helpers/external_acl/kerberos_ldap_group/support.h

   1 /*
   2  * Copyright (C) 1996-2015 The Squid Software Foundation and contributors
   3  *
   4  * Squid software is distributed under GPLv2+ license and includes
   5  * contributions from numerous individuals and organizations.
   6  * Please see the COPYING and CONTRIBUTORS files for details.
   7  */
   8
   9 /*
  10  * -----------------------------------------------------------------------------
  11  *
  12  * Author: Markus Moeller (markus_moeller at compuserve.com)
  13  *
  14  * Copyright (C) 2007 Markus Moeller. All rights reserved.
  15  *
  16  *   This program is free software; you can redistribute it and/or modify
  17  *   it under the terms of the GNU General Public License as published by
  18  *   the Free Software Foundation; either version 2 of the License, or
  19  *   (at your option) any later version.
  20  *
  21  *   This program is distributed in the hope that it will be useful,
  22  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
  23  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  24  *   GNU General Public License for more details.
  25  *
  26  *   You should have received a copy of the GNU General Public License
  27  *   along with this program; if not, write to the Free Software
  28  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA.
  29  *
  30  * -----------------------------------------------------------------------------
  31  */
  32
  33 #define KERBEROS_LDAP_GROUP_VERSION "1.4.0sq"
  34
  35 #include <cstring>
  36
  37 #if HAVE_KRB5_H
  38 #if HAVE_BROKEN_SOLARIS_KRB5_H
  39 #warn "Warning! You have a broken Solaris <krb5.h> system header"
  40 #warn "http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6837512"
  41 #if defined(__cplusplus)
  42 #define KRB5INT_BEGIN_DECLS     extern "C" {
  43 #define KRB5INT_END_DECLS
  44 KRB5INT_BEGIN_DECLS
  45 #endif
  46 #endif /* HAVE_BROKEN_SOLARIS_KRB5_H */
  47 #if HAVE_BROKEN_HEIMDAL_KRB5_H
  48 extern "C" {
  49 #include <krb5.h>
  50 }
  51 #else
  52 #include <krb5.h>
  53 #endif
  54 #endif /* HAVE_KRB5_H */
  55
  56 #if HAVE_COM_ERR_H
  57 #include <com_err.h>
  58 #elif USE_HEIMDAL_KRB5
  59 #define error_message(code) krb5_get_err_text(kparam.context,code)
  60 #endif /* HAVE_COM_ERR_H */
  61
  62 #define LDAP_DEPRECATED 1
  63 #if HAVE_LDAP_REBIND_FUNCTION
  64 #define LDAP_REFERRALS
  65 #endif
  66 #if HAVE_LBER_H
  67 #include <lber.h>
  68 #endif
  69 #if HAVE_LDAP_H
  70 #include <ldap.h>
  71 #endif
  72 #if HAVE_MOZLDAP_LDAP_H
  73 #include <mozldap/ldap.h>
  74 #endif
  75
  76 struct gdstruct {
  77     char *group;
  78     char *domain;
  79     struct gdstruct *next;
  80 };
  81 struct ndstruct {
  82     char *netbios;
  83     char *domain;
  84     struct ndstruct *next;
  85 };
  86 struct lsstruct {
  87     char *lserver;
  88     char *domain;
  89     struct lsstruct *next;
  90 };
  91
  92 struct main_args {
  93     char *glist;
  94     char *ulist;
  95     char *tlist;
  96     char *nlist;
  97     char *llist;
  98     char *luser;
  99     char *lpass;
 100     char *lbind;
 101     char *lurl;
 102     char *ssl;
 103     int rc_allow;
 104     int AD;
 105     int mdepth;
 106     int nokerberos;
 107     char *ddomain;
 108     struct gdstruct *groups;
 109     struct ndstruct *ndoms;
 110     struct lsstruct *lservs;
 111 };
 112
 113 SQUIDCEXTERN int log_enabled;
 114
 115 /* the macro overload style is really a gcc-ism */
 116 #ifdef __GNUC__
 117
 118 #define log(X...) \
 119                      if (log_enabled) { \
 120                          fprintf(stderr, "%s(%d): pid=%ld :", __FILE__, __LINE__, (long)getpid() ); \
 121                          fprintf(stderr,X); \
 122                      } else (void)0
 123
 124 #define error(X...) \
 125                      fprintf(stderr, "%s(%d): pid=%ld :", __FILE__, __LINE__, (long)getpid() ); \
 126                      fprintf(stderr,X); \
 127
 128 #define warn(X...) \
 129                      fprintf(stderr, "%s(%d): pid=%ld :", __FILE__, __LINE__, (long)getpid() ); \
 130                      fprintf(stderr,X); \
 131
 132 #else /* __GNUC__ */
 133
 134 /* non-GCC compilers can't do the above macro define yet. */
 135 void log(char *format,...);
 136 void error(char *format,...);
 137 void warn(char *format,...);
 138 #endif
 139
 140 struct hstruct {
 141     char *host;
 142     int port;
 143     int priority;
 144     int weight;
 145 };
 146
 147 struct ldap_creds {
 148     char *dn;
 149     char *pw;
 150 };
 151
 152 void init_args(struct main_args *margs);
 153 void clean_args(struct main_args *margs);
 154 const char *LogTime(void);
 155
 156 int check_memberof(struct main_args *margs, char *user, char *domain);
 157 int get_memberof(struct main_args *margs, char *user, char *domain, char *group);
 158
 159 char *get_netbios_name(struct main_args *margs, char *netbios);
 160
 161 int create_gd(struct main_args *margs);
 162 int create_nd(struct main_args *margs);
 163 int create_ls(struct main_args *margs);
 164
 165 size_t get_ldap_hostname_list(struct main_args *margs, struct hstruct **hlist, size_t nhosts, char *domain);
 166 size_t get_hostname_list(struct hstruct **hlist, size_t nhosts, char *name);
 167 size_t free_hostname_list(struct hstruct **hlist, size_t nhosts);
 168
 169 #if HAVE_SASL_H || HAVE_SASL_SASL_H || HAVE_SASL_DARWIN
 170 int tool_sasl_bind(LDAP * ld, char *binddn, char *ssl);
 171 #endif
 172
 173 #if HAVE_KRB5
 174 #define MAX_DOMAINS 16
 175 #define MAX_SKEW 300
 176 struct kstruct {
 177     krb5_context context;
 178     krb5_ccache cc[MAX_DOMAINS];
 179     char* mem_ccache[MAX_DOMAINS];
 180     int ncache;
 181 };
 182 int krb5_create_cache(char *domain);
 183 void krb5_cleanup(void);
 184 #endif
 185
 186 #define PROGRAM "kerberos_ldap_group"
 187