1*8040SBaban.Kenkre@Sun.COM /* 2*8040SBaban.Kenkre@Sun.COM * CDDL HEADER START 3*8040SBaban.Kenkre@Sun.COM * 4*8040SBaban.Kenkre@Sun.COM * The contents of this file are subject to the terms of the 5*8040SBaban.Kenkre@Sun.COM * Common Development and Distribution License (the "License"). 6*8040SBaban.Kenkre@Sun.COM * You may not use this file except in compliance with the License. 7*8040SBaban.Kenkre@Sun.COM * 8*8040SBaban.Kenkre@Sun.COM * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9*8040SBaban.Kenkre@Sun.COM * or http://www.opensolaris.org/os/licensing. 10*8040SBaban.Kenkre@Sun.COM * See the License for the specific language governing permissions 11*8040SBaban.Kenkre@Sun.COM * and limitations under the License. 12*8040SBaban.Kenkre@Sun.COM * 13*8040SBaban.Kenkre@Sun.COM * When distributing Covered Code, include this CDDL HEADER in each 14*8040SBaban.Kenkre@Sun.COM * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15*8040SBaban.Kenkre@Sun.COM * If applicable, add the following below this CDDL HEADER, with the 16*8040SBaban.Kenkre@Sun.COM * fields enclosed by brackets "[]" replaced with your own identifying 17*8040SBaban.Kenkre@Sun.COM * information: Portions Copyright [yyyy] [name of copyright owner] 18*8040SBaban.Kenkre@Sun.COM * 19*8040SBaban.Kenkre@Sun.COM * CDDL HEADER END 20*8040SBaban.Kenkre@Sun.COM */ 21*8040SBaban.Kenkre@Sun.COM /* 22*8040SBaban.Kenkre@Sun.COM * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 23*8040SBaban.Kenkre@Sun.COM * Use is subject to license terms. 24*8040SBaban.Kenkre@Sun.COM */ 25*8040SBaban.Kenkre@Sun.COM 26*8040SBaban.Kenkre@Sun.COM #ifndef _ADUTILS_IMPL_H 27*8040SBaban.Kenkre@Sun.COM #define _ADUTILS_IMPL_H 28*8040SBaban.Kenkre@Sun.COM 29*8040SBaban.Kenkre@Sun.COM #include <stdlib.h> 30*8040SBaban.Kenkre@Sun.COM #include <stdio.h> 31*8040SBaban.Kenkre@Sun.COM #include <sys/types.h> 32*8040SBaban.Kenkre@Sun.COM #include <ldap.h> 33*8040SBaban.Kenkre@Sun.COM #include <pthread.h> 34*8040SBaban.Kenkre@Sun.COM #include "addisc.h" 35*8040SBaban.Kenkre@Sun.COM #include "idmap_priv.h" 36*8040SBaban.Kenkre@Sun.COM #include "idmap_prot.h" 37*8040SBaban.Kenkre@Sun.COM #include "libadutils.h" 38*8040SBaban.Kenkre@Sun.COM 39*8040SBaban.Kenkre@Sun.COM #ifdef __cplusplus 40*8040SBaban.Kenkre@Sun.COM extern "C" { 41*8040SBaban.Kenkre@Sun.COM #endif 42*8040SBaban.Kenkre@Sun.COM 43*8040SBaban.Kenkre@Sun.COM #define ADUTILS_SEARCH_TIMEOUT 3 44*8040SBaban.Kenkre@Sun.COM #define ADUTILS_LDAP_OPEN_TIMEOUT 1 45*8040SBaban.Kenkre@Sun.COM 46*8040SBaban.Kenkre@Sun.COM typedef struct adutils_sid { 47*8040SBaban.Kenkre@Sun.COM uchar_t version; 48*8040SBaban.Kenkre@Sun.COM uchar_t sub_authority_count; 49*8040SBaban.Kenkre@Sun.COM uint64_t authority; /* really, 48-bits */ 50*8040SBaban.Kenkre@Sun.COM uint32_t sub_authorities[ADUTILS_SID_MAX_SUB_AUTHORITIES]; 51*8040SBaban.Kenkre@Sun.COM } adutils_sid_t; 52*8040SBaban.Kenkre@Sun.COM 53*8040SBaban.Kenkre@Sun.COM struct adutils_host; 54*8040SBaban.Kenkre@Sun.COM 55*8040SBaban.Kenkre@Sun.COM 56*8040SBaban.Kenkre@Sun.COM /* A set of DSs for a given AD partition */ 57*8040SBaban.Kenkre@Sun.COM struct adutils_ad { 58*8040SBaban.Kenkre@Sun.COM char *dflt_w2k_dom; /* used to qualify bare names */ 59*8040SBaban.Kenkre@Sun.COM pthread_mutex_t lock; 60*8040SBaban.Kenkre@Sun.COM uint32_t ref; 61*8040SBaban.Kenkre@Sun.COM struct adutils_host *last_adh; 62*8040SBaban.Kenkre@Sun.COM adutils_ad_partition_t partition; /* Data or global catalog? */ 63*8040SBaban.Kenkre@Sun.COM }; 64*8040SBaban.Kenkre@Sun.COM 65*8040SBaban.Kenkre@Sun.COM typedef struct adutils_attr { 66*8040SBaban.Kenkre@Sun.COM char *attr_name; 67*8040SBaban.Kenkre@Sun.COM uint_t num_values; 68*8040SBaban.Kenkre@Sun.COM char **attr_values; 69*8040SBaban.Kenkre@Sun.COM } adutils_attr_t; 70*8040SBaban.Kenkre@Sun.COM 71*8040SBaban.Kenkre@Sun.COM /* typedef in libadutils.h */ 72*8040SBaban.Kenkre@Sun.COM struct adutils_entry { 73*8040SBaban.Kenkre@Sun.COM uint_t num_nvpairs; 74*8040SBaban.Kenkre@Sun.COM adutils_attr_t *attr_nvpairs; 75*8040SBaban.Kenkre@Sun.COM struct adutils_entry *next; 76*8040SBaban.Kenkre@Sun.COM }; 77*8040SBaban.Kenkre@Sun.COM 78*8040SBaban.Kenkre@Sun.COM /* typedef in libadutils.h */ 79*8040SBaban.Kenkre@Sun.COM struct adutils_result { 80*8040SBaban.Kenkre@Sun.COM uint_t num_entries; 81*8040SBaban.Kenkre@Sun.COM adutils_entry_t *entries; 82*8040SBaban.Kenkre@Sun.COM }; 83*8040SBaban.Kenkre@Sun.COM 84*8040SBaban.Kenkre@Sun.COM /* A single DS */ 85*8040SBaban.Kenkre@Sun.COM typedef struct adutils_host { 86*8040SBaban.Kenkre@Sun.COM struct adutils_host *next; 87*8040SBaban.Kenkre@Sun.COM struct adutils_ad *owner; /* ad_t to which this belongs */ 88*8040SBaban.Kenkre@Sun.COM pthread_mutex_t lock; 89*8040SBaban.Kenkre@Sun.COM LDAP *ld; /* LDAP connection */ 90*8040SBaban.Kenkre@Sun.COM uint32_t ref; /* ref count */ 91*8040SBaban.Kenkre@Sun.COM time_t idletime; /* time since last activity */ 92*8040SBaban.Kenkre@Sun.COM int dead; /* error on LDAP connection */ 93*8040SBaban.Kenkre@Sun.COM /* 94*8040SBaban.Kenkre@Sun.COM * Used to distinguish between different instances of LDAP 95*8040SBaban.Kenkre@Sun.COM * connections to this same DS. We need this so we never mix up 96*8040SBaban.Kenkre@Sun.COM * results for a given msgID from one connection with those of 97*8040SBaban.Kenkre@Sun.COM * another earlier connection where two batch state structures 98*8040SBaban.Kenkre@Sun.COM * share this adutils_host object but used different LDAP connections 99*8040SBaban.Kenkre@Sun.COM * to send their LDAP searches. 100*8040SBaban.Kenkre@Sun.COM */ 101*8040SBaban.Kenkre@Sun.COM uint64_t generation; 102*8040SBaban.Kenkre@Sun.COM 103*8040SBaban.Kenkre@Sun.COM /* LDAP DS info */ 104*8040SBaban.Kenkre@Sun.COM char *host; 105*8040SBaban.Kenkre@Sun.COM int port; 106*8040SBaban.Kenkre@Sun.COM 107*8040SBaban.Kenkre@Sun.COM /* hardwired to SASL GSSAPI only for now */ 108*8040SBaban.Kenkre@Sun.COM char *saslmech; 109*8040SBaban.Kenkre@Sun.COM unsigned saslflags; 110*8040SBaban.Kenkre@Sun.COM 111*8040SBaban.Kenkre@Sun.COM /* Number of outstanding search requests */ 112*8040SBaban.Kenkre@Sun.COM uint32_t max_requests; 113*8040SBaban.Kenkre@Sun.COM uint32_t num_requests; 114*8040SBaban.Kenkre@Sun.COM } adutils_host_t; 115*8040SBaban.Kenkre@Sun.COM 116*8040SBaban.Kenkre@Sun.COM /* A place to put the results of a batched (async) query */ 117*8040SBaban.Kenkre@Sun.COM typedef struct adutils_q { 118*8040SBaban.Kenkre@Sun.COM const char *edomain; /* expected domain name */ 119*8040SBaban.Kenkre@Sun.COM struct adutils_result **result; /* The LDAP search result */ 120*8040SBaban.Kenkre@Sun.COM adutils_rc *rc; 121*8040SBaban.Kenkre@Sun.COM int msgid; /* LDAP message ID */ 122*8040SBaban.Kenkre@Sun.COM } adutils_q_t; 123*8040SBaban.Kenkre@Sun.COM 124*8040SBaban.Kenkre@Sun.COM /* Batch context structure */ 125*8040SBaban.Kenkre@Sun.COM struct adutils_query_state { 126*8040SBaban.Kenkre@Sun.COM struct adutils_query_state *next; 127*8040SBaban.Kenkre@Sun.COM int qcount; /* how many queries */ 128*8040SBaban.Kenkre@Sun.COM int ref_cnt; /* reference count */ 129*8040SBaban.Kenkre@Sun.COM pthread_cond_t cv; /* Condition wait variable */ 130*8040SBaban.Kenkre@Sun.COM uint32_t qlastsent; 131*8040SBaban.Kenkre@Sun.COM uint32_t qinflight; /* how many queries in flight */ 132*8040SBaban.Kenkre@Sun.COM uint16_t qdead; /* oops, lost LDAP connection */ 133*8040SBaban.Kenkre@Sun.COM adutils_host_t *qadh; /* LDAP connection */ 134*8040SBaban.Kenkre@Sun.COM uint64_t qadh_gen; /* same as qadh->generation */ 135*8040SBaban.Kenkre@Sun.COM adutils_ldap_res_search_cb ldap_res_search_cb; 136*8040SBaban.Kenkre@Sun.COM void *ldap_res_search_argp; 137*8040SBaban.Kenkre@Sun.COM char *default_domain; 138*8040SBaban.Kenkre@Sun.COM char *basedn; 139*8040SBaban.Kenkre@Sun.COM adutils_q_t queries[1]; /* array of query results */ 140*8040SBaban.Kenkre@Sun.COM }; 141*8040SBaban.Kenkre@Sun.COM 142*8040SBaban.Kenkre@Sun.COM #ifdef __cplusplus 143*8040SBaban.Kenkre@Sun.COM } 144*8040SBaban.Kenkre@Sun.COM #endif 145*8040SBaban.Kenkre@Sun.COM 146*8040SBaban.Kenkre@Sun.COM #endif /* _ADUTILS_IMPL_H */ 147