27 RCSID(
"$Id: 9af4bde1933d9f774159825f74f98209204f5805 $")
31 #define LOG_PREFIX name
33 #include <freeradius-devel/ldap/base.h>
52 LDAPMessage *result,
char const *
name)
54 int entry_cnt, i, num, ldap_errno;
56 struct berval **values = NULL;
58 entry_cnt = ldap_count_entries(handle, result);
60 WARN(
"Capability check failed: Ambiguous result for rootDSE, expected 1 entry, got %i", entry_cnt);
64 entry = ldap_first_entry(handle, result);
66 ldap_get_option(handle, LDAP_OPT_RESULT_CODE, &ldap_errno);
68 WARN(
"Capability check failed: Failed retrieving entry: %s", ldap_err2string(ldap_errno));
72 values = ldap_get_values_len(handle, entry,
"vendorname");
77 ldap_value_free_len(values);
80 values = ldap_get_values_len(handle, entry,
"vendorversion");
85 ldap_value_free_len(values);
89 if (strcasestr(directory->
vendor_str,
"International Business Machines")) {
100 if (strcasestr(directory->
version_str,
"eDirectory")) {
105 }
else if (strcasestr(directory->
version_str,
"Oracle Unified Directory")) {
110 }
else if (strcasestr(directory->
version_str,
"UnboundID")) {
115 }
else if (strcasestr(directory->
version_str,
"Netscape-Directory")) {
120 }
else if (strcasestr(directory->
version_str,
"DirX Directory")) {
125 }
else if (strcasestr(directory->
version_str,
"Sun Java")) {
135 values = ldap_get_values_len(handle, entry,
"isGlobalCatalogReady");
138 ldap_value_free_len(values);
145 values = ldap_get_values_len(handle, entry,
"objectClass");
147 num = ldap_count_values_len(values);
148 for (i = 0; i < num; i++) {
149 if (strncmp(
"OpenLDAProotDSE", values[i]->bv_val, values[i]->bv_len) == 0) {
153 ldap_value_free_len(values);
160 values = ldap_get_values_len(handle, entry,
"orcldirectoryversion");
162 if (memmem(values[0]->bv_val, values[0]->bv_len,
"OID", 3)) {
164 }
else if (memmem(values[0]->bv_val, values[0]->bv_len,
"OVD", 3)) {
167 ldap_value_free_len(values);
173 switch (directory->
type) {
187 values = ldap_get_values_len(handle, entry,
"supportedControl");
189 num = ldap_count_values_len(values);
190 for (i = 0; i < num; i++) {
191 if (strncmp(LDAP_CONTROL_SYNC, values[i]->bv_val, values[i]->bv_len) == 0) {
192 INFO(
"Directory supports RFC 4533");
197 INFO(
"Directory supports LDAP_SERVER_NOTIFICATION_OID");
201 if (strncmp(LDAP_CONTROL_PERSIST_REQUEST, values[i]->bv_val, values[i]->bv_len) == 0) {
202 INFO(
"Directory supports persistent search");
207 ldap_value_free_len(values);
209 WARN(
"No supportedControl returned by LDAP server");
215 values = ldap_get_values_len(handle, entry,
"namingContexts");
216 if (!values)
return 0;
218 num = ldap_count_values_len(values);
219 directory->
naming_contexts = talloc_array(directory,
char const *, num);
220 for (i = 0; i < num; i++) {
223 ldap_value_free_len(values);
263 if (!treq)
return -1;
291 if (
fr_ldap_search_async(&msgid, NULL, ldap_conn,
"", LDAP_SCOPE_BASE,
"(objectclass=*)", attrs,
#define USES_APPLE_DEPRECATED_API
#define L(_str)
Helper for initialising arrays of string literals.
int fr_ldap_conn_directory_alloc_async(fr_ldap_connection_t *ldap_conn)
Async extract useful information from the rootDSE of the LDAP server.
int fr_ldap_trunk_directory_alloc_async(TALLOC_CTX *ctx, fr_ldap_thread_trunk_t *ttrunk)
Async extract useful information from the rootDSE of the LDAP server.
static fr_table_num_sorted_t const fr_ldap_directory_type_table[]
static void ldap_trunk_directory_alloc_read(LDAP *handle, fr_ldap_query_t *query, LDAPMessage *result, void *rctx)
Parse results of search on rootDSE to gather data on LDAP server.
int fr_ldap_directory_result_parse(fr_ldap_directory_t *directory, LDAP *handle, LDAPMessage *result, char const *name)
static size_t fr_ldap_directory_type_table_len
#define LDAP_DIRECTORY_ATTRS
#define LDAP_SERVER_NOTIFICATION_OID
OID of Active Directory control for.
fr_trunk_request_t * treq
Trunk request this query is associated with.
@ FR_LDAP_DIRECTORY_ORACLE_UNIFIED_DIRECTORY
Directory server is Oracle Unified Directory.
@ FR_LDAP_DIRECTORY_UNKNOWN
We can't determine the directory server.
@ FR_LDAP_DIRECTORY_NETSCAPE
Directory server is Netscape.
@ FR_LDAP_DIRECTORY_EDIRECTORY
Directory server is eDir.
@ FR_LDAP_DIRECTORY_ORACLE_INTERNET_DIRECTORY
Directory server is Oracle Internet Directory.
@ FR_LDAP_DIRECTORY_UNBOUND_ID
Directory server is Unbound ID.
@ FR_LDAP_DIRECTORY_SIEMENS_AG
Directory server is Siemens AG.
@ FR_LDAP_DIRECTORY_ORACLE_VIRTUAL_DIRECTORY
Directory server is Oracle Virtual Directory.
@ FR_LDAP_DIRECTORY_ACTIVE_DIRECTORY
Directory server is Active Directory.
@ FR_LDAP_DIRECTORY_OPENLDAP
Directory server is OpenLDAP.
@ FR_LDAP_DIRECTORY_SUN_ONE_DIRECTORY
Directory server is Sun One Directory.
@ FR_LDAP_DIRECTORY_IBM
Directory server is IBM.
fr_ldap_sync_type_t sync_type
What kind of LDAP sync this directory supports.
fr_ldap_result_parser_t parser
Custom results parser.
fr_ldap_directory_t * directory
The type of directory we're connected to.
fr_ldap_config_t const * config
rlm_ldap connection configuration.
char * fr_ldap_berval_to_string(TALLOC_CTX *ctx, struct berval const *in)
Convert a berval to a talloced string.
char const * vendor_str
As returned from the vendorName attribute in the rootDSE.
fr_ldap_connection_t * ldap_conn
LDAP connection this query is running on.
bool cleartext_password
Whether the server will return the user's plaintext password.
@ FR_LDAP_SYNC_ACTIVE_DIRECTORY
Directory supports AD style persistent search.
@ FR_LDAP_SYNC_PERSISTENT_SEARCH
Directory supports persistent search.
@ FR_LDAP_SYNC_RFC4533
Directory supports RFC 4533.
fr_ldap_directory_t * directory
The type of directory we're connected to.
fr_trunk_t * trunk
Connection trunk.
char const * version_str
As returned from the vendorVersion attribute in the rootDSE.
char const ** naming_contexts
Databases served by this directory.
fr_ldap_directory_type_t type
Canonical server implementation.
@ LDAP_PROC_SUCCESS
Operation was successful.
Connection configuration.
Tracks the state of a libldap connection handle.
Thread LDAP trunk structure.
fr_ldap_rcode_t fr_ldap_search_async(int *msgid, request_t *request, fr_ldap_connection_t *pconn, char const *dn, int scope, char const *filter, char const *const *attrs, LDAPControl **serverctrls, LDAPControl **clientctrls)
Search for something in the LDAP directory.
fr_ldap_query_t * fr_ldap_search_alloc(TALLOC_CTX *ctx, char const *base_dn, int scope, char const *filter, char const *const *attrs, LDAPControl **serverctrls, LDAPControl **clientctrls)
Allocate a new search object.
static const conf_parser_t config[]
#define fr_table_str_by_value(_table, _number, _def)
Convert an integer to a string.
An element in a lexicographically sorted array of name to num mappings.
fr_trunk_request_t * fr_trunk_request_alloc(fr_trunk_t *trunk, request_t *request)
(Pre-)Allocate a new trunk request
fr_trunk_enqueue_t fr_trunk_request_enqueue(fr_trunk_request_t **treq_out, fr_trunk_t *trunk, request_t *request, void *preq, void *rctx)
Enqueue a request that needs data written to the trunk.