Moving NSCP Directory Server from DirectoryBranch to TRUNK, initial drop. (foxworth)ldapserver7x

6 files changed, 1067 insertions, 0 deletions

diff --git a/include/public/nsacl/Makefile b/include/public/nsacl/Makefile
new file mode 100644
index 00000000..e55a0d9d
--- /dev/null
+++ b/include/public/nsacl/Makefile
@@ -0,0 +1,38 @@
+#
+# BEGIN COPYRIGHT BLOCK
+# Copyright 2001 Sun Microsystems, Inc.
+# Portions copyright 1999, 2001-2003 Netscape Communications Corporation.
+# All rights reserved.
+# END COPYRIGHT BLOCK
+#
+# Makefile for include/public/nsacl public header files
+
+MCOM_ROOT = ../../../..
+MODULE=netsiteIncludeNsacl
+
+include ../../../nsdefs.mk
+
+HDRDEST=$(OBJDIR)/include/nsacl
+
+PREFIX=copyrght.h
+
+
+NOSTDSTRIP=true
+NOSTDDEPEND=true
+
+HDRS=$(wildcard *.h)
+
+BINS=$(addprefix $(HDRDEST)/,$(HDRS))
+
+all: $(HDRDEST) $(BINS)
+
+$(HDRDEST):
+	mkdir -p $(HDRDEST)
+
+strip:
+depend:
+
+include ../../../nsconfig.mk
+
+$(HDRDEST)/%.h: %.h
+	cat $(PREFIX) $< > $(HDRDEST)/$*.h
diff --git a/include/public/nsacl/aclapi.h b/include/public/nsacl/aclapi.h
new file mode 100644
index 00000000..09068f8a
--- /dev/null
+++ b/include/public/nsacl/aclapi.h
@@ -0,0 +1,396 @@
+/** BEGIN COPYRIGHT BLOCK
+ * Copyright 2001 Sun Microsystems, Inc.
+ * Portions copyright 1999, 2001-2003 Netscape Communications Corporation.
+ * All rights reserved.
+ * END COPYRIGHT BLOCK **/
+#ifndef PUBLIC_NSACL_ACLAPI_H
+#define PUBLIC_NSACL_ACLAPI_H
+
+/*
+ * File:        aclapi.h
+ *
+ * Description:
+ *
+ *      This file defines the functions available in the ACL API.
+ */
+
+#ifndef PUBLIC_NSACL_NSERRDEF_H
+#include "nserrdef.h"
+#endif /* !PUBLIC_NSACL_NSERRDEF_H */
+
+#ifndef PUBLIC_BASE_POOL_H
+#include "../base/pool.h"
+#endif /* !PUBLIC_BASE_POOL_H */
+
+#ifndef PUBLIC_NSACL_PLISTDEF_H
+#include "plistdef.h"
+#endif /* !PUBLIC_NSACL_PLISTDEF_H */
+
+#ifndef PUBLIC_NSACL_ACLDEF_H
+#include "acldef.h"
+#endif /* !PUBLIC_NSACL_ACLDEF_H */
+
+NSPR_BEGIN_EXTERN_C
+
+typedef struct ACLDispatchVector ACLDispatchVector_t;
+struct ACLDispatchVector {
+
+    /* Error frame stack support */
+
+    void (*f_nserrDispose)(NSErr_t * errp);
+    NSEFrame_t *(*f_nserrFAlloc)(NSErr_t * errp);
+    void (*f_nserrFFree)(NSErr_t * errp, NSEFrame_t * efp);
+    NSEFrame_t *(*f_nserrGenerate)(NSErr_t * errp, long retcode,
+                                   long errorid, char * program,
+                                   int errc, ...);
+
+    /* Property list support 
+     * The Property List facility makes extensive use of pointers to 
+     * opaque structures.  As such, PLists cannot be marshalled.  WAI-style
+     * ACL APIs in future releases will therefore not be using PLists.
+     * However the C API documented here may continue to be supported
+     * in future releases.
+     */
+
+    int (*f_PListAssignValue)(PList_t plist, const char *pname,
+                              const void *pvalue, PList_t ptype);
+    PList_t (*f_PListCreate)(pool_handle_t *mempool,
+                             int resvprop, int maxprop, int flags);
+    int (*f_PListDefProp)(PList_t plist, int pindex, 
+                          const char *pname, const int flags);
+    const void * (*f_PListDeleteProp)(PList_t plist, int pindex,
+                                      const char *pname);
+    int (*f_PListFindValue)(PList_t plist,
+                            const char *pname, void **pvalue, PList_t *type);
+    int (*f_PListInitProp)(PList_t plist, int pindex, const char *pname,
+                           const void *pvalue, PList_t ptype);
+    PList_t (*f_PListNew)(pool_handle_t *mempool);
+    void (*f_PListDestroy)(PList_t plist);
+    int (*f_PListGetValue)(PList_t plist,
+                           int pindex, void **pvalue, PList_t *type);
+    int (*f_PListNameProp)(PList_t plist, int pindex, const char *pname);
+    int (*f_PListSetType)(PList_t plist, int pindex, PList_t type);
+    int (*f_PListSetValue)(PList_t plist,
+                           int pindex, const void *pvalue, PList_t type);
+    void (*f_PListEnumerate)(PList_t plist, PListFunc_t *user_func, 
+                             void *user_data);
+    PList_t (*f_PListDuplicate)(PList_t plist,
+                                pool_handle_t *new_mempool, int flags);
+    pool_handle_t *(*f_PListGetPool)(PList_t plist);
+
+    /* ACL attribute handling */
+
+    int (*f_ACL_LasRegister)(NSErr_t *errp, char *attr_name,
+                             LASEvalFunc_t eval_func,
+                             LASFlushFunc_t flush_func);
+
+    /* method/dbtype registration routines */
+
+    int (*f_ACL_MethodRegister)(NSErr_t *errp, const char *name,
+                                ACLMethod_t *t);
+    int (*f_ACL_MethodIsEqual)(NSErr_t *errp,
+                               const ACLMethod_t t1, const ACLMethod_t t2);
+    int (*f_ACL_MethodNameIsEqual)(NSErr_t *errp,
+                                   const ACLMethod_t t, const char *name);
+    int (*f_ACL_MethodFind)(NSErr_t *errp, const char *name, ACLMethod_t *t);
+    ACLMethod_t (*f_ACL_MethodGetDefault)(NSErr_t *errp);
+    int (*f_ACL_MethodSetDefault)(NSErr_t *errp, const ACLMethod_t t);
+    int (*f_ACL_AuthInfoGetMethod)(NSErr_t *errp,
+                                   PList_t auth_info, ACLMethod_t *t);
+
+    int (*f_ACL_DbTypeRegister)(NSErr_t *errp, const char *name,
+                                DbParseFn_t func, ACLDbType_t *t);
+    int (*f_ACL_DbTypeIsEqual)(NSErr_t *errp,
+                               const ACLDbType_t t1, const ACLDbType_t t2);
+    int (*f_ACL_DbTypeNameIsEqual)(NSErr_t * errp,
+                                   const ACLDbType_t t, const char *name);
+    int (*f_ACL_DbTypeFind)(NSErr_t *errp, const char *name, ACLDbType_t *t);
+    ACLDbType_t (*f_ACL_DbTypeGetDefault)(NSErr_t *errp);
+    int (*f_ACL_AuthInfoGetDbType)(NSErr_t *errp,
+                                   PList_t auth_info, ACLDbType_t *t);
+    int (*f_ACL_DbTypeIsRegistered)(NSErr_t *errp, const ACLDbType_t dbtype);
+    DbParseFn_t (*f_ACL_DbTypeParseFn)(NSErr_t *errp,
+                                       const ACLDbType_t dbtype);
+
+    int (*f_ACL_AttrGetterRegister)(NSErr_t *errp,
+                                    const char *attr, ACLAttrGetterFn_t fn,
+                                    ACLMethod_t m, ACLDbType_t d,
+                                    int position, void *arg);
+
+    int (*f_ACL_ModuleRegister)(NSErr_t *errp, const char *moduleName,
+                                AclModuleInitFunc func);
+    int (*f_ACL_GetAttribute)(NSErr_t *errp, const char *attr, void **val,
+                              PList_t subject, PList_t resource,
+                              PList_t auth_info, PList_t global_auth);
+    int (*f_ACL_DatabaseRegister)(NSErr_t *errp, ACLDbType_t dbtype,
+                                const char *dbname, const char *url,
+                                PList_t plist);
+    int (*f_ACL_DatabaseFind)(NSErr_t *errp, const char *dbname,
+                              ACLDbType_t *dbtype, void **db);
+    int (*f_ACL_DatabaseSetDefault)(NSErr_t *errp, const char *dbname);
+    int (*f_ACL_LDAPDatabaseHandle )(NSErr_t *errp, const char *dbname,
+                                     LDAP **ld, char **basedn);
+    int (*f_ACL_AuthInfoGetDbname)(PList_t auth_info, char **dbname);
+    int (*f_ACL_CacheFlushRegister)(AclCacheFlushFunc_t func);
+    int (*f_ACL_CacheFlush)(void);
+
+    /*  ACL language and file interfaces */
+
+    ACLListHandle_t * (*f_ACL_ParseFile)(NSErr_t *errp, char *filename);
+    ACLListHandle_t * (*f_ACL_ParseString)(NSErr_t *errp, char *buffer);
+    int (*f_ACL_WriteString)(NSErr_t *errp, char **acl,
+                             ACLListHandle_t *acllist);
+    int (*f_ACL_WriteFile)(NSErr_t *errp, char *filename,
+                           ACLListHandle_t *acllist);
+    int (*f_ACL_FileRenameAcl)(NSErr_t *errp, char *filename,
+                               char *acl_name, char *new_acl_name, int flags);
+    int (*f_ACL_FileDeleteAcl)(NSErr_t *errp, char *filename,
+                               char *acl_name, int flags);
+    int (*f_ACL_FileGetAcl)(NSErr_t *errp, char *filename,
+                            char *acl_name, char **acl_text, int flags);
+    int (*f_ACL_FileSetAcl)(NSErr_t *errp, char *filename,
+                            char *acl_text, int flags);
+
+    /*  ACL Expression construction interfaces  
+     *  These are low-level interfaces that may be useful to those who are not
+     *  using the ONE ACL syntax, but want to use the ONE ACL evaluation
+     *  routines.  By their low-level nature, future support of these APIs
+     *  cannot be guaranteed.  Use ACL_ParseFile and ACL_ParseString wherever
+     *  possible.
+     */
+
+    ACLExprHandle_t *(*f_ACL_ExprNew)(const ACLExprType_t expr_type);
+    void (*f_ACL_ExprDestroy)(ACLExprHandle_t *expr);
+    int (*f_ACL_ExprSetPFlags)(NSErr_t *errp,
+                               ACLExprHandle_t *expr, PFlags_t flags);
+    int (*f_ACL_ExprClearPFlags)(NSErr_t *errp, ACLExprHandle_t *expr);
+    int (*f_ACL_ExprTerm)(NSErr_t *errp, ACLExprHandle_t *acl_expr,
+                          char *attr_name, CmpOp_t cmp, char *attr_pattern);
+    int (*f_ACL_ExprNot)(NSErr_t *errp, ACLExprHandle_t *acl_expr);
+    int (*f_ACL_ExprAnd)(NSErr_t *errp, ACLExprHandle_t *acl_expr);
+    int (*f_ACL_ExprOr)(NSErr_t *errp, ACLExprHandle_t *acl_expr);
+    int (*f_ACL_ExprAddAuthInfo)(ACLExprHandle_t *expr, PList_t auth_info);
+    int (*f_ACL_ExprAddArg)(NSErr_t *errp, ACLExprHandle_t *expr, char *arg);
+    int (*f_ACL_ExprSetDenyWith)(NSErr_t *errp, ACLExprHandle_t *expr,
+                                 char *deny_type, char *deny_response);
+    int (*f_ACL_ExprGetDenyWith)(NSErr_t *errp, ACLExprHandle_t *expr,
+                                 char **deny_type, char **deny_response);
+    int (*f_ACL_ExprAppend)(NSErr_t *errp,
+                            ACLHandle_t *acl, ACLExprHandle_t *expr);
+
+    /* ACL manipulation */
+
+    ACLHandle_t * (*f_ACL_AclNew)(NSErr_t *errp, char *tag);
+    void (*f_ACL_AclDestroy)(NSErr_t *errp, ACLHandle_t *acl);
+
+    /* ACL list manipulation */
+
+    ACLListHandle_t * (*f_ACL_ListNew)(NSErr_t *errp);
+    int (*f_ACL_ListConcat)(NSErr_t *errp, ACLListHandle_t *acl_list1,
+                            ACLListHandle_t *acl_list2, int flags);
+    int (*f_ACL_ListAppend)(NSErr_t *errp, ACLListHandle_t *acllist,
+                            ACLHandle_t *acl, int flags);
+    void (*f_ACL_ListDestroy)(NSErr_t *errp, ACLListHandle_t *acllist);
+    ACLHandle_t * (*f_ACL_ListFind)(NSErr_t *errp, ACLListHandle_t *acllist,
+                                    char *aclname, int flags);
+    int (*f_ACL_ListAclDelete)(NSErr_t *errp, ACLListHandle_t *acl_list,
+                           char *acl_name, int flags);
+    int (*f_ACL_ListGetNameList)(NSErr_t *errp, ACLListHandle_t *acl_list,
+                                 char ***name_list);
+    int (*f_ACL_NameListDestroy)(NSErr_t *errp, char **name_list);
+
+    /* ACL evaluation */
+
+    int (*f_ACL_EvalTestRights)(NSErr_t *errp, ACLEvalHandle_t *acleval,
+                                char **rights, char **map_generic,
+                                char **deny_type, char **deny_response,
+                                char **acl_tag, int *expr_num);
+    ACLEvalHandle_t * (*f_ACL_EvalNew)(NSErr_t *errp, pool_handle_t *pool);
+    void (*f_ACL_EvalDestroy)(NSErr_t *errp,
+                              pool_handle_t *pool, ACLEvalHandle_t *acleval);
+    int (*f_ACL_EvalSetACL)(NSErr_t *errp, ACLEvalHandle_t *acleval,
+                            ACLListHandle_t *acllist);
+    PList_t (*f_ACL_EvalGetSubject)(NSErr_t *errp, ACLEvalHandle_t *acleval);
+    int (*f_ACL_EvalSetSubject)(NSErr_t *errp,
+                                ACLEvalHandle_t *acleval, PList_t subject);
+    PList_t (*f_ACL_EvalGetResource)(NSErr_t *errp, ACLEvalHandle_t *acleval);
+    int (*f_ACL_EvalSetResource)(NSErr_t *errp,
+                                 ACLEvalHandle_t *acleval, PList_t resource);
+
+    /* Access to critical section for ACL cache */
+
+    void (*f_ACL_CritEnter)(void);
+    void (*f_ACL_CritExit)(void);
+
+    /* Miscellaneous functions */
+    const char * (*f_ACL_AclGetTag)(ACLHandle_t *acl);
+    ACLHandle_t * (*f_ACL_ListGetFirst)(ACLListHandle_t *acl_list,
+                                        ACLListEnum_t *acl_enum);
+    ACLHandle_t * (*f_ACL_ListGetNext)(ACLListHandle_t *acl_list,
+                                       ACLListEnum_t *acl_enum);
+
+    /* Functions added after ES 3.0 release */
+    const char * (*f_ACL_DatabaseGetDefault)(NSErr_t *errp);
+    int (*f_ACL_SetDefaultResult)(NSErr_t *errp, ACLEvalHandle_t *acleval,
+				  int result);
+    int (*f_ACL_GetDefaultResult)(ACLEvalHandle_t *acleval);
+};
+
+#ifdef XP_WIN32
+
+#ifdef INTNSACL
+NSAPI_PUBLIC extern ACLDispatchVector_t *__nsacl_table;
+#else
+__declspec(dllimport) ACLDispatchVector_t *__nsacl_table;
+#endif /* INTNSACL */
+
+#else /* !XP_WIN32 */
+
+NSAPI_PUBLIC extern ACLDispatchVector_t *__nsacl_table;
+
+#endif /* XP_WIN32 */
+
+#ifndef INTNSACL
+
+#define nserrDispose (*__nsacl_table->f_nserrDispose)
+#define nserrFAlloc (*__nsacl_table->f_nserrFAlloc)
+#define nserrFFree (*__nsacl_table->f_nserrFFree)
+#define nserrGenerate (*__nsacl_table->f_nserrGenerate)
+
+    /* Property list support 
+     * The Property List facility makes extensive use of pointers to 
+     * opaque structures.  As such, PLists cannot be marshalled.  WAI-style
+     * ACL APIs in future releases will therefore not be using PLists.
+     * However the C API documented here may continue to be supported
+     * in future releases.
+     */
+
+#define PListAssignValue (*__nsacl_table->f_PListAssignValue)
+#define PListCreate (*__nsacl_table->f_PListCreate)
+#define PListDefProp (*__nsacl_table->f_PListDefProp)
+#define PListDeleteProp (*__nsacl_table->f_PListDeleteProp)
+#define PListFindValue (*__nsacl_table->f_PListFindValue)
+#define PListInitProp (*__nsacl_table->f_PListInitProp)
+#define PListNew (*__nsacl_table->f_PListNew)
+#define PListDestroy (*__nsacl_table->f_PListDestroy)
+#define PListGetValue (*__nsacl_table->f_PListGetValue)
+#define PListNameProp (*__nsacl_table->f_PListNameProp)
+#define PListSetType (*__nsacl_table->f_PListSetType)
+#define PListSetValue (*__nsacl_table->f_PListSetValue)
+#define PListEnumerate (*__nsacl_table->f_PListEnumerate)
+#define PListDuplicate (*__nsacl_table->f_PListDuplicate)
+#define PListGetPool (*__nsacl_table->f_PListGetPool)
+
+    /* ACL attribute handling */
+
+#define ACL_LasRegister (*__nsacl_table->f_ACL_LasRegister)
+
+    /* method/dbtype registration routines */
+
+#define ACL_MethodRegister (*__nsacl_table->f_ACL_MethodRegister)
+#define ACL_MethodIsEqual (*__nsacl_table->f_ACL_MethodIsEqual)
+#define ACL_MethodNameIsEqual (*__nsacl_table->f_ACL_MethodNameIsEqual)
+#define ACL_MethodFind (*__nsacl_table->f_ACL_MethodFind)
+#define ACL_MethodGetDefault (*__nsacl_table->f_ACL_MethodGetDefault)
+#define ACL_MethodSetDefault (*__nsacl_table->f_ACL_MethodSetDefault)
+#define ACL_AuthInfoGetMethod (*__nsacl_table->f_ACL_AuthInfoGetMethod)
+#define ACL_DbTypeRegister (*__nsacl_table->f_ACL_DbTypeRegister)
+#define ACL_DbTypeIsEqual (*__nsacl_table->f_ACL_DbTypeIsEqual)
+#define ACL_DbTypeNameIsEqual (*__nsacl_table->f_ACL_DbTypeNameIsEqual)
+#define ACL_DbTypeFind (*__nsacl_table->f_ACL_DbTypeFind)
+#define ACL_DbTypeGetDefault (*__nsacl_table->f_ACL_DbTypeGetDefault)
+#define ACL_AuthInfoGetDbType (*__nsacl_table->f_ACL_AuthInfoGetDbType)
+#define ACL_DbTypeIsRegistered (*__nsacl_table->f_ACL_DbTypeIsRegistered)
+#define ACL_DbTypeParseFn (*__nsacl_table->f_ACL_DbTypeParseFn)
+#define ACL_AttrGetterRegister (*__nsacl_table->f_ACL_AttrGetterRegister)
+#define ACL_ModuleRegister (*__nsacl_table->f_ACL_ModuleRegister)
+#define ACL_GetAttribute (*__nsacl_table->f_ACL_GetAttribute)
+#define ACL_DatabaseRegister (*__nsacl_table->f_ACL_DatabaseRegister)
+#define ACL_DatabaseFind (*__nsacl_table->f_ACL_DatabaseFind)
+#define ACL_DatabaseSetDefault (*__nsacl_table->f_ACL_DatabaseSetDefault)
+#define ACL_LDAPDatabaseHandle  (*__nsacl_table->f_ACL_LDAPDatabaseHandle)
+#define ACL_AuthInfoGetDbname (*__nsacl_table->f_ACL_AuthInfoGetDbname)
+#define ACL_CacheFlushRegister (*__nsacl_table->f_ACL_CacheFlushRegister)
+#define ACL_CacheFlush (*__nsacl_table->f_ACL_CacheFlush)
+
+    /*  ACL language and file interfaces */
+
+#define ACL_ParseFile (*__nsacl_table->f_ACL_ParseFile)
+#define ACL_ParseString (*__nsacl_table->f_ACL_ParseString)
+#define ACL_WriteString (*__nsacl_table->f_ACL_WriteString)
+#define ACL_WriteFile (*__nsacl_table->f_ACL_WriteFile)
+#define ACL_FileRenameAcl (*__nsacl_table->f_ACL_FileRenameAcl)
+#define ACL_FileDeleteAcl (*__nsacl_table->f_ACL_FileDeleteAcl)
+#define ACL_FileGetAcl (*__nsacl_table->f_ACL_FileGetAcl)
+#define ACL_FileSetAcl (*__nsacl_table->f_ACL_FileSetAcl)
+
+    /*  ACL Expression construction interfaces  
+     *  These are low-level interfaces that may be useful to those who are not
+     *  using the ONE ACL syntax, but want to use the ONE ACL evaluation
+     *  routines.  By their low-level nature, future support of these APIs
+     *  cannot be guaranteed.  Use ACL_ParseFile and ACL_ParseString wherever
+     *  possible.
+     */
+
+#define ACL_ExprNew (*__nsacl_table->f_ACL_ExprNew)
+#define ACL_ExprDestroy (*__nsacl_table->f_ACL_ExprDestroy)
+#define ACL_ExprSetPFlags (*__nsacl_table->f_ACL_ExprSetPFlags)
+#define ACL_ExprClearPFlags (*__nsacl_table->f_ACL_ExprClearPFlags)
+#define ACL_ExprTerm (*__nsacl_table->f_ACL_ExprTerm)
+#define ACL_ExprNot (*__nsacl_table->f_ACL_ExprNot)
+#define ACL_ExprAnd (*__nsacl_table->f_ACL_ExprAnd)
+#define ACL_ExprOr (*__nsacl_table->f_ACL_ExprOr)
+#define ACL_ExprAddAuthInfo (*__nsacl_table->f_ACL_ExprAddAuthInfo)
+#define ACL_ExprAddArg (*__nsacl_table->f_ACL_ExprAddArg)
+#define ACL_ExprSetDenyWith (*__nsacl_table->f_ACL_ExprSetDenyWith)
+#define ACL_ExprGetDenyWith (*__nsacl_table->f_ACL_ExprGetDenyWith)
+#define ACL_ExprAppend (*__nsacl_table->f_ACL_ExprAppend)
+
+    /* ACL manipulation */
+
+#define ACL_AclNew (*__nsacl_table->f_ACL_AclNew)
+#define ACL_AclDestroy (*__nsacl_table->f_ACL_AclDestroy)
+
+    /* ACL list manipulation */
+
+#define ACL_ListNew (*__nsacl_table->f_ACL_ListNew)
+#define ACL_ListConcat (*__nsacl_table->f_ACL_ListConcat)
+#define ACL_ListAppend (*__nsacl_table->f_ACL_ListAppend)
+#define ACL_ListDestroy (*__nsacl_table->f_ACL_ListDestroy)
+#define ACL_ListFind (*__nsacl_table->f_ACL_ListFind)
+#define ACL_ListAclDelete (*__nsacl_table->f_ACL_ListAclDelete)
+#define ACL_ListGetNameList (*__nsacl_table->f_ACL_ListGetNameList)
+#define ACL_NameListDestroy (*__nsacl_table->f_ACL_NameListDestroy)
+
+    /* ACL evaluation */
+
+#define ACL_EvalTestRights (*__nsacl_table->f_ACL_EvalTestRights)
+#define ACL_EvalNew (*__nsacl_table->f_ACL_EvalNew)
+#define ACL_EvalDestroy (*__nsacl_table->f_ACL_EvalDestroy)
+#define ACL_EvalSetACL (*__nsacl_table->f_ACL_EvalSetACL)
+#define ACL_EvalGetSubject (*__nsacl_table->f_ACL_EvalGetSubject)
+#define ACL_EvalSetSubject (*__nsacl_table->f_ACL_EvalSetSubject)
+#define ACL_EvalGetResource (*__nsacl_table->f_ACL_EvalGetResource)
+#define ACL_EvalSetResource (*__nsacl_table->f_ACL_EvalSetResource)
+
+    /* Access to critical section for ACL cache */
+
+#define ACL_CritEnter (*__nsacl_table->f_ACL_CritEnter)
+#define ACL_CritExit (*__nsacl_table->f_ACL_CritExit)
+
+    /* Miscellaneous functions */
+
+#define ACL_AclGetTag (*__nsacl_table->f_ACL_AclGetTag)
+#define ACL_ListGetFirst (*__nsacl_table->f_ACL_ListGetFirst)
+#define ACL_ListGetNext (*__nsacl_table->f_ACL_ListGetNext)
+
+    /* Functions added after ES 3.0 release */
+#define ACL_DatabaseGetDefault (*__nsacl_table->f_ACL_DatabaseGetDefault)
+#define ACL_SetDefaultResult (*__nsacl_table->f_ACL_SetDefaultResult)
+#define ACL_GetDefaultResult (*__nsacl_table->f_ACL_GetDefaultResult)
+
+#endif /* !INTNSACL */
+
+NSPR_END_EXTERN_C
+
+#endif /* !PUBLIC_NSACL_ACLAPI_H */
diff --git a/include/public/nsacl/acldef.h b/include/public/nsacl/acldef.h
new file mode 100644
index 00000000..c5eb1d09
--- /dev/null
+++ b/include/public/nsacl/acldef.h
@@ -0,0 +1,465 @@
+/** BEGIN COPYRIGHT BLOCK
+ * Copyright 2001 Sun Microsystems, Inc.
+ * Portions copyright 1999, 2001-2003 Netscape Communications Corporation.
+ * All rights reserved.
+ * END COPYRIGHT BLOCK **/
+#ifndef PUBLIC_NSACL_ACLDEF_H
+#define PUBLIC_NSACL_ACLDEF_H
+
+/*
+ * File:        acldef.h
+ *
+ * Description:
+ *
+ *      This file contains constant and type definitions for the ACL API.
+ */
+
+#ifndef PUBLIC_NSACL_NSERRDEF_H
+#include "nserrdef.h"
+#endif /* !PUBLIC_NSACL_NSERRDEF_H */
+
+#ifndef PUBLIC_NSACL_PLISTDEF_H
+#include "plistdef.h"
+#endif /* !PUBLIC_NSACL_PLISTDEF_H */
+
+NSPR_BEGIN_EXTERN_C
+
+/*
+ * Type:        ACLCachable_t
+ *
+ * Description:
+ *
+ *      This type is used to specify whether and how long something
+ *      may be safely cached.  A value of zero (ACL_NOT_CACHABLE)
+ *      indicates that the item is not cachable.  Any other value is
+ *      a time, in seconds since 00:00:00 UTC, January 1, 1970, after
+ *      which the cached information should be discarded.
+ */
+
+typedef unsigned long ACLCachable_t;
+
+#define ACL_NOT_CACHABLE        0
+#define ACL_INDEF_CACHABLE      ((unsigned long)(-1))
+
+/*
+ * Type:        ACLListHandle_t
+ *
+ * Description:
+ *
+ *      This type represents a list of ACLs in their in-memory form.
+ */
+
+typedef struct ACLListHandle ACLListHandle_t;
+
+/* The object has been checked for ACLs and has none attached */
+#define	ACL_LIST_NO_ACLS	((ACLListHandle_t *)-1)
+
+/*
+ * Type:        ACLHandle_t
+ *
+ * Description:
+ *
+ *      This type represents the in-memory form of an ACL.
+ */
+
+typedef struct ACLHandle ACLHandle_t;
+
+/*
+ * Type:        ACLListEnum_t
+ *
+ * Description:
+ *
+ *      This type contains the state of an ACL list enumeration.
+ */
+
+typedef void *ACLListEnum_t;
+
+/*
+ * Type:        ACLExprHandle_t
+ *
+ * Description:
+ *
+ *      This type represents a single ACL entry, e.g. allow, deny, etc.
+ */
+
+typedef struct ACLExprHandle ACLExprHandle_t;
+
+/*
+ * Type:        ACLEvalHandle_t
+ *
+ * Description:
+ *
+ *      This type represents an ACL evaluation context, which includes
+ *      an ACL list and property lists for the subject and resource.
+ */
+
+typedef struct ACLEvalHandle ACLEvalHandle_t;
+
+/*
+ * Type:        PFlags_t
+ *
+ * Description:
+ *
+ *      This type represents a set of processing flags for an ACL entry.
+ */
+typedef int PFlags_t;
+
+#define ACL_PFLAG_ABSOLUTE  	0x1
+#define ACL_PFLAG_TERMINAL  	0x2
+#define ACL_PFLAG_CONTENT  	0x4
+
+#define IS_ABSOLUTE(x)		((x) & ACL_PFLAG_ABSOLUTE)
+#define IS_STATIC(x)		((x) & ACL_PFLAG_STATIC)
+#define IS_CONTENT(x)		((x) & ACL_PFLAG_CONTENT)
+
+/*
+ * Type:        CmpOp_t
+ *
+ * Description:
+ *
+ *      This type represents a comparison operator in an ACL attribute
+ *      expression.
+ */
+typedef enum	{
+		CMP_OP_EQ,
+		CMP_OP_NE,
+		CMP_OP_GT,
+		CMP_OP_LT,
+		CMP_OP_GE,
+		CMP_OP_LE
+		} CmpOp_t;
+
+/*
+ * Type:        ACLExprType_t
+ *
+ * Description:
+ *
+ *      This type represents the type of an ACL entry.
+ */
+typedef enum 	{
+		ACL_EXPR_TYPE_ALLOW,
+		ACL_EXPR_TYPE_DENY,
+		ACL_EXPR_TYPE_AUTH,
+		ACL_EXPR_TYPE_RESPONSE
+		} ACLExprType_t;
+
+/*
+ * Type:        ACLEvalRes_t
+ *
+ * Description:
+ *
+ *      This type represents the result of ACL evaluation.
+ */
+typedef enum	{
+		ACL_RES_ALLOW,
+		ACL_RES_DENY,
+		ACL_RES_FAIL,
+		ACL_RES_INVALID,
+		ACL_RES_NONE
+		} ACLEvalRes_t;
+
+/*
+ * Type:        ACLMethod_t
+ *
+ * Description:
+ *
+ *      This type represents a reference to an authentication method.
+ */
+typedef	void * ACLMethod_t;
+
+#define	ACL_METHOD_ANY		((ACLMethod_t)-1)
+#define	ACL_METHOD_INVALID	((ACLMethod_t)-2)
+
+/*
+ * Type:        ACLDbType_t
+ *
+ * Description:
+ *
+ *      This type represents a reference to a type of authentication
+ *      database.
+ */
+typedef	void * ACLDbType_t;
+
+#define	ACL_DBTYPE_ANY		((ACLDbType_t)-1)
+#define	ACL_DBTYPE_INVALID	((ACLDbType_t)-2)
+
+/*
+ * Type:        ACLAttrGetterFn_t
+ *
+ * Description:
+ *
+ *      This type describes a kind of callback function that obtains
+ *      a value for an ACL attribute and enters the attribute and value
+ *      into the subject property list.
+ */
+typedef int (*ACLAttrGetterFn_t)(NSErr_t *errp, PList_t subject,
+                                 PList_t resource, PList_t auth_info,
+                                 PList_t global_auth, void *arg);
+
+typedef struct ACLAttrGetter ACLAttrGetter_t;
+typedef void *ACLAttrGetterList_t;
+
+/*
+ * Type:        AclModuleInitFunc
+ *
+ * Description:
+ *
+ *      This type describes a kind of callback function that is
+ *      specified to ACL_ModuleRegister() and called from there.
+ *	The function should return 0 on success and non-zero on
+ *	failure.
+ */
+typedef int (*AclModuleInitFunc)(NSErr_t *errp);
+
+/*
+ * Type:        DbParseFn_t
+ *
+ * Description:
+ *
+ *      This type describes a kind of callback function that parses
+ *      a reference to an authentication database of a particular
+ *      database type.  It is called when ACL_DatabaseRegister() is
+ *      called for a database which is that database type.
+ *	The function should return 0 on success and non-zero on
+ *	failure.
+ */
+typedef int (*DbParseFn_t)(NSErr_t *errp, ACLDbType_t dbtype,
+			   const char *name, const char *url,
+			   PList_t plist, void **db);
+
+/*
+ * Type:        AclCacheFlushFunc_t
+ *
+ * Description:
+ *
+ *      This type describes a kind of callback function that is called
+ *      when ACL_CacheFlush() is called.
+ */
+typedef int (*AclCacheFlushFunc_t)(void);
+
+/*
+ * Type:        LASEvalFunc_t
+ *
+ * Description:
+ *
+ *      This type describes a kind of callback function that is called
+ *      to evaluate an attribute value expression in an ACL statement.
+ */
+typedef int (*LASEvalFunc_t)(NSErr_t *errp, char *attr_name,
+                             CmpOp_t comparator, char *attr_pattern,
+                             ACLCachable_t *cachable, void **cookie,
+                             PList_t subject, PList_t resource,
+                             PList_t auth_info, PList_t global_auth);
+
+/*
+ * Type:        LASFlushFunc_t
+ *
+ * Description:
+ *
+ *      This type describes a kind of callback function that is called
+ *      when a previously cached LAS cookie is being flushed from
+ *      the ACL cache.
+ */
+typedef void (*LASFlushFunc_t)(void **cookie);
+
+/*
+ * Type:        LDAP
+ *
+ * Description:
+ *
+ *      This is an opaque type that represents an open LDAP connection.
+ *      It is used mostly via the LDAP SDK API.
+ *	Include the <ldap.h> file before including this file if you wish to
+ *	use the function ACL_LDAPDatabaseHandle.
+ */
+#ifndef _LDAP_H
+typedef struct ldap LDAP;
+#endif /* _LDAP_H */
+
+
+/*  Flags to ACL_ListFind  */
+#define ACL_CASE_INSENSITIVE	 0x1
+#define ACL_CASE_SENSITIVE	 0x2
+
+#define	ACL_MAX_TEST_RIGHTS	32
+#define	ACL_MAX_GENERIC		32
+
+/*
+ * ACLERRFAIL -- Use this as an 'retcode' argument to nserrGenerate.
+ */
+#define ACLERRFAIL	-11
+
+
+/*
+ *	Command values for the "position" argument to ACL_RegisterGetter
+ *	Any positive >0 value is the specific position in the list to insert
+ *	the new function.
+ */
+#define	ACL_AT_FRONT		0
+#define	ACL_AT_END		-1
+#define	ACL_REPLACE_ALL 	-2
+#define	ACL_REPLACE_MATCHING	-3
+
+#define ACL_ATTR_GROUP          "group"
+#define ACL_ATTR_GROUP_INDEX		1
+#define ACL_ATTR_RAW_USER_LOGIN "user-login"
+#define ACL_ATTR_RAW_USER_LOGIN_INDEX	2
+#define ACL_ATTR_AUTH_USER	"auth-user"
+#define ACL_ATTR_AUTH_USER_INDEX	3
+#define ACL_ATTR_AUTH_TYPE	"auth-type"
+#define ACL_ATTR_AUTH_TYPE_INDEX	4
+#define ACL_ATTR_AUTH_DB	"auth-db"
+#define ACL_ATTR_AUTH_DB_INDEX		5
+#define ACL_ATTR_AUTH_PASSWORD  "auth-password"
+#define ACL_ATTR_AUTH_PASSWORD_INDEX	6
+#define ACL_ATTR_USER	        "user"
+#define ACL_ATTR_USER_INDEX		7
+#define ACL_ATTR_PASSWORD	"pw"
+#define ACL_ATTR_PASSWORD_INDEX		8
+#define ACL_ATTR_USERDN	        "userdn"
+#define ACL_ATTR_USERDN_INDEX		9
+#define ACL_ATTR_RAW_USER	"raw-user"
+#define ACL_ATTR_RAW_USER_INDEX		10
+#define ACL_ATTR_RAW_PASSWORD   "raw-pw"
+#define ACL_ATTR_RAW_PASSWORD_INDEX	11
+#define ACL_ATTR_USER_ISMEMBER  "user-ismember"
+#define ACL_ATTR_USER_ISMEMBER_INDEX	12
+#define ACL_ATTR_DATABASE	"database"
+#define ACL_ATTR_DATABASE_INDEX		13
+#define ACL_ATTR_DBTYPE	        "dbtype"
+#define ACL_ATTR_DBTYPE_INDEX		14
+#define ACL_ATTR_DBNAME	        "dbname"
+#define ACL_ATTR_DBNAME_INDEX		15
+#define ACL_ATTR_DATABASE_URL   "url"
+#define ACL_ATTR_DATABASE_URL_INDEX	16
+#define ACL_ATTR_METHOD	        "method"
+#define ACL_ATTR_METHOD_INDEX		17
+#define ACL_ATTR_AUTHTYPE	"authtype"
+#define ACL_ATTR_AUTHTYPE_INDEX		18
+#define ACL_ATTR_AUTHORIZATION  "authorization"
+#define ACL_ATTR_AUTHORIZATION_INDEX	19
+#define ACL_ATTR_PARSEFN	"parsefn"
+#define ACL_ATTR_PARSEFN_INDEX		20
+#define ACL_ATTR_ATTRIBUTE	"attr"
+#define ACL_ATTR_ATTRIBUTE_INDEX	21
+#define ACL_ATTR_GETTERFN	"getterfunc"
+#define ACL_ATTR_GETTERFN_INDEX		22
+#define ACL_ATTR_IP		"ip"
+#define ACL_ATTR_IP_INDEX		23
+#define ACL_ATTR_DNS	        "dns"
+#define ACL_ATTR_DNS_INDEX		24
+#define ACL_ATTR_MODULE	        "module"
+#define ACL_ATTR_MODULE_INDEX		25
+#define ACL_ATTR_MODULEFUNC	"func"
+#define ACL_ATTR_MODULEFUNC_INDEX	26
+#define ACL_ATTR_GROUPS	        "groups"
+#define ACL_ATTR_GROUPS_INDEX		27
+#define ACL_ATTR_IS_VALID_PASSWORD "isvalid-password"
+#define ACL_ATTR_IS_VALID_PASSWORD_INDEX	28
+#define ACL_ATTR_CERT2USER	"cert2user"
+#define ACL_ATTR_CERT2USER_INDEX	29
+#define ACL_ATTR_USER_CERT	"cert"
+#define ACL_ATTR_USER_CERT_INDEX	30
+#define ACL_ATTR_PROMPT	        "prompt"
+#define ACL_ATTR_PROMPT_INDEX		31
+#define ACL_ATTR_TIME	        "time"
+#define ACL_ATTR_TIME_INDEX		32
+#define ACL_ATTR_USERS_GROUP    "users-group"
+#define ACL_ATTR_USERS_GROUP_INDEX	33
+#define	ACL_ATTR_SESSION		"session"       /* subject property */
+#define ACL_ATTR_SESSION_INDEX		34
+#define	ACL_ATTR_REQUEST		"request"       /* resource property */
+#define ACL_ATTR_REQUEST_INDEX		35
+#define ACL_ATTR_ERROR		"error"
+#define	ACL_ATTR_ERROR_INDEX		36
+#define ACL_ATTR_PROGRAMS		"programs"      /* resource property */
+#define	ACL_ATTR_PROGRAMS_INDEX		37
+#define ACL_ATTR_ACCEL_AUTH		"accel-authorization"
+#define ACL_ATTR_ACCEL_AUTH_INDEX	38
+#define ACL_ATTR_WWW_AUTH_PROMPT	"www-auth-prompt"
+#define ACL_ATTR_WWW_AUTH_PROMPT_INDEX	39
+#define ACL_ATTR_OWNER			"owner"
+#define ACL_ATTR_OWNER_INDEX		40
+#define ACL_ATTR_IS_OWNER		"is-owner"
+#define ACL_ATTR_IS_OWNER_INDEX		41
+#define ACL_ATTR_CACHED_USER		"cached-user"
+#define ACL_ATTR_CACHED_USER_INDEX	42
+#define ACL_ATTR_USER_EXISTS		"user-exists"
+#define ACL_ATTR_USER_EXISTS_INDEX	43
+
+/*	Must be 1 larger than the highest index used	*/
+#define	ACL_ATTR_INDEX_MAX		44
+
+#ifdef	ALLOCATE_ATTR_TABLE
+/* Must be in the same order as the index numbers */
+char	*ACLAttrTable[] = {
+		 NULL,				/*  0 */
+/* Don't have one numbered 0 */
+		 ACL_ATTR_GROUP,		/*  1 */
+		 ACL_ATTR_RAW_USER_LOGIN,	/*  2 */
+		 ACL_ATTR_AUTH_USER,		/*  3 */
+		 ACL_ATTR_AUTH_TYPE,		/*  4 */
+		 ACL_ATTR_AUTH_DB,		/*  5 */
+		 ACL_ATTR_AUTH_PASSWORD,	/*  6 */
+		 ACL_ATTR_USER,			/*  7 */
+		 ACL_ATTR_PASSWORD,		/*  8 */
+		 ACL_ATTR_USERDN,		/*  9 */
+		 ACL_ATTR_RAW_USER,		/* 10 */
+		 ACL_ATTR_RAW_PASSWORD,		/* 11 */
+		 ACL_ATTR_USER_ISMEMBER,	/* 12 */
+		 ACL_ATTR_DATABASE,		/* 13 */
+		 ACL_ATTR_DBTYPE,		/* 14 */
+		 ACL_ATTR_DBNAME,		/* 15 */
+		 ACL_ATTR_DATABASE_URL,		/* 16 */
+		 ACL_ATTR_METHOD,		/* 17 */
+		 ACL_ATTR_AUTHTYPE,		/* 18 */
+		 ACL_ATTR_AUTHORIZATION,	/* 19 */
+		 ACL_ATTR_PARSEFN,		/* 20 */
+		 ACL_ATTR_ATTRIBUTE,		/* 21 */
+		 ACL_ATTR_GETTERFN,		/* 22 */
+		 ACL_ATTR_IP,			/* 23 */
+		 ACL_ATTR_DNS,			/* 24 */
+		 ACL_ATTR_MODULE,		/* 25 */
+		 ACL_ATTR_MODULEFUNC,		/* 26 */
+		 ACL_ATTR_GROUPS,		/* 27 */
+		 ACL_ATTR_IS_VALID_PASSWORD,	/* 28 */
+		 ACL_ATTR_CERT2USER,		/* 29 */
+		 ACL_ATTR_USER_CERT,		/* 30 */
+		 ACL_ATTR_PROMPT,		/* 31 */
+		 ACL_ATTR_TIME,			/* 32 */
+		 ACL_ATTR_USERS_GROUP,		/* 33 */
+		 ACL_ATTR_SESSION,		/* 34 */
+		 ACL_ATTR_REQUEST,		/* 35 */
+		 ACL_ATTR_ERROR,		/* 36 */
+		 ACL_ATTR_PROGRAMS,		/* 37 */
+		 ACL_ATTR_ACCEL_AUTH,		/* 38 */
+		 ACL_ATTR_WWW_AUTH_PROMPT,	/* 39 */
+		 ACL_ATTR_OWNER,		/* 40 */
+		 ACL_ATTR_IS_OWNER,		/* 41 */
+		 ACL_ATTR_CACHED_USER,		/* 42 */
+		 ACL_ATTR_USER_EXISTS		/* 43 */
+};
+#endif
+
+
+#define ACL_DBTYPE_LDAP         "ldap"
+
+#define METHOD_DEFAULT          "default"
+
+/*  Errors must be < 0 */
+#define ACL_RES_ERROR      	-1
+
+/* LAS return codes - Must all be negative numbers */
+#define	LAS_EVAL_TRUE		-1
+#define	LAS_EVAL_FALSE		-2
+#define	LAS_EVAL_DECLINE	-3
+#define	LAS_EVAL_FAIL		-4
+#define	LAS_EVAL_INVALID	-5
+#define	LAS_EVAL_NEED_MORE_INFO	-6
+
+/* Max pathlength.  Intended to match REQ_MAX_LEN */
+#define ACL_PATH_MAX	4096
+
+NSPR_END_EXTERN_C
+
+#endif /* !PUBLIC_NSACL_ACLDEF_H */
diff --git a/include/public/nsacl/copyrght.h b/include/public/nsacl/copyrght.h
new file mode 100644
index 00000000..4f8ec167
--- /dev/null
+++ b/include/public/nsacl/copyrght.h
@@ -0,0 +1,6 @@
+/** BEGIN COPYRIGHT BLOCK
+ * Copyright 2001 Sun Microsystems, Inc.
+ * Portions copyright 1999, 2001-2003 Netscape Communications Corporation.
+ * All rights reserved.
+ * END COPYRIGHT BLOCK **/
+
diff --git a/include/public/nsacl/nserrdef.h b/include/public/nsacl/nserrdef.h
new file mode 100644
index 00000000..81748227
--- /dev/null
+++ b/include/public/nsacl/nserrdef.h
@@ -0,0 +1,100 @@
+/** BEGIN COPYRIGHT BLOCK
+ * Copyright 2001 Sun Microsystems, Inc.
+ * Portions copyright 1999, 2001-2003 Netscape Communications Corporation.
+ * All rights reserved.
+ * END COPYRIGHT BLOCK **/
+#ifndef PUBLIC_NSACL_NSERRDEF_H
+#define PUBLIC_NSACL_NSERRDEF_H
+
+/*
+ * Type:        NSEFrame_t
+ *
+ * Description:
+ *
+ *	This type describes the structure of an error frame.  An error
+ *	frame contains the following items:
+ *
+ *	ef_retcode	- This is a copy of the traditional error code,
+ *			  as might be returned as a function value to
+ *			  indicate an error.  The purpose of the error
+ *			  code is to provide the caller of a function
+ *			  with sufficient information to determine how
+ *			  to process the error.  That is, it does not
+ *			  need to identify a specific error, but only
+ *			  has to distinguish between classes of errors
+ *			  as needed by the caller to respond differently.
+ *			  Usually this should be a small number of values.
+ *
+ *	ef_errorid	- This is an integer identifier which uniquely
+ *			  identifies errors in a module or library.
+ *			  That is, there should be only one place in
+ *			  the source code of the module or library which
+ *			  generates a particular error id.  The error id
+ *			  is used to select an error message in an error
+ *			  message file.
+ *
+ *	ef_program	- This is a pointer to a string which identifies
+ *			  the module or library context of ef_errorid.
+ *			  The string is used to construct the name of
+ *			  the message file in which an error message for
+ *			  ef_errorid can be found.
+ *
+ *	ef_errc		- This is the number of values stored in ef_errc[]
+ *			  for the current error id.
+ *
+ *	ef_errv		- This is an array of strings which are relevant
+ *			  to a particular error id.  These strings can
+ *			  be included in an error message retrieved from
+ *			  a message file.  The strings in a message file
+ *			  can contain "%s" sprintf() format codes.  The
+ *			  ef_errv[] strings are passed to sprintf() along
+ *			  with the error message string.
+ */
+
+#define NSERRMAXARG	8	/* size of ef_errv[] */
+
+typedef struct NSEFrame_s NSEFrame_t;
+struct NSEFrame_s {
+    NSEFrame_t * ef_next;	/* next error frame on NSErr_t list */
+    long ef_retcode;		/* error return code */
+    long ef_errorid;		/* error unique identifier */
+    char * ef_program;		/* context for ef_errorid */
+    int ef_errc;		/* number of strings in ef_errv[] */
+    char * ef_errv[NSERRMAXARG];/* arguments for formatting error message */
+};
+
+/*
+ * Description (NSErr_t)
+ *
+ *	This type describes the structure of a header for a list of
+ *	error frames.  The header contains a pointer to the first
+ *	and last error frames on the list.  The first error frame
+ *	is normally the one most recently generated, which usually
+ *	represents the highest-level interpretation available for an
+ *	error that is propogating upward in a call chain.  These
+ *	structures are generally allocated as automatic or static
+ *	variables.
+ */
+
+typedef struct NSErr_s NSErr_t;
+struct NSErr_s {
+    NSEFrame_t * err_first;			/* first error frame */
+    NSEFrame_t * err_last;			/* last error frame */
+    NSEFrame_t *(*err_falloc)(NSErr_t * errp);	/* error frame allocator */
+    void (*err_ffree)(NSErr_t * errp,
+		      NSEFrame_t * efp);	/* error frame deallocator */
+};
+
+/* Define an initializer for an NSErr_t */
+#define NSERRINIT	{ 0, 0, 0, 0 }
+
+#ifndef INTNSACL
+
+#define nserrDispose (*__nsacl_table->f_nserrDispose)
+#define nserrFAlloc (*__nsacl_table->f_nserrFAlloc)
+#define nserrFFree (*__nsacl_table->f_nserrFFree)
+#define nserrGenerate (*__nsacl_table->f_nserrGenerate)
+
+#endif /* !INTNSACL */
+
+#endif /* !PUBLIC_NSACL_NSERRDEF_H */
diff --git a/include/public/nsacl/plistdef.h b/include/public/nsacl/plistdef.h
new file mode 100644
index 00000000..f3e804ee
--- /dev/null
+++ b/include/public/nsacl/plistdef.h
@@ -0,0 +1,62 @@
+/** BEGIN COPYRIGHT BLOCK
+ * Copyright 2001 Sun Microsystems, Inc.
+ * Portions copyright 1999, 2001-2003 Netscape Communications Corporation.
+ * All rights reserved.
+ * END COPYRIGHT BLOCK **/
+#ifndef PUBLIC_NSACL_PLISTDEF_H
+#define PUBLIC_NSACL_PLISTDEF_H
+
+/*
+ * File:        plistdef.h
+ *
+ * Description:
+ *
+ *      This file defines the interface to property lists.  Property
+ *      lists are a generalization of parameter blocks (pblocks).
+ */
+
+#ifndef PUBLIC_BASE_POOL_H
+#include "../base/pool.h"
+#endif /* !PUBLIC_BASE_POOL_H */
+
+typedef struct PListStruct_s *PList_t;
+
+/* Define error codes returned from property list routines */
+
+#define ERRPLINVPI      -1      /* invalid property index */
+#define ERRPLEXIST      -2      /* property already exists */
+#define ERRPLFULL       -3      /* property list is full */
+#define ERRPLNOMEM      -4      /* insufficient dynamic memory */
+#define ERRPLUNDEF      -5      /* undefined property name */
+
+#define PLFLG_OLD_MPOOL	0	/* use the plist memory pool */
+#define PLFLG_NEW_MPOOL	1	/* use the input memory pool */
+#define PLFLG_IGN_RES	2	/* ignore the reserved properties */
+#define PLFLG_USE_RES	3	/* use the reserved properties */
+
+#ifdef __cplusplus
+typedef void (PListFunc_t)(char*, const void*, void*);
+#else
+typedef void (PListFunc_t)();
+#endif
+
+#ifndef INTNSACL
+#define PListAssignValue (*__nsacl_table->f_PListAssignValue)
+#define PListCreate (*__nsacl_table->f_PListCreate)
+#define PListDefProp (*__nsacl_table->f_PListDefProp)
+#define PListDeleteProp (*__nsacl_table->f_PListDeleteProp)
+#define PListFindValue (*__nsacl_table->f_PListFindValue)
+#define PListInitProp (*__nsacl_table->f_PListInitProp)
+#define PListNew (*__nsacl_table->f_PListNew)
+#define PListDestroy (*__nsacl_table->f_PListDestroy)
+#define PListGetValue (*__nsacl_table->f_PListGetValue)
+#define PListNameProp (*__nsacl_table->f_PListNameProp)
+#define PListSetType (*__nsacl_table->f_PListSetType)
+#define PListSetValue (*__nsacl_table->f_PListSetValue)
+#define PListEnumerate (*__nsacl_table->f_PListEnumerate)
+#define PListDuplicate (*__nsacl_table->f_PListDuplicate)
+#define PListGetPool (*__nsacl_table->f_PListGetPool)
+
+#endif /* !INTNSACL */
+
+#endif /* !PUBLIC_NSACL_PLISTDEF_H */