42#if defined(LDAP_CONFIGURATION)
48#if defined(HAVE_IFADDRS_H)
53#if defined(LDAP_CASA_AUTH)
57#if defined(LDAP_USE_GSSAPI)
75#if defined (LDAP_USE_SSL)
87#if defined (LDAP_USE_GSSAPI)
151 (*cfile)->inbuf =
NULL;
152 (*cfile)->bufsiz = 0;
170#if defined (DEBUG_LDAP)
171 log_info (
"Reallocated %s buffer from %zu to %zu",
177 cfile->bufsiz = size;
186 log_error(
"Unable to reallocated %s buffer from %zu to %zu",
208 cfile->inbuf[0] =
'\0';
216 return cfile->buflen;
241#if defined(MAXHOSTNAMELEN)
266#if defined(HAVE_INET_NTOP)
288#if defined(HAVE_IFADDRS_H)
299 for (ia = addrs; ia !=
NULL; ia = ia->ifa_next)
302 if (ia->ifa_addr && (ia->ifa_flags &
IFF_UP) &&
303 ia->ifa_addr->sa_family ==
AF_INET)
306 if (addr->s_addr ==
sa->sin_addr.s_addr)
320#if defined(HAVE_INET_PTON)
349 for (h=
hp->h_addr_list; *h; h++)
360#if defined(HAVE_INET_NTOP)
401 item->close_brace = 1;
406is_hex_string(
const char *
str)
454 "dhcpClassData")) ==
NULL ||
481 item->close_brace = 1;
518 item->close_brace = 1;
541 item->close_brace = 1;
553 for (
i=1;
i <= netmask;
i++)
559 (
int) (
nm >> 16) & 0xff,
560 (
int) (
nm >> 8) & 0xff,
582 "dhcpNetmask")) ==
NULL ||
616 item->close_brace = 1;
663 item->close_brace = 1;
696 item->close_brace = 1;
729 item->close_brace = 1;
736 item->close_brace = 1;
769 item->close_brace = 1;
832 item->close_brace = 1;
835#if defined(HAVE_IFADDRS_H)
841 char srvaddr[2][64] = {
"\0",
"\0"};
842 int primary,
split = 0, match;
851 log_error(
"Unable to find mandatory failover peering name attribute");
878 log_info(
"Can't resolve address of the primary failover '%s' server %s",
900 log_info(
"Both, primary and secondary failover '%s' server"
915 log_info(
"Can't resolve address of the secondary failover '%s' server %s",
930 log_error(
"Could not decide if the server type is primary"
1043 if (primary && !
split &&
1054 item->close_brace = 1;
1065 log_fatal (
"no memory for add_to_config_stack()");
1070 ns->close_brace = 0;
1117 db.data !=
NULL && *
db.data !=
'\0')
1178 db.data !=
NULL && *
db.data !=
'\0')
1201 log_info(
"LDAP rebind to '%s'", url);
1204 log_error (
"Error: Can not parse ldap rebind url '%s': %s",
1210#if defined (LDAP_USE_SSL)
1216 log_error (
"Error: Cannot init LDAPS session to %s:%d: %s",
1232 log_error (
"Error: Cannot start TLS session to %s:%d: %s",
1239 log_info (
"TLS session successfully started to %s:%d",
1245#if defined(LDAP_USE_GSSAPI)
1253 log_error (
"Error: Cannot SASL bind to ldap server %s:%d: %s",
1272 log_fatal (
"Error: Unable to allocate memory to duplicate ldap_password");
1279 log_error (
"Error: Cannot login into ldap server %s:%d: %s",
1301 log_info (
"Can't contact LDAP server %s:%d: retrying for %d sec",
1328#if defined(LDAP_USE_GSSAPI)
1358#if defined (LDAP_USE_SSL)
1373#if defined (LDAP_USE_GSSAPI)
1378 log_info(
"ldap-gssapi-principal is not set,"
1379 "GSSAPI Authentication for LDAP will not be used");
1384 log_fatal(
"ldap-gssapi-keytab must be specified");
1389 log_fatal(
"Could not allocate memory to duplicate gssapi principal");
1393 log_fatal (
"GSSAPI principal must specify user: user@realm");
1398 log_fatal (
"GSSAPI principal must specify realm: user@realm");
1403 log_fatal(
"Could not allocate memory for sasl instance! Can not run!");
1407 log_fatal(
"Could not allocate memory to duplicate gssapi mechanism");
1411 log_fatal(
"Could not allocate memory to duplicate gssapi realm");
1415 log_fatal(
"Could not allocate memory to duplicate gssapi user");
1423#if defined (LDAP_CASA_AUTH)
1426#if defined (DEBUG_LDAP)
1427 log_info (
"Authentication credential taken from file");
1434#if defined (LDAP_CASA_AUTH)
1443 log_info (
"Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file");
1456#if defined (DEBUG_LDAP)
1460#if defined (LDAP_USE_SSL)
1472 log_error (
"Warning: Cannot set LDAP TLS require cert option to 'allow': %s",
1484 log_error (
"Cannot set LDAP TLS require cert option: %s",
1494 log_error (
"Cannot set LDAP TLS CA certificate file %s: %s",
1503 log_error (
"Cannot set LDAP TLS CA certificate dir %s: %s",
1512 log_error (
"Cannot set LDAP TLS client certificate file %s: %s",
1521 log_error (
"Cannot set LDAP TLS certificate key file %s: %s",
1531 log_error (
"Cannot set LDAP TLS crl check option: %s",
1540 log_error (
"Cannot set LDAP TLS cipher suite %s: %s",
1549 log_error (
"Cannot set LDAP TLS random file %s: %s",
1578 log_error (
"Cannot set LDAP version to %d: %s", version,
1587 log_error (
"Cannot %s LDAP referrals option: %s",
1595 log_error (
"Warning: Cannot set ldap rebind procedure: %s",
1599#if defined (LDAP_USE_SSL)
1606 log_error (
"Error: Cannot init LDAPS session to %s:%d: %s",
1613 log_info (
"LDAPS session successfully enabled to %s:%d",
1627 log_error (
"Error: Cannot start TLS session to %s:%d: %s",
1634 log_info (
"TLS session successfully started to %s:%d",
1640#if defined(LDAP_USE_GSSAPI)
1648 log_error (
"Error: Cannot SASL bind to ldap server %s:%d: %s",
1664 log_fatal (
"Error: Unable to allocate memory to duplicate ldap_password");
1678 log_error (
"Error: Cannot login into ldap server %s:%d: %s",
1685#if defined (DEBUG_LDAP)
1694 char *
search[] = {
"dhcpOptionsDN",
"dhcpSharedNetworkDN",
"dhcpSubnetDN",
1695 "dhcpGroupDN",
"dhcpHostDN",
"dhcpClassesDN",
1696 "dhcpPoolDN",
"dhcpZoneDN",
"dhcpFailOverPeerDN",
NULL};
1708#if defined (DEBUG_LDAP)
1714 log_info (
"Parsing external DNs for '%s'",
dn);
1743#if defined (DEBUG_LDAP)
1750#if defined (DEBUG_LDAP)
1754 log_info (
"Adding LDAP result set starting with '%s' to config stack",
dn);
1843 for (++ptr;
isspace ((
int)*ptr); ptr++);
1862 for (++ptr;
isspace ((
int)*ptr); ptr++);
1889 if (lease_limit !=
NULL &&
1944 size_t len =
cfile->buflen;
1953 "objectClass")) ==
NULL)
1956 entry->processed = 1;
1979#if defined(HAVE_IFADDRS_H)
2029#if defined(DEBUG_LDAP)
2034 "(!(|(|(objectClass=dhcpTSigKey)(objectClass=dhcpClass)) (objectClass=dhcpFailOverPeer)))",
2045 "(|(|(objectClass=dhcpTSigKey)(objectClass=dhcpClass)) (objectClass=dhcpFailOverPeer))",
2106 log_error (
"Error writing to LDAP debug file %s: %s."
2122 cfile->inbuf[0] =
'\0';
2126 len =
cfile->buflen;
2134 if (
cfile->buflen > len)
2136#if defined (DEBUG_LDAP)
2137 log_info (
"Sending config portion '%s'",
cfile->inbuf + len);
2156#if defined (DEBUG_LDAP)
2160 log_info (
"Cannot get cn attribute for LDAP entry %s",
ret);
2216 "(&(objectClass=dhcpServer)(cn=%s))",
bv_o[0].
bv_val);
2224 log_error (
"Cannot escape ldap filter value %s: %m",
unme.nodename);
2245 "(&(objectClass=dhcpServer)(|(cn=%s)(cn=%s)))",
2253 "(&(objectClass=dhcpServer)(cn=%s))",
2273 log_error (
"Cannot find host LDAP entry %s %s",
2292#if defined(DEBUG_LDAP)
2301 log_error (
"Error: No dhcp service is associated with the server %s %s",
2316#if defined(DEBUG_LDAP)
2362 "(|(|(dhcpPrimaryDN=%s)(dhcpSecondaryDN=%s))(dhcpServerDN=%s)))",
2372 log_error (
"Error searching for dhcpServiceDN '%s': %s. Please update the LDAP entry '%s'",
2382 log_error (
"Error: Cannot find dhcpService DN '%s' with server reference. Please update the LDAP server entry '%s'",
2423 log_fatal (
"no memory to remember ldap service dn");
2425#if defined (DEBUG_LDAP)
2482 struct class **
class)
2493 return (lease_limit);
2522 log_error (
"Cannot escape ldap filter value %.*s: %m",
2529 "(&(cn=%s)(objectClass=dhcpGroup))",
2567 return (lease_limit);
2573 return (lease_limit);
2587 return (lease_limit);
2594 const unsigned char *haddr,
const char *
file,
int line)
2629 log_info (
"Ignoring unknown type %d", htype);
2654 "(&(objectClass=dhcpHost)(|(dhcpHWAddress=%s %s)(dhcpHWAddress=%s %s)))",
2665#if defined (DEBUG_LDAP)
2666 log_info (
"Searching for %s in LDAP tree %s", buf,
curr->dn);
2673 log_info (
"LDAP server was down, trying to reconnect...");
2679 log_info (
"LDAP reconnect failed - try again later...");
2690#if defined (DEBUG_LDAP)
2692 log_info (
"No host entry for %s in LDAP tree %s",
2697#if defined (DEBUG_LDAP)
2701 log_info (
"Found dhcpHWAddress LDAP entry %s",
dn);
2710 log_fatal (
"can't allocate host decl struct: %s",
2755 log_error (
"Cannot search for %s in LDAP tree %s: %s", buf,
2760#if defined (DEBUG_LDAP)
2763 log_info (
"ldap_search_ext_s returned %s when searching for %s in %s",
2779 int ret, lease_limit;
2815 "(&(objectClass=dhcpSubClass)(cn=%s)(dhcpClassData=%s))",
2822#if defined (DEBUG_LDAP)
2823 log_info (
"Searching LDAP for %s", buf);
2831#if defined (DEBUG_LDAP)
2832 log_info (
"Searching for %s in LDAP tree %s", buf,
curr->dn);
2839 log_info (
"LDAP server was down, trying to reconnect...");
2846 log_info (
"LDAP reconnect failed - try again later...");
2859#if defined (DEBUG_LDAP)
2860 log_info (
"No subclass entry for %s in LDAP tree %s",
2879 log_error (
"Cannot search for %s in LDAP tree %s: %s", buf,
2884#if defined (DEBUG_LDAP)
2887 log_info (
"ldap_search_ext_s returned %s when searching for %s in %s",
2896#if defined (DEBUG_LDAP)
2900 log_info (
"Found subclass LDAP entry %s",
dn);
2908 log_error (
"Cannot allocate memory for a new class");
2917 if (lease_limit == 0)
2918 (*newclass)->lease_limit =
class->lease_limit;
2920 class->lease_limit = lease_limit;
2922 if ((*newclass)->lease_limit)
2924 (*newclass)->billed_leases =
2926 if (!(*newclass)->billed_leases)
2933 memset ((*newclass)->billed_leases, 0,
2934 ((*newclass)->lease_limit *
sizeof (
struct lease *)));
2955 char buf[1024],
buf1[1024];
2970 "(&(objectClass=dhcpHost)(dhcpClientId=%s))",
2981#if defined (DEBUG_LDAP)
2982 log_info (
"Searching for %s in LDAP tree %s", buf,
buf1);
2989 log_info (
"LDAP server was down, trying to reconnect...");
2996 log_info (
"LDAP reconnect failed - try again later...");
3011#if defined (DEBUG_LDAP)
3012 log_info (
"No subclass entry for %s in LDAP tree %s", buf,
curr->dn);
3030 log_error (
"Cannot search for %s in LDAP tree %s: %s", buf,
3037 log_info (
"did not find: %s", buf);
3044#if defined (DEBUG_LDAP)
3049 log_info (
"Found subclass LDAP entry %s",
dn);
3060 log_fatal (
"can't allocate host decl struct: %s",
3091 log_info (
"did not find clientid: %s", buf);
3099#if defined(LDAP_USE_GSSAPI)
3111 log_info(
"doing interactive bind");
void data_string_forget(struct data_string *data, const char *file, int line)
int option_state_allocate(struct option_state **ptr, const char *file, int line)
int option_state_dereference(struct option_state **ptr, const char *file, int line)
int group_reference(struct group **ptr, struct group *bp, const char *file, int line)
void data_string_copy(struct data_string *dest, const struct data_string *src, const char *file, int line)
enum dhcp_token peek_token(const char **rval, unsigned *rlen, struct parse *cfile)
isc_result_t end_parse(struct parse **cfile)
isc_result_t new_parse(struct parse **cfile, int file, char *inbuf, unsigned buflen, const char *name, int eolp)
struct option_cache * lookup_option(struct universe *universe, struct option_state *options, unsigned code)
char * quotify_string(const char *s, const char *file, int line)
char * print_hw_addr(int htype, const int hlen, const unsigned char *data) const
u_int32_t getULong(const unsigned char *)
isc_result_t get_client_id(struct packet *, struct data_string *)
int parse_statement(struct parse *, struct group *, int, struct host_decl *, int)
struct universe server_universe
isc_result_t conf_file_subparse(struct parse *, struct group *, int)
#define print_hex_1(len, data, limit)
void execute_statements_in_scope(struct binding_value **result, struct packet *packet, struct lease *lease, struct client_state *client_state, struct option_state *in_options, struct option_state *out_options, struct binding_scope **scope, struct group *group, struct group *limiting_group, struct on_star *on_star)
int clone_group(struct group **gp, struct group *group, const char *file, int line)
struct group * root_group
void * dmalloc(size_t, const char *, int)
void dfree(void *, const char *, int)
int log_error(const char *,...) __attribute__((__format__(__printf__
void log_fatal(const char *,...) __attribute__((__format__(__printf__
int int log_info(const char *,...) __attribute__((__format__(__printf__
const unsigned char * data
struct host_decl * n_ipaddr
struct shared_network * shared_network
struct interface_info * interface
int evaluate_option_cache(struct data_string *result, struct packet *packet, struct lease *lease, struct client_state *client_state, struct option_state *in_options, struct option_state *cfg_options, struct binding_scope **scope, struct option_cache *oc, const char *file, int line)
struct binding_scope * global_scope