18040SBaban.Kenkre@Sun.COM /* 28040SBaban.Kenkre@Sun.COM * CDDL HEADER START 38040SBaban.Kenkre@Sun.COM * 48040SBaban.Kenkre@Sun.COM * The contents of this file are subject to the terms of the 58040SBaban.Kenkre@Sun.COM * Common Development and Distribution License (the "License"). 68040SBaban.Kenkre@Sun.COM * You may not use this file except in compliance with the License. 78040SBaban.Kenkre@Sun.COM * 88040SBaban.Kenkre@Sun.COM * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 98040SBaban.Kenkre@Sun.COM * or http://www.opensolaris.org/os/licensing. 108040SBaban.Kenkre@Sun.COM * See the License for the specific language governing permissions 118040SBaban.Kenkre@Sun.COM * and limitations under the License. 128040SBaban.Kenkre@Sun.COM * 138040SBaban.Kenkre@Sun.COM * When distributing Covered Code, include this CDDL HEADER in each 148040SBaban.Kenkre@Sun.COM * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 158040SBaban.Kenkre@Sun.COM * If applicable, add the following below this CDDL HEADER, with the 168040SBaban.Kenkre@Sun.COM * fields enclosed by brackets "[]" replaced with your own identifying 178040SBaban.Kenkre@Sun.COM * information: Portions Copyright [yyyy] [name of copyright owner] 188040SBaban.Kenkre@Sun.COM * 198040SBaban.Kenkre@Sun.COM * CDDL HEADER END 208040SBaban.Kenkre@Sun.COM */ 218040SBaban.Kenkre@Sun.COM /* 22*12508Samw@Sun.COM * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved. 238040SBaban.Kenkre@Sun.COM */ 248040SBaban.Kenkre@Sun.COM 258040SBaban.Kenkre@Sun.COM #ifndef _ADUTILS_IMPL_H 268040SBaban.Kenkre@Sun.COM #define _ADUTILS_IMPL_H 278040SBaban.Kenkre@Sun.COM 288040SBaban.Kenkre@Sun.COM #include <stdlib.h> 298040SBaban.Kenkre@Sun.COM #include <stdio.h> 308040SBaban.Kenkre@Sun.COM #include <sys/types.h> 318040SBaban.Kenkre@Sun.COM #include <ldap.h> 328040SBaban.Kenkre@Sun.COM #include <pthread.h> 338040SBaban.Kenkre@Sun.COM #include "addisc.h" 349565SJordan.Brown@Sun.COM #include <rpcsvc/idmap_prot.h> 358040SBaban.Kenkre@Sun.COM #include "libadutils.h" 368040SBaban.Kenkre@Sun.COM 378040SBaban.Kenkre@Sun.COM #ifdef __cplusplus 388040SBaban.Kenkre@Sun.COM extern "C" { 398040SBaban.Kenkre@Sun.COM #endif 408040SBaban.Kenkre@Sun.COM 41*12508Samw@Sun.COM #define DBG(type, lev) \ 42*12508Samw@Sun.COM (ad_debug[AD_DEBUG_##type] >= (lev) || \ 43*12508Samw@Sun.COM ad_debug[AD_DEBUG_ALL] >= (lev)) 44*12508Samw@Sun.COM extern int ad_debug[AD_DEBUG_MAX + 1]; 45*12508Samw@Sun.COM 468040SBaban.Kenkre@Sun.COM #define ADUTILS_SEARCH_TIMEOUT 3 478040SBaban.Kenkre@Sun.COM #define ADUTILS_LDAP_OPEN_TIMEOUT 1 488040SBaban.Kenkre@Sun.COM 498361SJulian.Pullen@Sun.COM 508040SBaban.Kenkre@Sun.COM typedef struct adutils_sid { 518040SBaban.Kenkre@Sun.COM uchar_t version; 528040SBaban.Kenkre@Sun.COM uchar_t sub_authority_count; 538040SBaban.Kenkre@Sun.COM uint64_t authority; /* really, 48-bits */ 548040SBaban.Kenkre@Sun.COM uint32_t sub_authorities[ADUTILS_SID_MAX_SUB_AUTHORITIES]; 558040SBaban.Kenkre@Sun.COM } adutils_sid_t; 568040SBaban.Kenkre@Sun.COM 578040SBaban.Kenkre@Sun.COM struct adutils_host; 588040SBaban.Kenkre@Sun.COM 598361SJulian.Pullen@Sun.COM struct known_domain { 608361SJulian.Pullen@Sun.COM char name[MAXDOMAINNAME]; 618671SJulian.Pullen@Sun.COM char sid[MAXSTRSID]; 628361SJulian.Pullen@Sun.COM }; 638361SJulian.Pullen@Sun.COM 648040SBaban.Kenkre@Sun.COM 658040SBaban.Kenkre@Sun.COM /* A set of DSs for a given AD partition */ 668040SBaban.Kenkre@Sun.COM struct adutils_ad { 678361SJulian.Pullen@Sun.COM int num_known_domains; 688361SJulian.Pullen@Sun.COM struct known_domain *known_domains; 698040SBaban.Kenkre@Sun.COM pthread_mutex_t lock; 708040SBaban.Kenkre@Sun.COM uint32_t ref; 718040SBaban.Kenkre@Sun.COM struct adutils_host *last_adh; 728040SBaban.Kenkre@Sun.COM adutils_ad_partition_t partition; /* Data or global catalog? */ 7310504SKeyur.Desai@Sun.COM /* If this is a reference to DC, this is the base DN for that DC */ 7410504SKeyur.Desai@Sun.COM char *basedn; 758040SBaban.Kenkre@Sun.COM }; 768040SBaban.Kenkre@Sun.COM 778040SBaban.Kenkre@Sun.COM typedef struct adutils_attr { 788040SBaban.Kenkre@Sun.COM char *attr_name; 798040SBaban.Kenkre@Sun.COM uint_t num_values; 808040SBaban.Kenkre@Sun.COM char **attr_values; 818040SBaban.Kenkre@Sun.COM } adutils_attr_t; 828040SBaban.Kenkre@Sun.COM 838040SBaban.Kenkre@Sun.COM /* typedef in libadutils.h */ 848040SBaban.Kenkre@Sun.COM struct adutils_entry { 858040SBaban.Kenkre@Sun.COM uint_t num_nvpairs; 868040SBaban.Kenkre@Sun.COM adutils_attr_t *attr_nvpairs; 878040SBaban.Kenkre@Sun.COM struct adutils_entry *next; 888040SBaban.Kenkre@Sun.COM }; 898040SBaban.Kenkre@Sun.COM 908040SBaban.Kenkre@Sun.COM /* typedef in libadutils.h */ 918040SBaban.Kenkre@Sun.COM struct adutils_result { 928040SBaban.Kenkre@Sun.COM uint_t num_entries; 938040SBaban.Kenkre@Sun.COM adutils_entry_t *entries; 948040SBaban.Kenkre@Sun.COM }; 958040SBaban.Kenkre@Sun.COM 968040SBaban.Kenkre@Sun.COM /* A single DS */ 978040SBaban.Kenkre@Sun.COM typedef struct adutils_host { 988040SBaban.Kenkre@Sun.COM struct adutils_host *next; 998040SBaban.Kenkre@Sun.COM struct adutils_ad *owner; /* ad_t to which this belongs */ 1008040SBaban.Kenkre@Sun.COM pthread_mutex_t lock; 1018040SBaban.Kenkre@Sun.COM LDAP *ld; /* LDAP connection */ 1028040SBaban.Kenkre@Sun.COM uint32_t ref; /* ref count */ 1038040SBaban.Kenkre@Sun.COM time_t idletime; /* time since last activity */ 1048040SBaban.Kenkre@Sun.COM int dead; /* error on LDAP connection */ 1058040SBaban.Kenkre@Sun.COM /* 1068040SBaban.Kenkre@Sun.COM * Used to distinguish between different instances of LDAP 1078040SBaban.Kenkre@Sun.COM * connections to this same DS. We need this so we never mix up 1088040SBaban.Kenkre@Sun.COM * results for a given msgID from one connection with those of 1098040SBaban.Kenkre@Sun.COM * another earlier connection where two batch state structures 1108040SBaban.Kenkre@Sun.COM * share this adutils_host object but used different LDAP connections 1118040SBaban.Kenkre@Sun.COM * to send their LDAP searches. 1128040SBaban.Kenkre@Sun.COM */ 1138040SBaban.Kenkre@Sun.COM uint64_t generation; 1148040SBaban.Kenkre@Sun.COM 1158040SBaban.Kenkre@Sun.COM /* LDAP DS info */ 1168040SBaban.Kenkre@Sun.COM char *host; 1178040SBaban.Kenkre@Sun.COM int port; 1188040SBaban.Kenkre@Sun.COM 1198040SBaban.Kenkre@Sun.COM /* hardwired to SASL GSSAPI only for now */ 1208040SBaban.Kenkre@Sun.COM char *saslmech; 1218040SBaban.Kenkre@Sun.COM unsigned saslflags; 1228040SBaban.Kenkre@Sun.COM 1238040SBaban.Kenkre@Sun.COM /* Number of outstanding search requests */ 1248040SBaban.Kenkre@Sun.COM uint32_t max_requests; 1258040SBaban.Kenkre@Sun.COM uint32_t num_requests; 1268040SBaban.Kenkre@Sun.COM } adutils_host_t; 1278040SBaban.Kenkre@Sun.COM 1288040SBaban.Kenkre@Sun.COM /* A place to put the results of a batched (async) query */ 1298040SBaban.Kenkre@Sun.COM typedef struct adutils_q { 1308040SBaban.Kenkre@Sun.COM const char *edomain; /* expected domain name */ 1318040SBaban.Kenkre@Sun.COM struct adutils_result **result; /* The LDAP search result */ 1328040SBaban.Kenkre@Sun.COM adutils_rc *rc; 1338040SBaban.Kenkre@Sun.COM int msgid; /* LDAP message ID */ 1348040SBaban.Kenkre@Sun.COM } adutils_q_t; 1358040SBaban.Kenkre@Sun.COM 1368040SBaban.Kenkre@Sun.COM /* Batch context structure */ 1378040SBaban.Kenkre@Sun.COM struct adutils_query_state { 1388040SBaban.Kenkre@Sun.COM struct adutils_query_state *next; 1398361SJulian.Pullen@Sun.COM int qsize; /* Size of queries */ 1408040SBaban.Kenkre@Sun.COM int ref_cnt; /* reference count */ 1418040SBaban.Kenkre@Sun.COM pthread_cond_t cv; /* Condition wait variable */ 1428361SJulian.Pullen@Sun.COM uint32_t qcount; /* Number of items queued */ 1438040SBaban.Kenkre@Sun.COM uint32_t qinflight; /* how many queries in flight */ 1448040SBaban.Kenkre@Sun.COM uint16_t qdead; /* oops, lost LDAP connection */ 1458040SBaban.Kenkre@Sun.COM adutils_host_t *qadh; /* LDAP connection */ 1468040SBaban.Kenkre@Sun.COM uint64_t qadh_gen; /* same as qadh->generation */ 1478040SBaban.Kenkre@Sun.COM adutils_ldap_res_search_cb ldap_res_search_cb; 1488040SBaban.Kenkre@Sun.COM void *ldap_res_search_argp; 1498040SBaban.Kenkre@Sun.COM adutils_q_t queries[1]; /* array of query results */ 1508040SBaban.Kenkre@Sun.COM }; 1518040SBaban.Kenkre@Sun.COM 1528671SJulian.Pullen@Sun.COM /* Private routines */ 1538671SJulian.Pullen@Sun.COM 1548671SJulian.Pullen@Sun.COM char *DN_to_DNS(const char *dn_name); 1558671SJulian.Pullen@Sun.COM 1568671SJulian.Pullen@Sun.COM int adutils_getsid(BerValue *bval, adutils_sid_t *sidp); 1578671SJulian.Pullen@Sun.COM 1588671SJulian.Pullen@Sun.COM char *adutils_sid2txt(adutils_sid_t *sidp); 1598671SJulian.Pullen@Sun.COM 1608671SJulian.Pullen@Sun.COM int saslcallback(LDAP *ld, unsigned flags, void *defaults, void *prompts); 1618671SJulian.Pullen@Sun.COM 16210706SJulian.Pullen@Sun.COM int adutils_set_thread_functions(LDAP *ld); 16310706SJulian.Pullen@Sun.COM 1648671SJulian.Pullen@Sun.COM /* Global logger function */ 1658671SJulian.Pullen@Sun.COM 1668671SJulian.Pullen@Sun.COM extern adutils_logger logger; 1678671SJulian.Pullen@Sun.COM 1688040SBaban.Kenkre@Sun.COM #ifdef __cplusplus 1698040SBaban.Kenkre@Sun.COM } 1708040SBaban.Kenkre@Sun.COM #endif 1718040SBaban.Kenkre@Sun.COM 1728040SBaban.Kenkre@Sun.COM #endif /* _ADUTILS_IMPL_H */ 173