1238376Simp/* $Id: aldap.h,v 1.9 2012/04/30 21:40:03 jmatthew Exp $ */ 2238376Simp/* $OpenBSD: aldap.h,v 1.9 2012/04/30 21:40:03 jmatthew Exp $ */ 3238376Simp/* $FreeBSD$ */ 4238376Simp 5238376Simp/* 6238376Simp * Copyright (c) 2008 Alexander Schrijver <aschrijver@openbsd.org> 7238376Simp * Copyright (c) 2006, 2007 Marc Balmer <mbalmer@openbsd.org> 8238376Simp * 9238376Simp * Permission to use, copy, modify, and distribute this software for any 10238376Simp * purpose with or without fee is hereby granted, provided that the above 11238376Simp * copyright notice and this permission notice appear in all copies. 12238376Simp * 13238376Simp * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 14238376Simp * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 15238376Simp * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 16238376Simp * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 17238376Simp * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 18238376Simp * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 19238376Simp * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 20238376Simp */ 21238376Simp 22238376Simp#include <stdio.h> 23238376Simp#include "ber.h" 24238376Simp 25238376Simp#define LDAP_URL "ldap://" 26238376Simp#define LDAP_PORT 389 27238376Simp#define LDAP_PAGED_OID "1.2.840.113556.1.4.319" 28238376Simp 29238376Simpstruct aldap { 30238376Simp#define ALDAP_ERR_SUCCESS 0 31238376Simp#define ALDAP_ERR_PARSER_ERROR 1 32238376Simp#define ALDAP_ERR_INVALID_FILTER 2 33238376Simp#define ALDAP_ERR_OPERATION_FAILED 3 34238376Simp u_int8_t err; 35238376Simp int msgid; 36238376Simp struct ber ber; 37238376Simp}; 38238376Simp 39238376Simpstruct aldap_page_control { 40238376Simp int size; 41238376Simp char *cookie; 42238376Simp unsigned int cookie_len; 43238376Simp}; 44238376Simp 45238376Simpstruct aldap_message { 46238376Simp int msgid; 47238376Simp int message_type; 48238376Simp 49238376Simp struct ber_element *msg; 50238376Simp 51238376Simp struct ber_element *header; 52 struct ber_element *protocol_op; 53 54 struct ber_element *dn; 55 56 union { 57 struct { 58 long long rescode; 59 struct ber_element *diagmsg; 60 } res; 61 struct { 62 struct ber_element *iter; 63 struct ber_element *attrs; 64 } search; 65 } body; 66 struct ber_element *references; 67 struct aldap_page_control *page; 68}; 69 70enum aldap_protocol { 71 LDAP, 72 LDAPS 73}; 74 75struct aldap_url { 76 int protocol; 77 char *host; 78 in_port_t port; 79 char *dn; 80#define MAXATTR 1024 81 char *attributes[MAXATTR]; 82 int scope; 83 char *filter; 84 char *buffer; 85}; 86 87enum protocol_op { 88 LDAP_REQ_BIND = 0, 89 LDAP_RES_BIND = 1, 90 LDAP_REQ_UNBIND_30 = 2, 91 LDAP_REQ_SEARCH = 3, 92 LDAP_RES_SEARCH_ENTRY = 4, 93 LDAP_RES_SEARCH_RESULT = 5, 94 LDAP_REQ_MODIFY = 6, 95 LDAP_RES_MODIFY = 7, 96 LDAP_REQ_ADD = 8, 97 LDAP_RES_ADD = 9, 98 LDAP_REQ_DELETE_30 = 10, 99 LDAP_RES_DELETE = 11, 100 LDAP_REQ_MODRDN = 12, 101 LDAP_RES_MODRDN = 13, 102 LDAP_REQ_COMPARE = 14, 103 LDAP_RES_COMPARE = 15, 104 LDAP_REQ_ABANDON_30 = 16, 105 106 LDAP_RES_SEARCH_REFERENCE = 19, 107}; 108 109enum deref_aliases { 110 LDAP_DEREF_NEVER = 0, 111 LDAP_DEREF_SEARCHING = 1, 112 LDAP_DEREF_FINDING = 2, 113 LDAP_DEREF_ALWAYS = 3, 114}; 115 116enum authentication_choice { 117 LDAP_AUTH_SIMPLE = 0, 118}; 119 120enum scope { 121 LDAP_SCOPE_BASE = 0, 122 LDAP_SCOPE_ONELEVEL = 1, 123 LDAP_SCOPE_SUBTREE = 2, 124}; 125 126enum result_code { 127 LDAP_SUCCESS = 0, 128 LDAP_OPERATIONS_ERROR = 1, 129 LDAP_PROTOCOL_ERROR = 2, 130 LDAP_TIMELIMIT_EXCEEDED = 3, 131 LDAP_SIZELIMIT_EXCEEDED = 4, 132 LDAP_COMPARE_FALSE = 5, 133 LDAP_COMPARE_TRUE = 6, 134 LDAP_STRONG_AUTH_NOT_SUPPORTED = 7, 135 LDAP_STRONG_AUTH_REQUIRED = 8, 136 137 LDAP_REFERRAL = 10, 138 LDAP_ADMINLIMIT_EXCEEDED = 11, 139 LDAP_UNAVAILABLE_CRITICAL_EXTENSION = 12, 140 LDAP_CONFIDENTIALITY_REQUIRED = 13, 141 LDAP_SASL_BIND_IN_PROGRESS = 14, 142 LDAP_NO_SUCH_ATTRIBUTE = 16, 143 LDAP_UNDEFINED_TYPE = 17, 144 LDAP_INAPPROPRIATE_MATCHING = 18, 145 LDAP_CONSTRAINT_VIOLATION = 19, 146 LDAP_TYPE_OR_VALUE_EXISTS = 20, 147 LDAP_INVALID_SYNTAX = 21, 148 149 LDAP_NO_SUCH_OBJECT = 32, 150 LDAP_ALIAS_PROBLEM = 33, 151 LDAP_INVALID_DN_SYNTAX = 34, 152 153 LDAP_ALIAS_DEREF_PROBLEM = 36, 154 155 LDAP_INAPPROPRIATE_AUTH = 48, 156 LDAP_INVALID_CREDENTIALS = 49, 157 LDAP_INSUFFICIENT_ACCESS = 50, 158 LDAP_BUSY = 51, 159 LDAP_UNAVAILABLE = 52, 160 LDAP_UNWILLING_TO_PERFORM = 53, 161 LDAP_LOOP_DETECT = 54, 162 163 LDAP_NAMING_VIOLATION = 64, 164 LDAP_OBJECT_CLASS_VIOLATION = 65, 165 LDAP_NOT_ALLOWED_ON_NONLEAF = 66, 166 LDAP_NOT_ALLOWED_ON_RDN = 67, 167 LDAP_ALREADY_EXISTS = 68, 168 LDAP_NO_OBJECT_CLASS_MODS = 69, 169 170 LDAP_AFFECTS_MULTIPLE_DSAS = 71, 171 172 LDAP_OTHER = 80, 173}; 174 175enum filter { 176 LDAP_FILT_AND = 0, 177 LDAP_FILT_OR = 1, 178 LDAP_FILT_NOT = 2, 179 LDAP_FILT_EQ = 3, 180 LDAP_FILT_SUBS = 4, 181 LDAP_FILT_GE = 5, 182 LDAP_FILT_LE = 6, 183 LDAP_FILT_PRES = 7, 184 LDAP_FILT_APPR = 8, 185}; 186 187enum subfilter { 188 LDAP_FILT_SUBS_INIT = 0, 189 LDAP_FILT_SUBS_ANY = 1, 190 LDAP_FILT_SUBS_FIN = 2, 191}; 192 193struct aldap *aldap_init(int fd); 194int aldap_close(struct aldap *); 195struct aldap_message *aldap_parse(struct aldap *); 196void aldap_freemsg(struct aldap_message *); 197 198int aldap_bind(struct aldap *, char *, char *); 199int aldap_unbind(struct aldap *); 200int aldap_search(struct aldap *, char *, enum scope, char *, char **, int, int, int, struct aldap_page_control *); 201int aldap_get_errno(struct aldap *, const char **); 202 203int aldap_get_resultcode(struct aldap_message *); 204char *aldap_get_dn(struct aldap_message *); 205char *aldap_get_diagmsg(struct aldap_message *); 206char **aldap_get_references(struct aldap_message *); 207void aldap_free_references(char **values); 208#if 0 209int aldap_parse_url(char *, struct aldap_url *); 210void aldap_free_url(struct aldap_url *); 211int aldap_search_url(struct aldap *, char *, int, int, int); 212#endif 213 214int aldap_count_attrs(struct aldap_message *); 215int aldap_match_attr(struct aldap_message *, char *, char ***); 216int aldap_first_attr(struct aldap_message *, char **, char ***); 217int aldap_next_attr(struct aldap_message *, char **, char ***); 218int aldap_free_attr(char **); 219 220struct aldap_page_control *aldap_parse_page_control(struct ber_element *, size_t len); 221void aldap_freepage(struct aldap_page_control *); 222