1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
|
/*
cfg.h - definition of configuration information
This file contains parts that were part of the nss_ldap
library which has been forked into the nss-ldapd library.
Copyright (C) 1997-2005 Luke Howard
Copyright (C) 2007 West Consulting
Copyright (C) 2007 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
02110-1301 USA
*/
#ifndef _CFG_H
#define _CFG_H
#include "compat/attrs.h"
/* maximum number of URIs */
#define NSS_LDAP_CONFIG_URI_MAX 31
enum ldap_ssl_options
{
SSL_OFF,
SSL_LDAPS,
SSL_START_TLS
};
enum ldap_reconnect_policy
{
LP_RECONNECT_HARD_INIT,
LP_RECONNECT_HARD_OPEN,
LP_RECONNECT_SOFT
};
/* selectors for different maps */
enum ldap_map_selector
{
LM_PASSWD,
LM_SHADOW,
LM_GROUP,
LM_HOSTS,
LM_SERVICES,
LM_NETWORKS,
LM_PROTOCOLS,
LM_RPC,
LM_ETHERS,
LM_ALIASES,
LM_NETGROUP,
LM_NONE
};
struct ldap_config
{
/* NULL terminated list of URIs */
char *ldc_uris[NSS_LDAP_CONFIG_URI_MAX+1];
/* protocol version */
int ldc_version;
/* bind DN */
char *ldc_binddn;
/* bind cred */
char *ldc_bindpw;
/* bind DN for root processes */
char *ldc_rootbinddn;
/* bind cred for root processes */
char *ldc_rootbindpw;
/* sasl auth id */
char *ldc_saslid;
/* shadow sasl auth id */
char *ldc_rootsaslid;
/* sasl security */
char *ldc_sasl_secprops;
/* do we use sasl when binding? */
int ldc_usesasl;
/* do we use sasl for root? */
int ldc_rootusesasl;
/* base DN, eg. dc=gnu,dc=org */
char *ldc_base;
/* scope for searches */
int ldc_scope;
/* dereference aliases/links */
int ldc_deref;
/* Chase referrals */
int ldc_referrals;
/* search timelimit */
int ldc_timelimit;
/* bind timelimit */
int ldc_bind_timelimit;
/* reconnect policy */
enum ldap_reconnect_policy ldc_reconnect_pol;
/* idle timeout */
time_t ldc_idle_timelimit;
/* SSL enabled */
enum ldap_ssl_options ldc_ssl_on;
/* SSL certificate path */
char *ldc_sslpath;
/* tls check peer */
int ldc_tls_checkpeer;
/* tls ca certificate dir */
char *ldc_tls_cacertdir;
/* tls ca certificate file */
char *ldc_tls_cacertfile;
/* tls randfile */
char *ldc_tls_randfile;
/* tls ciphersuite */
char *ldc_tls_ciphers;
/* tls certificate */
char *ldc_tls_cert;
/* tls key */
char *ldc_tls_key;
/* whether the LDAP library should restart the select(2) system call when interrupted */
int ldc_restart;
/* set to a greater than 0 to enable handling of paged results with the specified size */
int ldc_pagesize;
/* number of sleeping reconnect attempts */
int ldc_reconnect_tries;
/* seconds to sleep; doubled until max */
int ldc_reconnect_sleeptime;
/* maximum seconds to sleep */
int ldc_reconnect_maxsleeptime;
/* LDAP debug level */
int ldc_debug;
};
/* this is a pointer to the global configuration, it should be available
once cfg_init() was called */
extern struct ldap_config *nslcd_cfg;
/* Initialize the configuration in nslcd_cfg. This method
will read the default configuration file and call exit()
if an error occurs. */
void cfg_init(const char *fname);
#endif /* _CFG_H */
|