lib_2ldap_2conf_8c_source.html

/*

 *   This program is free software; you can redistribute it and/or modify

 *   it under the terms of the GNU General Public License as published by

 *   the Free Software Foundation; either version 2 of the License, or

 *   (at your option) any later version.

 *

 *   This program is distributed in the hope that it will be useful,

 *   but WITHOUT ANY WARRANTY; without even the implied warranty of

 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 *   GNU General Public License for more details.

 *

 *   You should have received a copy of the GNU General Public License

 *   along with this program; if not, write to the Free Software

 *   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA

 */


/**

 * $Id: 9dea5a2117a7ea0a5bf0d7918612839f7feaf491 $

 *

 * @file ldap/conf.c

 * @brief Configuration parsing for LDAP server connections.

 *

 * @copyright 2022 The FreeRADIUS server project

 */

RCSID("$Id: 9dea5a2117a7ea0a5bf0d7918612839f7feaf491 $")


#include <freeradius-devel/ldap/base.h>

#include <freeradius-devel/ldap/conf.h>


conf_parser_t const fr_ldap_sasl_mech_static[] = {

        { FR_CONF_OFFSET_FLAGS("mech", CONF_FLAG_NOT_EMPTY, fr_ldap_sasl_t, mech) },

        { FR_CONF_OFFSET("proxy", fr_ldap_sasl_t, proxy) },

        { FR_CONF_OFFSET("realm", fr_ldap_sasl_t, realm) },

        CONF_PARSER_TERMINATOR

};


/*

 *      TLS Configuration

 */


conf_parser_t const fr_ldap_tls_config[] = {

        /*

         *      Deprecated attributes

         */

        { FR_CONF_OFFSET_FLAGS("ca_file", CONF_FLAG_FILE_READABLE, fr_ldap_config_t, tls_ca_file) },


        { FR_CONF_OFFSET_FLAGS("ca_path", CONF_FLAG_FILE_READABLE, fr_ldap_config_t, tls_ca_path) },


        { FR_CONF_OFFSET_FLAGS("certificate_file", CONF_FLAG_FILE_READABLE, fr_ldap_config_t, tls_certificate_file) },


        { FR_CONF_OFFSET_FLAGS("private_key_file", CONF_FLAG_FILE_READABLE, fr_ldap_config_t, tls_private_key_file) },


        /*

         *      LDAP Specific TLS attributes

         */

        { FR_CONF_OFFSET("start_tls", fr_ldap_config_t, start_tls), .dflt = "no" },


        { FR_CONF_OFFSET("require_cert", fr_ldap_config_t, tls_require_cert_str) },


        { FR_CONF_OFFSET("tls_min_version", fr_ldap_config_t, tls_min_version_str) },


        CONF_PARSER_TERMINATOR

};


/*

 *      Various options that don't belong in the main configuration.

 *

 *      Note that these overlap a bit with the connection pool code!

 */


conf_parser_t const fr_ldap_option_config[] = {

        /*

         *      Pool config items

         */

        { FR_CONF_OFFSET("chase_referrals", fr_ldap_config_t, chase_referrals) },


        { FR_CONF_OFFSET("use_referral_credentials", fr_ldap_config_t, use_referral_credentials), .dflt = "no" },


        { FR_CONF_OFFSET("referral_depth", fr_ldap_config_t, referral_depth), .dflt = "5" },


        { FR_CONF_OFFSET("rebind", fr_ldap_config_t, rebind) },


        { FR_CONF_OFFSET("sasl_secprops", fr_ldap_config_t, sasl_secprops) },


        /*

         *      We use this config option to populate libldap's LDAP_OPT_NETWORK_TIMEOUT -

         *      timeout on network activity - specifically libldap's initial call to "connect"

         *      Must be non-zero for async connections to start correctly.

         */

        { FR_CONF_OFFSET("net_timeout", fr_ldap_config_t, net_timeout), .dflt = "10" },


        { FR_CONF_OFFSET("idle", fr_ldap_config_t, keepalive_idle), .dflt = "60" },


        { FR_CONF_OFFSET("probes", fr_ldap_config_t, keepalive_probes), .dflt = "3" },


        { FR_CONF_OFFSET("interval", fr_ldap_config_t, keepalive_interval), .dflt = "30" },


        { FR_CONF_OFFSET("dereference", fr_ldap_config_t, dereference_str) },


        /* allow server unlimited time for search (server-side limit) */

        { FR_CONF_OFFSET("srv_timelimit", fr_ldap_config_t, srv_timelimit), .dflt = "20" },


        /*

         *      Instance config items

         */

        /* timeout for search results */

        { FR_CONF_OFFSET("res_timeout", fr_ldap_config_t, res_timeout), .dflt = "20" },


        { FR_CONF_OFFSET("idle_timeout", fr_ldap_config_t, idle_timeout), .dflt = "300" },


        { FR_CONF_OFFSET("reconnection_delay", fr_ldap_config_t, reconnection_delay), .dflt = "10" },


        CONF_PARSER_TERMINATOR

};


RCSID
#define RCSID(id)
Definition build.h:485

CONF_PARSER_TERMINATOR
#define CONF_PARSER_TERMINATOR
Definition cf_parse.h:662

FR_CONF_OFFSET
#define FR_CONF_OFFSET(_name, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition cf_parse.h:284

FR_CONF_OFFSET_FLAGS
#define FR_CONF_OFFSET_FLAGS(_name, _flags, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition cf_parse.h:272

CONF_FLAG_NOT_EMPTY
@ CONF_FLAG_NOT_EMPTY
CONF_PAIR is required to have a non zero length value.
Definition cf_parse.h:452

CONF_FLAG_FILE_READABLE
@ CONF_FLAG_FILE_READABLE
File matching value must exist, and must be readable.
Definition cf_parse.h:440

conf_parser_s
Defines a CONF_PAIR to C data type mapping.
Definition cf_parse.h:599

fr_ldap_config_t
Connection configuration.
Definition base.h:221

fr_ldap_sasl_t
Definition base.h:128

fr_ldap_sasl_mech_static
conf_parser_t const fr_ldap_sasl_mech_static[]
Definition conf.c:30

fr_ldap_option_config
conf_parser_t const fr_ldap_option_config[]
Definition conf.c:69

fr_ldap_tls_config
conf_parser_t const fr_ldap_tls_config[]
Definition conf.c:40