2 Unix SMB/CIFS Implementation.
3 LDAP protocol helper functions for SAMBA
4 Copyright (C) Volker Lendecke 2004
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 enum ldap_request_tag {
26 LDAP_TAG_BindRequest = 0,
27 LDAP_TAG_BindResponse = 1,
28 LDAP_TAG_UnbindRequest = 2,
29 LDAP_TAG_SearchRequest = 3,
30 LDAP_TAG_SearchResultEntry = 4,
31 LDAP_TAG_SearchResultDone = 5,
32 LDAP_TAG_ModifyRequest = 6,
33 LDAP_TAG_ModifyResponse = 7,
34 LDAP_TAG_AddRequest = 8,
35 LDAP_TAG_AddResponse = 9,
36 LDAP_TAG_DelRequest = 10,
37 LDAP_TAG_DelResponse = 11,
38 LDAP_TAG_ModifyDNRequest = 12,
39 LDAP_TAG_ModifyDNResponse = 13,
40 LDAP_TAG_CompareRequest = 14,
41 LDAP_TAG_CompareResponse = 15,
42 LDAP_TAG_AbandonRequest = 16,
43 LDAP_TAG_SearchResultReference = 19,
44 LDAP_TAG_ExtendedRequest = 23,
45 LDAP_TAG_ExtendedResponse = 24
48 enum ldap_auth_mechanism {
49 LDAP_AUTH_MECH_SIMPLE = 0,
50 LDAP_AUTH_MECH_SASL = 3
53 enum ldap_result_code {
55 LDAP_SASL_BIND_IN_PROGRESS = 0x0e,
56 LDAP_INVALID_CREDENTIALS = 0x31,
63 const char *errormessage;
67 struct ldap_attribute {
73 struct ldap_BindRequest {
76 enum ldap_auth_mechanism mechanism;
80 const char *mechanism;
86 struct ldap_BindResponse {
87 struct ldap_Result response;
93 struct ldap_UnbindRequest {
98 LDAP_SEARCH_SCOPE_BASE = 0,
99 LDAP_SEARCH_SCOPE_SINGLE = 1,
100 LDAP_SEARCH_SCOPE_SUB = 2
104 LDAP_DEREFERENCE_NEVER = 0,
105 LDAP_DEREFERENCE_IN_SEARCHING = 1,
106 LDAP_DEREFERENCE_FINDING_BASE = 2,
107 LDAP_DEREFERENCE_ALWAYS
110 struct ldap_SearchRequest {
112 enum ldap_scope scope;
113 enum ldap_deref deref;
119 const char **attributes;
122 struct ldap_SearchResEntry {
125 struct ldap_attribute *attributes;
128 struct ldap_SearchResRef {
130 const char **referrals;
133 enum ldap_modify_type {
134 LDAP_MODIFY_NONE = -1,
136 LDAP_MODIFY_DELETE = 1,
137 LDAP_MODIFY_REPLACE = 2
141 enum ldap_modify_type type;
142 struct ldap_attribute attrib;
145 struct ldap_ModifyRequest {
148 struct ldap_mod *mods;
151 struct ldap_AddRequest {
154 struct ldap_attribute *attributes;
157 struct ldap_DelRequest {
161 struct ldap_ModifyDNRequest {
165 const char *newsuperior;
168 struct ldap_CompareRequest {
170 const char *attribute;
174 struct ldap_AbandonRequest {
178 struct ldap_ExtendedRequest {
183 struct ldap_ExtendedResponse {
184 struct ldap_Result response;
190 struct ldap_BindRequest BindRequest;
191 struct ldap_BindResponse BindResponse;
192 struct ldap_UnbindRequest UnbindRequest;
193 struct ldap_SearchRequest SearchRequest;
194 struct ldap_SearchResEntry SearchResultEntry;
195 struct ldap_Result SearchResultDone;
196 struct ldap_SearchResRef SearchResultReference;
197 struct ldap_ModifyRequest ModifyRequest;
198 struct ldap_Result ModifyResponse;
199 struct ldap_AddRequest AddRequest;
200 struct ldap_Result AddResponse;
201 struct ldap_DelRequest DelRequest;
202 struct ldap_Result DelResponse;
203 struct ldap_ModifyDNRequest ModifyDNRequest;
204 struct ldap_Result ModifyDNResponse;
205 struct ldap_CompareRequest CompareRequest;
206 struct ldap_Result CompareResponse;
207 struct ldap_AbandonRequest AbandonRequest;
208 struct ldap_ExtendedRequest ExtendedRequest;
209 struct ldap_ExtendedResponse ExtendedResponse;
212 struct ldap_Control {
218 struct ldap_message {
222 union ldap_Request r;
224 struct ldap_Control *controls;
227 struct ldap_queue_entry {
228 struct ldap_queue_entry *next, *prev;
230 struct ldap_message *msg;
233 struct ldap_connection {
242 const char *simple_pw;
244 /* Current outstanding search entry */
247 /* List for incoming search entries */
248 struct ldap_queue_entry *search_entries;
250 /* Outstanding LDAP requests that have not yet been replied to */
251 struct ldap_queue_entry *outstanding;
253 /* Let's support SASL */
254 struct gensec_security *gensec;
257 /* Hmm. A blob might be more appropriate here :-) */
264 enum ldap_parse_op {LDAP_OP_SIMPLE, LDAP_OP_AND, LDAP_OP_OR, LDAP_OP_NOT};
266 struct ldap_parse_tree {
267 enum ldap_parse_op operation;
271 struct ldap_val value;
274 unsigned int num_elements;
275 struct ldap_parse_tree **elements;
278 struct ldap_parse_tree *child;
283 #define LDAP_ALL_SEP "()&|=!"
284 #define LDAP_CONNECTION_TIMEOUT 10000