2003-06-05 06:34:30 +04:00
/*
2005-09-30 21:13:37 +04:00
Unix SMB / CIFS mplementation .
2003-06-05 06:34:30 +04:00
LDAP protocol helper functions for SAMBA
Copyright ( C ) Gerald Carter 2001 - 2003
2009-05-31 13:14:06 +04:00
2003-06-05 06:34:30 +04:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-09 23:25:36 +04:00
the Free Software Foundation ; either version 3 of the License , or
2003-06-05 06:34:30 +04:00
( at your option ) any later version .
2009-05-31 13:14:06 +04:00
2003-06-05 06:34:30 +04:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2009-05-31 13:14:06 +04:00
2003-06-05 06:34:30 +04:00
You should have received a copy of the GNU General Public License
2007-07-10 04:52:41 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2009-05-31 13:14:06 +04:00
2003-06-05 06:34:30 +04:00
*/
# ifndef _SMBLDAP_H
# define _SMBLDAP_H
2005-08-13 16:05:54 +04:00
struct smbldap_state ;
2011-10-17 19:17:18 +04:00
# include "include/smb_ldap.h"
2011-02-24 13:56:08 +03:00
2003-06-25 16:51:58 +04:00
# ifdef HAVE_LDAP
2003-06-07 00:31:19 +04:00
/* Function declarations -- not included in proto.h so we don't
have to worry about LDAP structure types */
2005-08-13 16:05:54 +04:00
NTSTATUS smbldap_init ( TALLOC_CTX * mem_ctx ,
2011-10-27 18:19:07 +04:00
struct tevent_context * tevent_ctx ,
2011-11-16 02:56:38 +04:00
const char * location ,
bool anon ,
const char * bind_dn ,
const char * bind_secret ,
struct smbldap_state * * smbldap_state ) ;
2005-08-13 16:05:54 +04:00
2003-06-21 04:45:03 +04:00
void smbldap_set_mod ( LDAPMod * * * modlist , int modop , const char * attribute , const char * value ) ;
2011-04-04 16:16:44 +04:00
void smbldap_set_mod_blob ( LDAPMod * * * modlist , int modop , const char * attribute , const DATA_BLOB * newblob ) ;
2003-06-25 16:51:58 +04:00
void smbldap_make_mod ( LDAP * ldap_struct , LDAPMessage * existing ,
LDAPMod * * * mods ,
const char * attribute , const char * newval ) ;
2009-10-30 01:36:14 +03:00
void smbldap_make_mod_blob ( LDAP * ldap_struct , LDAPMessage * existing ,
LDAPMod * * * mods ,
2011-04-04 16:16:44 +04:00
const char * attribute , const DATA_BLOB * newblob ) ;
2007-10-19 04:40:25 +04:00
bool smbldap_get_single_attribute ( LDAP * ldap_struct , LDAPMessage * entry ,
2004-03-11 19:32:19 +03:00
const char * attribute , char * value ,
int max_len ) ;
2005-08-13 16:05:54 +04:00
int smbldap_modify ( struct smbldap_state * ldap_state ,
const char * dn ,
LDAPMod * attrs [ ] ) ;
2003-06-07 00:31:19 +04:00
2003-06-25 16:51:58 +04:00
/**
* Struct to keep the state for all the ldap stuff
*
*/
struct smbldap_state {
LDAP * ldap_struct ;
2004-11-06 01:53:35 +03:00
pid_t pid ;
2010-09-07 03:04:10 +04:00
time_t last_ping ; /* monotonic */
2003-06-25 16:51:58 +04:00
/* retrive-once info */
const char * uri ;
2006-12-12 17:52:13 +03:00
/* credentials */
2007-10-19 04:40:25 +04:00
bool anonymous ;
2003-06-25 16:51:58 +04:00
char * bind_dn ;
char * bind_secret ;
2006-12-12 17:52:13 +03:00
2007-10-19 04:40:25 +04:00
bool paged_results ;
2003-06-25 16:51:58 +04:00
unsigned int num_failures ;
2003-07-17 15:24:54 +04:00
2010-09-07 03:04:10 +04:00
time_t last_use ; /* monotonic */
2011-10-27 18:19:07 +04:00
struct tevent_context * tevent_context ;
2007-03-11 19:49:16 +03:00
struct timed_event * idle_event ;
2003-12-26 01:42:15 +03:00
2010-09-07 03:04:10 +04:00
struct timeval last_rebind ; /* monotonic */
2003-06-25 16:51:58 +04:00
} ;
2003-06-07 00:31:19 +04:00
2005-03-05 04:22:53 +03:00
/* struct used by both pdb_ldap.c and pdb_nds.c */
2010-09-03 11:39:45 +04:00
struct ipasam_privates ;
2005-03-05 04:22:53 +03:00
struct ldapsam_privates {
struct smbldap_state * smbldap_state ;
/* Former statics */
LDAPMessage * result ;
LDAPMessage * entry ;
int index ;
const char * domain_name ;
2010-05-21 05:25:01 +04:00
struct dom_sid domain_sid ;
2005-03-05 04:22:53 +03:00
/* configuration items */
int schema_ver ;
char * domain_dn ;
/* Is this NDS ldap? */
int is_nds_ldap ;
2010-07-14 17:08:02 +04:00
/* Is this IPA ldap? */
int is_ipa_ldap ;
2010-09-03 11:39:45 +04:00
struct ipasam_privates * ipasam_privates ;
2010-07-14 17:08:02 +04:00
2005-03-05 04:22:53 +03:00
/* ldap server location parameter */
char * location ;
2010-02-03 13:32:41 +03:00
struct {
char * filter ;
LDAPMessage * result ;
} search_cache ;
2005-03-05 04:22:53 +03:00
} ;
2010-08-26 16:07:20 +04:00
/* The following definitions come from lib/smbldap.c */
int smb_ldap_start_tls ( LDAP * ldap_struct , int version ) ;
int smb_ldap_setup_full_conn ( LDAP * * ldap_struct , const char * uri ) ;
int smbldap_search ( struct smbldap_state * ldap_state ,
const char * base , int scope , const char * filter ,
const char * attrs [ ] , int attrsonly ,
LDAPMessage * * res ) ;
int smbldap_search_paged ( struct smbldap_state * ldap_state ,
const char * base , int scope , const char * filter ,
const char * * attrs , int attrsonly , int pagesize ,
LDAPMessage * * res , void * * cookie ) ;
int smbldap_modify ( struct smbldap_state * ldap_state , const char * dn , LDAPMod * attrs [ ] ) ;
int smbldap_add ( struct smbldap_state * ldap_state , const char * dn , LDAPMod * attrs [ ] ) ;
int smbldap_delete ( struct smbldap_state * ldap_state , const char * dn ) ;
int smbldap_extended_operation ( struct smbldap_state * ldap_state ,
LDAP_CONST char * reqoid , struct berval * reqdata ,
LDAPControl * * serverctrls , LDAPControl * * clientctrls ,
char * * retoidp , struct berval * * retdatap ) ;
int smbldap_search_suffix ( struct smbldap_state * ldap_state ,
const char * filter , const char * * search_attr ,
LDAPMessage * * result ) ;
void smbldap_free_struct ( struct smbldap_state * * ldap_state ) ;
bool smbldap_has_control ( LDAP * ld , const char * control ) ;
bool smbldap_has_extension ( LDAP * ld , const char * extension ) ;
bool smbldap_has_naming_context ( LDAP * ld , const char * naming_context ) ;
bool smbldap_set_creds ( struct smbldap_state * ldap_state , bool anon , const char * dn , const char * secret ) ;
2011-10-10 20:46:53 +04:00
char * smbldap_talloc_single_attribute ( LDAP * ldap_struct , LDAPMessage * entry ,
const char * attribute ,
TALLOC_CTX * mem_ctx ) ;
char * smbldap_talloc_first_attribute ( LDAP * ldap_struct , LDAPMessage * entry ,
const char * attribute ,
TALLOC_CTX * mem_ctx ) ;
char * smbldap_talloc_smallest_attribute ( LDAP * ldap_struct , LDAPMessage * entry ,
const char * attribute ,
TALLOC_CTX * mem_ctx ) ;
bool smbldap_talloc_single_blob ( TALLOC_CTX * mem_ctx , LDAP * ld ,
LDAPMessage * msg , const char * attrib ,
DATA_BLOB * blob ) ;
bool smbldap_pull_sid ( LDAP * ld , LDAPMessage * msg , const char * attrib ,
struct dom_sid * sid ) ;
void talloc_autofree_ldapmsg ( TALLOC_CTX * mem_ctx , LDAPMessage * result ) ;
void talloc_autofree_ldapmod ( TALLOC_CTX * mem_ctx , LDAPMod * * mod ) ;
char * smbldap_talloc_dn ( TALLOC_CTX * mem_ctx , LDAP * ld ,
LDAPMessage * entry ) ;
2010-08-26 16:07:20 +04:00
2005-08-13 16:05:54 +04:00
# endif /* HAVE_LDAP */
2003-06-25 16:51:58 +04:00
2008-05-26 13:29:24 +04:00
# define LDAP_DEFAULT_TIMEOUT 15
# define LDAP_CONNECTION_DEFAULT_TIMEOUT 2
2005-04-15 17:41:49 +04:00
# define LDAP_PAGE_SIZE 1024
2003-06-25 16:51:58 +04:00
2010-07-02 02:32:52 +04:00
# define ADS_PAGE_CTL_OID "1.2.840.113556.1.4.319"
2011-03-06 11:31:40 +03:00
/*
* Work around versions of the LDAP client libs that don ' t have the OIDs
* defined , or have them defined under the old name .
* This functionality is really a factor of the server , not the client
*
*/
# if defined(LDAP_EXOP_X_MODIFY_PASSWD) && !defined(LDAP_EXOP_MODIFY_PASSWD)
# define LDAP_EXOP_MODIFY_PASSWD LDAP_EXOP_X_MODIFY_PASSWD
# elif !defined(LDAP_EXOP_MODIFY_PASSWD)
# define LDAP_EXOP_MODIFY_PASSWD "1.3.6.1.4.1.4203.1.11.1"
# endif
# if defined(LDAP_EXOP_X_MODIFY_PASSWD_ID) && !defined(LDAP_EXOP_MODIFY_PASSWD_ID)
# define LDAP_TAG_EXOP_MODIFY_PASSWD_ID LDAP_EXOP_X_MODIFY_PASSWD_ID
# elif !defined(LDAP_EXOP_MODIFY_PASSWD_ID)
# define LDAP_TAG_EXOP_MODIFY_PASSWD_ID ((ber_tag_t) 0x80U)
# endif
# if defined(LDAP_EXOP_X_MODIFY_PASSWD_NEW) && !defined(LDAP_EXOP_MODIFY_PASSWD_NEW)
# define LDAP_TAG_EXOP_MODIFY_PASSWD_NEW LDAP_EXOP_X_MODIFY_PASSWD_NEW
# elif !defined(LDAP_EXOP_MODIFY_PASSWD_NEW)
# define LDAP_TAG_EXOP_MODIFY_PASSWD_NEW ((ber_tag_t) 0x82U)
# endif
2004-07-01 20:35:43 +04:00
# endif /* _SMBLDAP_H */