X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=libraries%2Flibldap%2Fldap-int.h;h=98a2ead3fba6ea10b343c440207ffd38861b154f;hb=d9a60db75ea1dbbc06d90d15e6f6969d8c075ee7;hp=91e9bb8ae9efbecd4713a7bc75429be0d2ed00b9;hpb=4bc19cbbb9edbbebe45667ee77867808a866236d;p=openldap

diff --git a/libraries/libldap/ldap-int.h b/libraries/libldap/ldap-int.h
index 91e9bb8ae9..98a2ead3fb 100644
--- a/libraries/libldap/ldap-int.h
+++ b/libraries/libldap/ldap-int.h
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2011 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -25,6 +25,7 @@
 #endif
 
 #include "../liblber/lber-int.h"
+#include "lutil.h"
 
 #ifdef LDAP_R_COMPILE
 #include <ldap_pvt_thread.h>
@@ -75,6 +76,9 @@
 
 #ifdef LDAP_DEBUG
 
+#define DebugTest( level ) \
+	( ldap_debug & level )
+
 #define Debug( level, fmt, arg1, arg2, arg3 ) \
 	do { if ( ldap_debug & level ) \
 	ldap_log_printf( NULL, (level), (fmt), (arg1), (arg2), (arg3) ); \
@@ -85,6 +89,7 @@
 
 #else
 
+#define DebugTest( level )                                    (0 == 1)
 #define Debug( level, fmt, arg1, arg2, arg3 )                 ((void)0)
 #define LDAP_Debug( subsystem, level, fmt, arg1, arg2, arg3 ) ((void)0)
 
@@ -121,6 +126,7 @@ LDAP_BEGIN_DECL
 #define LDAP_BOOL_RESTART		1
 #define LDAP_BOOL_TLS			3
 #define	LDAP_BOOL_CONNECT_ASYNC		4
+#define	LDAP_BOOL_SASL_NOCANON		5
 
 #define LDAP_BOOLEANS	unsigned long
 #define LDAP_BOOL(n)	((LDAP_BOOLEANS)1 << (n))
@@ -154,15 +160,22 @@ struct ldaptls {
 	char		*lt_cacertfile;
 	char		*lt_cacertdir;
 	char		*lt_ciphersuite;
-#ifdef HAVE_GNUTLS
 	char		*lt_crlfile;
-#endif
+	char		*lt_randfile;	/* OpenSSL only */
+	int		lt_protocol_min;
 };
 #endif
 
+typedef struct ldaplist {
+	struct ldaplist *ll_next;
+	void *ll_data;
+} ldaplist;
+
 /*
  * structure representing get/set'able options
  * which have global defaults.
+ * Protect access to this struct with ldo_mutex
+ * ldap_log.h:ldapoptions_prefix must match the head of this struct.
  */
 struct ldapoptions {
 	short ldo_valid;
@@ -171,6 +184,14 @@ struct ldapoptions {
 #define LDAP_VALID_SESSION	0x2
 #define LDAP_TRASHED_SESSION	0xFF
 	int   ldo_debug;
+
+#ifdef LDAP_R_COMPILE
+	ldap_pvt_thread_mutex_t	ldo_mutex;
+#define LDAP_LDO_MUTEX_NULLARG	, LDAP_PVT_MUTEX_NULL
+#else
+#define LDAP_LDO_MUTEX_NULLARG
+#endif
+
 #ifdef LDAP_CONNECTIONLESS
 #define	LDAP_IS_UDP(ld)		((ld)->ld_options.ldo_is_udp)
 	void*			ldo_peer;	/* struct sockaddr* */
@@ -199,9 +220,12 @@ struct ldapoptions {
 #define ldo_tls_cacertfile	ldo_tls_info.lt_cacertfile
 #define ldo_tls_cacertdir	ldo_tls_info.lt_cacertdir
 #define ldo_tls_ciphersuite	ldo_tls_info.lt_ciphersuite
+#define ldo_tls_protocol_min	ldo_tls_info.lt_protocol_min
 #define ldo_tls_crlfile	ldo_tls_info.lt_crlfile
+#define ldo_tls_randfile	ldo_tls_info.lt_randfile
    	int			ldo_tls_mode;
    	int			ldo_tls_require_cert;
+	int			ldo_tls_impl;
 #ifdef HAVE_OPENSSL_CRL
    	int			ldo_tls_crlcheck;
 #endif
@@ -222,6 +246,23 @@ struct ldapoptions {
 	struct sasl_security_properties	ldo_sasl_secprops;
 #endif
 
+#ifdef HAVE_GSSAPI
+	unsigned gssapi_flags;
+
+	unsigned ldo_gssapi_flags;
+#define LDAP_GSSAPI_OPT_DO_NOT_FREE_GSS_CONTEXT	0x0001
+#define LDAP_GSSAPI_OPT_ALLOW_REMOTE_PRINCIPAL	0x0002
+	unsigned ldo_gssapi_options;
+#endif
+
+	/*
+	 * Per connection tcp-keepalive settings (Linux only,
+	 * ignored where unsupported)
+	 */
+	ber_int_t ldo_keepalive_idle;
+	ber_int_t ldo_keepalive_probes;
+	ber_int_t ldo_keepalive_interval;
+
 	int		ldo_refhoplimit;	/* limit on referral nesting */
 
 	/* LDAPv3 server and client controls */
@@ -236,6 +277,9 @@ struct ldapoptions {
 	LDAP_URLLIST_PROC *ldo_urllist_proc;
 	void *ldo_urllist_params;
 
+	/* LDAP connection callback stack */
+	ldaplist *ldo_conn_cbs;
+
 	LDAP_BOOLEANS ldo_booleans;	/* boolean options */
 };
 
@@ -248,6 +292,9 @@ typedef struct ldap_conn {
 #ifdef HAVE_CYRUS_SASL
 	void		*lconn_sasl_authctx;	/* context for bind */
 	void		*lconn_sasl_sockctx;	/* for security layer */
+#endif
+#ifdef HAVE_GSSAPI
+	void		*lconn_gss_ctx;		/* gss_ctx_id_t */
 #endif
 	int			lconn_refcnt;
 	time_t		lconn_created;	/* time */
@@ -324,24 +371,27 @@ typedef struct ldapreqinfo {
  * structure representing an ldap connection
  */
 
-struct ldap {
-	Sockbuf		*ld_sb;		/* socket descriptor & buffer */
+struct ldap_common {
+	Sockbuf		*ldc_sb;	/* socket descriptor & buffer */
+#define ld_sb			ldc->ldc_sb
 
-	struct ldapoptions ld_options;
+	/* protected by ldo_mutex */
+	struct ldapoptions ldc_options;
+#define ld_options		ldc->ldc_options
 
 #define ld_valid		ld_options.ldo_valid
 #define ld_debug		ld_options.ldo_debug
 
 #define ld_deref		ld_options.ldo_deref
-#define ld_timelimit	ld_options.ldo_timelimit
-#define ld_sizelimit	ld_options.ldo_sizelimit
+#define ld_timelimit		ld_options.ldo_timelimit
+#define ld_sizelimit		ld_options.ldo_sizelimit
 
-#define ld_defbinddn	ld_options.ldo_defbinddn
+#define ld_defbinddn		ld_options.ldo_defbinddn
 #define ld_defbase		ld_options.ldo_defbase
 #define ld_defhost		ld_options.ldo_defhost
 #define ld_defport		ld_options.ldo_defport
 
-#define ld_refhoplimit	ld_options.ldo_refhoplimit
+#define ld_refhoplimit		ld_options.ldo_refhoplimit
 
 #define ld_sctrls		ld_options.ldo_sctrls
 #define ld_cctrls		ld_options.ldo_cctrls
@@ -353,36 +403,79 @@ struct ldap {
 #define ld_urllist_params	ld_options.ldo_urllist_params
 
 #define ld_version		ld_options.ldo_version
+#ifdef LDAP_R_COMPILE
+#define	ld_ldopts_mutex		ld_options.ldo_mutex
+#endif
 
-	unsigned short	ld_lberoptions;
+	unsigned short	ldc_lberoptions;
+#define	ld_lberoptions		ldc->ldc_lberoptions
 
-	ber_int_t	ld_errno;
-	char	*ld_error;
-	char	*ld_matched;
-	char	**ld_referrals;
-	ber_len_t		ld_msgid;
+	/* protected by msgid_mutex */
+	ber_len_t		ldc_msgid;
+#define	ld_msgid		ldc->ldc_msgid
 
 	/* do not mess with these */
-	LDAPRequest	*ld_requests;	/* list of outstanding requests */
-	LDAPMessage	*ld_responses;	/* list of outstanding responses */
+	/* protected by req_mutex */
+	LDAPRequest	*ldc_requests;	/* list of outstanding requests */
+	/* protected by res_mutex */
+	LDAPMessage	*ldc_responses;	/* list of outstanding responses */
+#define	ld_requests		ldc->ldc_requests
+#define	ld_responses		ldc->ldc_responses
 
 #ifdef LDAP_R_COMPILE
-	ldap_pvt_thread_mutex_t	ld_conn_mutex;
-	ldap_pvt_thread_mutex_t	ld_req_mutex;
-	ldap_pvt_thread_mutex_t	ld_res_mutex;
+	ldap_pvt_thread_mutex_t	ldc_msgid_mutex;
+	ldap_pvt_thread_mutex_t	ldc_conn_mutex;
+	ldap_pvt_thread_mutex_t	ldc_req_mutex;
+	ldap_pvt_thread_mutex_t	ldc_res_mutex;
+	ldap_pvt_thread_mutex_t	ldc_abandon_mutex;
+#define	ld_msgid_mutex		ldc->ldc_msgid_mutex
+#define	ld_conn_mutex		ldc->ldc_conn_mutex
+#define	ld_req_mutex		ldc->ldc_req_mutex
+#define	ld_res_mutex		ldc->ldc_res_mutex
+#define	ld_abandon_mutex	ldc->ldc_abandon_mutex
 #endif
 
-	ber_len_t	ld_nabandoned;
-	ber_int_t	*ld_abandoned;	/* array of abandoned requests */
+	/* protected by abandon_mutex */
+	ber_len_t	ldc_nabandoned;
+	ber_int_t	*ldc_abandoned;	/* array of abandoned requests */
+#define	ld_nabandoned		ldc->ldc_nabandoned
+#define	ld_abandoned		ldc->ldc_abandoned
 
-	LDAPCache	*ld_cache;	/* non-null if cache is initialized */
+	/* unused by libldap */
+	LDAPCache	*ldc_cache;	/* non-null if cache is initialized */
+#define	ld_cache		ldc->ldc_cache
 
 	/* do not mess with the rest though */
 
-	LDAPConn	*ld_defconn;	/* default connection */
-	LDAPConn	*ld_conns;	/* list of server connections */
-	void		*ld_selectinfo;	/* platform specifics for select */
+	/* protected by conn_mutex */
+	LDAPConn	*ldc_defconn;	/* default connection */
+#define	ld_defconn		ldc->ldc_defconn
+	LDAPConn	*ldc_conns;	/* list of server connections */
+#define	ld_conns		ldc->ldc_conns
+	void		*ldc_selectinfo;/* platform specifics for select */
+#define	ld_selectinfo		ldc->ldc_selectinfo
+
+	/* ldap_common refcnt - free only if 0 */
+#ifdef LDAP_R_COMPILE
+	ldap_pvt_thread_mutex_t	ldc_mutex;
+#define	ld_ldcmutex		ldc->ldc_mutex
+#endif
+	/* protected by ldc_mutex */
+	unsigned int		ldc_refcnt;
+#define	ld_ldcrefcnt		ldc->ldc_refcnt
 };
+
+struct ldap {
+	/* thread shared */
+	struct ldap_common	*ldc;
+
+	/* thread specific */
+	ber_int_t		ld_errno;
+	char			*ld_error;
+	char			*ld_matched;
+	char			**ld_referrals;
+};
+
 #define LDAP_VALID(ld)		( (ld)->ld_valid == LDAP_VALID_SESSION )
 #define LDAP_TRASHED(ld)	( (ld)->ld_valid == LDAP_TRASHED_SESSION )
 #define LDAP_TRASH(ld)		( (ld)->ld_valid = LDAP_TRASHED_SESSION )
@@ -393,17 +486,28 @@ LDAP_V ( ldap_pvt_thread_mutex_t ) ldap_int_resolv_mutex;
 #ifdef HAVE_CYRUS_SASL
 LDAP_V( ldap_pvt_thread_mutex_t ) ldap_int_sasl_mutex;
 #endif
+#ifdef HAVE_GSSAPI
+LDAP_V( ldap_pvt_thread_mutex_t ) ldap_int_gssapi_mutex;
+#endif
 #endif
 
 #ifdef LDAP_R_COMPILE
-#define	LDAP_NEXT_MSGID(ld, id) \
-	ldap_pvt_thread_mutex_lock( &(ld)->ld_req_mutex ); \
-	id = ++(ld)->ld_msgid; \
-	ldap_pvt_thread_mutex_unlock( &(ld)->ld_req_mutex )
+#define LDAP_MUTEX_LOCK(mutex)    ldap_pvt_thread_mutex_lock( mutex )
+#define LDAP_MUTEX_UNLOCK(mutex)  ldap_pvt_thread_mutex_unlock( mutex )
+#define LDAP_ASSERT_MUTEX_OWNER(mutex) \
+	LDAP_PVT_THREAD_ASSERT_MUTEX_OWNER(mutex)
 #else
-#define	LDAP_NEXT_MSGID(ld, id)	id = ++(ld)->ld_msgid
+#define LDAP_MUTEX_LOCK(mutex)    ((void) 0)
+#define LDAP_MUTEX_UNLOCK(mutex)  ((void) 0)
+#define LDAP_ASSERT_MUTEX_OWNER(mutex) ((void) 0)
 #endif
 
+#define	LDAP_NEXT_MSGID(ld, id) do { \
+	LDAP_MUTEX_LOCK( &(ld)->ld_msgid_mutex ); \
+	(id) = ++(ld)->ld_msgid; \
+	LDAP_MUTEX_UNLOCK( &(ld)->ld_msgid_mutex ); \
+} while (0)
+
 /*
  * in abandon.c
  */
@@ -459,14 +563,6 @@ LDAP_F (void) ldap_int_utils_init LDAP_P(( void ));
  */
 LDAP_F (int) ldap_log_printf LDAP_P((LDAP *ld, int level, const char *fmt, ...)) LDAP_GCCATTR((format(printf, 3, 4)));
 
-/*
- * in cache.c
- */
-LDAP_F (void) ldap_add_request_to_cache LDAP_P(( LDAP *ld, ber_tag_t msgtype,
-        BerElement *request ));
-LDAP_F (void) ldap_add_result_to_cache LDAP_P(( LDAP *ld, LDAPMessage *result ));
-LDAP_F (int) ldap_check_cache LDAP_P(( LDAP *ld, ber_tag_t msgtype, BerElement *request ));
-
 /*
  * in controls.c
  */
@@ -491,6 +587,7 @@ LDAP_F (int) ldap_int_next_line_tokens LDAP_P(( char **bufp, ber_len_t *blenp, c
 LDAP_F (int) ldap_open_defconn( LDAP *ld );
 LDAP_F (int) ldap_int_open_connection( LDAP *ld,
 	LDAPConn *conn, LDAPURLDesc *srvlist, int async );
+LDAP_F (int) ldap_int_check_async_open( LDAP *ld, ber_socket_t sd );
 
 /*
  * in os-ip.c
@@ -503,7 +600,7 @@ LDAP_F (void) ldap_int_ip_init( void );
 LDAP_F (int) ldap_int_timeval_dup( struct timeval **dest,
 	const struct timeval *tm );
 LDAP_F (int) ldap_connect_to_host( LDAP *ld, Sockbuf *sb,
-	int proto, const char *host, int port, int async );
+	int proto, LDAPURLDesc *srv, int async );
 LDAP_F (int) ldap_int_poll( LDAP *ld, ber_socket_t s,
 	struct timeval *tvp );
 
@@ -522,12 +619,15 @@ LDAP_F (void) ldap_mark_select_clear( LDAP *ld, Sockbuf *sb );
 LDAP_F (int) ldap_is_read_ready( LDAP *ld, Sockbuf *sb );
 LDAP_F (int) ldap_is_write_ready( LDAP *ld, Sockbuf *sb );
 
+LDAP_F (int) ldap_int_connect_cbs( LDAP *ld, Sockbuf *sb,
+	ber_socket_t *s, LDAPURLDesc *srv, struct sockaddr *addr );
+
 /*
  * in os-local.c
  */
 #ifdef LDAP_PF_LOCAL
 LDAP_F (int) ldap_connect_to_path( LDAP *ld, Sockbuf *sb,
-	const char *path, int async );
+	LDAPURLDesc *srv, int async );
 #endif /* LDAP_PF_LOCAL */
 
 /*
@@ -538,8 +638,11 @@ LDAP_F (ber_int_t) ldap_send_initial_request( LDAP *ld, ber_tag_t msgtype,
 LDAP_F (BerElement *) ldap_alloc_ber_with_options( LDAP *ld );
 LDAP_F (void) ldap_set_ber_options( LDAP *ld, BerElement *ber );
 
-LDAP_F (int) ldap_send_server_request( LDAP *ld, BerElement *ber, ber_int_t msgid, LDAPRequest *parentreq, LDAPURLDesc **srvlist, LDAPConn *lc, LDAPreqinfo *bind );
-LDAP_F (LDAPConn *) ldap_new_connection( LDAP *ld, LDAPURLDesc **srvlist, int use_ldsb, int connect, LDAPreqinfo *bind );
+LDAP_F (int) ldap_send_server_request( LDAP *ld, BerElement *ber,
+	ber_int_t msgid, LDAPRequest *parentreq, LDAPURLDesc **srvlist,
+	LDAPConn *lc, LDAPreqinfo *bind, int noconn, int m_res );
+LDAP_F (LDAPConn *) ldap_new_connection( LDAP *ld, LDAPURLDesc **srvlist,
+	int use_ldsb, int connect, LDAPreqinfo *bind, int m_req, int m_res );
 LDAP_F (LDAPRequest *) ldap_find_request_by_msgid( LDAP *ld, ber_int_t msgid );
 LDAP_F (void) ldap_return_request( LDAP *ld, LDAPRequest *lr, int freeit );
 LDAP_F (void) ldap_free_request( LDAP *ld, LDAPRequest *lr );
@@ -572,6 +675,7 @@ LDAP_F (BerElement *) ldap_build_search_req LDAP_P((
 	LDAPControl **cctrls,
 	ber_int_t timelimit,
 	ber_int_t sizelimit,
+	ber_int_t deref,
 	ber_int_t *msgidp));
 
 
@@ -638,7 +742,10 @@ LDAP_F (int) ldap_int_sasl_bind LDAP_P((
 	/* should be passed in client controls */
 	unsigned flags,
 	LDAP_SASL_INTERACT_PROC *interact,
-	void *defaults ));
+	void *defaults,
+	LDAPMessage *result,
+	const char **rmech,
+	int *msgid ));
 
 /* in schema.c */
 LDAP_F (char *) ldap_int_parse_numericoid LDAP_P((
@@ -649,9 +756,6 @@ LDAP_F (char *) ldap_int_parse_numericoid LDAP_P((
 /*
  * in tls.c
  */
-LDAP_F (int) ldap_int_tls_config LDAP_P(( LDAP *ld,
-	int option, const char *arg ));
-
 LDAP_F (int) ldap_int_tls_start LDAP_P(( LDAP *ld,
 	LDAPConn *conn, LDAPURLDesc *srv ));
 
@@ -663,6 +767,16 @@ LDAP_F (void) ldap_int_tls_destroy LDAP_P(( struct ldapoptions *lo ));
 LDAP_F (char **) ldap_value_dup LDAP_P((
 	char *const *vals ));
 
+/*
+ *	in gssapi.c
+ */
+#ifdef HAVE_GSSAPI
+LDAP_F(int) ldap_int_gssapi_get_option LDAP_P(( LDAP *ld, int option, void *arg ));
+LDAP_F(int) ldap_int_gssapi_set_option LDAP_P(( LDAP *ld, int option, void *arg ));
+LDAP_F(int) ldap_int_gssapi_config LDAP_P(( struct ldapoptions *lo, int option, const char *arg ));
+LDAP_F(void) ldap_int_gssapi_close LDAP_P(( LDAP *ld, LDAPConn *lc ));
+#endif 
+
 LDAP_END_DECL
 
 #endif /* _LDAP_INT_H */