summaryrefslogtreecommitdiff
path: root/usr.sbin/ypldap/ypldap.h
blob: 14189ffea352acd25ada23627b8076d03fc26745 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
/*	$OpenBSD: ypldap.h,v 1.8 2009/01/06 21:52:55 jasper Exp $ */

/*
 * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

#define YPLDAP_USER		"_ypldap"
#define YPLDAP_CONF_FILE	"/etc/ypldap.conf"
#define DEFAULT_INTERVAL	600
#define LINE_WIDTH		1024
#define FILTER_WIDTH		128
#define ATTR_WIDTH		32

#define        MAX_SERVERS_DNS                 8

/* buffer */
struct buf {
	TAILQ_ENTRY(buf)	 entry;
	u_char			*buf;
	size_t			 size;
	size_t			 max;
	size_t			 wpos;
	size_t			 rpos;
	int			 fd;
};

struct msgbuf {
	TAILQ_HEAD(, buf)	 bufs;
	u_int32_t		 queued;
	int			 fd;
};

#define IMSG_HEADER_SIZE	sizeof(struct imsg_hdr)
#define MAX_IMSGSIZE		8192

struct buf_read {
	u_char			 buf[MAX_IMSGSIZE];
	u_char			*rptr;
	size_t			 wpos;
};

struct imsg_fd {
	TAILQ_ENTRY(imsg_fd)	entry;
	int			fd;
};

struct imsgbuf {
	TAILQ_HEAD(, imsg_fd)	 fds;
	struct buf_read		 r;
	struct msgbuf		 w;
	struct event		 ev;
	void			(*handler)(int, short, void *);
	int			 fd;
	pid_t			 pid;
	short			 events;
	void			*data;
};

enum imsg_type {
	IMSG_NONE,
	IMSG_CONF_START,
	IMSG_CONF_IDM,
	IMSG_CONF_END,
	IMSG_START_UPDATE,
	IMSG_END_UPDATE,
	IMSG_TRASH_UPDATE,
	IMSG_PW_ENTRY,
	IMSG_GRP_ENTRY,
	IMSG_HOST_DNS
};

struct ypldap_addr {
	struct ypldap_addr              *next;
	struct sockaddr_storage          ss;
};

struct imsg_hdr {
	u_int16_t	 type;
	u_int16_t	 len;
	u_int32_t	 peerid;
	pid_t		 pid;
};

struct imsg {
	struct imsg_hdr	 hdr;
	void		*data;
};

enum {
	PROC_MAIN,
	PROC_CLIENT
} ypldap_process;

struct userent {
	RB_ENTRY(userent)		 ue_name_node;
	RB_ENTRY(userent)		 ue_uid_node;
	uid_t				 ue_uid;
	char				*ue_line;
};

struct groupent {
	RB_ENTRY(groupent)		 ge_name_node;
	RB_ENTRY(groupent)		 ge_gid_node;
	gid_t				 ge_gid;
	char				*ge_line;
};

enum client_state {
        STATE_NONE,
        STATE_DNS_INPROGRESS,
        STATE_DNS_TEMPFAIL,
        STATE_DNS_DONE,
	STATE_LDAP_FAIL,
	STATE_LDAP_DONE
};

/*
 * beck, djm, dlg: pay attention to the struct name
 */
struct idm {
	TAILQ_ENTRY(idm)		 idm_entry;
	u_int32_t                        idm_id;
	char				 idm_name[MAXHOSTNAMELEN];
#define F_SSL				 0x00100000
#define F_CONFIGURING			 0x00200000
#define F_NEEDAUTH			 0x00400000
#define F_FIXED_ATTR(n)			 (1<<n)
#define F_LIST(n)                        (1<<n)
	enum client_state		 idm_state;
	u_int32_t			 idm_flags; /* lower 20 reserved */
	u_int32_t			 idm_list;
	struct ypldap_addr		*idm_addr;
	in_port_t			 idm_port;
	char				 idm_binddn[LINE_WIDTH];
	char				 idm_bindcred[LINE_WIDTH];
	char				 idm_basedn[LINE_WIDTH];
#define FILTER_USER			 1
#define FILTER_GROUP			 0
	char				 idm_filters[2][FILTER_WIDTH];
#define ATTR_NAME			 0
#define ATTR_PASSWD			 1
#define ATTR_UID			 2
#define ATTR_GID			 3
#define ATTR_CLASS			 4
#define ATTR_CHANGE			 5
#define ATTR_EXPIRE			 6
#define ATTR_GECOS			 7
#define ATTR_DIR			 8
#define ATTR_SHELL			 9
#define ATTR_GR_NAME			 10
#define ATTR_GR_PASSWD			 11
#define ATTR_GR_GID			 12
#define ATTR_GR_MEMBERS			 13
#define ATTR_MAX			 10
#define ATTR_GR_MIN			 10
#define ATTR_GR_MAX			 14
	char				 idm_attrs[14][ATTR_WIDTH];
	struct env			*idm_env;
	struct event			 idm_ev;
#ifdef SSL
	struct ssl			*idm_ssl;
#endif
};

struct idm_req {
	union {
		uid_t			 ik_uid;
		uid_t			 ik_gid;
	}				 ir_key;
	char				 ir_line[LINE_WIDTH];
};

struct env {
#define YPLDAP_OPT_VERBOSE		 0x01
#define YPLDAP_OPT_NOACTION		 0x02
	u_int8_t			 sc_opts;
#define YPMAP_PASSWD_BYNAME		 0x00000001
#define YPMAP_PASSWD_BYUID		 0x00000002
#define YPMAP_MASTER_PASSWD_BYNAME	 0x00000004
#define YPMAP_MASTER_PASSWD_BYUID	 0x00000008
#define YPMAP_GROUP_BYNAME		 0x00000010
#define YPMAP_GROUP_BYGID		 0x00000020
	u_int32_t			 sc_flags;

	u_int32_t			 sc_maxid;

	char				 sc_domainname[MAXHOSTNAMELEN];
	struct timeval			 sc_conf_tv;
	struct event			 sc_conf_ev;
	TAILQ_HEAD(idm_list, idm)	 sc_idms;
	struct imsgbuf			*sc_ibuf;
	struct imsgbuf			*sc_ibuf_dns;

	RB_HEAD(user_name_tree,userent)	 *sc_user_names;
	RB_HEAD(user_uid_tree,userent)	 sc_user_uids;
	RB_HEAD(group_name_tree,groupent)*sc_group_names;
	RB_HEAD(group_gid_tree,groupent) sc_group_gids;
	struct user_name_tree		 *sc_user_names_t;
	struct group_name_tree		 *sc_group_names_t;
	size_t				 sc_user_line_len;
	size_t				 sc_group_line_len;
	char				*sc_user_lines;
	char				*sc_group_lines;

	struct yp_data			*sc_yp;
};

/* buffer.c */
struct buf	*buf_open(size_t);
struct buf	*buf_dynamic(size_t, size_t);
int		 buf_add(struct buf *, void *, size_t);
void		*buf_reserve(struct buf *, size_t);
int		 buf_close(struct msgbuf *, struct buf *);
void		 buf_free(struct buf *);
void		 msgbuf_init(struct msgbuf *);
void		 msgbuf_clear(struct msgbuf *);
int		 msgbuf_write(struct msgbuf *);

/* imsg.c */
void	 imsg_init(struct imsgbuf *, int, void (*)(int, short, void *));
ssize_t	 imsg_read(struct imsgbuf *);
ssize_t	 imsg_get(struct imsgbuf *, struct imsg *);
int	 imsg_compose(struct imsgbuf *, enum imsg_type, u_int32_t, pid_t,
	    void *, u_int16_t);
struct buf *imsg_create(struct imsgbuf *, enum imsg_type, u_int32_t, pid_t,
	    u_int16_t);
int	 imsg_add(struct buf *, void *, u_int16_t);
int	 imsg_close(struct imsgbuf *, struct buf *);
void	 imsg_free(struct imsg *);
void	 imsg_event_add(struct imsgbuf *); /* needs to be provided externally */
void	 imsg_clear(struct imsgbuf *);

/* log.c */
void		 log_init(int);
void		 log_warn(const char *, ...);
void		 log_warnx(const char *, ...);
void		 log_info(const char *, ...);
void		 log_debug(const char *, ...);
__dead void	 fatal(const char *);
__dead void	 fatalx(const char *);

/* parse.y */
int		 parse_config(struct env *, const char *, int);
int		 cmdline_symset(char *);

/* listener.c */
void		 listener_setup(struct env *);
void		 listener_init(struct env *);

/* ldapclient.c */
pid_t		 ldapclient(int []);

/* ypldap.c */
void		 purge_config(struct env *);

/* entries.c */
void		 flatten_entries(struct env *);
int		 userent_name_cmp(struct userent *, struct userent *);
int		 userent_uid_cmp(struct userent *, struct userent *);
int		 groupent_name_cmp(struct groupent *, struct groupent *);
int		 groupent_gid_cmp(struct groupent *, struct groupent *);
RB_PROTOTYPE(	 user_name_tree, userent, ue_name_node, userent_name_cmp);
RB_PROTOTYPE(	 user_uid_tree, userent, ue_uid_node, userent_uid_cmp);
RB_PROTOTYPE(	 group_name_tree, groupent, ge_name_node, groupent_name_cmp);
RB_PROTOTYPE(	 group_gid_tree, groupent, ge_gid_node, groupent_gid_cmp);

/* yp.c */
void		 yp_init(struct env *);
void		 yp_enable_events(void);

/* ypldap_dns.c */
pid_t		 ypldap_dns(int[2], struct passwd *);