xref: /freebsd/usr.sbin/ypldap/aldap.h (revision 4fbb9c43aa44d9145151bb5f77d302ba01fb7551)
1 /*	$Id: aldap.h,v 1.9 2012/04/30 21:40:03 jmatthew Exp $ */
2 /*	$OpenBSD: aldap.h,v 1.9 2012/04/30 21:40:03 jmatthew Exp $ */
3 
4 /*
5  * Copyright (c) 2008 Alexander Schrijver <aschrijver@openbsd.org>
6  * Copyright (c) 2006, 2007 Marc Balmer <mbalmer@openbsd.org>
7  *
8  * Permission to use, copy, modify, and distribute this software for any
9  * purpose with or without fee is hereby granted, provided that the above
10  * copyright notice and this permission notice appear in all copies.
11  *
12  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
13  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
14  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
15  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
16  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19  */
20 
21 #include <stdio.h>
22 #include "ber.h"
23 
24 #define LDAP_URL "ldap://"
25 #define LDAP_PORT 389
26 #define LDAP_PAGED_OID  "1.2.840.113556.1.4.319"
27 
28 struct aldap {
29 #define ALDAP_ERR_SUCCESS		0
30 #define ALDAP_ERR_PARSER_ERROR		1
31 #define ALDAP_ERR_INVALID_FILTER	2
32 #define ALDAP_ERR_OPERATION_FAILED	3
33 	u_int8_t	err;
34 	int		msgid;
35 	struct ber	ber;
36 };
37 
38 struct aldap_page_control {
39 	int size;
40 	char *cookie;
41 	unsigned int cookie_len;
42 };
43 
44 struct aldap_message {
45 	int msgid;
46 	int message_type;
47 
48 	struct ber_element	*msg;
49 
50 	struct ber_element	*header;
51 	struct ber_element	*protocol_op;
52 
53 	struct ber_element	*dn;
54 
55 	union {
56 		struct {
57 			long long		 rescode;
58 			struct ber_element	*diagmsg;
59 		}			 res;
60 		struct {
61 			struct ber_element	*iter;
62 			struct ber_element	*attrs;
63 		}			 search;
64 	} body;
65 	struct ber_element	*references;
66 	struct aldap_page_control *page;
67 };
68 
69 enum aldap_protocol {
70 	LDAP,
71 	LDAPS
72 };
73 
74 struct aldap_url {
75 	int		 protocol;
76 	char		*host;
77 	in_port_t	 port;
78 	char		*dn;
79 #define MAXATTR 1024
80 	char		*attributes[MAXATTR];
81 	int		 scope;
82 	char		*filter;
83 	char		*buffer;
84 };
85 
86 enum protocol_op {
87 	LDAP_REQ_BIND		= 0,
88 	LDAP_RES_BIND		= 1,
89 	LDAP_REQ_UNBIND_30	= 2,
90 	LDAP_REQ_SEARCH		= 3,
91 	LDAP_RES_SEARCH_ENTRY	= 4,
92 	LDAP_RES_SEARCH_RESULT	= 5,
93 	LDAP_REQ_MODIFY		= 6,
94 	LDAP_RES_MODIFY		= 7,
95 	LDAP_REQ_ADD		= 8,
96 	LDAP_RES_ADD		= 9,
97 	LDAP_REQ_DELETE_30	= 10,
98 	LDAP_RES_DELETE		= 11,
99 	LDAP_REQ_MODRDN		= 12,
100 	LDAP_RES_MODRDN		= 13,
101 	LDAP_REQ_COMPARE	= 14,
102 	LDAP_RES_COMPARE	= 15,
103 	LDAP_REQ_ABANDON_30	= 16,
104 
105 	LDAP_RES_SEARCH_REFERENCE = 19,
106 };
107 
108 enum deref_aliases {
109 	LDAP_DEREF_NEVER	= 0,
110 	LDAP_DEREF_SEARCHING	= 1,
111 	LDAP_DEREF_FINDING	= 2,
112 	LDAP_DEREF_ALWAYS	= 3,
113 };
114 
115 enum authentication_choice {
116 	LDAP_AUTH_SIMPLE	= 0,
117 };
118 
119 enum scope {
120 	LDAP_SCOPE_BASE		= 0,
121 	LDAP_SCOPE_ONELEVEL	= 1,
122 	LDAP_SCOPE_SUBTREE	= 2,
123 };
124 
125 enum result_code {
126 	LDAP_SUCCESS				= 0,
127 	LDAP_OPERATIONS_ERROR			= 1,
128 	LDAP_PROTOCOL_ERROR			= 2,
129 	LDAP_TIMELIMIT_EXCEEDED			= 3,
130 	LDAP_SIZELIMIT_EXCEEDED			= 4,
131 	LDAP_COMPARE_FALSE			= 5,
132 	LDAP_COMPARE_TRUE			= 6,
133 	LDAP_STRONG_AUTH_NOT_SUPPORTED		= 7,
134 	LDAP_STRONG_AUTH_REQUIRED		= 8,
135 
136 	LDAP_REFERRAL				= 10,
137 	LDAP_ADMINLIMIT_EXCEEDED		= 11,
138 	LDAP_UNAVAILABLE_CRITICAL_EXTENSION	= 12,
139 	LDAP_CONFIDENTIALITY_REQUIRED		= 13,
140 	LDAP_SASL_BIND_IN_PROGRESS		= 14,
141 	LDAP_NO_SUCH_ATTRIBUTE			= 16,
142 	LDAP_UNDEFINED_TYPE			= 17,
143 	LDAP_INAPPROPRIATE_MATCHING		= 18,
144 	LDAP_CONSTRAINT_VIOLATION		= 19,
145 	LDAP_TYPE_OR_VALUE_EXISTS		= 20,
146 	LDAP_INVALID_SYNTAX			= 21,
147 
148 	LDAP_NO_SUCH_OBJECT			= 32,
149 	LDAP_ALIAS_PROBLEM			= 33,
150 	LDAP_INVALID_DN_SYNTAX			= 34,
151 
152 	LDAP_ALIAS_DEREF_PROBLEM		= 36,
153 
154 	LDAP_INAPPROPRIATE_AUTH			= 48,
155 	LDAP_INVALID_CREDENTIALS		= 49,
156 	LDAP_INSUFFICIENT_ACCESS		= 50,
157 	LDAP_BUSY				= 51,
158 	LDAP_UNAVAILABLE			= 52,
159 	LDAP_UNWILLING_TO_PERFORM		= 53,
160 	LDAP_LOOP_DETECT			= 54,
161 
162 	LDAP_NAMING_VIOLATION			= 64,
163 	LDAP_OBJECT_CLASS_VIOLATION		= 65,
164 	LDAP_NOT_ALLOWED_ON_NONLEAF		= 66,
165 	LDAP_NOT_ALLOWED_ON_RDN			= 67,
166 	LDAP_ALREADY_EXISTS			= 68,
167 	LDAP_NO_OBJECT_CLASS_MODS		= 69,
168 
169 	LDAP_AFFECTS_MULTIPLE_DSAS		= 71,
170 
171 	LDAP_OTHER				= 80,
172 };
173 
174 enum filter {
175 	LDAP_FILT_AND		= 0,
176 	LDAP_FILT_OR		= 1,
177 	LDAP_FILT_NOT		= 2,
178 	LDAP_FILT_EQ		= 3,
179 	LDAP_FILT_SUBS		= 4,
180 	LDAP_FILT_GE		= 5,
181 	LDAP_FILT_LE		= 6,
182 	LDAP_FILT_PRES		= 7,
183 	LDAP_FILT_APPR		= 8,
184 };
185 
186 enum subfilter {
187 	LDAP_FILT_SUBS_INIT	= 0,
188 	LDAP_FILT_SUBS_ANY	= 1,
189 	LDAP_FILT_SUBS_FIN	= 2,
190 };
191 
192 struct aldap		*aldap_init(int fd);
193 int			 aldap_close(struct aldap *);
194 struct aldap_message	*aldap_parse(struct aldap *);
195 void			 aldap_freemsg(struct aldap_message *);
196 
197 int	 aldap_bind(struct aldap *, char *, char *);
198 int	 aldap_unbind(struct aldap *);
199 int	 aldap_search(struct aldap *, char *, enum scope, char *, char **, int, int, int, struct aldap_page_control *);
200 int	 aldap_get_errno(struct aldap *, const char **);
201 
202 int	 aldap_get_resultcode(struct aldap_message *);
203 char	*aldap_get_dn(struct aldap_message *);
204 char	*aldap_get_diagmsg(struct aldap_message *);
205 char	**aldap_get_references(struct aldap_message *);
206 void	 aldap_free_references(char **values);
207 #if 0
208 int	 aldap_parse_url(char *, struct aldap_url *);
209 void	 aldap_free_url(struct aldap_url *);
210 int	 aldap_search_url(struct aldap *, char *, int, int, int);
211 #endif
212 
213 int	 aldap_count_attrs(struct aldap_message *);
214 int	 aldap_match_attr(struct aldap_message *, char *, char ***);
215 int	 aldap_first_attr(struct aldap_message *, char **, char ***);
216 int	 aldap_next_attr(struct aldap_message *, char **, char ***);
217 int	 aldap_free_attr(char **);
218 
219 struct aldap_page_control *aldap_parse_page_control(struct ber_element *, size_t len);
220 void	 aldap_freepage(struct aldap_page_control *);
221