1 /* $OpenBSD: ypldap.h,v 1.10 2009/06/06 18:31:42 pyr Exp $ */ 2 3 /* 4 * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 #include <imsg.h> 20 21 #define YPLDAP_USER "_ypldap" 22 #define YPLDAP_CONF_FILE "/etc/ypldap.conf" 23 #define DEFAULT_INTERVAL 600 24 #define LINE_WIDTH 1024 25 #define FILTER_WIDTH 128 26 #define ATTR_WIDTH 32 27 28 #define MAX_SERVERS_DNS 8 29 30 enum imsg_type { 31 IMSG_NONE, 32 IMSG_CONF_START, 33 IMSG_CONF_IDM, 34 IMSG_CONF_END, 35 IMSG_START_UPDATE, 36 IMSG_END_UPDATE, 37 IMSG_TRASH_UPDATE, 38 IMSG_PW_ENTRY, 39 IMSG_GRP_ENTRY, 40 IMSG_HOST_DNS 41 }; 42 43 struct ypldap_addr { 44 struct ypldap_addr *next; 45 struct sockaddr_storage ss; 46 }; 47 48 enum { 49 PROC_MAIN, 50 PROC_CLIENT 51 } ypldap_process; 52 53 struct userent { 54 RB_ENTRY(userent) ue_name_node; 55 RB_ENTRY(userent) ue_uid_node; 56 uid_t ue_uid; 57 char *ue_line; 58 }; 59 60 struct groupent { 61 RB_ENTRY(groupent) ge_name_node; 62 RB_ENTRY(groupent) ge_gid_node; 63 gid_t ge_gid; 64 char *ge_line; 65 }; 66 67 enum client_state { 68 STATE_NONE, 69 STATE_DNS_INPROGRESS, 70 STATE_DNS_TEMPFAIL, 71 STATE_DNS_DONE, 72 STATE_LDAP_FAIL, 73 STATE_LDAP_DONE 74 }; 75 76 /* 77 * beck, djm, dlg: pay attention to the struct name 78 */ 79 struct idm { 80 TAILQ_ENTRY(idm) idm_entry; 81 u_int32_t idm_id; 82 char idm_name[MAXHOSTNAMELEN]; 83 #define F_SSL 0x00100000 84 #define F_CONFIGURING 0x00200000 85 #define F_NEEDAUTH 0x00400000 86 #define F_FIXED_ATTR(n) (1<<n) 87 #define F_LIST(n) (1<<n) 88 enum client_state idm_state; 89 u_int32_t idm_flags; /* lower 20 reserved */ 90 u_int32_t idm_list; 91 struct ypldap_addr *idm_addr; 92 in_port_t idm_port; 93 char idm_binddn[LINE_WIDTH]; 94 char idm_bindcred[LINE_WIDTH]; 95 char idm_basedn[LINE_WIDTH]; 96 #define FILTER_USER 1 97 #define FILTER_GROUP 0 98 char idm_filters[2][FILTER_WIDTH]; 99 #define ATTR_NAME 0 100 #define ATTR_PASSWD 1 101 #define ATTR_UID 2 102 #define ATTR_GID 3 103 #define ATTR_CLASS 4 104 #define ATTR_CHANGE 5 105 #define ATTR_EXPIRE 6 106 #define ATTR_GECOS 7 107 #define ATTR_DIR 8 108 #define ATTR_SHELL 9 109 #define ATTR_GR_NAME 10 110 #define ATTR_GR_PASSWD 11 111 #define ATTR_GR_GID 12 112 #define ATTR_GR_MEMBERS 13 113 #define ATTR_MAX 10 114 #define ATTR_GR_MIN 10 115 #define ATTR_GR_MAX 14 116 char idm_attrs[14][ATTR_WIDTH]; 117 struct env *idm_env; 118 struct event idm_ev; 119 #ifdef SSL 120 struct ssl *idm_ssl; 121 #endif 122 }; 123 124 struct idm_req { 125 union { 126 uid_t ik_uid; 127 uid_t ik_gid; 128 } ir_key; 129 char ir_line[LINE_WIDTH]; 130 }; 131 132 struct imsgev { 133 struct imsgbuf ibuf; 134 void (*handler)(int, short, void *); 135 struct event ev; 136 void *data; 137 short events; 138 }; 139 140 struct env { 141 #define YPLDAP_OPT_VERBOSE 0x01 142 #define YPLDAP_OPT_NOACTION 0x02 143 u_int8_t sc_opts; 144 #define YPMAP_PASSWD_BYNAME 0x00000001 145 #define YPMAP_PASSWD_BYUID 0x00000002 146 #define YPMAP_MASTER_PASSWD_BYNAME 0x00000004 147 #define YPMAP_MASTER_PASSWD_BYUID 0x00000008 148 #define YPMAP_GROUP_BYNAME 0x00000010 149 #define YPMAP_GROUP_BYGID 0x00000020 150 u_int32_t sc_flags; 151 152 u_int32_t sc_maxid; 153 154 char sc_domainname[MAXHOSTNAMELEN]; 155 struct timeval sc_conf_tv; 156 struct event sc_conf_ev; 157 TAILQ_HEAD(idm_list, idm) sc_idms; 158 struct imsgev *sc_iev; 159 struct imsgev *sc_iev_dns; 160 161 RB_HEAD(user_name_tree,userent) *sc_user_names; 162 RB_HEAD(user_uid_tree,userent) sc_user_uids; 163 RB_HEAD(group_name_tree,groupent)*sc_group_names; 164 RB_HEAD(group_gid_tree,groupent) sc_group_gids; 165 struct user_name_tree *sc_user_names_t; 166 struct group_name_tree *sc_group_names_t; 167 size_t sc_user_line_len; 168 size_t sc_group_line_len; 169 char *sc_user_lines; 170 char *sc_group_lines; 171 172 struct yp_data *sc_yp; 173 }; 174 175 /* log.c */ 176 void log_init(int); 177 void log_warn(const char *, ...); 178 void log_warnx(const char *, ...); 179 void log_info(const char *, ...); 180 void log_debug(const char *, ...); 181 __dead void fatal(const char *); 182 __dead void fatalx(const char *); 183 184 /* parse.y */ 185 int parse_config(struct env *, const char *, int); 186 int cmdline_symset(char *); 187 188 /* listener.c */ 189 void listener_setup(struct env *); 190 void listener_init(struct env *); 191 192 /* ldapclient.c */ 193 pid_t ldapclient(int []); 194 195 /* ypldap.c */ 196 void purge_config(struct env *); 197 void imsg_event_add(struct imsgev *); 198 int imsg_compose_event(struct imsgev *, u_int16_t, u_int32_t, 199 pid_t, int, void *, u_int16_t); 200 201 /* entries.c */ 202 void flatten_entries(struct env *); 203 int userent_name_cmp(struct userent *, struct userent *); 204 int userent_uid_cmp(struct userent *, struct userent *); 205 int groupent_name_cmp(struct groupent *, struct groupent *); 206 int groupent_gid_cmp(struct groupent *, struct groupent *); 207 RB_PROTOTYPE( user_name_tree, userent, ue_name_node, userent_name_cmp); 208 RB_PROTOTYPE( user_uid_tree, userent, ue_uid_node, userent_uid_cmp); 209 RB_PROTOTYPE( group_name_tree, groupent, ge_name_node, groupent_name_cmp); 210 RB_PROTOTYPE( group_gid_tree, groupent, ge_gid_node, groupent_gid_cmp); 211 212 /* yp.c */ 213 void yp_init(struct env *); 214 void yp_enable_events(void); 215 216 /* ypldap_dns.c */ 217 pid_t ypldap_dns(int[2], struct passwd *); 218