The FreeRADIUS server  $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Data Structures | Macros | Functions | Variables
base.c File Reference

LDAP module library functions. More...

#include <freeradius-devel/util/debug.h>
#include <freeradius-devel/server/base.h>
#include <freeradius-devel/ldap/base.h>
#include <freeradius-devel/unlang/function.h>
+ Include dependency graph for base.c:

Go to the source code of this file.

Data Structures

struct  sync_ldap_query_t
 

Macros

#define do_ldap_global_option(_option, _name, _value)
 
#define LOG_PREFIX   handle_config->name
 
#define maybe_ldap_global_option(_option, _name, _value)    if (_value) do_ldap_global_option(_option, _name, _value)
 
#define SET_LDAP_CTRLS(_dest, _src)
 

Functions

static int _ldap_handle_thread_local_free (void *handle)
 
static int _ldap_query_free (fr_ldap_query_t *query)
 Free any libldap structures when an fr_ldap_query_t is freed. More...
 
fr_ldap_rcode_t fr_ldap_delete_async (int *msgid, request_t *request, fr_ldap_connection_t *pconn, char const *dn, LDAPControl **serverctrls, LDAPControl **clientctrls)
 Modify something in the LDAP directory. More...
 
fr_ldap_rcode_t fr_ldap_error_check (LDAPControl ***ctrls, fr_ldap_connection_t const *conn, LDAPMessage *msg, char const *dn)
 Perform basic parsing of multiple types of messages, checking for error conditions. More...
 
char const * fr_ldap_error_str (fr_ldap_connection_t const *conn)
 Return the error string associated with a handle. More...
 
fr_ldap_query_tfr_ldap_extended_alloc (TALLOC_CTX *ctx, char const *reqoid, struct berval *reqdata, LDAPControl **serverctrls, LDAPControl **clientctrls)
 Allocate a new LDAP extended operations object. More...
 
fr_ldap_rcode_t fr_ldap_extended_async (int *msgid, request_t *request, fr_ldap_connection_t *pconn, char const *reqoid, struct berval *reqdata)
 Initiate an LDAP extended operation. More...
 
int fr_ldap_global_config (int debug_level, char const *tls_random_file)
 Change settings global to libldap. More...
 
LDAP * fr_ldap_handle_thread_local (void)
 Get a thread local dummy LDAP handle. More...
 
int fr_ldap_init (void)
 Initialise libldap and check library versions. More...
 
fr_ldap_query_tfr_ldap_modify_alloc (TALLOC_CTX *ctx, char const *dn, LDAPMod *mods[], LDAPControl **serverctrls, LDAPControl **clientctrls)
 Allocate a new LDAP modify object. More...
 
fr_ldap_rcode_t fr_ldap_modify_async (int *msgid, request_t *request, fr_ldap_connection_t *pconn, char const *dn, LDAPMod *mods[], LDAPControl **serverctrls, LDAPControl **clientctrls)
 Modify something in the LDAP directory. More...
 
fr_ldap_rcode_t fr_ldap_result (LDAPMessage **result, LDAPControl ***ctrls, fr_ldap_connection_t const *conn, int msgid, int all, char const *dn, fr_time_delta_t timeout)
 Parse response from LDAP server dealing with any errors. More...
 
fr_ldap_query_tfr_ldap_search_alloc (TALLOC_CTX *ctx, char const *base_dn, int scope, char const *filter, char const *const *attrs, LDAPControl **serverctrls, LDAPControl **clientctrls)
 Allocate a new search object. More...
 
fr_ldap_rcode_t fr_ldap_search_async (int *msgid, request_t *request, fr_ldap_connection_t *pconn, char const *dn, int scope, char const *filter, char const *const *attrs, LDAPControl **serverctrls, LDAPControl **clientctrls)
 Search for something in the LDAP directory. More...
 
void fr_ldap_timeout_debug (request_t *request, fr_ldap_connection_t const *conn, fr_time_delta_t timeout, char const *prefix)
 Prints information to the debug log on the current timeout settings. More...
 
unlang_action_t fr_ldap_trunk_extended (TALLOC_CTX *ctx, fr_ldap_query_t **out, request_t *request, fr_ldap_thread_trunk_t *ttrunk, char const *reqoid, struct berval *reqdata, LDAPControl **serverctrls, LDAPControl **clientctrls)
 Run an async LDAP "extended operation" query on a trunk connection. More...
 
unlang_action_t fr_ldap_trunk_modify (TALLOC_CTX *ctx, fr_ldap_query_t **out, request_t *request, fr_ldap_thread_trunk_t *ttrunk, char const *dn, LDAPMod *mods[], LDAPControl **serverctrls, LDAPControl **clientctrls)
 Run an async modification LDAP query on a trunk connection. More...
 
unlang_action_t fr_ldap_trunk_search (TALLOC_CTX *ctx, fr_ldap_query_t **out, request_t *request, fr_ldap_thread_trunk_t *ttrunk, char const *base_dn, int scope, char const *filter, char const *const *attrs, LDAPControl **serverctrls, LDAPControl **clientctrls)
 Run an async search LDAP query on a trunk connection. More...
 
static fr_ldap_query_tldap_query_alloc (TALLOC_CTX *ctx, fr_ldap_request_type_t type)
 Allocate an fr_ldap_query_t, setting the talloc destructor. More...
 
static void ldap_trunk_query_cancel (UNUSED request_t *request, UNUSED fr_signal_t action, void *uctx)
 Signal an LDAP query running on a trunk connection to cancel. More...
 
static unlang_action_t ldap_trunk_query_results (rlm_rcode_t *p_result, UNUSED int *priority, request_t *request, void *uctx)
 Handle the return code from parsed LDAP results to set the module rcode. More...
 
static void ldap_trunk_search_results_debug (request_t *request, fr_ldap_query_t *query)
 
static void libldap_free (void)
 Free any global libldap resources. More...
 
static int libldap_init (void)
 Initialise libldap library and set global options. More...
 

Variables

fr_table_num_sorted_t const fr_ldap_connection_states []
 
size_t fr_ldap_connection_states_len = NUM_ELEMENTS(fr_ldap_connection_states)
 
fr_table_num_sorted_t const fr_ldap_dereference []
 
size_t fr_ldap_dereference_len = NUM_ELEMENTS(fr_ldap_dereference)
 
fr_table_num_sorted_t const fr_ldap_scope []
 
size_t fr_ldap_scope_len = NUM_ELEMENTS(fr_ldap_scope)
 
fr_table_num_sorted_t const fr_ldap_supported_extensions []
 
size_t fr_ldap_supported_extensions_len = NUM_ELEMENTS(fr_ldap_supported_extensions)
 
fr_table_num_sorted_t const fr_ldap_tls_require_cert []
 
size_t fr_ldap_tls_require_cert_len = NUM_ELEMENTS(fr_ldap_tls_require_cert)
 
global_lib_autoinst_t fr_libldap_global_config
 
static conf_parser_t const ldap_global_config []
 
LDAP * ldap_global_handle
 Hack for OpenLDAP libldap global initialisation. More...
 
static fr_ldap_config_t ldap_global_handle_config
 Used to set the global log prefix for functions which don't operate on connections. More...
 
static _Thread_local LDAP * ldap_thread_local_handle
 Hack for functions which require an ldap handle. More...
 
static fr_libldap_global_config_t libldap_global_config
 

Detailed Description

LDAP module library functions.

Id
39cd3e5bfe3aaf72e7b41bb62a33a46e531a9a80
Author
Arran Cudbard-Bell (a.cud.nosp@m.bard.nosp@m.b@fre.nosp@m.erad.nosp@m.ius.o.nosp@m.rg)
Copyright
2015 Arran Cudbard-Bell (a.cud.nosp@m.bard.nosp@m.b@fre.nosp@m.erad.nosp@m.ius.o.nosp@m.rg)
2013-2015 Network RADIUS SAS (legal.nosp@m.@net.nosp@m.workr.nosp@m.adiu.nosp@m.s.com)
2013-2015 The FreeRADIUS Server Project.

Definition in file base.c.

Data Structure Documentation

◆ sync_ldap_query_t

struct sync_ldap_query_t

Definition at line 142 of file base.c.

+ Collaboration diagram for sync_ldap_query_t:
Data Fields
fr_ldap_query_t * query
LDAPMessage ** result

Macro Definition Documentation

◆ do_ldap_global_option

#define do_ldap_global_option (   _option,
  _name,
  _value 
)
Value:
if (ldap_set_option(NULL, _option, _value) != LDAP_OPT_SUCCESS) do { \
int _ldap_errno; \
ldap_get_option(NULL, LDAP_OPT_RESULT_CODE, &_ldap_errno); \
ERROR("Failed setting global option %s: %s", _name, \
(_ldap_errno != LDAP_SUCCESS) ? ldap_err2string(_ldap_errno) : "Unknown error"); \
return -1;\
} while (0)

◆ LOG_PREFIX

#define LOG_PREFIX   handle_config->name

Definition at line 33 of file base.c.

◆ maybe_ldap_global_option

#define maybe_ldap_global_option (   _option,
  _name,
  _value 
)     if (_value) do_ldap_global_option(_option, _name, _value)

◆ SET_LDAP_CTRLS

#define SET_LDAP_CTRLS (   _dest,
  _src 
)
Value:
do { \
int i; \
if (!_src) break; \
for (i = 0; i < LDAP_MAX_CONTROLS; i++) { \
if (!(_src[i])) break; \
_dest[i].control = _src[i]; \
} \
} while (0)
LDAP_MAX_CONTROLS
#define LDAP_MAX_CONTROLS
Maximum number of client/server controls.
Definition: base.h:94

Definition at line 682 of file base.c.

Function Documentation

◆ _ldap_handle_thread_local_free()

static int _ldap_handle_thread_local_free ( void *  handle)
static

Definition at line 1089 of file base.c.

+ Here is the caller graph for this function:

◆ _ldap_query_free()

static int _ldap_query_free ( fr_ldap_query_t query)
static

Free any libldap structures when an fr_ldap_query_t is freed.

It is also possible that the connection used for this query is now closed, in that instance we free it here.

Definition at line 943 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ fr_ldap_delete_async()

fr_ldap_rcode_t fr_ldap_delete_async ( int *  msgid,
request_t request,
fr_ldap_connection_t pconn,
char const *  dn,
LDAPControl **  serverctrls,
LDAPControl **  clientctrls 
)

Modify something in the LDAP directory.

Used on connections bound as the administrative user to attempt to modify an LDAP object. Called by the trunk mux function

Parameters
[out]msgidLDAP message ID.
[in]requestCurrent request.
[in]pconnto use.
[in]dnof the object to delete.
[in]serverctrlsSearch controls to pass to the server. May be NULL.
[in]clientctrlsSearch controls for ldap_delete. May be NULL.
Returns
One of the LDAP_PROC_* (fr_ldap_rcode_t) values.

Definition at line 840 of file base.c.

+ Here is the call graph for this function:

◆ fr_ldap_error_check()

fr_ldap_rcode_t fr_ldap_error_check ( LDAPControl ***  ctrls,
fr_ldap_connection_t const *  conn,
LDAPMessage *  msg,
char const *  dn 
)

Perform basic parsing of multiple types of messages, checking for error conditions.

Note
Error messages should be retrieved with fr_strerror() and fr_strerror_pop()
Parameters
[out]ctrlsServer ctrls returned to the client. May be NULL if not required. Must be freed with ldap_free_ctrls.
[in]connthe message was received on.
[in]msgwe're parsing.
[in]dnif processing the result from a search request.
Returns
One of the LDAP_PROC_* (fr_ldap_rcode_t) values.

Definition at line 232 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ fr_ldap_error_str()

char const* fr_ldap_error_str ( fr_ldap_connection_t const *  conn)

Return the error string associated with a handle.

Parameters
connto retrieve error from.
Returns
error string.

Definition at line 210 of file base.c.

◆ fr_ldap_extended_alloc()

fr_ldap_query_t* fr_ldap_extended_alloc ( TALLOC_CTX *  ctx,
char const *  reqoid,
struct berval *  reqdata,
LDAPControl **  serverctrls,
LDAPControl **  clientctrls 
)

Allocate a new LDAP extended operations object.

Parameters
[in]ctxto allocate the query in.
[in]reqoidOID of extended operation to perform.
[in]reqdataRequest data to send.
[in]serverctrlsControls to pass to the server. May be NULL.
[in]clientctrlsClient controls. May be NULL.
Returns
LDAP query object

Definition at line 1075 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ fr_ldap_extended_async()

fr_ldap_rcode_t fr_ldap_extended_async ( int *  msgid,
request_t request,
fr_ldap_connection_t pconn,
char const *  reqoid,
struct berval *  reqdata 
)

Initiate an LDAP extended operation.

Called by the trunk mux function

Parameters
[out]msgidLDAP message ID.
[in]requestCurrent request.
[in]pconnto use.
[in]reqoidOID of extended operation to perform.
[in]reqdataData required for the request.
Returns
One of the LDAP_PROC_* (fr_ldap_rcode_t) values.

Definition at line 924 of file base.c.

+ Here is the call graph for this function:

◆ fr_ldap_global_config()

int fr_ldap_global_config ( int  debug_level,
char const *  tls_random_file 
)

Change settings global to libldap.

May only be called once. Subsequent calls will be ignored.

Parameters
[in]debug_levelto enable in libldap.
[in]tls_random_fileWhere OpenSSL gets its randomness.

Definition at line 1125 of file base.c.

+ Here is the caller graph for this function:

◆ fr_ldap_handle_thread_local()

LDAP* fr_ldap_handle_thread_local ( void  )

Get a thread local dummy LDAP handle.

Many functions in the OpenLDAP API don't actually use the handle for anything other than writing out error codes.

This is true for most of the LDAP extensions API functions.

This gives us a reusable handle that was can pass to those functions when we don't already have one available.

Definition at line 1105 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ fr_ldap_init()

int fr_ldap_init ( void  )

Initialise libldap and check library versions.

Returns
  • 0 on success.
  • -1 on failure.

Definition at line 1164 of file base.c.

+ Here is the caller graph for this function:

◆ fr_ldap_modify_alloc()

fr_ldap_query_t* fr_ldap_modify_alloc ( TALLOC_CTX *  ctx,
char const *  dn,
LDAPMod *  mods[],
LDAPControl **  serverctrls,
LDAPControl **  clientctrls 
)

Allocate a new LDAP modify object.

Parameters
[in]ctxto allocate the query in.
[in]dnof the object to modify.
[in]modsto apply to the object.
[in]serverctrlsControls to pass to the server. May be NULL.
[in]clientctrlsClient controls. May be NULL.
Returns
LDAP query object

Definition at line 1052 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ fr_ldap_modify_async()

fr_ldap_rcode_t fr_ldap_modify_async ( int *  msgid,
request_t request,
fr_ldap_connection_t pconn,
char const *  dn,
LDAPMod *  mods[],
LDAPControl **  serverctrls,
LDAPControl **  clientctrls 
)

Modify something in the LDAP directory.

Used on connections bound as the administrative user to attempt to modify an LDAP object. Called by the trunk mux function

Parameters
[out]msgidLDAP message ID.
[in]requestCurrent request.
[in]pconnto use.
[in]dnof the object to modify.
[in]modsto make, see 'man ldap_modify' for more information.
[in]serverctrlsSearch controls to pass to the server. May be NULL.
[in]clientctrlsSearch controls for ldap_modify. May be NULL.
Returns
One of the LDAP_PROC_* (fr_ldap_rcode_t) values.

Definition at line 800 of file base.c.

+ Here is the call graph for this function:

◆ fr_ldap_result()

fr_ldap_rcode_t fr_ldap_result ( LDAPMessage **  result,
LDAPControl ***  ctrls,
fr_ldap_connection_t const *  conn,
int  msgid,
int  all,
char const *  dn,
fr_time_delta_t  timeout 
)

Parse response from LDAP server dealing with any errors.

Should be called after an LDAP operation. Will check result of operation and if it was successful, then attempt to retrieve and parse the result. Will also produce extended error output including any messages the server sent, and information about partial DN matches.

Note
Error messages should be retrieved with fr_strerror() and fr_strerror_pop()
Parameters
[out]resultWhere to write result, if NULL result will be freed. If not NULL caller must free with ldap_msgfree().
[out]ctrlsServer ctrls returned to the client. May be NULL if not required. Must be freed with ldap_free_ctrls.
[in]connCurrent connection.
[in]msgidreturned from last operation. Special values are:
  • LDAP_RES_ANY - Retrieve any received messages useful for multiplexing.
    • LDAP_RES_UNSOLICITED - Any unsolicited message.
[in]allHow many messages to retrieve:
  • LDAP_MSG_ONE - Retrieve the first message matching msgid (waiting if one is not available).
  • LDAP_MSG_ALL - Retrieve all received messages matching msgid (waiting if none are available).
  • LDAP_MSG_RECEIVED - Retrieve all received messages.
[in]dnLast search or bind DN. May be NULL.
[in]timeoutOverride the default result timeout.
Returns
One of the LDAP_PROC_* (fr_ldap_rcode_t) values.

Definition at line 449 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ fr_ldap_search_alloc()

fr_ldap_query_t* fr_ldap_search_alloc ( TALLOC_CTX *  ctx,
char const *  base_dn,
int  scope,
char const *  filter,
char const *const *  attrs,
LDAPControl **  serverctrls,
LDAPControl **  clientctrls 
)

Allocate a new search object.

Parameters
[in]ctxto allocate query in.
[in]base_dnfor the search.
[in]scopeof the search.
[in]filterfor the search
[in]attrsto request.
[in]serverctrlsSearch controls to pass to the server. May be NULL.
[in]clientctrlsClient controls. May be NULL.

Definition at line 1026 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ fr_ldap_search_async()

fr_ldap_rcode_t fr_ldap_search_async ( int *  msgid,
request_t request,
fr_ldap_connection_t pconn,
char const *  dn,
int  scope,
char const *  filter,
char const *const *  attrs,
LDAPControl **  serverctrls,
LDAPControl **  clientctrls 
)

Search for something in the LDAP directory.

Performs an LDAP search, typically on a connection bound as the administrative user, dealing with any errors. Called from the trunk mux function and elsewhere where appropriate event handlers have been set on the connection fd.

Parameters
[out]msgidto match response to request.
[in]requestCurrent request.
[in]pconnto use.
[in]dnto use as base for the search.
[in]scopeto use (LDAP_SCOPE_BASE, LDAP_SCOPE_ONE, LDAP_SCOPE_SUB).
[in]filterto use, should be pre-escaped.
[in]attrsto retrieve.
[in]serverctrlsSearch controls to pass to the server. May be NULL.
[in]clientctrlsSearch controls for ldap_search. May be NULL.
Returns
One of the LDAP_PROC_* (fr_ldap_rcode_t) values.

Definition at line 528 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ fr_ldap_timeout_debug()

void fr_ldap_timeout_debug ( request_t request,
fr_ldap_connection_t const *  conn,
fr_time_delta_t  timeout,
char const *  prefix 
)

Prints information to the debug log on the current timeout settings.

There are so many different timers in LDAP it's often hard to debug issues with them, hence the need for this function.

Definition at line 152 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ fr_ldap_trunk_extended()

unlang_action_t fr_ldap_trunk_extended ( TALLOC_CTX *  ctx,
fr_ldap_query_t **  out,
request_t request,
fr_ldap_thread_trunk_t ttrunk,
char const *  reqoid,
struct berval *  reqdata,
LDAPControl **  serverctrls,
LDAPControl **  clientctrls 
)

Run an async LDAP "extended operation" query on a trunk connection.

Parameters
[in]ctxto allocate the query in.
[out]outthat has been allocated.
[in]requestthis query relates to.
[in]ttrunkto submit the query to.
[in]reqoidOID of extended operation.
[in]reqdataRequest data to send.
[in]serverctrlsspecific to this query.
[in]clientctrlsspecific to this query.
Returns
  • UNLANG_ACTION_FAIL on error.
  • UNLANG_ACTION_PUSHED_CHILD on success.

Definition at line 881 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ fr_ldap_trunk_modify()

unlang_action_t fr_ldap_trunk_modify ( TALLOC_CTX *  ctx,
fr_ldap_query_t **  out,
request_t request,
fr_ldap_thread_trunk_t ttrunk,
char const *  dn,
LDAPMod *  mods[],
LDAPControl **  serverctrls,
LDAPControl **  clientctrls 
)

Run an async modification LDAP query on a trunk connection.

Parameters
[in]ctxto allocate the query in.
[out]outthat has been allocated.
[in]requestthis query relates to.
[in]ttrunkto submit the query to.
[in]dnof the object being modified.
[in]modsto be performed.
[in]serverctrlsspecific to this query.
[in]clientctrlsspecific to this query.
Returns
  • UNLANG_ACTION_FAIL on error.
  • UNLANG_ACTION_PUSHED_CHILD on success.

Definition at line 754 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ fr_ldap_trunk_search()

unlang_action_t fr_ldap_trunk_search ( TALLOC_CTX *  ctx,
fr_ldap_query_t **  out,
request_t request,
fr_ldap_thread_trunk_t ttrunk,
char const *  base_dn,
int  scope,
char const *  filter,
char const *const *  attrs,
LDAPControl **  serverctrls,
LDAPControl **  clientctrls 
)

Run an async search LDAP query on a trunk connection.

Parameters
[in]ctxto allocate the query in.
[out]outthat has been allocated.
[in]requestthis query relates to.
[in]ttrunkto submit the query to.
[in]base_dnfor the search.
[in]scopeof the search.
[in]filterfor the search.
[in]attrsto be returned.
[in]serverctrlsspecific to this query.
[in]clientctrlsspecific to this query.
Returns
  • UNLANG_ACTION_FAIL on error.
  • UNLANG_ACTION_PUSHED_CHILD on success.

Definition at line 708 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ldap_query_alloc()

static fr_ldap_query_t* ldap_query_alloc ( TALLOC_CTX *  ctx,
fr_ldap_request_type_t  type 
)
inlinestatic

Allocate an fr_ldap_query_t, setting the talloc destructor.

Definition at line 1003 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ldap_trunk_query_cancel()

static void ldap_trunk_query_cancel ( UNUSED request_t request,
UNUSED fr_signal_t  action,
void *  uctx 
)
static

Signal an LDAP query running on a trunk connection to cancel.

Definition at line 642 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ldap_trunk_query_results()

static unlang_action_t ldap_trunk_query_results ( rlm_rcode_t p_result,
UNUSED int *  priority,
request_t request,
void *  uctx 
)
static

Handle the return code from parsed LDAP results to set the module rcode.

Definition at line 616 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ldap_trunk_search_results_debug()

static void ldap_trunk_search_results_debug ( request_t request,
fr_ldap_query_t query 
)
static

Definition at line 575 of file base.c.

+ Here is the caller graph for this function:

◆ libldap_free()

static void libldap_free ( void  )
static

Free any global libldap resources.

Definition at line 121 of file base.c.

◆ libldap_init()

static int libldap_init ( void  )
static

Initialise libldap library and set global options.

Used as a callback from global library initialisation.

Definition at line 109 of file base.c.

+ Here is the call graph for this function:

Variable Documentation

◆ fr_ldap_connection_states

fr_table_num_sorted_t const fr_ldap_connection_states[]
Initial value:
= {
{ L("bind"), FR_LDAP_STATE_BIND },
{ L("error"), FR_LDAP_STATE_ERROR },
{ L("init"), FR_LDAP_STATE_INIT },
{ L("run"), FR_LDAP_STATE_RUN },
{ L("start-tls"), FR_LDAP_STATE_START_TLS }
}
L
#define L(_str)
Helper for initialising arrays of string literals.
Definition: build.h:207
FR_LDAP_STATE_ERROR
@ FR_LDAP_STATE_ERROR
Connection is in an error state.
Definition: base.h:172
FR_LDAP_STATE_BIND
@ FR_LDAP_STATE_BIND
Connection is being bound.
Definition: base.h:170
FR_LDAP_STATE_START_TLS
@ FR_LDAP_STATE_START_TLS
TLS is being negotiated.
Definition: base.h:169
FR_LDAP_STATE_RUN
@ FR_LDAP_STATE_RUN
Connection is muxing/demuxing requests.
Definition: base.h:171
FR_LDAP_STATE_INIT
@ FR_LDAP_STATE_INIT
Connection uninitialised.
Definition: base.h:168

Definition at line 51 of file base.c.

◆ fr_ldap_connection_states_len

size_t fr_ldap_connection_states_len = NUM_ELEMENTS(fr_ldap_connection_states)

Definition at line 58 of file base.c.

◆ fr_ldap_dereference

fr_table_num_sorted_t const fr_ldap_dereference[]
Initial value:
= {
{ L("always"), LDAP_DEREF_ALWAYS },
{ L("finding"), LDAP_DEREF_FINDING },
{ L("never"), LDAP_DEREF_NEVER },
{ L("searching"), LDAP_DEREF_SEARCHING }
}

Definition at line 86 of file base.c.

◆ fr_ldap_dereference_len

size_t fr_ldap_dereference_len = NUM_ELEMENTS(fr_ldap_dereference)

Definition at line 92 of file base.c.

◆ fr_ldap_scope

fr_table_num_sorted_t const fr_ldap_scope[]
Initial value:
= {
{ L("base"), LDAP_SCOPE_BASE },
{ L("children"), LDAP_SCOPE_CHILDREN },
{ L("one"), LDAP_SCOPE_ONE },
{ L("sub"), LDAP_SCOPE_SUB }
}

Definition at line 69 of file base.c.

◆ fr_ldap_scope_len

size_t fr_ldap_scope_len = NUM_ELEMENTS(fr_ldap_scope)

Definition at line 75 of file base.c.

◆ fr_ldap_supported_extensions

fr_table_num_sorted_t const fr_ldap_supported_extensions[]
Initial value:
= {
{ L("bindname"), LDAP_EXT_BINDNAME },
{ L("x-bindpw"), LDAP_EXT_BINDPW }
}
LDAP_EXT_BINDPW
@ LDAP_EXT_BINDPW
Specifies the password for an LDAP bind.
Definition: base.h:125
LDAP_EXT_BINDNAME
@ LDAP_EXT_BINDNAME
Specifies the user DN or name for an LDAP bind.
Definition: base.h:124

Definition at line 60 of file base.c.

◆ fr_ldap_supported_extensions_len

size_t fr_ldap_supported_extensions_len = NUM_ELEMENTS(fr_ldap_supported_extensions)

Definition at line 64 of file base.c.

◆ fr_ldap_tls_require_cert

fr_table_num_sorted_t const fr_ldap_tls_require_cert[]
Initial value:
= {
{ L("allow"), LDAP_OPT_X_TLS_ALLOW },
{ L("demand"), LDAP_OPT_X_TLS_DEMAND },
{ L("hard"), LDAP_OPT_X_TLS_HARD },
{ L("never"), LDAP_OPT_X_TLS_NEVER },
{ L("try"), LDAP_OPT_X_TLS_TRY }
}

Definition at line 77 of file base.c.

◆ fr_ldap_tls_require_cert_len

size_t fr_ldap_tls_require_cert_len = NUM_ELEMENTS(fr_ldap_tls_require_cert)

Definition at line 84 of file base.c.

◆ fr_libldap_global_config

global_lib_autoinst_t fr_libldap_global_config
Initial value:
= {
.name = "ldap",
.config = (const conf_parser_t *)ldap_global_config,
.inst = &libldap_global_config,
.init = libldap_init,
.free = libldap_free
}
conf_parser_s
Defines a CONF_PAIR to C data type mapping.
Definition: cf_parse.h:564
free
free(array)
libldap_global_config
static fr_libldap_global_config_t libldap_global_config
Definition: base.c:94
ldap_global_config
static conf_parser_t const ldap_global_config[]
Definition: base.c:99
libldap_free
static void libldap_free(void)
Free any global libldap resources.
Definition: base.c:121
libldap_init
static int libldap_init(void)
Initialise libldap library and set global options.
Definition: base.c:109
init
init
Enter the EAP-IDENTITY state.
Definition: state_machine.c:90
inst
eap_aka_sim_process_conf_t * inst
Definition: state_machine.c:3620

Definition at line 134 of file base.c.

◆ ldap_global_config

conf_parser_t const ldap_global_config[]
static
Initial value:
= {
{ FR_CONF_OFFSET_FLAGS("random_file", CONF_FLAG_FILE_EXISTS, fr_libldap_global_config_t, tls_random_file) },
{ FR_CONF_OFFSET("ldap_debug", fr_libldap_global_config_t, ldap_debug), .dflt = "0x0000" },
CONF_PARSER_TERMINATOR
}
CONF_PARSER_TERMINATOR
#define CONF_PARSER_TERMINATOR
Definition: cf_parse.h:627
FR_CONF_OFFSET
#define FR_CONF_OFFSET(_name, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition: cf_parse.h:268
FR_CONF_OFFSET_FLAGS
#define FR_CONF_OFFSET_FLAGS(_name, _flags, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition: cf_parse.h:256
CONF_FLAG_FILE_EXISTS
@ CONF_FLAG_FILE_EXISTS
File matching value must exist.
Definition: cf_parse.h:422
fr_libldap_global_config_t
libldap global configuration data
Definition: base.h:319

Definition at line 99 of file base.c.

◆ ldap_global_handle

LDAP* ldap_global_handle

Hack for OpenLDAP libldap global initialisation.

Definition at line 39 of file base.c.

◆ ldap_global_handle_config

fr_ldap_config_t ldap_global_handle_config
static
Initial value:
= {
.name = "global"
}

Used to set the global log prefix for functions which don't operate on connections.

Definition at line 47 of file base.c.

◆ ldap_thread_local_handle

_Thread_local LDAP* ldap_thread_local_handle
static

Hack for functions which require an ldap handle.

but don't actually use it for anything.

Definition at line 41 of file base.c.

◆ libldap_global_config

fr_libldap_global_config_t libldap_global_config
static
Initial value:
= {
.ldap_debug = 0x00,
.tls_random_file = ""
}

Definition at line 94 of file base.c.

Generated by   doxygen 1.9.1