Apache Portable Runtime
Loading...
Searching...
No Matches
apr_ldap_internal.h
1/* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#ifndef APR_LDAP_INTERNAL_H
18#define APR_LDAP_INTERNAL_H
19
20#include "apr_private.h"
21#include "apr_ldap.h"
22#include "apr_skiplist.h"
23
24#ifdef __cplusplus
25extern "C" {
26#endif
27
28#if APR_HAS_LDAP
29
30/*
31 * Include the standard LDAP header files.
32 */
33
34#if APR_HAS_MICROSOFT_LDAPSDK
35#include <winldap.h>
36#else
37#include <lber.h>
38#include <ldap.h>
39#endif
40
41
42/*
43 * Make sure the secure LDAP port is defined
44 */
45#ifndef LDAPS_PORT
46#define LDAPS_PORT 636 /* ldaps:/// default LDAP over TLS port */
47#endif
48
49/*
50 * For ldap function calls that input a size limit on the number of returned elements
51 * Some SDKs do not have the define for LDAP_DEFAULT_LIMIT (-1) or LDAP_NO_LIMIT (0)
52 * LDAP_DEFAULT_LIMIT is preferred as it allows inheritance from whatever the SDK
53 * or process is configured for.
54 */
55#ifdef LDAP_DEFAULT_LIMIT
56#define APR_LDAP_SIZELIMIT LDAP_DEFAULT_LIMIT
57#else
58#ifdef LDAP_NO_LIMIT
59#define APR_LDAP_SIZELIMIT LDAP_NO_LIMIT
60#endif
61#endif
62
63#ifndef APR_LDAP_SIZELIMIT
64#define APR_LDAP_SIZELIMIT 0 /* equivalent to LDAP_NO_LIMIT, and what goes on the wire */
65#endif
66
67/*
68 * z/OS is missing some defines
69 */
70#ifndef LDAP_VERSION_MAX
71#define LDAP_VERSION_MAX LDAP_VERSION
72#endif
73#if APR_HAS_ZOS_LDAPSDK
74#define LDAP_VENDOR_NAME "IBM z/OS"
75#endif
76
77/*
78 * LDAP v2.0 is history.
79 */
80#if LDAP_VERSION_MAX <= 2
81#error Support for LDAP v2.0 toolkits has been removed from apr-util. Please use an LDAP v3.0 toolkit.
82#endif
83
84
85
86/* The MS SDK returns LDAP_UNAVAILABLE when the backend has closed the connection
87 * between LDAP calls. Protect with APR_HAS_MICROSOFT_LDAPSDK in case someone
88 * manually chooses another SDK on Windows
89 */
90#if APR_HAS_MICROSOFT_LDAPSDK
91#define APR_LDAP_IS_SERVER_DOWN(s) ((s) == LDAP_SERVER_DOWN \
92 || (s) == LDAP_UNAVAILABLE)
93#else
94#define APR_LDAP_IS_SERVER_DOWN(s) ((s) == LDAP_SERVER_DOWN)
95#endif
96
97
98
99/**
100 * Macro to detect security related return values.
101 */
102#if defined(LDAP_INSUFFICIENT_ACCESS)
103#define APU_LDAP_INSUFFICIENT_ACCESS LDAP_INSUFFICIENT_ACCESS
104#elif defined(LDAP_INSUFFICIENT_RIGHTS)
105#define APU_LDAP_INSUFFICIENT_ACCESS LDAP_INSUFFICIENT_RIGHTS
106#elif defined(APR_HAS_MICROSOFT_LDAPSDK)
107/* The macros above fail to contemplate that LDAP_RETCODE values
108 * may be represented by an enum. autoconf tests would be much
109 * more robust.
110 */
111#define APU_LDAP_INSUFFICIENT_ACCESS LDAP_INSUFFICIENT_RIGHTS
112#else
113#error The security return codes must be added to support this LDAP toolkit.
114#endif
115
116#if defined(LDAP_SECURITY_ERROR)
117#define APU_LDAP_SECURITY_ERROR LDAP_SECURITY_ERROR
118#else
119#define APU_LDAP_SECURITY_ERROR(n) \
120 (LDAP_INAPPROPRIATE_AUTH == n) ? 1 \
121 : (LDAP_INVALID_CREDENTIALS == n) ? 1 \
122 : (APU_LDAP_INSUFFICIENT_ACCESS == n) ? 1 \
123 : 0
124#endif
125
126
127typedef struct apr_ldap_t {
128 apr_pool_t *pool;
129 LDAP *ld;
130 apr_socket_t *socket;
131 apr_skiplist *results;
132 apr_array_header_t *abandons;
133 apr_array_header_t *prepares;
134 LDAPControl **serverctrls;
135 LDAPControl **clientctrls;
136 apu_err_t err;
137 apr_status_t status;
138} apr_ldap_t;
139
140
141typedef struct apr_ldap_prepare_t {
142 apr_pool_t *pool;
144 void *ctx;
145} apr_ldap_prepare_t;
146
147
148
149typedef struct apr_ldap_result_t {
150 apr_pool_t *pool;
151 apr_ldap_t *ld;
152 const char *mech;
153 const char *rmech;
154 LDAPMessage *message;
155 int msgid;
156 int msgtype;
157 union {
158 apr_ldap_bind_cb bind;
159 apr_ldap_compare_cb compare;
161 } cb;
162 union {
164 } entry_cb;
165 void *ctx;
166 apr_size_t nentries;
167} apr_ldap_result_t;
168
169
170
171APU_DECLARE_LDAP(apr_status_t) apr_ldap_status(int rc, apr_status_t status);
172
173APU_DECLARE_LDAP(void) apr_ldap_result_add(apr_pool_t *pool,
174 apr_ldap_t *ldap,
175 apr_ldap_result_t *res,
176 int msgid)
177 __attribute__((nonnull(1,2,3)));
178
179
180
181
182#if APR_HAVE_MODULAR_DSO
183
184/* For LDAP internal builds, wrap our LDAP namespace */
185
186struct apr__ldap_dso_fntable {
187 int (*info)(apr_pool_t *pool, apu_err_t **err);
188 apr_status_t (*initialise)(apr_pool_t *pool, apr_ldap_t **ldap,
189 apu_err_t *err);
190 apr_status_t (*option_get)(apr_pool_t *pool, apr_ldap_t *ldap, int option,
191 apr_ldap_opt_t *outvalue, apu_err_t *err);
192 apr_status_t (*option_set)(apr_pool_t *pool, apr_ldap_t *ldap, int option,
193 const apr_ldap_opt_t *invalue, apu_err_t *err);
194 apr_status_t (*connect)(apr_pool_t *pool, apr_ldap_t *ldap,
195 apr_interval_time_t timeout, apu_err_t *err);
196 apr_status_t (*prepare)(apr_pool_t *pool, apr_ldap_t *ldap,
197 apr_ldap_prepare_cb prepare_cb,
198 void *prepare_ctx);
199 apr_status_t (*process)(apr_pool_t *pool, apr_ldap_t *ldap,
200 apr_interval_time_t timeout, apu_err_t *err);
201 apr_status_t (*result)(apr_pool_t *pool, apr_ldap_t *ldap,
202 apr_interval_time_t timeout, apu_err_t *err);
203 apr_status_t (*poll)(apr_pool_t *pool, apr_ldap_t *ldap, apr_pollcb_t *poll,
204 apr_interval_time_t timeout, apu_err_t *err);
205 apr_status_t (*bind)(apr_pool_t *pool, apr_ldap_t *ldap,
206 const char *mech, apr_ldap_bind_interact_cb *interact_cb,
207 void *interact_ctx, apr_interval_time_t timeout,
208 apr_ldap_bind_cb bind_cb, void *bind_ctx,
209 apu_err_t *err);
210 apr_status_t (*compare)(apr_pool_t *pool, apr_ldap_t *ldap,
211 const char *dn, const char *attr,
212 const apr_buffer_t *bval,
213 apr_ldap_control_t **serverctrls,
214 apr_ldap_control_t **clientctrls,
215 apr_interval_time_t timeout,
216 apr_ldap_compare_cb compare_cb, void *ctx, apu_err_t *err);
217 apr_status_t (*search)(apr_pool_t *pool, apr_ldap_t *ldap, const char *dn,
218 apr_ldap_search_scope_e scope, const char *filter,
219 const char **attrs, apr_ldap_switch_e attrsonly,
220 apr_ldap_control_t **serverctrls,
221 apr_ldap_control_t **clientctrls,
222 apr_interval_time_t timeout, apr_ssize_t sizelimit,
223 apr_ldap_search_result_cb search_result_cb,
224 apr_ldap_search_entry_cb search_entry_cb,
225 void *search_ctx, apu_err_t *err);
226 apr_status_t (*unbind)(apr_ldap_t *ldap, apr_ldap_control_t **serverctrls,
227 apr_ldap_control_t **clientctrls, apu_err_t *err);
228};
229
230#endif /* APR_HAVE_MODULAR_DSO */
231
232
233#endif
234
235#ifdef __cplusplus
236}
237#endif
238
239#endif
240
APR-UTIL LDAP routines.
APR skip list implementation.
apr_status_t(* apr_ldap_search_result_cb)(apr_ldap_t *ldap, apr_status_t status, apr_size_t count, const char *matcheddn, apr_ldap_control_t **serverctrls, void *ctx, apu_err_t *err)
Definition apr_ldap.h:1349
#define APU_DECLARE_LDAP(type)
Definition apr_ldap.h:246
apr_status_t(* apr_ldap_search_entry_cb)(apr_ldap_t *ldap, const char *dn, int eidx, int nattrs, int aidx, const char *attr, int nvals, int vidx, apr_buffer_t *val, int binary, void *ctx, apu_err_t *err)
Definition apr_ldap.h:1367
apr_status_t apr_ldap_bind_interact_cb(apr_ldap_t *ld, unsigned int flags, apr_ldap_bind_interact_t *interact, void *ctx)
Definition apr_ldap.h:911
apr_ldap_search_scope_e
Definition apr_ldap.h:1314
apr_status_t(* apr_ldap_compare_cb)(apr_ldap_t *ldap, apr_status_t status, const char *matcheddn, apr_ldap_control_t **serverctrls, void *ctx, apu_err_t *err)
Definition apr_ldap.h:1242
struct apr_ldap_t apr_ldap_t
Definition apr_ldap.h:303
apr_status_t(* apr_ldap_bind_cb)(apr_ldap_t *ldap, apr_status_t status, const char *matcheddn, apr_ldap_control_t **serverctrls, void *ctx, apu_err_t *err)
Definition apr_ldap.h:1123
apr_status_t(* apr_ldap_prepare_cb)(apr_ldap_t *ldap, apr_status_t status, void *ctx, apu_err_t *err)
Definition apr_ldap.h:984
struct apr_ldap_control_t apr_ldap_control_t
Definition apr_ldap.h:943
apr_ldap_switch_e
Definition apr_ldap.h:433
int apr_status_t
Definition apr_errno.h:44
struct apr_socket_t apr_socket_t
Definition apr_network_io.h:219
struct apr_pollcb_t apr_pollcb_t
Definition apr_poll.h:318
struct apr_pool_t apr_pool_t
Definition apr_pools.h:60
struct apr_skiplist apr_skiplist
Definition apr_skiplist.h:56
apr_int64_t apr_interval_time_t
Definition apr_time.h:55
Definition apr_tables.h:62
Definition apr_buffer.h:69
Definition apu_errno.h:289
Definition apr_ldap.h:708