providers/ldap/sdap.h

	sdap.h revision 88eac3adf8424b65195e725ff724c79d38500e1d
766N/A/*
0N/A    SSSD
0N/A
766N/A    LDAP Helper routines
766N/A
766N/A    Copyright (C) Simo Sorce <ssorce@redhat.com>
766N/A
0N/A    This program is free software; you can redistribute it and/or modify
180N/A    it under the terms of the GNU General Public License as published by
180N/A    the Free Software Foundation; either version 3 of the License, or
51N/A    (at your option) any later version.
732N/A
51N/A    This program is distributed in the hope that it will be useful,
766N/A    but WITHOUT ANY WARRANTY; without even the implied warranty of
766N/A    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
180N/A    GNU General Public License for more details.
0N/A
737N/A    You should have received a copy of the GNU General Public License
737N/A    along with this program.  If not, see <http://www.gnu.org/licenses/>.
737N/A*/
737N/A
737N/A#ifndef _SDAP_H_
769N/A#define _SDAP_H_
748N/A
748N/A#include "providers/dp_backend.h"
749N/A#include <ldap.h>
751N/A#include "util/sss_ldap.h"
751N/A
751N/Astruct sdap_msg {
751N/A    struct sdap_msg *next;
759N/A    LDAPMessage *msg;
765N/A};
767N/A
768N/Astruct sdap_op;
737N/A
737N/Atypedef void (sdap_op_callback_t)(struct sdap_op *op,
713N/A                                  struct sdap_msg *, int, void *);
713N/A
713N/Astruct sdap_handle;
713N/A
728N/Astruct sdap_op {
729N/A    struct sdap_op *prev, *next;
713N/A    struct sdap_handle *sh;
715N/A
718N/A    int msgid;
719N/A    bool done;
722N/A
723N/A    sdap_op_callback_t *callback;
724N/A    void *data;
727N/A
731N/A    struct tevent_context *ev;
713N/A    struct sdap_msg *list;
713N/A    struct sdap_msg *last;
655N/A};
655N/A
655N/Astruct fd_event_item {
655N/A    struct fd_event_item *prev;
686N/A    struct fd_event_item *next;
655N/A
662N/A    int fd;
659N/A    struct tevent_fd *fde;
658N/A};
660N/A
661N/Astruct ldap_cb_data {
670N/A    struct sdap_handle *sh;
687N/A    struct tevent_context *ev;
712N/A    struct fd_event_item *fd_list;
676N/A};
689N/A
678N/Astruct sup_list {
677N/A    int num_vals;
684N/A    char **vals;
684N/A};
690N/A
693N/Astruct sdap_handle {
700N/A    LDAP *ldap;
701N/A    bool connected;
704N/A    /* Authentication ticket expiration time (if any) */
708N/A    time_t expire_time;
655N/A    ber_int_t page_size;
655N/A    bool disable_deref;
617N/A
617N/A    struct sdap_fd_events *sdap_fd_events;
617N/A
617N/A    struct sup_list supported_saslmechs;
618N/A    struct sup_list supported_controls;
619N/A    struct sup_list supported_extensions;
621N/A
617N/A    struct sdap_op *ops;
622N/A
623N/A    /* during release we need to lock access to the handler
625N/A     * from the destructor to avoid recursion */
629N/A    bool destructor_lock;
630N/A    /* mark when it is safe to finally release the handler memory */
631N/A    bool release_memory;
632N/A};
637N/A
637N/Astruct sdap_service {
637N/A    char *name;
638N/A    char *uri;
638N/A    char *kinit_service_name;
639N/A    struct sockaddr_storage *sockaddr;
640N/A};
641N/A
645N/Astruct sdap_ppolicy_data {
647N/A    int grace;
648N/A    int expire;
648N/A};
649N/A
617N/A#define SYSDB_SHADOWPW_LASTCHANGE "shadowLastChange"
617N/A#define SYSDB_SHADOWPW_MIN "shadowMin"
565N/A#define SYSDB_SHADOWPW_MAX "shadowMax"
565N/A#define SYSDB_SHADOWPW_WARNING "shadowWarning"
565N/A#define SYSDB_SHADOWPW_INACTIVE "shadowInactive"
565N/A#define SYSDB_SHADOWPW_EXPIRE "shadowExpire"
712N/A#define SYSDB_SHADOWPW_FLAG "shadowFlag"
565N/A
565N/A#define SYSDB_NS_ACCOUNT_LOCK "nsAccountLock"
579N/A
568N/A#define SYSDB_KRBPW_LASTCHANGE "krbLastPwdChange"
576N/A#define SYSDB_KRBPW_EXPIRATION "krbPasswordExpiration"
577N/A
580N/A#define SYSDB_PWD_ATTRIBUTE "pwdAttribute"
585N/A
587N/A#define SYSDB_AD_ACCOUNT_EXPIRES "adAccountExpires"
593N/A#define SYSDB_AD_USER_ACCOUNT_CONTROL "adUserAccountControl"
595N/A#define SYSDB_NDS_LOGIN_DISABLED "ndsLoginDisabled"
595N/A#define SYSDB_NDS_LOGIN_EXPIRATION_TIME "ndsLoginExpirationTime"
596N/A#define SYSDB_NDS_LOGIN_ALLOWED_TIME_MAP "ndsLoginAllowedTimeMap"
600N/A
602N/A#define SDAP_ROOTDSE_ATTR_NAMING_CONTEXTS "namingContexts"
603N/A#define SDAP_ROOTDSE_ATTR_DEFAULT_NAMING_CONTEXT "defaultNamingContext"
604N/A#define SDAP_ROOTDSE_ATTR_AD_VERSION "domainControllerFunctionality"
565N/A
565N/A#define SDAP_IPA_USN "entryUSN"
525N/A#define SDAP_IPA_LAST_USN "lastUSN"
525N/A#define SDAP_AD_USN "uSNChanged"
525N/A#define SDAP_AD_LAST_USN "highestCommittedUSN"
488N/A
524N/A#define SDAP_AD_GROUP_TYPE_BUILTIN      0x00000001
524N/A#define SDAP_AD_GROUP_TYPE_GLOBAL       0x00000002
524N/A#define SDAP_AD_GROUP_TYPE_DOMAIN_LOCAL 0x00000004
524N/A#define SDAP_AD_GROUP_TYPE_UNIVERSAL    0x00000008
524N/A#define SDAP_AD_GROUP_TYPE_APP_BASIC    0x00000010
524N/A#define SDAP_AD_GROUP_TYPE_APP_QUERY    0x00000020
524N/A#define SDAP_AD_GROUP_TYPE_SECURITY     0x80000000
524N/A
524N/Aenum sdap_basic_opt {
524N/A    SDAP_URI = 0,
524N/A    SDAP_BACKUP_URI,
524N/A    SDAP_SEARCH_BASE,
524N/A    SDAP_DEFAULT_BIND_DN,
524N/A    SDAP_DEFAULT_AUTHTOK_TYPE,
524N/A    SDAP_DEFAULT_AUTHTOK,
524N/A    SDAP_SEARCH_TIMEOUT,
524N/A    SDAP_NETWORK_TIMEOUT,
540N/A    SDAP_OPT_TIMEOUT,
544N/A    SDAP_TLS_REQCERT,
488N/A    SDAP_USER_SEARCH_BASE,
488N/A    SDAP_USER_SEARCH_SCOPE,
534N/A    SDAP_USER_SEARCH_FILTER,
534N/A    SDAP_USER_EXTRA_ATTRS,
534N/A    SDAP_GROUP_SEARCH_BASE,
534N/A    SDAP_GROUP_SEARCH_SCOPE,
534N/A    SDAP_GROUP_SEARCH_FILTER,
534N/A    SDAP_SERVICE_SEARCH_BASE,
534N/A    SDAP_SUDO_SEARCH_BASE,
534N/A    SDAP_SUDO_FULL_REFRESH_INTERVAL,
440N/A    SDAP_SUDO_SMART_REFRESH_INTERVAL,
440N/A    SDAP_SUDO_USE_HOST_FILTER,
440N/A    SDAP_SUDO_HOSTNAMES,
440N/A    SDAP_SUDO_IP,
440N/A    SDAP_SUDO_INCLUDE_NETGROUPS,
442N/A    SDAP_SUDO_INCLUDE_REGEXP,
443N/A    SDAP_AUTOFS_SEARCH_BASE,
445N/A    SDAP_AUTOFS_MAP_MASTER_NAME,
482N/A    SDAP_SCHEMA,
482N/A    SDAP_OFFLINE_TIMEOUT,
444N/A    SDAP_FORCE_UPPER_CASE_REALM,
460N/A    SDAP_ENUM_REFRESH_TIMEOUT,
468N/A    SDAP_CACHE_PURGE_TIMEOUT,
470N/A    SDAP_TLS_CACERT,
472N/A    SDAP_TLS_CACERTDIR,
440N/A    SDAP_TLS_CERT,
440N/A    SDAP_TLS_KEY,
336N/A    SDAP_TLS_CIPHER_SUITE,
336N/A    SDAP_ID_TLS,
336N/A    SDAP_ID_MAPPING,
336N/A    SDAP_SASL_MECH,
365N/A    SDAP_SASL_AUTHID,
408N/A    SDAP_SASL_REALM,
336N/A    SDAP_SASL_MINSSF,
361N/A    SDAP_KRB5_KEYTAB,
389N/A    SDAP_KRB5_KINIT,
390N/A    SDAP_KRB5_KDC,
413N/A    SDAP_KRB5_BACKUP_KDC,
430N/A    SDAP_KRB5_REALM,
370N/A    SDAP_KRB5_CANONICALIZE,
378N/A    SDAP_KRB5_USE_KDCINFO,
380N/A    SDAP_PWD_POLICY,
392N/A    SDAP_REFERRALS,
393N/A    SDAP_ACCOUNT_CACHE_EXPIRATION,
412N/A    SDAP_DNS_SERVICE_NAME,
421N/A    SDAP_KRB5_TICKET_LIFETIME,
423N/A    SDAP_ACCESS_FILTER,
336N/A    SDAP_NETGROUP_SEARCH_BASE,
336N/A    SDAP_NESTING_LEVEL,
204N/A    SDAP_DEREF,
204N/A    SDAP_ACCOUNT_EXPIRE_POLICY,
204N/A    SDAP_ACCESS_ORDER,
204N/A    SDAP_CHPASS_URI,
254N/A    SDAP_CHPASS_BACKUP_URI,
254N/A    SDAP_CHPASS_DNS_SERVICE_NAME,
204N/A    SDAP_CHPASS_UPDATE_LAST_CHANGE,
217N/A    SDAP_ENUM_SEARCH_TIMEOUT,
265N/A    SDAP_DISABLE_AUTH_TLS,
316N/A    SDAP_PAGE_SIZE,
206N/A    SDAP_DEREF_THRESHOLD,
307N/A    SDAP_SASL_CANONICALIZE,
316N/A    SDAP_EXPIRE_TIMEOUT,
322N/A    SDAP_DISABLE_PAGING,
208N/A    SDAP_IDMAP_LOWER,
209N/A    SDAP_IDMAP_UPPER,
210N/A    SDAP_IDMAP_RANGESIZE,
216N/A    SDAP_IDMAP_AUTORID_COMPAT,
224N/A    SDAP_IDMAP_DEFAULT_DOMAIN,
225N/A    SDAP_IDMAP_DEFAULT_DOMAIN_SID,
240N/A    SDAP_AD_MATCHING_RULE_GROUPS,
241N/A    SDAP_AD_MATCHING_RULE_INITGROUPS,
247N/A    SDAP_AD_USE_TOKENGROUPS,
249N/A    SDAP_RFC2307_FALLBACK_TO_LOCAL_USERS,
252N/A    SDAP_DISABLE_RANGE_RETRIEVAL,
253N/A    SDAP_MIN_ID,
262N/A    SDAP_MAX_ID,
264N/A
267N/A    SDAP_OPTS_BASIC /* opts counter */
267N/A};
270N/A
270N/Aenum sdap_gen_attrs {
272N/A    SDAP_AT_ENTRY_USN = 0,
275N/A    SDAP_AT_LAST_USN,
282N/A
283N/A    SDAP_AT_GENERAL /* attrs counter */
328N/A};
204N/A
204N/A/* the objectclass must be the first attribute.
135N/A * Functions depend on this */
135N/Aenum sdap_user_attrs {
135N/A    SDAP_OC_USER = 0,
135N/A    SDAP_AT_USER_NAME,
179N/A    SDAP_AT_USER_PWD,
143N/A    SDAP_AT_USER_UID,
158N/A    SDAP_AT_USER_GID,
152N/A    SDAP_AT_USER_GECOS,
159N/A    SDAP_AT_USER_HOME,
179N/A    SDAP_AT_USER_SHELL,
180N/A    SDAP_AT_USER_PRINC,
181N/A    SDAP_AT_USER_FULLNAME,
180N/A    SDAP_AT_USER_MEMBEROF,
135N/A    SDAP_AT_USER_UUID,
137N/A    SDAP_AT_USER_OBJECTSID,
139N/A    SDAP_AT_USER_PRIMARY_GROUP,
144N/A    SDAP_AT_USER_MODSTAMP,
153N/A    SDAP_AT_USER_USN,
155N/A    SDAP_AT_SP_LSTCHG,
169N/A    SDAP_AT_SP_MIN,
174N/A    SDAP_AT_SP_MAX,
188N/A    SDAP_AT_SP_WARN,
189N/A    SDAP_AT_SP_INACT,
135N/A    SDAP_AT_SP_EXPIRE,
135N/A    SDAP_AT_SP_FLAG,
3N/A    SDAP_AT_KP_LASTCHANGE,
3N/A    SDAP_AT_KP_EXPIRATION,
3N/A    SDAP_AT_PWD_ATTRIBUTE,
3N/A    SDAP_AT_AUTH_SVC,
22N/A    SDAP_AT_AD_ACCOUNT_EXPIRES,
22N/A    SDAP_AT_AD_USER_ACCOUNT_CONTROL,
3N/A    SDAP_AT_NS_ACCOUNT_LOCK,
38N/A    SDAP_AT_AUTHORIZED_HOST,
35N/A    SDAP_AT_NDS_LOGIN_DISABLED,
35N/A    SDAP_AT_NDS_LOGIN_EXPIRATION_TIME,
36N/A    SDAP_AT_NDS_LOGIN_ALLOWED_TIME_MAP,
36N/A    SDAP_AT_USER_SSH_PUBLIC_KEY,
90N/A
40N/A    SDAP_OPTS_USER /* attrs counter */
66N/A};
66N/A
79N/A#define SDAP_FIRST_EXTRA_USER_AT SDAP_AT_SP_LSTCHG
75N/A
76N/A/* the objectclass must be the first attribute.
101N/A * Functions depend on this */
104N/Aenum sdap_group_attrs {
180N/A    SDAP_OC_GROUP = 0,
180N/A    SDAP_AT_GROUP_NAME,
180N/A    SDAP_AT_GROUP_PWD,
180N/A    SDAP_AT_GROUP_GID,
22N/A    SDAP_AT_GROUP_MEMBER,
22N/A    SDAP_AT_GROUP_UUID,
33N/A    SDAP_AT_GROUP_OBJECTSID,
33N/A    SDAP_AT_GROUP_MODSTAMP,
45N/A    SDAP_AT_GROUP_USN,
45N/A    SDAP_AT_GROUP_TYPE,
55N/A
57N/A    SDAP_OPTS_GROUP /* attrs counter */
58N/A};
60N/A
62N/Aenum sdap_netgroup_attrs {
73N/A    SDAP_OC_NETGROUP = 0,
73N/A    SDAP_AT_NETGROUP_NAME,
93N/A    SDAP_AT_NETGROUP_MEMBER,
93N/A    SDAP_AT_NETGROUP_TRIPLE,
81N/A    SDAP_AT_NETGROUP_UUID,
85N/A    SDAP_AT_NETGROUP_MODSTAMP,
86N/A
88N/A    SDAP_OPTS_NETGROUP /* attrs counter */
91N/A};
96N/A
3N/Aenum sdap_sudorule_attrs {
3N/A    SDAP_OC_SUDORULE = 0,
0N/A    SDAP_AT_SUDO_NAME,
0N/A    SDAP_AT_SUDO_COMMAND,
0N/A    SDAP_AT_SUDO_HOST,
0N/A    SDAP_AT_SUDO_USER,
0N/A    SDAP_AT_SUDO_OPTION,
0N/A    SDAP_AT_SUDO_RUNASUSER,
0N/A    SDAP_AT_SUDO_RUNASGROUP,
0N/A    SDAP_AT_SUDO_NOTBEFORE,
0N/A    SDAP_AT_SUDO_NOTAFTER,
0N/A    SDAP_AT_SUDO_ORDER,
0N/A    SDAP_AT_SUDO_USN,
0N/A
0N/A    SDAP_OPTS_SUDO  /* attrs counter */
0N/A};
0N/A
0N/Aenum sdap_service_attrs {
0N/A    SDAP_OC_SERVICE = 0,
0N/A    SDAP_AT_SERVICE_NAME,
0N/A    SDAP_AT_SERVICE_PORT,
0N/A    SDAP_AT_SERVICE_PROTOCOL,
0N/A    SDAP_AT_SERVICE_USN,
0N/A    SDAP_OPTS_SERVICES /* attrs counter */
0N/A};
0N/A
0N/Aenum sdap_autofs_map_attrs {
0N/A    SDAP_OC_AUTOFS_MAP,
0N/A    SDAP_AT_AUTOFS_MAP_NAME,
0N/A
0N/A    SDAP_OPTS_AUTOFS_MAP    /* attrs counter */
0N/A};
0N/A
0N/Aenum sdap_autofs_entry_attrs {
0N/A    SDAP_OC_AUTOFS_ENTRY,
0N/A    SDAP_AT_AUTOFS_ENTRY_KEY,
0N/A    SDAP_AT_AUTOFS_ENTRY_VALUE,
0N/A
0N/A    SDAP_OPTS_AUTOFS_ENTRY  /* attrs counter */
0N/A};
0N/A
0N/Astruct sdap_attr_map {
0N/A    const char *opt_name;
0N/A    const char *def_name;
0N/A    const char *sys_name;
0N/A    char *name;
0N/A};
0N/A#define SDAP_ATTR_MAP_TERMINATOR { NULL, NULL, NULL, NULL }
0N/A
0N/Astruct sdap_search_base {
0N/A    const char *basedn;
0N/A    int scope;
0N/A    const char *filter;
0N/A};
0N/A
0N/A/* Values from
0N/A * http://msdn.microsoft.com/en-us/library/cc223272%28v=prot.13%29.aspx
0N/A */
0N/Aenum dc_functional_level {
0N/A    DS_BEHAVIOR_WIN2000 = 0,
0N/A    DS_BEHAVIOR_WIN2003 = 2,
0N/A    DS_BEHAVIOR_WIN2008 = 3,
0N/A    DS_BEHAVIOR_WIN2008R2 = 4,
0N/A    DS_BEHAVIOR_WIN2012 = 5
0N/A};
0N/A
0N/Astruct sdap_domain {
0N/A    struct sss_domain_info *dom;
0N/A
0N/A    char *basedn;
0N/A
0N/A    struct sdap_search_base **search_bases;
0N/A    struct sdap_search_base **user_search_bases;
0N/A    struct sdap_search_base **group_search_bases;
0N/A    struct sdap_search_base **netgroup_search_bases;
0N/A    struct sdap_search_base **sudo_search_bases;
0N/A    struct sdap_search_base **service_search_bases;
0N/A    struct sdap_search_base **autofs_search_bases;
0N/A
0N/A    struct sdap_domain *next, *prev;
0N/A    /* Need to modify the list from a talloc destructor */
0N/A    struct sdap_domain **head;
0N/A
0N/A    /* Enumeration and cleanup periodic task */
0N/A    struct be_ptask *enum_task;
0N/A    struct be_ptask *cleanup_task;
0N/A
0N/A    /* enumeration loop timer */
0N/A    struct timeval last_enum;
0N/A    /* cleanup loop timer */
0N/A    struct timeval last_purge;
0N/A
0N/A    void *pvt;
0N/A};
0N/A
0N/Astruct sdap_options {
0N/A    struct dp_option *basic;
0N/A    struct sdap_attr_map *gen_map;
0N/A    struct sdap_attr_map *user_map;
0N/A    size_t user_map_cnt;
0N/A    struct sdap_attr_map *group_map;
0N/A    struct sdap_attr_map *netgroup_map;
0N/A    struct sdap_attr_map *service_map;
0N/A
0N/A    /* ID-mapping support */
0N/A    struct sdap_idmap_ctx *idmap_ctx;
0N/A
0N/A    /* FIXME - should this go to a special struct to avoid mixing with name-service-switch maps? */
0N/A    struct sdap_attr_map *sudorule_map;
0N/A    struct sdap_attr_map *autofs_mobject_map;
0N/A    struct sdap_attr_map *autofs_entry_map;
0N/A
0N/A    /* supported schema types */
0N/A    enum schema_type {
0N/A        SDAP_SCHEMA_RFC2307 = 1,    /* memberUid = uid */
0N/A        SDAP_SCHEMA_RFC2307BIS = 2, /* member = dn */
0N/A        SDAP_SCHEMA_IPA_V1 = 3,     /* member/memberof */
0N/A        SDAP_SCHEMA_AD = 4          /* AD's member/memberof */
0N/A    } schema_type;
0N/A
0N/A    /* The search bases for the domain or its subdomain */
0N/A    struct sdap_domain *sdom;
0N/A
0N/A    bool support_matching_rule;
0N/A    enum dc_functional_level dc_functional_level;
0N/A};
0N/A
0N/Astruct sdap_server_opts {
0N/A    char *server_id;
0N/A    bool supports_usn;
0N/A    unsigned long last_usn;
0N/A    char *max_user_value;
0N/A    char *max_group_value;
0N/A    char *max_service_value;
0N/A    char *max_sudo_value;
0N/A    bool posix_checked;
0N/A};
0N/A
0N/Astruct sdap_id_ctx;
0N/A
0N/Astruct sdap_attr_map_info {
0N/A    struct sdap_attr_map *map;
0N/A    int num_attrs;
0N/A};
0N/A
0N/Astruct sdap_deref_attrs {
0N/A    struct sdap_attr_map *map;
0N/A    struct sysdb_attrs *attrs;
0N/A};
0N/A
0N/Aint sdap_copy_map(TALLOC_CTX *memctx,
0N/A                 struct sdap_attr_map *src_map,
0N/A                 int num_entries,
0N/A                 struct sdap_attr_map **_map);
0N/A
0N/Aint sdap_extend_map(TALLOC_CTX *memctx,
0N/A                    struct sdap_attr_map *src_map,
0N/A                    size_t num_entries,
0N/A                    char **extra_attrs,
0N/A                    struct sdap_attr_map **_map,
0N/A                    size_t *_new_size);
0N/A
0N/Aint sdap_extend_map_with_list(TALLOC_CTX *mem_ctx,
0N/A                              struct sdap_options *opts,
0N/A                              int extra_attr_index,
0N/A                              struct sdap_attr_map *src_map,
0N/A                              size_t num_entries,
0N/A                              struct sdap_attr_map **_map,
0N/A                              size_t *_new_size);
0N/A
0N/Aint sdap_get_map(TALLOC_CTX *memctx,
0N/A                 struct confdb_ctx *cdb,
0N/A                 const char *conf_path,
0N/A                 struct sdap_attr_map *def_map,
0N/A                 int num_entries,
0N/A                 struct sdap_attr_map **_map);
0N/A
0N/Aint sdap_parse_entry(TALLOC_CTX *memctx,
0N/A                     struct sdap_handle *sh, struct sdap_msg *sm,
0N/A                     struct sdap_attr_map *map, int attrs_num,
0N/A                     struct sysdb_attrs **_attrs,
0N/A                     bool disable_range_retrieval);
0N/A
0N/Aerrno_t sdap_parse_deref(TALLOC_CTX *mem_ctx,
0N/A                         struct sdap_attr_map_info *minfo,
0N/A                         size_t num_maps,
0N/A                         LDAPDerefRes *dref,
0N/A                         struct sdap_deref_attrs ***_res);
0N/A
0N/Aerrno_t setup_tls_config(struct dp_option *basic_opts);
0N/A
0N/Aint sdap_set_rootdse_supported_lists(struct sysdb_attrs *rootdse,
0N/A                                     struct sdap_handle *sh);
0N/Abool sdap_check_sup_list(struct sup_list *l, const char *val);
0N/A
0N/A#define sdap_is_sasl_mech_supported(sh, sasl_mech) \
0N/A    sdap_check_sup_list(&((sh)->supported_saslmechs), sasl_mech)
0N/A
0N/A#define sdap_is_control_supported(sh, ctrl_oid) \
0N/A    sdap_check_sup_list(&((sh)->supported_controls), ctrl_oid)
0N/A
0N/A#define sdap_is_extension_supported(sh, ext_oid) \
0N/A    sdap_check_sup_list(&((sh)->supported_extensions), ext_oid)
0N/A
0N/Aint build_attrs_from_map(TALLOC_CTX *memctx,
0N/A                         struct sdap_attr_map *map,
0N/A                         size_t size,
0N/A                         const char **filter,
0N/A                         const char ***_attrs,
0N/A                         size_t *attr_count);
0N/A
0N/Aint sdap_control_create(struct sdap_handle *sh, const char *oid, int iscritical,
0N/A                        struct berval *value, int dupval, LDAPControl **ctrlp);
0N/A
0N/Aint sdap_replace_id(struct sysdb_attrs *entry, const char *attr, id_t val);
0N/A
0N/Aerrno_t sdap_get_group_primary_name(TALLOC_CTX *memctx,
0N/A                                    struct sdap_options *opts,
0N/A                                    struct sysdb_attrs *attrs,
0N/A                                    struct sss_domain_info *dom,
0N/A                                    const char **_group_name);
0N/A
0N/Aerrno_t sdap_get_user_primary_name(TALLOC_CTX *memctx,
0N/A                                   struct sdap_options *opts,
0N/A                                   struct sysdb_attrs *attrs,
0N/A                                   struct sss_domain_info *dom,
0N/A                                   const char **_user_name);
0N/A
0N/Aerrno_t sdap_get_netgroup_primary_name(TALLOC_CTX *memctx,
0N/A                                       struct sdap_options *opts,
0N/A                                       struct sysdb_attrs *attrs,
0N/A                                       struct sss_domain_info *dom,
0N/A                                       const char **_netgroup_name);
0N/A
0N/Aerrno_t sdap_set_config_options_with_rootdse(struct sysdb_attrs *rootdse,
0N/A                                             struct sdap_options *opts,
0N/A                                             struct sdap_domain *sdom);
0N/Aint sdap_get_server_opts_from_rootdse(TALLOC_CTX *memctx,
0N/A                                      const char *server,
0N/A                                      struct sysdb_attrs *rootdse,
0N/A                                      struct sdap_options *opts,
0N/A                                      struct sdap_server_opts **srv_opts);
0N/Avoid sdap_steal_server_opts(struct sdap_id_ctx *id_ctx,
0N/A                            struct sdap_server_opts **srv_opts);
0N/A#endif /* _SDAP_H_ */
0N/A