|
Packit |
8480eb |
#ifndef LOOKUP_LDAP_H
|
|
Packit |
8480eb |
#define LOOKUP_LDAP_H
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
#include <ldap.h>
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
#ifdef WITH_SASL
|
|
Packit |
8480eb |
#include <openssl/ssl.h>
|
|
Packit |
8480eb |
#include <openssl/evp.h>
|
|
Packit |
8480eb |
#include <openssl/err.h>
|
|
Packit |
8480eb |
#include <sasl/sasl.h>
|
|
Packit |
8480eb |
#include <krb5.h>
|
|
Packit |
8480eb |
#endif
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
#include <libxml/tree.h>
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
#include "list.h"
|
|
Packit |
8480eb |
#include "dclist.h"
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
struct ldap_schema {
|
|
Packit |
8480eb |
char *map_class;
|
|
Packit |
8480eb |
char *map_attr;
|
|
Packit |
8480eb |
char *entry_class;
|
|
Packit |
8480eb |
char *entry_attr;
|
|
Packit |
8480eb |
char *value_attr;
|
|
Packit |
8480eb |
};
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
struct ldap_uri {
|
|
Packit |
8480eb |
char *uri;
|
|
Packit |
8480eb |
struct list_head list;
|
|
Packit |
8480eb |
};
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
struct ldap_searchdn {
|
|
Packit |
8480eb |
char *basedn;
|
|
Packit |
8480eb |
struct ldap_searchdn *next;
|
|
Packit |
8480eb |
};
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
struct ldap_conn {
|
|
Packit |
8480eb |
LDAP *ldap;
|
|
Packit |
8480eb |
#ifdef WITH_SASL
|
|
Packit |
8480eb |
sasl_conn_t *sasl_conn;
|
|
Packit |
8480eb |
#endif
|
|
Packit |
8480eb |
};
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
struct lookup_context {
|
|
Packit |
8480eb |
char *mapname;
|
|
Packit |
8480eb |
unsigned int format;
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
char *server;
|
|
Packit |
8480eb |
int port;
|
|
Packit |
8480eb |
char *base;
|
|
Packit |
8480eb |
char *qdn;
|
|
Packit |
8480eb |
unsigned int timeout;
|
|
Packit |
8480eb |
unsigned int network_timeout;
|
|
Packit |
8480eb |
unsigned long timestamp;
|
|
Packit |
8480eb |
unsigned int check_defaults;
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
/* LDAP version 2 or 3 */
|
|
Packit |
8480eb |
int version;
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
/* LDAP lookup configuration */
|
|
Packit |
8480eb |
struct ldap_schema *schema;
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
/*
|
|
Packit |
8480eb |
* List of servers and base dns for searching.
|
|
Packit |
8480eb |
* uri is the list of servers to attempt connection to and is
|
|
Packit |
8480eb |
* used only if server, above, is NULL. The head of the list
|
|
Packit |
8480eb |
* is the server which we are currently connected to.
|
|
Packit |
8480eb |
* cur_host tracks chnages to connected server, triggering
|
|
Packit |
8480eb |
* a scan of basedns when it changes.
|
|
Packit |
8480eb |
* sdns is the list of basdns to check, done in the order
|
|
Packit |
8480eb |
* given in configuration.
|
|
Packit |
8480eb |
*/
|
|
Packit |
8480eb |
pthread_mutex_t uris_mutex;
|
|
Packit |
8480eb |
struct list_head *uris;
|
|
Packit |
8480eb |
struct ldap_uri *uri;
|
|
Packit |
8480eb |
struct dclist *dclist;
|
|
Packit |
8480eb |
char *cur_host;
|
|
Packit |
8480eb |
struct ldap_searchdn *sdns;
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
/* TLS and SASL authentication information */
|
|
Packit |
8480eb |
char *auth_conf;
|
|
Packit |
8480eb |
unsigned use_tls;
|
|
Packit |
8480eb |
unsigned tls_required;
|
|
Packit |
8480eb |
unsigned auth_required;
|
|
Packit |
8480eb |
char *sasl_mech;
|
|
Packit |
8480eb |
char *user;
|
|
Packit |
8480eb |
char *secret;
|
|
Packit |
8480eb |
char *client_princ;
|
|
Packit |
8480eb |
char *client_cc;
|
|
Packit |
8480eb |
int kinit_done;
|
|
Packit |
8480eb |
int kinit_successful;
|
|
Packit |
8480eb |
#ifdef WITH_SASL
|
|
Packit |
8480eb |
/* Kerberos */
|
|
Packit |
8480eb |
krb5_context krb5ctxt;
|
|
Packit |
8480eb |
krb5_ccache krb5_ccache;
|
|
Packit |
8480eb |
/* SASL external */
|
|
Packit |
8480eb |
char *extern_cert;
|
|
Packit |
8480eb |
char *extern_key;
|
|
Packit |
8480eb |
#endif
|
|
Packit |
8480eb |
/* keytab file name needs to be added */
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
struct parse_mod *parse;
|
|
Packit |
8480eb |
};
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
#define LDAP_AUTH_CONF_FILE "test"
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
#define LDAP_TLS_DONT_USE 0
|
|
Packit |
8480eb |
#define LDAP_TLS_REQUIRED 1
|
|
Packit |
8480eb |
#define LDAP_TLS_INIT 1
|
|
Packit |
8480eb |
#define LDAP_TLS_RELEASE 2
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
#define LDAP_AUTH_NOTREQUIRED 0x0001
|
|
Packit |
8480eb |
#define LDAP_AUTH_REQUIRED 0x0002
|
|
Packit |
8480eb |
#define LDAP_AUTH_AUTODETECT 0x0004
|
|
Packit |
8480eb |
#define LDAP_NEED_AUTH (LDAP_AUTH_REQUIRED|LDAP_AUTH_AUTODETECT)
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
#define LDAP_AUTH_USESIMPLE 0x0008
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
/* lookup_ldap.c */
|
|
Packit |
8480eb |
LDAP *init_ldap_connection(unsigned logopt, const char *uri, struct lookup_context *ctxt);
|
|
Packit |
8480eb |
int unbind_ldap_connection(unsigned logopt, struct ldap_conn *conn, struct lookup_context *ctxt);
|
|
Packit |
8480eb |
int authtype_requires_creds(const char *authtype);
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
#ifdef WITH_SASL
|
|
Packit |
8480eb |
/* cyrus-sasl.c */
|
|
Packit |
8480eb |
int autofs_sasl_client_init(unsigned logopt);
|
|
Packit |
8480eb |
int autofs_sasl_init(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt);
|
|
Packit |
8480eb |
int autofs_sasl_bind(unsigned logopt, struct ldap_conn *conn, struct lookup_context *ctxt);
|
|
Packit |
8480eb |
void autofs_sasl_unbind(struct ldap_conn *conn, struct lookup_context *ctxt);
|
|
Packit |
8480eb |
void autofs_sasl_dispose(struct ldap_conn *conn, struct lookup_context *ctxt);
|
|
Packit |
8480eb |
void autofs_sasl_done(void);
|
|
Packit |
8480eb |
/* cyrus-sasl-extern */
|
|
Packit |
8480eb |
int do_sasl_extern(LDAP *ldap, struct lookup_context *ctxt);
|
|
Packit |
8480eb |
#endif
|
|
Packit |
8480eb |
|
|
Packit |
8480eb |
#endif
|