Return to aldap.h CVS log

Up to [local] / src / usr.bin / ldap

Annotation of src/usr.bin/ldap/aldap.h, Revision 1.2

1.2     ! martijn     1: /*     $Id: aldap.h,v 1.1.1.1 2018/06/13 15:45:57 reyk Exp $ */
        !             2: /*     $OpenBSD: aldap.h,v 1.1.1.1 2018/06/13 15:45:57 reyk Exp $ */
1.1       reyk        3:
                      4: /*
                      5:  * Copyright (c) 2008 Alexander Schrijver <aschrijver@openbsd.org>
                      6:  * Copyright (c) 2006, 2007 Marc Balmer <mbalmer@openbsd.org>
                      7:  *
                      8:  * Permission to use, copy, modify, and distribute this software for any
                      9:  * purpose with or without fee is hereby granted, provided that the above
                     10:  * copyright notice and this permission notice appear in all copies.
                     11:  *
                     12:  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
                     13:  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
                     14:  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
                     15:  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
                     16:  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
                     17:  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
                     18:  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
                     19:  */
                     20:
                     21: #include <stdio.h>
                     22:
                     23: #include <tls.h>
                     24:
                     25: #include "ber.h"
                     26:
                     27: #define LDAP_URL               "ldap://"
                     28: #define LDAPS_URL              "ldaps://"
                     29: #define LDAPTLS_URL            "ldap+tls://"
                     30: #define LDAPI_URL              "ldapi://"
                     31:
                     32: #define LDAP_PORT              389
                     33: #define LDAPS_PORT             636
                     34: #define LDAP_PAGED_OID         "1.2.840.113556.1.4.319"
                     35: #define LDAP_STARTTLS_OID      "1.3.6.1.4.1.1466.20037"
                     36:
                     37: struct aldap {
                     38: #define ALDAP_ERR_SUCCESS              0
                     39: #define ALDAP_ERR_PARSER_ERROR         1
                     40: #define ALDAP_ERR_INVALID_FILTER       2
                     41: #define ALDAP_ERR_OPERATION_FAILED     3
                     42: #define ALDAP_ERR_TLS_ERROR            4
                     43:        u_int8_t        err;
                     44:        int             msgid;
                     45:        struct ber      ber;
                     46:
                     47:        int             fd;
                     48:        struct tls      *tls;
                     49:
                     50:        struct evbuffer *buf;
                     51: };
                     52:
                     53: struct aldap_page_control {
                     54:        int size;
                     55:        char *cookie;
                     56:        unsigned int cookie_len;
                     57: };
                     58:
                     59: struct aldap_message {
                     60:        int msgid;
                     61:        int message_type;
                     62:
                     63:        struct ber_element      *msg;
                     64:
                     65:        struct ber_element      *header;
                     66:        struct ber_element      *protocol_op;
                     67:
                     68:        struct ber_element      *dn;
                     69:
                     70:        union {
                     71:                struct {
                     72:                        long long                rescode;
                     73:                        struct ber_element      *diagmsg;
                     74:                }                        res;
                     75:                struct {
                     76:                        struct ber_element      *iter;
                     77:                        struct ber_element      *attrs;
                     78:                }                        search;
                     79:        } body;
                     80:        struct ber_element      *references;
                     81:        struct aldap_page_control *page;
                     82: };
                     83:
                     84: enum aldap_protocol {
                     85:        LDAP,
                     86:        LDAPS,
                     87:        LDAPTLS,
                     88:        LDAPI
                     89: };
                     90:
1.2     ! martijn    91: struct aldap_stringset {
        !            92:        size_t                   len;
        !            93:        struct ber_octetstring  *str;
        !            94: };
        !            95:
1.1       reyk       96: struct aldap_url {
                     97:        int              protocol;
                     98:        char            *host;
                     99:        in_port_t        port;
                    100:        char            *dn;
                    101: #define MAXATTR 1024
                    102:        char            *attributes[MAXATTR];
                    103:        int              scope;
                    104:        char            *filter;
                    105:        char            *buffer;
                    106: };
                    107:
                    108: enum protocol_op {
                    109:        LDAP_REQ_BIND           = 0,
                    110:        LDAP_RES_BIND           = 1,
                    111:        LDAP_REQ_UNBIND_30      = 2,
                    112:        LDAP_REQ_SEARCH         = 3,
                    113:        LDAP_RES_SEARCH_ENTRY   = 4,
                    114:        LDAP_RES_SEARCH_RESULT  = 5,
                    115:        LDAP_REQ_MODIFY         = 6,
                    116:        LDAP_RES_MODIFY         = 7,
                    117:        LDAP_REQ_ADD            = 8,
                    118:        LDAP_RES_ADD            = 9,
                    119:        LDAP_REQ_DELETE_30      = 10,
                    120:        LDAP_RES_DELETE         = 11,
                    121:        LDAP_REQ_MODRDN         = 12,
                    122:        LDAP_RES_MODRDN         = 13,
                    123:        LDAP_REQ_COMPARE        = 14,
                    124:        LDAP_RES_COMPARE        = 15,
                    125:        LDAP_REQ_ABANDON_30     = 16,
                    126:
                    127:        LDAP_RES_SEARCH_REFERENCE = 19,
                    128:
                    129:        LDAP_REQ_EXTENDED       = 23,
                    130:        LDAP_RES_EXTENDED       = 24
                    131: };
                    132:
                    133: enum deref_aliases {
                    134:        LDAP_DEREF_NEVER        = 0,
                    135:        LDAP_DEREF_SEARCHING    = 1,
                    136:        LDAP_DEREF_FINDING      = 2,
                    137:        LDAP_DEREF_ALWAYS       = 3,
                    138: };
                    139:
                    140: enum authentication_choice {
                    141:        LDAP_AUTH_SIMPLE        = 0,
                    142: };
                    143:
                    144: enum scope {
                    145:        LDAP_SCOPE_BASE         = 0,
                    146:        LDAP_SCOPE_ONELEVEL     = 1,
                    147:        LDAP_SCOPE_SUBTREE      = 2,
                    148: };
                    149:
                    150: enum result_code {
                    151:        LDAP_SUCCESS                            = 0,
                    152:        LDAP_OPERATIONS_ERROR                   = 1,
                    153:        LDAP_PROTOCOL_ERROR                     = 2,
                    154:        LDAP_TIMELIMIT_EXCEEDED                 = 3,
                    155:        LDAP_SIZELIMIT_EXCEEDED                 = 4,
                    156:        LDAP_COMPARE_FALSE                      = 5,
                    157:        LDAP_COMPARE_TRUE                       = 6,
                    158:        LDAP_STRONG_AUTH_NOT_SUPPORTED          = 7,
                    159:        LDAP_STRONG_AUTH_REQUIRED               = 8,
                    160:
                    161:        LDAP_REFERRAL                           = 10,
                    162:        LDAP_ADMINLIMIT_EXCEEDED                = 11,
                    163:        LDAP_UNAVAILABLE_CRITICAL_EXTENSION     = 12,
                    164:        LDAP_CONFIDENTIALITY_REQUIRED           = 13,
                    165:        LDAP_SASL_BIND_IN_PROGRESS              = 14,
                    166:        LDAP_NO_SUCH_ATTRIBUTE                  = 16,
                    167:        LDAP_UNDEFINED_TYPE                     = 17,
                    168:        LDAP_INAPPROPRIATE_MATCHING             = 18,
                    169:        LDAP_CONSTRAINT_VIOLATION               = 19,
                    170:        LDAP_TYPE_OR_VALUE_EXISTS               = 20,
                    171:        LDAP_INVALID_SYNTAX                     = 21,
                    172:
                    173:        LDAP_NO_SUCH_OBJECT                     = 32,
                    174:        LDAP_ALIAS_PROBLEM                      = 33,
                    175:        LDAP_INVALID_DN_SYNTAX                  = 34,
                    176:
                    177:        LDAP_ALIAS_DEREF_PROBLEM                = 36,
                    178:
                    179:        LDAP_INAPPROPRIATE_AUTH                 = 48,
                    180:        LDAP_INVALID_CREDENTIALS                = 49,
                    181:        LDAP_INSUFFICIENT_ACCESS                = 50,
                    182:        LDAP_BUSY                               = 51,
                    183:        LDAP_UNAVAILABLE                        = 52,
                    184:        LDAP_UNWILLING_TO_PERFORM               = 53,
                    185:        LDAP_LOOP_DETECT                        = 54,
                    186:
                    187:        LDAP_NAMING_VIOLATION                   = 64,
                    188:        LDAP_OBJECT_CLASS_VIOLATION             = 65,
                    189:        LDAP_NOT_ALLOWED_ON_NONLEAF             = 66,
                    190:        LDAP_NOT_ALLOWED_ON_RDN                 = 67,
                    191:        LDAP_ALREADY_EXISTS                     = 68,
                    192:        LDAP_NO_OBJECT_CLASS_MODS               = 69,
                    193:
                    194:        LDAP_AFFECTS_MULTIPLE_DSAS              = 71,
                    195:
                    196:        LDAP_OTHER                              = 80,
                    197: };
                    198:
                    199: enum filter {
                    200:        LDAP_FILT_AND           = 0,
                    201:        LDAP_FILT_OR            = 1,
                    202:        LDAP_FILT_NOT           = 2,
                    203:        LDAP_FILT_EQ            = 3,
                    204:        LDAP_FILT_SUBS          = 4,
                    205:        LDAP_FILT_GE            = 5,
                    206:        LDAP_FILT_LE            = 6,
                    207:        LDAP_FILT_PRES          = 7,
                    208:        LDAP_FILT_APPR          = 8,
                    209: };
                    210:
                    211: enum subfilter {
                    212:        LDAP_FILT_SUBS_INIT     = 0,
                    213:        LDAP_FILT_SUBS_ANY      = 1,
                    214:        LDAP_FILT_SUBS_FIN      = 2,
                    215: };
                    216:
                    217: struct aldap           *aldap_init(int);
                    218: int                     aldap_tls(struct aldap *, struct tls_config *,
                    219:                            const char *);
                    220: int                     aldap_close(struct aldap *);
                    221: struct aldap_message   *aldap_parse(struct aldap *);
                    222: void                    aldap_freemsg(struct aldap_message *);
                    223:
                    224: int                     aldap_req_starttls(struct aldap *);
                    225:
                    226: int     aldap_bind(struct aldap *, char *, char *);
                    227: int     aldap_unbind(struct aldap *);
                    228: int     aldap_search(struct aldap *, char *, enum scope, char *, char **, int, int, int, struct aldap_page_control *);
                    229: int     aldap_get_errno(struct aldap *, const char **);
                    230:
                    231: int     aldap_get_resultcode(struct aldap_message *);
                    232: char   *aldap_get_dn(struct aldap_message *);
                    233: char   *aldap_get_diagmsg(struct aldap_message *);
1.2     ! martijn   234: struct aldap_stringset *aldap_get_references(struct aldap_message *);
1.1       reyk      235: void    aldap_free_references(char **values);
                    236: int     aldap_parse_url(const char *, struct aldap_url *);
                    237: void    aldap_free_url(struct aldap_url *);
                    238: int     aldap_search_url(struct aldap *, char *, int, int, int,
                    239:            struct aldap_page_control *);
                    240:
                    241: int     aldap_count_attrs(struct aldap_message *);
1.2     ! martijn   242: int     aldap_match_attr(struct aldap_message *, char *,
        !           243:            struct aldap_stringset **);
        !           244: int     aldap_first_attr(struct aldap_message *, char **, struct
        !           245:            aldap_stringset **);
        !           246: int     aldap_next_attr(struct aldap_message *, char **,
        !           247:            struct aldap_stringset **);
        !           248: int     aldap_free_attr(struct aldap_stringset *);
1.1       reyk      249:
                    250: struct aldap_page_control *aldap_parse_page_control(struct ber_element *, size_t len);
                    251: void    aldap_freepage(struct aldap_page_control *);