Apache HTTP Server 2: include/util

00001 /* Licensed to the Apache Software Foundation (ASF) under one or more
00002  * contributor license agreements.  See the NOTICE file distributed with
00003  * this work for additional information regarding copyright ownership.
00004  * The ASF licenses this file to You under the Apache License, Version 2.0
00005  * (the "License"); you may not use this file except in compliance with
00006  * the License.  You may obtain a copy of the License at
00007  *
00008  *     http://www.apache.org/licenses/LICENSE-2.0
00009  *
00010  * Unless required by applicable law or agreed to in writing, software
00011  * distributed under the License is distributed on an "AS IS" BASIS,
00012  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00013  * See the License for the specific language governing permissions and
00014  * limitations under the License.
00015  */
00016 
00022 #ifndef UTIL_LDAP_H
00023 #define UTIL_LDAP_H
00024 
00025 /* APR header files */
00026 #include "apr.h"
00027 #include "apr_thread_mutex.h"
00028 #include "apr_thread_rwlock.h"
00029 #include "apr_tables.h"
00030 #include "apr_time.h"
00031 #include "apr_ldap.h"
00032 
00033 #if APR_HAS_SHARED_MEMORY
00034 #include "apr_rmm.h"
00035 #include "apr_shm.h"
00036 #endif
00037 
00038 /* this whole thing disappears if LDAP is not enabled */
00039 #if APR_HAS_LDAP
00040 
00041 /* Apache header files */
00042 #include "ap_config.h"
00043 #include "httpd.h"
00044 #include "http_config.h"
00045 #include "http_core.h"
00046 #include "http_log.h"
00047 #include "http_protocol.h"
00048 #include "http_request.h"
00049 #include "apr_optional.h"
00050 
00051 /* Create a set of LDAP_DECLARE macros with appropriate export 
00052  * and import tags for the platform
00053  */
00054 #if !defined(WIN32)
00055 #define LDAP_DECLARE(type)            type
00056 #define LDAP_DECLARE_NONSTD(type)     type
00057 #define LDAP_DECLARE_DATA
00058 #elif defined(LDAP_DECLARE_STATIC)
00059 #define LDAP_DECLARE(type)            type __stdcall
00060 #define LDAP_DECLARE_NONSTD(type)     type
00061 #define LDAP_DECLARE_DATA
00062 #elif defined(LDAP_DECLARE_EXPORT)
00063 #define LDAP_DECLARE(type)            __declspec(dllexport) type __stdcall
00064 #define LDAP_DECLARE_NONSTD(type)     __declspec(dllexport) type
00065 #define LDAP_DECLARE_DATA             __declspec(dllexport)
00066 #else
00067 #define LDAP_DECLARE(type)            __declspec(dllimport) type __stdcall
00068 #define LDAP_DECLARE_NONSTD(type)     __declspec(dllimport) type
00069 #define LDAP_DECLARE_DATA             __declspec(dllimport)
00070 #endif
00071 
00072 #ifdef __cplusplus
00073 extern "C" {
00074 #endif
00075 
00076 /*
00077  * LDAP Connections
00078  */
00079 
00080 /* Values that the deref member can have */
00081 typedef enum {
00082     never=LDAP_DEREF_NEVER, 
00083     searching=LDAP_DEREF_SEARCHING, 
00084     finding=LDAP_DEREF_FINDING, 
00085     always=LDAP_DEREF_ALWAYS
00086 } deref_options;
00087 
00088 /* Structure representing an LDAP connection */
00089 typedef struct util_ldap_connection_t {
00090     LDAP *ldap;
00091     apr_pool_t *pool;                   /* Pool from which this connection is created */
00092 #if APR_HAS_THREADS
00093     apr_thread_mutex_t *lock;           /* Lock to indicate this connection is in use */
00094 #endif
00095     int bound;                          /* Flag to indicate whether this connection is bound yet */
00096 
00097     const char *host;                   /* Name of the LDAP server (or space separated list) */
00098     int port;                           /* Port of the LDAP server */
00099     deref_options deref;                /* how to handle alias dereferening */
00100 
00101     const char *binddn;                 /* DN to bind to server (can be NULL) */
00102     const char *bindpw;                 /* Password to bind to server (can be NULL) */
00103 
00104     int secure;                         /* SSL/TLS mode of the connection */
00105     apr_array_header_t *client_certs;   /* Client certificates on this connection */
00106 
00107     const char *reason;                 /* Reason for an error failure */
00108 
00109     struct util_ldap_connection_t *next;
00110 } util_ldap_connection_t;
00111 
00112 /* LDAP cache state information */ 
00113 typedef struct util_ldap_state_t {
00114     apr_pool_t *pool;           /* pool from which this state is allocated */
00115 #if APR_HAS_THREADS
00116     apr_thread_mutex_t *mutex;          /* mutex lock for the connection list */
00117 #endif
00118     apr_global_mutex_t *util_ldap_cache_lock;
00119 
00120     apr_size_t cache_bytes;     /* Size (in bytes) of shared memory cache */
00121     char *cache_file;           /* filename for shm */
00122     long search_cache_ttl;      /* TTL for search cache */
00123     long search_cache_size;     /* Size (in entries) of search cache */
00124     long compare_cache_ttl;     /* TTL for compare cache */
00125     long compare_cache_size;    /* Size (in entries) of compare cache */
00126 
00127     struct util_ldap_connection_t *connections;
00128     int   ssl_supported;
00129     apr_array_header_t *global_certs;  /* Global CA certificates */
00130     apr_array_header_t *client_certs;  /* Client certificates */
00131     int   secure;
00132     int   secure_set;
00133 
00134 #if APR_HAS_SHARED_MEMORY
00135     apr_shm_t *cache_shm;
00136     apr_rmm_t *cache_rmm;
00137 #endif
00138 
00139     /* cache ald */
00140     void *util_ldap_cache;
00141     char *lock_file;           /* filename for shm lock mutex */
00142     long  connectionTimeout;
00143     int   verify_svr_cert;
00144 
00145 } util_ldap_state_t;
00146 
00147 
00160 APR_DECLARE_OPTIONAL_FN(int,uldap_connection_open,(request_rec *r, 
00161                                             util_ldap_connection_t *ldc));
00162 
00172 APR_DECLARE_OPTIONAL_FN(void,uldap_connection_close,(util_ldap_connection_t *ldc));
00173 
00183 APR_DECLARE_OPTIONAL_FN(apr_status_t,uldap_connection_unbind,(void *param));
00184 
00193 APR_DECLARE_OPTIONAL_FN(apr_status_t,uldap_connection_cleanup,(void *param));
00194 
00212 APR_DECLARE_OPTIONAL_FN(util_ldap_connection_t *,uldap_connection_find,(request_rec *r, const char *host, int port,
00213                                                   const char *binddn, const char *bindpw, deref_options deref,
00214                                                   int secure));
00215 
00234 APR_DECLARE_OPTIONAL_FN(int,uldap_cache_comparedn,(request_rec *r, util_ldap_connection_t *ldc, 
00235                               const char *url, const char *dn, const char *reqdn, 
00236                               int compare_dn_on_server));
00237 
00251 APR_DECLARE_OPTIONAL_FN(int,uldap_cache_compare,(request_rec *r, util_ldap_connection_t *ldc,
00252                             const char *url, const char *dn, const char *attrib, const char *value));
00253 
00273 APR_DECLARE_OPTIONAL_FN(int,uldap_cache_checkuserid,(request_rec *r, util_ldap_connection_t *ldc,
00274                               const char *url, const char *basedn, int scope, char **attrs,
00275                               const char *filter, const char *bindpw, const char **binddn, const char ***retvals));
00276 
00295 APR_DECLARE_OPTIONAL_FN(int,uldap_cache_getuserdn,(request_rec *r, util_ldap_connection_t *ldc,
00296                               const char *url, const char *basedn, int scope, char **attrs,
00297                               const char *filter, const char **binddn, const char ***retvals));
00298 
00303 APR_DECLARE_OPTIONAL_FN(int,uldap_ssl_supported,(request_rec *r));
00304 
00305 /* from apr_ldap_cache.c */
00306 
00318 apr_status_t util_ldap_cache_init(apr_pool_t *pool, util_ldap_state_t *st);
00319 
00320 /* from apr_ldap_cache_mgr.c */
00321 
00329 char *util_ald_cache_display(request_rec *r, util_ldap_state_t *st);
00330 #ifdef __cplusplus
00331 }
00332 #endif
00333 #endif /* APR_HAS_LDAP */
00334 #endif /* UTIL_LDAP_H */
include/util_ldap.h
