#ifndef _CLAPCONNECTION_H
#define _CLAPCONNECTION_H
#include <CoreFoundation/CoreFoundation.h>
#include <SystemConfiguration/SystemConfiguration.h>
#include <DirectoryServiceCore/DSMutexSemaphore.h>
#include <DirectoryServiceCore/DSSemaphore.h>
#include <DirectoryServiceCore/DSEventSemaphore.h>
#include <Kerberos/krb5.h>
#include <libkern/OSAtomic.h>
#include <ldap.h>
#include <netinet/in.h> // struct sockaddr_in
#include "CObject.h"
#include "CLDAPDefines.h"
using namespace std;
class CLDAPReplicaInfo;
class CLDAPNodeConfig;
struct sLDAPReachabilityList
{
struct sLDAPReachabilityList *next;
SCNetworkReachabilityRef reachabilityRef;
char dstIP[INET6_ADDRSTRLEN]; char srcIP[INET6_ADDRSTRLEN]; int socket;
};
class CLDAPConnection : public CObject<CLDAPConnection>
{
public:
bool fbAuthenticated; bool fbKerberosAuthenticated; int32_t fWriteable; CLDAPNodeConfig *fNodeConfig; char *fKerberosID; char *fLDAPUsername; char *fLDAPPassword; char *fLDAPRecordType;
public:
CLDAPConnection ( CLDAPNodeConfig *inNodeConfig, CLDAPReplicaInfo *inCurrentReplica = NULL );
CLDAPConnection *CreateCopy ( void );
void SetNeedWriteable ( void ) { OSAtomicCompareAndSwap32Barrier( false, true, &fWriteable ); }
#if defined(DEBUG_LOCKS) || defined(DEBUG_LOCKS_HISTORY) || defined(DEBUG_LDAPSESSION_LOCKS)
#define LockLDAPSession() LockLDAPSessionDebug( __FILE__, __LINE__ )
LDAP *LockLDAPSessionDebug ( char *inFile, int inLine );
#define UnlockLDAPSession(a,b) UnlockLDAPSessionDebug( a, b, __FILE__, __LINE__ )
void UnlockLDAPSessionDebug ( LDAP * &inLDAP, bool inFailed, char *inFile, int inLine );
#else
LDAP *LockLDAPSession ( void );
void UnlockLDAPSession ( LDAP * &inLDAP, bool inFailed );
#endif
UInt32 SessionSecurityLevel ( LDAP *inLDAP );
void PeriodicTask ( void );
void NetworkTransition ( void );
tDirStatus Authenticate ( const char *inLDAPUsername, const char *inRecordType, const char *inKerberosID,
const char *inPassword );
tDirStatus AuthenticateKerberos ( const char *inUsername, const char *inRecordType, krb5_creds *inCredsPtr,
const char *inKerberosID );
void UpdateCredentials ( const char *inPassword );
void CheckFailed ( void );
char *CopyReplicaIPAddress ( void );
char *CopyReplicaServicePrincipal ( void );
int32_t ConnectionStatus ( void ) { return fConnectionStatus; }
void SetConnectionStatus ( int32_t inStatus );
void CloseConnectionIfPossible ( void );
static void ReachabilityCallback ( SCNetworkReachabilityRef inTarget, SCNetworkConnectionFlags inFlags, void *inInfo );
static void LDAPFrameworkCallback ( LDAP *inLD, int inDesc, int inOpening, void *inParams );
private:
DSSemaphore fMutex; CLDAPReplicaInfo *fReplicaInUse; LDAP *fHost;
bool fbBadCredentials; char *fKerberosCache;
int fIdleCount;
DSSemaphore fReachabilityLock;
sLDAPReachabilityList *fReachabilityList;
int32_t fConnectionStatus;
#if defined(DEBUG_LOCKS) || defined(DEBUG_LOCKS_HISTORY) || defined(DEBUG_LDAPSESSION_LOCKS)
int fPrefixLen;
#endif
private:
virtual ~CLDAPConnection ( void );
void ReachabilityNotification( SCNetworkReachabilityRef inTarget, SCNetworkConnectionFlags inFlags );
void StartReachability ( int inSocket );
void StopReachability ( int inSocket );
};
#endif