Bug 616500 - fix coverity Defect Type: Resource leaks issues

CID 12094 - 12136

https://bugzilla.redhat.com/show_bug.cgi?id=616500

coverity 12125
Comment:
This function (ldapu_certinfo_save) is not used - just get rid of it
Removing unused functions from lib/ldaputil/certmap.c
  ldapu_certinfo_save, ldapu_certinfo_modify, ldapu_certinfo_delete
Also, removing obsolete test codes: lib/ldaputil/utest.

13 files changed, 0 insertions, 2307 deletions

diff --git a/include/ldaputil/ldaputil.h b/include/ldaputil/ldaputil.h
index e9e0fb51..824ad175 100644
--- a/include/ldaputil/ldaputil.h
+++ b/include/ldaputil/ldaputil.h
@@ -116,16 +116,6 @@ NSAPI_PUBLIC extern int ldapu_certmap_init (const char *config_file,
 					    LDAPUCertMapInfo_t
 					    **certmap_default);
 
-NSAPI_PUBLIC extern int ldapu_certinfo_modify (const char *issuerName,
-					       const char *issuerDN,
-					       const LDAPUPropValList_t *propval);
-
-NSAPI_PUBLIC extern int ldapu_certinfo_delete (const char *issuerDN);
-
-NSAPI_PUBLIC extern int ldapu_certinfo_save (const char *fname,
-					     const char *old_fname,
-					     const char *tmp_fname);
-
 NSAPI_PUBLIC extern int ldapu_list_alloc (LDAPUList_t **list);
 NSAPI_PUBLIC extern int ldapu_propval_alloc (const char *prop, const char *val,
 					     LDAPUPropVal_t **propval);
diff --git a/lib/ldaputil/certmap.c b/lib/ldaputil/certmap.c
index 47191ae2..40c3f60e 100644
--- a/lib/ldaputil/certmap.c
+++ b/lib/ldaputil/certmap.c
@@ -1630,60 +1630,6 @@ done:
     return rv;
 }
 
-
-NSAPI_PUBLIC int ldapu_certinfo_modify (const char *issuerName,
-					const char *issuerDN,
-					const LDAPUPropValList_t *propval)
-{
-    LDAPUCertMapInfo_t *certinfo = 0;
-    int rv;
-
-    /* Make sure issuerName & issuerDN are both NULL or are both non-NULL */
-    if (!issuerName || !*issuerName) {
-	/* issuerDN must be NULL */
-	if (issuerDN) return LDAPU_ERR_WRONG_ARGS;
-    }
-    else if (!issuerDN || !*issuerDN) {
-	/* error - issuerName must be NULL but it is not */
-	return LDAPU_ERR_WRONG_ARGS;
-    }
-
-    if (!issuerDN) {
-	/* Modify the default certinfo */
-	certinfo = default_certmap_info;
-    }
-    else {
-	rv = ldapu_issuer_certinfo(issuerDN, (void **)&certinfo);
-
-	if (rv != LDAPU_SUCCESS) {
-	    /* allocate new certinfo & add to the list */
-	    certinfo = (LDAPUCertMapInfo_t *)malloc(sizeof(LDAPUCertMapInfo_t));
-	    if (!certinfo) return LDAPU_ERR_OUT_OF_MEMORY;
-	    memset((void *)certinfo, 0, sizeof(LDAPUCertMapInfo_t));
-
-	    certinfo->issuerName = strdup(issuerName);
-	    certinfo->issuerDN = strdup(issuerDN);
-
-	    if (!certinfo->issuerName || !certinfo->issuerDN)
-		return LDAPU_ERR_OUT_OF_MEMORY;
-	}
-    }
-
-    /* Now modify the certinfo */
-    /* Free the old propval list and add new propval */
-    ldapu_propval_list_free(certinfo->propval);
-
-    if (propval) {
-	rv = ldapu_list_copy (propval, &certinfo->propval, ldapu_propval_copy);
-	if (rv != LDAPU_SUCCESS) return rv;
-    }
-
-    /* process_certinfo processes the info and adds to the certmap_listinfo */
-    process_certinfo(certinfo);
-
-    return LDAPU_SUCCESS;
-}
-
 /* ldapu_propval_same - returns LDAPU_SUCCESS or LDAPU_FAILED */
 static void * ldapu_propval_same (void *info, void *find_arg)
 {
@@ -1697,111 +1643,6 @@ static void * ldapu_propval_same (void *info, void *find_arg)
 	return (void *)LDAPU_FAILED;
 }
 
-NSAPI_PUBLIC int ldapu_certinfo_delete (const char *issuerDN)
-{
-    int rv;
-    LDAPUListNode_t *node;
-
-    if (!issuerDN || !*issuerDN)
-	return LDAPU_ERR_WRONG_ARGS;
-
-    rv = ldapu_list_find_node (certmap_listinfo, &node, ldapu_propval_same,
-			       (void *)issuerDN);
-
-    if (rv != LDAPU_SUCCESS) return rv;
-
-    rv = ldapu_list_remove_node (certmap_listinfo, node);
-
-    return rv;
-}
-
-NSAPI_PUBLIC int ldapu_certinfo_save (const char *fname,
-				      const char *old_fname,
-				      const char *tmp_fname)
-{
-    /* Copy the header from the old_fname into a temporary file
-     * Save the default_certmap_info and certmap_listinfo into the temporary
-     * file.  Rename the temporary file to the new file.
-     */
-    FILE *ofp;
-    FILE *tfp;
-    char buf[BIG_LINE];
-    char *ptr;
-    int eof;
-    int rv;
-    uintptr_t retval;
-    LDAPUPrintInfo_t pinfo;
-    
-#ifdef XP_WIN32
-    if ((ofp = fopen(old_fname, "rt")) == NULL)
-#else
-    if ((ofp = fopen(old_fname, "r")) == NULL)
-#endif
-    {
-	return LDAPU_ERR_CANNOT_OPEN_FILE;
-    }
-
-    if ((tfp = fopen(tmp_fname, "w")) == NULL)
-    {
-	return LDAPU_ERR_CANNOT_OPEN_FILE;
-    }
-
-    eof = 0;
-    while(!eof) {
-	if (!fgets(buf, BIG_LINE, ofp)) break;
-
-	ptr = buf;
-
-	/* skip leading whitespace */
-	while(*ptr && isspace(*ptr)) ++ptr;
-
-	if (*ptr && *ptr != '#') {
-	    /* It's not a comment, we are done */
-	    break;
-	}
-
-	fprintf(tfp, "%s", buf);
-    }
-
-    fclose(ofp);
-
-    /* Output the default_certmap_info */
-    pinfo.fp = tfp;
-    pinfo.arg = default_certmap_info->issuerName;
-
-    retval = (uintptr_t)ldapu_certinfo_print (default_certmap_info, &pinfo);
-    rv = (int)retval;
-
-    if (rv != LDAPU_SUCCESS) {
-	fclose(tfp);
-	return rv;
-    }
-
-    if (certmap_listinfo) {
-	rv = ldapu_list_print (certmap_listinfo, ldapu_certinfo_print,
-			       &pinfo);
-	
-	if (rv != LDAPU_SUCCESS) {
-	    fclose(tfp);
-	    return rv;
-	}
-    }
-
-    fclose(tfp);
-
-    /* replace old file with the tmp file */
-#ifdef _WIN32
-    if ( !MoveFileEx(tmp_fname, fname, MOVEFILE_REPLACE_EXISTING ))
-#else
-    if ( rename( tmp_fname, fname) != 0 )
-#endif
-    {
-	return LDAPU_ERR_RENAME_FILE_FAILED;
-    }
-
-    return LDAPU_SUCCESS;
-}
-
 static void * ldapu_propval_free (void *propval_in, void *arg)
 {
     LDAPUPropVal_t *propval = (LDAPUPropVal_t *)propval_in;
diff --git a/lib/ldaputil/utest/Makefile b/lib/ldaputil/utest/Makefile
deleted file mode 100644
index 2f976af8..00000000
--- a/lib/ldaputil/utest/Makefile
+++ /dev/null
@@ -1,149 +0,0 @@
-#
-# BEGIN COPYRIGHT BLOCK
-# This Program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License as published by the Free Software
-# Foundation; version 2 of the License.
-# 
-# This Program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License along with
-# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
-# Place, Suite 330, Boston, MA 02111-1307 USA.
-# 
-# In addition, as a special exception, Red Hat, Inc. gives You the additional
-# right to link the code of this Program with code not covered under the GNU
-# General Public License ("Non-GPL Code") and to distribute linked combinations
-# including the two, subject to the limitations in this paragraph. Non-GPL Code
-# permitted under this exception must only link to the code of this Program
-# through those well defined interfaces identified in the file named EXCEPTION
-# found in the source code files (the "Approved Interfaces"). The files of
-# Non-GPL Code may instantiate templates or use macros or inline functions from
-# the Approved Interfaces without causing the resulting work to be covered by
-# the GNU General Public License. Only Red Hat, Inc. may make changes or
-# additions to the list of Approved Interfaces. You must obey the GNU General
-# Public License in all respects for all of the Program code and other code used
-# in conjunction with the Program except the Non-GPL Code covered by this
-# exception. If you modify this file, you may extend this exception to your
-# version of the file, but you are not obligated to do so. If you do not wish to
-# provide this exception without modification, you must delete this exception
-# statement from your version and license this file solely under the GPL without
-# exception. 
-# 
-# 
-# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
-# Copyright (C) 2005 Red Hat, Inc.
-# All rights reserved.
-# END COPYRIGHT BLOCK
-#
-#
-# Makefile for ldaputil unit test.
-#
-BUILD_ROOT=../../..
-MODULE=LibLdapUtil
-
-OBJDEST=.
-UTESTDEST=utest
-
-include $(BUILD_ROOT)/nsconfig.mk
-
-MODULE_CFLAGS=-I$(NSROOT)/include
-
-include $(INCLUDE_DEPENDS)
-
-TESTFLAGS = -DUTEST -DDBG_PRINT -DDONT_USE_LDAP_SSL
-
-CC=CC
-PURIFY=
-
-CSRC = stubs.c
-CPPSRC = auth.cpp
-TSRC = authtest
-SRC  = $(CSRC) $(CPPSRC) $(TSRC)
-XSRC = ../ldapauth.c ../ldapdb.c ../errors.c ../dbconf.c ../certmap.c ../ldapauth.c ../init.c ../encode.c
-
-COBJ = $(CPPSRC:%.cpp=%.o) $(CSRC:%.c=%.o)
-XOBJ = $(XSRC:../%.c=../utest/%.o) 
-
-ifeq ($(ARCH), WINNT)
-  BINS=./auth.exe
-  LDAP_LIBLINK = $(addprefix $(LDAP_LIBPATH)/, $(addsuffix .lib, $(LDAP_LIBNAMES)))
-  XLIBS = ${LDAP_LIBLINK}
-  LOCAL_LINK_EXE = link -OUT:"$@" /MAP  $(ARCH_LINK_DEBUG) $(LCFLAGS) /NOLOGO \
-		 /PDB:NONE /INCREMENTAL:NO /SUBSYSTEM:windows $(XLIBS)
-else
-  BINS = auth
-  LDAP_LIBLINK = -L$(LDAP_LIBPATH) $(addprefix -l, ${LDAP_SOLIB_NAMES})
-endif
-
-ifeq ($(ARCH), SOLARIS)
-  XLIBS = -R$(LDAP_LIBPATH) ${LDAP_LIBLINK} $(LIBNSPR) $(LIBSEC) -lthread -lposix4 -lsocket -lnsl -ldl
-else
-  ifeq ($(ARCH), IRIX)
-    XLIBS = ${LDAP_LIBLINK} $(LIBNSPR) $(LIBSEC)
-  else
-    ifeq ($(ARCH), WINNT)
-      echo "XLIBS = ${XLIBS}"
-    else
-      #Other UNIX platforms
-      XLIBS = -R$(LDAP_LIBPATH) ${LDAP_LIBLINK} $(LIBNSPR) $(LIBSEC) -lthread -lposix4 -lsocket -lnsl -ldl
-    endif
-  endif
-endif
-
-PLUGIN = plugin.so
-
-all:	$(LIBLDAP) $(COBJ) $(TSRC) ${BINS} $(PLUGIN)
-	./authtest 2> test.out
-	diff test.out test.ref
-	@echo
-	@echo "The unit test is passed if there is no diff output, and the"
-	@echo "Purify window shows no errors and 0 bytes leaked."
-	@echo
-	@echo "Run - gmake coverage - manually to get code coverage analysis."
-	@echo
-
-auth:	$(XOBJ) $(COBJ)
-	$(PURIFY) $(CC) $(XLIBS) $^ -o $@
-
-auth.exe:	$(XOBJ) $(COBJ)
-	$(PURIFY) $(LOCAL_LINK_EXE) $(XOBJ) $(COBJ) ${XLIBS}
-
-testcert:	testcert.o $(XOBJ) ../utest/cert.o
-	$(PURIFY) $(CC) $(XLIBS) $^ -o $@
-
-%.o:%.c
-	$(PURIFY) $(CC) -c $(CFLAGS) $(TESTFLAGS) $(MCC_INCLUDE) $< -o $@
-
-../utest/%.o:../%.c
-	$(PURIFY) $(CC) -c $(CFLAGS) $(TESTFLAGS) $(MCC_INCLUDE) -I.. $< -o $(OBJDEST)/$*.o
-
-../utest/%.o:../%.cpp
-	$(PURIFY) $(CC) -c $(CFLAGS) $(TESTFLAGS) $(MCC_INCLUDE) -I.. $< -o $(OBJDEST)/$*.o
-
-PLUGIN_INC = ./include
-
-$(PLUGIN_INC):
-	mkdir -p include
-
-certmap.h: $(BUILD_ROOT)/include/ldaputil/extcmap.h
-	\rm -rf $(PLUGIN_INC)/$@
-	cp $^ $(PLUGIN_INC)/$@
-
-ldap.h: $(LDAP_INCLUDE)/ldap.h
-	\rm -rf $(PLUGIN_INC)/$@
-	cp $^ $(PLUGIN_INC)/$@
-
-lber.h: $(LDAP_INCLUDE)/lber.h
-	\rm -rf $(PLUGIN_INC)/$@
-	cp $^ $(PLUGIN_INC)/$@
-
-example.o: example.c $(PLUGIN_INC) certmap.h ldap.h lber.h
-	$(CC) -c -I$(PLUGIN_INC) $*.c -o $(OBJDEST)/$*.o
-
-plugin.o: plugin.c $(PLUGIN_INC) certmap.h ldap.h lber.h
-	$(PURIFY) $(CC) -c -I. -I$(PLUGIN_INC) $*.c -o $(OBJDEST)/$*.o
-
-$(PLUGIN): plugin.o
-	$(LINK_DLL) $^
diff --git a/lib/ldaputil/utest/auth.cpp b/lib/ldaputil/utest/auth.cpp
deleted file mode 100644
index 46be3a2b..00000000
--- a/lib/ldaputil/utest/auth.cpp
+++ /dev/null
@@ -1,611 +0,0 @@
-/** BEGIN COPYRIGHT BLOCK
- * This Program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free Software
- * Foundation; version 2 of the License.
- * 
- * This Program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
- * 
- * You should have received a copy of the GNU General Public License along with
- * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
- * Place, Suite 330, Boston, MA 02111-1307 USA.
- * 
- * In addition, as a special exception, Red Hat, Inc. gives You the additional
- * right to link the code of this Program with code not covered under the GNU
- * General Public License ("Non-GPL Code") and to distribute linked combinations
- * including the two, subject to the limitations in this paragraph. Non-GPL Code
- * permitted under this exception must only link to the code of this Program
- * through those well defined interfaces identified in the file named EXCEPTION
- * found in the source code files (the "Approved Interfaces"). The files of
- * Non-GPL Code may instantiate templates or use macros or inline functions from
- * the Approved Interfaces without causing the resulting work to be covered by
- * the GNU General Public License. Only Red Hat, Inc. may make changes or
- * additions to the list of Approved Interfaces. You must obey the GNU General
- * Public License in all respects for all of the Program code and other code used
- * in conjunction with the Program except the Non-GPL Code covered by this
- * exception. If you modify this file, you may extend this exception to your
- * version of the file, but you are not obligated to do so. If you do not wish to
- * provide this exception without modification, you must delete this exception
- * statement from your version and license this file solely under the GPL without
- * exception. 
- * 
- * 
- * Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
- * Copyright (C) 2005 Red Hat, Inc.
- * All rights reserved.
- * END COPYRIGHT BLOCK **/
-
-#ifdef HAVE_CONFIG_H
-#  include <config.h>
-#endif
-
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <ctype.h>
-#include <string.h>
-
-#include <prinit.h>		// for PR_Init
-#include <prpriv.h>		// for PR_Exit
-#include <ldaputil/certmap.h>
-#include <ldaputil/init.h>
-#include <ldaputil/ldapdb.h>
-#include <ldaputil/ldapauth.h>
-#include <ldaputil/dbconf.h>
-#include <ldaputil/ldaputil.h>
-#include <ldap.h>
-
-static const char* dllname = "plugin.so";
-
-char *global_issuer_dn = "o=" VENDOR ", c=US";
-
-#define NSPR_INIT(Program) (PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 8))
-
-static int ldapu_certinfo_save_test (const char *fname, const char *old_fname)
-{
-    int rv;
-
-    /* Read the original certmap config file first */
-    rv = ldaputil_init(old_fname, dllname, NULL, NULL, NULL);
-
-    if (rv != LDAPU_SUCCESS) {
-	fprintf(stderr, "ldapu_certinfo_save_test failed.  Reason: %s\n",
-		ldapu_err2string(rv));
-	return rv;
-    }
-
-    rv = ldapu_certinfo_save(fname, old_fname, "certmap.tmp");
-
-    if (rv != LDAPU_SUCCESS) {
-	fprintf(stderr, "ldapu_certinfo_save_test failed.  Reason: %s\n",
-		ldapu_err2string(rv));
-    }
-
-    return rv;
-}
-
-static int ldapu_certinfo_delete_test (const char *fname, const char *old_fname)
-{
-    int rv;
-
-    /* Read the original certmap config file first */
-    rv = ldaputil_init(old_fname, dllname, NULL, NULL, NULL);
-
-    if (rv != LDAPU_SUCCESS) {
-	fprintf(stderr, "ldapu_certinfo_delete_test failed.  Reason: %s\n",
-		ldapu_err2string(rv));
-	return rv;
-    }
-
-    /* rv = ldapu_certinfo_delete("o=Ace Industry, c=US"); */
-    rv = ldapu_certinfo_delete("o=" VENDOR ", c=US");
-
-    if (rv != LDAPU_SUCCESS) {
-	fprintf(stderr, "ldapu_certinfo_delete failed.  Reason: %s\n",
-		ldapu_err2string(rv));
-	return rv;
-    }
-
-    rv = ldapu_certinfo_save(fname, old_fname, "certmap.tmp");
-
-    if (rv != LDAPU_SUCCESS) {
-	fprintf(stderr, "ldapu_certinfo_delete_test failed.  Reason: %s\n",
-		ldapu_err2string(rv));
-    }
-
-    return rv;
-}
-
-static int ldapu_certinfo_new_test (const char *fname, const char *old_fname)
-{
-    int rv;
-    LDAPUPropValList_t *propval_list;
-    LDAPUPropVal_t *propval;
-
-    /* Read the original certmap config file first */
-    rv = ldaputil_init(old_fname, dllname, NULL, NULL, NULL);
-
-    if (rv != LDAPU_SUCCESS) {
-	fprintf(stderr, "ldapu_certinfo_new_test failed.  Reason: %s\n",
-		ldapu_err2string(rv));
-	return rv;
-    }
-
-    /* Setup propval_list */
-    rv = ldapu_list_alloc(&propval_list);
-    if (rv != LDAPU_SUCCESS) return rv;
-
-    rv = ldapu_propval_alloc("prop1", "val1", &propval);
-    if (rv != LDAPU_SUCCESS) return rv;
-
-    rv = ldapu_list_add_info(propval_list, propval);
-    if (rv != LDAPU_SUCCESS) return rv;
-
-    rv = ldapu_propval_alloc("prop2", "val2", &propval);
-    if (rv != LDAPU_SUCCESS) return rv;
-
-    rv = ldapu_list_add_info(propval_list, propval);
-    if (rv != LDAPU_SUCCESS) return rv;
-
-    rv = ldapu_propval_alloc("prop3", 0, &propval);
-    if (rv != LDAPU_SUCCESS) return rv;
-
-    rv = ldapu_list_add_info(propval_list, propval);
-    if (rv != LDAPU_SUCCESS) return rv;
-
-    rv = ldapu_certinfo_modify("newmap", "o=Mcom Communications, c=US",
-			       propval_list);
-
-    ldapu_propval_list_free(propval_list);
-
-    if (rv != LDAPU_SUCCESS) {
-	fprintf(stderr, "ldapu_certinfo_delete failed.  Reason: %s\n",
-		ldapu_err2string(rv));
-	return rv;
-    }
-
-    rv = ldapu_certinfo_save(fname, old_fname, "certmap.tmp");
-
-    if (rv != LDAPU_SUCCESS) {
-	fprintf(stderr, "ldapu_certinfo_new_test failed.  Reason: %s\n",
-		ldapu_err2string(rv));
-    }
-
-    return rv;
-}
-
-static int get_dbnames_test (const char *mapfile)
-{
-    char **names;
-    int cnt;
-    int rv;
-    int i;
-
-    rv = dbconf_get_dbnames(mapfile, &names, &cnt);
-
-    if (rv != LDAPU_SUCCESS) {
-	fprintf(stderr, "get_dbnames_test failed. Reason: %s\n",
-		ldapu_err2string(rv));
-    }
-    else {
-	for(i = 0; i < cnt; i++) {
-	    fprintf(stderr, "\tdbname[%d] = \"%s\"\n", 
-		    i, names[i]);
-	}
-    }
-
-    dbconf_free_dbnames(names);
-
-    return rv;
-}
-
-static int case_ignore_strcmp (const char *s1, const char *s2)
-{
-    int ls1, ls2;		/* tolower values of chars in s1 & s2 resp. */
-
-    if (!s1) return !s2 ? 0 : 0-tolower(*s2);
-    else if (!s2) return tolower(*s1);
-
-    while(*s1 && *s2 && (ls1 = tolower(*s1)) == (ls2 = tolower(*s2))) { s1++; s2++; }
-
-    if (!*s1)
-	return *s2 ? 0-tolower(*s2) : 0;
-    else if (!*s2)
-	return tolower(*s1);
-    else
-	return ls1 - ls2;
-}
-
-#define STRCASECMP3(s1, s2, rv) \
-{ \
-    int i = case_ignore_strcmp(s1, s2); \
-    fprintf(stderr, "strcasecmp(\"%s\", \"%s\")\t=\t%d\t%s\tExpected: %d\n", \
-	    s1 ? s1 : "<NULL>", s2 ? s2 : "<NULL>", \
-	    i, i == rv ? "SUCCESS" : "FAILED", rv); \
-}
-
-#ifndef XP_WIN32
-#define STRCASECMP(s1, s2) STRCASECMP3(s1, s2, strcasecmp(s1, s2))
-#else
-#define STRCASECMP(s1, s2) STRCASECMP3(s1, s2, case_ignore_strcmp(s1, s2))
-#endif
-
-static void strcasecmp_test ()
-{
-    STRCASECMP3(0, "aBcD", 0-tolower('a'));
-    STRCASECMP3(0, 0, 0);
-    STRCASECMP3("aBcD", 0, tolower('a'));
-
-    STRCASECMP("AbCd", "aBcD");
-    STRCASECMP("AbCd", "abcd");
-    STRCASECMP("ABCD", "ABCD");
-    STRCASECMP("abcd", "abcd");
-
-    STRCASECMP("AbCd", "aBcD3");
-    STRCASECMP("AbCd", "abcd3");
-    STRCASECMP("ABCD", "ABCD3");
-    STRCASECMP("abcd", "abcd3");
-			      
-    STRCASECMP("AbCd1", "aBcD");
-    STRCASECMP("AbCd2", "abcd");
-    STRCASECMP("ABCDX", "ABCD");
-    STRCASECMP("abcdY", "abcd");
-
-    STRCASECMP("AbCd5", "aBcD1");
-    STRCASECMP("AbCd5", "abcd1");
-    STRCASECMP("ABCD5", "ABCD1");
-    STRCASECMP("abcd5", "abcd1");
-			       
-    STRCASECMP("AbCd2", "aBcDp");
-    STRCASECMP("AbCd2", "abcdQ");
-    STRCASECMP("ABCD2", "ABCDr");
-    STRCASECMP("abcd2", "abcdS");
-}
-
-static int certmap_tests (const char *config_file) { return 0; }
-
-static int read_config_test (const char *config_file, const char *dbname,
-			     const char *url,
-			     const char *binddn, const char *bindpw)
-{
-    int rv;
-    DBConfDBInfo_t *db_info;
-    char *dn;
-    char *pw;
-
-    rv = dbconf_read_default_dbinfo(config_file, &db_info);
-
-    if (rv != LDAPU_SUCCESS) {
-	fprintf(stderr, "config_test failed: %s\n",
-		ldapu_err2string(rv));
-	return LDAPU_FAILED;
-    }
-
-    if (strcmp(db_info->dbname, dbname) ||
-	strcmp(db_info->url, url)) {
-	fprintf(stderr, "config_test failed: %s\n",
-		"first line in config file is wrong");
-	return LDAPU_FAILED;
-    }
-
-    if ((ldapu_dbinfo_attrval(db_info, "binddn", &dn) != LDAPU_SUCCESS) ||
-	(ldapu_dbinfo_attrval(db_info, "bindpw", &pw) != LDAPU_SUCCESS))
-    {
-	fprintf(stderr, "config_test failed: %s\n",
-		"properties are missing");
-	return LDAPU_FAILED;
-    }
-
-    if (strcmp(dn, binddn) ||
-	strcmp(pw, bindpw)) {
-	fprintf(stderr, "config_test failed: %s\n",
-		"property values are wrong");
-	return LDAPU_FAILED;
-    }
-
-    fprintf(stderr, "binddn from config file: \"%s\"\n", dn);
-    fprintf(stderr, "bindpw from config file: \"%s\"\n", pw);
-
-    /* cleanup */
-    dbconf_free_dbinfo(db_info);
-    free(dn);
-    free(pw);
-
-    return LDAPU_SUCCESS;
-}
-
-static int config_test (const char *binddn, const char *bindpw)
-{
-    char *config_file = "config_out.conf";
-    FILE *fp = fopen(config_file, "w");
-    const char *dbname = "default";
-    const char *url = "file:/foobar/path";
-    int rv;
-
-    if (!fp) return LDAPU_FAILED;
-
-    dbconf_output_db_directive(fp, dbname, url);
-    dbconf_output_propval(fp, dbname, "binddn", binddn, 0);
-    dbconf_output_propval(fp, dbname, "bindpw", bindpw, 1);
-
-    fclose(fp);
-
-    fprintf(stderr, "Config file written: %s\n", config_file);
-
-    rv = read_config_test(config_file, dbname, url, binddn, bindpw);
-
-    return rv;
-}
-
-static int
-compare_groupid(const void *arg, const char *group, const int len)
-{
-    auto const char* groupid = (const char*)arg;
-    auto int err = LDAPU_FAILED;
-    if (len == strlen (groupid) && !strncasecmp (groupid, group, len)) {
-	err = LDAPU_SUCCESS;
-    }
-    return err;
-}
-
-static int
-compare_group(LDAP* directory, LDAPMessage* entry, void* set)
-{
-    auto int err = LDAPU_FAILED;
-    auto char** vals = ldap_get_values (directory, entry, "CN");
-    if (vals) {
-	auto char** val;
-	for (val = vals; *val; ++val) {
-	    if (!strcasecmp (*val, (char*)set)) {
-		err = LDAPU_SUCCESS;
-		break;
-	    }
-	}
-	ldap_value_free (vals);
-    }
-    return err;
-}
-
-int perform_test (int argc, char *argv[])
-{
-    int test_type;
-    int retval = LDAPU_SUCCESS;
-    DBConfDBInfo_t *db_info;
-    LDAPDatabase_t *ldb;
-    LDAP *ld;
-    char *dbmap_file = "dblist.conf";
-    char *binddn = 0;
-    char *bindpw = 0;
-    char *basedn;
-    int retry = 1;
-    int rv;
-
-    fprintf(stderr, "\nStart of test: ./auth %s \"%s\" \"%s\"\n",
-	    argv[1], argv[2], argv[3]);
-
-    rv = dbconf_read_default_dbinfo(dbmap_file, &db_info);
-
-    if (rv != LDAPU_SUCCESS) {
-	fprintf(stderr, "Error reading dbmap file \"%s\".  Reason: %s\n",
-		dbmap_file, ldapu_err2string(rv));
-	return rv;
-    }
-
-    ldapu_dbinfo_attrval (db_info, LDAPU_ATTR_BINDDN, &binddn);
-    ldapu_dbinfo_attrval (db_info, LDAPU_ATTR_BINDPW, &bindpw);
-
-    rv = ldapu_url_parse (db_info->url, binddn, bindpw, &ldb);
-    free(binddn);
-    free(bindpw);
-
-    if (rv != LDAPU_SUCCESS) {
-	fprintf(stderr, "Error parsing ldap url \"%s\".  Reason: %s\n",
-		db_info->url, ldapu_err2string(rv));
-	return rv;
-    }
-
-    basedn = ldb->basedn;
-
-    test_type = atoi(argv[1]);
-
-    retry = 1;
-
-    while(retry) {
-	retry = 0;
-
-	rv = ldapu_ldap_init_and_bind (ldb);
-
-	if (rv != LDAPU_SUCCESS) {
-	    fprintf(stderr, "Error initializing connection to LDAP.  Reason: %s\n",
-		    ldapu_err2string(rv));
-	    return rv;
-	}
-
-	ld = ldb->ld;
-
-	switch(test_type) {
-	case 1:
-	    fprintf(stderr, "\nuserdn:\t\t\"%s\"\ngroupdn:\t\"%s\"\n",
-		    argv[2], argv[3]);
-	    retval = ldapu_auth_userdn_groupdn(ld, argv[2], argv[3], basedn);
-	    break;
-
-	case 2:
-	    fprintf(stderr, "\nuid:\t\t\"%s\"\ngroupdn:\t\"%s\"\n", argv[2], argv[3]);
-	    retval = ldapu_auth_uid_groupdn(ld, argv[2], argv[3], basedn);
-	    break;
-
-	case 3:
-	    fprintf(stderr, "\nuid:\t\t\"%s\"\ngroupid:\t\"%s\"\n", argv[2], argv[3]);
-	    retval = ldapu_auth_uid_groupid(ld, argv[2], argv[3], basedn);
-	    break;
-
-	case 4:
-	    fprintf(stderr, "\nuserdn:\t\t\"%s\"\ngroupid:\t\"%s\"\n", argv[2], argv[3]);
-	    retval = ldapu_auth_userdn_groupid(ld, argv[2], argv[3], basedn);
-	    break;
-
-	case 5:
-	    fprintf(stderr, "\nuserdn:\t\t\"%s\"\nattrFilter:\t\"%s\"\n", argv[2], argv[3]);
-	    retval = ldapu_auth_userdn_attrfilter(ld, argv[2], argv[3]);
-	    break;
-
-	case 6:
-	    fprintf(stderr, "\nuid:\t\t\"%s\"\nattrFilter:\t\"%s\"\n", argv[2], argv[3]);
-	    retval = ldapu_auth_uid_attrfilter(ld, argv[2], argv[3], basedn);
-	    break;
-
-	case 7:
-	    fprintf(stderr, "\nuserdn:\t\t\"%s\"\npassword:\t\"%s\"\n", argv[2], argv[3]);
-	    retval = ldapu_auth_userdn_password(ld, argv[2], argv[3]);
-	    break;
-
-	case 8:
-	    fprintf(stderr, "\nuid:\t\t\"%s\"\npassword:\t\"%s\"\n", argv[2], argv[3]);
-	    retval = ldapu_auth_uid_password(ld, argv[2], argv[3], basedn);
-	    break;
-
-	case 9: {
-	    /* plugin test */
-	    LDAPMessage *entry = 0;
-	    LDAPMessage *res = 0;
-
-	    fprintf(stderr, "Cert Map issuer DN: \"%s\"\n", argv[2]);
-	    fprintf(stderr, "Cert Map subject DN: \"%s\"\n", argv[3]);
-	    retval = ldaputil_init("certmap.conf", dllname, NULL, NULL, NULL);
-
-	    if (retval != LDAPU_SUCCESS) {
-		fprintf(stderr, "Cert Map info test failed.  Reason: %s\n",
-			ldapu_err2string(retval));
-		break;
-	    }
-
-	    if (*(argv[2]))
-		global_issuer_dn = argv[2];
-	    else
-		global_issuer_dn = 0;
-
-	    retval = ldapu_cert_to_ldap_entry(argv[3], ld, ldb->basedn, &res);
-
-	    if (retval == LDAPU_SUCCESS) {
-		char *dn;
-
-		entry = ldap_first_entry(ld, res);
-		dn = ldap_get_dn(ld, entry);
-		fprintf(stderr, "Matched entry to cert: \"%s\"\n", dn);
-		ldap_memfree(dn);
-	    }
-	    else if (retval == LDAPU_FAILED) {
-		/* Not an error but couldn't map the cert */
-	    }
-	    else {
-		fprintf(stderr, "Cert Map info test failed.  Reason: %s\n",
-			ldapu_err2string(retval));
-		break;
-	    }
-
-	    /* TEMPORARY -- when & how to free the entry */
-	    if (res) ldap_msgfree(res);
-
-	    break;
-	} /* case 9 */
-
-	case 10:
-	    if ((retval = config_test(argv[2], argv[3])) == LDAPU_SUCCESS) {
-		fprintf(stderr, "Config file test succeeded\n");
-	    }
-	    else {
-		fprintf(stderr, "Config file test failed\n");
-	    }
-	    break;
-
-	case 11:
-	    retval = get_dbnames_test(argv[2]);
-	    break;
-
-	case 12:
-	    retval = ldapu_certinfo_save_test(argv[2], argv[3]);
-	    break;
-
-	case 13:
-	    retval = ldapu_certinfo_delete_test(argv[2], argv[3]);
-	    break;
-
-	case 14:
-	    retval = ldapu_certinfo_new_test(argv[2], argv[3]);
-	    break;
-
-	case 15:
-	    fprintf(stderr, "\nuserdn:\t\t\"%s\"\ngroupid:\t\"%s\"\n", argv[2], argv[3]);
-	    {
-		auto LDAPU_DNList_t* userDNs = ldapu_DNList_alloc();
-		ldapu_DNList_add(userDNs, argv[2]);
-		retval = ldapu_auth_usercert_groups(ld, basedn, userDNs, NULL,
-						    argv[3], compare_group, 30, NULL);
-		ldapu_DNList_free(userDNs);
-	    }
-	    break;
-
-	case 16:
-	    fprintf(stderr, "\nuserCert:\t\"%s\"\ngroupid:\t\"%s\"\n", argv[2], argv[3]);
-	    retval = ldapu_auth_usercert_groupids(ld, NULL/*userDN*/, argv[2], argv[3],
-						  compare_groupid, basedn, NULL/*group_out*/);
-	    break;
-
-	} /* switch */
-
-	if (retval == LDAP_SERVER_DOWN) {
-	    /* retry */
-	    retry = 1;
-	    ldb->ld = 0;
-	}
-	else if (retval == LDAPU_SUCCESS) {
-	    fprintf(stderr, "Authentication succeeded.\n");
-	}
-	else {
-	    fprintf(stderr, "Authentication failed.\n");
-	}
-    }
-
-    /* cleanup */
-//     ldapu_free_LDAPDatabase_t(ldb);
-//     dbconf_free_dbinfo(db_info);
-//     ldaputil_exit();
-    return retval;
-}
-
-int main (int argc, char *argv[])
-{
-    int rv;
-
-    NSPR_INIT("auth");
-
-    if (argc != 4) {
-        fprintf(stderr, "argc = %d\n", argc);
-	fprintf(stderr, "usage: %s test_type user_dn group_dn\n", argv[0]);
-	fprintf(stderr, "\t%s 1 <userdn> <groupdn>\n", argv[0]);
-	fprintf(stderr, "\t%s 2 <uid> <groupdn>\n", argv[0]);
-	fprintf(stderr, "\t%s 3 <uid> <groupid>\n", argv[0]);
-	fprintf(stderr, "\t%s 4 <userdn> <groupid>\n", argv[0]);
-	fprintf(stderr, "\t%s 5 <userdn> <attrFilter>\n", argv[0]);
-	fprintf(stderr, "\t%s 6 <uid> <attrFilter>\n", argv[0]);
-	fprintf(stderr, "\t%s 7 <userdn> <password>\n", argv[0]);
-	fprintf(stderr, "\t%s 8 <uid> <password>\n", argv[0]);
-	fprintf(stderr, "\t%s 9 <certmap.conf> <subjectDN>\n", argv[0]);
-	fprintf(stderr, "\t%s 10 <binddn> <bindpw>\n", argv[0]);
-	fprintf(stderr, "\t%s 11 <dbmap> <ignore>\n", argv[0]);
-	fprintf(stderr, "\t%s 12 <newconfig> <oldconfig> ... to test save\n", argv[0]);
-	fprintf(stderr, "\t%s 13 <newconfig> <oldconfig> ... to test delete\n", argv[0]);
-	fprintf(stderr, "\t%s 14 <newconfig> <oldconfig> ... to test add\n", argv[0]);
-	fprintf(stderr, "\t%s 15 <userdn> <groupid>\n", argv[0]);
-	fprintf(stderr, "\t%s 16 <userCertDescription> <groupid>\n", argv[0]);
-	exit(LDAP_PARAM_ERROR);
-    }
-
-    rv = perform_test(argc, argv);
-    /*    PR_Exit(); */
-
-    return rv;
-}
-
diff --git a/lib/ldaputil/utest/authtest b/lib/ldaputil/utest/authtest
deleted file mode 100755
index 38e206cf..00000000
--- a/lib/ldaputil/utest/authtest
+++ /dev/null
@@ -1,138 +0,0 @@
-#!/bin/ksh
-#
-# BEGIN COPYRIGHT BLOCK
-# This Program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License as published by the Free Software
-# Foundation; version 2 of the License.
-# 
-# This Program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License along with
-# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
-# Place, Suite 330, Boston, MA 02111-1307 USA.
-# 
-# In addition, as a special exception, Red Hat, Inc. gives You the additional
-# right to link the code of this Program with code not covered under the GNU
-# General Public License ("Non-GPL Code") and to distribute linked combinations
-# including the two, subject to the limitations in this paragraph. Non-GPL Code
-# permitted under this exception must only link to the code of this Program
-# through those well defined interfaces identified in the file named EXCEPTION
-# found in the source code files (the "Approved Interfaces"). The files of
-# Non-GPL Code may instantiate templates or use macros or inline functions from
-# the Approved Interfaces without causing the resulting work to be covered by
-# the GNU General Public License. Only Red Hat, Inc. may make changes or
-# additions to the list of Approved Interfaces. You must obey the GNU General
-# Public License in all respects for all of the Program code and other code used
-# in conjunction with the Program except the Non-GPL Code covered by this
-# exception. If you modify this file, you may extend this exception to your
-# version of the file, but you are not obligated to do so. If you do not wish to
-# provide this exception without modification, you must delete this exception
-# statement from your version and license this file solely under the GPL without
-# exception. 
-# 
-# 
-# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
-# Copyright (C) 2005 Red Hat, Inc.
-# All rights reserved.
-# END COPYRIGHT BLOCK
-#
-# setup for test
-USERDN="cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-USER2DN="cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
-
-UID="hmiller"
-U2ID="scarter"
-
-GROUPDN="cn=Directory Administrators, o=Ace Industry, c=US"
-GROUPID="Directory Administrators"
-
-ATTRFILTER="mail=hmiller@aceindustry.com"
-ATTR2FILTER="mail=scarter@aceindustry.com"
-
-function check_result {
-  echo "\nStart of test: $1 $2 \"$3\" \"$4\""
-  if ( `$1 $2 "$3" "$4"` ) then
-    if [ $5 == "fail" ]; then
-      echo "**** Test Failed ****";
-    else
-      echo "Test Succeeded";
-    fi
-  else
-    if [ $5 == "fail" ]; then
-      echo "Test Succeeded";
-    else
-      echo "**** Test Failed ****";
-    fi
-  fi
-}
-
-function must_fail {
-  check_result $1 $2 "$3" "$4" "fail";
-}
-
-function must_succeed {
-  check_result $1 $2 "$3" "$4" "success";
-}
-
-# test for <userdn> <groupdn>
-must_succeed ./auth 1 "${USERDN}" "${GROUPDN}"
-must_fail ./auth 1 "${USER2DN}" "${GROUPDN}"
-
-# test for <uid> <groupdn>
-must_succeed ./auth 2 "${UID}" "${GROUPDN}"
-must_fail ./auth 2 "${U2ID}" "${GROUPDN}"
-
-# test for <uid> <groupid>
-must_succeed ./auth 3 "${UID}" "${GROUPID}"
-must_fail ./auth 3 "${U2ID}" "${GROUPID}"
-
-# test for <userdn> <groupid>
-must_succeed ./auth 4 "${USERDN}" "${GROUPID}"
-must_fail ./auth 4 "${USER2DN}" "${GROUPID}"
-must_succeed ./auth 15 "${USERDN}" "${GROUPID}"
-must_fail ./auth 15 "${USER2DN}" "${GROUPID}"
-must_succeed ./auth 16 "{${USERDN}" "${GROUPID}"
-must_fail ./auth 16 "{${USER2DN}" "${GROUPID}"
-
-# test for <userdn> <attrFilter>
-must_succeed ./auth 5 "${USERDN}" "${ATTRFILTER}"
-must_fail ./auth 5 "${USERDN}" "${ATTR2FILTER}"
-must_fail ./auth 5 "${USER2DN}" "${ATTRFILTER}"
-
-# test for <uid> <attrFilter>
-must_succeed ./auth 6 "${UID}" "${ATTRFILTER}"
-must_fail ./auth 6 "${UID}" "${ATTR2FILTER}"
-must_fail ./auth 6 "${U2ID}" "${ATTRFILTER}"
-
-# test for <userdn> <password>
-must_succeed ./auth 7 "${USERDN}" "hillock"
-must_fail ./auth 7 "${USERDN}" "garbage"
-
-# test for <uid> <password>
-must_succeed ./auth 8 "${UID}" "hillock"
-must_fail ./auth 8 "${UID}" "garbage"
-
-#test for cert to ldap entry mapping
-must_succeed ./auth 9 "o=Ace Industry, c=US" "cn=Kirsten Vaughan, ou=Human Resources, o=Ace Industry, c=US"
-#must_fail ./auth 9 "default" "cn=Kirsten Vaughan, o=Ace Industry, c=US"
-
-# test for encode/decode bindpw
-must_succeed ./auth 10 "cn=Foo Bar, o=$VENDOR, c=US" "foobar"
-
-# test for reading dbnames from dbswitch.conf file
-must_succeed ./auth 11 dblist.conf ignore
-
-# test for saving certmap info
-must_succeed ./auth 12 certmap.new certmap.conf
-cat certmap.conf certmap.new 1>&2
-
-# test for delete certmap info
-must_succeed ./auth 13 certmap.new certmap.conf
-cat certmap.conf certmap.new 1>&2
-
-# test for add certmap info
-must_succeed ./auth 14 certmap.new certmap.conf
-cat certmap.conf certmap.new 1>&2
-
diff --git a/lib/ldaputil/utest/certmap.conf b/lib/ldaputil/utest/certmap.conf
deleted file mode 100644
index b68d9a94..00000000
--- a/lib/ldaputil/utest/certmap.conf
+++ /dev/null
@@ -1,68 +0,0 @@
-#
-# BEGIN COPYRIGHT BLOCK
-# This Program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License as published by the Free Software
-# Foundation; version 2 of the License.
-# 
-# This Program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License along with
-# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
-# Place, Suite 330, Boston, MA 02111-1307 USA.
-# 
-# In addition, as a special exception, Red Hat, Inc. gives You the additional
-# right to link the code of this Program with code not covered under the GNU
-# General Public License ("Non-GPL Code") and to distribute linked combinations
-# including the two, subject to the limitations in this paragraph. Non-GPL Code
-# permitted under this exception must only link to the code of this Program
-# through those well defined interfaces identified in the file named EXCEPTION
-# found in the source code files (the "Approved Interfaces"). The files of
-# Non-GPL Code may instantiate templates or use macros or inline functions from
-# the Approved Interfaces without causing the resulting work to be covered by
-# the GNU General Public License. Only Red Hat, Inc. may make changes or
-# additions to the list of Approved Interfaces. You must obey the GNU General
-# Public License in all respects for all of the Program code and other code used
-# in conjunction with the Program except the Non-GPL Code covered by this
-# exception. If you modify this file, you may extend this exception to your
-# version of the file, but you are not obligated to do so. If you do not wish to
-# provide this exception without modification, you must delete this exception
-# statement from your version and license this file solely under the GPL without
-# exception. 
-# 
-# 
-# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
-# Copyright (C) 2005 Red Hat, Inc.
-# All rights reserved.
-# END COPYRIGHT BLOCK
-#
-
-# Comments before any certmap directive - line 1
-# Comments before any certmap directive - line 2
-
-# Comments before any certmap directive - line 3
-# Comments before any certmap directive - line 4
-# Comments before any certmap directive - line 5
-
-
-# Comments before any certmap directive - line 6
-
-certmap default default
-#default:DNComps o,    ou    ,c
-#default:FilterComps cn
-
-
-certmap default1 o=VENDOR, c=US
-default1:library ./plugin.so
-default1:InitFn plugin_init_fn
-default1:DNComps  ou o c
-default1:FilterComps l
-#default1:verifycert
-
-# Following line has trailing spaces
-certmap default2 o=Ace Industry, c=US    
-default2:InitFn plugin_init_fn
-default2:DNComps cn o ou c
-default2:FilterComps l
-default2:verifycert on
diff --git a/lib/ldaputil/utest/dblist.conf b/lib/ldaputil/utest/dblist.conf
deleted file mode 100644
index a7ed9858..00000000
--- a/lib/ldaputil/utest/dblist.conf
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# BEGIN COPYRIGHT BLOCK
-# This Program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License as published by the Free Software
-# Foundation; version 2 of the License.
-# 
-# This Program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License along with
-# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
-# Place, Suite 330, Boston, MA 02111-1307 USA.
-# 
-# In addition, as a special exception, Red Hat, Inc. gives You the additional
-# right to link the code of this Program with code not covered under the GNU
-# General Public License ("Non-GPL Code") and to distribute linked combinations
-# including the two, subject to the limitations in this paragraph. Non-GPL Code
-# permitted under this exception must only link to the code of this Program
-# through those well defined interfaces identified in the file named EXCEPTION
-# found in the source code files (the "Approved Interfaces"). The files of
-# Non-GPL Code may instantiate templates or use macros or inline functions from
-# the Approved Interfaces without causing the resulting work to be covered by
-# the GNU General Public License. Only Red Hat, Inc. may make changes or
-# additions to the list of Approved Interfaces. You must obey the GNU General
-# Public License in all respects for all of the Program code and other code used
-# in conjunction with the Program except the Non-GPL Code covered by this
-# exception. If you modify this file, you may extend this exception to your
-# version of the file, but you are not obligated to do so. If you do not wish to
-# provide this exception without modification, you must delete this exception
-# statement from your version and license this file solely under the GPL without
-# exception. 
-# 
-# 
-# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
-# Copyright (C) 2005 Red Hat, Inc.
-# All rights reserved.
-# END COPYRIGHT BLOCK
-#
-
-directory default ldap://:3334/o=Airius.com
-directory default1 ldap:///o=Ace Industry, c=US
-directory default2 ldap:///o=Ace Industry, c=US
-directory default3 ldap:///o=Ace Industry, c=US
-directory default4 ldap:///o=Ace Industry, c=US
-directory default5 ldap:///o=Ace Industry, c=US
-directory default6 ldap:///o=Ace Industry, c=US
diff --git a/lib/ldaputil/utest/example.c b/lib/ldaputil/utest/example.c
deleted file mode 100644
index 8fe65ffd..00000000
--- a/lib/ldaputil/utest/example.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/** BEGIN COPYRIGHT BLOCK
- * This Program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free Software
- * Foundation; version 2 of the License.
- * 
- * This Program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
- * 
- * You should have received a copy of the GNU General Public License along with
- * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
- * Place, Suite 330, Boston, MA 02111-1307 USA.
- * 
- * In addition, as a special exception, Red Hat, Inc. gives You the additional
- * right to link the code of this Program with code not covered under the GNU
- * General Public License ("Non-GPL Code") and to distribute linked combinations
- * including the two, subject to the limitations in this paragraph. Non-GPL Code
- * permitted under this exception must only link to the code of this Program
- * through those well defined interfaces identified in the file named EXCEPTION
- * found in the source code files (the "Approved Interfaces"). The files of
- * Non-GPL Code may instantiate templates or use macros or inline functions from
- * the Approved Interfaces without causing the resulting work to be covered by
- * the GNU General Public License. Only Red Hat, Inc. may make changes or
- * additions to the list of Approved Interfaces. You must obey the GNU General
- * Public License in all respects for all of the Program code and other code used
- * in conjunction with the Program except the Non-GPL Code covered by this
- * exception. If you modify this file, you may extend this exception to your
- * version of the file, but you are not obligated to do so. If you do not wish to
- * provide this exception without modification, you must delete this exception
- * statement from your version and license this file solely under the GPL without
- * exception. 
- * 
- * 
- * Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
- * Copyright (C) 2005 Red Hat, Inc.
- * All rights reserved.
- * END COPYRIGHT BLOCK **/
-
-#ifdef HAVE_CONFIG_H
-#  include <config.h>
-#endif
-
-
-#include <stdio.h>
-
-#include <certmap.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* The init function must be defined extern "C" if using a C++ compiler */
-int plugin_init_fn (void *certmap_info, const char *issuerName,
-		    const char *issuerDN);
-
-#ifdef __cplusplus
-}
-#endif
-
-
-static int extract_ldapdn_and_filter (const char *subjdn, void *certmap_info,
-				      char **ldapDN, char **filter)
-{
-    /* extract the ldapDN and filter from subjdn */
-    /* You can also use the ldapu_certmap_info_attrval function to get value
-       of a config file parameter for the certmap_info. */
-    return LDAPU_SUCCESS;
-}
-
-static int plugin_mapping_fn (void *cert, LDAP *ld, void *certmap_info,
-			      char **ldapDN, char **filter)
-{
-    char *subjdn;
-    int rv;
-
-    fprintf(stderr, "plugin_mapping_fn called.\n");
-    rv = ldapu_get_cert_subject_dn(cert, &subjdn);
-
-    if (rv != LDAPU_SUCCESS) return rv;
-
-    *ldapDN = 0;
-    *filter = 0;
-
-    rv = extract_ldapdn_and_filter(subjdn, certmap_info, ldapDN, filter);
-
-    if (rv != LDAPU_SUCCESS) {
-	/* This function must return LDAPU_FAILED or
-	   LDAPU_CERT_MAP_FUNCTION_FAILED on error */
-	return LDAPU_CERT_MAP_FUNCTION_FAILED;
-    }
-
-    return LDAPU_SUCCESS;
-}
-
-static int plugin_cmp_certs (void *subject_cert,
-			     void *entry_cert_binary,
-			     unsigned long entry_cert_len)
-{
-    /* compare the certs */
-    return LDAPU_SUCCESS;
-}
-
-static int plugin_verify_fn (void *cert, LDAP *ld, void *certmap_info,
-			     LDAPMessage *res, LDAPMessage **entry_out)
-{
-    LDAPMessage *entry;
-    struct berval **bvals;
-    char *cert_attr = "userCertificate;binary";
-    int i;
-    int rv;
-
-    fprintf(stderr, "plugin_verify_fn called.\n");
-    *entry_out = 0;
-
-    for (entry = ldap_first_entry(ld, res); entry != NULL;
-	 entry = ldap_next_entry(ld, entry))
-    {
-	if ((bvals = ldap_get_values_len(ld, entry, cert_attr)) == NULL) {
-	    rv = LDAPU_CERT_VERIFY_FUNCTION_FAILED;
-	    /* Maybe one of the remaining entries will match */
-	    continue;
-	}
-
-	for ( i = 0; bvals[i] != NULL; i++ ) {
-	    rv = plugin_cmp_certs (cert,
-				   bvals[i]->bv_val,
-				   bvals[i]->bv_len);
-
-	    if (rv == LDAPU_SUCCESS) {
-		break;
-	    }
-	}
-
-	ldap_value_free_len(bvals);
-
-	if (rv == LDAPU_SUCCESS) {
-	    *entry_out = entry;
-	    break;
-	}
-    }
-
-    return rv;
-}
-
-int plugin_init_fn (void *certmap_info, const char *issuerName,
-		    const char *issuerDN)
-{
-    fprintf(stderr, "plugin_init_fn called.\n");
-    ldapu_set_cert_mapfn(issuerDN, plugin_mapping_fn);
-    ldapu_set_cert_verifyfn(issuerDN, plugin_verify_fn);
-    return LDAPU_SUCCESS;
-}
-
diff --git a/lib/ldaputil/utest/plugin.c b/lib/ldaputil/utest/plugin.c
deleted file mode 100644
index 9d0334ec..00000000
--- a/lib/ldaputil/utest/plugin.c
+++ /dev/null
@@ -1,152 +0,0 @@
-/** BEGIN COPYRIGHT BLOCK
- * This Program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free Software
- * Foundation; version 2 of the License.
- * 
- * This Program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
- * 
- * You should have received a copy of the GNU General Public License along with
- * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
- * Place, Suite 330, Boston, MA 02111-1307 USA.
- * 
- * In addition, as a special exception, Red Hat, Inc. gives You the additional
- * right to link the code of this Program with code not covered under the GNU
- * General Public License ("Non-GPL Code") and to distribute linked combinations
- * including the two, subject to the limitations in this paragraph. Non-GPL Code
- * permitted under this exception must only link to the code of this Program
- * through those well defined interfaces identified in the file named EXCEPTION
- * found in the source code files (the "Approved Interfaces"). The files of
- * Non-GPL Code may instantiate templates or use macros or inline functions from
- * the Approved Interfaces without causing the resulting work to be covered by
- * the GNU General Public License. Only Red Hat, Inc. may make changes or
- * additions to the list of Approved Interfaces. You must obey the GNU General
- * Public License in all respects for all of the Program code and other code used
- * in conjunction with the Program except the Non-GPL Code covered by this
- * exception. If you modify this file, you may extend this exception to your
- * version of the file, but you are not obligated to do so. If you do not wish to
- * provide this exception without modification, you must delete this exception
- * statement from your version and license this file solely under the GPL without
- * exception. 
- * 
- * 
- * Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
- * Copyright (C) 2005 Red Hat, Inc.
- * All rights reserved.
- * END COPYRIGHT BLOCK **/
-
-#ifdef HAVE_CONFIG_H
-#  include <config.h>
-#endif
-
-
-#include <stdio.h>
-#include <string.h>
-#include <ctype.h>
-
-#include <plugin.h>		/* must define extern "C" functions */
-#include <certmap.h>		/* Public Certmap API */
-
-static CertSearchFn_t default_searchfn = 0;
-
-static int plugin_attr_val (void *cert, int which_dn, const char *attr)
-{
-    char **val;
-    int rv = ldapu_get_cert_ava_val(cert, which_dn, attr, &val);
-    char **attr_val = val;	/* preserve the pointer for free */
-
-    if (rv != LDAPU_SUCCESS || !val) {
-	fprintf(stderr, "\t%s: *** Failed ***\n", attr);
-    }
-    else if (!*val) {
-	fprintf(stderr, "\t%s: *** Empty ***\n", attr);
-    }
-    else {
-	fprintf(stderr, "\t%s: \"%s\"", attr, *val++);
-	while(*val) {
-	    fprintf(stderr, ", \"%s\"", *val++);
-	}
-	fprintf(stderr, "\n");
-    }
-
-    ldapu_free_cert_ava_val(attr_val);
-
-    return LDAPU_SUCCESS;
-}
-
-static int plugin_mapping_fn (void *cert, LDAP *ld, void *certmap_info,
-			      char **ldapDN, char **filter)
-{
-    char *subjdn;
-    char *issuerDN;
-    char *ptr;
-    char *comma;
-
-    fprintf(stderr, "plugin_mapping_fn called.\n");
-    ldapu_get_cert_subject_dn(cert, &subjdn);
-    ldapu_get_cert_issuer_dn(cert, &issuerDN);
-
-    fprintf(stderr, "Value of attrs from subject DN & issuer DN:\n");
-    fprintf(stderr, "\tCert: \"%s\"\n", (char *)cert);
-    fprintf(stderr, "\tsubjdn: \"%s\"\n", subjdn);
-    plugin_attr_val(cert, LDAPU_SUBJECT_DN, "cn");
-    plugin_attr_val(cert, LDAPU_SUBJECT_DN, "ou");
-    plugin_attr_val(cert, LDAPU_SUBJECT_DN, "o");
-    plugin_attr_val(cert, LDAPU_SUBJECT_DN, "c");
-    fprintf(stderr, "\tissuerDN: \"%s\"\n", issuerDN);
-    plugin_attr_val(cert, LDAPU_ISSUER_DN, "cn");
-    plugin_attr_val(cert, LDAPU_ISSUER_DN, "ou");
-    plugin_attr_val(cert, LDAPU_ISSUER_DN, "o");
-    plugin_attr_val(cert, LDAPU_ISSUER_DN, "c");
-
-    if (subjdn && *subjdn) {
-	comma = ptr = strchr(subjdn, ',');
-
-	while(*ptr == ',' || isspace(*ptr)) ptr++;
-	*ldapDN = strdup(ptr);
-
-	/* Set filter to the first AVA in the subjdn */
-	*filter = subjdn;
-	*comma = 0;
-    }
-    else {
-	*ldapDN = 0;
-	*filter = 0;
-    }
-
-    return LDAPU_SUCCESS;
-}
-
-static int plugin_search_fn (void *cert, LDAP *ld, void *certmap_info,
-			     const char *basedn,
-			     const char *dn, const char *filter,
-			     const char **attrs, LDAPMessage **res)
-{
-    fprintf(stderr, "plugin_search_fn called.\n");
-    return (*default_searchfn)(cert, ld, certmap_info, basedn, dn, filter,
-			       attrs, res);
-}
-
-static int plugin_verify_fn (void *cert, LDAP *ld, void *certmap_info,
-			     LDAPMessage *res, LDAPMessage **entry)
-{
-    fprintf(stderr, "plugin_verify_fn called.\n");
-    *entry = ldap_first_entry(ld, res);
-    return LDAPU_SUCCESS;
-}
-
-int plugin_init_fn (void *certmap_info, const char *issuerName,
-		    const char *issuerDN)
-{
-    fprintf(stderr, "plugin_init_fn called.\n");
-    ldapu_set_cert_mapfn(issuerDN, plugin_mapping_fn);
-    ldapu_set_cert_verifyfn(issuerDN, plugin_verify_fn);
-
-    if (!default_searchfn) 
-	default_searchfn = ldapu_get_cert_searchfn(issuerDN);
-
-    ldapu_set_cert_searchfn(issuerDN, plugin_search_fn);
-    return LDAPU_SUCCESS;
-}
-
diff --git a/lib/ldaputil/utest/plugin.h b/lib/ldaputil/utest/plugin.h
deleted file mode 100644
index fbb2650b..00000000
--- a/lib/ldaputil/utest/plugin.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/** BEGIN COPYRIGHT BLOCK
- * This Program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free Software
- * Foundation; version 2 of the License.
- * 
- * This Program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
- * 
- * You should have received a copy of the GNU General Public License along with
- * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
- * Place, Suite 330, Boston, MA 02111-1307 USA.
- * 
- * In addition, as a special exception, Red Hat, Inc. gives You the additional
- * right to link the code of this Program with code not covered under the GNU
- * General Public License ("Non-GPL Code") and to distribute linked combinations
- * including the two, subject to the limitations in this paragraph. Non-GPL Code
- * permitted under this exception must only link to the code of this Program
- * through those well defined interfaces identified in the file named EXCEPTION
- * found in the source code files (the "Approved Interfaces"). The files of
- * Non-GPL Code may instantiate templates or use macros or inline functions from
- * the Approved Interfaces without causing the resulting work to be covered by
- * the GNU General Public License. Only Red Hat, Inc. may make changes or
- * additions to the list of Approved Interfaces. You must obey the GNU General
- * Public License in all respects for all of the Program code and other code used
- * in conjunction with the Program except the Non-GPL Code covered by this
- * exception. If you modify this file, you may extend this exception to your
- * version of the file, but you are not obligated to do so. If you do not wish to
- * provide this exception without modification, you must delete this exception
- * statement from your version and license this file solely under the GPL without
- * exception. 
- * 
- * 
- * Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
- * Copyright (C) 2005 Red Hat, Inc.
- * All rights reserved.
- * END COPYRIGHT BLOCK **/
-
-#ifdef HAVE_CONFIG_H
-#  include <config.h>
-#endif
-
-#ifndef _CERTMAP_PLUGIN_H
-#define _CERTMAP_PLUGIN_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-extern int plugin_init_fn (void *certmap_info, const char *issuerName,
-			   const char *issuerDN);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* _CERTMAP_PLUGIN_H */
diff --git a/lib/ldaputil/utest/stubs.c b/lib/ldaputil/utest/stubs.c
deleted file mode 100644
index ec393139..00000000
--- a/lib/ldaputil/utest/stubs.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/** BEGIN COPYRIGHT BLOCK
- * This Program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free Software
- * Foundation; version 2 of the License.
- * 
- * This Program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
- * 
- * You should have received a copy of the GNU General Public License along with
- * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
- * Place, Suite 330, Boston, MA 02111-1307 USA.
- * 
- * In addition, as a special exception, Red Hat, Inc. gives You the additional
- * right to link the code of this Program with code not covered under the GNU
- * General Public License ("Non-GPL Code") and to distribute linked combinations
- * including the two, subject to the limitations in this paragraph. Non-GPL Code
- * permitted under this exception must only link to the code of this Program
- * through those well defined interfaces identified in the file named EXCEPTION
- * found in the source code files (the "Approved Interfaces"). The files of
- * Non-GPL Code may instantiate templates or use macros or inline functions from
- * the Approved Interfaces without causing the resulting work to be covered by
- * the GNU General Public License. Only Red Hat, Inc. may make changes or
- * additions to the list of Approved Interfaces. You must obey the GNU General
- * Public License in all respects for all of the Program code and other code used
- * in conjunction with the Program except the Non-GPL Code covered by this
- * exception. If you modify this file, you may extend this exception to your
- * version of the file, but you are not obligated to do so. If you do not wish to
- * provide this exception without modification, you must delete this exception
- * statement from your version and license this file solely under the GPL without
- * exception. 
- * 
- * 
- * Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
- * Copyright (C) 2005 Red Hat, Inc.
- * All rights reserved.
- * END COPYRIGHT BLOCK **/
-
-#ifdef HAVE_CONFIG_H
-#  include <config.h>
-#endif
-
-#include <ctype.h> /* isspace */
-#include <string.h>
-#include <stdio.h> /* sprintf */
-#include <stdlib.h> /* malloc */
-
-#include <ldap.h>
-#include <ldaputil/certmap.h>
-#include <ldaputil/cert.h>
-#include <ldaputil/errors.h>
-
-#define BIG_LINE 1024
-
-NSAPI_PUBLIC int ldapu_get_cert_subject_dn (void *cert_in, char **subjectDN)
-{
-    char *cert = (char *)cert_in;
-
-    *subjectDN = strdup((char *)cert);
-    return *subjectDN ? LDAPU_SUCCESS : LDAPU_FAILED;
-}
-
-NSAPI_PUBLIC int ldapu_get_cert_issuer_dn (void *cert, char **issuerDN)
-{
-    extern char *global_issuer_dn;
-    /* TEMPORARY  -- not implemented yet*/
-    *issuerDN = global_issuer_dn ? strdup(global_issuer_dn) : 0;
-    return LDAPU_SUCCESS;
-}
-
-/* A stub to remove link errors -- ignore SSL */
-LDAP *ldapssl_init (const char *host, int port, int secure)
-{
-    LDAP *ld = 0;
-
-    if ((ld = ldap_init(host, port)) == NULL) {
-	fprintf(stderr, "ldap_init: Failed to initialize connection");
-	return(0);
-    }
-
-    return ld;
-}
-
-NSAPI_PUBLIC int ldapu_get_cert_ava_val (void *cert_in, int which_dn,
-					 const char *attr, char ***val_out)
-{
-    int rv;
-    char *cert_dn;
-    char **ptr;
-    char **val;
-    char *dnptr;
-    char attr_eq1[BIG_LINE];
-    char attr_eq2[BIG_LINE];
-    char *comma;
-
-    *val_out = 0;
-
-    if (which_dn == LDAPU_SUBJECT_DN)
-	rv = ldapu_get_cert_subject_dn(cert_in, &cert_dn);
-    else if (which_dn == LDAPU_ISSUER_DN)
-	rv = ldapu_get_cert_issuer_dn(cert_in, &cert_dn);
-    else
-	return LDAPU_ERR_INVALID_ARGUMENT;
-
-    if (rv != LDAPU_SUCCESS) return rv;
-
-    val = (char **)malloc(32*sizeof(char *));
-
-    if (!val) return LDAPU_ERR_OUT_OF_MEMORY;
-
-    ptr = val;
-    sprintf(attr_eq1, "%s =", attr);
-    sprintf(attr_eq2, "%s=", attr);
-
-    while(cert_dn &&
-	  ((dnptr = strstr(cert_dn, attr_eq1)) ||
-	   (dnptr = strstr(cert_dn, attr_eq2))))
-    {
-	dnptr = strchr(dnptr, '=');
-	dnptr++;
-	while(isspace(*dnptr)) dnptr++;
-	comma = strchr(dnptr, ',');
-
-	if (comma) {
-	    *ptr = (char *)malloc((comma-dnptr+1)*sizeof(char));
-	    strncpy(*ptr, dnptr, (comma-dnptr));
-	    (*ptr++)[comma-dnptr] = 0;
-	}
-	else {
-	    *ptr++ = strdup(dnptr);
-	}
-	cert_dn = comma;
-    }
-
-    *ptr = 0;
-    *val_out = val;
-    return LDAPU_SUCCESS;
-}
-
-NSAPI_PUBLIC int ldapu_get_cert_der (void *cert_in, unsigned char **der,
-				     unsigned int *len)
-{
-    return LDAPU_FAILED;
-}
diff --git a/lib/ldaputil/utest/stubs.cpp b/lib/ldaputil/utest/stubs.cpp
deleted file mode 100644
index aaa5bc69..00000000
--- a/lib/ldaputil/utest/stubs.cpp
+++ /dev/null
@@ -1,139 +0,0 @@
-/** BEGIN COPYRIGHT BLOCK
- * This Program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free Software
- * Foundation; version 2 of the License.
- * 
- * This Program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
- * 
- * You should have received a copy of the GNU General Public License along with
- * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
- * Place, Suite 330, Boston, MA 02111-1307 USA.
- * 
- * In addition, as a special exception, Red Hat, Inc. gives You the additional
- * right to link the code of this Program with code not covered under the GNU
- * General Public License ("Non-GPL Code") and to distribute linked combinations
- * including the two, subject to the limitations in this paragraph. Non-GPL Code
- * permitted under this exception must only link to the code of this Program
- * through those well defined interfaces identified in the file named EXCEPTION
- * found in the source code files (the "Approved Interfaces"). The files of
- * Non-GPL Code may instantiate templates or use macros or inline functions from
- * the Approved Interfaces without causing the resulting work to be covered by
- * the GNU General Public License. Only Red Hat, Inc. may make changes or
- * additions to the list of Approved Interfaces. You must obey the GNU General
- * Public License in all respects for all of the Program code and other code used
- * in conjunction with the Program except the Non-GPL Code covered by this
- * exception. If you modify this file, you may extend this exception to your
- * version of the file, but you are not obligated to do so. If you do not wish to
- * provide this exception without modification, you must delete this exception
- * statement from your version and license this file solely under the GPL without
- * exception. 
- * 
- * 
- * Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
- * Copyright (C) 2005 Red Hat, Inc.
- * All rights reserved.
- * END COPYRIGHT BLOCK **/
-
-#ifdef HAVE_CONFIG_H
-#  include <config.h>
-#endif
-
-#include <ctype.h> /* isspace */
-#include <string.h>
-#include <stdio.h> /* sprintf */
-#include <stdlib.h> /* malloc */
-
-#include <ldaputil/ldaputil.h>
-#include <ldaputil/cert.h>
-#include <ldaputil/errors.h>
-#include "../ldaputili.h"
-
-#define BIG_LINE 1024
-
-NSAPI_PUBLIC int ldapu_get_cert_subject_dn (void *cert_in, char **subjectDN)
-{
-    char *cert = (char *)cert_in;
-
-    *subjectDN = strdup((char *)cert);
-    return *subjectDN ? LDAPU_SUCCESS : LDAPU_FAILED;
-}
-
-NSAPI_PUBLIC int ldapu_get_cert_issuer_dn (void *cert, char **issuerDN)
-{
-    /* TEMPORARY  -- not implemented yet*/
-    *issuerDN = strdup("o=" VENDOR ", c=US");
-    return *issuerDN ? LDAPU_SUCCESS : LDAPU_FAILED;
-}
-
-NSAPI_PUBLIC int ldapu_get_cert_ava_val (void *cert_in, int which_dn,
-					 const char *attr, char ***val_out)
-{
-    int rv;
-    char *cert_dn;
-    char **ptr;
-    char **val;
-    char *dnptr;
-    char attr_eq1[BIG_LINE];
-    char attr_eq2[BIG_LINE];
-    char *comma;
-
-    *val_out = 0;
-
-    if (which_dn == LDAPU_SUBJECT_DN)
-	rv = ldapu_get_cert_subject_dn(cert_in, &cert_dn);
-    else if (which_dn == LDAPU_ISSUER_DN)
-	rv = ldapu_get_cert_issuer_dn(cert_in, &cert_dn);
-    else
-	return LDAPU_ERR_INVALID_ARGUMENT;
-
-    if (rv != LDAPU_SUCCESS) return rv;
-
-    val = (char **)malloc(32*sizeof(char *));
-
-    if (!val) return LDAPU_ERR_OUT_OF_MEMORY;
-
-    ptr = val;
-    sprintf(attr_eq1, "%s =", attr);
-    sprintf(attr_eq2, "%s=", attr);
-
-    while(cert_dn &&
-	  ((dnptr = strstr(cert_dn, attr_eq1)) ||
-	   (dnptr = strstr(cert_dn, attr_eq2))))
-    {
-	dnptr = strchr(dnptr, '=');
-	dnptr++;
-	while(isspace(*dnptr)) dnptr++;
-	comma = strchr(dnptr, ',');
-
-	if (comma) {
-	    *ptr = (char *)malloc((comma-dnptr+1)*sizeof(char));
-	    strncpy(*ptr, dnptr, (comma-dnptr));
-	    (*ptr++)[comma-dnptr] = 0;
-	}
-	else {
-	    *ptr++ = strdup(dnptr);
-	}
-	cert_dn = comma;
-    }
-
-    *ptr = 0;
-    *val_out = val;
-    return LDAPU_SUCCESS;
-}
-
-NSAPI_PUBLIC int ldapu_get_cert_der (void *cert_in, unsigned char **der,
-				     unsigned int *len)
-{
-    return LDAPU_FAILED;
-}
-
-int
-ldapu_member_certificate_match (void* cert, const char* desc)
-{
-    if (!strcasecmp ((char*)cert, desc)) {
-	return LDAPU_SUCCESS;
-    }
-    return LDAPU_FAILED;
-}
diff --git a/lib/ldaputil/utest/test.ref b/lib/ldaputil/utest/test.ref
deleted file mode 100644
index dfb71acc..00000000
--- a/lib/ldaputil/utest/test.ref
+++ /dev/null
@@ -1,480 +0,0 @@
-#
-# BEGIN COPYRIGHT BLOCK
-# This Program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License as published by the Free Software
-# Foundation; version 2 of the License.
-# 
-# This Program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License along with
-# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
-# Place, Suite 330, Boston, MA 02111-1307 USA.
-# 
-# In addition, as a special exception, Red Hat, Inc. gives You the additional
-# right to link the code of this Program with code not covered under the GNU
-# General Public License ("Non-GPL Code") and to distribute linked combinations
-# including the two, subject to the limitations in this paragraph. Non-GPL Code
-# permitted under this exception must only link to the code of this Program
-# through those well defined interfaces identified in the file named EXCEPTION
-# found in the source code files (the "Approved Interfaces"). The files of
-# Non-GPL Code may instantiate templates or use macros or inline functions from
-# the Approved Interfaces without causing the resulting work to be covered by
-# the GNU General Public License. Only Red Hat, Inc. may make changes or
-# additions to the list of Approved Interfaces. You must obey the GNU General
-# Public License in all respects for all of the Program code and other code used
-# in conjunction with the Program except the Non-GPL Code covered by this
-# exception. If you modify this file, you may extend this exception to your
-# version of the file, but you are not obligated to do so. If you do not wish to
-# provide this exception without modification, you must delete this exception
-# statement from your version and license this file solely under the GPL without
-# exception. 
-# 
-# 
-# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
-# Copyright (C) 2005 Red Hat, Inc.
-# All rights reserved.
-# END COPYRIGHT BLOCK
-#
-
-Start of test: ./auth 1 "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US" "cn=Directory Administrators, o=Ace Industry, c=US"
-
-userdn:		"cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-groupdn:	"cn=Directory Administrators, o=Ace Industry, c=US"
-	base:	"cn=Directory Administrators, o=Ace Industry, c=US"
-	filter:	"(| (uniquemember=cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US) (member=cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US))"
-	scope:	"LDAP_SCOPE_BASE"
-Authentication succeeded.
-
-Start of test: ./auth 1 "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US" "cn=Directory Administrators, o=Ace Industry, c=US"
-
-userdn:		"cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
-groupdn:	"cn=Directory Administrators, o=Ace Industry, c=US"
-	base:	"cn=Directory Administrators, o=Ace Industry, c=US"
-	filter:	"(| (uniquemember=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US) (member=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US))"
-	scope:	"LDAP_SCOPE_BASE"
-ldap_search_s: Entry not found
-Find parent groups of "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
-	base:	"o=Ace Industry, c=US"
-	filter:	"(& (| (uniquemember=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US) (member=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US)) (| (objectclass=groupofuniquenames) (objectclass=groupofnames)))"
-	scope:	"LDAP_SCOPE_SUBTREE"
-ldap_search_s: Entry not found
-Authentication failed.
-
-Start of test: ./auth 2 "hmiller" "cn=Directory Administrators, o=Ace Industry, c=US"
-
-uid:		"hmiller"
-groupdn:	"cn=Directory Administrators, o=Ace Industry, c=US"
-	base:	"o=Ace Industry, c=US"
-	filter:	"uid=hmiller"
-	scope:	"LDAP_SCOPE_SUBTREE"
-	base:	"cn=Directory Administrators, o=Ace Industry, c=US"
-	filter:	"(| (uniquemember=cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US) (member=cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US))"
-	scope:	"LDAP_SCOPE_BASE"
-Authentication succeeded.
-
-Start of test: ./auth 2 "scarter" "cn=Directory Administrators, o=Ace Industry, c=US"
-
-uid:		"scarter"
-groupdn:	"cn=Directory Administrators, o=Ace Industry, c=US"
-	base:	"o=Ace Industry, c=US"
-	filter:	"uid=scarter"
-	scope:	"LDAP_SCOPE_SUBTREE"
-	base:	"cn=Directory Administrators, o=Ace Industry, c=US"
-	filter:	"(| (uniquemember=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US) (member=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US))"
-	scope:	"LDAP_SCOPE_BASE"
-ldap_search_s: Entry not found
-Find parent groups of "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
-	base:	"o=Ace Industry, c=US"
-	filter:	"(& (| (uniquemember=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US) (member=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US)) (| (objectclass=groupofuniquenames) (objectclass=groupofnames)))"
-	scope:	"LDAP_SCOPE_SUBTREE"
-ldap_search_s: Entry not found
-Authentication failed.
-
-Start of test: ./auth 3 "hmiller" "Directory Administrators"
-
-uid:		"hmiller"
-groupid:	"Directory Administrators"
-	base:	"o=Ace Industry, c=US"
-	filter:	"(& (cn=Directory Administrators) (| (objectclass=groupofuniquenames) (objectclass=groupofnames)))"
-	scope:	"LDAP_SCOPE_SUBTREE"
-	base:	"o=Ace Industry, c=US"
-	filter:	"uid=hmiller"
-	scope:	"LDAP_SCOPE_SUBTREE"
-	base:	"cn=Directory Administrators, o=Ace Industry, c=US"
-	filter:	"(| (uniquemember=cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US) (member=cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US))"
-	scope:	"LDAP_SCOPE_BASE"
-Authentication succeeded.
-
-Start of test: ./auth 3 "scarter" "Directory Administrators"
-
-uid:		"scarter"
-groupid:	"Directory Administrators"
-	base:	"o=Ace Industry, c=US"
-	filter:	"(& (cn=Directory Administrators) (| (objectclass=groupofuniquenames) (objectclass=groupofnames)))"
-	scope:	"LDAP_SCOPE_SUBTREE"
-	base:	"o=Ace Industry, c=US"
-	filter:	"uid=scarter"
-	scope:	"LDAP_SCOPE_SUBTREE"
-	base:	"cn=Directory Administrators, o=Ace Industry, c=US"
-	filter:	"(| (uniquemember=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US) (member=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US))"
-	scope:	"LDAP_SCOPE_BASE"
-ldap_search_s: Entry not found
-Find parent groups of "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
-	base:	"o=Ace Industry, c=US"
-	filter:	"(& (| (uniquemember=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US) (member=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US)) (| (objectclass=groupofuniquenames) (objectclass=groupofnames)))"
-	scope:	"LDAP_SCOPE_SUBTREE"
-ldap_search_s: Entry not found
-Authentication failed.
-
-Start of test: ./auth 4 "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US" "Directory Administrators"
-
-userdn:		"cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-groupid:	"Directory Administrators"
-	base:	"o=Ace Industry, c=US"
-	filter:	"(& (cn=Directory Administrators) (| (objectclass=groupofuniquenames) (objectclass=groupofnames)))"
-	scope:	"LDAP_SCOPE_SUBTREE"
-	base:	"cn=Directory Administrators, o=Ace Industry, c=US"
-	filter:	"(| (uniquemember=cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US) (member=cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US))"
-	scope:	"LDAP_SCOPE_BASE"
-Authentication succeeded.
-
-Start of test: ./auth 4 "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US" "Directory Administrators"
-
-userdn:		"cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
-groupid:	"Directory Administrators"
-	base:	"o=Ace Industry, c=US"
-	filter:	"(& (cn=Directory Administrators) (| (objectclass=groupofuniquenames) (objectclass=groupofnames)))"
-	scope:	"LDAP_SCOPE_SUBTREE"
-	base:	"cn=Directory Administrators, o=Ace Industry, c=US"
-	filter:	"(| (uniquemember=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US) (member=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US))"
-	scope:	"LDAP_SCOPE_BASE"
-ldap_search_s: Entry not found
-Find parent groups of "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
-	base:	"o=Ace Industry, c=US"
-	filter:	"(& (| (uniquemember=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US) (member=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US)) (| (objectclass=groupofuniquenames) (objectclass=groupofnames)))"
-	scope:	"LDAP_SCOPE_SUBTREE"
-ldap_search_s: Entry not found
-Authentication failed.
-
-Start of test: ./auth 5 "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US" "mail=hmiller@aceindustry.com"
-
-userdn:		"cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-attrFilter:	"mail=hmiller@aceindustry.com"
-	base:	"cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-	filter:	"mail=hmiller@aceindustry.com"
-	scope:	"LDAP_SCOPE_BASE"
-Authentication succeeded.
-
-Start of test: ./auth 5 "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US" "mail=scarter@aceindustry.com"
-
-userdn:		"cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-attrFilter:	"mail=scarter@aceindustry.com"
-	base:	"cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-	filter:	"mail=scarter@aceindustry.com"
-	scope:	"LDAP_SCOPE_BASE"
-ldap_search_s: Entry not found
-Authentication failed.
-
-Start of test: ./auth 5 "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US" "mail=hmiller@aceindustry.com"
-
-userdn:		"cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
-attrFilter:	"mail=hmiller@aceindustry.com"
-	base:	"cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
-	filter:	"mail=hmiller@aceindustry.com"
-	scope:	"LDAP_SCOPE_BASE"
-ldap_search_s: Entry not found
-Authentication failed.
-
-Start of test: ./auth 6 "hmiller" "mail=hmiller@aceindustry.com"
-
-uid:		"hmiller"
-attrFilter:	"mail=hmiller@aceindustry.com"
-	base:	"o=Ace Industry, c=US"
-	filter:	"(& (uid=hmiller) (mail=hmiller@aceindustry.com))"
-	scope:	"LDAP_SCOPE_SUBTREE"
-Authentication succeeded.
-
-Start of test: ./auth 6 "hmiller" "mail=scarter@aceindustry.com"
-
-uid:		"hmiller"
-attrFilter:	"mail=scarter@aceindustry.com"
-	base:	"o=Ace Industry, c=US"
-	filter:	"(& (uid=hmiller) (mail=scarter@aceindustry.com))"
-	scope:	"LDAP_SCOPE_SUBTREE"
-ldap_search_s: Entry not found
-Authentication failed.
-
-Start of test: ./auth 6 "scarter" "mail=hmiller@aceindustry.com"
-
-uid:		"scarter"
-attrFilter:	"mail=hmiller@aceindustry.com"
-	base:	"o=Ace Industry, c=US"
-	filter:	"(& (uid=scarter) (mail=hmiller@aceindustry.com))"
-	scope:	"LDAP_SCOPE_SUBTREE"
-ldap_search_s: Entry not found
-Authentication failed.
-
-Start of test: ./auth 7 "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US" "hillock"
-
-userdn:		"cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-password:	"hillock"
-	userdn:	"cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-	password:	"hillock"
-Authentication succeeded.
-
-Start of test: ./auth 7 "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US" "garbage"
-
-userdn:		"cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-password:	"garbage"
-	userdn:	"cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-	password:	"garbage"
-ldap_simple_bind_s: Invalid credentials
-Authentication failed.
-
-Start of test: ./auth 8 "hmiller" "hillock"
-
-uid:		"hmiller"
-password:	"hillock"
-	base:	"o=Ace Industry, c=US"
-	filter:	"uid=hmiller"
-	scope:	"LDAP_SCOPE_SUBTREE"
-	userdn:	"cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-	password:	"hillock"
-Authentication succeeded.
-
-Start of test: ./auth 8 "hmiller" "garbage"
-
-uid:		"hmiller"
-password:	"garbage"
-	base:	"o=Ace Industry, c=US"
-	filter:	"uid=hmiller"
-	scope:	"LDAP_SCOPE_SUBTREE"
-	userdn:	"cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-	password:	"garbage"
-ldap_simple_bind_s: Invalid credentials
-Authentication failed.
-
-Start of test: ./auth 9 "o=Ace Industry, c=US" "cn=Kirsten Vaughan, ou=Human Resources, o=Ace Industry, c=US"
-Cert Map issuer DN: "o=Ace Industry, c=US"
-Cert Map subject DN: "cn=Kirsten Vaughan, ou=Human Resources, o=Ace Industry, c=US"
-plugin_init_fn called.
-plugin_init_fn called.
-plugin_mapping_fn called.
-Value of attrs from subject DN & issuer DN:
-	Cert: "cn=Kirsten Vaughan, ou=Human Resources, o=Ace Industry, c=US"
-	subjdn: "cn=Kirsten Vaughan, ou=Human Resources, o=Ace Industry, c=US"
-	cn: "Kirsten Vaughan"
-	ou: "Human Resources"
-	o: "Ace Industry"
-	c: "US"
-	issuerDN: "o=Ace Industry, c=US"
-	cn: *** Empty ***
-	ou: *** Empty ***
-	o: "Ace Industry"
-	c: "US"
-plugin_search_fn called.
-	base:	"ou=Human Resources, o=Ace Industry, c=US"
-	filter:	"cn=Kirsten Vaughan"
-	scope:	"LDAP_SCOPE_BASE"
-ldap_search_s: Entry not found
-	base:	"ou=Human Resources, o=Ace Industry, c=US"
-	filter:	"cn=Kirsten Vaughan"
-	scope:	"LDAP_SCOPE_SUBTREE"
-plugin_verify_fn called.
-Matched entry to cert: "cn=Kirsten Vaughan, ou=Human Resources, o=Ace Industry, c=US"
-Authentication succeeded.
-
-Start of test: ./auth 10 "cn=Foo Bar, o=$VENDOR, c=US" "foobar"
-Config file written: config_out.conf
-binddn from config file: "cn=Foo Bar, o=$VENDOR, c=US"
-bindpw from config file: "foobar"
-Config file test succeeded
-Authentication succeeded.
-
-Start of test: ./auth 11 "dblist.conf" "ignore"
-	dbname[0] = "default"
-	dbname[1] = "default1"
-	dbname[2] = "default2"
-	dbname[3] = "default3"
-	dbname[4] = "default4"
-	dbname[5] = "default5"
-	dbname[6] = "default6"
-Authentication succeeded.
-
-Start of test: ./auth 12 "certmap.new" "certmap.conf"
-plugin_init_fn called.
-plugin_init_fn called.
-Authentication succeeded.
-
-# Comments before any certmap directive - line 1
-# Comments before any certmap directive - line 2
-
-# Comments before any certmap directive - line 3
-# Comments before any certmap directive - line 4
-# Comments before any certmap directive - line 5
-
-
-# Comments before any certmap directive - line 6
-
-certmap default default
-#default:DNComps o,    ou    ,c
-#default:FilterComps cn
-
-
-certmap default1 o=$VENDOR, c=US
-default1:library ./plugin.so
-default1:InitFn plugin_init_fn
-default1:DNComps  ou o c
-default1:FilterComps l
-#default1:verifycert
-
-# Following line has trailing spaces
-certmap default2 o=Ace Industry, c=US    
-default2:InitFn plugin_init_fn
-default2:DNComps cn o ou c
-default2:FilterComps l
-default2:verifycert on
-
-# Comments before any certmap directive - line 1
-# Comments before any certmap directive - line 2
-
-# Comments before any certmap directive - line 3
-# Comments before any certmap directive - line 4
-# Comments before any certmap directive - line 5
-
-
-# Comments before any certmap directive - line 6
-
-certmap default default
-
-certmap default1 o=$VENDOR, c=US
-default1:library ./plugin.so
-default1:InitFn plugin_init_fn
-default1:DNComps ou o c
-default1:FilterComps l
-
-certmap default2 o=Ace Industry, c=US
-default2:InitFn plugin_init_fn
-default2:DNComps cn o ou c
-default2:FilterComps l
-default2:verifycert on
-
-
-Start of test: ./auth 13 "certmap.new" "certmap.conf"
-plugin_init_fn called.
-plugin_init_fn called.
-Authentication succeeded.
-
-# Comments before any certmap directive - line 1
-# Comments before any certmap directive - line 2
-
-# Comments before any certmap directive - line 3
-# Comments before any certmap directive - line 4
-# Comments before any certmap directive - line 5
-
-
-# Comments before any certmap directive - line 6
-
-certmap default default
-#default:DNComps o,    ou    ,c
-#default:FilterComps cn
-
-
-certmap default1 o=$VENDOR, c=US
-default1:library ./plugin.so
-default1:InitFn plugin_init_fn
-default1:DNComps  ou o c
-default1:FilterComps l
-#default1:verifycert
-
-# Following line has trailing spaces
-certmap default2 o=Ace Industry, c=US    
-default2:InitFn plugin_init_fn
-default2:DNComps cn o ou c
-default2:FilterComps l
-default2:verifycert on
-
-# Comments before any certmap directive - line 1
-# Comments before any certmap directive - line 2
-
-# Comments before any certmap directive - line 3
-# Comments before any certmap directive - line 4
-# Comments before any certmap directive - line 5
-
-
-# Comments before any certmap directive - line 6
-
-certmap default default
-
-certmap default2 o=Ace Industry, c=US
-default2:InitFn plugin_init_fn
-default2:DNComps cn o ou c
-default2:FilterComps l
-default2:verifycert on
-
-
-Start of test: ./auth 14 "certmap.new" "certmap.conf"
-plugin_init_fn called.
-plugin_init_fn called.
-Authentication succeeded.
-
-# Comments before any certmap directive - line 1
-# Comments before any certmap directive - line 2
-
-# Comments before any certmap directive - line 3
-# Comments before any certmap directive - line 4
-# Comments before any certmap directive - line 5
-
-
-# Comments before any certmap directive - line 6
-
-certmap default default
-#default:DNComps o,    ou    ,c
-#default:FilterComps cn
-
-
-certmap default1 o=$VENDOR, c=US
-default1:library ./plugin.so
-default1:InitFn plugin_init_fn
-default1:DNComps  ou o c
-default1:FilterComps l
-#default1:verifycert
-
-# Following line has trailing spaces
-certmap default2 o=Ace Industry, c=US    
-default2:InitFn plugin_init_fn
-default2:DNComps cn o ou c
-default2:FilterComps l
-default2:verifycert on
-
-# Comments before any certmap directive - line 1
-# Comments before any certmap directive - line 2
-
-# Comments before any certmap directive - line 3
-# Comments before any certmap directive - line 4
-# Comments before any certmap directive - line 5
-
-
-# Comments before any certmap directive - line 6
-
-certmap default default
-
-certmap default1 o=$VENDOR, c=US
-default1:library ./plugin.so
-default1:InitFn plugin_init_fn
-default1:DNComps ou o c
-default1:FilterComps l
-
-certmap default2 o=Ace Industry, c=US
-default2:InitFn plugin_init_fn
-default2:DNComps cn o ou c
-default2:FilterComps l
-default2:verifycert on
-
-certmap newmap o=Mcom Communications, c=US
-newmap:prop1 val1
-newmap:prop2 val2
-newmap:prop3 
-