/*
SSSD
LDAP Helper routines
Copyright (C) Simo Sorce <ssorce@redhat.com>
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef _SDAP_H_
#define _SDAP_H_
#include <ldap.h>
#include "util/sss_ldap.h"
#include "lib/certmap/sss_certmap.h"
struct sdap_msg {
};
struct sdap_op;
struct sdap_msg *, int, void *);
struct sdap_handle;
struct sdap_op {
int msgid;
bool done;
void *data;
};
struct fd_event_item {
int fd;
};
struct ldap_cb_data {
};
struct sup_list {
int num_vals;
char **vals;
};
struct sdap_handle {
bool connected;
/* Authentication ticket expiration time (if any) */
bool disable_deref;
/* during release we need to lock access to the handler
* from the destructor to avoid recursion */
bool destructor_lock;
/* mark when it is safe to finally release the handler memory */
bool release_memory;
};
struct sdap_service {
char *name;
char *uri;
char *kinit_service_name;
};
struct sdap_ppolicy_data {
int grace;
int expire;
};
enum sdap_basic_opt {
SDAP_URI = 0,
};
enum sdap_gen_attrs {
SDAP_AT_ENTRY_USN = 0,
};
/* the objectclass must be the first attribute.
* Functions depend on this */
enum sdap_user_attrs {
SDAP_OC_USER = 0,
};
/* the objectclass must be the first attribute.
* Functions depend on this */
enum sdap_group_attrs {
SDAP_OC_GROUP = 0,
};
enum sdap_netgroup_attrs {
SDAP_OC_NETGROUP = 0,
};
enum sdap_sudorule_attrs {
SDAP_OC_SUDORULE = 0,
};
enum sdap_host_attrs {
SDAP_OC_HOST = 0,
};
enum sdap_service_attrs {
SDAP_OC_SERVICE = 0,
};
enum sdap_autofs_map_attrs {
};
enum sdap_autofs_entry_attrs {
};
struct sdap_attr_map {
const char *opt_name;
const char *def_name;
const char *sys_name;
char *name;
};
struct sdap_search_base {
const char *basedn;
int scope;
const char *filter;
};
const char *unparsed_base,
int scope,
const char *filter,
struct sdap_search_base **_base);
/* Values from
*/
enum dc_functional_level {
DS_BEHAVIOR_WIN2000 = 0,
};
struct sdap_domain {
char *basedn;
/* Need to modify the list from a talloc destructor */
/* Enumeration and cleanup periodic task */
/* enumeration loop timer */
/* cleanup loop timer */
void *pvt;
};
typedef struct tevent_req *
struct tevent_context *ev,
const char *ext_member,
void *pvt);
typedef errno_t
struct tevent_req *req,
enum sysdb_member_type *member_type,
struct sss_domain_info **_dom,
struct sysdb_attrs **_member);
struct sdap_ext_member_ctx {
/* Typically ID context of the external ID provider */
void *pvt;
};
struct sdap_certmap_ctx;
struct sdap_options {
/* ID-mapping support */
/* Resolving external members */
/* FIXME - should this go to a special struct to avoid mixing with name-service-switch maps? */
/* supported schema types */
enum schema_type {
} schema_type;
/* The search bases for the domain or its subdomain */
bool support_matching_rule;
/* Certificate mapping support */
};
struct sdap_server_opts {
char *server_id;
bool supports_usn;
unsigned long last_usn;
char *max_user_value;
char *max_group_value;
char *max_service_value;
char *max_sudo_value;
bool posix_checked;
};
struct sdap_id_ctx;
struct sdap_attr_map_info {
int num_attrs;
};
struct sdap_deref_attrs {
};
struct sdap_attr_map *dst_map,
int entry_index);
struct sdap_attr_map *src_map,
int num_entries,
struct sdap_attr_map **_map);
/**
* @brief Add attributes to a map
*
* sdap_extend_map() will call talloc_realloc() on the second argument so the
* original storage location might change. The return value _map will always
* contain the current memory location which can be used with talloc_free()
* even if there is an error.
*
* @param[in] memctx Talloc memory context
* @param[in] src_map Original map, should not be accessed anymore
* @param[in] num_entries Number of entries in the original map
* @param[in] extra_attrs NULL-terminated array of extra attribute pairs
* sysdb_attr:ldap_attr
* @param[out] _map New map
* @param[out] _new_size Number of entries in the new map
*
* @return
* - EOK success
* - ENOMEM memory allocation failed
* - ERR_DUP_EXTRA_ATTR sysdb attribute is already used
*/
struct sdap_attr_map *src_map,
char **extra_attrs,
struct sdap_attr_map **_map,
struct sdap_options *opts,
int extra_attr_index,
struct sdap_attr_map *src_map,
struct sdap_attr_map **_map,
void sdap_inherit_options(char **inherit_opt_list,
struct sdap_options *parent_sdap_opts,
struct sdap_options *child_sdap_opts);
struct confdb_ctx *cdb,
const char *conf_path,
struct sdap_attr_map *def_map,
int num_entries,
struct sdap_attr_map **_map);
struct sysdb_attrs **_attrs,
bool disable_range_retrieval);
struct sdap_attr_map_info *minfo,
struct sdap_deref_attrs ***_deref_res);
struct sdap_handle *sh);
struct sdap_attr_map *map,
const char **filter,
const char ***_attrs,
size_t *attr_count);
struct sdap_options *opts,
struct sysdb_attrs *attrs,
struct sss_domain_info *dom,
const char **_group_name);
struct sdap_options *opts,
struct sysdb_attrs *attrs,
struct sss_domain_info *dom,
const char **_user_name);
struct sdap_options *opts,
struct sysdb_attrs *attrs,
struct sss_domain_info *dom,
const char **_netgroup_name);
struct sdap_options *opts,
struct sdap_domain *sdom);
const char *server,
struct sysdb_attrs *rootdse,
struct sdap_options *opts,
struct sdap_server_opts **srv_opts);
struct sdap_server_opts **srv_opts);
struct sysdb_attrs **dom_objects,
struct sss_domain_info *dom,
struct sysdb_attrs **all_objects,
bool filter);
struct sysdb_attrs *obj,
struct sss_domain_info *dom);
struct sysdb_attrs *obj,
struct sss_domain_info *dom);
struct sdap_domain *from);
#endif /* _SDAP_H_ */