Apache HTTPD
Macros | Functions | Variables
util_ldap.c File Reference
module ldap_module
#include "httpd.h"
#include "http_config.h"
#include "http_core.h"
#include "http_log.h"
#include "http_protocol.h"
#include "http_request.h"
#include "util_mutex.h"
#include "util_ldap.h"
#include "util_ldap_cache.h"
#include <apr_strings.h>
#include <apr_ldap_rebind.h>

Go to the source code of this file.

Macros

#define APR_LDAP_SIZELIMIT   -1
 
#define AP_LDAP_HOPLIMIT_UNSET   -1
 
#define AP_LDAP_CHASEREFERRALS_SDKDEFAULT   -1
 
#define AP_LDAP_CHASEREFERRALS_OFF   0
 
#define AP_LDAP_CHASEREFERRALS_ON   1
 
#define AP_LDAP_CONNPOOL_DEFAULT   -1
 
#define AP_LDAP_CONNPOOL_INFINITE   -2
 
#define USE_APR_LDAP_REBIND
 
#define uldap_rebind_init(p)   apr_ldap_rebind_init(p)
 
#define uldap_rebind_add(ldc)
 

Functions

static apr_status_t uldap_connection_unbind (void *param)
 
static APR_INLINE apr_status_t ldap_cache_lock (util_ldap_state_t *st, request_rec *r)
 
static APR_INLINE apr_status_t ldap_cache_unlock (util_ldap_state_t *st, request_rec *r)
 
static void util_ldap_strdup (char **str, const char *newstr)
 
static int util_ldap_handler (request_rec *r)
 
static void uldap_connection_close (util_ldap_connection_t *ldc)
 
static int uldap_connection_init (request_rec *r, util_ldap_connection_t *ldc)
 
static int uldap_ld_errno (util_ldap_connection_t *ldc)
 
static int uldap_simple_bind (util_ldap_connection_t *ldc, char *binddn, char *bindpw, struct timeval *timeout)
 
static int uldap_connection_open (request_rec *r, util_ldap_connection_t *ldc)
 
static int compare_client_certs (apr_array_header_t *srcs, apr_array_header_t *dests)
 
static util_ldap_connection_tuldap_connection_find (request_rec *r, const char *host, int port, const char *binddn, const char *bindpw, deref_options deref, int secure)
 
static int uldap_cache_comparedn (request_rec *r, util_ldap_connection_t *ldc, const char *url, const char *dn, const char *reqdn, int compare_dn_on_server)
 
static int uldap_cache_compare (request_rec *r, util_ldap_connection_t *ldc, const char *url, const char *dn, const char *attrib, const char *value)
 
static util_compare_subgroup_tuldap_get_subgroups (request_rec *r, util_ldap_connection_t *ldc, const char *url, const char *dn, char **subgroupAttrs, apr_array_header_t *subgroupclasses)
 
static int uldap_cache_check_subgroups (request_rec *r, util_ldap_connection_t *ldc, const char *url, const char *dn, const char *attrib, const char *value, char **subgroupAttrs, apr_array_header_t *subgroupclasses, int cur_subgroup_depth, int max_subgroup_depth)
 
static int uldap_cache_checkuserid (request_rec *r, util_ldap_connection_t *ldc, const char *url, const char *basedn, int scope, char **attrs, const char *filter, const char *bindpw, const char **binddn, const char ***retvals)
 
static int uldap_cache_getuserdn (request_rec *r, util_ldap_connection_t *ldc, const char *url, const char *basedn, int scope, char **attrs, const char *filter, const char **binddn, const char ***retvals)
 
static int uldap_ssl_supported (request_rec *r)
 
static const charutil_ldap_set_cache_bytes (cmd_parms *cmd, void *dummy, const char *bytes)
 
static const charutil_ldap_set_cache_file (cmd_parms *cmd, void *dummy, const char *file)
 
static const charutil_ldap_set_cache_ttl (cmd_parms *cmd, void *dummy, const char *ttl)
 
static const charutil_ldap_set_cache_entries (cmd_parms *cmd, void *dummy, const char *size)
 
static const charutil_ldap_set_opcache_ttl (cmd_parms *cmd, void *dummy, const char *ttl)
 
static const charutil_ldap_set_opcache_entries (cmd_parms *cmd, void *dummy, const char *size)
 
static int util_ldap_parse_cert_type (const char *type)
 
static const charutil_ldap_set_trusted_global_cert (cmd_parms *cmd, void *dummy, const char *type, const char *file, const char *password)
 
static const charutil_ldap_set_trusted_client_cert (cmd_parms *cmd, void *config, const char *type, const char *file, const char *password)
 
static const charutil_ldap_set_trusted_mode (cmd_parms *cmd, void *dummy, const char *mode)
 
static const charutil_ldap_set_verify_srv_cert (cmd_parms *cmd, void *dummy, int mode)
 
static const charutil_ldap_set_connection_timeout (cmd_parms *cmd, void *dummy, const char *ttl)
 
static const charutil_ldap_set_chase_referrals (cmd_parms *cmd, void *config, const char *arg)
 
static const charutil_ldap_set_debug_level (cmd_parms *cmd, void *config, const char *arg)
 
static const charutil_ldap_set_referral_hop_limit (cmd_parms *cmd, void *config, const char *hop_limit)
 
static void * util_ldap_create_dir_config (apr_pool_t *p, char *d)
 
static const charutil_ldap_set_op_timeout (cmd_parms *cmd, void *dummy, const char *val)
 
static const charutil_ldap_set_conn_ttl (cmd_parms *cmd, void *dummy, const char *val)
 
static const charutil_ldap_set_retry_delay (cmd_parms *cmd, void *dummy, const char *val)
 
static const charutil_ldap_set_retries (cmd_parms *cmd, void *dummy, const char *val)
 
static void * util_ldap_create_config (apr_pool_t *p, server_rec *s)
 
static void * util_ldap_merge_config (apr_pool_t *p, void *basev, void *overridesv)
 
static apr_status_t util_ldap_cleanup_module (void *data)
 
static int util_ldap_pre_config (apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *ptemp)
 
static int util_ldap_post_config (apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
 
static void util_ldap_child_init (apr_pool_t *p, server_rec *s)
 
static void util_ldap_register_hooks (apr_pool_t *p)
 

Variables

static const charldap_cache_mutex_type = "ldap-cache"
 
static const command_rec util_ldap_cmds []
 
static int *const aplog_module_index = &( ldap_module.module_index)
 

Macro Definition Documentation

◆ AP_LDAP_CHASEREFERRALS_OFF

#define AP_LDAP_CHASEREFERRALS_OFF   0

Definition at line 64 of file util_ldap.c.

◆ AP_LDAP_CHASEREFERRALS_ON

#define AP_LDAP_CHASEREFERRALS_ON   1

Definition at line 65 of file util_ldap.c.

◆ AP_LDAP_CHASEREFERRALS_SDKDEFAULT

#define AP_LDAP_CHASEREFERRALS_SDKDEFAULT   -1

Definition at line 63 of file util_ldap.c.

◆ AP_LDAP_CONNPOOL_DEFAULT

#define AP_LDAP_CONNPOOL_DEFAULT   -1

Definition at line 67 of file util_ldap.c.

◆ AP_LDAP_CONNPOOL_INFINITE

#define AP_LDAP_CONNPOOL_INFINITE   -2

Definition at line 68 of file util_ldap.c.

◆ AP_LDAP_HOPLIMIT_UNSET

#define AP_LDAP_HOPLIMIT_UNSET   -1

Definition at line 62 of file util_ldap.c.

◆ APR_LDAP_SIZELIMIT

#define APR_LDAP_SIZELIMIT   -1

Definition at line 51 of file util_ldap.c.

◆ uldap_rebind_add

#define uldap_rebind_add (   ldc)
Value:
apr_ldap_rebind_add((ldc)->rebind_pool, \
(ldc)->ldap, (ldc)->binddn, \
(ldc)->bindpw)
size
apr_size_t size
Definition apr_allocator.h:115

Definition at line 106 of file util_ldap.c.

◆ uldap_rebind_init

#define uldap_rebind_init (   p)    apr_ldap_rebind_init(p)

Definition at line 105 of file util_ldap.c.

◆ USE_APR_LDAP_REBIND

#define USE_APR_LDAP_REBIND

Definition at line 102 of file util_ldap.c.

Function Documentation

◆ compare_client_certs()

static int compare_client_certs ( apr_array_header_t srcs,
apr_array_header_t dests 
)
static

Definition at line 697 of file util_ldap.c.

◆ ldap_cache_lock()

static APR_INLINE apr_status_t ldap_cache_lock ( util_ldap_state_t st,
request_rec r 
)
static

Definition at line 111 of file util_ldap.c.

◆ ldap_cache_unlock()

static APR_INLINE apr_status_t ldap_cache_unlock ( util_ldap_state_t st,
request_rec r 
)
static

Definition at line 122 of file util_ldap.c.

◆ uldap_cache_check_subgroups()

static int uldap_cache_check_subgroups ( request_rec r,
util_ldap_connection_t ldc,
const char url,
const char dn,
const char attrib,
const char value,
char **  subgroupAttrs,
apr_array_header_t subgroupclasses,
int  cur_subgroup_depth,
int  max_subgroup_depth 
)
static

Definition at line 1453 of file util_ldap.c.

◆ uldap_cache_checkuserid()

static int uldap_cache_checkuserid ( request_rec r,
util_ldap_connection_t ldc,
const char url,
const char basedn,
int  scope,
char **  attrs,
const char filter,
const char bindpw,
const char **  binddn,
const char ***  retvals 
)
static

Definition at line 1697 of file util_ldap.c.

◆ uldap_cache_compare()

static int uldap_cache_compare ( request_rec r,
util_ldap_connection_t ldc,
const char url,
const char dn,
const char attrib,
const char value 
)
static

Definition at line 1093 of file util_ldap.c.

◆ uldap_cache_comparedn()

static int uldap_cache_comparedn ( request_rec r,
util_ldap_connection_t ldc,
const char url,
const char dn,
const char reqdn,
int  compare_dn_on_server 
)
static

Definition at line 946 of file util_ldap.c.

◆ uldap_cache_getuserdn()

static int uldap_cache_getuserdn ( request_rec r,
util_ldap_connection_t ldc,
const char url,
const char basedn,
int  scope,
char **  attrs,
const char filter,
const char **  binddn,
const char ***  retvals 
)
static

Definition at line 1974 of file util_ldap.c.

◆ uldap_connection_close()

static void uldap_connection_close ( util_ldap_connection_t ldc)
static

Definition at line 197 of file util_ldap.c.

◆ uldap_connection_find()

static util_ldap_connection_t * uldap_connection_find ( request_rec r,
const char host,
int  port,
const char binddn,
const char bindpw,
deref_options  deref,
int  secure 
)
static

Definition at line 742 of file util_ldap.c.

◆ uldap_connection_init()

static int uldap_connection_init ( request_rec r,
util_ldap_connection_t ldc 
)
static

Definition at line 308 of file util_ldap.c.

◆ uldap_connection_open()

static int uldap_connection_open ( request_rec r,
util_ldap_connection_t ldc 
)
static

Definition at line 588 of file util_ldap.c.

◆ uldap_connection_unbind()

static apr_status_t uldap_connection_unbind ( void *  param)
static

Definition at line 225 of file util_ldap.c.

◆ uldap_get_subgroups()

static util_compare_subgroup_t * uldap_get_subgroups ( request_rec r,
util_ldap_connection_t ldc,
const char url,
const char dn,
char **  subgroupAttrs,
apr_array_header_t subgroupclasses 
)
static

Definition at line 1271 of file util_ldap.c.

◆ uldap_ld_errno()

static int uldap_ld_errno ( util_ldap_connection_t ldc)
static

Definition at line 532 of file util_ldap.c.

◆ uldap_simple_bind()

static int uldap_simple_bind ( util_ldap_connection_t ldc,
char binddn,
char bindpw,
struct timeval timeout 
)
static

Definition at line 551 of file util_ldap.c.

◆ uldap_ssl_supported()

static int uldap_ssl_supported ( request_rec r)
static

Definition at line 2180 of file util_ldap.c.

◆ util_ldap_child_init()

static void util_ldap_child_init ( apr_pool_t p,
server_rec s 
)
static

Definition at line 3124 of file util_ldap.c.

◆ util_ldap_cleanup_module()

static apr_status_t util_ldap_cleanup_module ( void *  data)
static

Definition at line 2947 of file util_ldap.c.

◆ util_ldap_create_config()

static void * util_ldap_create_config ( apr_pool_t p,
server_rec s 
)
static

Definition at line 2856 of file util_ldap.c.

◆ util_ldap_create_dir_config()

static void * util_ldap_create_dir_config ( apr_pool_t p,
char d 
)
static

Definition at line 2725 of file util_ldap.c.

◆ util_ldap_handler()

static int util_ldap_handler ( request_rec r)
static

RFC 2616: HTTP

RFC 2616: HTTP

< Module declines to handle

< Module declines to handle

< Module has handled this stage.

< Module has handled this stage.

Definition at line 158 of file util_ldap.c.

◆ util_ldap_merge_config()

static void * util_ldap_merge_config ( apr_pool_t p,
void *  basev,
void *  overridesv 
)
static

Definition at line 2895 of file util_ldap.c.

◆ util_ldap_parse_cert_type()

static int util_ldap_parse_cert_type ( const char type)
static

Parse the certificate type.

The type can be one of the following: CA_DER, CA_BASE64, CA_CERT7_DB, CA_SECMOD, CERT_DER, CERT_BASE64, CERT_KEY3_DB, CERT_NICKNAME, KEY_DER, KEY_BASE64

If no matches are found, APR_LDAP_CA_TYPE_UNKNOWN is returned.

Definition at line 2341 of file util_ldap.c.

◆ util_ldap_post_config()

static int util_ldap_post_config ( apr_pool_t p,
apr_pool_t plog,
apr_pool_t ptemp,
server_rec s 
)
static

< Module has handled this stage.

< Module has served the response completely * - it's safe to die() with no more output

< Module has handled this stage.

Definition at line 2974 of file util_ldap.c.

◆ util_ldap_pre_config()

static int util_ldap_pre_config ( apr_pool_t pconf,
apr_pool_t plog,
apr_pool_t ptemp 
)
static

< Module has handled this stage.

Definition at line 2960 of file util_ldap.c.

◆ util_ldap_register_hooks()

static void util_ldap_register_hooks ( apr_pool_t p)
static

Definition at line 3248 of file util_ldap.c.

◆ util_ldap_set_cache_bytes()

static const char * util_ldap_set_cache_bytes ( cmd_parms cmd,
void *  dummy,
const char bytes 
)
static

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 2193 of file util_ldap.c.

◆ util_ldap_set_cache_entries()

static const char * util_ldap_set_cache_entries ( cmd_parms cmd,
void *  dummy,
const char size 
)
static

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 2262 of file util_ldap.c.

◆ util_ldap_set_cache_file()

static const char * util_ldap_set_cache_file ( cmd_parms cmd,
void *  dummy,
const char file 
)
static

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 2215 of file util_ldap.c.

◆ util_ldap_set_cache_ttl()

static const char * util_ldap_set_cache_ttl ( cmd_parms cmd,
void *  dummy,
const char ttl 
)
static

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 2241 of file util_ldap.c.

◆ util_ldap_set_chase_referrals()

static const char * util_ldap_set_chase_referrals ( cmd_parms cmd,
void *  config,
const char arg 
)
static

Definition at line 2659 of file util_ldap.c.

◆ util_ldap_set_conn_ttl()

static const char * util_ldap_set_conn_ttl ( cmd_parms cmd,
void *  dummy,
const char val 
)
static

Definition at line 2786 of file util_ldap.c.

◆ util_ldap_set_connection_timeout()

static const char * util_ldap_set_connection_timeout ( cmd_parms cmd,
void *  dummy,
const char ttl 
)
static

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 2628 of file util_ldap.c.

◆ util_ldap_set_debug_level()

static const char * util_ldap_set_debug_level ( cmd_parms cmd,
void *  config,
const char arg 
)
static

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 2684 of file util_ldap.c.

◆ util_ldap_set_op_timeout()

static const char * util_ldap_set_op_timeout ( cmd_parms cmd,
void *  dummy,
const char val 
)
static

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 2738 of file util_ldap.c.

◆ util_ldap_set_opcache_entries()

static const char * util_ldap_set_opcache_entries ( cmd_parms cmd,
void *  dummy,
const char size 
)
static

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 2307 of file util_ldap.c.

◆ util_ldap_set_opcache_ttl()

static const char * util_ldap_set_opcache_ttl ( cmd_parms cmd,
void *  dummy,
const char ttl 
)
static

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 2286 of file util_ldap.c.

◆ util_ldap_set_referral_hop_limit()

static const char * util_ldap_set_referral_hop_limit ( cmd_parms cmd,
void *  config,
const char hop_limit 
)
static

Definition at line 2706 of file util_ldap.c.

◆ util_ldap_set_retries()

static const char * util_ldap_set_retries ( cmd_parms cmd,
void *  dummy,
const char val 
)
static

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 2835 of file util_ldap.c.

◆ util_ldap_set_retry_delay()

static const char * util_ldap_set_retry_delay ( cmd_parms cmd,
void *  dummy,
const char val 
)
static

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 2809 of file util_ldap.c.

◆ util_ldap_set_trusted_client_cert()

static const char * util_ldap_set_trusted_client_cert ( cmd_parms cmd,
void *  config,
const char type,
const char file,
const char password 
)
static

Set LDAPTrustedClientCert.

This directive takes either two or three arguments:

  • certificate type
  • certificate file / directory / nickname
  • certificate password (optional)

< type, mtime, ctime, atime, size

Definition at line 2494 of file util_ldap.c.

◆ util_ldap_set_trusted_global_cert()

static const char * util_ldap_set_trusted_global_cert ( cmd_parms cmd,
void *  dummy,
const char type,
const char file,
const char password 
)
static

Set LDAPTrustedGlobalCert.

This directive takes either two or three arguments:

  • certificate type
  • certificate file / directory / nickname
  • certificate password (optional)

This directive may only be used globally.

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

< type, mtime, ctime, atime, size

Definition at line 2420 of file util_ldap.c.

◆ util_ldap_set_trusted_mode()

static const char * util_ldap_set_trusted_mode ( cmd_parms cmd,
void *  dummy,
const char mode 
)
static

Set LDAPTrustedMode.

This directive sets what encryption mode to use on a connection:

  • None (No encryption)
  • SSL (SSL encryption)
  • STARTTLS (TLS encryption)

Definition at line 2575 of file util_ldap.c.

◆ util_ldap_set_verify_srv_cert()

static const char * util_ldap_set_verify_srv_cert ( cmd_parms cmd,
void *  dummy,
int  mode 
)
static

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 2605 of file util_ldap.c.

◆ util_ldap_strdup()

static void util_ldap_strdup ( char **  str,
const char newstr 
)
static

Definition at line 134 of file util_ldap.c.

Variable Documentation

◆ aplog_module_index

int* const aplog_module_index = &( ldap_module.module_index)
static

Definition at line 3267 of file util_ldap.c.

◆ ldap_cache_mutex_type

const char* ldap_cache_mutex_type = "ldap-cache"
static

Definition at line 75 of file util_ldap.c.

◆ util_ldap_cmds

const command_rec util_ldap_cmds[]
static

Definition at line 3141 of file util_ldap.c.

Generated by doxygen 1.9.8