source4/ldap_server/ldap_server.h

   1 /*
   2    Unix SMB/CIFS implementation.
   3    LDAP server
   4    Copyright (C) Volker Lendecke 2004
   5    Copyright (C) Stefan Metzmacher 2004
   6
   7    This program is free software; you can redistribute it and/or modify
   8    it under the terms of the GNU General Public License as published by
   9    the Free Software Foundation; either version 3 of the License, or
  10    (at your option) any later version.
  11
  12    This program is distributed in the hope that it will be useful,
  13    but WITHOUT ANY WARRANTY; without even the implied warranty of
  14    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15    GNU General Public License for more details.
  16
  17    You should have received a copy of the GNU General Public License
  18    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  19 */
  20
  21 #include "libcli/ldap/libcli_ldap.h"
  22 #include "lib/socket/socket.h"
  23 #include "lib/stream/packet.h"
  24 #include "system/network.h"
  25 #include "lib/param/loadparm.h"
  26
  27 enum ldap_server_referral_scheme {
  28         LDAP_REFERRAL_SCHEME_LDAP,
  29         LDAP_REFERRAL_SCHEME_LDAPS
  30 };
  31
  32 struct ldapsrv_connection {
  33         struct ldapsrv_connection *next, *prev;
  34         struct loadparm_context *lp_ctx;
  35         struct stream_connection *connection;
  36         struct gensec_security *gensec;
  37         struct auth_session_info *session_info;
  38         struct ldapsrv_service *service;
  39         struct cli_credentials *server_credentials;
  40         struct ldb_context *ldb;
  41
  42         struct {
  43                 struct tevent_queue *send_queue;
  44                 struct tevent_req *read_req;
  45                 struct tstream_context *raw;
  46                 struct tstream_context *tls;
  47                 struct tstream_context *sasl;
  48                 struct tstream_context *active;
  49         } sockets;
  50
  51         bool global_catalog;
  52         bool is_privileged;
  53         enum ldap_server_require_strong_auth require_strong_auth;
  54         bool authz_logged;
  55         enum ldap_server_referral_scheme referral_scheme;
  56
  57         struct {
  58                 int initial_timeout;
  59                 int conn_idle_time;
  60                 int max_page_size;
  61                 int max_notifications;
  62                 int search_timeout;
  63                 struct timeval endtime;
  64                 struct timeval expire_time; /* Krb5 ticket expiry */
  65                 const char *reason;
  66         } limits;
  67
  68         struct tevent_req *active_call;
  69         struct tevent_req *deferred_expire_disconnect;
  70
  71         struct ldapsrv_call *pending_calls;
  72 };
  73
  74 struct ldapsrv_call {
  75         struct ldapsrv_call *prev, *next;
  76         struct ldapsrv_connection *conn;
  77         struct ldap_message *request;
  78         struct ldapsrv_reply {
  79                 struct ldapsrv_reply *prev, *next;
  80                 struct ldap_message *msg;
  81                 DATA_BLOB blob;
  82         } *replies;
  83         struct iovec *out_iov;
  84         size_t iov_count;
  85         size_t reply_size;
  86
  87         struct tevent_req *(*wait_send)(TALLOC_CTX *mem_ctx,
  88                                         struct tevent_context *ev,
  89                                         void *private_data);
  90         NTSTATUS (*wait_recv)(struct tevent_req *req);
  91         void *wait_private;
  92
  93         struct tevent_req *(*postprocess_send)(TALLOC_CTX *mem_ctx,
  94                                                struct tevent_context *ev,
  95                                                void *private_data);
  96         NTSTATUS (*postprocess_recv)(struct tevent_req *req);
  97         void *postprocess_private;
  98
  99         struct {
 100                 bool busy;
 101                 uint64_t generation;
 102         } notification;
 103 };
 104
 105 /*
 106  * This matches the previous implicit size limit via talloc's maximum
 107  * allocation size
 108  */
 109 #define LDAP_SERVER_MAX_REPLY_SIZE ((size_t)(256 * 1024 * 1024))
 110
 111 /*
 112  * Start writing to the network before we hit this size
 113  */
 114 #define LDAP_SERVER_MAX_CHUNK_SIZE ((size_t)(25 * 1024 * 1024))
 115
 116 struct ldapsrv_service {
 117         struct tstream_tls_params *tls_params;
 118         struct task_server *task;
 119         struct tevent_queue *call_queue;
 120         struct ldapsrv_connection *connections;
 121         struct {
 122                 uint64_t generation;
 123                 struct tevent_req *retry;
 124         } notification;
 125
 126         struct ldb_context *sam_ctx;
 127 };
 128
 129 #include "ldap_server/proto.h"