1290931Srodrigc/*	$OpenBSD: ypldap.h,v 1.16 2015/01/16 06:40:22 deraadt Exp $ */
2290931Srodrigc/*	$FreeBSD: stable/11/usr.sbin/ypldap/ypldap.h 359754 2020-04-09 20:38:36Z kevans $ */
3290931Srodrigc
4290931Srodrigc/*
5290931Srodrigc * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org>
6290931Srodrigc *
7290931Srodrigc * Permission to use, copy, modify, and distribute this software for any
8290931Srodrigc * purpose with or without fee is hereby granted, provided that the above
9290931Srodrigc * copyright notice and this permission notice appear in all copies.
10290931Srodrigc *
11290931Srodrigc * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12290931Srodrigc * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13290931Srodrigc * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14290931Srodrigc * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15290931Srodrigc * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16290931Srodrigc * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17290931Srodrigc * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18290931Srodrigc */
19290931Srodrigc
20290931Srodrigc#include <imsg.h>
21290931Srodrigc
22290931Srodrigc#define YPLDAP_USER		"_ypldap"
23290931Srodrigc#define YPLDAP_CONF_FILE	"/etc/ypldap.conf"
24290931Srodrigc#define DEFAULT_INTERVAL	600
25290931Srodrigc#define LINE_WIDTH		1024
26290931Srodrigc#define FILTER_WIDTH		128
27290931Srodrigc#define ATTR_WIDTH		32
28290931Srodrigc
29290931Srodrigc#define        MAX_SERVERS_DNS                 8
30290931Srodrigc
31290931Srodrigcenum imsg_type {
32290931Srodrigc	IMSG_NONE,
33290931Srodrigc	IMSG_CONF_START,
34290931Srodrigc	IMSG_CONF_IDM,
35290931Srodrigc	IMSG_CONF_END,
36290931Srodrigc	IMSG_START_UPDATE,
37290931Srodrigc	IMSG_END_UPDATE,
38290931Srodrigc	IMSG_TRASH_UPDATE,
39290931Srodrigc	IMSG_PW_ENTRY,
40290931Srodrigc	IMSG_GRP_ENTRY,
41290931Srodrigc	IMSG_HOST_DNS
42290931Srodrigc};
43290931Srodrigc
44290931Srodrigcstruct ypldap_addr {
45297907Saraujo	TAILQ_ENTRY(ypldap_addr)	next;
46297907Saraujo	struct sockaddr_storage         ss;
47290931Srodrigc};
48297907SaraujoTAILQ_HEAD(ypldap_addr_list, ypldap_addr);
49290931Srodrigc
50359754Skevansenum ypldap_process_type {
51290931Srodrigc	PROC_MAIN,
52290931Srodrigc	PROC_CLIENT
53359754Skevans};
54359754Skevansextern enum ypldap_process_type		ypldap_process;
55290931Srodrigc
56290931Srodrigcstruct userent {
57290931Srodrigc	RB_ENTRY(userent)		 ue_name_node;
58290931Srodrigc	RB_ENTRY(userent)		 ue_uid_node;
59290931Srodrigc	uid_t				 ue_uid;
60290931Srodrigc	char				*ue_line;
61290931Srodrigc	char				*ue_netid_line;
62290931Srodrigc	gid_t				 ue_gid;
63290931Srodrigc};
64290931Srodrigc
65290931Srodrigcstruct groupent {
66290931Srodrigc	RB_ENTRY(groupent)		 ge_name_node;
67290931Srodrigc	RB_ENTRY(groupent)		 ge_gid_node;
68290931Srodrigc	gid_t				 ge_gid;
69290931Srodrigc	char				*ge_line;
70290931Srodrigc};
71290931Srodrigc
72290931Srodrigcenum client_state {
73290931Srodrigc        STATE_NONE,
74290931Srodrigc        STATE_DNS_INPROGRESS,
75290931Srodrigc        STATE_DNS_TEMPFAIL,
76290931Srodrigc        STATE_DNS_DONE,
77290931Srodrigc	STATE_LDAP_FAIL,
78290931Srodrigc	STATE_LDAP_DONE
79290931Srodrigc};
80290931Srodrigc
81290931Srodrigc/*
82290931Srodrigc * beck, djm, dlg: pay attention to the struct name
83290931Srodrigc */
84290931Srodrigcstruct idm {
85290931Srodrigc	TAILQ_ENTRY(idm)		 idm_entry;
86290931Srodrigc	u_int32_t                        idm_id;
87290935Srodrigc	char				 idm_name[MAXHOSTNAMELEN];
88290931Srodrigc#define F_SSL				 0x00100000
89290931Srodrigc#define F_CONFIGURING			 0x00200000
90290931Srodrigc#define F_NEEDAUTH			 0x00400000
91290931Srodrigc#define F_FIXED_ATTR(n)			 (1<<n)
92290931Srodrigc#define F_LIST(n)                        (1<<n)
93290931Srodrigc	enum client_state		 idm_state;
94290931Srodrigc	u_int32_t			 idm_flags; /* lower 20 reserved */
95290931Srodrigc	u_int32_t			 idm_list;
96297907Saraujo	struct ypldap_addr_list		 idm_addr;
97290931Srodrigc	in_port_t			 idm_port;
98290931Srodrigc	char				 idm_binddn[LINE_WIDTH];
99290931Srodrigc	char				 idm_bindcred[LINE_WIDTH];
100290931Srodrigc	char				 idm_basedn[LINE_WIDTH];
101290931Srodrigc	char				 idm_groupdn[LINE_WIDTH];
102290931Srodrigc#define FILTER_USER			 1
103290931Srodrigc#define FILTER_GROUP			 0
104290931Srodrigc	char				 idm_filters[2][FILTER_WIDTH];
105290931Srodrigc#define ATTR_NAME			 0
106290931Srodrigc#define ATTR_PASSWD			 1
107290931Srodrigc#define ATTR_UID			 2
108290931Srodrigc#define ATTR_GID			 3
109290931Srodrigc#define ATTR_CLASS			 4
110290931Srodrigc#define ATTR_CHANGE			 5
111290931Srodrigc#define ATTR_EXPIRE			 6
112290931Srodrigc#define ATTR_GECOS			 7
113290931Srodrigc#define ATTR_DIR			 8
114290931Srodrigc#define ATTR_SHELL			 9
115290931Srodrigc#define ATTR_GR_NAME			 10
116290931Srodrigc#define ATTR_GR_PASSWD			 11
117290931Srodrigc#define ATTR_GR_GID			 12
118290931Srodrigc#define ATTR_GR_MEMBERS			 13
119290931Srodrigc#define ATTR_MAX			 10
120290931Srodrigc#define ATTR_GR_MIN			 10
121290931Srodrigc#define ATTR_GR_MAX			 14
122290931Srodrigc	char				 idm_attrs[14][ATTR_WIDTH];
123290931Srodrigc	struct env			*idm_env;
124290931Srodrigc	struct event			 idm_ev;
125290931Srodrigc#ifdef SSL
126290931Srodrigc	struct ssl			*idm_ssl;
127290931Srodrigc#endif
128290931Srodrigc};
129290931Srodrigc
130290931Srodrigcstruct idm_req {
131290931Srodrigc	union {
132290931Srodrigc		uid_t			 ik_uid;
133290931Srodrigc		uid_t			 ik_gid;
134290931Srodrigc	}				 ir_key;
135290931Srodrigc	char				 ir_line[LINE_WIDTH];
136290931Srodrigc};
137290931Srodrigc
138290931Srodrigcstruct imsgev {
139290931Srodrigc	struct imsgbuf		 ibuf;
140290931Srodrigc	void			(*handler)(int, short, void *);
141290931Srodrigc	struct event		 ev;
142290931Srodrigc	void			*data;
143290931Srodrigc	short			 events;
144290931Srodrigc};
145290931Srodrigc
146290931Srodrigcstruct env {
147290931Srodrigc#define YPLDAP_OPT_VERBOSE		 0x01
148290931Srodrigc#define YPLDAP_OPT_NOACTION		 0x02
149290931Srodrigc	u_int8_t			 sc_opts;
150290931Srodrigc#define YPMAP_PASSWD_BYNAME		 0x00000001
151290931Srodrigc#define YPMAP_PASSWD_BYUID		 0x00000002
152290931Srodrigc#define YPMAP_MASTER_PASSWD_BYNAME	 0x00000004
153290931Srodrigc#define YPMAP_MASTER_PASSWD_BYUID	 0x00000008
154290931Srodrigc#define YPMAP_GROUP_BYNAME		 0x00000010
155290931Srodrigc#define YPMAP_GROUP_BYGID		 0x00000020
156290931Srodrigc#define YPMAP_NETID_BYNAME		 0x00000040
157290931Srodrigc	u_int32_t			 sc_flags;
158290931Srodrigc
159290931Srodrigc	u_int32_t			 sc_maxid;
160290931Srodrigc
161290935Srodrigc	char				 sc_domainname[MAXHOSTNAMELEN];
162290931Srodrigc	struct timeval			 sc_conf_tv;
163290931Srodrigc	struct event			 sc_conf_ev;
164290931Srodrigc	TAILQ_HEAD(idm_list, idm)	 sc_idms;
165290931Srodrigc	struct imsgev			*sc_iev;
166290931Srodrigc	struct imsgev			*sc_iev_dns;
167290931Srodrigc
168290931Srodrigc	RB_HEAD(user_name_tree,userent)	 *sc_user_names;
169290931Srodrigc	RB_HEAD(user_uid_tree,userent)	 sc_user_uids;
170290931Srodrigc	RB_HEAD(group_name_tree,groupent)*sc_group_names;
171290931Srodrigc	RB_HEAD(group_gid_tree,groupent) sc_group_gids;
172290931Srodrigc	struct user_name_tree		 *sc_user_names_t;
173290931Srodrigc	struct group_name_tree		 *sc_group_names_t;
174290931Srodrigc	size_t				 sc_user_line_len;
175290931Srodrigc	size_t				 sc_group_line_len;
176290931Srodrigc	char				*sc_user_lines;
177290931Srodrigc	char				*sc_group_lines;
178290931Srodrigc
179290931Srodrigc	struct yp_data			*sc_yp;
180290931Srodrigc
181290931Srodrigc	int				 update_trashed;
182290931Srodrigc};
183290931Srodrigc
184290931Srodrigc/* log.c */
185290931Srodrigcvoid		 log_init(int);
186290931Srodrigcvoid		 log_warn(const char *, ...);
187290931Srodrigcvoid		 log_warnx(const char *, ...);
188290931Srodrigcvoid		 log_info(const char *, ...);
189290931Srodrigcvoid		 log_debug(const char *, ...);
190290931Srodrigcvoid		 logit(int, const char *, ...);
191290931Srodrigcvoid		 vlog(int, const char *, va_list);
192290936Srodrigc__dead2 void	 fatal(const char *);
193290936Srodrigc__dead2 void	 fatalx(const char *);
194290931Srodrigc
195290931Srodrigc/* parse.y */
196290931Srodrigcint		 parse_config(struct env *, const char *, int);
197290931Srodrigcint		 cmdline_symset(char *);
198290931Srodrigc
199290931Srodrigc/* ldapclient.c */
200290931Srodrigcpid_t		 ldapclient(int []);
201290931Srodrigc
202290931Srodrigc/* ypldap.c */
203290931Srodrigcvoid		 purge_config(struct env *);
204290931Srodrigcvoid		 imsg_event_add(struct imsgev *);
205290931Srodrigcint	 	 imsg_compose_event(struct imsgev *, u_int16_t, u_int32_t,
206290931Srodrigc		    pid_t, int, void *, u_int16_t);
207290931Srodrigc
208290931Srodrigc/* entries.c */
209290931Srodrigcvoid		 flatten_entries(struct env *);
210290931Srodrigcint		 userent_name_cmp(struct userent *, struct userent *);
211290931Srodrigcint		 userent_uid_cmp(struct userent *, struct userent *);
212290931Srodrigcint		 groupent_name_cmp(struct groupent *, struct groupent *);
213290931Srodrigcint		 groupent_gid_cmp(struct groupent *, struct groupent *);
214290931SrodrigcRB_PROTOTYPE(	 user_name_tree, userent, ue_name_node, userent_name_cmp);
215290931SrodrigcRB_PROTOTYPE(	 user_uid_tree, userent, ue_uid_node, userent_uid_cmp);
216290931SrodrigcRB_PROTOTYPE(	 group_name_tree, groupent, ge_name_node, groupent_name_cmp);
217290931SrodrigcRB_PROTOTYPE(	 group_gid_tree, groupent, ge_gid_node, groupent_gid_cmp);
218290931Srodrigc
219290931Srodrigc/* yp.c */
220290931Srodrigcvoid		 yp_init(struct env *);
221290931Srodrigcvoid		 yp_enable_events(void);
222290931Srodrigc
223290931Srodrigc/* ypldap_dns.c */
224290931Srodrigcpid_t		 ypldap_dns(int[2], struct passwd *);
225