This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef _SMB_LDAP_H
#define _SMB_LDAP_H
+#include "lib/ldb/include/ldb.h"
+
enum ldap_request_tag {
LDAP_TAG_BindRequest = 0,
LDAP_TAG_BindResponse = 1,
};
enum ldap_result_code {
- LDAP_SUCCESS = 0,
- LDAP_SASL_BIND_IN_PROGRESS = 0x0e,
- LDAP_NO_SUCH_OBJECT = 0x20,
- LDAP_INVALID_CREDENTIALS = 0x31,
- LDAP_OTHER = 0x50
+ LDAP_SUCCESS = 0,
+ LDAP_OPERATIONS_ERROR = 1,
+ LDAP_PROTOCOL_ERROR = 2,
+ LDAP_TIME_LIMIT_EXCEEDED = 3,
+ LDAP_SIZE_LIMIT_EXCEEDED = 4,
+ LDAP_COMPARE_FALSE = 5,
+ LDAP_COMPARE_TRUE = 6,
+ LDAP_AUTH_METHOD_NOT_SUPPORTED = 7,
+ LDAP_STRONG_AUTH_REQUIRED = 8,
+ LDAP_REFERRAL = 10,
+ LDAP_ADMIN_LIMIT_EXCEEDED = 11,
+ LDAP_UNAVAILABLE_CRITICAL_EXTENSION = 12,
+ LDAP_CONFIDENTIALITY_REQUIRED = 13,
+ LDAP_SASL_BIND_IN_PROGRESS = 14,
+ LDAP_NO_SUCH_ATTRIBUTE = 16,
+ LDAP_UNDEFINED_ATTRIBUTE_TYPE = 17,
+ LDAP_INAPPROPRIATE_MATCHING = 18,
+ LDAP_CONSTRAINT_VIOLATION = 19,
+ LDAP_ATTRIBUTE_OR_VALUE_EXISTS = 20,
+ LDAP_INVALID_ATTRIBUTE_SYNTAX = 21,
+ LDAP_NO_SUCH_OBJECT = 32,
+ LDAP_ALIAS_PROBLEM = 33,
+ LDAP_INVALID_DN_SYNTAX = 34,
+ LDAP_ALIAS_DEREFERENCING_PROBLEM = 36,
+ LDAP_INAPPROPRIATE_AUTHENTICATION = 48,
+ LDAP_INVALID_CREDENTIALS = 49,
+ LDAP_INSUFFICIENT_ACCESS_RIGHTS = 50,
+ LDAP_BUSY = 51,
+ LDAP_UNAVAILABLE = 52,
+ LDAP_UNWILLING_TO_PERFORM = 53,
+ LDAP_LOOP_DETECT = 54,
+ LDAP_NAMING_VIOLATION = 64,
+ LDAP_OBJECT_CLASS_VIOLATION = 65,
+ LDAP_NOT_ALLOWED_ON_NON_LEAF = 66,
+ LDAP_NOT_ALLOWED_ON_RDN = 67,
+ LDAP_ENTRY_ALREADY_EXISTS = 68,
+ LDAP_OBJECT_CLASS_MODS_PROHIBITED = 69,
+ LDAP_AFFECTS_MULTIPLE_DSAS = 71,
+ LDAP_OTHER = 80
};
struct ldap_Result {
const char *referral;
};
-struct ldap_attribute {
- const char *name;
- int num_values;
- DATA_BLOB *values;
-};
-
struct ldap_BindRequest {
int version;
const char *dn;
const char *password;
struct {
const char *mechanism;
- DATA_BLOB secblob;
+ DATA_BLOB *secblob;/* optional */
} SASL;
} creds;
};
struct ldap_BindResponse {
struct ldap_Result response;
union {
- DATA_BLOB secblob;
+ DATA_BLOB *secblob;/* optional */
} SASL;
};
const char *basedn;
enum ldap_scope scope;
enum ldap_deref deref;
- uint32 timelimit;
- uint32 sizelimit;
+ uint32_t timelimit;
+ uint32_t sizelimit;
BOOL attributesonly;
- char *filter;
+ struct ldb_parse_tree *tree;
int num_attributes;
const char **attributes;
};
struct ldap_SearchResEntry {
const char *dn;
int num_attributes;
- struct ldap_attribute *attributes;
+ struct ldb_message_element *attributes;
};
struct ldap_SearchResRef {
- int num_referrals;
- const char **referrals;
+ const char *referral;
};
enum ldap_modify_type {
struct ldap_mod {
enum ldap_modify_type type;
- struct ldap_attribute attrib;
+ struct ldb_message_element attrib;
};
struct ldap_ModifyRequest {
struct ldap_AddRequest {
const char *dn;
int num_attributes;
- struct ldap_attribute *attributes;
+ struct ldb_message_element *attributes;
};
struct ldap_DelRequest {
const char *dn;
const char *newrdn;
BOOL deleteolddn;
- const char *newsuperior;
+ const char *newsuperior;/* optional */
};
struct ldap_CompareRequest {
const char *dn;
const char *attribute;
- const char *value;
+ DATA_BLOB value;
};
struct ldap_AbandonRequest {
- uint32 messageid;
+ uint32_t messageid;
};
struct ldap_ExtendedRequest {
const char *oid;
- DATA_BLOB value;
+ DATA_BLOB *value;/* optional */
};
struct ldap_ExtendedResponse {
struct ldap_Result response;
- const char *name;
- DATA_BLOB value;
+ const char *oid;/* optional */
+ DATA_BLOB *value;/* optional */
};
union ldap_Request {
+ struct ldap_Result GeneralResult;
struct ldap_BindRequest BindRequest;
struct ldap_BindResponse BindResponse;
struct ldap_UnbindRequest UnbindRequest;
struct ldap_ExtendedResponse ExtendedResponse;
};
-struct ldap_Control {
- const char *oid;
- BOOL critical;
- DATA_BLOB value;
-};
-
struct ldap_message {
- TALLOC_CTX *mem_ctx;
- uint32 messageid;
- uint8 type;
- union ldap_Request r;
- int num_controls;
- struct ldap_Control *controls;
-};
-
-struct ldap_queue_entry {
- struct ldap_queue_entry *next, *prev;
- int msgid;
- struct ldap_message *msg;
-};
-
-struct ldap_connection {
- TALLOC_CTX *mem_ctx;
- int sock;
- int next_msgid;
- char *host;
- uint16 port;
- BOOL ldaps;
-
- const char *auth_dn;
- const char *simple_pw;
-
- /* Current outstanding search entry */
- int searchid;
-
- /* List for incoming search entries */
- struct ldap_queue_entry *search_entries;
-
- /* Outstanding LDAP requests that have not yet been replied to */
- struct ldap_queue_entry *outstanding;
-
- /* Let's support SASL */
- struct gensec_security *gensec;
-};
-
-/* Hmm. A blob might be more appropriate here :-) */
-
-struct ldap_val {
- unsigned int length;
- void *data;
+ int messageid;
+ enum ldap_request_tag type;
+ union ldap_Request r;
+ struct ldb_control **controls;
};
-enum ldap_parse_op {LDAP_OP_SIMPLE, LDAP_OP_AND, LDAP_OP_OR, LDAP_OP_NOT};
-
-struct ldap_parse_tree {
- enum ldap_parse_op operation;
- union {
- struct {
- char *attr;
- struct ldap_val value;
- } simple;
- struct {
- unsigned int num_elements;
- struct ldap_parse_tree **elements;
- } list;
- struct {
- struct ldap_parse_tree *child;
- } not;
- } u;
-};
+struct event_context;
+struct cli_credentials;
+struct dom_sid;
+struct asn1_data;
-#define LDAP_ALL_SEP "()&|=!"
-#define LDAP_CONNECTION_TIMEOUT 10000
+#include "libcli/ldap/ldap_proto.h"
#endif