#ifndef _TYPES_H_ #define _TYPES_H_ #include "asn1.h" #include #include #include #include #define ADDRLEN 40 #define BINDLEN 250 #define PWLEN 40 #define BASELEN 250 #define SIDLEN 28 #define MOUNTLEN 100 #define FINGERPRINTLEN 20 #define MAXPATH 200 #define REQLEN 4000 #define MAXMSGLEN 500000 #define BOOL uint8_t #define TRUE (1) #define FALSE (0) typedef struct _server_t_ server_t; typedef struct _epoll_client_t_ epoll_client_t; typedef struct _epoll_server_t_ epoll_server_t; /** * General epoll struct, to be implemented by every epoll struct. */ typedef struct { void (*callback)(void *data, int haveIn, int haveOut, int doCleanup); int fd; } epoll_item_t; /** * epoll struct for listening sockets. */ typedef struct { void (*callback)(void *data, int haveIn, int haveOut, int doCleanup); int fd; // SSL_CTX *sslContext; // Listening for SSL connections, NULL otherwise } epoll_listen_t; /** * epoll struct for a client we're serving. */ struct _epoll_client_t_ { void (*callback)(void *data, int haveIn, int haveOut, int doCleanup); int fd; // BOOL bound; // Client did successful ldap bind BOOL sslAccepted; // SSL_accept done? BOOL kill; // Should the connection be killed? BOOL writeBlocked; // An SSL_write returned WANT_*, so we must not reallocate the current send buffer // Send buffer (me to client) size_t sbPos, sbFill, sbLen; SSL *ssl; // NULL if not encrypted char *sendBuffer; // Dynamically allocated, might or might not get huge epoll_server_t *fixedServer; // If client performed explicit bind, tie to server connection // Recv buffer (client's request) size_t rbPos; char readBuffer[REQLEN]; // Static, queries > 4000 bytes simply not supported }; /** * epoll struct for a connection to AD. */ struct _epoll_server_t_ { void (*callback)(void *data, int haveIn, int haveOut, int doCleanup); int fd; // // Send buffer (me to server) size_t sbPos, sbFill, sbLen; SSL *ssl; // NULL if not encrypted char *sendBuffer; // Dynamically allocated, might or might not get huge char bindBuffer[BINDLEN]; // Used for the bind request. We need this to prevent sending any requests before the server acknowledged the bind request int bindLen; // Length of buffered bind request epoll_client_t *fixedClient; // If client performed explicit bind, this is the client belonging to this connection // Recv buffer (server's response) size_t rbPos; char readBuffer[MAXMSGLEN]; BOOL bound; // Already bound to server? BOOL dynamic; BOOL sslConnected; uint32_t startTlsId; // Whether STARTTLS request was already sent (>0) BOOL kill; // Should the connection be killed? BOOL writeBlocked; // An SSL_write returned WANT_*, so we must not reallocate the current send buffer time_t lastActive; server_t *serverData; }; /** * Struct for mapping attribute names/values */ typedef struct { struct string uid; // AD: sAMAccountName struct string homemount; // AD: homeDirectory struct string localhome; // AD: none, LDAP: homeDirectory struct string posixAccount; // AD: user struct string shadowAccount; // AD: user struct string uidnumber; // AD: objectSid } attr_map_t; struct hashmap; struct uidmap { const char *fileName; struct hashmap *nameToNum; struct hashmap *numToName; }; /** * Configuration data for an ADS we're proxying. */ struct _server_t_ { size_t baseLen; char ip[4]; time_t lastLookup; char addr[ADDRLEN]; char bind[BINDLEN]; char password[PWLEN]; char base[BASELEN]; char sid[SIDLEN]; char homeTemplate[MOUNTLEN]; unsigned char fingerprint[FINGERPRINTLEN]; char cabundle[MAXPATH]; BOOL plainLdap; BOOL fixNumeric; // prefix numeric account names with an 's' BOOL genUidNumber; // generate uidNumber attribute locally (and keep track) BOOL useStartTls; // Establish plain connection, then upgrade via STARTTLS uint16_t port; SSL_CTX *sslContext; epoll_server_t con; attr_map_t map; struct uidmap uidmap; }; #endif