LDAP module library functions. More...

#include <freeradius-devel/util/debug.h>
#include <freeradius-devel/server/base.h>
#include <freeradius-devel/ldap/base.h>
#include <freeradius-devel/unlang/function.h>

Include dependency graph for base.c:

Go to the source code of this file.

Data Structures
struct	sync_ldap_query_t

Macros
#define	do_ldap_global_option(_option, _name, _value)

#define	LOG_PREFIX handle_config->name

#define	maybe_ldap_global_option(_option, _name, _value) if (_value) do_ldap_global_option(_option, _name, _value)

#define	SET_LDAP_CTRLS(_dest, _src)

Functions
static int	_ldap_handle_thread_local_free (void *handle)

static int	_ldap_query_free (fr_ldap_query_t *query)
	Free any libldap structures when an fr_ldap_query_t is freed. More...

fr_ldap_rcode_t	fr_ldap_error_check (LDAPControl **ctrls, fr_ldap_connection_t const conn, LDAPMessage msg, char const dn)
	Perform basic parsing of multiple types of messages, checking for error conditions. More...

char const *	fr_ldap_error_str (fr_ldap_connection_t const *conn)
	Return the error string associated with a handle. More...

fr_ldap_query_t *	fr_ldap_extended_alloc (TALLOC_CTX ctx, char const reqoid, struct berval reqdata, LDAPControl serverctrls, LDAPControl *clientctrls)
	Allocate a new LDAP extended operations object. More...

fr_ldap_rcode_t	fr_ldap_extended_async (int msgid, request_t request, fr_ldap_connection_t pconn, char const reqoid, struct berval *reqdata)
	Initiate an LDAP extended operation. More...

int	fr_ldap_global_config (int debug_level, char const *tls_random_file)
	Change settings global to libldap. More...

LDAP *	fr_ldap_handle_thread_local (void)
	Get a thread local dummy LDAP handle. More...

int	fr_ldap_init (void)
	Initialise libldap and check library versions. More...

fr_ldap_query_t *	fr_ldap_modify_alloc (TALLOC_CTX ctx, char const dn, LDAPMod mods[], LDAPControl serverctrls, LDAPControl *clientctrls)
	Allocate a new LDAP modify object. More...

fr_ldap_rcode_t	fr_ldap_modify_async (int msgid, request_t request, fr_ldap_connection_t pconn, char const dn, LDAPMod mods[], LDAPControl serverctrls, LDAPControl *clientctrls)
	Modify something in the LDAP directory. More...

fr_ldap_rcode_t	fr_ldap_result (LDAPMessage result, LDAPControl ctrls, fr_ldap_connection_t const conn, int msgid, int all, char const *dn, fr_time_delta_t timeout)
	Parse response from LDAP server dealing with any errors. More...

fr_ldap_query_t *	fr_ldap_search_alloc (TALLOC_CTX ctx, char const base_dn, int scope, char const filter, char const const attrs, LDAPControl serverctrls, LDAPControl *clientctrls)
	Allocate a new search object. More...

fr_ldap_rcode_t	fr_ldap_search_async (int msgid, request_t request, fr_ldap_connection_t pconn, char const dn, int scope, char const filter, char const const attrs, LDAPControl serverctrls, LDAPControl *clientctrls)
	Search for something in the LDAP directory. More...

void	fr_ldap_timeout_debug (request_t request, fr_ldap_connection_t const conn, fr_time_delta_t timeout, char const *prefix)
	Prints information to the debug log on the current timeout settings. More...

unlang_action_t	fr_ldap_trunk_extended (TALLOC_CTX ctx, fr_ldap_query_t out, request_t request, fr_ldap_thread_trunk_t ttrunk, char const reqoid, struct berval reqdata, LDAPControl serverctrls, LDAPControl *clientctrls)
	Run an async LDAP "extended operation" query on a trunk connection. More...

unlang_action_t	fr_ldap_trunk_modify (TALLOC_CTX ctx, fr_ldap_query_t out, request_t request, fr_ldap_thread_trunk_t ttrunk, char const dn, LDAPMod mods[], LDAPControl serverctrls, LDAPControl *clientctrls)
	Run an async modification LDAP query on a trunk connection. More...

unlang_action_t	fr_ldap_trunk_search (TALLOC_CTX ctx, fr_ldap_query_t out, request_t request, fr_ldap_thread_trunk_t ttrunk, char const base_dn, int scope, char const filter, char const const attrs, LDAPControl serverctrls, LDAPControl *clientctrls)
	Run an async search LDAP query on a trunk connection. More...

static fr_ldap_query_t *	ldap_query_alloc (TALLOC_CTX *ctx, fr_ldap_request_type_t type)
	Allocate an fr_ldap_query_t, setting the talloc destructor. More...

static void	ldap_trunk_query_cancel (UNUSED request_t request, UNUSED fr_signal_t action, void uctx)
	Signal an LDAP query running on a trunk connection to cancel. More...

static unlang_action_t	ldap_trunk_query_results (rlm_rcode_t p_result, UNUSED int priority, request_t request, void uctx)
	Handle the return code from parsed LDAP results to set the module rcode. More...

static void	ldap_trunk_search_results_debug (request_t request, fr_ldap_query_t query)

static void	libldap_free (void)
	Free any global libldap resources. More...

static int	libldap_init (void)
	Initialise libldap library and set global options. More...

Variables
fr_table_num_sorted_t const	fr_ldap_connection_states []

size_t	fr_ldap_connection_states_len = NUM_ELEMENTS(fr_ldap_connection_states)

fr_table_num_sorted_t const	fr_ldap_dereference []

size_t	fr_ldap_dereference_len = NUM_ELEMENTS(fr_ldap_dereference)

fr_table_num_sorted_t const	fr_ldap_scope []

size_t	fr_ldap_scope_len = NUM_ELEMENTS(fr_ldap_scope)

fr_table_num_sorted_t const	fr_ldap_supported_extensions []

size_t	fr_ldap_supported_extensions_len = NUM_ELEMENTS(fr_ldap_supported_extensions)

fr_table_num_sorted_t const	fr_ldap_tls_require_cert []

size_t	fr_ldap_tls_require_cert_len = NUM_ELEMENTS(fr_ldap_tls_require_cert)

global_lib_autoinst_t	fr_libldap_global_config

static conf_parser_t const	ldap_global_config []

LDAP *	ldap_global_handle
	Hack for OpenLDAP libldap global initialisation. More...

static fr_ldap_config_t	ldap_global_handle_config
	Used to set the global log prefix for functions which don't operate on connections. More...

static _Thread_local LDAP *	ldap_thread_local_handle
	Hack for functions which require an ldap handle. More...

static fr_libldap_global_config_t	libldap_global_config

Detailed Description

LDAP module library functions.

Id: 31749e1f1fa18a4ad9a47c15068a87938e219be8

Author: Arran Cudbard-Bell (a.cud.nosp@m.bard.nosp@m.b@fre.nosp@m.erad.nosp@m.ius.o.nosp@m.rg)

Copyright: 2015 Arran Cudbard-Bell (a.cud.nosp@m.bard.nosp@m.b@fre.nosp@m.erad.nosp@m.ius.o.nosp@m.rg); 2013-2015 Network RADIUS SAS (legal.nosp@m.@net.nosp@m.workr.nosp@m.adiu.nosp@m.s.com); 2013-2015 The FreeRADIUS Server Project.

Definition in file base.c.

Data Structure Documentation

◆ sync_ldap_query_t

struct sync_ldap_query_t

Definition at line 142 of file base.c.

Collaboration diagram for sync_ldap_query_t:

Data Fields
fr_ldap_query_t *	query
LDAPMessage **	result

Macro Definition Documentation

◆ do_ldap_global_option

#define do_ldap_global_option	(	_option,
		_name,
		_value
	)

Value:

        if (ldap_set_option(NULL, _option, _value) != LDAP_OPT_SUCCESS) do { \
                int _ldap_errno; \
                ldap_get_option(NULL, LDAP_OPT_RESULT_CODE, &_ldap_errno); \
                ERROR("Failed setting global option %s: %s", _name, \
                         (_ldap_errno != LDAP_SUCCESS) ? ldap_err2string(_ldap_errno) : "Unknown error"); \
                return -1;\
        } while (0)

◆ LOG_PREFIX

#define LOG_PREFIX handle_config->name

Definition at line 33 of file base.c.

◆ maybe_ldap_global_option

#define maybe_ldap_global_option	(	_option,
		_name,
		_value
	)	if (_value) do_ldap_global_option(_option, _name, _value)

◆ SET_LDAP_CTRLS

#define SET_LDAP_CTRLS	(	_dest,
		_src
	)

Value:

do { \
        int i; \
        if (!_src) break; \
        for (i = 0; i < LDAP_MAX_CONTROLS; i++) { \
                if (!(_src[i])) break; \
                _dest[i].control = _src[i]; \
        } \
} while (0)

Definition at line 668 of file base.c.

Function Documentation

◆ _ldap_handle_thread_local_free()

static int _ldap_handle_thread_local_free ( void * handle )

static

Definition at line 1035 of file base.c.

Here is the caller graph for this function:

◆ _ldap_query_free()

static int _ldap_query_free ( fr_ldap_query_t * query )

static

Free any libldap structures when an fr_ldap_query_t is freed.

It is also possible that the connection used for this query is now closed, in that instance we free it here.

Definition at line 889 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ fr_ldap_error_check()

fr_ldap_rcode_t fr_ldap_error_check	(	LDAPControl ***	ctrls,
		fr_ldap_connection_t const *	conn,
		LDAPMessage *	msg,
		char const *	dn
	)

Perform basic parsing of multiple types of messages, checking for error conditions.

Note: Error messages should be retrieved with fr_strerror() and fr_strerror_pop()

Parameters

[out]	ctrls	Server ctrls returned to the client. May be NULL if not required. Must be freed with ldap_free_ctrls.
[in]	conn	the message was received on.
[in]	msg	we're parsing.
[in]	dn	if processing the result from a search request.

Returns: One of the LDAP_PROC_* (fr_ldap_rcode_t) values.

Definition at line 232 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ fr_ldap_error_str()

char const* fr_ldap_error_str ( fr_ldap_connection_t const * conn )

Return the error string associated with a handle.

Parameters

conn	to retrieve error from.

Returns: error string.

Definition at line 210 of file base.c.

◆ fr_ldap_extended_alloc()

fr_ldap_query_t* fr_ldap_extended_alloc	(	TALLOC_CTX *	ctx,
		char const *	reqoid,
		struct berval *	reqdata,
		LDAPControl **	serverctrls,
		LDAPControl **	clientctrls
	)

Allocate a new LDAP extended operations object.

Parameters

[in]	ctx	to allocate the query in.
[in]	reqoid	OID of extended operation to perform.
[in]	reqdata	Request data to send.
[in]	serverctrls	Controls to pass to the server. May be NULL.
[in]	clientctrls	Client controls. May be NULL.

Returns: LDAP query object

Definition at line 1021 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ fr_ldap_extended_async()

fr_ldap_rcode_t fr_ldap_extended_async	(	int *	msgid,
		request_t *	request,
		fr_ldap_connection_t *	pconn,
		char const *	reqoid,
		struct berval *	reqdata
	)

Initiate an LDAP extended operation.

Called by the trunk mux function

Parameters

[out]	msgid	LDAP message ID.
[in]	request	Current request.
[in]	pconn	to use.
[in]	reqoid	OID of extended operation to perform.
[in]	reqdata	Data required for the request.

Returns: One of the LDAP_PROC_* (fr_ldap_rcode_t) values.

Definition at line 870 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ fr_ldap_global_config()

int fr_ldap_global_config	(	int	debug_level,
		char const *	tls_random_file
	)

Change settings global to libldap.

May only be called once. Subsequent calls will be ignored.

Parameters

[in]	debug_level	to enable in libldap.
[in]	tls_random_file	Where OpenSSL gets its randomness.

Definition at line 1071 of file base.c.

Here is the caller graph for this function:

◆ fr_ldap_handle_thread_local()

LDAP* fr_ldap_handle_thread_local ( void )

Get a thread local dummy LDAP handle.

Many functions in the OpenLDAP API don't actually use the handle for anything other than writing out error codes.

This is true for most of the LDAP extensions API functions.

This gives us a reusable handle that was can pass to those functions when we don't already have one available.

Definition at line 1051 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ fr_ldap_init()

int fr_ldap_init ( void )

Initialise libldap and check library versions.

Returns

0 on success.
-1 on failure.

Definition at line 1110 of file base.c.

Here is the caller graph for this function:

◆ fr_ldap_modify_alloc()

fr_ldap_query_t* fr_ldap_modify_alloc	(	TALLOC_CTX *	ctx,
		char const *	dn,
		LDAPMod *	mods[],
		LDAPControl **	serverctrls,
		LDAPControl **	clientctrls
	)

Allocate a new LDAP modify object.

Parameters

[in]	ctx	to allocate the query in.
[in]	dn	of the object to modify.
[in]	mods	to apply to the object.
[in]	serverctrls	Controls to pass to the server. May be NULL.
[in]	clientctrls	Client controls. May be NULL.

Returns: LDAP query object

Definition at line 998 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ fr_ldap_modify_async()

fr_ldap_rcode_t fr_ldap_modify_async	(	int *	msgid,
		request_t *	request,
		fr_ldap_connection_t *	pconn,
		char const *	dn,
		LDAPMod *	mods[],
		LDAPControl **	serverctrls,
		LDAPControl **	clientctrls
	)

Modify something in the LDAP directory.

Used on connections bound as the administrative user to attempt to modify an LDAP object. Called by the trunk mux function

Parameters

[out]	msgid	LDAP message ID.
[in]	request	Current request.
[in]	pconn	to use.
[in]	dn	of the object to modify.
[in]	mods	to make, see 'man ldap_modify' for more information.
[in]	serverctrls	Search controls to pass to the server. May be NULL.
[in]	clientctrls	Search controls for ldap_modify. May be NULL.

Returns: One of the LDAP_PROC_* (fr_ldap_rcode_t) values.

Definition at line 786 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ fr_ldap_result()

fr_ldap_rcode_t fr_ldap_result	(	LDAPMessage **	result,
		LDAPControl ***	ctrls,
		fr_ldap_connection_t const *	conn,
		int	msgid,
		int	all,
		char const *	dn,
		fr_time_delta_t	timeout
	)

Parse response from LDAP server dealing with any errors.

Should be called after an LDAP operation. Will check result of operation and if it was successful, then attempt to retrieve and parse the result. Will also produce extended error output including any messages the server sent, and information about partial DN matches.

Note: Error messages should be retrieved with fr_strerror() and fr_strerror_pop()

Parameters

[out]	result	Where to write result, if NULL result will be freed. If not NULL caller must free with ldap_msgfree().
[out]	ctrls	Server ctrls returned to the client. May be NULL if not required. Must be freed with ldap_free_ctrls.
[in]	conn	Current connection.
[in]	msgid	returned from last operation. Special values are: LDAP_RES_ANY - Retrieve any received messages useful for multiplexing. LDAP_RES_UNSOLICITED - Any unsolicited message.
[in]	all	How many messages to retrieve: LDAP_MSG_ONE - Retrieve the first message matching msgid (waiting if one is not available). LDAP_MSG_ALL - Retrieve all received messages matching msgid (waiting if none are available). LDAP_MSG_RECEIVED - Retrieve all received messages.
[in]	dn	Last search or bind DN. May be NULL.
[in]	timeout	Override the default result timeout.

Returns: One of the LDAP_PROC_* (fr_ldap_rcode_t) values.

Definition at line 449 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ fr_ldap_search_alloc()

fr_ldap_query_t* fr_ldap_search_alloc	(	TALLOC_CTX *	ctx,
		char const *	base_dn,
		int	scope,
		char const *	filter,
		char const const	attrs,
		LDAPControl **	serverctrls,
		LDAPControl **	clientctrls
	)

Allocate a new search object.

Parameters

[in]	ctx	to allocate query in.
[in]	base_dn	for the search.
[in]	scope	of the search.
[in]	filter	for the search
[in]	attrs	to request.
[in]	serverctrls	Search controls to pass to the server. May be NULL.
[in]	clientctrls	Client controls. May be NULL.

Definition at line 972 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ fr_ldap_search_async()

fr_ldap_rcode_t fr_ldap_search_async	(	int *	msgid,
		request_t *	request,
		fr_ldap_connection_t *	pconn,
		char const *	dn,
		int	scope,
		char const *	filter,
		char const const	attrs,
		LDAPControl **	serverctrls,
		LDAPControl **	clientctrls
	)

Search for something in the LDAP directory.

Performs an LDAP search, typically on a connection bound as the administrative user, dealing with any errors. Called from the trunk mux function and elsewhere where appropriate event handlers have been set on the connection fd.

Parameters

[out]	msgid	to match response to request.
[in]	request	Current request.
[in]	pconn	to use.
[in]	dn	to use as base for the search.
[in]	scope	to use (LDAP_SCOPE_BASE, LDAP_SCOPE_ONE, LDAP_SCOPE_SUB).
[in]	filter	to use, should be pre-escaped.
[in]	attrs	to retrieve.
[in]	serverctrls	Search controls to pass to the server. May be NULL.
[in]	clientctrls	Search controls for ldap_search. May be NULL.

Returns: One of the LDAP_PROC_* (fr_ldap_rcode_t) values.

Definition at line 528 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ fr_ldap_timeout_debug()

void fr_ldap_timeout_debug	(	request_t *	request,
		fr_ldap_connection_t const *	conn,
		fr_time_delta_t	timeout,
		char const *	prefix
	)

Prints information to the debug log on the current timeout settings.

There are so many different timers in LDAP it's often hard to debug issues with them, hence the need for this function.

Definition at line 152 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ fr_ldap_trunk_extended()

unlang_action_t fr_ldap_trunk_extended	(	TALLOC_CTX *	ctx,
		fr_ldap_query_t **	out,
		request_t *	request,
		fr_ldap_thread_trunk_t *	ttrunk,
		char const *	reqoid,
		struct berval *	reqdata,
		LDAPControl **	serverctrls,
		LDAPControl **	clientctrls
	)

Run an async LDAP "extended operation" query on a trunk connection.

Parameters

[in]	ctx	to allocate the query in.
[out]	out	that has been allocated.
[in]	request	this query relates to.
[in]	ttrunk	to submit the query to.
[in]	reqoid	OID of extended operation.
[in]	reqdata	Request data to send.
[in]	serverctrls	specific to this query.
[in]	clientctrls	specific to this query.

Returns

UNLANG_ACTION_FAIL on error.
UNLANG_ACTION_PUSHED_CHILD on success.

Definition at line 827 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ fr_ldap_trunk_modify()

unlang_action_t fr_ldap_trunk_modify	(	TALLOC_CTX *	ctx,
		fr_ldap_query_t **	out,
		request_t *	request,
		fr_ldap_thread_trunk_t *	ttrunk,
		char const *	dn,
		LDAPMod *	mods[],
		LDAPControl **	serverctrls,
		LDAPControl **	clientctrls
	)

Run an async modification LDAP query on a trunk connection.

Parameters

[in]	ctx	to allocate the query in.
[out]	out	that has been allocated.
[in]	request	this query relates to.
[in]	ttrunk	to submit the query to.
[in]	dn	of the object being modified.
[in]	mods	to be performed.
[in]	serverctrls	specific to this query.
[in]	clientctrls	specific to this query.

Returns

UNLANG_ACTION_FAIL on error.
UNLANG_ACTION_PUSHED_CHILD on success.

Definition at line 740 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ fr_ldap_trunk_search()

unlang_action_t fr_ldap_trunk_search	(	TALLOC_CTX *	ctx,
		fr_ldap_query_t **	out,
		request_t *	request,
		fr_ldap_thread_trunk_t *	ttrunk,
		char const *	base_dn,
		int	scope,
		char const *	filter,
		char const const	attrs,
		LDAPControl **	serverctrls,
		LDAPControl **	clientctrls
	)

Run an async search LDAP query on a trunk connection.

Parameters

[in]	ctx	to allocate the query in.
[out]	out	that has been allocated.
[in]	request	this query relates to.
[in]	ttrunk	to submit the query to.
[in]	base_dn	for the search.
[in]	scope	of the search.
[in]	filter	for the search.
[in]	attrs	to be returned.
[in]	serverctrls	specific to this query.
[in]	clientctrls	specific to this query.

Returns

UNLANG_ACTION_FAIL on error.
UNLANG_ACTION_PUSHED_CHILD on success.

Definition at line 694 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ ldap_query_alloc()

static fr_ldap_query_t* ldap_query_alloc	(	TALLOC_CTX *	ctx,
		fr_ldap_request_type_t	type
	)

inlinestatic

Allocate an fr_ldap_query_t, setting the talloc destructor.

Definition at line 949 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ ldap_trunk_query_cancel()

static void ldap_trunk_query_cancel	(	UNUSED request_t *	request,
		UNUSED fr_signal_t	action,
		void *	uctx
	)

static

Signal an LDAP query running on a trunk connection to cancel.

Definition at line 642 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ ldap_trunk_query_results()

static unlang_action_t ldap_trunk_query_results	(	rlm_rcode_t *	p_result,
		UNUSED int *	priority,
		request_t *	request,
		void *	uctx
	)

static

Handle the return code from parsed LDAP results to set the module rcode.

Definition at line 616 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ ldap_trunk_search_results_debug()

static void ldap_trunk_search_results_debug	(	request_t *	request,
		fr_ldap_query_t *	query
	)

static

Definition at line 575 of file base.c.

Here is the caller graph for this function:

◆ libldap_free()

static void libldap_free ( void )

static

Free any global libldap resources.

Definition at line 121 of file base.c.

◆ libldap_init()

static int libldap_init ( void )

static

Initialise libldap library and set global options.

Used as a callback from global library initialisation.

Definition at line 109 of file base.c.

Here is the call graph for this function:

Variable Documentation

◆ fr_ldap_connection_states

fr_table_num_sorted_t const fr_ldap_connection_states[]

Initial value:

= {
        { L("bind"),            FR_LDAP_STATE_BIND      },
        { L("error"),           FR_LDAP_STATE_ERROR     },
        { L("init"),            FR_LDAP_STATE_INIT      },
        { L("run"),             FR_LDAP_STATE_RUN       },
        { L("start-tls"),       FR_LDAP_STATE_START_TLS }
}

Definition at line 51 of file base.c.

◆ fr_ldap_connection_states_len

size_t fr_ldap_connection_states_len = NUM_ELEMENTS(fr_ldap_connection_states)

Definition at line 58 of file base.c.

◆ fr_ldap_dereference

fr_table_num_sorted_t const fr_ldap_dereference[]

Initial value:

= {
        { L("always"),          LDAP_DEREF_ALWAYS       },
        { L("finding"),         LDAP_DEREF_FINDING      },
        { L("never"),           LDAP_DEREF_NEVER        },
        { L("searching"),       LDAP_DEREF_SEARCHING    }
}

Definition at line 86 of file base.c.

◆ fr_ldap_dereference_len

size_t fr_ldap_dereference_len = NUM_ELEMENTS(fr_ldap_dereference)

Definition at line 92 of file base.c.

◆ fr_ldap_scope

fr_table_num_sorted_t const fr_ldap_scope[]

Initial value:

= {
        { L("base"),            LDAP_SCOPE_BASE },
        { L("children"),        LDAP_SCOPE_CHILDREN },
        { L("one"),             LDAP_SCOPE_ONE  },
        { L("sub"),             LDAP_SCOPE_SUB  }
}

Definition at line 69 of file base.c.

◆ fr_ldap_scope_len

size_t fr_ldap_scope_len = NUM_ELEMENTS(fr_ldap_scope)

Definition at line 75 of file base.c.

◆ fr_ldap_supported_extensions

fr_table_num_sorted_t const fr_ldap_supported_extensions[]

Initial value:

= {
        { L("bindname"),        LDAP_EXT_BINDNAME       },
        { L("x-bindpw"),        LDAP_EXT_BINDPW         }
}

Definition at line 60 of file base.c.

◆ fr_ldap_supported_extensions_len

size_t fr_ldap_supported_extensions_len = NUM_ELEMENTS(fr_ldap_supported_extensions)

Definition at line 64 of file base.c.

◆ fr_ldap_tls_require_cert

fr_table_num_sorted_t const fr_ldap_tls_require_cert[]

Initial value:

= {
        { L("allow"),           LDAP_OPT_X_TLS_ALLOW    },
        { L("demand"),          LDAP_OPT_X_TLS_DEMAND   },
        { L("hard"),            LDAP_OPT_X_TLS_HARD     },
        { L("never"),           LDAP_OPT_X_TLS_NEVER    },
        { L("try"),             LDAP_OPT_X_TLS_TRY      }
}

Definition at line 77 of file base.c.

◆ fr_ldap_tls_require_cert_len

size_t fr_ldap_tls_require_cert_len = NUM_ELEMENTS(fr_ldap_tls_require_cert)

Definition at line 84 of file base.c.

◆ fr_libldap_global_config

global_lib_autoinst_t fr_libldap_global_config

Initial value:

= {
         .name = "ldap",
         .config = (const conf_parser_t *)ldap_global_config,
         .inst = &libldap_global_config,
         .init = libldap_init,
         .free = libldap_free
}

Definition at line 134 of file base.c.

◆ ldap_global_config

conf_parser_t const ldap_global_config[]

static

Initial value:

= {
        { FR_CONF_OFFSET_FLAGS("random_file", CONF_FLAG_FILE_EXISTS, fr_libldap_global_config_t, tls_random_file) },
        { FR_CONF_OFFSET("ldap_debug", fr_libldap_global_config_t, ldap_debug), .dflt = "0x0000" },
        CONF_PARSER_TERMINATOR
}

Definition at line 99 of file base.c.

◆ ldap_global_handle

LDAP* ldap_global_handle

Hack for OpenLDAP libldap global initialisation.

Definition at line 39 of file base.c.

◆ ldap_global_handle_config

fr_ldap_config_t ldap_global_handle_config

static

Initial value:

= {
        .name = "global"
}

Used to set the global log prefix for functions which don't operate on connections.

Definition at line 47 of file base.c.

◆ ldap_thread_local_handle

_Thread_local LDAP* ldap_thread_local_handle

static

Hack for functions which require an ldap handle.

but don't actually use it for anything.

Definition at line 41 of file base.c.

◆ libldap_global_config

fr_libldap_global_config_t libldap_global_config

static

Initial value:

= {
        .ldap_debug = 0x00,
        .tls_random_file = ""
}

Definition at line 94 of file base.c.

Data Structures

Macros

Functions

Variables

Detailed Description

Data Structure Documentation

◆ sync_ldap_query_t

Macro Definition Documentation

◆ do_ldap_global_option

◆ LOG_PREFIX

◆ maybe_ldap_global_option

◆ SET_LDAP_CTRLS

Function Documentation

◆ _ldap_handle_thread_local_free()

◆ _ldap_query_free()

◆ fr_ldap_error_check()

◆ fr_ldap_error_str()

◆ fr_ldap_extended_alloc()

◆ fr_ldap_extended_async()

◆ fr_ldap_global_config()

◆ fr_ldap_handle_thread_local()

◆ fr_ldap_init()

◆ fr_ldap_modify_alloc()

◆ fr_ldap_modify_async()

◆ fr_ldap_result()

◆ fr_ldap_search_alloc()

◆ fr_ldap_search_async()

◆ fr_ldap_timeout_debug()

◆ fr_ldap_trunk_extended()

◆ fr_ldap_trunk_modify()

◆ fr_ldap_trunk_search()

◆ ldap_query_alloc()

◆ ldap_trunk_query_cancel()

◆ ldap_trunk_query_results()

◆ ldap_trunk_search_results_debug()

◆ libldap_free()

◆ libldap_init()

Variable Documentation

◆ fr_ldap_connection_states

◆ fr_ldap_connection_states_len

◆ fr_ldap_dereference

◆ fr_ldap_dereference_len

◆ fr_ldap_scope

◆ fr_ldap_scope_len

◆ fr_ldap_supported_extensions

◆ fr_ldap_supported_extensions_len

◆ fr_ldap_tls_require_cert

◆ fr_ldap_tls_require_cert_len

◆ fr_libldap_global_config

◆ ldap_global_config

◆ ldap_global_handle

◆ ldap_global_handle_config

◆ ldap_thread_local_handle

◆ libldap_global_config