sdap_access.h revision 8372129f446e1558f1923a112f328a266144c3ce
082694b75f0217f1c5b8b89590e5018f6d8b0949Lennart Poettering/*
082694b75f0217f1c5b8b89590e5018f6d8b0949Lennart Poettering SSSD
082694b75f0217f1c5b8b89590e5018f6d8b0949Lennart Poettering
5430f7f2bc7330f3088b894166bf3524a067e3d8Lennart Poettering sdap_access.h
5430f7f2bc7330f3088b894166bf3524a067e3d8Lennart Poettering
082694b75f0217f1c5b8b89590e5018f6d8b0949Lennart Poettering Authors:
082694b75f0217f1c5b8b89590e5018f6d8b0949Lennart Poettering Stephen Gallagher <sgallagh@redhat.com>
082694b75f0217f1c5b8b89590e5018f6d8b0949Lennart Poettering
082694b75f0217f1c5b8b89590e5018f6d8b0949Lennart Poettering Copyright (C) 2010 Red Hat
082694b75f0217f1c5b8b89590e5018f6d8b0949Lennart Poettering
082694b75f0217f1c5b8b89590e5018f6d8b0949Lennart Poettering This program is free software; you can redistribute it and/or modify
082694b75f0217f1c5b8b89590e5018f6d8b0949Lennart Poettering it under the terms of the GNU General Public License as published by
49dbfa7b2b0bf3906704dac1eaeb4eba91056a19Lennart Poettering the Free Software Foundation; either version 3 of the License, or
6a9280cc60b333817e22f0885b9c145e6252cc0bLennart Poettering (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef SDAP_ACCESS_H_
#define SDAP_ACCESS_H_
#include "providers/dp_backend.h"
#define SYSDB_LDAP_ACCESS_FILTER "ldap_access_filter_allow"
#define LDAP_ACCESS_FILTER_NAME "filter"
#define LDAP_ACCESS_EXPIRE_NAME "expire"
#define LDAP_ACCESS_SERVICE_NAME "authorized_service"
#define LDAP_ACCESS_HOST_NAME "host"
#define LDAP_ACCOUNT_EXPIRE_SHADOW "shadow"
#define LDAP_ACCOUNT_EXPIRE_AD "ad"
#define LDAP_ACCOUNT_EXPIRE_RHDS "rhds"
#define LDAP_ACCOUNT_EXPIRE_IPA "ipa"
#define LDAP_ACCOUNT_EXPIRE_389DS "389ds"
#define LDAP_ACCOUNT_EXPIRE_NDS "nds"
enum ldap_access_rule {
LDAP_ACCESS_EMPTY = -1,
LDAP_ACCESS_FILTER = 0,
LDAP_ACCESS_EXPIRE,
LDAP_ACCESS_SERVICE,
LDAP_ACCESS_HOST,
LDAP_ACCESS_LAST
};
struct sdap_access_ctx {
struct sdap_id_ctx *id_ctx;
const char *filter;
int access_rule[LDAP_ACCESS_LAST + 1];
};
struct tevent_req *
sdap_access_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct be_ctx *be_ctx,
struct sdap_access_ctx *access_ctx,
struct pam_data *pd);
errno_t
sdap_access_recv(struct tevent_req *req, int *pam_status);
#endif /* SDAP_ACCESS_H_ */