2 * Copyright (c) 2002-2003 Igor Brezac
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY IGOR BREZAC. ``AS IS'' AND ANY
15 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
17 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL IGOR BREZAC OR
18 * ITS EMPLOYEES OR AGENTS BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
20 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
21 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
22 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
23 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
24 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
34 #if TIME_WITH_SYS_TIME
35 # include <sys/time.h>
39 # include <sys/time.h>
49 #define LAK_NOT_GROUP_MEMBER -4
50 #define LAK_INVALID_PASSWORD -5
51 #define LAK_USER_NOT_FOUND -6
52 #define LAK_BIND_FAIL -7
53 #define LAK_CONNECT_FAIL -8
55 #define LAK_NOT_BOUND 1
58 #define LAK_AUTH_METHOD_BIND 0
59 #define LAK_AUTH_METHOD_CUSTOM 1
60 #define LAK_AUTH_METHOD_FASTBIND 2
62 #define LAK_GROUP_MATCH_METHOD_ATTR 0
63 #define LAK_GROUP_MATCH_METHOD_FILTER 1
65 #define LAK_BUF_LEN 128
66 #define LAK_DN_LEN 512
67 #define LAK_PATH_LEN 1024
68 #define LAK_URL_LEN LAK_PATH_LEN
70 typedef struct lak_conf {
71 char path[LAK_PATH_LEN];
72 char servers[LAK_URL_LEN];
73 char bind_dn[LAK_DN_LEN];
74 char password[LAK_BUF_LEN];
76 struct timeval timeout;
83 char default_realm[LAK_BUF_LEN];
84 char search_base[LAK_DN_LEN];
85 char filter[LAK_DN_LEN];
86 char password_attr[LAK_BUF_LEN];
87 char group_dn[LAK_DN_LEN];
88 char group_attr[LAK_BUF_LEN];
89 char group_filter[LAK_DN_LEN];
90 char group_search_base[LAK_DN_LEN];
92 int group_match_method;
96 char authz_id[LAK_BUF_LEN];
97 char mech[LAK_BUF_LEN];
98 char realm[LAK_BUF_LEN];
99 char sasl_secprops[LAK_BUF_LEN];
102 char tls_cacert_file[LAK_PATH_LEN];
103 char tls_cacert_dir[LAK_PATH_LEN];
104 char tls_ciphers[LAK_BUF_LEN];
105 char tls_cert[LAK_PATH_LEN];
106 char tls_key[LAK_PATH_LEN];
110 typedef struct lak_user {
111 char bind_dn[LAK_DN_LEN];
112 char id[LAK_BUF_LEN];
113 char authz_id[LAK_BUF_LEN];
114 char mech[LAK_BUF_LEN];
115 char realm[LAK_BUF_LEN];
116 char password[LAK_BUF_LEN];
127 typedef struct lak_result {
131 struct lak_result *next;
134 int lak_init(const char *, LAK **);
135 void lak_close(LAK *);
136 int lak_authenticate(LAK *, const char *, const char *, const char *, const char *);
137 int lak_retrieve(LAK *, const char *, const char *, const char *, const char **, LAK_RESULT **);
138 void lak_result_free(LAK_RESULT *);
139 char *lak_error(const int errno);