xref: /freebsd/usr.sbin/ypldap/aldap.h (revision 31d62a73c2e6ac0ff413a7a17700ffc7dce254ef)
1 /*	$Id: aldap.h,v 1.9 2012/04/30 21:40:03 jmatthew Exp $ */
2 /*	$OpenBSD: aldap.h,v 1.9 2012/04/30 21:40:03 jmatthew Exp $ */
3 /*	$FreeBSD$ */
4 
5 /*
6  * Copyright (c) 2008 Alexander Schrijver <aschrijver@openbsd.org>
7  * Copyright (c) 2006, 2007 Marc Balmer <mbalmer@openbsd.org>
8  *
9  * Permission to use, copy, modify, and distribute this software for any
10  * purpose with or without fee is hereby granted, provided that the above
11  * copyright notice and this permission notice appear in all copies.
12  *
13  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
14  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
16  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20  */
21 
22 #include <stdio.h>
23 #include "ber.h"
24 
25 #define LDAP_URL "ldap://"
26 #define LDAP_PORT 389
27 #define LDAP_PAGED_OID  "1.2.840.113556.1.4.319"
28 
29 struct aldap {
30 #define ALDAP_ERR_SUCCESS		0
31 #define ALDAP_ERR_PARSER_ERROR		1
32 #define ALDAP_ERR_INVALID_FILTER	2
33 #define ALDAP_ERR_OPERATION_FAILED	3
34 	u_int8_t	err;
35 	int		msgid;
36 	struct ber	ber;
37 };
38 
39 struct aldap_page_control {
40 	int size;
41 	char *cookie;
42 	unsigned int cookie_len;
43 };
44 
45 struct aldap_message {
46 	int msgid;
47 	int message_type;
48 
49 	struct ber_element	*msg;
50 
51 	struct ber_element	*header;
52 	struct ber_element	*protocol_op;
53 
54 	struct ber_element	*dn;
55 
56 	union {
57 		struct {
58 			long long		 rescode;
59 			struct ber_element	*diagmsg;
60 		}			 res;
61 		struct {
62 			struct ber_element	*iter;
63 			struct ber_element	*attrs;
64 		}			 search;
65 	} body;
66 	struct ber_element	*references;
67 	struct aldap_page_control *page;
68 };
69 
70 enum aldap_protocol {
71 	LDAP,
72 	LDAPS
73 };
74 
75 struct aldap_url {
76 	int		 protocol;
77 	char		*host;
78 	in_port_t	 port;
79 	char		*dn;
80 #define MAXATTR 1024
81 	char		*attributes[MAXATTR];
82 	int		 scope;
83 	char		*filter;
84 	char		*buffer;
85 };
86 
87 enum protocol_op {
88 	LDAP_REQ_BIND		= 0,
89 	LDAP_RES_BIND		= 1,
90 	LDAP_REQ_UNBIND_30	= 2,
91 	LDAP_REQ_SEARCH		= 3,
92 	LDAP_RES_SEARCH_ENTRY	= 4,
93 	LDAP_RES_SEARCH_RESULT	= 5,
94 	LDAP_REQ_MODIFY		= 6,
95 	LDAP_RES_MODIFY		= 7,
96 	LDAP_REQ_ADD		= 8,
97 	LDAP_RES_ADD		= 9,
98 	LDAP_REQ_DELETE_30	= 10,
99 	LDAP_RES_DELETE		= 11,
100 	LDAP_REQ_MODRDN		= 12,
101 	LDAP_RES_MODRDN		= 13,
102 	LDAP_REQ_COMPARE	= 14,
103 	LDAP_RES_COMPARE	= 15,
104 	LDAP_REQ_ABANDON_30	= 16,
105 
106 	LDAP_RES_SEARCH_REFERENCE = 19,
107 };
108 
109 enum deref_aliases {
110 	LDAP_DEREF_NEVER	= 0,
111 	LDAP_DEREF_SEARCHING	= 1,
112 	LDAP_DEREF_FINDING	= 2,
113 	LDAP_DEREF_ALWAYS	= 3,
114 };
115 
116 enum authentication_choice {
117 	LDAP_AUTH_SIMPLE	= 0,
118 };
119 
120 enum scope {
121 	LDAP_SCOPE_BASE		= 0,
122 	LDAP_SCOPE_ONELEVEL	= 1,
123 	LDAP_SCOPE_SUBTREE	= 2,
124 };
125 
126 enum result_code {
127 	LDAP_SUCCESS				= 0,
128 	LDAP_OPERATIONS_ERROR			= 1,
129 	LDAP_PROTOCOL_ERROR			= 2,
130 	LDAP_TIMELIMIT_EXCEEDED			= 3,
131 	LDAP_SIZELIMIT_EXCEEDED			= 4,
132 	LDAP_COMPARE_FALSE			= 5,
133 	LDAP_COMPARE_TRUE			= 6,
134 	LDAP_STRONG_AUTH_NOT_SUPPORTED		= 7,
135 	LDAP_STRONG_AUTH_REQUIRED		= 8,
136 
137 	LDAP_REFERRAL				= 10,
138 	LDAP_ADMINLIMIT_EXCEEDED		= 11,
139 	LDAP_UNAVAILABLE_CRITICAL_EXTENSION	= 12,
140 	LDAP_CONFIDENTIALITY_REQUIRED		= 13,
141 	LDAP_SASL_BIND_IN_PROGRESS		= 14,
142 	LDAP_NO_SUCH_ATTRIBUTE			= 16,
143 	LDAP_UNDEFINED_TYPE			= 17,
144 	LDAP_INAPPROPRIATE_MATCHING		= 18,
145 	LDAP_CONSTRAINT_VIOLATION		= 19,
146 	LDAP_TYPE_OR_VALUE_EXISTS		= 20,
147 	LDAP_INVALID_SYNTAX			= 21,
148 
149 	LDAP_NO_SUCH_OBJECT			= 32,
150 	LDAP_ALIAS_PROBLEM			= 33,
151 	LDAP_INVALID_DN_SYNTAX			= 34,
152 
153 	LDAP_ALIAS_DEREF_PROBLEM		= 36,
154 
155 	LDAP_INAPPROPRIATE_AUTH			= 48,
156 	LDAP_INVALID_CREDENTIALS		= 49,
157 	LDAP_INSUFFICIENT_ACCESS		= 50,
158 	LDAP_BUSY				= 51,
159 	LDAP_UNAVAILABLE			= 52,
160 	LDAP_UNWILLING_TO_PERFORM		= 53,
161 	LDAP_LOOP_DETECT			= 54,
162 
163 	LDAP_NAMING_VIOLATION			= 64,
164 	LDAP_OBJECT_CLASS_VIOLATION		= 65,
165 	LDAP_NOT_ALLOWED_ON_NONLEAF		= 66,
166 	LDAP_NOT_ALLOWED_ON_RDN			= 67,
167 	LDAP_ALREADY_EXISTS			= 68,
168 	LDAP_NO_OBJECT_CLASS_MODS		= 69,
169 
170 	LDAP_AFFECTS_MULTIPLE_DSAS		= 71,
171 
172 	LDAP_OTHER				= 80,
173 };
174 
175 enum filter {
176 	LDAP_FILT_AND		= 0,
177 	LDAP_FILT_OR		= 1,
178 	LDAP_FILT_NOT		= 2,
179 	LDAP_FILT_EQ		= 3,
180 	LDAP_FILT_SUBS		= 4,
181 	LDAP_FILT_GE		= 5,
182 	LDAP_FILT_LE		= 6,
183 	LDAP_FILT_PRES		= 7,
184 	LDAP_FILT_APPR		= 8,
185 };
186 
187 enum subfilter {
188 	LDAP_FILT_SUBS_INIT	= 0,
189 	LDAP_FILT_SUBS_ANY	= 1,
190 	LDAP_FILT_SUBS_FIN	= 2,
191 };
192 
193 struct aldap		*aldap_init(int fd);
194 int			 aldap_close(struct aldap *);
195 struct aldap_message	*aldap_parse(struct aldap *);
196 void			 aldap_freemsg(struct aldap_message *);
197 
198 int	 aldap_bind(struct aldap *, char *, char *);
199 int	 aldap_unbind(struct aldap *);
200 int	 aldap_search(struct aldap *, char *, enum scope, char *, char **, int, int, int, struct aldap_page_control *);
201 int	 aldap_get_errno(struct aldap *, const char **);
202 
203 int	 aldap_get_resultcode(struct aldap_message *);
204 char	*aldap_get_dn(struct aldap_message *);
205 char	*aldap_get_diagmsg(struct aldap_message *);
206 char	**aldap_get_references(struct aldap_message *);
207 void	 aldap_free_references(char **values);
208 #if 0
209 int	 aldap_parse_url(char *, struct aldap_url *);
210 void	 aldap_free_url(struct aldap_url *);
211 int	 aldap_search_url(struct aldap *, char *, int, int, int);
212 #endif
213 
214 int	 aldap_count_attrs(struct aldap_message *);
215 int	 aldap_match_attr(struct aldap_message *, char *, char ***);
216 int	 aldap_first_attr(struct aldap_message *, char **, char ***);
217 int	 aldap_next_attr(struct aldap_message *, char **, char ***);
218 int	 aldap_free_attr(char **);
219 
220 struct aldap_page_control *aldap_parse_page_control(struct ber_element *, size_t len);
221 void	 aldap_freepage(struct aldap_page_control *);
222