| 1 | /*
|
|---|
| 2 | Unix SMB/CIFS Implementation.
|
|---|
| 3 | LDAP protocol helper functions for SAMBA
|
|---|
| 4 | Copyright (C) Volker Lendecke 2004
|
|---|
| 5 |
|
|---|
| 6 | This program is free software; you can redistribute it and/or modify
|
|---|
| 7 | it under the terms of the GNU General Public License as published by
|
|---|
| 8 | the Free Software Foundation; either version 3 of the License, or
|
|---|
| 9 | (at your option) any later version.
|
|---|
| 10 |
|
|---|
| 11 | This program is distributed in the hope that it will be useful,
|
|---|
| 12 | but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|---|
| 13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|---|
| 14 | GNU General Public License for more details.
|
|---|
| 15 |
|
|---|
| 16 | You should have received a copy of the GNU General Public License
|
|---|
| 17 | along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|---|
| 18 |
|
|---|
| 19 | */
|
|---|
| 20 |
|
|---|
| 21 | #ifndef _SMB_LDAP_H
|
|---|
| 22 | #define _SMB_LDAP_H
|
|---|
| 23 |
|
|---|
| 24 | enum ldap_request_tag {
|
|---|
| 25 | LDAP_TAG_BindRequest = 0,
|
|---|
| 26 | LDAP_TAG_BindResponse = 1,
|
|---|
| 27 | LDAP_TAG_UnbindRequest = 2,
|
|---|
| 28 | LDAP_TAG_SearchRequest = 3,
|
|---|
| 29 | LDAP_TAG_SearchResultEntry = 4,
|
|---|
| 30 | LDAP_TAG_SearchResultDone = 5,
|
|---|
| 31 | LDAP_TAG_ModifyRequest = 6,
|
|---|
| 32 | LDAP_TAG_ModifyResponse = 7,
|
|---|
| 33 | LDAP_TAG_AddRequest = 8,
|
|---|
| 34 | LDAP_TAG_AddResponse = 9,
|
|---|
| 35 | LDAP_TAG_DelRequest = 10,
|
|---|
| 36 | LDAP_TAG_DelResponse = 11,
|
|---|
| 37 | LDAP_TAG_ModifyDNRequest = 12,
|
|---|
| 38 | LDAP_TAG_ModifyDNResponse = 13,
|
|---|
| 39 | LDAP_TAG_CompareRequest = 14,
|
|---|
| 40 | LDAP_TAG_CompareResponse = 15,
|
|---|
| 41 | LDAP_TAG_AbandonRequest = 16,
|
|---|
| 42 | LDAP_TAG_SearchResultReference = 19,
|
|---|
| 43 | LDAP_TAG_ExtendedRequest = 23,
|
|---|
| 44 | LDAP_TAG_ExtendedResponse = 24
|
|---|
| 45 | };
|
|---|
| 46 |
|
|---|
| 47 | enum ldap_auth_mechanism {
|
|---|
| 48 | LDAP_AUTH_MECH_SIMPLE = 0,
|
|---|
| 49 | LDAP_AUTH_MECH_SASL = 3
|
|---|
| 50 | };
|
|---|
| 51 |
|
|---|
| 52 | #ifndef LDAP_SUCCESS
|
|---|
| 53 | enum ldap_result_code {
|
|---|
| 54 | LDAP_SUCCESS = 0,
|
|---|
| 55 | LDAP_SASL_BIND_IN_PROGRESS = 0x0e,
|
|---|
| 56 | LDAP_INVALID_CREDENTIALS = 0x31,
|
|---|
| 57 | LDAP_OTHER = 0x50
|
|---|
| 58 | };
|
|---|
| 59 | #endif /* LDAP_SUCCESS */
|
|---|
| 60 |
|
|---|
| 61 | struct ldap_Result {
|
|---|
| 62 | int resultcode;
|
|---|
| 63 | const char *dn;
|
|---|
| 64 | const char *errormessage;
|
|---|
| 65 | const char *referral;
|
|---|
| 66 | };
|
|---|
| 67 |
|
|---|
| 68 | struct ldap_attribute {
|
|---|
| 69 | const char *name;
|
|---|
| 70 | int num_values;
|
|---|
| 71 | DATA_BLOB *values;
|
|---|
| 72 | };
|
|---|
| 73 |
|
|---|
| 74 | struct ldap_BindRequest {
|
|---|
| 75 | int version;
|
|---|
| 76 | const char *dn;
|
|---|
| 77 | enum ldap_auth_mechanism mechanism;
|
|---|
| 78 | union {
|
|---|
| 79 | const char *password;
|
|---|
| 80 | struct {
|
|---|
| 81 | const char *mechanism;
|
|---|
| 82 | DATA_BLOB secblob;
|
|---|
| 83 | } SASL;
|
|---|
| 84 | } creds;
|
|---|
| 85 | };
|
|---|
| 86 |
|
|---|
| 87 | struct ldap_BindResponse {
|
|---|
| 88 | struct ldap_Result response;
|
|---|
| 89 | union {
|
|---|
| 90 | DATA_BLOB secblob;
|
|---|
| 91 | } SASL;
|
|---|
| 92 | };
|
|---|
| 93 |
|
|---|
| 94 | struct ldap_UnbindRequest {
|
|---|
| 95 | uint8 __dummy;
|
|---|
| 96 | };
|
|---|
| 97 |
|
|---|
| 98 | enum ldap_scope {
|
|---|
| 99 | LDAP_SEARCH_SCOPE_BASE = 0,
|
|---|
| 100 | LDAP_SEARCH_SCOPE_SINGLE = 1,
|
|---|
| 101 | LDAP_SEARCH_SCOPE_SUB = 2
|
|---|
| 102 | };
|
|---|
| 103 |
|
|---|
| 104 | enum ldap_deref {
|
|---|
| 105 | LDAP_DEREFERENCE_NEVER = 0,
|
|---|
| 106 | LDAP_DEREFERENCE_IN_SEARCHING = 1,
|
|---|
| 107 | LDAP_DEREFERENCE_FINDING_BASE = 2,
|
|---|
| 108 | LDAP_DEREFERENCE_ALWAYS
|
|---|
| 109 | };
|
|---|
| 110 |
|
|---|
| 111 | struct ldap_SearchRequest {
|
|---|
| 112 | const char *basedn;
|
|---|
| 113 | enum ldap_scope scope;
|
|---|
| 114 | enum ldap_deref deref;
|
|---|
| 115 | uint32 timelimit;
|
|---|
| 116 | uint32 sizelimit;
|
|---|
| 117 | bool attributesonly;
|
|---|
| 118 | char *filter;
|
|---|
| 119 | int num_attributes;
|
|---|
| 120 | const char **attributes;
|
|---|
| 121 | };
|
|---|
| 122 |
|
|---|
| 123 | struct ldap_SearchResEntry {
|
|---|
| 124 | const char *dn;
|
|---|
| 125 | int num_attributes;
|
|---|
| 126 | struct ldap_attribute *attributes;
|
|---|
| 127 | };
|
|---|
| 128 |
|
|---|
| 129 | struct ldap_SearchResRef {
|
|---|
| 130 | int num_referrals;
|
|---|
| 131 | const char **referrals;
|
|---|
| 132 | };
|
|---|
| 133 |
|
|---|
| 134 | enum ldap_modify_type {
|
|---|
| 135 | LDAP_MODIFY_NONE = -1,
|
|---|
| 136 | LDAP_MODIFY_ADD = 0,
|
|---|
| 137 | LDAP_MODIFY_DELETE = 1,
|
|---|
| 138 | LDAP_MODIFY_REPLACE = 2
|
|---|
| 139 | };
|
|---|
| 140 |
|
|---|
| 141 | struct ldap_mod {
|
|---|
| 142 | enum ldap_modify_type type;
|
|---|
| 143 | struct ldap_attribute attrib;
|
|---|
| 144 | };
|
|---|
| 145 |
|
|---|
| 146 | struct ldap_ModifyRequest {
|
|---|
| 147 | const char *dn;
|
|---|
| 148 | int num_mods;
|
|---|
| 149 | struct ldap_mod *mods;
|
|---|
| 150 | };
|
|---|
| 151 |
|
|---|
| 152 | struct ldap_AddRequest {
|
|---|
| 153 | const char *dn;
|
|---|
| 154 | int num_attributes;
|
|---|
| 155 | struct ldap_attribute *attributes;
|
|---|
| 156 | };
|
|---|
| 157 |
|
|---|
| 158 | struct ldap_DelRequest {
|
|---|
| 159 | const char *dn;
|
|---|
| 160 | };
|
|---|
| 161 |
|
|---|
| 162 | struct ldap_ModifyDNRequest {
|
|---|
| 163 | const char *dn;
|
|---|
| 164 | const char *newrdn;
|
|---|
| 165 | bool deleteolddn;
|
|---|
| 166 | const char *newsuperior;
|
|---|
| 167 | };
|
|---|
| 168 |
|
|---|
| 169 | struct ldap_CompareRequest {
|
|---|
| 170 | const char *dn;
|
|---|
| 171 | const char *attribute;
|
|---|
| 172 | const char *value;
|
|---|
| 173 | };
|
|---|
| 174 |
|
|---|
| 175 | struct ldap_AbandonRequest {
|
|---|
| 176 | uint32 messageid;
|
|---|
| 177 | };
|
|---|
| 178 |
|
|---|
| 179 | struct ldap_ExtendedRequest {
|
|---|
| 180 | const char *oid;
|
|---|
| 181 | DATA_BLOB value;
|
|---|
| 182 | };
|
|---|
| 183 |
|
|---|
| 184 | struct ldap_ExtendedResponse {
|
|---|
| 185 | struct ldap_Result response;
|
|---|
| 186 | const char *name;
|
|---|
| 187 | DATA_BLOB value;
|
|---|
| 188 | };
|
|---|
| 189 |
|
|---|
| 190 | union ldap_Request {
|
|---|
| 191 | struct ldap_BindRequest BindRequest;
|
|---|
| 192 | struct ldap_BindResponse BindResponse;
|
|---|
| 193 | struct ldap_UnbindRequest UnbindRequest;
|
|---|
| 194 | struct ldap_SearchRequest SearchRequest;
|
|---|
| 195 | struct ldap_SearchResEntry SearchResultEntry;
|
|---|
| 196 | struct ldap_Result SearchResultDone;
|
|---|
| 197 | struct ldap_SearchResRef SearchResultReference;
|
|---|
| 198 | struct ldap_ModifyRequest ModifyRequest;
|
|---|
| 199 | struct ldap_Result ModifyResponse;
|
|---|
| 200 | struct ldap_AddRequest AddRequest;
|
|---|
| 201 | struct ldap_Result AddResponse;
|
|---|
| 202 | struct ldap_DelRequest DelRequest;
|
|---|
| 203 | struct ldap_Result DelResponse;
|
|---|
| 204 | struct ldap_ModifyDNRequest ModifyDNRequest;
|
|---|
| 205 | struct ldap_Result ModifyDNResponse;
|
|---|
| 206 | struct ldap_CompareRequest CompareRequest;
|
|---|
| 207 | struct ldap_Result CompareResponse;
|
|---|
| 208 | struct ldap_AbandonRequest AbandonRequest;
|
|---|
| 209 | struct ldap_ExtendedRequest ExtendedRequest;
|
|---|
| 210 | struct ldap_ExtendedResponse ExtendedResponse;
|
|---|
| 211 | };
|
|---|
| 212 |
|
|---|
| 213 | struct ldap_Control {
|
|---|
| 214 | const char *oid;
|
|---|
| 215 | bool critical;
|
|---|
| 216 | DATA_BLOB value;
|
|---|
| 217 | };
|
|---|
| 218 |
|
|---|
| 219 | struct ldap_message {
|
|---|
| 220 | TALLOC_CTX *mem_ctx;
|
|---|
| 221 | uint32 messageid;
|
|---|
| 222 | uint8 type;
|
|---|
| 223 | union ldap_Request r;
|
|---|
| 224 | int num_controls;
|
|---|
| 225 | struct ldap_Control *controls;
|
|---|
| 226 | };
|
|---|
| 227 |
|
|---|
| 228 | struct ldap_queue_entry {
|
|---|
| 229 | struct ldap_queue_entry *next, *prev;
|
|---|
| 230 | int msgid;
|
|---|
| 231 | struct ldap_message *msg;
|
|---|
| 232 | };
|
|---|
| 233 |
|
|---|
| 234 | struct ldap_connection {
|
|---|
| 235 | TALLOC_CTX *mem_ctx;
|
|---|
| 236 | int sock;
|
|---|
| 237 | int next_msgid;
|
|---|
| 238 | char *host;
|
|---|
| 239 | uint16 port;
|
|---|
| 240 | bool ldaps;
|
|---|
| 241 |
|
|---|
| 242 | const char *auth_dn;
|
|---|
| 243 | const char *simple_pw;
|
|---|
| 244 |
|
|---|
| 245 | /* Current outstanding search entry */
|
|---|
| 246 | int searchid;
|
|---|
| 247 |
|
|---|
| 248 | /* List for incoming search entries */
|
|---|
| 249 | struct ldap_queue_entry *search_entries;
|
|---|
| 250 |
|
|---|
| 251 | /* Outstanding LDAP requests that have not yet been replied to */
|
|---|
| 252 | struct ldap_queue_entry *outstanding;
|
|---|
| 253 | };
|
|---|
| 254 |
|
|---|
| 255 | #endif
|
|---|
