12b4a7802SBaban Kenkre /* 22b4a7802SBaban Kenkre * CDDL HEADER START 32b4a7802SBaban Kenkre * 42b4a7802SBaban Kenkre * The contents of this file are subject to the terms of the 52b4a7802SBaban Kenkre * Common Development and Distribution License (the "License"). 62b4a7802SBaban Kenkre * You may not use this file except in compliance with the License. 72b4a7802SBaban Kenkre * 82b4a7802SBaban Kenkre * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 92b4a7802SBaban Kenkre * or http://www.opensolaris.org/os/licensing. 102b4a7802SBaban Kenkre * See the License for the specific language governing permissions 112b4a7802SBaban Kenkre * and limitations under the License. 122b4a7802SBaban Kenkre * 132b4a7802SBaban Kenkre * When distributing Covered Code, include this CDDL HEADER in each 142b4a7802SBaban Kenkre * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 152b4a7802SBaban Kenkre * If applicable, add the following below this CDDL HEADER, with the 162b4a7802SBaban Kenkre * fields enclosed by brackets "[]" replaced with your own identifying 172b4a7802SBaban Kenkre * information: Portions Copyright [yyyy] [name of copyright owner] 182b4a7802SBaban Kenkre * 192b4a7802SBaban Kenkre * CDDL HEADER END 202b4a7802SBaban Kenkre */ 212b4a7802SBaban Kenkre /* 227a8a68f5SJulian Pullen * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 232b4a7802SBaban Kenkre * Use is subject to license terms. 242b4a7802SBaban Kenkre */ 252b4a7802SBaban Kenkre 262b4a7802SBaban Kenkre #ifndef _ADUTILS_IMPL_H 272b4a7802SBaban Kenkre #define _ADUTILS_IMPL_H 282b4a7802SBaban Kenkre 292b4a7802SBaban Kenkre #include <stdlib.h> 302b4a7802SBaban Kenkre #include <stdio.h> 312b4a7802SBaban Kenkre #include <sys/types.h> 322b4a7802SBaban Kenkre #include <ldap.h> 332b4a7802SBaban Kenkre #include <pthread.h> 342b4a7802SBaban Kenkre #include "addisc.h" 35*9b214d32SJordan Brown #include <rpcsvc/idmap_prot.h> 362b4a7802SBaban Kenkre #include "libadutils.h" 372b4a7802SBaban Kenkre 382b4a7802SBaban Kenkre #ifdef __cplusplus 392b4a7802SBaban Kenkre extern "C" { 402b4a7802SBaban Kenkre #endif 412b4a7802SBaban Kenkre 422b4a7802SBaban Kenkre #define ADUTILS_SEARCH_TIMEOUT 3 432b4a7802SBaban Kenkre #define ADUTILS_LDAP_OPEN_TIMEOUT 1 442b4a7802SBaban Kenkre 454d61c878SJulian Pullen 462b4a7802SBaban Kenkre typedef struct adutils_sid { 472b4a7802SBaban Kenkre uchar_t version; 482b4a7802SBaban Kenkre uchar_t sub_authority_count; 492b4a7802SBaban Kenkre uint64_t authority; /* really, 48-bits */ 502b4a7802SBaban Kenkre uint32_t sub_authorities[ADUTILS_SID_MAX_SUB_AUTHORITIES]; 512b4a7802SBaban Kenkre } adutils_sid_t; 522b4a7802SBaban Kenkre 532b4a7802SBaban Kenkre struct adutils_host; 542b4a7802SBaban Kenkre 554d61c878SJulian Pullen struct known_domain { 564d61c878SJulian Pullen char name[MAXDOMAINNAME]; 577a8a68f5SJulian Pullen char sid[MAXSTRSID]; 584d61c878SJulian Pullen }; 594d61c878SJulian Pullen 602b4a7802SBaban Kenkre 612b4a7802SBaban Kenkre /* A set of DSs for a given AD partition */ 622b4a7802SBaban Kenkre struct adutils_ad { 632b4a7802SBaban Kenkre char *dflt_w2k_dom; /* used to qualify bare names */ 644d61c878SJulian Pullen int num_known_domains; 654d61c878SJulian Pullen struct known_domain *known_domains; 662b4a7802SBaban Kenkre pthread_mutex_t lock; 672b4a7802SBaban Kenkre uint32_t ref; 682b4a7802SBaban Kenkre struct adutils_host *last_adh; 692b4a7802SBaban Kenkre adutils_ad_partition_t partition; /* Data or global catalog? */ 702b4a7802SBaban Kenkre }; 712b4a7802SBaban Kenkre 722b4a7802SBaban Kenkre typedef struct adutils_attr { 732b4a7802SBaban Kenkre char *attr_name; 742b4a7802SBaban Kenkre uint_t num_values; 752b4a7802SBaban Kenkre char **attr_values; 762b4a7802SBaban Kenkre } adutils_attr_t; 772b4a7802SBaban Kenkre 782b4a7802SBaban Kenkre /* typedef in libadutils.h */ 792b4a7802SBaban Kenkre struct adutils_entry { 802b4a7802SBaban Kenkre uint_t num_nvpairs; 812b4a7802SBaban Kenkre adutils_attr_t *attr_nvpairs; 822b4a7802SBaban Kenkre struct adutils_entry *next; 832b4a7802SBaban Kenkre }; 842b4a7802SBaban Kenkre 852b4a7802SBaban Kenkre /* typedef in libadutils.h */ 862b4a7802SBaban Kenkre struct adutils_result { 872b4a7802SBaban Kenkre uint_t num_entries; 882b4a7802SBaban Kenkre adutils_entry_t *entries; 892b4a7802SBaban Kenkre }; 902b4a7802SBaban Kenkre 912b4a7802SBaban Kenkre /* A single DS */ 922b4a7802SBaban Kenkre typedef struct adutils_host { 932b4a7802SBaban Kenkre struct adutils_host *next; 942b4a7802SBaban Kenkre struct adutils_ad *owner; /* ad_t to which this belongs */ 952b4a7802SBaban Kenkre pthread_mutex_t lock; 962b4a7802SBaban Kenkre LDAP *ld; /* LDAP connection */ 972b4a7802SBaban Kenkre uint32_t ref; /* ref count */ 982b4a7802SBaban Kenkre time_t idletime; /* time since last activity */ 992b4a7802SBaban Kenkre int dead; /* error on LDAP connection */ 1002b4a7802SBaban Kenkre /* 1012b4a7802SBaban Kenkre * Used to distinguish between different instances of LDAP 1022b4a7802SBaban Kenkre * connections to this same DS. We need this so we never mix up 1032b4a7802SBaban Kenkre * results for a given msgID from one connection with those of 1042b4a7802SBaban Kenkre * another earlier connection where two batch state structures 1052b4a7802SBaban Kenkre * share this adutils_host object but used different LDAP connections 1062b4a7802SBaban Kenkre * to send their LDAP searches. 1072b4a7802SBaban Kenkre */ 1082b4a7802SBaban Kenkre uint64_t generation; 1092b4a7802SBaban Kenkre 1102b4a7802SBaban Kenkre /* LDAP DS info */ 1112b4a7802SBaban Kenkre char *host; 1122b4a7802SBaban Kenkre int port; 1132b4a7802SBaban Kenkre 1142b4a7802SBaban Kenkre /* hardwired to SASL GSSAPI only for now */ 1152b4a7802SBaban Kenkre char *saslmech; 1162b4a7802SBaban Kenkre unsigned saslflags; 1172b4a7802SBaban Kenkre 1182b4a7802SBaban Kenkre /* Number of outstanding search requests */ 1192b4a7802SBaban Kenkre uint32_t max_requests; 1202b4a7802SBaban Kenkre uint32_t num_requests; 1212b4a7802SBaban Kenkre } adutils_host_t; 1222b4a7802SBaban Kenkre 1232b4a7802SBaban Kenkre /* A place to put the results of a batched (async) query */ 1242b4a7802SBaban Kenkre typedef struct adutils_q { 1252b4a7802SBaban Kenkre const char *edomain; /* expected domain name */ 1262b4a7802SBaban Kenkre struct adutils_result **result; /* The LDAP search result */ 1272b4a7802SBaban Kenkre adutils_rc *rc; 1282b4a7802SBaban Kenkre int msgid; /* LDAP message ID */ 1292b4a7802SBaban Kenkre } adutils_q_t; 1302b4a7802SBaban Kenkre 1312b4a7802SBaban Kenkre /* Batch context structure */ 1322b4a7802SBaban Kenkre struct adutils_query_state { 1332b4a7802SBaban Kenkre struct adutils_query_state *next; 1344d61c878SJulian Pullen int qsize; /* Size of queries */ 1352b4a7802SBaban Kenkre int ref_cnt; /* reference count */ 1362b4a7802SBaban Kenkre pthread_cond_t cv; /* Condition wait variable */ 1374d61c878SJulian Pullen uint32_t qcount; /* Number of items queued */ 1382b4a7802SBaban Kenkre uint32_t qinflight; /* how many queries in flight */ 1392b4a7802SBaban Kenkre uint16_t qdead; /* oops, lost LDAP connection */ 1402b4a7802SBaban Kenkre adutils_host_t *qadh; /* LDAP connection */ 1412b4a7802SBaban Kenkre uint64_t qadh_gen; /* same as qadh->generation */ 1422b4a7802SBaban Kenkre adutils_ldap_res_search_cb ldap_res_search_cb; 1432b4a7802SBaban Kenkre void *ldap_res_search_argp; 1442b4a7802SBaban Kenkre char *default_domain; 1452b4a7802SBaban Kenkre char *basedn; 1462b4a7802SBaban Kenkre adutils_q_t queries[1]; /* array of query results */ 1472b4a7802SBaban Kenkre }; 1482b4a7802SBaban Kenkre 1497a8a68f5SJulian Pullen /* Private routines */ 1507a8a68f5SJulian Pullen 1517a8a68f5SJulian Pullen char *DN_to_DNS(const char *dn_name); 1527a8a68f5SJulian Pullen 1537a8a68f5SJulian Pullen int adutils_getsid(BerValue *bval, adutils_sid_t *sidp); 1547a8a68f5SJulian Pullen 1557a8a68f5SJulian Pullen char *adutils_sid2txt(adutils_sid_t *sidp); 1567a8a68f5SJulian Pullen 1577a8a68f5SJulian Pullen int saslcallback(LDAP *ld, unsigned flags, void *defaults, void *prompts); 1587a8a68f5SJulian Pullen 1597a8a68f5SJulian Pullen /* Global logger function */ 1607a8a68f5SJulian Pullen 1617a8a68f5SJulian Pullen extern adutils_logger logger; 1627a8a68f5SJulian Pullen 1632b4a7802SBaban Kenkre #ifdef __cplusplus 1642b4a7802SBaban Kenkre } 1652b4a7802SBaban Kenkre #endif 1662b4a7802SBaban Kenkre 1672b4a7802SBaban Kenkre #endif /* _ADUTILS_IMPL_H */ 168