1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
#ifndef LDAP_CLIENT_H
#define LDAP_CLIENT_H
enum ldap_scope {
LDAP_SEARCH_SCOPE_BASE = 0x0000,
LDAP_SEARCH_SCOPE_ONE = 0x0001,
LDAP_SEARCH_SCOPE_SUBTREE = 0x0002
};
struct ldap_client;
struct ldap_result;
struct ldap_search_iterator;
struct ldap_entry;
/* Called when the LDAP result has finished. The callback must verify first
if the result is valid or not by calling ldap_result_has_failed() or
ldap_result_get_error(). The result is freed automatically after this
callback finishes. */
typedef void ldap_result_callback_t(struct ldap_result *result, void *context);
struct ldap_client_settings {
/* NOTE: when adding here, remember to update
ldap_connection_have_settings() and ldap_connection_init() */
const char *uri;
const char *bind_dn;
const char *password;
const struct ssl_iostream_settings *ssl_set;
unsigned int timeout_secs;
unsigned int max_idle_time_secs;
unsigned int debug;
bool require_ssl;
bool start_tls;
};
struct ldap_search_input {
const char *base_dn;
const char *filter;
const char *const *attributes;
enum ldap_scope scope;
unsigned int size_limit;
unsigned int timeout_secs;
};
struct ldap_compare_input {
const char *dn;
const char *attr;
const char *value;
unsigned int timeout_secs;
};
/* Initialize LDAP. Returns 0 on success, or -1 and error_r if initialization
failed with the given settings. */
int ldap_client_init(const struct ldap_client_settings *set,
struct ldap_client **client_r, const char **error_r);
void ldap_client_deinit(struct ldap_client **client);
void ldap_client_switch_ioloop(struct ldap_client *client);
/* Deinitialize all pooled LDAP connections if there are no references left.
This allows freeing the memory at deinit, but still allows multiple
independent code parts to use lib-ldap and call this function. */
void ldap_clients_cleanup(void);
void ldap_search_start(struct ldap_client *client,
const struct ldap_search_input *input,
ldap_result_callback_t *callback,
void *context);
#define ldap_search_start(client, input, callback, context) \
ldap_search_start(client, input - \
CALLBACK_TYPECHECK(callback, void (*)( \
struct ldap_result *, typeof(context))), \
(ldap_result_callback_t *)callback, context)
/* Returns TRUE if the LDAP query failed and result must not be used further. */
bool ldap_result_has_failed(struct ldap_result *result);
/* Returns the error string if the query had failed, or NULL if it hasn't. */
const char *ldap_result_get_error(struct ldap_result *result);
struct ldap_search_iterator* ldap_search_iterator_init(struct ldap_result *result);
const struct ldap_entry *ldap_search_iterator_next(struct ldap_search_iterator *iter);
void ldap_search_iterator_deinit(struct ldap_search_iterator **iter);
void ldap_compare_start(struct ldap_client *client,
const struct ldap_compare_input *input,
ldap_result_callback_t *callback, void *context);
#define ldap_compare_start(client, input, callback, context) \
ldap_compare_start(client, input - \
CALLBACK_TYPECHECK(callback, void (*)( \
struct ldap_result *, typeof(context))), \
(ldap_result_callback_t *)callback, context)
/* Returns TRUE if the comparison matched, FALSE if not. */
bool ldap_compare_result(struct ldap_result *result);
const char *ldap_entry_dn(const struct ldap_entry *entry);
const char *const *ldap_entry_get_attributes(const struct ldap_entry *entry);
const char *const *ldap_entry_get_attribute(const struct ldap_entry *entry, const char *attribute);
#endif
|
