helpers/external_acl/kerberos_ldap_group/support.h

   1 /*
   2  * Copyright (C) 1996-2015 The Squid Software Foundation and contributors
   3  *
   4  * Squid software is distributed under GPLv2+ license and includes
   5  * contributions from numerous individuals and organizations.
   6  * Please see the COPYING and CONTRIBUTORS files for details.
   7  */
   8
   9 /*
  10  * -----------------------------------------------------------------------------
  11  *
  12  * Author: Markus Moeller (markus_moeller at compuserve.com)
  13  *
  14  * Copyright (C) 2007 Markus Moeller. All rights reserved.
  15  *
  16  *   This program is free software; you can redistribute it and/or modify
  17  *   it under the terms of the GNU General Public License as published by
  18  *   the Free Software Foundation; either version 2 of the License, or
  19  *   (at your option) any later version.
  20  *
  21  *   This program is distributed in the hope that it will be useful,
  22  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
  23  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  24  *   GNU General Public License for more details.
  25  *
  26  *   You should have received a copy of the GNU General Public License
  27  *   along with this program; if not, write to the Free Software
  28  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA.
  29  *
  30  * -----------------------------------------------------------------------------
  31  */
  32
  33 #define KERBEROS_LDAP_GROUP_VERSION "1.4.0sq"
  34
  35 #include <cstring>
  36
  37 #if HAVE_KRB5_H
  38 #if HAVE_BROKEN_SOLARIS_KRB5_H
  39 #warn "Warning! You have a broken Solaris <krb5.h> system header"
  40 #warn "http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6837512"
  41 #if defined(__cplusplus)
  42 #define KRB5INT_BEGIN_DECLS     extern "C" {
  43 #define KRB5INT_END_DECLS
  44 KRB5INT_BEGIN_DECLS
  45 #endif
  46 #endif /* HAVE_BROKEN_SOLARIS_KRB5_H */
  47 #if HAVE_BROKEN_HEIMDAL_KRB5_H
  48 extern "C" {
  49 #include <krb5.h>
  50 }
  51 #else
  52 #include <krb5.h>
  53 #endif
  54 #endif /* HAVE_KRB5_H */
  55
  56 #if HAVE_COM_ERR_H
  57 #include <com_err.h>
  58 #endif /* HAVE_COM_ERR_H */
  59
  60 #define LDAP_DEPRECATED 1
  61 #if HAVE_LDAP_REBIND_FUNCTION
  62 #define LDAP_REFERRALS
  63 #endif
  64 #if HAVE_LBER_H
  65 #include <lber.h>
  66 #endif
  67 #if HAVE_LDAP_H
  68 #include <ldap.h>
  69 #endif
  70 #if HAVE_MOZLDAP_LDAP_H
  71 #include <mozldap/ldap.h>
  72 #endif
  73
  74 struct gdstruct {
  75     char *group;
  76     char *domain;
  77     struct gdstruct *next;
  78 };
  79 struct ndstruct {
  80     char *netbios;
  81     char *domain;
  82     struct ndstruct *next;
  83 };
  84 struct lsstruct {
  85     char *lserver;
  86     char *domain;
  87     struct lsstruct *next;
  88 };
  89
  90 struct main_args {
  91     char *glist;
  92     char *ulist;
  93     char *tlist;
  94     char *nlist;
  95     char *llist;
  96     char *luser;
  97     char *lpass;
  98     char *lbind;
  99     char *lurl;
 100     char *ssl;
 101     int rc_allow;
 102     int AD;
 103     int mdepth;
 104     int nokerberos;
 105     char *ddomain;
 106     struct gdstruct *groups;
 107     struct ndstruct *ndoms;
 108     struct lsstruct *lservs;
 109 };
 110
 111 SQUIDCEXTERN int log_enabled;
 112
 113 /* the macro overload style is really a gcc-ism */
 114 #ifdef __GNUC__
 115
 116 #define log(X...) \
 117                      if (log_enabled) { \
 118                          fprintf(stderr, "%s(%d): pid=%ld :", __FILE__, __LINE__, (long)getpid() ); \
 119                          fprintf(stderr,X); \
 120                      } else (void)0
 121
 122 #define error(X...) \
 123                      fprintf(stderr, "%s(%d): pid=%ld :", __FILE__, __LINE__, (long)getpid() ); \
 124                      fprintf(stderr,X); \
 125
 126 #define warn(X...) \
 127                      fprintf(stderr, "%s(%d): pid=%ld :", __FILE__, __LINE__, (long)getpid() ); \
 128                      fprintf(stderr,X); \
 129
 130 #else /* __GNUC__ */
 131
 132 /* non-GCC compilers can't do the above macro define yet. */
 133 void log(char *format,...);
 134 void error(char *format,...);
 135 void warn(char *format,...);
 136 #endif
 137
 138 struct hstruct {
 139     char *host;
 140     int port;
 141     int priority;
 142     int weight;
 143 };
 144
 145 struct ldap_creds {
 146     char *dn;
 147     char *pw;
 148 };
 149
 150 void init_args(struct main_args *margs);
 151 void clean_args(struct main_args *margs);
 152 const char *LogTime(void);
 153
 154 int check_memberof(struct main_args *margs, char *user, char *domain);
 155 int get_memberof(struct main_args *margs, char *user, char *domain, char *group);
 156
 157 char *get_netbios_name(struct main_args *margs, char *netbios);
 158
 159 int create_gd(struct main_args *margs);
 160 int create_nd(struct main_args *margs);
 161 int create_ls(struct main_args *margs);
 162
 163 size_t get_ldap_hostname_list(struct main_args *margs, struct hstruct **hlist, size_t nhosts, char *domain);
 164 size_t get_hostname_list(struct hstruct **hlist, size_t nhosts, char *name);
 165 size_t free_hostname_list(struct hstruct **hlist, size_t nhosts);
 166
 167 #if HAVE_SASL_H || HAVE_SASL_SASL_H || HAVE_SASL_DARWIN
 168 int tool_sasl_bind(LDAP * ld, char *binddn, char *ssl);
 169 #endif
 170
 171 #if HAVE_KRB5
 172 #define MAX_DOMAINS 16
 173 #define MAX_SKEW 300
 174 struct kstruct {
 175     krb5_context context;
 176     krb5_ccache cc[MAX_DOMAINS];
 177     char* mem_ccache[MAX_DOMAINS];
 178     int ncache;
 179 };
 180 int krb5_create_cache(char *domain);
 181 void krb5_cleanup(void);
 182 #endif
 183
 184 #define PROGRAM "kerberos_ldap_group"
 185