X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fslap.h;h=358ac633408191b672fe384e91748b9500ca8097;hb=2f9b89b4afc2f8fc68ab3f2d1122c92ec53db926;hp=f6009fee698a93314c2fd5e50cfc5dce2477acc6;hpb=6d1a322f739a2737b1a828675754cd9bba38b6ee;p=openldap diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index f6009fee69..358ac63340 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -250,6 +250,10 @@ typedef union slap_sockaddr { #endif } Sockaddr; +#ifdef LDAP_PF_INET6 +extern int slap_inet4or6; +#endif + typedef struct slap_oid_macro { struct berval som_oid; char **som_names; @@ -594,6 +598,7 @@ struct slap_internal_schema { AttributeDescription *si_ad_supportedLDAPVersion; AttributeDescription *si_ad_supportedSASLMechanisms; AttributeDescription *si_ad_supportedFeatures; + AttributeDescription *si_ad_monitorContext; AttributeDescription *si_ad_vendorName; AttributeDescription *si_ad_vendorVersion; @@ -618,6 +623,8 @@ struct slap_internal_schema { /* Access Control Internals */ AttributeDescription *si_ad_entry; AttributeDescription *si_ad_children; + AttributeDescription *si_ad_saslAuthzTo; + AttributeDescription *si_ad_saslAuthzFrom; #ifdef SLAPD_ACI_ENABLED AttributeDescription *si_ad_aci; #endif @@ -1169,7 +1176,9 @@ struct slap_backend_db { #define SLAP_DISALLOW_BIND_ANON 0x0001U /* no anonymous */ #define SLAP_DISALLOW_BIND_SIMPLE 0x0002U /* simple authentication */ -#define SLAP_DISALLOW_BIND_KRBV4 0x0004U /* Kerberos V4 authentication */ +#define SLAP_DISALLOW_BIND_SIMPLE_UNPROTECTED \ + 0x0004U /* unprotected simple auth */ +#define SLAP_DISALLOW_BIND_KRBV4 0x0008U /* Kerberos V4 authentication */ #define SLAP_DISALLOW_TLS_2_ANON 0x0010U /* StartTLS -> Anonymous */ #define SLAP_DISALLOW_TLS_AUTHC 0x0020U /* TLS while authenticated */ @@ -1550,7 +1559,6 @@ typedef struct slap_conn { int c_sasl_bind_in_progress; /* multi-op bind in progress */ struct berval c_sasl_bind_mech; /* mech in progress */ struct berval c_sasl_dn; /* temporary storage */ - struct berval c_cdn; /* authorization backend */ Backend *c_authz_backend; @@ -1605,26 +1613,6 @@ typedef struct slap_conn { #define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) #endif - -#define SASLREGEX_REPLACE 10 -#define SASL_AUTHZ_SOURCE_ATTR "saslAuthzTo" -#define SASL_AUTHZ_DEST_ATTR "saslAuthzFrom" - -typedef struct sasl_uri { - struct berval dn; - struct berval filter; - int scope; -} SaslUri_t; - -typedef struct sasl_regexp { - char *sr_match; /* regexp match pattern */ - SaslUri_t sr_replace; /* regexp replace pattern */ - regex_t sr_workspace; /* workspace for regexp engine */ - regmatch_t sr_strings[SASLREGEX_REPLACE]; /* strings matching $1,$2 ... */ - int sr_dn_offset[SASLREGEX_REPLACE+2]; /* offsets of $1,$2... in *replace */ - int sr_fi_offset[SASLREGEX_REPLACE+2]; /* offsets of $1,$2... in *replace */ -} SaslRegexp_t; - /* * listener; need to access it from monitor backend */