xref: /openbsd/usr.sbin/ypldap/ypldap.h (revision 60eaea58)
1 /*	$OpenBSD: ypldap.h,v 1.25 2024/10/24 11:47:36 claudio Exp $ */
2 
3 /*
4  * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org>
5  *
6  * Permission to use, copy, modify, and distribute this software for any
7  * purpose with or without fee is hereby granted, provided that the above
8  * copyright notice and this permission notice appear in all copies.
9  *
10  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17  */
18 
19 #include <imsg.h>
20 #include <tls.h>
21 
22 #define YPLDAP_USER		"_ypldap"
23 #define YPLDAP_CONF_FILE	"/etc/ypldap.conf"
24 #define DEFAULT_INTERVAL	600
25 #define LINE_WIDTH		1024
26 #define FILTER_WIDTH		128
27 #define ATTR_WIDTH		32
28 
29 #define        MAX_SERVERS_DNS                 8
30 
31 enum imsg_type {
32 	IMSG_NONE,
33 	IMSG_CONF_START,
34 	IMSG_CONF_IDM,
35 	IMSG_CONF_END,
36 	IMSG_START_UPDATE,
37 	IMSG_END_UPDATE,
38 	IMSG_TRASH_UPDATE,
39 	IMSG_PW_ENTRY,
40 	IMSG_GRP_ENTRY,
41 	IMSG_HOST_DNS
42 };
43 
44 struct ypldap_addr {
45 	TAILQ_ENTRY(ypldap_addr)	 next;
46 	struct sockaddr_storage          ss;
47 };
48 TAILQ_HEAD(ypldap_addr_list, ypldap_addr);
49 
50 enum privsep_procid {
51 	PROC_MAIN,
52 	PROC_CLIENT
53 };
54 extern enum privsep_procid ypldap_process;
55 
56 static const char * const log_procnames[] = {
57 	"parent",
58 	"ldapclient"
59 };
60 
61 struct userent {
62 	RB_ENTRY(userent)		 ue_name_node;
63 	RB_ENTRY(userent)		 ue_uid_node;
64 	uid_t				 ue_uid;
65 	char				*ue_line;
66 	char				*ue_netid_line;
67 	gid_t				 ue_gid;
68 };
69 
70 struct groupent {
71 	RB_ENTRY(groupent)		 ge_name_node;
72 	RB_ENTRY(groupent)		 ge_gid_node;
73 	gid_t				 ge_gid;
74 	char				*ge_line;
75 };
76 
77 enum client_state {
78         STATE_NONE,
79         STATE_DNS_INPROGRESS,
80         STATE_DNS_TEMPFAIL,
81         STATE_DNS_DONE,
82 	STATE_LDAP_FAIL,
83 	STATE_LDAP_DONE
84 };
85 
86 /*
87  * beck, djm, dlg: pay attention to the struct name
88  */
89 struct idm {
90 	TAILQ_ENTRY(idm)		 idm_entry;
91 	u_int32_t                        idm_id;
92 	char				 idm_name[HOST_NAME_MAX+1];
93 #define F_SSL				 0x00100000
94 #define F_CONFIGURING			 0x00200000
95 #define F_NEEDAUTH			 0x00400000
96 #define F_STARTTLS			 0x00800000
97 #define F_FIXED_ATTR(n)			 (1<<n)
98 #define F_LIST(n)                        (1<<n)
99 	enum client_state		 idm_state;
100 	u_int32_t			 idm_flags; /* lower 20 reserved */
101 	u_int32_t			 idm_list;
102 	struct ypldap_addr_list		 idm_addr;
103 	in_port_t			 idm_port;
104 	int				 idm_bindext;
105 	char				 idm_binddn[LINE_WIDTH];
106 	char				 idm_bindextid[LINE_WIDTH];
107 	char				 idm_bindcred[LINE_WIDTH];
108 	char				 idm_basedn[LINE_WIDTH];
109 	char				 idm_groupdn[LINE_WIDTH];
110 #define FILTER_USER			 1
111 #define FILTER_GROUP			 0
112 	char				 idm_filters[2][FILTER_WIDTH];
113 #define ATTR_NAME			 0
114 #define ATTR_PASSWD			 1
115 #define ATTR_UID			 2
116 #define ATTR_GID			 3
117 #define ATTR_CLASS			 4
118 #define ATTR_CHANGE			 5
119 #define ATTR_EXPIRE			 6
120 #define ATTR_GECOS			 7
121 #define ATTR_DIR			 8
122 #define ATTR_SHELL			 9
123 #define ATTR_GR_NAME			 10
124 #define ATTR_GR_PASSWD			 11
125 #define ATTR_GR_GID			 12
126 #define ATTR_GR_MEMBERS			 13
127 #define ATTR_MAX			 10
128 #define ATTR_GR_MIN			 10
129 #define ATTR_GR_MAX			 14
130 	char				 idm_attrs[14][ATTR_WIDTH];
131 	struct env			*idm_env;
132 	struct tls_config		*idm_tls_config;
133 };
134 
135 struct idm_req {
136 	union {
137 		uid_t			 ik_uid;
138 		uid_t			 ik_gid;
139 	}				 ir_key;
140 	char				 ir_line[LINE_WIDTH];
141 };
142 
143 struct imsgev {
144 	struct imsgbuf		 ibuf;
145 	void			(*handler)(int, short, void *);
146 	struct event		 ev;
147 	void			*data;
148 	short			 events;
149 };
150 
151 enum bind_mode {
152 	BIND_MODE_PORTMAP,
153 	BIND_MODE_LOCAL
154 };
155 
156 struct env {
157 #define YPLDAP_OPT_VERBOSE		 0x01
158 #define YPLDAP_OPT_NOACTION		 0x02
159 	u_int8_t			 sc_opts;
160 #define YPMAP_PASSWD_BYNAME		 0x00000001
161 #define YPMAP_PASSWD_BYUID		 0x00000002
162 #define YPMAP_MASTER_PASSWD_BYNAME	 0x00000004
163 #define YPMAP_MASTER_PASSWD_BYUID	 0x00000008
164 #define YPMAP_GROUP_BYNAME		 0x00000010
165 #define YPMAP_GROUP_BYGID		 0x00000020
166 #define YPMAP_NETID_BYNAME		 0x00000040
167 	u_int32_t			 sc_flags;
168 
169 	u_int32_t			 sc_maxid;
170 
171 	char				 sc_domainname[HOST_NAME_MAX+1];
172 	enum bind_mode			 sc_bind_mode;
173 	struct timeval			 sc_conf_tv;
174 	struct event			 sc_conf_ev;
175 	char				*sc_cafile;
176 	TAILQ_HEAD(idm_list, idm)	 sc_idms;
177 	struct imsgev			*sc_iev;
178 	struct imsgev			*sc_iev_dns;
179 
180 	RB_HEAD(user_name_tree,userent)	 *sc_user_names;
181 	RB_HEAD(user_uid_tree,userent)	 sc_user_uids;
182 	RB_HEAD(group_name_tree,groupent)*sc_group_names;
183 	RB_HEAD(group_gid_tree,groupent) sc_group_gids;
184 	struct user_name_tree		 *sc_user_names_t;
185 	struct group_name_tree		 *sc_group_names_t;
186 	size_t				 sc_user_line_len;
187 	size_t				 sc_group_line_len;
188 	char				*sc_user_lines;
189 	char				*sc_group_lines;
190 
191 	struct yp_data			*sc_yp;
192 
193 	int				 update_trashed;
194 };
195 
196 /* parse.y */
197 int		 parse_config(struct env *, const char *, int);
198 int		 cmdline_symset(char *);
199 
200 /* ldapclient.c */
201 pid_t		 ldapclient(int [2]);
202 
203 /* ypldap.c */
204 void		 purge_config(struct env *);
205 void		 imsg_event_add(struct imsgev *);
206 int	 	 imsg_compose_event(struct imsgev *, u_int16_t, u_int32_t,
207 		    pid_t, int, void *, u_int16_t);
208 
209 /* entries.c */
210 void		 flatten_entries(struct env *);
211 int		 userent_name_cmp(struct userent *, struct userent *);
212 int		 userent_uid_cmp(struct userent *, struct userent *);
213 int		 groupent_name_cmp(struct groupent *, struct groupent *);
214 int		 groupent_gid_cmp(struct groupent *, struct groupent *);
215 RB_PROTOTYPE(	 user_name_tree, userent, ue_name_node, userent_name_cmp);
216 RB_PROTOTYPE(	 user_uid_tree, userent, ue_uid_node, userent_uid_cmp);
217 RB_PROTOTYPE(	 group_name_tree, groupent, ge_name_node, groupent_name_cmp);
218 RB_PROTOTYPE(	 group_gid_tree, groupent, ge_gid_node, groupent_gid_cmp);
219 
220 /* yp.c */
221 void		 yp_init(struct env *);
222 void		 yp_enable_events(void);
223 
224 /* ypldap_dns.c */
225 pid_t		 ypldap_dns(int[2], struct passwd *);
226