summaryrefslogblamecommitdiffstats
path: root/ldadp.c
blob: 923891ada82f1a34c2cfb67337fe775b2259f05a (plain) (tree) 
d13e297 ^





bedd2e7







bbdf2fb ^

e38ec56 ^

bedd2e7





f0b46f7 ^

b1ae369 ^

bedd2e7


0257cf7 ^

bedd2e7

b0d9fd5 ^

bbdf2fb ^

b0d9fd5 ^

bedd2e7


6086de1 ^

bedd2e7




2e37d6b ^

f0b46f7 ^

6086de1 ^





0257cf7 ^

b0d9fd5 ^

bedd2e7




bbdf2fb ^

bedd2e7


bbdf2fb ^







bedd2e7

b0d9fd5 ^

bedd2e7






4b4726c ^


b1ae369 ^

6086de1 ^

bedd2e7
















2e37d6b ^

bedd2e7


bbdf2fb ^

bbdf2fb ^


d611cc5 ^

bbdf2fb ^





bedd2e7



bbdf2fb ^


2e37d6b ^

bbdf2fb ^





dd1b647 ^

bedd2e7




d611cc5 ^







e38ec56 ^


d611cc5 ^










2e37d6b ^


e27569e ^


2e37d6b ^


46a9f1c ^


d611cc5 ^


f49899e ^


bf9f3a6 ^


d611cc5 ^



bbdf2fb ^

bedd2e7



0257cf7 ^

bedd2e7

0257cf7 ^

bedd2e7


1
2
3
4
5

6
7
8
9
10
11
12

13

14

15
16
17
18
19

20

21

22
23

24

25

26

27

28

29
30

31

32
33
34
35

36

37

38
39
40
41
42

43

44

45
46
47
48

49

50
51

52
53
54
55
56
57
58

59

60

61
62
63
64
65
66

67
68

69

70

71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86

87

88
89

90

91
92

93

94
95
96
97
98

99
100
101

102
103

104

105
106
107
108
109

110

111
112
113
114

115
116
117
118
119
120
121

122
123

124
125
126
127
128
129
130
131
132
133

134
135

136
137

138
139

140
141

142
143

144
145

146
147

148
149
150

151

152
153
154

155

156

157

158
159





                                                                         






                   
                    
                   




                   
                   
                   

                                                                                
                                   
 
                            
                                              
 

                               
                             



                                
                             
                                 




                                                     
                                                                              
                                                                                     



                                           
                                     

                                        






                                                                     
                                                                 
                                                                                                               





                                                                                                           

                                  
                     
                                                                     















                                                                               
                                                                    

                       
                              

                                         
                                                        




                                    


                                                                   

                                                       
                                                                 




                              
                                                                                    



                                                                                                   






                                                         

                                                       









                                                                          

                                                                                     

                                                                                      

                                                                                    

                                                                                 

                                                       

                                                            

                                                             


                                                                                                 
         


                 
                                  
 
                                                               

 
/*
 * ldadp - ldap to ad proxy
 *
 * LDAP protocol handling based on tinyldap https://www.fefe.de/tinyldap/
 */
#include "types.h"
#include "epoll.h"
#include "client.h"
#include "server.h"
#include "proxy.h"
#include "ini.h"
#include "helper.h"
#include "openssl.h"
#include "helper.h"
#include <stdio.h>
#include <socket.h>
#include <io.h>
#include <string.h>
#include <stdlib.h>
#include <signal.h>
#include <unistd.h>

static void listen_callback(void *data, int haveIn, int haveOut, int doCleanup);
static BOOL loadConfig(char *file);

static int localPort = 1234;
static char *certFile = NULL, *keyFile = NULL;

int main(int argc, char **argv)
{
	BOOL isdaemon = TRUE;
	if (argc < 2) {
		printf("Nö\n");
		exit(1);
	}
	setbuf(stdout, NULL);
	signal(SIGPIPE, SIG_IGN);
	if (strcmp(argv[1], "-n") == 0 && argc > 2) {
		isdaemon = FALSE;
		argv++;
		argc--;
	}
	if (!loadConfig(argv[1])) bail("Cannot read config file %s", argv[1]);
	if (localPort < 1 || localPort > 65535) bail("Invalid port given in config");
	proxy_init();
	char listen_addr[4] = {0, 0, 0, 0};
	// Setup socket
	epoll_listen_t lsn;
	memset(&lsn, 0, sizeof(lsn));
	lsn.callback = &listen_callback;
	lsn.fd = socket_tcp4();
	if (certFile != NULL && keyFile != NULL) {
		printf("Using SSL\n");
		ssl_init();
		lsn.sslContext = ssl_newServerCtx(certFile, keyFile);
	} else {
		printf("Not using SSL\n");
	}
	if (lsn.fd == -1) bail("Could not create listen socket");
	if (socket_bind4_reuse(lsn.fd, listen_addr, localPort) == -1) bail("Could not bind to listening port");
	if (socket_listen(lsn.fd, 10) == -1) bail("Could not listen");
	// Setup epoll
	if (ePoll_init() == -1) bail("epoll_create failed");
	// Add listener
	if (ePoll_add(EPOLLIN, (epoll_item_t*)&lsn) == -1) bail("Could not add listen socket to epoll fd");
	// Init AD uplinks
	if (!server_initServers())
		exit(1);
	// Daeaeaemon
	if (isdaemon && daemon(1, 0) == -1) bail("daemon() failed.");
	// Do the mainloop
	for (;;) {
		if (ePoll_wait(-1) == -1) bail("ePoll wait failed.");
	}
	return 0;
}

static void listen_callback(void *data, int haveIn, int haveOut, int doCleanup)
{
	if (doCleanup) bail("doCleanup on Listen socket set.");
	if (!haveIn) return;
	epoll_listen_t *listen = (epoll_listen_t *)data;
	char remote[4];
	uint16 port;
	int sock = socket_accept4(listen->fd, remote, &port);
	if (sock < 0) {
		printf("[Proxy] Error accepting new connection.\n");
		return;
	}
	helper_nonblock(sock);
	SSL *ssl = NULL;
	if (listen->sslContext != NULL) {
		ssl = ssl_new(sock, listen->sslContext);
		if (ssl == NULL) {
			close(sock);
			return;
		}
	}
	epoll_client_t *client = calloc(1, sizeof(epoll_client_t));
	client->fd = sock;
	client->callback = &client_callback;
	client->ssl = ssl;
	if (ssl != NULL && !ssl_acceptClient(client)) {
		printf("[Proxy] SSL-Accepting client failed.\n");
		SSL_free(ssl);
		close(sock);
		free(client);
		return;
	}
	ePoll_add(EPOLLIN | EPOLLOUT | EPOLLET | EPOLLRDHUP, (epoll_item_t*)client);
}

static int loadConfig_handler(void *stuff, const char *section, const char *key, const char *value)
{
	if (strcmp(section, "local") == 0) {
		if (strcmp(key, "port") == 0) {
			localPort = atoi(value);
		} else if (strcmp(key, "cert") == 0) {
			certFile = strdup(value);
		} else if (strcmp(key, "privkey") == 0) {
			keyFile = strdup(value);
		} else if (strcmp(key, "debug") == 0) {
			_debugLevel = atoi(value);
		} else {
			printf("Unknown local config option '%s'\n", key);
		}
	} else {
		if (strcmp(key, "binddn") == 0) {
			server_setBind(section, value);
		} else if (strcmp(key, "bindpw") == 0) {
			server_setPassword(section, value);
		} else if (strcmp(key, "base") == 0) {
			server_setBase(section, value);
		} else if (strcmp(key, "home") == 0) {
			if (value[0] != '\0') server_setHomeTemplate(section, value);
		} else if (strcmp(key, "homeattr") == 0) {
			if (value[0] != '\0') server_setHomeAttribute(section, value);
		} else if (strcmp(key, "fingerprint") == 0) {
			if (value[0] != '\0') server_setFingerprint(section, value);
		} else if (strcmp(key, "cabundle") == 0) {
			if (value[0] != '\0') server_setCaBundle(section, value);
		} else if (strcmp(key, "port") == 0) {
			server_setPort(section, value);
		} else if (strcmp(key, "plainldap") == 0) {
			server_setPlainLdap(section, value);
		} else if (strncmp(key, "map.", 4) == 0) {
			server_setMap(section, key+4, value);
		} else {
			printf("Unknown ADS config option '%s' for server '%s'\n", key, section);
		}
	}
	return 1;
}

static BOOL loadConfig(char *file)
{
	return ini_parse(file, &loadConfig_handler, NULL) >= 0;
}
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-11-21 17:03:12 +0100