summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/external/ldap.m42
-rw-r--r--src/providers/ldap/ldap_auth.c3
-rw-r--r--src/providers/ldap/sdap_async.h3
-rw-r--r--src/providers/ldap/sdap_async_connection.c119
-rw-r--r--src/util/sss_ldap.c336
-rw-r--r--src/util/sss_ldap.h10
6 files changed, 435 insertions, 38 deletions
diff --git a/src/external/ldap.m4 b/src/external/ldap.m4
index b56eb340e..f24350943 100644
--- a/src/external/ldap.m4
+++ b/src/external/ldap.m4
@@ -64,7 +64,7 @@ SAVE_CFLAGS=$CFLAGS
SAVE_LIBS=$LIBS
CFLAGS="$CFLAGS $OPENLDAP_CFLAGS"
LIBS="$LIBS $OPENLDAP_LIBS"
-AC_CHECK_FUNCS([ldap_control_create])
+AC_CHECK_FUNCS([ldap_control_create ldap_init_fd])
AC_CHECK_MEMBERS([struct ldap_conncb.lc_arg],
[AC_RUN_IFELSE(
[AC_LANG_PROGRAM(
diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c
index 4f60525d1..5857e5379 100644
--- a/src/providers/ldap/ldap_auth.c
+++ b/src/providers/ldap/ldap_auth.c
@@ -563,7 +563,8 @@ static void auth_resolve_done(struct tevent_req *subreq)
}
subreq = sdap_connect_send(state, state->ev, state->ctx->opts,
- state->sdap_service->uri, use_tls);
+ state->sdap_service->uri,
+ state->sdap_service->sockaddr, use_tls);
if (!subreq) {
tevent_req_error(req, ENOMEM);
return;
diff --git a/src/providers/ldap/sdap_async.h b/src/providers/ldap/sdap_async.h
index aff104ccc..4115f621e 100644
--- a/src/providers/ldap/sdap_async.h
+++ b/src/providers/ldap/sdap_async.h
@@ -22,6 +22,8 @@
#ifndef _SDAP_ASYNC_H_
#define _SDAP_ASYNC_H_
+#include <sys/types.h>
+#include <sys/socket.h>
#include <talloc.h>
#include <tevent.h>
#include "providers/dp_backend.h"
@@ -32,6 +34,7 @@ struct tevent_req *sdap_connect_send(TALLOC_CTX *memctx,
struct tevent_context *ev,
struct sdap_options *opts,
const char *uri,
+ struct sockaddr_storage *sockaddr,
bool use_start_tls);
int sdap_connect_recv(struct tevent_req *req,
TALLOC_CTX *memctx,
diff --git a/src/providers/ldap/sdap_async_connection.c b/src/providers/ldap/sdap_async_connection.c
index 40ed585c6..5d1fb3496 100644
--- a/src/providers/ldap/sdap_async_connection.c
+++ b/src/providers/ldap/sdap_async_connection.c
@@ -20,9 +20,12 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
+#include <unistd.h>
+#include <fcntl.h>
#include <sasl/sasl.h>
#include "util/util.h"
#include "util/sss_krb5.h"
+#include "util/sss_ldap.h"
#include "providers/ldap/sdap_async_private.h"
#include "providers/ldap/ldap_common.h"
@@ -61,6 +64,8 @@ struct sdap_connect_state {
struct tevent_context *ev;
struct sdap_options *opts;
struct sdap_handle *sh;
+ const char *uri;
+ bool use_start_tls;
struct sdap_op *op;
@@ -68,6 +73,7 @@ struct sdap_connect_state {
int result;
};
+static void sdap_sys_connect_done(struct tevent_req *subreq);
static void sdap_connect_done(struct sdap_op *op,
struct sdap_msg *reply,
int error, void *pvt);
@@ -76,21 +82,13 @@ struct tevent_req *sdap_connect_send(TALLOC_CTX *memctx,
struct tevent_context *ev,
struct sdap_options *opts,
const char *uri,
+ struct sockaddr_storage *sockaddr,
bool use_start_tls)
{
struct tevent_req *req;
+ struct tevent_req *subreq;
struct sdap_connect_state *state;
- struct timeval tv;
- int ver;
- int lret;
- int optret;
- int ret = EOK;
- int msgid;
- char *errmsg = NULL;
- bool ldap_referrals;
- const char *ldap_deref;
- int ldap_deref_val;
- struct sdap_rebind_proc_params *rebind_proc_params;
+ int ret;
req = tevent_req_create(memctx, &state, struct sdap_connect_state);
if (!req) return NULL;
@@ -103,6 +101,8 @@ struct tevent_req *sdap_connect_send(TALLOC_CTX *memctx,
state->ev = ev;
state->opts = opts;
+ state->uri = uri;
+ state->use_start_tls = use_start_tls;
state->sh = sdap_handle_create(state);
if (!state->sh) {
talloc_zfree(req);
@@ -112,13 +112,67 @@ struct tevent_req *sdap_connect_send(TALLOC_CTX *memctx,
state->sh->page_size = dp_opt_get_int(state->opts->basic,
SDAP_PAGE_SIZE);
- /* Initialize LDAP handler */
- lret = ldap_initialize(&state->sh->ldap, uri);
- if (lret != LDAP_SUCCESS) {
- DEBUG(1, ("ldap_initialize failed: %s\n", ldap_err2string(lret)));
+ subreq = sss_ldap_init_send(state, ev, uri, sockaddr,
+ sizeof(struct sockaddr_storage));
+ if (subreq == NULL) {
+ ret = ENOMEM;
+ DEBUG(1, ("sss_ldap_init_send failed.\n"));
+ goto fail;
+ }
+
+ tevent_req_set_callback(subreq, sdap_sys_connect_done, req);
+ return req;
+
+fail:
+ tevent_req_error(req, ret);
+ tevent_req_post(req, ev);
+ return req;
+}
+
+static void sdap_sys_connect_done(struct tevent_req *subreq)
+{
+ struct tevent_req *req = tevent_req_callback_data(subreq,
+ struct tevent_req);
+ struct sdap_connect_state *state = tevent_req_data(req,
+ struct sdap_connect_state);
+ struct timeval tv;
+ int ver;
+ int lret;
+ int optret;
+ int ret = EOK;
+ int msgid;
+ char *errmsg = NULL;
+ bool ldap_referrals;
+ const char *ldap_deref;
+ int ldap_deref_val;
+ struct sdap_rebind_proc_params *rebind_proc_params;
+ int sd;
+
+ ret = sss_ldap_init_recv(subreq, &state->sh->ldap, &sd);
+ talloc_zfree(subreq);
+ if (ret != EOK) {
+ DEBUG(1, ("sdap_async_connect_call request failed.\n"));
+ tevent_req_error(req, ret);
+ return;
+ }
+
+ ret = setup_ldap_connection_callbacks(state->sh, state->ev);
+ if (ret != EOK) {
+ DEBUG(1, ("setup_ldap_connection_callbacks failed.\n"));
goto fail;
}
+ /* If sss_ldap_init_recv() does not return a valid file descriptor we have
+ * to assume that the connection callback will be called by internally by
+ * the OpenLDAP client library. */
+ if (sd != -1) {
+ ret = sdap_call_conn_cb(state->uri, sd, state->sh);
+ if (ret != EOK) {
+ DEBUG(1, ("sdap_call_conn_cb failed.\n"));
+ goto fail;
+ }
+ }
+
/* Force ldap version to 3 */
ver = LDAP_VERSION3;
lret = ldap_set_option(state->sh->ldap, LDAP_OPT_PROTOCOL_VERSION, &ver);
@@ -135,27 +189,27 @@ struct tevent_req *sdap_connect_send(TALLOC_CTX *memctx,
}
/* Set Network Timeout */
- tv.tv_sec = dp_opt_get_int(opts->basic, SDAP_NETWORK_TIMEOUT);
+ tv.tv_sec = dp_opt_get_int(state->opts->basic, SDAP_NETWORK_TIMEOUT);
tv.tv_usec = 0;
lret = ldap_set_option(state->sh->ldap, LDAP_OPT_NETWORK_TIMEOUT, &tv);
if (lret != LDAP_OPT_SUCCESS) {
DEBUG(1, ("Failed to set network timeout to %d\n",
- dp_opt_get_int(opts->basic, SDAP_NETWORK_TIMEOUT)));
+ dp_opt_get_int(state->opts->basic, SDAP_NETWORK_TIMEOUT)));
goto fail;
}
/* Set Default Timeout */
- tv.tv_sec = dp_opt_get_int(opts->basic, SDAP_OPT_TIMEOUT);
+ tv.tv_sec = dp_opt_get_int(state->opts->basic, SDAP_OPT_TIMEOUT);
tv.tv_usec = 0;
lret = ldap_set_option(state->sh->ldap, LDAP_OPT_TIMEOUT, &tv);
if (lret != LDAP_OPT_SUCCESS) {
DEBUG(1, ("Failed to set default timeout to %d\n",
- dp_opt_get_int(opts->basic, SDAP_OPT_TIMEOUT)));
+ dp_opt_get_int(state->opts->basic, SDAP_OPT_TIMEOUT)));
goto fail;
}
/* Set Referral chasing */
- ldap_referrals = dp_opt_get_bool(opts->basic, SDAP_REFERRALS);
+ ldap_referrals = dp_opt_get_bool(state->opts->basic, SDAP_REFERRALS);
lret = ldap_set_option(state->sh->ldap, LDAP_OPT_REFERRALS,
(ldap_referrals ? LDAP_OPT_ON : LDAP_OPT_OFF));
if (lret != LDAP_OPT_SUCCESS) {
@@ -173,9 +227,9 @@ struct tevent_req *sdap_connect_send(TALLOC_CTX *memctx,
goto fail;
}
- rebind_proc_params->opts = opts;
+ rebind_proc_params->opts = state->opts;
rebind_proc_params->sh = state->sh;
- rebind_proc_params->use_start_tls = use_start_tls;
+ rebind_proc_params->use_start_tls = state->use_start_tls;
lret = ldap_set_rebind_proc(state->sh->ldap, sdap_rebind_proc,
rebind_proc_params);
@@ -186,7 +240,7 @@ struct tevent_req *sdap_connect_send(TALLOC_CTX *memctx,
}
/* Set alias dereferencing */
- ldap_deref = dp_opt_get_string(opts->basic, SDAP_DEREF);
+ ldap_deref = dp_opt_get_string(state->opts->basic, SDAP_DEREF);
if (ldap_deref != NULL) {
ret = deref_string_to_val(ldap_deref, &ldap_deref_val);
if (ret != EOK) {
@@ -202,18 +256,11 @@ struct tevent_req *sdap_connect_send(TALLOC_CTX *memctx,
}
- ret = setup_ldap_connection_callbacks(state->sh, state->ev);
- if (ret != EOK) {
- DEBUG(1, ("setup_ldap_connection_callbacks failed.\n"));
- goto fail;
- }
-
/* if we do not use start_tls the connection is not really connected yet
* just fake an async procedure and leave connection to the bind call */
- if (!use_start_tls) {
+ if (!state->use_start_tls) {
tevent_req_done(req);
- tevent_req_post(req, ev);
- return req;
+ return;
}
DEBUG(4, ("Executing START TLS\n"));
@@ -241,14 +288,14 @@ struct tevent_req *sdap_connect_send(TALLOC_CTX *memctx,
if (ret) goto fail;
/* FIXME: get timeouts from configuration, for now 5 secs. */
- ret = sdap_op_add(state, ev, state->sh, msgid,
+ ret = sdap_op_add(state, state->ev, state->sh, msgid,
sdap_connect_done, req, 5, &state->op);
if (ret) {
DEBUG(1, ("Failed to set up operation!\n"));
goto fail;
}
- return req;
+ return;
fail:
if (ret) {
@@ -260,8 +307,7 @@ fail:
tevent_req_error(req, EIO);
}
}
- tevent_req_post(req, ev);
- return req;
+ return;
}
static void sdap_connect_done(struct sdap_op *op,
@@ -1145,6 +1191,7 @@ static void sdap_cli_resolve_done(struct tevent_req *subreq)
subreq = sdap_connect_send(state, state->ev, state->opts,
state->service->uri,
+ state->service->sockaddr,
use_tls);
if (!subreq) {
tevent_req_error(req, ENOMEM);
diff --git a/src/util/sss_ldap.c b/src/util/sss_ldap.c
index 49d989b62..9f76870f8 100644
--- a/src/util/sss_ldap.c
+++ b/src/util/sss_ldap.c
@@ -19,6 +19,11 @@
*/
#include <stdlib.h>
#include <netdb.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <netinet/tcp.h>
#include "config.h"
@@ -94,3 +99,334 @@ sss_ldap_escape_ip_address(TALLOC_CTX *mem_ctx, int family, const char *addr)
return family == AF_INET6 ? talloc_asprintf(mem_ctx, "[%s]", addr) :
talloc_strdup(mem_ctx, addr);
}
+
+#ifdef HAVE_LDAP_INIT_FD
+struct sdap_async_sys_connect_state {
+ long old_flags;
+ struct tevent_fd *fde;
+ int fd;
+ socklen_t addr_len;
+ struct sockaddr_storage addr;
+};
+
+static void sdap_async_sys_connect_done(struct tevent_context *ev,
+ struct tevent_fd *fde, uint16_t flags,
+ void *priv);
+
+static struct tevent_req *sdap_async_sys_connect_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ int fd,
+ const struct sockaddr *addr,
+ socklen_t addr_len)
+{
+ struct tevent_req *req;
+ struct sdap_async_sys_connect_state *state;
+ long flags;
+ int ret;
+
+ flags = fcntl(fd, F_GETFL, 0);
+ if (flags == -1) {
+ DEBUG(1, ("fcntl F_GETFL failed.\n"));
+ return NULL;
+ }
+
+ req = tevent_req_create(mem_ctx, &state,
+ struct sdap_async_sys_connect_state);
+ if (req == NULL) {
+ DEBUG(1, ("tevent_req_create failed.\n"));
+ return NULL;
+ }
+
+ state->old_flags = flags;
+ state->fd = fd;
+ state->addr_len = addr_len;
+ memcpy(&state->addr, addr, addr_len);
+
+ ret = fcntl(fd, F_SETFL, flags | O_NONBLOCK);
+ if (ret != EOK) {
+ DEBUG(1, ("fcntl F_SETFL failed.\n"));
+ goto done;
+ }
+
+ ret = connect(fd, addr, addr_len);
+ if (ret == EOK) {
+ tevent_req_done(req);
+ goto done;
+ }
+
+ ret = errno;
+ switch(ret) {
+ case EINPROGRESS:
+ case EINTR:
+ state->fde = tevent_add_fd(ev, state, fd,
+ TEVENT_FD_READ | TEVENT_FD_WRITE,
+ sdap_async_sys_connect_done, req);
+ if (state->fde == NULL) {
+ DEBUG(1, ("tevent_add_fd failed.\n"));
+ ret = ENOMEM;
+ goto done;
+ }
+
+ return req;
+
+ break;
+ default:
+ DEBUG(1, ("connect failed [%d][%s].\n", ret, strerror(ret)));
+ }
+
+done:
+ if (ret != EOK) {
+ tevent_req_error(req, ret);
+ }
+
+ ret = fcntl(fd, F_SETFL, flags);
+ if (ret != EOK) {
+ DEBUG(1, ("fcntl F_SETFL failed.\n"));
+ }
+ tevent_req_post(req, ev);
+ return req;
+}
+
+static void sdap_async_sys_connect_done(struct tevent_context *ev,
+ struct tevent_fd *fde, uint16_t flags,
+ void *priv)
+{
+ struct tevent_req *req = talloc_get_type(priv, struct tevent_req);
+ struct sdap_async_sys_connect_state *state = tevent_req_data(req,
+ struct sdap_async_sys_connect_state);
+ int ret = EOK;
+
+ /* I found the following comment in samba's lib/async_req/async_sock.c:
+ * Stevens, Network Programming says that if there's a
+ * successful connect, the socket is only writable. Upon an
+ * error, it's both readable and writable.
+ */
+ if ((flags & (TEVENT_FD_READ|TEVENT_FD_WRITE)) ==
+ (TEVENT_FD_READ|TEVENT_FD_WRITE)) {
+
+ ret = connect(state->fd, (struct sockaddr *) &state->addr,
+ state->addr_len);
+ if (ret == EOK) {
+ goto done;
+ }
+
+ ret = errno;
+ if (ret == EINPROGRESS || ret == EINTR) {
+ return;
+ }
+
+ DEBUG(1, ("connect failed [%d][%s].\n", ret, strerror(ret)));
+ }
+
+done:
+ talloc_zfree(fde);
+ if (ret == EOK) {
+ tevent_req_done(req);
+ } else {
+ tevent_req_error(req, ret);
+ }
+
+ ret = fcntl(state->fd, F_SETFL, state->old_flags);
+ if (ret != EOK) {
+ DEBUG(1, ("fcntl F_SETFL failed.\n"));
+ }
+ return;
+}
+
+static int sdap_async_sys_connect_recv(struct tevent_req *req)
+{
+ TEVENT_REQ_RETURN_ON_ERROR(req);
+
+ return EOK;
+}
+
+static errno_t set_fd_flags_and_opts(int fd)
+{
+ int ret;
+ long flags;
+ int dummy = 1;
+
+ flags = fcntl(fd, F_GETFD, 0);
+ if (flags == -1) {
+ ret = errno;
+ DEBUG(1, ("fcntl F_GETFD failed [%d][%s].\n", ret, strerror(ret)));
+ return ret;
+ }
+
+ flags = fcntl(fd, F_SETFD, flags| FD_CLOEXEC);
+ if (flags == -1) {
+ ret = errno;
+ DEBUG(1, ("fcntl F_SETFD failed [%d][%s].\n", ret, strerror(ret)));
+ return ret;
+ }
+
+ flags = fcntl(fd, F_GETFL, 0);
+ if (flags == -1) {
+ ret = errno;
+ DEBUG(1, ("fcntl F_GETFL failed [%d][%s].\n", ret, strerror(ret)));
+ return ret;
+ }
+
+ flags = fcntl(fd, F_SETFL, flags| O_NONBLOCK);
+ if (flags == -1) {
+ ret = errno;
+ DEBUG(1, ("fcntl F_SETFL failed [%d][%s].\n", ret, strerror(ret)));
+ return ret;
+ }
+
+ /* SO_KEEPALIVE and TCP_NODELAY are set by OpenLDAP client libraries but
+ * failures are ignored.*/
+ ret = setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &dummy, sizeof(dummy));
+ if (ret != 0) {
+ ret = errno;
+ DEBUG(5, ("setsockopt SO_KEEPALIVE failed.[%d][%s].\n", ret,
+ strerror(ret)));
+ }
+
+ ret = setsockopt(fd, SOL_TCP, TCP_NODELAY, &dummy, sizeof(dummy));
+ if (ret != 0) {
+ ret = errno;
+ DEBUG(5, ("setsockopt TCP_NODELAY failed.[%d][%s].\n", ret,
+ strerror(ret)));
+ }
+
+ return EOK;
+}
+
+#define LDAP_PROTO_TCP 1 /* ldap:// */
+#define LDAP_PROTO_UDP 2 /* reserved */
+#define LDAP_PROTO_IPC 3 /* ldapi:// */
+#define LDAP_PROTO_EXT 4 /* user-defined socket/sockbuf */
+
+extern int ldap_init_fd(ber_socket_t fd, int proto, const char *url, LDAP **ld);
+
+static void sss_ldap_init_sys_connect_done(struct tevent_req *subreq);
+#endif
+
+struct sss_ldap_init_state {
+ LDAP *ldap;
+ int sd;
+ const char *uri;
+};
+
+
+struct tevent_req *sss_ldap_init_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ const char *uri,
+ struct sockaddr_storage *addr,
+ int addr_len)
+{
+ int ret = EOK;
+ struct tevent_req *req;
+ struct sss_ldap_init_state *state;
+
+ req = tevent_req_create(mem_ctx, &state, struct sss_ldap_init_state);
+ if (req == NULL) {
+ DEBUG(1, ("tevent_req_create failed.\n"));
+ return NULL;
+ }
+
+ state->ldap = NULL;
+ state->uri = uri;
+
+#ifdef HAVE_LDAP_INIT_FD
+ struct tevent_req *subreq;
+
+ state->sd = socket(addr->ss_family, SOCK_STREAM, 0);
+ if (state->sd == -1) {
+ ret = errno;
+ DEBUG(1, ("socket failed [%d][%s].\n", ret, strerror(ret)));
+ goto fail;
+ }
+
+ ret = set_fd_flags_and_opts(state->sd);
+ if (ret != EOK) {
+ DEBUG(1, ("set_fd_flags_and_opts failed.\n"));
+ goto fail;
+ }
+
+ DEBUG(9, ("Using file descriptor [%d] for LDAP connection.\n", state->sd));
+
+ subreq = sdap_async_sys_connect_send(state, ev, state->sd,
+ (struct sockaddr *) addr, addr_len);
+ if (subreq == NULL) {
+ ret = ENOMEM;
+ DEBUG(1, ("sdap_async_sys_connect_send failed.\n"));
+ goto fail;
+ }
+
+ tevent_req_set_callback(subreq, sss_ldap_init_sys_connect_done, req);
+ return req;
+
+fail:
+ close(state->sd);
+ tevent_req_error(req, ret);
+#else
+ DEBUG(3, ("ldap_init_fd not available, "
+ "will use ldap_initialize with uri [%s].\n", uri));
+ state->sd = -1;
+ ret = ldap_initialize(&state->ldap, uri);
+ if (ret == LDAP_SUCCESS) {
+ tevent_req_done(req);
+ } else {
+ DEBUG(1, ("ldap_initialize failed [%s].\n", ldap_err2string(ret)));
+ if (ret == LDAP_SERVER_DOWN) {
+ tevent_req_error(req, ETIMEDOUT);
+ } else {
+ tevent_req_error(req, EIO);
+ }
+ }
+#endif
+
+ tevent_req_post(req, ev);
+ return req;
+}
+
+#ifdef HAVE_LDAP_INIT_FD
+static void sss_ldap_init_sys_connect_done(struct tevent_req *subreq)
+{
+ struct tevent_req *req = tevent_req_callback_data(subreq,
+ struct tevent_req);
+ struct sss_ldap_init_state *state = tevent_req_data(req,
+ struct sss_ldap_init_state);
+ int ret;
+ int lret;
+
+ ret = sdap_async_sys_connect_recv(subreq);
+ talloc_zfree(subreq);
+ if (ret != EOK) {
+ DEBUG(1, ("sdap_async_sys_connect request failed.\n"));
+ close(state->sd);
+ tevent_req_error(req, ret);
+ return;
+ }
+ /* Initialize LDAP handler */
+
+ lret = ldap_init_fd(state->sd, LDAP_PROTO_TCP, state->uri, &state->ldap);
+ if (lret != LDAP_SUCCESS) {
+ DEBUG(1, ("ldap_init_fd failed: %s\n", ldap_err2string(lret)));
+ close(state->sd);
+ if (lret == LDAP_SERVER_DOWN) {
+ tevent_req_error(req, ETIMEDOUT);
+ } else {
+ tevent_req_error(req, EIO);
+ }
+ return;
+ }
+
+ tevent_req_done(req);
+ return;
+}
+#endif
+
+int sss_ldap_init_recv(struct tevent_req *req, LDAP **ldap, int *sd)
+{
+ struct sss_ldap_init_state *state = tevent_req_data(req,
+ struct sss_ldap_init_state);
+ TEVENT_REQ_RETURN_ON_ERROR(req);
+
+ *ldap = state->ldap;
+ *sd = state->sd;
+
+ return EOK;
+}
diff --git a/src/util/sss_ldap.h b/src/util/sss_ldap.h
index 16c22641e..14fff29e7 100644
--- a/src/util/sss_ldap.h
+++ b/src/util/sss_ldap.h
@@ -21,8 +21,11 @@
#ifndef __SSS_LDAP_H__
#define __SSS_LDAP_H__
+#include <sys/types.h>
+#include <sys/socket.h>
#include <ldap.h>
#include <talloc.h>
+#include <tevent.h>
#ifdef LDAP_OPT_DIAGNOSTIC_MESSAGE
#define SDAP_DIAGNOSTIC_MESSAGE LDAP_OPT_DIAGNOSTIC_MESSAGE
@@ -49,4 +52,11 @@ int sss_ldap_control_create(const char *oid, int iscritical,
inline const char *
sss_ldap_escape_ip_address(TALLOC_CTX *mem_ctx, int family, const char *addr);
+struct tevent_req *sss_ldap_init_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ const char *uri,
+ struct sockaddr_storage *addr,
+ int addr_len);
+
+int sss_ldap_init_recv(struct tevent_req *req, LDAP **ldap, int *sd);
#endif /* __SSS_LDAP_H__ */