summaryrefslogtreecommitdiffstats
path: root/types.h
blob: 19477fb28b4a400b6dcc08157787c1e1fd703d38 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
#ifndef _TYPES_H_
#define _TYPES_H_

#include "asn1.h"
#include <stddef.h>
#include <stdint.h>
#include <time.h>
#include <openssl/ssl.h>

#define ADDRLEN 40
#define BINDLEN 250
#define PWLEN 40
#define BASELEN 250
#define SIDLEN 28
#define MOUNTLEN 100
#define FINGERPRINTLEN 20
#define MAXPATH 200

#define REQLEN 4000
#define MAXMSGLEN 100000

#define BOOL uint8_t
#define TRUE (1)
#define FALSE (0)

typedef struct _server_t_ server_t;
typedef struct _epoll_client_t_ epoll_client_t;
typedef struct _epoll_server_t_ epoll_server_t;

/**
 * General epoll struct, to be implemented by every epoll struct.
 */
typedef struct {
	void (*callback)(void *data, int haveIn, int haveOut, int doCleanup);
	int fd;
} epoll_item_t;

/**
 * epoll struct for listening sockets.
 */
typedef struct {
	void (*callback)(void *data, int haveIn, int haveOut, int doCleanup);
	int fd;
	//
	SSL_CTX *sslContext; // Listening for SSL connections, NULL otherwise
} epoll_listen_t;

/**
 * epoll struct for a client we're serving.
 */
struct _epoll_client_t_ {
	void (*callback)(void *data, int haveIn, int haveOut, int doCleanup);
	int fd;
	//
	BOOL bound; // Client did successful ldap bind
	BOOL sslAccepted; // SSL_accept done?
	BOOL kill; // Should the connection be killed?
	BOOL writeBlocked; // An SSL_write returned WANT_*, so we must not reallocate the current send buffer
	// Send buffer (me to client)
	size_t sbPos, sbFill, sbLen;
	SSL *ssl; // NULL if not encrypted
	char *sendBuffer; // Dynamically allocated, might or might not get huge
	epoll_server_t *fixedServer; // If client performed explicit bind, tie to server connection
	// Recv buffer (client's request)
	size_t rbPos;
	char readBuffer[REQLEN]; // Static, queries > 4000 bytes simply not supported
};

/**
 * epoll struct for a connection to AD.
 */
struct _epoll_server_t_ {
	void (*callback)(void *data, int haveIn, int haveOut, int doCleanup);
	int fd;
	//
	// Send buffer (me to server)
	size_t sbPos, sbFill, sbLen;
	SSL *ssl; // NULL if not encrypted
	char *sendBuffer; // Dynamically allocated, might or might not get huge
	char bindBuffer[BINDLEN]; // Used for the bind request. We need this to prevent sending any requests before the server acknowledged the bind request
	int bindLen; // Length of buffered bind request
	epoll_client_t *fixedClient; // If client performed explicit bind, this is the client belonging to this connection
	// Recv buffer (server's response)
	size_t rbPos;
	char readBuffer[MAXMSGLEN];
	BOOL bound; // Already bound to server?
	BOOL dynamic;
	BOOL sslConnected;
	BOOL kill; // Should the connection be killed?
	BOOL writeBlocked; // An SSL_write returned WANT_*, so we must not reallocate the current send buffer
	time_t lastActive;
	server_t *serverData;
};

/**
 * Struct for mapping attribute names/values
 */
typedef struct {
	struct string uid; // AD: sAMAccountName
	struct string homemount; // AD: homeDirectory
	struct string localhome; // AD: none, LDAP: homeDirectory
	struct string posixAccount; // AD: user
	struct string shadowAccount; // AD: user
	struct string uidnumber; // AD: objectSid
} attr_map_t;

/**
 * Configuration data for an ADS we're proxying.
 */
struct _server_t_ {
	size_t baseLen;
	char ip[4];
	time_t lastLookup;
	char addr[ADDRLEN];
	char bind[BINDLEN];
	char password[PWLEN];
	char base[BASELEN];
	char sid[SIDLEN];
	char homeTemplate[MOUNTLEN];
	unsigned char fingerprint[FINGERPRINTLEN];
	char cabundle[MAXPATH];
	BOOL plainLdap;
	uint16_t port;
	SSL_CTX *sslContext;
	epoll_server_t con;
	attr_map_t map;
};

#endif