1 /* 2 Unix SMB/CIFS Implementation. 3 LDAP protocol helper functions for SAMBA 4 Copyright (C) Volker Lendecke 2004 5 6 This program is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License as published by 8 the Free Software Foundation; either version 2 of the License, or 9 (at your option) any later version. 10 11 This program is distributed in the hope that it will be useful, 12 but WITHOUT ANY WARRANTY; without even the implied warranty of 13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 GNU General Public License for more details. 15 16 You should have received a copy of the GNU General Public License 17 along with this program; if not, write to the Free Software 18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 19 20 */ 21 22 #ifndef _SMB_LDAP_H 23 #define _SMB_LDAP_H 24 25 #include "lib/ldb/include/ldb.h" 26 27 enum ldap_request_tag { 28 LDAP_TAG_BindRequest = 0, 29 LDAP_TAG_BindResponse = 1, 30 LDAP_TAG_UnbindRequest = 2, 31 LDAP_TAG_SearchRequest = 3, 32 LDAP_TAG_SearchResultEntry = 4, 33 LDAP_TAG_SearchResultDone = 5, 34 LDAP_TAG_ModifyRequest = 6, 35 LDAP_TAG_ModifyResponse = 7, 36 LDAP_TAG_AddRequest = 8, 37 LDAP_TAG_AddResponse = 9, 38 LDAP_TAG_DelRequest = 10, 39 LDAP_TAG_DelResponse = 11, 40 LDAP_TAG_ModifyDNRequest = 12, 41 LDAP_TAG_ModifyDNResponse = 13, 42 LDAP_TAG_CompareRequest = 14, 43 LDAP_TAG_CompareResponse = 15, 44 LDAP_TAG_AbandonRequest = 16, 45 LDAP_TAG_SearchResultReference = 19, 46 LDAP_TAG_ExtendedRequest = 23, 47 LDAP_TAG_ExtendedResponse = 24 48 }; 49 50 enum ldap_auth_mechanism { 51 LDAP_AUTH_MECH_SIMPLE = 0, 52 LDAP_AUTH_MECH_SASL = 3 53 }; 54 55 enum ldap_result_code { 56 LDAP_SUCCESS = 0, 57 LDAP_OPERATIONS_ERROR = 1, 58 LDAP_PROTOCOL_ERROR = 2, 59 LDAP_TIME_LIMIT_EXCEEDED = 3, 60 LDAP_SIZE_LIMIT_EXCEEDED = 4, 61 LDAP_COMPARE_FALSE = 5, 62 LDAP_COMPARE_TRUE = 6, 63 LDAP_AUTH_METHOD_NOT_SUPPORTED = 7, 64 LDAP_STRONG_AUTH_REQUIRED = 8, 65 LDAP_REFERRAL = 10, 66 LDAP_ADMIN_LIMIT_EXCEEDED = 11, 67 LDAP_UNAVAILABLE_CRITICAL_EXTENSION = 12, 68 LDAP_CONFIDENTIALITY_REQUIRED = 13, 69 LDAP_SASL_BIND_IN_PROGRESS = 14, 70 LDAP_NO_SUCH_ATTRIBUTE = 16, 71 LDAP_UNDEFINED_ATTRIBUTE_TYPE = 17, 72 LDAP_INAPPROPRIATE_MATCHING = 18, 73 LDAP_CONSTRAINT_VIOLATION = 19, 74 LDAP_ATTRIBUTE_OR_VALUE_EXISTS = 20, 75 LDAP_INVALID_ATTRIBUTE_SYNTAX = 21, 76 LDAP_NO_SUCH_OBJECT = 32, 77 LDAP_ALIAS_PROBLEM = 33, 78 LDAP_INVALID_DN_SYNTAX = 34, 79 LDAP_ALIAS_DEREFERENCING_PROBLEM = 36, 80 LDAP_INAPPROPRIATE_AUTHENTICATION = 48, 81 LDAP_INVALID_CREDENTIALS = 49, 82 LDAP_INSUFFICIENT_ACCESS_RIGHTs = 50, 83 LDAP_BUSY = 51, 84 LDAP_UNAVAILABLE = 52, 85 LDAP_UNWILLING_TO_PERFORM = 53, 86 LDAP_LOOP_DETECT = 54, 87 LDAP_NAMING_VIOLATION = 64, 88 LDAP_OBJECT_CLASS_VIOLATION = 65, 89 LDAP_NOT_ALLOWED_ON_NON_LEAF = 66, 90 LDAP_NOT_ALLOWED_ON_RDN = 67, 91 LDAP_ENTRY_ALREADY_EXISTS = 68, 92 LDAP_OBJECT_CLASS_MODS_PROHIBITED = 69, 93 LDAP_AFFECTS_MULTIPLE_DSAS = 71, 94 LDAP_OTHER = 80 95 }; 96 97 struct ldap_Result { 98 int resultcode; 99 const char *dn; 100 const char *errormessage; 101 const char *referral; 102 }; 103 104 struct ldap_BindRequest { 105 int version; 106 const char *dn; 107 enum ldap_auth_mechanism mechanism; 108 union { 109 const char *password; 110 struct { 111 const char *mechanism; 112 DATA_BLOB *secblob;/* optional */ 113 } SASL; 114 } creds; 115 }; 116 117 struct ldap_BindResponse { 118 struct ldap_Result response; 119 union { 120 DATA_BLOB *secblob;/* optional */ 121 } SASL; 122 }; 123 124 struct ldap_UnbindRequest { 125 uint8_t __dummy; 126 }; 127 128 enum ldap_scope { 129 LDAP_SEARCH_SCOPE_BASE = 0, 130 LDAP_SEARCH_SCOPE_SINGLE = 1, 131 LDAP_SEARCH_SCOPE_SUB = 2 132 }; 133 134 enum ldap_deref { 135 LDAP_DEREFERENCE_NEVER = 0, 136 LDAP_DEREFERENCE_IN_SEARCHING = 1, 137 LDAP_DEREFERENCE_FINDING_BASE = 2, 138 LDAP_DEREFERENCE_ALWAYS 139 }; 140 141 struct ldap_SearchRequest { 142 const char *basedn; 143 enum ldap_scope scope; 144 enum ldap_deref deref; 145 uint32_t timelimit; 146 uint32_t sizelimit; 147 BOOL attributesonly; 148 struct ldb_parse_tree *tree; 149 int num_attributes; 150 const char **attributes; 151 }; 152 153 struct ldap_SearchResEntry { 154 const char *dn; 155 int num_attributes; 156 struct ldb_message_element *attributes; 157 }; 158 159 struct ldap_SearchResRef { 160 const char *referral; 161 }; 162 163 enum ldap_modify_type { 164 LDAP_MODIFY_NONE = -1, 165 LDAP_MODIFY_ADD = 0, 166 LDAP_MODIFY_DELETE = 1, 167 LDAP_MODIFY_REPLACE = 2 168 }; 169 170 struct ldap_mod { 171 enum ldap_modify_type type; 172 struct ldb_message_element attrib; 173 }; 174 175 struct ldap_ModifyRequest { 176 const char *dn; 177 int num_mods; 178 struct ldap_mod *mods; 179 }; 180 181 struct ldap_AddRequest { 182 const char *dn; 183 int num_attributes; 184 struct ldb_message_element *attributes; 185 }; 186 187 struct ldap_DelRequest { 188 const char *dn; 189 }; 190 191 struct ldap_ModifyDNRequest { 192 const char *dn; 193 const char *newrdn; 194 BOOL deleteolddn; 195 const char *newsuperior;/* optional */ 196 }; 197 198 struct ldap_CompareRequest { 199 const char *dn; 200 const char *attribute; 201 DATA_BLOB value; 202 }; 203 204 struct ldap_AbandonRequest { 205 uint32_t messageid; 206 }; 207 208 struct ldap_ExtendedRequest { 209 const char *oid; 210 DATA_BLOB *value;/* optional */ 211 }; 212 213 struct ldap_ExtendedResponse { 214 struct ldap_Result response; 215 const char *oid;/* optional */ 216 DATA_BLOB *value;/* optional */ 217 }; 218 219 union ldap_Request { 220 struct ldap_Result GeneralResult; 221 struct ldap_BindRequest BindRequest; 222 struct ldap_BindResponse BindResponse; 223 struct ldap_UnbindRequest UnbindRequest; 224 struct ldap_SearchRequest SearchRequest; 225 struct ldap_SearchResEntry SearchResultEntry; 226 struct ldap_Result SearchResultDone; 227 struct ldap_SearchResRef SearchResultReference; 228 struct ldap_ModifyRequest ModifyRequest; 229 struct ldap_Result ModifyResponse; 230 struct ldap_AddRequest AddRequest; 231 struct ldap_Result AddResponse; 232 struct ldap_DelRequest DelRequest; 233 struct ldap_Result DelResponse; 234 struct ldap_ModifyDNRequest ModifyDNRequest; 235 struct ldap_Result ModifyDNResponse; 236 struct ldap_CompareRequest CompareRequest; 237 struct ldap_Result CompareResponse; 238 struct ldap_AbandonRequest AbandonRequest; 239 struct ldap_ExtendedRequest ExtendedRequest; 240 struct ldap_ExtendedResponse ExtendedResponse; 241 }; 242 243 struct ldap_message { 244 int messageid; 245 enum ldap_request_tag type; 246 union ldap_Request r; 247 struct ldb_control **controls; 248 }; 249 250 struct event_context; 251 struct cli_credentials; 252 struct dom_sid; 253 struct asn1_data; 254 255 #include "libcli/ldap/ldap_proto.h" 256 257 #endif 258