"Fossies" - the Fresh Open Source Software Archive 
As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style:
standard) with prefixed line numbers and
code folding option.
Alternatively you can here
view or
download the uninterpreted source code file.
1 /* Copyright (C) 1997-2005 Luke Howard.
2 This file is part of the nss_ldap library.
3 Contributed by Luke Howard, <lukeh@padl.com>, 1997.
4 (The author maintains a non-exclusive licence to distribute this file
5 under their own conditions.)
6
7 The nss_ldap library is free software; you can redistribute it and/or
8 modify it under the terms of the GNU Library General Public License as
9 published by the Free Software Foundation; either version 2 of the
10 License, or (at your option) any later version.
11
12 The nss_ldap library is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Library General Public License for more details.
16
17 You should have received a copy of the GNU Library General Public
18 License along with the nss_ldap library; see the file COPYING.LIB. If not,
19 write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
20 Boston, MA 02111-1307, USA.
21 */
22
23 #ifndef _LDAP_NSS_LDAP_UTIL_H
24 #define _LDAP_NSS_LDAP_UTIL_H
25
26 /* utility routines. */
27
28 #define CN_ATTR "CN"
29
30 #define DC_ATTR "DC"
31 #define DC_ATTR_AVA DC_ATTR"="
32 #define DC_ATTR_AVA_LEN (sizeof(DC_ATTR_AVA) - 1)
33
34 /*
35 * get the RDN's value: eg. if the RDN was cn=lukeh, getrdnvalue(entry)
36 * would return lukeh.
37 */
38 NSS_STATUS _nss_ldap_getrdnvalue (LDAPMessage * entry,
39 const char *rdntype,
40 char **rval, char **buf, size_t * len);
41
42 /*
43 * map a distinguished name to a login name, or group entry
44 */
45 NSS_STATUS _nss_ldap_dn2uid (const char *dn,
46 char **uid, char **buf, size_t * len,
47 int *pIsNestedGroup, LDAPMessage ** pRes);
48
49 #define NSS_LDAP_KEY_MAP_ATTRIBUTE "nss_map_attribute"
50 #define NSS_LDAP_KEY_MAP_OBJECTCLASS "nss_map_objectclass"
51 #define NSS_LDAP_KEY_SET_OVERRIDE "nss_override_attribute_value"
52 #define NSS_LDAP_KEY_SET_DEFAULT "nss_default_attribute_value"
53
54 #define NSS_LDAP_CONFIG_BUFSIZ 4096
55 #define NSS_LDAP_KEY_HOST "host"
56 #define NSS_LDAP_KEY_SCOPE "scope"
57 #define NSS_LDAP_KEY_BASE "base"
58 #define NSS_LDAP_KEY_PORT "port"
59 #define NSS_LDAP_KEY_BINDDN "binddn"
60 #define NSS_LDAP_KEY_BINDPW "bindpw"
61 #define NSS_LDAP_KEY_USESASL "use_sasl"
62 #define NSS_LDAP_KEY_SASLID "sasl_auth_id"
63 #define NSS_LDAP_KEY_DEREF "deref"
64 #define NSS_LDAP_KEY_ROOTBINDDN "rootbinddn"
65 #define NSS_LDAP_KEY_ROOTUSESASL "rootuse_sasl"
66 #define NSS_LDAP_KEY_ROOTSASLID "rootsasl_auth_id"
67 #define NSS_LDAP_KEY_LDAP_VERSION "ldap_version"
68 #define NSS_LDAP_KEY_TIMELIMIT "timelimit"
69 #define NSS_LDAP_KEY_BIND_TIMELIMIT "bind_timelimit"
70 #define NSS_LDAP_KEY_SSL "ssl"
71 #define NSS_LDAP_KEY_SSLPATH "sslpath"
72 #define NSS_LDAP_KEY_REFERRALS "referrals"
73 #define NSS_LDAP_KEY_RESTART "restart"
74 #define NSS_LDAP_KEY_URI "uri"
75 #define NSS_LDAP_KEY_IDLE_TIMELIMIT "idle_timelimit"
76 #define NSS_LDAP_KEY_RECONNECT_POLICY "bind_policy"
77 #define NSS_LDAP_KEY_SASL_SECPROPS "sasl_secprops"
78 #ifdef CONFIGURE_KRB5_CCNAME
79 #define NSS_LDAP_KEY_KRB5_CCNAME "krb5_ccname"
80 #define NSS_LDAP_KEY_KRB5_ROOTCCNAME "krb5_rootccname"
81 #define NSS_LDAP_KEY_KRB5_AUTORENEW "krb5_autorenew"
82 #define NSS_LDAP_KEY_KRB5_ROOTAUTORENEW "krb5_rootautorenew"
83 #endif /* CONFIGURE_KRB5_CCNAME */
84 #ifdef CONFIGURE_KRB5_KEYTAB
85 #define NSS_LDAP_KEY_KRB5_KEYTAB "krb5_keytabname"
86 #define NSS_LDAP_KEY_KRB5_ROOTKEYTAB "krb5_rootkeytabname"
87 #define NSS_LDAP_KEY_KRB5_USEKEYTAB "krb5_usekeytab"
88 #define NSS_LDAP_KEY_KRB5_ROOTUSEKEYTAB "krb5_rootusekeytab"
89 #endif /* CONFIGURE_KRB5_KEYTAB */
90 #define NSS_LDAP_KEY_LOGDIR "logdir"
91 #define NSS_LDAP_KEY_DEBUG "debug"
92 #define NSS_LDAP_KEY_PAGESIZE "pagesize"
93 #define NSS_LDAP_KEY_INITGROUPS "nss_initgroups"
94 #define NSS_LDAP_KEY_INITGROUPS_IGNOREUSERS "nss_initgroups_ignoreusers"
95 #define NSS_LDAP_KEY_GETGRENT_SKIPMEMBERS "nss_getgrent_skipmembers"
96
97 /* more reconnect policy fine-tuning */
98 #define NSS_LDAP_KEY_RECONNECT_TRIES "nss_reconnect_tries"
99 #define NSS_LDAP_KEY_RECONNECT_SLEEPTIME "nss_reconnect_sleeptime"
100 #define NSS_LDAP_KEY_RECONNECT_MAXSLEEPTIME "nss_reconnect_maxsleeptime"
101 #define NSS_LDAP_KEY_RECONNECT_MAXCONNTRIES "nss_reconnect_maxconntries"
102
103 #define NSS_LDAP_KEY_PAGED_RESULTS "nss_paged_results"
104 #define NSS_LDAP_KEY_SCHEMA "nss_schema"
105 #define NSS_LDAP_KEY_SRV_DOMAIN "nss_srv_domain"
106 #define NSS_LDAP_KEY_CONNECT_POLICY "nss_connect_policy"
107
108 /*
109 * support separate naming contexts for each map
110 * eventually this will support the syntax defined in
111 * the DUAConfigProfile searchDescriptor attribute
112 */
113 #define NSS_LDAP_KEY_NSS_BASE_PREFIX "nss_base_"
114 #define NSS_LDAP_KEY_NSS_BASE_PREFIX_LEN ( sizeof(NSS_LDAP_KEY_NSS_BASE_PREFIX) - 1 )
115
116 /*
117 * Flags that are exposed via _nss_ldap_test_config_flag()
118 */
119 #define NSS_LDAP_FLAGS_INITGROUPS_BACKLINK 0x0001
120 #define NSS_LDAP_FLAGS_PAGED_RESULTS 0x0002
121 #define NSS_LDAP_FLAGS_RFC2307BIS 0x0004
122 #define NSS_LDAP_FLAGS_CONNECT_POLICY_ONESHOT 0x0008
123 #define NSS_LDAP_FLAGS_GETGRENT_SKIPMEMBERS 0x0010
124
125 /*
126 * There are a number of means of obtaining configuration information.
127 *
128 * (a) DHCP (Cf draft-hedstrom-dhc-ldap-00.txt)
129 * (b) a configuration file (/etc/ldap.conf) **
130 * (c) a coldstart file & subsequent referrals from the LDAP server
131 * (d) a custom LDAP bind protocol
132 * (e) DNS **
133 *
134 * This should be opaque to the rest of the library.
135 * ** implemented
136 */
137
138 NSS_STATUS _nss_ldap_init_config (ldap_config_t *);
139 NSS_STATUS _nss_ldap_readconfig (ldap_config_t ** result, char **buffer, size_t *buflen);
140 NSS_STATUS _nss_ldap_validateconfig (ldap_config_t *config);
141
142 /*
143 * Escape '*' in a string for use as a filter
144 */
145
146 NSS_STATUS _nss_ldap_escape_string (const char *str,
147 char *buf, size_t buflen);
148
149 #define MAP_H_ERRNO(nss_status, herr) do { \
150 switch ((nss_status)) { \
151 case NSS_SUCCESS: \
152 (herr) = 0; \
153 break; \
154 case NSS_TRYAGAIN: \
155 (herr) = NETDB_INTERNAL;\
156 break; \
157 case NSS_NOTFOUND: \
158 (herr) = HOST_NOT_FOUND;\
159 break; \
160 case NSS_UNAVAIL: \
161 default: \
162 (herr) = NO_RECOVERY; \
163 break; \
164 } \
165 } while (0)
166
167 #ifdef HAVE_IRS_H
168 #define MAP_ERRNO(nss_status, err) do { \
169 switch ((nss_status)) { \
170 case NSS_SUCCESS: \
171 (err) = 0; \
172 break; \
173 case NSS_TRYAGAIN: \
174 (err) = ERANGE; \
175 break; \
176 case NSS_NOTFOUND: \
177 (err) = ENOENT; \
178 break; \
179 case NSS_UNAVAIL: \
180 default: \
181 (err) = EPERM; \
182 break; \
183 } \
184 } while (0)
185 #endif /* HAVE_IRS_H */
186
187 struct ldap_datum
188 {
189 void *data;
190 size_t size;
191 };
192
193 typedef struct ldap_datum ldap_datum_t;
194
195 #define NSS_LDAP_DATUM_ZERO(d) do { \
196 (d)->data = NULL; \
197 (d)->size = 0; \
198 } while (0)
199
200 #define NSS_LDAP_DB_NORMALIZE_CASE 0x1
201
202 void *_nss_ldap_db_open (void);
203 void _nss_ldap_db_close (void *db);
204 NSS_STATUS _nss_ldap_db_put (void *db,
205 unsigned flags,
206 const ldap_datum_t * key,
207 const ldap_datum_t * value);
208 NSS_STATUS _nss_ldap_db_get (void *db,
209 unsigned flags,
210 const ldap_datum_t * key,
211 ldap_datum_t * value);
212
213 /* Routines for managing namelists */
214
215 NSS_STATUS _nss_ldap_namelist_push (struct name_list **head, const char *name);
216 void _nss_ldap_namelist_pop (struct name_list **head);
217 int _nss_ldap_namelist_find (struct name_list *head, const char *netgroup);
218 void _nss_ldap_namelist_destroy (struct name_list **head);
219
220 NSS_STATUS
221 _nss_ldap_add_uri (ldap_config_t *result, const char *uri,
222 char **buffer, size_t *buflen);
223
224 ldap_map_selector_t
225 _nss_ldap_str2selector (const char *key);
226
227 NSS_STATUS
228 _nss_ldap_parse_long (const char *text, long default_value, long *value);
229 NSS_STATUS
230 _nss_ldap_parse_ulong (const char *text, unsigned long default_value,
231 unsigned long *value);
232 NSS_STATUS
233 _nss_ldap_parse_int (const char *text, int default_value, int *value);
234 NSS_STATUS
235 _nss_ldap_parse_uid_t (const char *text, uid_t default_value, uid_t *value);
236 NSS_STATUS
237 _nss_ldap_parse_gid_t (const char *text, gid_t default_value, gid_t *value);
238
239 #endif /* _LDAP_NSS_LDAP_UTIL_H */