src/acl/external/kerberos_ldap_group/support.h

   1 /*
   2  * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
   3  *
   4  * Squid software is distributed under GPLv2+ license and includes
   5  * contributions from numerous individuals and organizations.
   6  * Please see the COPYING and CONTRIBUTORS files for details.
   7  */
   8
   9 /*
  10  * -----------------------------------------------------------------------------
  11  *
  12  * Author: Markus Moeller (markus_moeller at compuserve.com)
  13  *
  14  * Copyright (C) 2007 Markus Moeller. All rights reserved.
  15  *
  16  *   This program is free software; you can redistribute it and/or modify
  17  *   it under the terms of the GNU General Public License as published by
  18  *   the Free Software Foundation; either version 2 of the License, or
  19  *   (at your option) any later version.
  20  *
  21  *   This program is distributed in the hope that it will be useful,
  22  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
  23  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  24  *   GNU General Public License for more details.
  25  *
  26  *   You should have received a copy of the GNU General Public License
  27  *   along with this program; if not, write to the Free Software
  28  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA.
  29  *
  30  * -----------------------------------------------------------------------------
  31  */
  32
  33 #ifndef SQUID_SRC_ACL_EXTERNAL_KERBEROS_LDAP_GROUP_SUPPORT_H
  34 #define SQUID_SRC_ACL_EXTERNAL_KERBEROS_LDAP_GROUP_SUPPORT_H
  35
  36 #define KERBEROS_LDAP_GROUP_VERSION "1.4.0sq"
  37
  38 #include "compat/krb5.h"
  39
  40 #include <cstring>
  41 #if HAVE_COM_ERR_H
  42 #include <com_err.h>
  43 #endif /* HAVE_COM_ERR_H */
  44 #define LDAP_DEPRECATED 1
  45 #if HAVE_LDAP_REBIND_FUNCTION
  46 #define LDAP_REFERRALS
  47 #endif
  48 #if HAVE_LBER_H
  49 #include <lber.h>
  50 #endif
  51 #if HAVE_LDAP_H
  52 #include <ldap.h>
  53 #endif
  54 #if HAVE_MOZLDAP_LDAP_H
  55 #include <mozldap/ldap.h>
  56 #endif
  57
  58 struct gdstruct {
  59     char *group;
  60     char *domain;
  61     struct gdstruct *next;
  62 };
  63 struct ndstruct {
  64     char *netbios;
  65     char *domain;
  66     struct ndstruct *next;
  67 };
  68 struct lsstruct {
  69     char *lserver;
  70     char *domain;
  71     struct lsstruct *next;
  72 };
  73
  74 struct main_args {
  75     char *glist;
  76     char *ulist;
  77     char *tlist;
  78     char *nlist;
  79     char *llist;
  80     char *luser;
  81     char *lpass;
  82     char *lbind;
  83     char *lurl;
  84     char *ssl;
  85     int rc_allow;
  86     int AD;
  87     int mdepth;
  88     int nokerberos;
  89     char *ddomain;
  90     struct gdstruct *groups;
  91     struct ndstruct *ndoms;
  92     struct lsstruct *lservs;
  93     char *principal;
  94 };
  95
  96 extern int log_enabled;
  97
  98 /* the macro overload style is really a gcc-ism */
  99 #ifdef __GNUC__
 100
 101 #define log(X...) \
 102                      if (log_enabled) { \
 103                          fprintf(stderr, "%s(%d): pid=%ld :", __FILE__, __LINE__, (long)getpid() ); \
 104                          fprintf(stderr,X); \
 105                      } else (void)0
 106
 107 #define error(X...) \
 108                      fprintf(stderr, "%s(%d): pid=%ld :", __FILE__, __LINE__, (long)getpid() ); \
 109                      fprintf(stderr,X); \
 110
 111 #define warn(X...) \
 112                      fprintf(stderr, "%s(%d): pid=%ld :", __FILE__, __LINE__, (long)getpid() ); \
 113                      fprintf(stderr,X); \
 114
 115 #else /* __GNUC__ */
 116
 117 /* non-GCC compilers can't do the above macro define yet. */
 118 void log(char *format,...);
 119 void error(char *format,...);
 120 void warn(char *format,...);
 121 #endif
 122
 123 struct hstruct {
 124     char *host;
 125     int port;
 126     int priority;
 127     int weight;
 128 };
 129
 130 struct ldap_creds {
 131     char *dn;
 132     char *pw;
 133 };
 134
 135 void init_args(struct main_args *margs);
 136 void clean_args(struct main_args *margs);
 137 const char *LogTime(void);
 138
 139 int check_memberof(struct main_args *margs, char *user, char *domain);
 140 int get_memberof(struct main_args *margs, char *user, char *domain, char *group);
 141
 142 char *get_netbios_name(struct main_args *margs, char *netbios);
 143
 144 int create_gd(struct main_args *margs);
 145 int create_nd(struct main_args *margs);
 146 int create_ls(struct main_args *margs);
 147
 148 size_t get_ldap_hostname_list(struct main_args *margs, struct hstruct **hlist, size_t nhosts, char *domain);
 149 size_t get_hostname_list(struct hstruct **hlist, size_t nhosts, char *name);
 150 size_t free_hostname_list(struct hstruct **hlist, size_t nhosts);
 151
 152 #if HAVE_SASL_H || HAVE_SASL_SASL_H || HAVE_SASL_DARWIN
 153 int tool_sasl_bind(LDAP * ld, char *binddn, char *ssl);
 154 #endif
 155
 156 #if HAVE_KRB5
 157 #define MAX_DOMAINS 16
 158 #define MAX_SKEW 300
 159 struct kstruct {
 160     krb5_context context;
 161     krb5_ccache cc[MAX_DOMAINS];
 162     char* mem_ccache[MAX_DOMAINS];
 163     int ncache;
 164 };
 165 int krb5_create_cache(char *domain, char* princ);
 166 void krb5_cleanup(void);
 167 #endif
 168
 169 #define PROGRAM "kerberos_ldap_group"
 170
 171 #endif /* SQUID_SRC_ACL_EXTERNAL_KERBEROS_LDAP_GROUP_SUPPORT_H */
 172