xref: /dports/www/firefox-legacy/firefox-52.8.0esr/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapt.h

/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#ifndef _LDAP_H_
#define _LDAP_H_

#include "certt.h"
#include "pkixt.h"

#ifdef __cplusplus
extern "C" {
#endif

extern const SEC_ASN1Template PKIX_PL_LDAPCrossCertPairTemplate[];
SEC_ASN1_CHOOSER_DECLARE(PKIX_PL_LDAPCrossCertPairTemplate)
extern const SEC_ASN1Template PKIX_PL_LDAPMessageTemplate[];
SEC_ASN1_CHOOSER_DECLARE(PKIX_PL_LDAPMessageTemplate)
extern const SEC_ASN1Template LDAPFilterTemplate[];
SEC_ASN1_CHOOSER_DECLARE(LDAPFilterTemplate)

/* ********************************************************************** */

#define SEC_ASN1_LDAP_STRING SEC_ASN1_OCTET_STRING

#define LDAPATTR_CACERT         (1<<0)
#define LDAPATTR_USERCERT       (1<<1)
#define LDAPATTR_CROSSPAIRCERT  (1<<2)
#define LDAPATTR_CERTREVLIST    (1<<3)
#define LDAPATTR_AUTHREVLIST    (1<<4)
#define MAX_LDAPATTRS                   5
typedef PKIX_UInt32 LdapAttrMask;

typedef enum {
        SIMPLE_AUTH                     = 0,
        KRBV42LDAP_AUTH                 = 1,
        KRBV42DSA_AUTH                  = 2
} AuthType;

typedef enum {
        BASE_OBJECT                     = 0,
        SINGLE_LEVEL                    = 1,
        WHOLE_SUBTREE                   = 2
} ScopeType;

typedef enum {
        NEVER_DEREF                     = 0,
        DEREF_IN_SEARCHING              = 1,
        DEREF_FINDING_BASEOBJ           = 2,
        ALWAYS_DEREF                    = 3
} DerefType;

typedef enum {
        LDAP_INITIALSUBSTRING_TYPE      = 0,
        LDAP_ANYSUBSTRING_TYPE          = 1,
        LDAP_FINALSUBSTRING_TYPE        = 2
} LDAPSubstringFilterType;

typedef enum {
        LDAP_ANDFILTER_TYPE             = 0,
        LDAP_ORFILTER_TYPE              = 1,
        LDAP_NOTFILTER_TYPE             = 2,
        LDAP_EQUALFILTER_TYPE           = 3,
        LDAP_SUBSTRINGFILTER_TYPE       = 4,
        LDAP_GREATEROREQUALFILTER_TYPE  = 5,
        LDAP_LESSOREQUALFILTER_TYPE     = 6,
        LDAP_PRESENTFILTER_TYPE         = 7,
        LDAP_APPROXMATCHFILTER_TYPE     = 8
} LDAPFilterType;

typedef enum {
        LDAP_BIND_TYPE                  = 0,
        LDAP_BINDRESPONSE_TYPE          = 1,
        LDAP_UNBIND_TYPE                = 2,
        LDAP_SEARCH_TYPE                = 3,
        LDAP_SEARCHRESPONSEENTRY_TYPE   = 4,
        LDAP_SEARCHRESPONSERESULT_TYPE  = 5,
        LDAP_ABANDONREQUEST_TYPE        = 16
} LDAPMessageType;

typedef enum {
        SUCCESS                         = 0,
        OPERATIONSERROR                 = 1,
        PROTOCOLERROR                   = 2,
        TIMELIMITEXCEEDED               = 3,
        SIZELIMITEXCEEDED               = 4,
        COMPAREFALSE                    = 5,
        COMPARETRUE                     = 6,
        AUTHMETHODNOTSUPPORTED          = 7,
        STRONGAUTHREQUIRED              = 8,
        NOSUCHATTRIBUTE                 = 16,
        UNDEFINEDATTRIBUTETYPE          = 17,
        INAPPROPRIATEMATCHING           = 18,
        CONSTRAINTVIOLATION             = 19,
        ATTRIBUTEORVALUEEXISTS          = 20,
        INVALIDATTRIBUTESYNTAX          = 21,
        NOSUCHOBJECT                    = 32,
        ALIASPROBLEM                    = 33,
        INVALIDDNSYNTAX                 = 34,
        ISLEAF                          = 35,
        ALIASDEREFERENCINGPROBLEM       = 36,
        INAPPROPRIATEAUTHENTICATION     = 48,
        INVALIDCREDENTIALS              = 49,
        INSUFFICIENTACCESSRIGHTS        = 50,
        BUSY                            = 51,
        UNAVAILABLE                     = 52,
        UNWILLINGTOPERFORM              = 53,
        LOOPDETECT                      = 54,
        NAMINGVIOLATION                 = 64,
        OBJECTCLASSVIOLATION            = 65,
        NOTALLOWEDONNONLEAF             = 66,
        NOTALLOWEDONRDN                 = 67,
        ENTRYALREADYEXISTS              = 68,
        OBJECTCLASSMODSPROHIBITED       = 69,
        OTHER                           = 80
} LDAPResultCode;

typedef struct LDAPLocationStruct                LDAPLocation;
typedef struct LDAPCertPairStruct                LDAPCertPair;
typedef struct LDAPSimpleBindStruct              LDAPSimpleBind;
typedef struct LDAPBindAPIStruct                 LDAPBindAPI;
typedef struct LDAPBindStruct                    LDAPBind;
typedef struct LDAPResultStruct                  LDAPBindResponse;
typedef struct LDAPResultStruct                  LDAPResult;
typedef struct LDAPSearchResponseAttrStruct      LDAPSearchResponseAttr;
typedef struct LDAPSearchResponseEntryStruct     LDAPSearchResponseEntry;
typedef struct LDAPResultStruct                  LDAPSearchResponseResult;
typedef struct LDAPUnbindStruct                  LDAPUnbind;
typedef struct LDAPFilterStruct                  LDAPFilter;
typedef struct LDAPAndFilterStruct               LDAPAndFilter;
typedef struct LDAPNotFilterStruct               LDAPNotFilter;
typedef struct LDAPSubstringStruct               LDAPSubstring;
typedef struct LDAPSubstringFilterStruct         LDAPSubstringFilter;
typedef struct LDAPPresentFilterStruct           LDAPPresentFilter;
typedef struct LDAPAttributeValueAssertionStruct LDAPAttributeValueAssertion;
typedef struct LDAPNameComponentStruct           LDAPNameComponent;
typedef struct LDAPRequestParamsStruct           LDAPRequestParams;
typedef struct LDAPSearchStruct                  LDAPSearch;
typedef struct LDAPAbandonRequestStruct          LDAPAbandonRequest;
typedef struct protocolOpStruct                  LDAPProtocolOp;
typedef struct LDAPMessageStruct                 LDAPMessage;
typedef LDAPAndFilter                            LDAPOrFilter;
typedef LDAPAttributeValueAssertion              LDAPEqualFilter;
typedef LDAPAttributeValueAssertion              LDAPGreaterOrEqualFilter;
typedef LDAPAttributeValueAssertion              LDAPLessOrEqualFilter;
typedef LDAPAttributeValueAssertion              LDAPApproxMatchFilter;

struct LDAPLocationStruct {
        PLArenaPool *arena;
        void *serverSite;
        void **filterString;
        void **attrBitString;
};

struct LDAPCertPairStruct {
        SECItem forward;
        SECItem reverse;
};

struct LDAPSimpleBindStruct {
        char *bindName;
        char *authentication;
};

struct LDAPBindAPIStruct {
        AuthType selector;
        union {
                LDAPSimpleBind simple;
        } chooser;
};

struct LDAPBindStruct {
        SECItem version;
        SECItem bindName;
        SECItem authentication;
};

struct LDAPResultStruct {
        SECItem resultCode;
        SECItem matchedDN;
        SECItem errorMessage;
};

struct LDAPSearchResponseAttrStruct {
        SECItem attrType;
        SECItem **val;
};

struct LDAPSearchResponseEntryStruct {
        SECItem objectName;
        LDAPSearchResponseAttr **attributes;
};

struct LDAPUnbindStruct {
        SECItem dummy;
};

struct LDAPAndFilterStruct {
        LDAPFilter **filters;
};

struct LDAPNotFilterStruct {
        LDAPFilter *filter;
};

struct LDAPSubstringStruct {
        LDAPSubstringFilterType selector;
        SECItem item;
};

struct LDAPSubstringFilterStruct {
        SECItem attrType;
        LDAPSubstring *strings;
};

struct LDAPPresentFilterStruct {
        SECItem attrType;
};

struct LDAPAttributeValueAssertionStruct {
        SECItem attrType;
        SECItem attrValue;
};

struct LDAPFilterStruct {
        LDAPFilterType selector;
        union {
                LDAPAndFilter andFilter;
                LDAPOrFilter orFilter;
                LDAPNotFilter notFilter;
                LDAPEqualFilter equalFilter;
                LDAPSubstringFilter substringFilter;
                LDAPGreaterOrEqualFilter greaterOrEqualFilter;
                LDAPLessOrEqualFilter lessOrEqualFilter;
                LDAPPresentFilter presentFilter;
                LDAPApproxMatchFilter approxMatchFilter;
        } filter;
};

struct LDAPNameComponentStruct {
        unsigned char *attrType;
        unsigned char *attrValue;
};

struct LDAPRequestParamsStruct {
        char *baseObject;          /* e.g. "c=US" */
        ScopeType scope;
        DerefType derefAliases;
        PKIX_UInt32 sizeLimit;     /* 0 = no limit */
        PRIntervalTime timeLimit;  /* 0 = no limit */
        LDAPNameComponent **nc; /* e.g. {{"cn","xxx"},{"o","yyy"},NULL} */
        LdapAttrMask attributes;
};

struct LDAPSearchStruct {
        SECItem baseObject;
        SECItem scope;
        SECItem derefAliases;
        SECItem sizeLimit;
        SECItem timeLimit;
        SECItem attrsOnly;
        LDAPFilter filter;
        SECItem **attributes;
};

struct LDAPAbandonRequestStruct {
        SECItem messageID;
};

struct protocolOpStruct {
        LDAPMessageType selector;
        union {
                LDAPBind bindMsg;
                LDAPBindResponse bindResponseMsg;
                LDAPUnbind unbindMsg;
                LDAPSearch searchMsg;
                LDAPSearchResponseEntry searchResponseEntryMsg;
                LDAPSearchResponseResult searchResponseResultMsg;
                LDAPAbandonRequest abandonRequestMsg;
        } op;
};

struct LDAPMessageStruct {
        SECItem messageID;
        LDAPProtocolOp protocolOp;
};

typedef struct PKIX_PL_LdapClientStruct PKIX_PL_LdapClient;

typedef PKIX_Error *
(*PKIX_PL_LdapClient_InitiateFcn)(
        PKIX_PL_LdapClient *client,
        LDAPRequestParams *requestParams,
        void **pNBIO,
        PKIX_List **pResponse,
        void *plContext);

typedef PKIX_Error *
(*PKIX_PL_LdapClient_ResumeFcn)(
        PKIX_PL_LdapClient *client,
        void **pNBIO,
        PKIX_List **pResponse,
        void *plContext);

struct PKIX_PL_LdapClientStruct {
        PKIX_PL_LdapClient_InitiateFcn initiateFcn;
        PKIX_PL_LdapClient_ResumeFcn resumeFcn;
};

#ifdef __cplusplus
}
#endif

#endif