/* Unix SMB/CIFS Implementation. LDAP protocol helper functions for SAMBA Copyright (C) Volker Lendecke 2004 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ #ifndef _SMB_LDAP_H #define _SMB_LDAP_H enum ldap_request_tag { LDAP_TAG_BindRequest = 0, LDAP_TAG_BindResponse = 1, LDAP_TAG_UnbindRequest = 2, LDAP_TAG_SearchRequest = 3, LDAP_TAG_SearchResultEntry = 4, LDAP_TAG_SearchResultDone = 5, LDAP_TAG_ModifyRequest = 6, LDAP_TAG_ModifyResponse = 7, LDAP_TAG_AddRequest = 8, LDAP_TAG_AddResponse = 9, LDAP_TAG_DelRequest = 10, LDAP_TAG_DelResponse = 11, LDAP_TAG_ModifyDNRequest = 12, LDAP_TAG_ModifyDNResponse = 13, LDAP_TAG_CompareRequest = 14, LDAP_TAG_CompareResponse = 15, LDAP_TAG_AbandonRequest = 16, LDAP_TAG_SearchResultReference = 19, LDAP_TAG_ExtendedRequest = 23, LDAP_TAG_ExtendedResponse = 24 }; enum ldap_auth_mechanism { LDAP_AUTH_MECH_SIMPLE = 0, LDAP_AUTH_MECH_SASL = 3 }; enum ldap_result_code { LDAP_SUCCESS = 0, LDAP_SASL_BIND_IN_PROGRESS = 0x0e, LDAP_INVALID_CREDENTIALS = 0x31, LDAP_OTHER = 0x50 }; struct ldap_Result { int resultcode; const char *dn; const char *errormessage; const char *referral; }; struct ldap_attribute { const char *name; int num_values; DATA_BLOB *values; }; struct ldap_BindRequest { int version; const char *dn; enum ldap_auth_mechanism mechanism; union { const char *password; struct { const char *mechanism; DATA_BLOB secblob; } SASL; } creds; }; struct ldap_BindResponse { struct ldap_Result response; union { DATA_BLOB secblob; } SASL; }; struct ldap_UnbindRequest { uint8_t __dummy; }; enum ldap_scope { LDAP_SEARCH_SCOPE_BASE = 0, LDAP_SEARCH_SCOPE_SINGLE = 1, LDAP_SEARCH_SCOPE_SUB = 2 }; enum ldap_deref { LDAP_DEREFERENCE_NEVER = 0, LDAP_DEREFERENCE_IN_SEARCHING = 1, LDAP_DEREFERENCE_FINDING_BASE = 2, LDAP_DEREFERENCE_ALWAYS }; struct ldap_SearchRequest { const char *basedn; enum ldap_scope scope; enum ldap_deref deref; uint32 timelimit; uint32 sizelimit; BOOL attributesonly; char *filter; int num_attributes; const char **attributes; }; struct ldap_SearchResEntry { const char *dn; int num_attributes; struct ldap_attribute *attributes; }; struct ldap_SearchResRef { int num_referrals; const char **referrals; }; enum ldap_modify_type { LDAP_MODIFY_NONE = -1, LDAP_MODIFY_ADD = 0, LDAP_MODIFY_DELETE = 1, LDAP_MODIFY_REPLACE = 2 }; struct ldap_mod { enum ldap_modify_type type; struct ldap_attribute attrib; }; struct ldap_ModifyRequest { const char *dn; int num_mods; struct ldap_mod *mods; }; struct ldap_AddRequest { const char *dn; int num_attributes; struct ldap_attribute *attributes; }; struct ldap_DelRequest { const char *dn; }; struct ldap_ModifyDNRequest { const char *dn; const char *newrdn; BOOL deleteolddn; const char *newsuperior; }; struct ldap_CompareRequest { const char *dn; const char *attribute; const char *value; }; struct ldap_AbandonRequest { uint32 messageid; }; struct ldap_ExtendedRequest { const char *oid; DATA_BLOB value; }; struct ldap_ExtendedResponse { struct ldap_Result response; const char *name; DATA_BLOB value; }; union ldap_Request { struct ldap_BindRequest BindRequest; struct ldap_BindResponse BindResponse; struct ldap_UnbindRequest UnbindRequest; struct ldap_SearchRequest SearchRequest; struct ldap_SearchResEntry SearchResultEntry; struct ldap_Result SearchResultDone; struct ldap_SearchResRef SearchResultReference; struct ldap_ModifyRequest ModifyRequest; struct ldap_Result ModifyResponse; struct ldap_AddRequest AddRequest; struct ldap_Result AddResponse; struct ldap_DelRequest DelRequest; struct ldap_Result DelResponse; struct ldap_ModifyDNRequest ModifyDNRequest; struct ldap_Result ModifyDNResponse; struct ldap_CompareRequest CompareRequest; struct ldap_Result CompareResponse; struct ldap_AbandonRequest AbandonRequest; struct ldap_ExtendedRequest ExtendedRequest; struct ldap_ExtendedResponse ExtendedResponse; }; struct ldap_Control { const char *oid; BOOL critical; DATA_BLOB value; }; struct ldap_message { TALLOC_CTX *mem_ctx; uint32 messageid; uint8 type; union ldap_Request r; int num_controls; struct ldap_Control *controls; }; struct ldap_queue_entry { struct ldap_queue_entry *next, *prev; int msgid; struct ldap_message *msg; }; struct ldap_connection { TALLOC_CTX *mem_ctx; int sock; int next_msgid; char *host; uint16 port; BOOL ldaps; const char *auth_dn; const char *simple_pw; /* Current outstanding search entry */ int searchid; /* List for incoming search entries */ struct ldap_queue_entry *search_entries; /* Outstanding LDAP requests that have not yet been replied to */ struct ldap_queue_entry *outstanding; /* Let's support SASL */ struct gensec_security *gensec; }; #endif