != NULL, NULL );
606 cm_return_val_if_fail( searchVal != NULL, NULL );
608 /* Test whether there are more that one search terms */
609 retVal = ldapctl_build_ldap_criteria( searchVal, ctl->matchingOption );
610 if( retVal ) return retVal;
612 if( ctl->matchingOption == LDAPCTL_MATCH_CONTAINS ) {
613 criteriaFmt = _criteriaContains;
616 criteriaFmt = _criteriaBeginWith;
619 /* No - just a simple search */
620 /* p1 contains previous formatted criteria */
621 /* p2 contains next formatted criteria */
622 retVal = p1 = p2 = NULL;
623 node = ctl->listCriteria;
627 node = g_list_next( node );
629 /* Switch pointers */
630 tmp = p1; p1 = p2; p2 = tmp;
633 /* Subsequent time through */
636 debug_print("crit: %s\n", searchVal);
637 /* fix bug when doing a search any */
638 if (strcmp("*@", searchVal) == 0) {
639 crit = g_strdup_printf( "(%s=*)", attr );
642 /* Format query criteria */
643 crit = g_strdup_printf( criteriaFmt, attr, searchVal );
646 /* Append to existing criteria */
648 p2 = g_strdup_printf( "(|%s%s)", p1, crit );
653 /* First time through - Format query criteria */
654 /* fix bug when doing a search any */
655 if (strcmp("*@", searchVal) == 0) {
656 p2 = g_strdup_printf( "(%s=*)", attr );
659 p2 = g_strdup_printf( criteriaFmt, attr, searchVal );
665 /* Nothing processed - format a default attribute */
666 retVal = g_strdup_printf( "(%s=*)", LDAPCTL_ATTR_EMAIL );
669 /* We have something - free up previous result */
673 debug_print("current search string: %s\n", retVal);
678 * Return array of pointers to attributes for LDAP query.
679 * \param ctl Control object to process.
680 * \return NULL terminated list.
682 char **ldapctl_attribute_array( LdapControl *ctl ) {
686 cm_return_val_if_fail( ctl != NULL, NULL );
688 node = ctl->listCriteria;
689 cnt = g_list_length( ctl->listCriteria );
690 ptrArray = g_new0( char *, 1 + cnt );
693 ptrArray[ i++ ] = node->data;
694 /*debug_print("adding search attribute: %s\n", (gchar *) node->data);*/
695 node = g_list_next( node );
697 ptrArray[ i ] = NULL;
702 * Return array of pointers to attributes for LDAP query.
703 * \param ctl Control object to process.
704 * \return NULL terminated list.
706 char **ldapctl_full_attribute_array( LdapControl *ctl ) {
711 cm_return_val_if_fail( ctl != NULL, NULL );
713 def = ctl->listCriteria;
715 tmp = g_list_append(tmp, g_strdup(def->data));
719 def = ldapctl_get_default_criteria_list();
722 if( g_list_find_custom(tmp, (gpointer)def->data,
723 (GCompareFunc)strcmp2) == NULL) {
724 tmp = g_list_append(tmp, g_strdup(def->data));
730 cnt = g_list_length( tmp );
731 ptrArray = g_new0( char *, 1 + cnt);
734 ptrArray[ i++ ] = node->data;
735 /*debug_print("adding search attribute: %s\n", (gchar *) node->data);*/
736 node = g_list_next( node );
738 ptrArray[ i ] = NULL;
743 * Free array of pointers allocated by ldapctl_criteria_array().
744 * param ptrArray Array to clear.
746 void ldapctl_free_attribute_array( char **ptrArray ) {
749 /* Clear array to NULL's */
750 for( i = 0; ptrArray[i] != NULL; i++ ) {
757 * Parse LDAP search string, building list of LDAP criteria attributes. This
758 * may be used to convert an old style Sylpheed LDAP search criteria to the
759 * new format. The old style uses a standard LDAP search string, for example:
761 * (&(mail=*)(cn=%s*))
763 * This function extracts the two LDAP attributes <code>mail</code> and
764 * <code>cn</code>, adding each to a list.
766 * \param ctl Control object to process.
767 * \param criteria LDAP search criteria string.
769 void ldapctl_parse_ldap_search( LdapControl *ctl, gchar *criteria ) {
775 cm_return_if_fail( ctl != NULL );
777 ldapctl_criteria_list_clear( ctl );
778 if( criteria == NULL ) return;
789 attrib = g_strndup( pFrom, iLen );
790 g_strstrip( attrib );
791 ldapctl_criteria_list_add( ctl, attrib );
801 * Return the default LDAP search criteria string.
802 * \return Formatted string or <i>""</i>. Should be g_free() when done.
804 gchar *ldapctl_get_default_criteria() {
805 gchar *retVal = g_strdup(LDAPCTL_DFL_ATTR_LIST);
806 const gchar **attrs = ATTRIBUTE;
809 gchar *tmp = g_strdup_printf("%s, %s", retVal, *attrs++);
813 debug_print("default search criteria: %s\n", retVal);
818 * Return the default LDAP search criteria list.
819 * \return GList or <i>NULL</i>.
821 GList *ldapctl_get_default_criteria_list() {
822 gchar *criteria, *item;
823 gchar **c_list, **w_list;
824 GList *attr_list = NULL;
826 criteria = ldapctl_get_default_criteria();
827 c_list = g_strsplit(criteria, " ", 0);
831 while ((criteria = *w_list++) != 0) {
832 /* copy string elimination <,> */
834 item = g_strndup(criteria, strlen(criteria) - 1);
836 item = g_strdup(criteria);
837 debug_print("adding attribute to list: %s\n", item);
838 attr_list = g_list_append(attr_list, g_strdup(item));
846 * Compare to GList for equality.
847 * \param l1 First GList
848 * \param l2 Second GList
849 * \Return TRUE or FALSE
851 gboolean ldapctl_compare_list(GList *l1, GList *l2) {
852 gchar *first, *second;
855 if ((! l1 && l2) || (l1 && ! l2))
858 first = (gchar *) l1->data;
859 second = (gchar *) l2->data;
860 /*debug_print("comparing: %s = %s\n", first, second);*/
861 if ( ! (first && second) || strcmp(first, second) != 0) {
864 l1 = g_list_next(l1);
865 l2 = g_list_next(l2);
870 #endif /* USE_LDAP */