xref: /illumos-gate/usr/src/lib/libadutils/common/libadutils.h (revision 4d61c878ad5fbf36c5338bef5994cc5fe88a589a)

/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License (the "License").
 * You may not use this file except in compliance with the License.
 *
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 * or http://www.opensolaris.org/os/licensing.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 * If applicable, add the following below this CDDL HEADER, with the
 * fields enclosed by brackets "[]" replaced with your own identifying
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */
/*
 * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
 * Use is subject to license terms.
 */

#ifndef	_LIBADUTILS_H
#define	_LIBADUTILS_H

#include <stdlib.h>
#include <stdio.h>
#include <sys/types.h>
#include <rpc/rpc.h>
#include <ldap.h>

#ifdef	__cplusplus
extern "C" {
#endif

#define	ADUTILS_DEF_NUM_RETRIES	2
#define	ADUTILS_SID_MAX_SUB_AUTHORITIES	15
#define	ADUTILS_MAXBINSID\
	(1 + 1 + 6 + (ADUTILS_SID_MAX_SUB_AUTHORITIES * 4))
#define	ADUTILS_MAXHEXBINSID	(ADUTILS_MAXBINSID * 3)

typedef struct adutils_ad adutils_ad_t;
typedef struct adutils_entry adutils_entry_t;
typedef struct adutils_result adutils_result_t;
typedef struct adutils_ctx adutils_ctx_t;
typedef struct adutils_query_state adutils_query_state_t;

/*
 * Typedef for callback routine for adutils_lookup_batch_start.
 * This callback routine is used to process the result of
 * ldap_result(3LDAP).
 *	ld   - LDAP handle used by ldap_result(3LDAP)
 *	res  - Entry returned by ldap_result(3LDAP)
 *	rc   - Return value of ldap_result(3LDAP)
 *	qid  - Query ID that corresponds to the result.
 *	argp - Argument passed by the caller at the time
 *	       of adutils_lookup_batch_start.
 */
typedef void (*adutils_ldap_res_search_cb)(LDAP *ld, LDAPMessage **res,
	int rc, int qid, void *argp);

typedef enum {
	ADUTILS_SUCCESS = 0,
	ADUTILS_ERR_INTERNAL = -10000,
	ADUTILS_ERR_OTHER,
	ADUTILS_ERR_NOTFOUND,
	ADUTILS_ERR_RETRIABLE_NET_ERR,
	ADUTILS_ERR_MEMORY,
	ADUTILS_ERR_DOMAIN
} adutils_rc;

/*
 * We use the port numbers for normal LDAP and global catalog LDAP as
 * the enum values for this enumeration.  Clever?  Silly?  You decide.
 * Although we never actually use these enum values as port numbers and
 * never will, so this is just cute.
 */
typedef enum adutils_ad_partition {
	ADUTILS_AD_DATA = 389,
	ADUTILS_AD_GLOBAL_CATALOG = 3268
} adutils_ad_partition_t;


/*
 * adutils interfaces:
 *
 *  - an adutils_ad_t represents an AD partition
 *  - a DS (hostname + port, if port != 0) can be added/removed from an
 *  adutils_ad_t
 *  - an adutils_ad_t can be allocated, ref'ed and released; last release
 *  releases resources
 *
 *
 * adutils_lookup_batch_xxx interfaces:
 *
 * These interfaces allow the caller to batch AD lookup requests. The
 * batched requests are processed asynchronously. The actual lookup
 * is currently implement using libldap's ldap_search_ext(3LDAP) and
 * ldap_result(3LDAP) APIs.
 *
 *	Example:
 *      	adutils_query_state_t	*qs;
 *      	adutils_lookup_batch_start(..., &qs);
 *		for each request {
 *			rc = adutils_lookup_batch_add(qs, ...);
 *			if (rc != success)
 *				break;
 *		}
 *		if (rc == success)
 *			adutils_lookup_batch_end(&qs);
 *		else
 *			adutils_lookup_batch_release(&qs);
 *
 *	The adutils_lookup_batch_start interface allows the caller to pass
 *	in a callback function that's invoked when ldap_result() returns
 *	LDAP_RES_SEARCH_RESULT and LDAP_RES_SEARCH_ENTRY for each request.
 *
 *	If no callback is provided then adutils batch API falls back to its
 *	default behaviour which is:
 *		For LDAP_RES_SEARCH_ENTRY, add the entry to the entry set.
 *		For LDAP_RES_SEARCH_RESULT, set return code to
 *			ADUTILS_ERR_NOTFOUND if the entry set is empty.
 *
 *	See $SRC/cmd/idmap/idmapd/adutils.c for an example of
 *      non-default callback routine.
 *
 */

extern adutils_rc	adutils_ad_alloc(adutils_ad_t **new_ad,
				const char *default_domain,
				adutils_ad_partition_t part);
extern void		adutils_ad_free(adutils_ad_t **ad);
extern adutils_rc	adutils_add_ds(adutils_ad_t *ad,
				const char *host, int port);
extern adutils_rc	adutils_add_domain(adutils_ad_t *ad,
				const char *domain_name,
				const char *domain_sid);
extern void		adutils_set_log(int pri, bool_t syslog,
				bool_t degraded);
extern void		adutils_freeresult(adutils_result_t **result);
extern adutils_rc	adutils_lookup(adutils_ad_t *ad,
				const char *searchfilter,
				const char **attrs, const char *domain,
				adutils_result_t **result);
extern char		**adutils_getattr(const adutils_entry_t *entry,
				const char *attrname);
extern const adutils_entry_t	*adutils_getfirstentry(
					adutils_result_t *result);
extern int		adutils_txtsid2hexbinsid(const char *txt,
				const uint32_t *rid,
				char *hexbinsid, int hexbinsidlen);
extern char		*adutils_bv_name2str(BerValue *bval);
extern char		*adutils_bv_objsid2sidstr(BerValue *bval,
				uint32_t *rid);
extern void		adutils_reap_idle_connections(void);
extern char		*adutils_dn2dns(const char *dn);
extern adutils_rc	adutils_lookup_batch_start(adutils_ad_t *ad,
				int nqueries,
				adutils_ldap_res_search_cb ldap_res_search_cb,
				void *ldap_res_search_argp,
				adutils_query_state_t **state);
extern adutils_rc	adutils_lookup_batch_add(adutils_query_state_t *state,
				const char *filter, const char **attrs,
				const char *edomain, adutils_result_t **result,
				adutils_rc *rc);
extern adutils_rc	adutils_lookup_batch_end(
				adutils_query_state_t **state);
extern void		adutils_lookup_batch_release(
				adutils_query_state_t **state);
extern const char	*adutils_lookup_batch_getdefdomain(
				adutils_query_state_t *state);
extern int		adutils_lookup_check_domain(
				adutils_query_state_t *state,
				const char *domain);
extern int		adutils_lookup_check_sid_prefix(
				adutils_query_state_t *state,
				const char *sid);

#ifdef	__cplusplus
}
#endif

#endif	/* _LIBADUTILS_H */