Home | History | Annotate | Line # | Download | only in dist 
      1 /*	$NetBSD: ldapauth.h,v 1.6 2021/08/14 16:17:57 christos Exp $	*/
      2 
      3 /*
      4  *
      5  * Copyright (c) 2005, Eric AUGE <eau (at) phear.org>
      6  * All rights reserved.
      7  *
      8  * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
      9  *
     10  * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
     11  * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
     12  * Neither the name of the phear.org nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
     13  *
     14  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING,
     15  * BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
     16  * IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
     17  * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
     18  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
     19  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     20  *
     21  *
     22  */
     23 
     24 #ifndef LDAPAUTH_H
     25 #define LDAPAUTH_H
     26 
     27 #define LDAP_DEPRECATED 1
     28 
     29 #include <string.h>
     30 #include <time.h>
     31 #include <ldap.h>
     32 #include <lber.h>
     33 
     34 /* tokens in use for config */
     35 #define _DEFAULT_LPK_TOKEN "UseLPK"
     36 #define _DEFAULT_SRV_TOKEN "LpkServers"
     37 #define _DEFAULT_USR_TOKEN "LpkUserDN"
     38 #define _DEFAULT_GRP_TOKEN "LpkGroupDN"
     39 #define _DEFAULT_BDN_TOKEN "LpkBindDN"
     40 #define _DEFAULT_BPW_TOKEN "LpkBindPw"
     41 #define _DEFAULT_MYG_TOKEN "LpkServerGroup"
     42 #define _DEFAULT_FIL_TOKEN "LpkFilter"
     43 #define _DEFAULT_TLS_TOKEN "LpkForceTLS"
     44 #define _DEFAULT_BTI_TOKEN "LpkBindTimelimit"
     45 #define _DEFAULT_STI_TOKEN "LpkSearchTimelimit"
     46 #define _DEFAULT_LDP_TOKEN "LpkLdapConf"
     47 
     48 #define _DEFAULT_PUB_TOKEN "LpkPubKeyAttr"
     49 
     50 /* default options */
     51 #define _DEFAULT_LPK_ON 0
     52 #define _DEFAULT_LPK_SERVERS NULL
     53 #define _DEFAULT_LPK_UDN NULL
     54 #define _DEFAULT_LPK_GDN NULL
     55 #define _DEFAULT_LPK_BINDDN NULL
     56 #define _DEFAULT_LPK_BINDPW NULL
     57 #define _DEFAULT_LPK_SGROUP NULL
     58 #define _DEFAULT_LPK_FILTER NULL
     59 #define _DEFAULT_LPK_TLS -1
     60 #define _DEFAULT_LPK_BTIMEOUT 10
     61 #define _DEFAULT_LPK_STIMEOUT 10
     62 #define _DEFAULT_LPK_LDP NULL
     63 #define _DEFAULT_LPK_PUB "sshPublicKey"
     64 
     65 /* flags */
     66 #define FLAG_EMPTY	    0x00000000
     67 #define FLAG_CONNECTED	    0x00000001
     68 
     69 /* flag macros */
     70 #define FLAG_SET_EMPTY(x)		x&=(FLAG_EMPTY)
     71 #define FLAG_SET_CONNECTED(x)		x|=(FLAG_CONNECTED)
     72 #define FLAG_SET_DISCONNECTED(x)	x&=~(FLAG_CONNECTED)
     73 
     74 /* defines */
     75 #define FAILURE -1
     76 #define SUCCESS 0
     77 
     78 /*
     79  *
     80  * defined files path
     81  * (should be relocated to pathnames.h,
     82  * if one day it's included within the tree)
     83  *
     84  */
     85 #define _PATH_LDAP_CONFIG_FILE "/etc/ldap.conf"
     86 
     87 /* structures */
     88 typedef struct ldap_options {
     89     int on;			/* Use it or NOT */
     90     LDAP * ld;			/* LDAP file desc */
     91     char * servers;		/* parsed servers for ldaplib failover handling */
     92     char * u_basedn;		/* user basedn */
     93     char * g_basedn;		/* group basedn */
     94     char * binddn;		/* binddn */
     95     char * bindpw;		/* bind password */
     96     char * sgroup;		/* server group */
     97     char * fgroup;		/* group filter */
     98     char * filter;		/* additional filter */
     99     char * l_conf;		/* use ldap.conf */
    100     int tls;			/* TLS only */
    101     struct timeval b_timeout;   /* bind timeout */
    102     struct timeval s_timeout;   /* search timeout */
    103     unsigned int flags;		/* misc flags (reconnection, future use?) */
    104     char * pub_key_attr;	/* Pubkey-Attribute */
    105 } ldap_opt_t;
    106 
    107 typedef struct ldap_keys {
    108     struct berval ** keys;	/* the public keys retrieved */
    109     unsigned int num;		/* number of keys */
    110 } ldap_key_t;
    111 
    112 
    113 /* function headers */
    114 void ldap_close(ldap_opt_t *);
    115 int ldap_xconnect(ldap_opt_t *);
    116 char * ldap_parse_groups(const char *);
    117 char * ldap_parse_servers(const char *);
    118 void ldap_options_print(ldap_opt_t *);
    119 void ldap_options_free(ldap_opt_t *);
    120 void ldap_keys_free(ldap_key_t *);
    121 int ldap_parse_lconf(ldap_opt_t *);
    122 ldap_key_t * ldap_getuserkey(ldap_opt_t *, const char *);
    123 int ldap_ismember(ldap_opt_t *, const char *);
    124 
    125 #endif
    126