Skip to content
Permalink
bee40126da
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

autofs/include/lookup_ldap.h

Go to file
 
 
Cannot retrieve contributors at this time
137 lines (114 sloc) 3.16 KB
Raw Blame
#ifndef LOOKUP_LDAP_H
#define LOOKUP_LDAP_H
#include <ldap.h>
#ifdef WITH_SASL
#include <openssl/ssl.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <sasl/sasl.h>
#include <krb5.h>
#endif
#include <libxml/tree.h>
#include "list.h"
#include "dclist.h"
struct ldap_schema {
char *map_class;
char *map_attr;
char *entry_class;
char *entry_attr;
char *value_attr;
};
struct ldap_uri {
char *uri;
struct list_head list;
};
struct ldap_searchdn {
char *basedn;
struct ldap_searchdn *next;
};
struct ldap_conn {
LDAP *ldap;
#ifdef WITH_SASL
sasl_conn_t *sasl_conn;
#endif
};
struct lookup_context {
char *mapname;
unsigned int format;
char *server;
int port;
char *base;
char *qdn;
unsigned int timeout;
unsigned int network_timeout;
unsigned long timestamp;
unsigned int check_defaults;
/* LDAP version 2 or 3 */
int version;
/* LDAP lookup configuration */
struct ldap_schema *schema;
/*
* List of servers and base dns for searching.
* uri is the list of servers to attempt connection to and is
* used only if server, above, is NULL. The head of the list
* is the server which we are currently connected to.
* cur_host tracks chnages to connected server, triggering
* a scan of basedns when it changes.
* sdns is the list of basdns to check, done in the order
* given in configuration.
*/
pthread_mutex_t uris_mutex;
struct list_head *uris;
struct ldap_uri *uri;
struct dclist *dclist;
char *cur_host;
struct ldap_searchdn *sdns;
/* TLS and SASL authentication information */
char *auth_conf;
unsigned use_tls;
unsigned tls_required;
unsigned auth_required;
char *sasl_mech;
char *user;
char *secret;
char *client_princ;
char *client_cc;
int kinit_done;
int kinit_successful;
#ifdef WITH_SASL
/* Kerberos */
krb5_context krb5ctxt;
krb5_ccache krb5_ccache;
/* SASL external */
char *extern_cert;
char *extern_key;
#endif
/* keytab file name needs to be added */
struct parse_mod *parse;
};
#define LDAP_AUTH_CONF_FILE "test"
#define LDAP_TLS_DONT_USE 0
#define LDAP_TLS_REQUIRED 1
#define LDAP_TLS_INIT 1
#define LDAP_TLS_RELEASE 2
#define LDAP_AUTH_NOTREQUIRED 0x0001
#define LDAP_AUTH_REQUIRED 0x0002
#define LDAP_AUTH_AUTODETECT 0x0004
#define LDAP_NEED_AUTH (LDAP_AUTH_REQUIRED|LDAP_AUTH_AUTODETECT)
#define LDAP_AUTH_USESIMPLE 0x0008
/* lookup_ldap.c */
LDAP *init_ldap_connection(unsigned logopt, const char *uri, struct lookup_context *ctxt);
int unbind_ldap_connection(unsigned logopt, struct ldap_conn *conn, struct lookup_context *ctxt);
int authtype_requires_creds(const char *authtype);
#ifdef WITH_SASL
/* cyrus-sasl.c */
int autofs_sasl_client_init(unsigned logopt);
int autofs_sasl_init(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt);
int autofs_sasl_bind(unsigned logopt, struct ldap_conn *conn, struct lookup_context *ctxt);
void autofs_sasl_unbind(struct ldap_conn *conn, struct lookup_context *ctxt);
void autofs_sasl_dispose(struct ldap_conn *conn, struct lookup_context *ctxt);
void autofs_sasl_done(void);
/* cyrus-sasl-extern */
int do_sasl_extern(LDAP *ldap, struct lookup_context *ctxt);
#endif
#endif