[thirdparty/squid.git] / src / acl / external / kerberos_ldap_group / support.h

/*
 * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

/*
 * -----------------------------------------------------------------------------
 *
 * Author: Markus Moeller (markus_moeller at compuserve.com)
 *
 * Copyright (C) 2007 Markus Moeller. All rights reserved.
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 *   This program is distributed in the hope that it will be useful,
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License
 *   along with this program; if not, write to the Free Software
 *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA.
 *
 * -----------------------------------------------------------------------------
 */

#ifndef SQUID_SRC_ACL_EXTERNAL_KERBEROS_LDAP_GROUP_SUPPORT_H
#define SQUID_SRC_ACL_EXTERNAL_KERBEROS_LDAP_GROUP_SUPPORT_H

#define KERBEROS_LDAP_GROUP_VERSION "1.4.0sq"

#include "compat/krb5.h"

#include <cstring>
#if HAVE_COM_ERR_H
#include <com_err.h>
#endif /* HAVE_COM_ERR_H */
#define LDAP_DEPRECATED 1
#if HAVE_LDAP_REBIND_FUNCTION
#define LDAP_REFERRALS
#endif
#if HAVE_LBER_H
#include <lber.h>
#endif
#if HAVE_LDAP_H
#include <ldap.h>
#endif
#if HAVE_MOZLDAP_LDAP_H
#include <mozldap/ldap.h>
#endif

struct gdstruct {
    char *group;
    char *domain;
    struct gdstruct *next;
};
struct ndstruct {
    char *netbios;
    char *domain;
    struct ndstruct *next;
};
struct lsstruct {
    char *lserver;
    char *domain;
    struct lsstruct *next;
};

struct main_args {
    char *glist;
    char *ulist;
    char *tlist;
    char *nlist;
    char *llist;
    char *luser;
    char *lpass;
    char *lbind;
    char *lurl;
    char *ssl;
    int rc_allow;
    int AD;
    int mdepth;
    int nokerberos;
    char *ddomain;
    struct gdstruct *groups;
    struct ndstruct *ndoms;
    struct lsstruct *lservs;
    char *principal;
};

extern int log_enabled;

/* the macro overload style is really a gcc-ism */
#ifdef __GNUC__

#define log(X...) \
                     if (log_enabled) { \
                         fprintf(stderr, "%s(%d): pid=%ld :", __FILE__, __LINE__, (long)getpid() ); \
                         fprintf(stderr,X); \
                     } else (void)0

#define error(X...) \
                     fprintf(stderr, "%s(%d): pid=%ld :", __FILE__, __LINE__, (long)getpid() ); \
                     fprintf(stderr,X); \

#define warn(X...) \
                     fprintf(stderr, "%s(%d): pid=%ld :", __FILE__, __LINE__, (long)getpid() ); \
                     fprintf(stderr,X); \

#else /* __GNUC__ */

/* non-GCC compilers can't do the above macro define yet. */
void log(char *format,...);
void error(char *format,...);
void warn(char *format,...);
#endif

struct hstruct {
    char *host;
    int port;
    int priority;
    int weight;
};

struct ldap_creds {
    char *dn;
    char *pw;
};

void init_args(struct main_args *margs);
void clean_args(struct main_args *margs);
const char *LogTime(void);

int check_memberof(struct main_args *margs, char *user, char *domain);
int get_memberof(struct main_args *margs, char *user, char *domain, char *group);

char *get_netbios_name(struct main_args *margs, char *netbios);

int create_gd(struct main_args *margs);
int create_nd(struct main_args *margs);
int create_ls(struct main_args *margs);

size_t get_ldap_hostname_list(struct main_args *margs, struct hstruct **hlist, size_t nhosts, char *domain);
size_t get_hostname_list(struct hstruct **hlist, size_t nhosts, char *name);
size_t free_hostname_list(struct hstruct **hlist, size_t nhosts);

#if HAVE_SASL_H || HAVE_SASL_SASL_H
int tool_sasl_bind(LDAP * ld, char *binddn, char *ssl);
#endif

#if HAVE_KRB5
#define MAX_DOMAINS 16
#define MAX_SKEW 300
struct kstruct {
    krb5_context context;
    krb5_ccache cc[MAX_DOMAINS];
    char* mem_ccache[MAX_DOMAINS];
    int ncache;
};
int krb5_create_cache(char *domain, char* princ);
void krb5_cleanup(void);
#endif

#define PROGRAM "kerberos_ldap_group"

#endif /* SQUID_SRC_ACL_EXTERNAL_KERBEROS_LDAP_GROUP_SUPPORT_H */
Commit	Line	Data
ca02e0ec	1	/*
b8ae064d	2	* Copyright (C) 1996-2023 The Squid Software Foundation and contributors
ca02e0ec AJ	3	*
	4	* Squid software is distributed under GPLv2+ license and includes
	5	* contributions from numerous individuals and organizations.
	6	* Please see the COPYING and CONTRIBUTORS files for details.
	7	*/
	8
b1218840 AJ	9	/*
	10	* -----------------------------------------------------------------------------
	11	*
	12	* Author: Markus Moeller (markus_moeller at compuserve.com)
	13	*
	14	* Copyright (C) 2007 Markus Moeller. All rights reserved.
	15	*
	16	* This program is free software; you can redistribute it and/or modify
	17	* it under the terms of the GNU General Public License as published by
	18	* the Free Software Foundation; either version 2 of the License, or
	19	* (at your option) any later version.
	20	*
	21	* This program is distributed in the hope that it will be useful,
	22	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	23	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	24	* GNU General Public License for more details.
	25	*
	26	* You should have received a copy of the GNU General Public License
	27	* along with this program; if not, write to the Free Software
	28	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
	29	*
	30	* -----------------------------------------------------------------------------
	31	*/
	32
ba42bf21 FC	33	#ifndef SQUID_SRC_ACL_EXTERNAL_KERBEROS_LDAP_GROUP_SUPPORT_H
	34	#define SQUID_SRC_ACL_EXTERNAL_KERBEROS_LDAP_GROUP_SUPPORT_H
	35
7451e5ad	36	#define KERBEROS_LDAP_GROUP_VERSION "1.4.0sq"
b1218840	37
42557148	38	#include "compat/krb5.h"
ffe4ffd8	39
42557148	40	#include <cstring>
ffe4ffd8	41	#if HAVE_COM_ERR_H
b1218840	42	#include <com_err.h>
ffe4ffd8	43	#endif /* HAVE_COM_ERR_H */
b1218840	44	#define LDAP_DEPRECATED 1
7451e5ad	45	#if HAVE_LDAP_REBIND_FUNCTION
b1218840 AJ	46	#define LDAP_REFERRALS
b1218840 AJ	47	#endif
7451e5ad	48	#if HAVE_LBER_H
b1218840 AJ	49	#include <lber.h>
b1218840 AJ	50	#endif
7451e5ad	51	#if HAVE_LDAP_H
b1218840 AJ	52	#include <ldap.h>
b1218840 AJ	53	#endif
7451e5ad	54	#if HAVE_MOZLDAP_LDAP_H
b1218840 AJ	55	#include <mozldap/ldap.h>
	56	#endif
	57
	58	struct gdstruct {
	59	char *group;
	60	char *domain;
	61	struct gdstruct *next;
	62	};
	63	struct ndstruct {
	64	char *netbios;
	65	char *domain;
	66	struct ndstruct *next;
	67	};
f602c423 MM	68	struct lsstruct {
	69	char *lserver;
	70	char *domain;
	71	struct lsstruct *next;
	72	};
b1218840 AJ	73
	74	struct main_args {
	75	char *glist;
	76	char *ulist;
	77	char *tlist;
	78	char *nlist;
f602c423	79	char *llist;
b1218840 AJ	80	char *luser;
	81	char *lpass;
	82	char *lbind;
	83	char *lurl;
	84	char *ssl;
	85	int rc_allow;
	86	int AD;
	87	int mdepth;
7451e5ad	88	int nokerberos;
b1218840 AJ	89	char *ddomain;
	90	struct gdstruct *groups;
	91	struct ndstruct *ndoms;
f602c423	92	struct lsstruct *lservs;
40f1fd09	93	char *principal;
b1218840 AJ	94	};
b1218840 AJ	95
ca919500	96	extern int log_enabled;
b1218840 AJ	97
	98	/* the macro overload style is really a gcc-ism */
	99	#ifdef __GNUC__
	100
b1218840 AJ	101	#define log(X...) \
	102	if (log_enabled) { \
	103	fprintf(stderr, "%s(%d): pid=%ld :", __FILE__, __LINE__, (long)getpid() ); \
	104	fprintf(stderr,X); \
	105	} else (void)0
	106
	107	#define error(X...) \
	108	fprintf(stderr, "%s(%d): pid=%ld :", __FILE__, __LINE__, (long)getpid() ); \
	109	fprintf(stderr,X); \
b6388dfd	110
b1218840 AJ	111	#define warn(X...) \
	112	fprintf(stderr, "%s(%d): pid=%ld :", __FILE__, __LINE__, (long)getpid() ); \
	113	fprintf(stderr,X); \
b6388dfd	114
b1218840 AJ	115	#else /* __GNUC__ */
	116
	117	/* non-GCC compilers can't do the above macro define yet. */
	118	void log(char *format,...);
	119	void error(char *format,...);
	120	void warn(char *format,...);
	121	#endif
	122
b1218840 AJ	123	struct hstruct {
	124	char *host;
	125	int port;
	126	int priority;
	127	int weight;
	128	};
	129
	130	struct ldap_creds {
	131	char *dn;
	132	char *pw;
	133	};
	134
b1218840 AJ	135	void init_args(struct main_args *margs);
	136	void clean_args(struct main_args *margs);
	137	const char *LogTime(void);
	138
	139	int check_memberof(struct main_args margs, char user, char *domain);
	140	int get_memberof(struct main_args margs, char user, char domain, char group);
	141
	142	char get_netbios_name(struct main_args margs, char *netbios);
	143
	144	int create_gd(struct main_args *margs);
	145	int create_nd(struct main_args *margs);
f602c423	146	int create_ls(struct main_args *margs);
b1218840	147
4ebcf1ce MM	148	size_t get_ldap_hostname_list(struct main_args margs, struct hstruct hlist, size_t nhosts, char domain);
	149	size_t get_hostname_list(struct hstruct *hlist, size_t nhosts, char name);
	150	size_t free_hostname_list(struct hstruct **hlist, size_t nhosts);
b1218840	151
388d024e	152	#if HAVE_SASL_H \|\| HAVE_SASL_SASL_H
b1218840 AJ	153	int tool_sasl_bind(LDAP * ld, char binddn, char ssl);
	154	#endif
	155
7451e5ad MM	156	#if HAVE_KRB5
	157	#define MAX_DOMAINS 16
	158	#define MAX_SKEW 300
	159	struct kstruct {
	160	krb5_context context;
	161	krb5_ccache cc[MAX_DOMAINS];
	162	char* mem_ccache[MAX_DOMAINS];
	163	int ncache;
	164	};
40f1fd09	165	int krb5_create_cache(char domain, char princ);
7451e5ad MM	166	void krb5_cleanup(void);
	167	#endif
	168
b1218840	169	#define PROGRAM "kerberos_ldap_group"
f53969cc	170
ba42bf21 FC	171	#endif /* SQUID_SRC_ACL_EXTERNAL_KERBEROS_LDAP_GROUP_SUPPORT_H */
ba42bf21 FC	172