Annotation of src/usr.bin/ldap/aldap.h, Revision 1.1
1.1 ! reyk 1: /* $Id: aldap.h,v 1.10 2017/05/30 09:33:31 jmatthew Exp $ */
! 2: /* $OpenBSD: aldap.h,v 1.10 2017/05/30 09:33:31 jmatthew Exp $ */
! 3:
! 4: /*
! 5: * Copyright (c) 2008 Alexander Schrijver <aschrijver@openbsd.org>
! 6: * Copyright (c) 2006, 2007 Marc Balmer <mbalmer@openbsd.org>
! 7: *
! 8: * Permission to use, copy, modify, and distribute this software for any
! 9: * purpose with or without fee is hereby granted, provided that the above
! 10: * copyright notice and this permission notice appear in all copies.
! 11: *
! 12: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
! 13: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
! 14: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
! 15: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
! 16: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
! 17: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
! 18: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
! 19: */
! 20:
! 21: #include <stdio.h>
! 22:
! 23: #include <tls.h>
! 24:
! 25: #include "ber.h"
! 26:
! 27: #define LDAP_URL "ldap://"
! 28: #define LDAPS_URL "ldaps://"
! 29: #define LDAPTLS_URL "ldap+tls://"
! 30: #define LDAPI_URL "ldapi://"
! 31:
! 32: #define LDAP_PORT 389
! 33: #define LDAPS_PORT 636
! 34: #define LDAP_PAGED_OID "1.2.840.113556.1.4.319"
! 35: #define LDAP_STARTTLS_OID "1.3.6.1.4.1.1466.20037"
! 36:
! 37: struct aldap {
! 38: #define ALDAP_ERR_SUCCESS 0
! 39: #define ALDAP_ERR_PARSER_ERROR 1
! 40: #define ALDAP_ERR_INVALID_FILTER 2
! 41: #define ALDAP_ERR_OPERATION_FAILED 3
! 42: #define ALDAP_ERR_TLS_ERROR 4
! 43: u_int8_t err;
! 44: int msgid;
! 45: struct ber ber;
! 46:
! 47: int fd;
! 48: struct tls *tls;
! 49:
! 50: struct evbuffer *buf;
! 51: };
! 52:
! 53: struct aldap_page_control {
! 54: int size;
! 55: char *cookie;
! 56: unsigned int cookie_len;
! 57: };
! 58:
! 59: struct aldap_message {
! 60: int msgid;
! 61: int message_type;
! 62:
! 63: struct ber_element *msg;
! 64:
! 65: struct ber_element *header;
! 66: struct ber_element *protocol_op;
! 67:
! 68: struct ber_element *dn;
! 69:
! 70: union {
! 71: struct {
! 72: long long rescode;
! 73: struct ber_element *diagmsg;
! 74: } res;
! 75: struct {
! 76: struct ber_element *iter;
! 77: struct ber_element *attrs;
! 78: } search;
! 79: } body;
! 80: struct ber_element *references;
! 81: struct aldap_page_control *page;
! 82: };
! 83:
! 84: enum aldap_protocol {
! 85: LDAP,
! 86: LDAPS,
! 87: LDAPTLS,
! 88: LDAPI
! 89: };
! 90:
! 91: struct aldap_url {
! 92: int protocol;
! 93: char *host;
! 94: in_port_t port;
! 95: char *dn;
! 96: #define MAXATTR 1024
! 97: char *attributes[MAXATTR];
! 98: int scope;
! 99: char *filter;
! 100: char *buffer;
! 101: };
! 102:
! 103: enum protocol_op {
! 104: LDAP_REQ_BIND = 0,
! 105: LDAP_RES_BIND = 1,
! 106: LDAP_REQ_UNBIND_30 = 2,
! 107: LDAP_REQ_SEARCH = 3,
! 108: LDAP_RES_SEARCH_ENTRY = 4,
! 109: LDAP_RES_SEARCH_RESULT = 5,
! 110: LDAP_REQ_MODIFY = 6,
! 111: LDAP_RES_MODIFY = 7,
! 112: LDAP_REQ_ADD = 8,
! 113: LDAP_RES_ADD = 9,
! 114: LDAP_REQ_DELETE_30 = 10,
! 115: LDAP_RES_DELETE = 11,
! 116: LDAP_REQ_MODRDN = 12,
! 117: LDAP_RES_MODRDN = 13,
! 118: LDAP_REQ_COMPARE = 14,
! 119: LDAP_RES_COMPARE = 15,
! 120: LDAP_REQ_ABANDON_30 = 16,
! 121:
! 122: LDAP_RES_SEARCH_REFERENCE = 19,
! 123:
! 124: LDAP_REQ_EXTENDED = 23,
! 125: LDAP_RES_EXTENDED = 24
! 126: };
! 127:
! 128: enum deref_aliases {
! 129: LDAP_DEREF_NEVER = 0,
! 130: LDAP_DEREF_SEARCHING = 1,
! 131: LDAP_DEREF_FINDING = 2,
! 132: LDAP_DEREF_ALWAYS = 3,
! 133: };
! 134:
! 135: enum authentication_choice {
! 136: LDAP_AUTH_SIMPLE = 0,
! 137: };
! 138:
! 139: enum scope {
! 140: LDAP_SCOPE_BASE = 0,
! 141: LDAP_SCOPE_ONELEVEL = 1,
! 142: LDAP_SCOPE_SUBTREE = 2,
! 143: };
! 144:
! 145: enum result_code {
! 146: LDAP_SUCCESS = 0,
! 147: LDAP_OPERATIONS_ERROR = 1,
! 148: LDAP_PROTOCOL_ERROR = 2,
! 149: LDAP_TIMELIMIT_EXCEEDED = 3,
! 150: LDAP_SIZELIMIT_EXCEEDED = 4,
! 151: LDAP_COMPARE_FALSE = 5,
! 152: LDAP_COMPARE_TRUE = 6,
! 153: LDAP_STRONG_AUTH_NOT_SUPPORTED = 7,
! 154: LDAP_STRONG_AUTH_REQUIRED = 8,
! 155:
! 156: LDAP_REFERRAL = 10,
! 157: LDAP_ADMINLIMIT_EXCEEDED = 11,
! 158: LDAP_UNAVAILABLE_CRITICAL_EXTENSION = 12,
! 159: LDAP_CONFIDENTIALITY_REQUIRED = 13,
! 160: LDAP_SASL_BIND_IN_PROGRESS = 14,
! 161: LDAP_NO_SUCH_ATTRIBUTE = 16,
! 162: LDAP_UNDEFINED_TYPE = 17,
! 163: LDAP_INAPPROPRIATE_MATCHING = 18,
! 164: LDAP_CONSTRAINT_VIOLATION = 19,
! 165: LDAP_TYPE_OR_VALUE_EXISTS = 20,
! 166: LDAP_INVALID_SYNTAX = 21,
! 167:
! 168: LDAP_NO_SUCH_OBJECT = 32,
! 169: LDAP_ALIAS_PROBLEM = 33,
! 170: LDAP_INVALID_DN_SYNTAX = 34,
! 171:
! 172: LDAP_ALIAS_DEREF_PROBLEM = 36,
! 173:
! 174: LDAP_INAPPROPRIATE_AUTH = 48,
! 175: LDAP_INVALID_CREDENTIALS = 49,
! 176: LDAP_INSUFFICIENT_ACCESS = 50,
! 177: LDAP_BUSY = 51,
! 178: LDAP_UNAVAILABLE = 52,
! 179: LDAP_UNWILLING_TO_PERFORM = 53,
! 180: LDAP_LOOP_DETECT = 54,
! 181:
! 182: LDAP_NAMING_VIOLATION = 64,
! 183: LDAP_OBJECT_CLASS_VIOLATION = 65,
! 184: LDAP_NOT_ALLOWED_ON_NONLEAF = 66,
! 185: LDAP_NOT_ALLOWED_ON_RDN = 67,
! 186: LDAP_ALREADY_EXISTS = 68,
! 187: LDAP_NO_OBJECT_CLASS_MODS = 69,
! 188:
! 189: LDAP_AFFECTS_MULTIPLE_DSAS = 71,
! 190:
! 191: LDAP_OTHER = 80,
! 192: };
! 193:
! 194: enum filter {
! 195: LDAP_FILT_AND = 0,
! 196: LDAP_FILT_OR = 1,
! 197: LDAP_FILT_NOT = 2,
! 198: LDAP_FILT_EQ = 3,
! 199: LDAP_FILT_SUBS = 4,
! 200: LDAP_FILT_GE = 5,
! 201: LDAP_FILT_LE = 6,
! 202: LDAP_FILT_PRES = 7,
! 203: LDAP_FILT_APPR = 8,
! 204: };
! 205:
! 206: enum subfilter {
! 207: LDAP_FILT_SUBS_INIT = 0,
! 208: LDAP_FILT_SUBS_ANY = 1,
! 209: LDAP_FILT_SUBS_FIN = 2,
! 210: };
! 211:
! 212: struct aldap *aldap_init(int);
! 213: int aldap_tls(struct aldap *, struct tls_config *,
! 214: const char *);
! 215: int aldap_close(struct aldap *);
! 216: struct aldap_message *aldap_parse(struct aldap *);
! 217: void aldap_freemsg(struct aldap_message *);
! 218:
! 219: int aldap_req_starttls(struct aldap *);
! 220:
! 221: int aldap_bind(struct aldap *, char *, char *);
! 222: int aldap_unbind(struct aldap *);
! 223: int aldap_search(struct aldap *, char *, enum scope, char *, char **, int, int, int, struct aldap_page_control *);
! 224: int aldap_get_errno(struct aldap *, const char **);
! 225:
! 226: int aldap_get_resultcode(struct aldap_message *);
! 227: char *aldap_get_dn(struct aldap_message *);
! 228: char *aldap_get_diagmsg(struct aldap_message *);
! 229: char **aldap_get_references(struct aldap_message *);
! 230: void aldap_free_references(char **values);
! 231: int aldap_parse_url(const char *, struct aldap_url *);
! 232: void aldap_free_url(struct aldap_url *);
! 233: int aldap_search_url(struct aldap *, char *, int, int, int,
! 234: struct aldap_page_control *);
! 235:
! 236: int aldap_count_attrs(struct aldap_message *);
! 237: int aldap_match_attr(struct aldap_message *, char *, char ***);
! 238: int aldap_first_attr(struct aldap_message *, char **, char ***);
! 239: int aldap_next_attr(struct aldap_message *, char **, char ***);
! 240: int aldap_free_attr(char **);
! 241:
! 242: struct aldap_page_control *aldap_parse_page_control(struct ber_element *, size_t len);
! 243: void aldap_freepage(struct aldap_page_control *);