17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 545916cd2Sjpk * Common Development and Distribution License (the "License"). 645916cd2Sjpk * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 229f2fd570SJulian Pullen * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved. 23*695ef821SGordon Ross * Copyright 2017 Nexenta Systems, Inc. All rights reserved. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate #ifndef _LDAP_COMMON_H 277c478bd9Sstevel@tonic-gate #define _LDAP_COMMON_H 287c478bd9Sstevel@tonic-gate 297c478bd9Sstevel@tonic-gate #ifdef __cplusplus 307c478bd9Sstevel@tonic-gate extern "C" { 317c478bd9Sstevel@tonic-gate #endif 327c478bd9Sstevel@tonic-gate 337c478bd9Sstevel@tonic-gate #include <ctype.h> 347c478bd9Sstevel@tonic-gate #include <nss_dbdefs.h> 357c478bd9Sstevel@tonic-gate #include <stdlib.h> 367c478bd9Sstevel@tonic-gate #include <string.h> 377c478bd9Sstevel@tonic-gate #include <strings.h> 387c478bd9Sstevel@tonic-gate #include <signal.h> 397c478bd9Sstevel@tonic-gate #include <lber.h> 407c478bd9Sstevel@tonic-gate #include <ldap.h> 417c478bd9Sstevel@tonic-gate #include <pwd.h> 427c478bd9Sstevel@tonic-gate #include "ns_sldap.h" 437c478bd9Sstevel@tonic-gate 447c478bd9Sstevel@tonic-gate #define _ALIASES "aliases" 457c478bd9Sstevel@tonic-gate #define _AUTOMOUNT "automount" 467c478bd9Sstevel@tonic-gate #define _AUTHATTR "auth_attr" 477c478bd9Sstevel@tonic-gate #define _AUUSER "audit_user" 487c478bd9Sstevel@tonic-gate #define _BOOTPARAMS "bootparams" 497c478bd9Sstevel@tonic-gate #define _DEFAULT "default" 507c478bd9Sstevel@tonic-gate #define _ETHERS "ethers" 517c478bd9Sstevel@tonic-gate #define _EXECATTR "exec_attr" 527c478bd9Sstevel@tonic-gate #define _GROUP "group" 537c478bd9Sstevel@tonic-gate #define _PROJECT "project" 547c478bd9Sstevel@tonic-gate #define _HOSTS "hosts" 557c478bd9Sstevel@tonic-gate #define _HOSTS6 "hosts" 567c478bd9Sstevel@tonic-gate #define _NETGROUP "netgroup" 577c478bd9Sstevel@tonic-gate #define _NETMASKS "netmasks" 587c478bd9Sstevel@tonic-gate #define _NETWORKS "networks" 597c478bd9Sstevel@tonic-gate #define _PASSWD "passwd" 607c478bd9Sstevel@tonic-gate #define _PRINTERS "printers" 617c478bd9Sstevel@tonic-gate #define _PROFATTR "prof_attr" 627c478bd9Sstevel@tonic-gate #define _PROTOCOLS "protocols" 637c478bd9Sstevel@tonic-gate #define _PUBLICKEY "publickey" 647c478bd9Sstevel@tonic-gate #define _RPC "rpc" 657c478bd9Sstevel@tonic-gate #define _SERVICES "services" 667c478bd9Sstevel@tonic-gate #define _SHADOW "shadow" 677c478bd9Sstevel@tonic-gate #define _USERATTR "user_attr" 6845916cd2Sjpk #define _TNRHDB "tnrhdb" 6945916cd2Sjpk #define _TNRHTP "tnrhtp" 707c478bd9Sstevel@tonic-gate 717c478bd9Sstevel@tonic-gate #define NSS_STR_PARSE_NO_ADDR (NSS_STR_PARSE_ERANGE + 100) 729f2fd570SJulian Pullen #define NSS_STR_PARSE_NO_RESULT (NSS_STR_PARSE_ERANGE + 101) 737c478bd9Sstevel@tonic-gate 747c478bd9Sstevel@tonic-gate #define DOTTEDSUBDOMAIN(string) \ 757c478bd9Sstevel@tonic-gate ((string != NULL) && (strchr(string, '.') != NULL)) 767c478bd9Sstevel@tonic-gate #define SEARCHFILTERLEN 256 777c478bd9Sstevel@tonic-gate 78cb5caa98Sdjl #define _NO_VALUE "" 79cb5caa98Sdjl 80cb5caa98Sdjl #define TEST_AND_ADJUST(len, buffer, buflen, label) \ 81cb5caa98Sdjl /* Use '>=' to ensure there is at least one byte left for '\0' */ \ 82cb5caa98Sdjl if (len >= buflen || len < 0) { \ 83cb5caa98Sdjl nss_result = NSS_STR_PARSE_ERANGE; \ 84cb5caa98Sdjl goto label; \ 85cb5caa98Sdjl } \ 86cb5caa98Sdjl /* Adjust pointer and available buffer length */ \ 87cb5caa98Sdjl buffer += len; \ 88cb5caa98Sdjl buflen -= len; 89cb5caa98Sdjl 902b4a7802SBaban Kenkre /* 912b4a7802SBaban Kenkre * We need to use UID_NOBODY and GID_NOBODY as strings. Therefore we use 922b4a7802SBaban Kenkre * snprintf to convert [U|G]ID_NOBODY into a string. The target buffer 932b4a7802SBaban Kenkre * size was chosen as 21 to allow the largest 64-bit number to be stored 942b4a7802SBaban Kenkre * as string in it. Right now uid_t and gid_t are 32-bit so we don't 952b4a7802SBaban Kenkre * really need 21 characters but it does allow for future expansion 962b4a7802SBaban Kenkre * without having to modify this code. 972b4a7802SBaban Kenkre */ 982b4a7802SBaban Kenkre #define NOBODY_STR_LEN 21 992b4a7802SBaban Kenkre 100cb5caa98Sdjl 1017c478bd9Sstevel@tonic-gate /* 1027c478bd9Sstevel@tonic-gate * Superset the nss_backend_t abstract data type. This ADT has 1037c478bd9Sstevel@tonic-gate * been extended to include ldap associated data structures. 1047c478bd9Sstevel@tonic-gate */ 1057c478bd9Sstevel@tonic-gate 1067c478bd9Sstevel@tonic-gate typedef struct ldap_backend *ldap_backend_ptr; 1077c478bd9Sstevel@tonic-gate typedef nss_status_t (*ldap_backend_op_t)(ldap_backend_ptr, void *); 1087c478bd9Sstevel@tonic-gate typedef int (*fnf)(ldap_backend_ptr be, nss_XbyY_args_t *argp); 1097c478bd9Sstevel@tonic-gate 110cb5caa98Sdjl typedef enum { 111cb5caa98Sdjl NSS_LDAP_DB_NONE = 0, 112cb5caa98Sdjl NSS_LDAP_DB_PUBLICKEY = 1, 113cb5caa98Sdjl NSS_LDAP_DB_ETHERS = 2 114cb5caa98Sdjl } nss_ldap_db_type_t; 115cb5caa98Sdjl 1167c478bd9Sstevel@tonic-gate struct ldap_backend { 1177c478bd9Sstevel@tonic-gate ldap_backend_op_t *ops; 1187c478bd9Sstevel@tonic-gate nss_dbop_t nops; 1197c478bd9Sstevel@tonic-gate char *tablename; 1207c478bd9Sstevel@tonic-gate void *enumcookie; 1217c478bd9Sstevel@tonic-gate char *filter; 1229f2fd570SJulian Pullen char *sortattr; 1237c478bd9Sstevel@tonic-gate int setcalled; 1247c478bd9Sstevel@tonic-gate const char **attrs; 1257c478bd9Sstevel@tonic-gate ns_ldap_result_t *result; 126cb5caa98Sdjl fnf ldapobj2str; 1277c478bd9Sstevel@tonic-gate void *netgroup_cookie; 1287c478bd9Sstevel@tonic-gate void *services_cookie; 1297c478bd9Sstevel@tonic-gate char *toglue; 130cb5caa98Sdjl char *buffer; 131cb5caa98Sdjl int buflen; 132cb5caa98Sdjl nss_ldap_db_type_t db_type; 1337c478bd9Sstevel@tonic-gate }; 1347c478bd9Sstevel@tonic-gate 1357c478bd9Sstevel@tonic-gate extern nss_status_t _nss_ldap_destr(ldap_backend_ptr be, void *a); 1367c478bd9Sstevel@tonic-gate extern nss_status_t _nss_ldap_endent(ldap_backend_ptr be, void *a); 1377c478bd9Sstevel@tonic-gate extern nss_status_t _nss_ldap_setent(ldap_backend_ptr be, void *a); 1387c478bd9Sstevel@tonic-gate extern nss_status_t _nss_ldap_getent(ldap_backend_ptr be, void *a); 1397c478bd9Sstevel@tonic-gate nss_backend_t *_nss_ldap_constr(ldap_backend_op_t ops[], int nops, 140cb5caa98Sdjl char *tablename, const char **attrs, fnf ldapobj2str); 1417c478bd9Sstevel@tonic-gate extern nss_status_t _nss_ldap_nocb_lookup(ldap_backend_ptr be, 1427c478bd9Sstevel@tonic-gate nss_XbyY_args_t *argp, char *database, 143*695ef821SGordon Ross char *searchfilter, const char * const *attrs, 1447c478bd9Sstevel@tonic-gate int (*init_filter_cb)( 1457c478bd9Sstevel@tonic-gate const ns_ldap_search_desc_t *desc, 1467c478bd9Sstevel@tonic-gate char **realfilter, const void *userdata), 1477c478bd9Sstevel@tonic-gate const void *userdata); 1487c478bd9Sstevel@tonic-gate extern nss_status_t _nss_ldap_lookup(ldap_backend_ptr be, 1497c478bd9Sstevel@tonic-gate nss_XbyY_args_t *argp, char *database, 1507c478bd9Sstevel@tonic-gate char *searchfilter, char *domain, 1517c478bd9Sstevel@tonic-gate int (*init_filter_cb)( 1527c478bd9Sstevel@tonic-gate const ns_ldap_search_desc_t *desc, 1537c478bd9Sstevel@tonic-gate char **realfilter, const void *userdata), 1547c478bd9Sstevel@tonic-gate const void *userdata); 1557c478bd9Sstevel@tonic-gate extern void _clean_ldap_backend(ldap_backend_ptr be); 1567c478bd9Sstevel@tonic-gate 1577c478bd9Sstevel@tonic-gate extern ns_ldap_attr_t *getattr(ns_ldap_result_t *result, int i); 1587c478bd9Sstevel@tonic-gate extern const char *_strip_quotes(char *ipaddress); 1597c478bd9Sstevel@tonic-gate extern int __nss2herrno(nss_status_t nsstat); 1607c478bd9Sstevel@tonic-gate extern int propersubdomain(char *domain, char *subdomain); 1617c478bd9Sstevel@tonic-gate extern int chophostdomain(char *string, char *host, char *domain); 1627c478bd9Sstevel@tonic-gate extern char *_get_domain_name(char *cdn); 1637c478bd9Sstevel@tonic-gate extern int _merge_SSD_filter(const ns_ldap_search_desc_t *desc, 1647c478bd9Sstevel@tonic-gate char **realfilter, const void *userdata); 1657c478bd9Sstevel@tonic-gate extern int _ldap_filter_name(char *filter_name, const char *name, 1667c478bd9Sstevel@tonic-gate int filter_name_size); 1677c478bd9Sstevel@tonic-gate 1687c478bd9Sstevel@tonic-gate extern void _nss_services_cookie_free(void **cookieP); 1693d047983Smichen extern nss_status_t switch_err(int rc, ns_ldap_error_t *error); 1707c478bd9Sstevel@tonic-gate 1717c478bd9Sstevel@tonic-gate #ifdef DEBUG 1727c478bd9Sstevel@tonic-gate extern int printresult(ns_ldap_result_t *result); 1737c478bd9Sstevel@tonic-gate #endif /* DEBUG */ 1747c478bd9Sstevel@tonic-gate 1757c478bd9Sstevel@tonic-gate #ifdef __cplusplus 1767c478bd9Sstevel@tonic-gate } 1777c478bd9Sstevel@tonic-gate #endif 1787c478bd9Sstevel@tonic-gate 1797c478bd9Sstevel@tonic-gate #endif /* _LDAP_COMMON_H */ 180