src/server/daemon/ldap_auth.h

Mon, 26 Dec 2016 16:46:55 +0100

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Mon, 26 Dec 2016 16:46:55 +0100
changeset 129
fd324464f56f
parent 97
09fbefc0e6a9
child 161
aadda87bad1b
permissions
-rw-r--r--

adds support for ssl cert chain files and improves ssl error handling

/*
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
 *
 * Copyright 2013 Olaf Wintermann. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 *   1. Redistributions of source code must retain the above copyright
 *      notice, this list of conditions and the following disclaimer.
 *
 *   2. Redistributions in binary form must reproduce the above copyright
 *      notice, this list of conditions and the following disclaimer in the
 *      documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */

#ifndef LDAP_AUTH_H
#define	LDAP_AUTH_H

#include "../public/auth.h"
#include <sys/types.h>
#include <ldap.h>
#include <ucx/map.h>

#ifdef	__cplusplus
extern "C" {
#endif

typedef struct ldap_auth_db     LDAPAuthDB; 
typedef struct ldap_config      LDAPConfig;
typedef struct ldap_user        LDAPUser;
typedef struct ldap_group       LDAPGroup;
typedef struct ldap_member      LDAPMember;
typedef struct ldap_group_cache LDAPGroupCache;

struct ldap_config {
    char   *hostname;
    int    port;
    int    ssl;
    char   *basedn;
    char   *binddn;
    char   *bindpw;
    char   *usersearch;
    char   *groupsearch;
};

struct ldap_group_cache {
    LDAPGroup *first;
    LDAPGroup *last;
    UcxMap    *map;
};

struct ldap_auth_db {
    AuthDB         authdb;
    LDAPConfig     config;
    LDAPGroupCache groups;
};

struct ldap_user {
    User         user;
    LDAPAuthDB   *authdb;
    LDAP         *ldap;
    char         *userdn;
    int          uid;
    int          gid;
};

struct ldap_member {
    char *name;
    int  uid;
};

struct ldap_group {
    char        *name;
    LDAPMember  *members;
    size_t      nmembers;
    time_t      update;
    LDAPGroup   *next;
};

AuthDB* create_ldap_authdb(char *name, LDAPConfig *conf);

LDAP* get_ldap_session(LDAPAuthDB *authdb);

User* ldap_get_user(AuthDB *sb, char *username);

LDAPGroup* ldap_get_group(LDAPAuthDB *authdb, char *group);

int ldap_user_verify_password(User *user, char *password);
int ldap_user_check_group(User *user, char *group);
void ldap_user_free(User *user);

#ifdef	__cplusplus
}
#endif

#endif	/* LDAP_AUTH_H */

mercurial