Index: /branches/rel_apv_10_4_0_112_sbi/usr/click/lib/libexauth/auth_ext_cli.h
===================================================================
--- /branches/rel_apv_10_4_0_112_sbi/usr/click/lib/libexauth/auth_ext_cli.h	(revision 38001)
+++ /branches/rel_apv_10_4_0_112_sbi/usr/click/lib/libexauth/auth_ext_cli.h	(working copy)
@@ -19,11 +19,12 @@
 #ifndef _AUTH_EXT_CLI_H_
 #define _AUTH_EXT_CLI_H_
 
+#define ID_LEN 5 
 #define LINE_LEN 255
 #define HOST_LEN 256
 #define SECRET_LEN 129
 #define EXAUTH_DEF_METHOD		"RADIUS"
-#define MAX_EXAU_SERVER_NUM		2
+#define MAX_EXAU_SERVER_NUM		3
 #define IP_PRESENTATION_LEN		100	/*ip presentation length*/
 
 #define CLI_EXAUTH_ON				"admin aaa on"
@@ -38,9 +39,11 @@
 
 #define EXAUTH_SERVER_ID1			"es01"
 #define EXAUTH_SERVER_ID2			"es02"
+#define EXAUTH_SERVER_ID3                       "es03"
 
 #define EXAUTH_METHOD_STRING_RADIUS		"RADIUS"
 #define EXAUTH_METHOD_STRING_TAC_X		"TAC_X"
+#define EXAUTH_METHOD_STRING_LDAP               "LDAP"
 #define EXAUTH_METHOD_STRING_UNKONWN	"UNKONWN METHOD"
 
 #define EXAUTH_PRIORITY_HIGH		1
@@ -49,12 +52,13 @@
 /*authentication method table*/
 typedef enum exau_method {
 	METHOD_RADIUS,
-	METHOD_TAC_X
+	METHOD_TAC_X,
+        METHOD_LDAP
 } enum_exau_method;
 
 /*the structure for radius server*/
 typedef struct exauth_server {
-	char id[5];
+	char id[ID_LEN];
 	char host[HOST_LEN];
 	unsigned short port;
 	char secret[SECRET_LEN];
@@ -83,6 +87,9 @@
 /*configure radius server*/
 int exauth_server(char *id, char *host, unsigned short port, char *secret, char *cipher_flag);
 
+/*configure ldap server*/
+int exauth_ldap_server(char *id, char *ldap_host, unsigned short ldap_port);
+
 /*delete a radius server*/
 int no_exauth_server(char *id);
 
Index: /branches/rel_apv_10_4_0_112_sbi/usr/click/lib/libexauth/auth_ext_cli.c
===================================================================
--- /branches/rel_apv_10_4_0_112_sbi/usr/click/lib/libexauth/auth_ext_cli.c	(revision 38001)
+++ /branches/rel_apv_10_4_0_112_sbi/usr/click/lib/libexauth/auth_ext_cli.c	(working copy)
@@ -149,9 +149,13 @@
 	{
 		g_exauth_conf.exau_method = METHOD_TAC_X;
 	}
+	else if (strcasecmp(method, EXAUTH_METHOD_STRING_LDAP) == 0)
+	{
+		g_exauth_conf.exau_method = METHOD_LDAP;
+	}
 	else
 	{
-		printf ("%s | %s\n",EXAUTH_METHOD_STRING_RADIUS, EXAUTH_METHOD_STRING_TAC_X);
+		printf ("%s | %s |%s\n",EXAUTH_METHOD_STRING_RADIUS, EXAUTH_METHOD_STRING_TAC_X, EXAUTH_METHOD_STRING_LDAP);
 	}
 
 	/*update conf to shared mem*/
@@ -236,6 +240,48 @@
 	return 0;
 }
 
+/*configure an exauth server*/
+int
+exauth_ldap_server(char *id, char *host, uint16_t port)
+{
+        int id_num = -1;
+        char *str_num = NULL, *ep = NULL;
+
+
+        if (id == NULL || host == NULL)
+        {
+                printf ("%s failed\n",CLI_EXAUTH_SERVER);
+                return -1;
+        }
+
+        get_auth_conf(&shm_p, &g_exauth_conf);
+
+        /*invalid server id, should be "es03"*/
+        if (strcmp(id, EXAUTH_SERVER_ID3))
+        {
+                printf ("%s\n", EXAUTH_SERVER_ID3);
+                return 0;
+        }
+
+        /*assign id*/
+        str_num = id + 3;
+        id_num = (int)strtol(str_num, &ep,10) - 1;
+
+        if (id_num == 2)
+        {
+                strcpy(g_exauth_conf.exauth_servers[id_num].id, EXAUTH_SERVER_ID3);
+        }
+        
+        strncpy(g_exauth_conf.exauth_servers[id_num].host, host, HOST_LEN);
+
+        /*assign port*/
+	g_exauth_conf.exauth_servers[id_num].port = port;
+
+        /*update conf to shared mem*/
+	set_auth_conf(&shm_p, &g_exauth_conf);
+
+        return 0;
+}
 
 /*delete an exauth server*/
 int 
@@ -312,26 +358,40 @@
 			printf("%s %s\n", CLI_EXAUTH_METHOD, EXAUTH_METHOD_STRING_TAC_X);
 			break;
 
+                case METHOD_LDAP:
+                        printf("%s %s\n", CLI_EXAUTH_METHOD, EXAUTH_METHOD_STRING_LDAP);
+                        break;
+
 		default:
 			printf ("show %s faild\n", CLI_EXAUTH_METHOD);
 			return -1;
 	}
 
 	/*show admin aaa server*/
-	for (i=0; i < MAX_EXAU_SERVER_NUM; i++)
-	{
-		if (g_exauth_conf.exauth_servers[i].id && g_exauth_conf.exauth_servers[i].id[0] != '\0')
-		{
-			printf ("%s %s \"%s\" %d \"%s\"\n", 
-				    CLI_EXAUTH_SERVER,
-				    g_exauth_conf.exauth_servers[i].id,
-					g_exauth_conf.exauth_servers[i].host,
-					g_exauth_conf.exauth_servers[i].port,
-					"*****"
-					);
-		}
-	}
-
+        for (i=0; i < MAX_EXAU_SERVER_NUM; i++)
+        {
+            if (g_exauth_conf.exauth_servers[i].id && g_exauth_conf.exauth_servers[i].id[0] != '\0')
+            {
+                if (g_exauth_conf.exau_method == METHOD_LDAP)
+                {
+                        printf ("%s %s \"%s\" %d\n",
+                                    CLI_EXAUTH_SERVER,
+                                    g_exauth_conf.exauth_servers[i].id,
+                                        g_exauth_conf.exauth_servers[i].host,
+                                        g_exauth_conf.exauth_servers[i].port);
+                }
+                else
+                {
+                     printf ("%s %s \"%s\" %d \"%s\"\n",
+                                    CLI_EXAUTH_SERVER,
+                                    g_exauth_conf.exauth_servers[i].id,
+                                        g_exauth_conf.exauth_servers[i].host,
+                                        g_exauth_conf.exauth_servers[i].port,
+                                        "*****"
+                                        );
+                }
+            }
+        }
 	return 0;
 }
 
@@ -413,27 +473,43 @@
 			buf_offset += sprintf(conf_buf + buf_offset, "%s %s\n", CLI_EXAUTH_METHOD, EXAUTH_METHOD_STRING_TAC_X);
 			break;
 
+                case METHOD_LDAP:
+                        buf_offset += sprintf(conf_buf + buf_offset, "%s %s\n", CLI_EXAUTH_METHOD, EXAUTH_METHOD_STRING_LDAP);
+                        break;
+
 		default:
 			printf ("show %s faild\n", CLI_EXAUTH_METHOD);
 			return NULL;
 	}
 
 	/*show admin aaa server*/
-	for (i = 0; i < MAX_EXAU_SERVER_NUM; i++)
-	{
-		if (g_exauth_conf.exauth_servers[i].id && g_exauth_conf.exauth_servers[i].id[0] != '\0')
-		{
-			encrypt_secret((unsigned char *)(g_exauth_conf.exauth_servers[i].secret), encrypted_secret);
-			buf_offset += sprintf (conf_buf + buf_offset, "%s %s \"%s\" %d \"%s\" \"%s\"\n", 
-				    CLI_EXAUTH_SERVER, 
-				    g_exauth_conf.exauth_servers[i].id,
-					g_exauth_conf.exauth_servers[i].host,
-					g_exauth_conf.exauth_servers[i].port,
-					encrypted_secret,
-					AAA_SECRET_ENCRYPTED
-					);
-		}
-	}
-	}
+        for (i = 0; i < MAX_EXAU_SERVER_NUM; i++)
+        {       
+            if (g_exauth_conf.exauth_servers[i].id && g_exauth_conf.exauth_servers[i].id[0] != '\0')
+            {
+                if (g_exauth_conf.exau_method == METHOD_LDAP)
+                {
+                        encrypt_secret((unsigned char *)(g_exauth_conf.exauth_servers[i].secret), encrypted_secret);
+                        buf_offset += sprintf (conf_buf + buf_offset, "%s %s \"%s\" %d\n",
+                                    CLI_EXAUTH_SERVER,
+                                    g_exauth_conf.exauth_servers[i].id,
+                                        g_exauth_conf.exauth_servers[i].host,
+                                        g_exauth_conf.exauth_servers[i].port);
+                }
+                else
+                {
+                        encrypt_secret((unsigned char *)(g_exauth_conf.exauth_servers[i].secret), encrypted_secret);
+                        buf_offset += sprintf (conf_buf + buf_offset, "%s %s \"%s\" %d \"%s\" \"%s\"\n",
+                                    CLI_EXAUTH_SERVER,
+                                    g_exauth_conf.exauth_servers[i].id,
+                                        g_exauth_conf.exauth_servers[i].host,
+                                        g_exauth_conf.exauth_servers[i].port,
+                                        encrypted_secret,
+                                        AAA_SECRET_ENCRYPTED
+                                        );
+                }
+            }
+        }       
+        }
 	return conf_buf;
 }