The FreeRADIUS server  $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
conf.c
Go to the documentation of this file.
1 /*
2  * This program is free software; you can redistribute it and/or modify
3  * it under the terms of the GNU General Public License as published by
4  * the Free Software Foundation; either version 2 of the License, or
5  * (at your option) any later version.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15  */
16 
17 /**
18  * $Id: 51c617111b779c31a41609a5fe9c7aa32ba7d039 $
19  *
20  * @file ldap/conf.c
21  * @brief Configuration parsing for LDAP server connections.
22  *
23  * @copyright 2022 The FreeRADIUS server project
24  */
25 RCSID("$Id: 51c617111b779c31a41609a5fe9c7aa32ba7d039 $")
26 
27 #include <freeradius-devel/ldap/base.h>
28 #include <freeradius-devel/ldap/conf.h>
29 
30 conf_parser_t const fr_ldap_sasl_mech_static[] = {
31  { FR_CONF_OFFSET_FLAGS("mech", CONF_FLAG_NOT_EMPTY, fr_ldap_sasl_t, mech) },
32  { FR_CONF_OFFSET("proxy", fr_ldap_sasl_t, proxy) },
33  { FR_CONF_OFFSET("realm", fr_ldap_sasl_t, realm) },
34  CONF_PARSER_TERMINATOR
35 };
36 
37 /*
38  * TLS Configuration
39  */
40 conf_parser_t const fr_ldap_tls_config[] = {
41  /*
42  * Deprecated attributes
43  */
44  { FR_CONF_OFFSET_FLAGS("ca_file", CONF_FLAG_FILE_INPUT, fr_ldap_config_t, tls_ca_file) },
45 
46  { FR_CONF_OFFSET_FLAGS("ca_path", CONF_FLAG_FILE_INPUT, fr_ldap_config_t, tls_ca_path) },
47 
48  { FR_CONF_OFFSET_FLAGS("certificate_file", CONF_FLAG_FILE_INPUT, fr_ldap_config_t, tls_certificate_file) },
49 
50  { FR_CONF_OFFSET_FLAGS("private_key_file", CONF_FLAG_FILE_INPUT, fr_ldap_config_t, tls_private_key_file) },
51 
52  /*
53  * LDAP Specific TLS attributes
54  */
55  { FR_CONF_OFFSET("start_tls", fr_ldap_config_t, start_tls), .dflt = "no" },
56 
57  { FR_CONF_OFFSET("require_cert", fr_ldap_config_t, tls_require_cert_str) },
58 
59  { FR_CONF_OFFSET("tls_min_version", fr_ldap_config_t, tls_min_version_str) },
60 
61  CONF_PARSER_TERMINATOR
62 };
63 
64 /*
65  * Various options that don't belong in the main configuration.
66  *
67  * Note that these overlap a bit with the connection pool code!
68  */
69 conf_parser_t const fr_ldap_option_config[] = {
70  /*
71  * Pool config items
72  */
73  { FR_CONF_OFFSET("chase_referrals", fr_ldap_config_t, chase_referrals) },
74 
75  { FR_CONF_OFFSET("use_referral_credentials", fr_ldap_config_t, use_referral_credentials), .dflt = "no" },
76 
77  { FR_CONF_OFFSET("referral_depth", fr_ldap_config_t, referral_depth), .dflt = "5" },
78 
79  { FR_CONF_OFFSET("rebind", fr_ldap_config_t, rebind) },
80 
81  { FR_CONF_OFFSET("sasl_secprops", fr_ldap_config_t, sasl_secprops) },
82 
83  /*
84  * We use this config option to populate libldap's LDAP_OPT_NETWORK_TIMEOUT -
85  * timeout on network activity - specifically libldap's initial call to "connect"
86  * Must be non-zero for async connections to start correctly.
87  */
88  { FR_CONF_OFFSET("net_timeout", fr_ldap_config_t, net_timeout), .dflt = "10" },
89 
90  { FR_CONF_OFFSET("idle", fr_ldap_config_t, keepalive_idle), .dflt = "60" },
91 
92  { FR_CONF_OFFSET("probes", fr_ldap_config_t, keepalive_probes), .dflt = "3" },
93 
94  { FR_CONF_OFFSET("interval", fr_ldap_config_t, keepalive_interval), .dflt = "30" },
95 
96  { FR_CONF_OFFSET("dereference", fr_ldap_config_t, dereference_str) },
97 
98  /* allow server unlimited time for search (server-side limit) */
99  { FR_CONF_OFFSET("srv_timelimit", fr_ldap_config_t, srv_timelimit), .dflt = "20" },
100 
101  /*
102  * Instance config items
103  */
104  /* timeout for search results */
105  { FR_CONF_OFFSET("res_timeout", fr_ldap_config_t, res_timeout), .dflt = "20" },
106 
107  { FR_CONF_OFFSET("idle_timeout", fr_ldap_config_t, idle_timeout), .dflt = "300" },
108 
109  { FR_CONF_OFFSET("reconnection_delay", fr_ldap_config_t, reconnection_delay), .dflt = "10" },
110 
111  CONF_PARSER_TERMINATOR
112 };
RCSID
#define RCSID(id)
Definition: build.h:444
CONF_PARSER_TERMINATOR
#define CONF_PARSER_TERMINATOR
Definition: cf_parse.h:626
FR_CONF_OFFSET
#define FR_CONF_OFFSET(_name, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition: cf_parse.h:268
FR_CONF_OFFSET_FLAGS
#define FR_CONF_OFFSET_FLAGS(_name, _flags, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition: cf_parse.h:256
CONF_FLAG_FILE_INPUT
@ CONF_FLAG_FILE_INPUT
File matching value must exist, and must be readable.
Definition: cf_parse.h:412
CONF_FLAG_NOT_EMPTY
@ CONF_FLAG_NOT_EMPTY
CONF_PAIR is required to have a non zero length value.
Definition: cf_parse.h:421
conf_parser_s
Defines a CONF_PAIR to C data type mapping.
Definition: cf_parse.h:563
fr_ldap_config_t
Connection configuration.
Definition: base.h:219
fr_ldap_sasl_t
Definition: base.h:128
fr_ldap_sasl_mech_static
conf_parser_t const fr_ldap_sasl_mech_static[]
Definition: conf.c:30
fr_ldap_option_config
conf_parser_t const fr_ldap_option_config[]
Definition: conf.c:69
fr_ldap_tls_config
conf_parser_t const fr_ldap_tls_config[]
Definition: conf.c:40
Generated by   doxygen 1.9.1