1/* $OpenBSD: ypldap.h,v 1.16 2015/01/16 06:40:22 deraadt Exp $ */ 2/* $FreeBSD$ */ 3 4/* 5 * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20#include <imsg.h> 21 22#define YPLDAP_USER "_ypldap" 23#define YPLDAP_CONF_FILE "/etc/ypldap.conf" 24#define DEFAULT_INTERVAL 600 25#define LINE_WIDTH 1024 26#define FILTER_WIDTH 128 27#define ATTR_WIDTH 32 28 29#define MAX_SERVERS_DNS 8 30 31enum imsg_type { 32 IMSG_NONE, 33 IMSG_CONF_START, 34 IMSG_CONF_IDM, 35 IMSG_CONF_END, 36 IMSG_START_UPDATE, 37 IMSG_END_UPDATE, 38 IMSG_TRASH_UPDATE, 39 IMSG_PW_ENTRY, 40 IMSG_GRP_ENTRY, 41 IMSG_HOST_DNS 42}; 43 44struct ypldap_addr { 45 TAILQ_ENTRY(ypldap_addr) next; 46 struct sockaddr_storage ss; 47}; 48TAILQ_HEAD(ypldap_addr_list, ypldap_addr); 49 50enum ypldap_process_type { 51 PROC_MAIN, 52 PROC_CLIENT 53}; 54extern enum ypldap_process_type ypldap_process; 55 56struct userent { 57 RB_ENTRY(userent) ue_name_node; 58 RB_ENTRY(userent) ue_uid_node; 59 uid_t ue_uid; 60 char *ue_line; 61 char *ue_netid_line; 62 gid_t ue_gid; 63}; 64 65struct groupent { 66 RB_ENTRY(groupent) ge_name_node; 67 RB_ENTRY(groupent) ge_gid_node; 68 gid_t ge_gid; 69 char *ge_line; 70}; 71 72enum client_state { 73 STATE_NONE, 74 STATE_DNS_INPROGRESS, 75 STATE_DNS_TEMPFAIL, 76 STATE_DNS_DONE, 77 STATE_LDAP_FAIL, 78 STATE_LDAP_DONE 79}; 80 81/* 82 * beck, djm, dlg: pay attention to the struct name 83 */ 84struct idm { 85 TAILQ_ENTRY(idm) idm_entry; 86 u_int32_t idm_id; 87 char idm_name[MAXHOSTNAMELEN]; 88#define F_SSL 0x00100000 89#define F_CONFIGURING 0x00200000 90#define F_NEEDAUTH 0x00400000 91#define F_FIXED_ATTR(n) (1<<n) 92#define F_LIST(n) (1<<n) 93 enum client_state idm_state; 94 u_int32_t idm_flags; /* lower 20 reserved */ 95 u_int32_t idm_list; 96 struct ypldap_addr_list idm_addr; 97 in_port_t idm_port; 98 char idm_binddn[LINE_WIDTH]; 99 char idm_bindcred[LINE_WIDTH]; 100 char idm_basedn[LINE_WIDTH]; 101 char idm_groupdn[LINE_WIDTH]; 102#define FILTER_USER 1 103#define FILTER_GROUP 0 104 char idm_filters[2][FILTER_WIDTH]; 105#define ATTR_NAME 0 106#define ATTR_PASSWD 1 107#define ATTR_UID 2 108#define ATTR_GID 3 109#define ATTR_CLASS 4 110#define ATTR_CHANGE 5 111#define ATTR_EXPIRE 6 112#define ATTR_GECOS 7 113#define ATTR_DIR 8 114#define ATTR_SHELL 9 115#define ATTR_GR_NAME 10 116#define ATTR_GR_PASSWD 11 117#define ATTR_GR_GID 12 118#define ATTR_GR_MEMBERS 13 119#define ATTR_MAX 10 120#define ATTR_GR_MIN 10 121#define ATTR_GR_MAX 14 122 char idm_attrs[14][ATTR_WIDTH]; 123 struct env *idm_env; 124 struct event idm_ev; 125#ifdef SSL 126 struct ssl *idm_ssl; 127#endif 128}; 129 130struct idm_req { 131 union { 132 uid_t ik_uid; 133 uid_t ik_gid; 134 } ir_key; 135 char ir_line[LINE_WIDTH]; 136}; 137 138struct imsgev { 139 struct imsgbuf ibuf; 140 void (*handler)(int, short, void *); 141 struct event ev; 142 void *data; 143 short events; 144}; 145 146struct env { 147#define YPLDAP_OPT_VERBOSE 0x01 148#define YPLDAP_OPT_NOACTION 0x02 149 u_int8_t sc_opts; 150#define YPMAP_PASSWD_BYNAME 0x00000001 151#define YPMAP_PASSWD_BYUID 0x00000002 152#define YPMAP_MASTER_PASSWD_BYNAME 0x00000004 153#define YPMAP_MASTER_PASSWD_BYUID 0x00000008 154#define YPMAP_GROUP_BYNAME 0x00000010 155#define YPMAP_GROUP_BYGID 0x00000020 156#define YPMAP_NETID_BYNAME 0x00000040 157 u_int32_t sc_flags; 158 159 u_int32_t sc_maxid; 160 161 char sc_domainname[MAXHOSTNAMELEN]; 162 struct timeval sc_conf_tv; 163 struct event sc_conf_ev; 164 TAILQ_HEAD(idm_list, idm) sc_idms; 165 struct imsgev *sc_iev; 166 struct imsgev *sc_iev_dns; 167 168 RB_HEAD(user_name_tree,userent) *sc_user_names; 169 RB_HEAD(user_uid_tree,userent) sc_user_uids; 170 RB_HEAD(group_name_tree,groupent)*sc_group_names; 171 RB_HEAD(group_gid_tree,groupent) sc_group_gids; 172 struct user_name_tree *sc_user_names_t; 173 struct group_name_tree *sc_group_names_t; 174 size_t sc_user_line_len; 175 size_t sc_group_line_len; 176 char *sc_user_lines; 177 char *sc_group_lines; 178 179 struct yp_data *sc_yp; 180 181 int update_trashed; 182}; 183 184/* log.c */ 185void log_init(int); 186void log_warn(const char *, ...); 187void log_warnx(const char *, ...); 188void log_info(const char *, ...); 189void log_debug(const char *, ...); 190void logit(int, const char *, ...); 191void vlog(int, const char *, va_list); 192__dead2 void fatal(const char *); 193__dead2 void fatalx(const char *); 194 195/* parse.y */ 196int parse_config(struct env *, const char *, int); 197int cmdline_symset(char *); 198 199/* ldapclient.c */ 200pid_t ldapclient(int []); 201 202/* ypldap.c */ 203void purge_config(struct env *); 204void imsg_event_add(struct imsgev *); 205int imsg_compose_event(struct imsgev *, u_int16_t, u_int32_t, 206 pid_t, int, void *, u_int16_t); 207 208/* entries.c */ 209void flatten_entries(struct env *); 210int userent_name_cmp(struct userent *, struct userent *); 211int userent_uid_cmp(struct userent *, struct userent *); 212int groupent_name_cmp(struct groupent *, struct groupent *); 213int groupent_gid_cmp(struct groupent *, struct groupent *); 214RB_PROTOTYPE( user_name_tree, userent, ue_name_node, userent_name_cmp); 215RB_PROTOTYPE( user_uid_tree, userent, ue_uid_node, userent_uid_cmp); 216RB_PROTOTYPE( group_name_tree, groupent, ge_name_node, groupent_name_cmp); 217RB_PROTOTYPE( group_gid_tree, groupent, ge_gid_node, groupent_gid_cmp); 218 219/* yp.c */ 220void yp_init(struct env *); 221void yp_enable_events(void); 222 223/* ypldap_dns.c */ 224pid_t ypldap_dns(int[2], struct passwd *); 225