mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2024-11-27 05:50:21 +08:00
Code Issues Packages Projects Releases Wiki Activity
master
curl/lib/ldap.c

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

1117 lines
29 KiB
C
Raw Permalink Normal View History

updated source code boilerplate/header
2002-09-03 19:52:59 +08:00
/***************************************************************************
Revert changes relative to lib/*.[ch] recent renaming This reverts renaming and usage of lib/*.h header files done 28-12-2012, reverting 2 commits: f871de0... build: make use of 76 lib/*.h renamed files ffd8e12... build: rename 76 lib/*.h files This also reverts removal of redundant include guard (redundant thanks to changes in above commits) done 2-12-2013, reverting 1 commit: c087374... curl_setup.h: remove redundant include guard This also reverts renaming and usage of lib/*.c source files done 3-12-2013, reverting 3 commits: 13606bb... build: make use of 93 lib/*.c renamed files 5b6e792... build: rename 93 lib/*.c files 7d83dff... build: commit 13606bbfde follow-up 1 Start of related discussion thread: http://curl.haxx.se/mail/lib-2013-01/0012.html Asking for confirmation on pushing this revertion commit: http://curl.haxx.se/mail/lib-2013-01/0048.html Confirmation summary: http://curl.haxx.se/mail/lib-2013-01/0079.html NOTICE: The list of 2 files that have been modified by other intermixed commits, while renamed, and also by at least one of the 6 commits this one reverts follows below. These 2 files will exhibit a hole in history unless git's '--follow' option is used when viewing logs. lib/curl_imap.h lib/curl_smtp.h
2013-01-04 09:50:28 +08:00
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
Initial revision
1999-12-29 22:20:26 +08:00
*
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - saves us from pointless churn - git keeps history for us - the year range is kept in COPYING checksrc is updated to allow non-year using copyright statements Closes #10205
2023-01-02 20:51:48 +08:00
* Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
Initial revision
1999-12-29 22:20:26 +08:00
*
updated source code boilerplate/header
2002-09-03 19:52:59 +08:00
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
curl.se: new home Closes #6172
2020-11-04 21:02:01 +08:00
* are also available at https://curl.se/docs/copyright.html.
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
*
dual-license fix
2001-01-03 17:29:33 +08:00
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
updated source code boilerplate/header
2002-09-03 19:52:59 +08:00
* furnished to do so, under the terms of the COPYING file.
Initial revision
1999-12-29 22:20:26 +08:00
*
dual-license fix
2001-01-03 17:29:33 +08:00
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
Initial revision
1999-12-29 22:20:26 +08:00
*
fix ldap related compilation issues
2010-06-01 23:25:03 +08:00
* SPDX-License-Identifier: curl
copyright: make repository REUSE compliant Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the file `.reuse/dep5`. This commit also adds a Github workflow to check pull requests and adapts copyright.pl to the changes. Closes #8869
2022-05-17 17:16:50 +08:00
*
updated source code boilerplate/header
2002-09-03 19:52:59 +08:00
***************************************************************************/
Initial revision
1999-12-29 22:20:26 +08:00
build: fix circular header inclusion with other packages This commit renames lib/setup.h to lib/curl_setup.h and renames lib/setup_once.h to lib/curl_setup_once.h. Removes the need and usage of a header inclusion guard foreign to libcurl. [1] Removes the need and presence of an alarming notice we carried in old setup_once.h [2] ---------------------------------------- 1 - lib/setup_once.h used __SETUP_ONCE_H macro as header inclusion guard up to commit ec691ca3 which changed this to HEADER_CURL_SETUP_ONCE_H, this single inclusion guard is enough to ensure that inclusion of lib/setup_once.h done from lib/setup.h is only done once. Additionally lib/setup.h has always used __SETUP_ONCE_H macro to protect inclusion of setup_once.h even after commit ec691ca3, this was to avoid a circular header inclusion triggered when building a c-ares enabled version with c-ares sources available which also has a setup_once.h header. Commit ec691ca3 exposes the real nature of __SETUP_ONCE_H usage in lib/setup.h, it is a header inclusion guard foreign to libcurl belonging to c-ares's setup_once.h The renaming this commit does, fixes the circular header inclusion, and as such removes the need and usage of a header inclusion guard foreign to libcurl. Macro __SETUP_ONCE_H no longer used in libcurl. 2 - Due to the circular interdependency of old lib/setup_once.h and the c-ares setup_once.h header, old file lib/setup_once.h has carried back from 2006 up to now days an alarming and prominent notice about the need of keeping libcurl's and c-ares's setup_once.h in sync. Given that this commit fixes the circular interdependency, the need and presence of mentioned notice is removed. All mentioned interdependencies come back from now old days when the c-ares project lived inside a curl subdirectory. This commit removes last traces of such fact.
2013-01-07 02:06:49 +08:00
#include "curl_setup.h"
#include "setup.h" moved first of all includes
2000-08-24 22:26:33 +08:00
LDAP: properly implemented as a curl_handler makes the LDAP code much cleaner, nicer and in general being a better libcurl citizen. If a new enough OpenLDAP version is detect, the new and shiny lib/openldap.c code is then used instead of the old cruft Code by Howard, minor cleanups by Daniel.
2010-05-25 06:44:42 +08:00
#if !defined(CURL_DISABLE_LDAP) && !defined(USE_OPENLDAP)
fix ldap related compilation issues
2010-06-01 23:25:03 +08:00
/*
* Notice that USE_OPENLDAP is only a source code selection switch. When
* libcurl is built with USE_OPENLDAP defined the libcurl source code that
Revert changes relative to lib/*.[ch] recent renaming This reverts renaming and usage of lib/*.h header files done 28-12-2012, reverting 2 commits: f871de0... build: make use of 76 lib/*.h renamed files ffd8e12... build: rename 76 lib/*.h files This also reverts removal of redundant include guard (redundant thanks to changes in above commits) done 2-12-2013, reverting 1 commit: c087374... curl_setup.h: remove redundant include guard This also reverts renaming and usage of lib/*.c source files done 3-12-2013, reverting 3 commits: 13606bb... build: make use of 93 lib/*.c renamed files 5b6e792... build: rename 93 lib/*.c files 7d83dff... build: commit 13606bbfde follow-up 1 Start of related discussion thread: http://curl.haxx.se/mail/lib-2013-01/0012.html Asking for confirmation on pushing this revertion commit: http://curl.haxx.se/mail/lib-2013-01/0048.html Confirmation summary: http://curl.haxx.se/mail/lib-2013-01/0079.html NOTICE: The list of 2 files that have been modified by other intermixed commits, while renamed, and also by at least one of the 6 commits this one reverts follows below. These 2 files will exhibit a hole in history unless git's '--follow' option is used when viewing logs. lib/curl_imap.h lib/curl_smtp.h
2013-01-04 09:50:28 +08:00
* gets compiled is the code from openldap.c, otherwise the code that gets
* compiled is the code from ldap.c.
fix ldap related compilation issues
2010-06-01 23:25:03 +08:00
*
* When USE_OPENLDAP is defined a recent version of the OpenLDAP library
* might be required for compilation and runtime. In order to use ancient
* OpenLDAP library versions, USE_OPENLDAP shall not be defined.
*/
openssl: fix BoringSSL symbol conflicts with LDAP and Schannel Same issue as here [1], but this time when building curl with BoringSSL for Windows with LDAP(S) or Schannel support enabled. Apply the same fix [2] for these source files as well. This can also be fixed by moving `#include "urldata.h"` _before_ including `winldap.h` and `schnlsp.h` respectively. This seems like a cleaner fix, though I'm not sure why it works and if it has any downside. [1] https://github.com/curl/curl/issues/5669 [2] https://github.com/curl/curl/commit/fbe07c6829ba8c5793c84c2856526e19e9029ab9 Co-authored-by: Jay Satiro Closes #9110
2022-07-14 15:14:22 +08:00
/* Wincrypt must be included before anything that could include OpenSSL. */
#if defined(USE_WIN32_CRYPTO)
#include <wincrypt.h>
/* Undefine wincrypt conflicting symbols for BoringSSL. */
#undef X509_NAME
#undef X509_EXTENSIONS
#undef PKCS7_ISSUER_AND_SERIAL
#undef PKCS7_SIGNER_INFO
#undef OCSP_REQUEST
#undef OCSP_RESPONSE
#endif
ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define.
2015-01-19 04:25:37 +08:00
#ifdef USE_WIN32_LDAP /* Use Windows LDAP implementation. */
cmake: add support for "unity" builds Aka "jumbo" or "amalgamation" builds. It means to compile all sources per target as a single C source. This is experimental. You can enable it by passing `-DCMAKE_UNITY_BUILD=ON` to cmake. It requires CMake 3.16 or newer. It makes builds (much) faster, allows for better optimizations and tends to promote less ambiguous code. Also add a new AppVeyor CI job and convert an existing one to use "unity" mode (one MSVC, one MinGW), and enable it for one macOS CI job. Fix related issues: - add missing include guard to `easy_lock.h`. - rename static variables and functions (and a macro) with names reused across sources, or shadowed by local variables. - add an `#undef` after use. - add a missing `#undef` before use. - move internal definitions from `ftp.h` to `ftp.c`. - `curl_memory.h` fixes to make it work when included repeatedly. - stop building/linking curlx bits twice for a static-mode curl tool. These caused doubly defined symbols in unity builds. - silence missing extern declarations compiler warning for ` _CRT_glob`. - fix extern declarations for `tool_freq` and `tool_isVistaOrGreater`. - fix colliding static symbols in debug mode: `debugtime()` and `statename`. - rename `ssl_backend_data` structure to unique names for each TLS-backend, along with the `ssl_connect_data` struct member referencing them. This required adding casts for each access. - add workaround for missing `[P]UNICODE_STRING` types in certain Windows builds when compiling `lib/ldap.c`. To support "unity" builds, we had to enable `SCHANNEL_USE_BLACKLISTS` for Schannel (a Windows `schannel.h` option) _globally_. This caused an indirect inclusion of Windows `schannel.h` from `ldap.c` via `winldap.h` to have it enabled as well. This requires `[P]UNICODE_STRING` types, which is apperantly not defined automatically (as seen with both MSVS and mingw-w64). This patch includes `<subauth.h>` to fix it. Ref: https://github.com/curl/curl/runs/13987772013 Ref: https://dev.azure.com/daniel0244/curl/_build/results?buildId=15827&view=logs&jobId=2c9f582d-e278-56b6-4354-f38a4d851906&j=2c9f582d-e278-56b6-4354-f38a4d851906&t=90509b00-34fa-5a81-35d7-5ed9569d331c - tweak unity builds to compile `lib/memdebug.c` separately in memory trace builds to avoid PP confusion. - force-disable unity for test programs. - do not compile and link libcurl sources to libtests _twice_ when libcurl is built in static mode. KNOWN ISSUES: - running tests with unity builds may fail in cases. - some build configurations/env may not compile in unity mode. E.g.: https://ci.appveyor.com/project/curlorg/curl/builds/47230972/job/51wfesgnfuauwl8q#L250 Ref: https://github.com/libssh2/libssh2/issues/1034 Ref: https://cmake.org/cmake/help/latest/prop_tgt/UNITY_BUILD.html Ref: https://en.wikipedia.org/wiki/Unity_build Closes #11095
2023-05-09 18:10:40 +08:00
# ifdef _MSC_VER
# pragma warning(push)
# pragma warning(disable: 4201)
# endif
# include <subauth.h> /* for [P]UNICODE_STRING */
# ifdef _MSC_VER
# pragma warning(pop)
# endif
Ben Greear's minor fix to build (better) with cross-compiled(?) mingw
2004-09-26 14:53:53 +08:00
# include <winldap.h>
added check for MSVC6 standard PSDK and bail out since insufficient for LDAP support with current code.
2007-10-10 07:25:58 +08:00
# ifndef LDAP_VENDOR_NAME
source cleanup: unify look, style and indent levels By the use of a the new lib/checksrc.pl script that checks that our basic source style rules are followed.
2011-04-20 21:17:42 +08:00
# error Your Platform SDK is NOT sufficient for LDAP support! \
Update your Platform SDK, or disable LDAP support!
added check for MSVC6 standard PSDK and bail out since insufficient for LDAP support with current code.
2007-10-10 07:25:58 +08:00
# else
# include <winber.h>
# endif
Patrick Monnerat modified the LDAP code and approach in curl. Starting now, the configure script checks for openldap and friends and we link with those libs just like we link all other third party libraries, and we no longer dlopen() those libraries. Our private header file lib/ldap.h was renamed to lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix) just before this commit, just in case.
2007-08-12 04:57:54 +08:00
#else
Enable OpenLDAP support for cygwin builds. Enable OpenLDAP support for cygwin builds. This support was disabled back in 2008 due to incompatibilities between OpenSSL and OpenLDAP headers. cygwin's OpenSSL 0.9.8l and OpenLDAP 2.3.43 versions on cygwin 1.5.25 allow building an OpenLDAP enabled libcurl supporting back to Windows 95. Remove non-functional CURL_LDAP_HYBRID code and references.
2010-06-04 21:14:31 +08:00
# define LDAP_DEPRECATED 1 /* Be sure ldap_init() is defined. */
# ifdef HAVE_LBER_H
# include <lber.h>
# endif
Patrick Monnerat modified the LDAP code and approach in curl. Starting now, the configure script checks for openldap and friends and we link with those libs just like we link all other third party libraries, and we no longer dlopen() those libraries. Our private header file lib/ldap.h was renamed to lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix) just before this commit, just in case.
2007-08-12 04:57:54 +08:00
# include <ldap.h>
Enable OpenLDAP support for cygwin builds. Enable OpenLDAP support for cygwin builds. This support was disabled back in 2008 due to incompatibilities between OpenSSL and OpenLDAP headers. cygwin's OpenSSL 0.9.8l and OpenLDAP 2.3.43 versions on cygwin 1.5.25 allow building an OpenLDAP enabled libcurl supporting back to Windows 95. Remove non-functional CURL_LDAP_HYBRID code and references.
2010-06-04 21:14:31 +08:00
# if (defined(HAVE_LDAP_SSL) && defined(HAVE_LDAP_SSL_H))
# include <ldap_ssl.h>
# endif /* HAVE_LDAP_SSL && HAVE_LDAP_SSL_H */
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
#endif
Revert changes relative to lib/*.[ch] recent renaming This reverts renaming and usage of lib/*.h header files done 28-12-2012, reverting 2 commits: f871de0... build: make use of 76 lib/*.h renamed files ffd8e12... build: rename 76 lib/*.h files This also reverts removal of redundant include guard (redundant thanks to changes in above commits) done 2-12-2013, reverting 1 commit: c087374... curl_setup.h: remove redundant include guard This also reverts renaming and usage of lib/*.c source files done 3-12-2013, reverting 3 commits: 13606bb... build: make use of 93 lib/*.c renamed files 5b6e792... build: rename 93 lib/*.c files 7d83dff... build: commit 13606bbfde follow-up 1 Start of related discussion thread: http://curl.haxx.se/mail/lib-2013-01/0012.html Asking for confirmation on pushing this revertion commit: http://curl.haxx.se/mail/lib-2013-01/0048.html Confirmation summary: http://curl.haxx.se/mail/lib-2013-01/0079.html NOTICE: The list of 2 files that have been modified by other intermixed commits, while renamed, and also by at least one of the 6 commits this one reverts follows below. These 2 files will exhibit a hole in history unless git's '--follow' option is used when viewing logs. lib/curl_imap.h lib/curl_smtp.h
2013-01-04 09:50:28 +08:00
#include "urldata.h"
Initial revision
1999-12-29 22:20:26 +08:00
#include <curl/curl.h>
Revert changes relative to lib/*.[ch] recent renaming This reverts renaming and usage of lib/*.h header files done 28-12-2012, reverting 2 commits: f871de0... build: make use of 76 lib/*.h renamed files ffd8e12... build: rename 76 lib/*.h files This also reverts removal of redundant include guard (redundant thanks to changes in above commits) done 2-12-2013, reverting 1 commit: c087374... curl_setup.h: remove redundant include guard This also reverts renaming and usage of lib/*.c source files done 3-12-2013, reverting 3 commits: 13606bb... build: make use of 93 lib/*.c renamed files 5b6e792... build: rename 93 lib/*.c files 7d83dff... build: commit 13606bbfde follow-up 1 Start of related discussion thread: http://curl.haxx.se/mail/lib-2013-01/0012.html Asking for confirmation on pushing this revertion commit: http://curl.haxx.se/mail/lib-2013-01/0048.html Confirmation summary: http://curl.haxx.se/mail/lib-2013-01/0079.html NOTICE: The list of 2 files that have been modified by other intermixed commits, while renamed, and also by at least one of the 6 commits this one reverts follows below. These 2 files will exhibit a hole in history unless git's '--follow' option is used when viewing logs. lib/curl_imap.h lib/curl_smtp.h
2013-01-04 09:50:28 +08:00
#include "sendf.h"
#include "escape.h"
#include "progress.h"
#include "transfer.h"
ldap: fix strcase use follow-up to 811a693b80
2016-10-31 16:30:36 +08:00
#include "strcase.h"
Revert changes relative to lib/*.[ch] recent renaming This reverts renaming and usage of lib/*.h header files done 28-12-2012, reverting 2 commits: f871de0... build: make use of 76 lib/*.h renamed files ffd8e12... build: rename 76 lib/*.h files This also reverts removal of redundant include guard (redundant thanks to changes in above commits) done 2-12-2013, reverting 1 commit: c087374... curl_setup.h: remove redundant include guard This also reverts renaming and usage of lib/*.c source files done 3-12-2013, reverting 3 commits: 13606bb... build: make use of 93 lib/*.c renamed files 5b6e792... build: rename 93 lib/*.c files 7d83dff... build: commit 13606bbfde follow-up 1 Start of related discussion thread: http://curl.haxx.se/mail/lib-2013-01/0012.html Asking for confirmation on pushing this revertion commit: http://curl.haxx.se/mail/lib-2013-01/0048.html Confirmation summary: http://curl.haxx.se/mail/lib-2013-01/0079.html NOTICE: The list of 2 files that have been modified by other intermixed commits, while renamed, and also by at least one of the 6 commits this one reverts follows below. These 2 files will exhibit a hole in history unless git's '--follow' option is used when viewing logs. lib/curl_imap.h lib/curl_smtp.h
2013-01-04 09:50:28 +08:00
#include "strtok.h"
Patrick Monnerat modified the LDAP code and approach in curl. Starting now, the configure script checks for openldap and friends and we link with those libs just like we link all other third party libraries, and we no longer dlopen() those libraries. Our private header file lib/ldap.h was renamed to lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix) just before this commit, just in case.
2007-08-12 04:57:54 +08:00
#include "curl_ldap.h"
ldap: Fixed Unicode host name in Win32 initialisation calls
2015-01-04 03:59:12 +08:00
#include "curl_multibyte.h"
libcurl internal base64.h header file renamed to curl_base64.h
2008-08-17 08:25:38 +08:00
#include "curl_base64.h"
bits.close: Fixed compilation warning warning: implicit declaration of function 'connclose'
2014-05-22 07:09:11 +08:00
#include "connect.h"
lib: include curl_printf.h as one of the last headers curl_printf.h defines printf to curl_mprintf, etc. This can cause problems with external headers which may use __attribute__((format(printf, ...))) markers etc. To avoid that they cause problems with system includes, we include curl_printf.h after any system headers. That makes the three last headers to always be, and we keep them in this order: curl_printf.h curl_memory.h memdebug.h None of them include system headers, they all do funny #defines. Reported-by: David Benjamin Fixes #743
2016-04-29 21:46:40 +08:00
/* The last 3 #include files should be in this order */
mprintf.h: remove #ifdef CURLDEBUG ... and as a consequence, introduce curl_printf.h with that re-define magic instead and make all libcurl code use that instead.
2015-03-03 19:36:18 +08:00
#include "curl_printf.h"
curl_memory: make curl_memory.h the second-last header file loaded This header file must be included after all header files except memdebug.h, as it does similar memory function redefinitions and can be similarly affected by conflicting definitions in system or dependent library headers.
2015-03-25 06:12:03 +08:00
#include "curl_memory.h"
Revert changes relative to lib/*.[ch] recent renaming This reverts renaming and usage of lib/*.h header files done 28-12-2012, reverting 2 commits: f871de0... build: make use of 76 lib/*.h renamed files ffd8e12... build: rename 76 lib/*.h files This also reverts removal of redundant include guard (redundant thanks to changes in above commits) done 2-12-2013, reverting 1 commit: c087374... curl_setup.h: remove redundant include guard This also reverts renaming and usage of lib/*.c source files done 3-12-2013, reverting 3 commits: 13606bb... build: make use of 93 lib/*.c renamed files 5b6e792... build: rename 93 lib/*.c files 7d83dff... build: commit 13606bbfde follow-up 1 Start of related discussion thread: http://curl.haxx.se/mail/lib-2013-01/0012.html Asking for confirmation on pushing this revertion commit: http://curl.haxx.se/mail/lib-2013-01/0048.html Confirmation summary: http://curl.haxx.se/mail/lib-2013-01/0079.html NOTICE: The list of 2 files that have been modified by other intermixed commits, while renamed, and also by at least one of the 6 commits this one reverts follows below. These 2 files will exhibit a hole in history unless git's '--follow' option is used when viewing logs. lib/curl_imap.h lib/curl_smtp.h
2013-01-04 09:50:28 +08:00
#include "memdebug.h"
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
Patrick Monnerat modified the LDAP code and approach in curl. Starting now, the configure script checks for openldap and friends and we link with those libs just like we link all other third party libraries, and we no longer dlopen() those libraries. Our private header file lib/ldap.h was renamed to lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix) just before this commit, just in case.
2007-08-12 04:57:54 +08:00
#ifndef HAVE_LDAP_URL_PARSE
Initial revision
1999-12-29 22:20:26 +08:00
Patrick Monnerat modified the LDAP code and approach in curl. Starting now, the configure script checks for openldap and friends and we link with those libs just like we link all other third party libraries, and we no longer dlopen() those libraries. Our private header file lib/ldap.h was renamed to lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix) just before this commit, just in case.
2007-08-12 04:57:54 +08:00
/* Use our own implementation. */
Initial revision
1999-12-29 22:20:26 +08:00
source cleanup: remove all custom typedef structs - Stick to a single unified way to use structs - Make checksrc complain on 'typedef struct {' - Allow them in tests, public headers and examples - Let MD4_CTX, MD5_CTX, and SHA256_CTX typedefs remain as they actually typedef different types/structs depending on build conditions. Closes #5338
2020-05-14 06:05:04 +08:00
struct ldap_urldesc {
LDAP: fix bad free() when URL parsing failed When an error occurs parsing an LDAP URL, The ludp->lud_attrs[i] entries could be freed even though they sometimes point to data within an allocated area. This change introduces a lud_attrs_dup[] array for the duplicated string pointers, and it removes the unused lud_exts array. Bug: http://curl.haxx.se/mail/lib-2013-08/0209.html
2013-09-06 05:51:53 +08:00
char *lud_host;
int lud_port;
ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define.
2015-01-19 04:25:37 +08:00
#if defined(USE_WIN32_LDAP)
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
TCHAR *lud_dn;
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
TCHAR **lud_attrs;
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
#else
LDAP: fix bad free() when URL parsing failed When an error occurs parsing an LDAP URL, The ludp->lud_attrs[i] entries could be freed even though they sometimes point to data within an allocated area. This change introduces a lud_attrs_dup[] array for the duplicated string pointers, and it removes the unused lud_exts array. Bug: http://curl.haxx.se/mail/lib-2013-08/0209.html
2013-09-06 05:51:53 +08:00
char *lud_dn;
char **lud_attrs;
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
#endif
LDAP: fix bad free() when URL parsing failed When an error occurs parsing an LDAP URL, The ludp->lud_attrs[i] entries could be freed even though they sometimes point to data within an allocated area. This change introduces a lud_attrs_dup[] array for the duplicated string pointers, and it removes the unused lud_exts array. Bug: http://curl.haxx.se/mail/lib-2013-08/0209.html
2013-09-06 05:51:53 +08:00
int lud_scope;
ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define.
2015-01-19 04:25:37 +08:00
#if defined(USE_WIN32_LDAP)
ldap: Fixed support for Unicode filter in Win32 search call
2015-01-04 04:58:29 +08:00
TCHAR *lud_filter;
#else
LDAP: fix bad free() when URL parsing failed When an error occurs parsing an LDAP URL, The ludp->lud_attrs[i] entries could be freed even though they sometimes point to data within an allocated area. This change introduces a lud_attrs_dup[] array for the duplicated string pointers, and it removes the unused lud_exts array. Bug: http://curl.haxx.se/mail/lib-2013-08/0209.html
2013-09-06 05:51:53 +08:00
char *lud_filter;
ldap.c: Fixed compilation warning ldap.c:98: warning: extra tokens at end of #endif directive
2015-01-05 00:11:08 +08:00
#endif
LDAP: fix bad free() when URL parsing failed When an error occurs parsing an LDAP URL, The ludp->lud_attrs[i] entries could be freed even though they sometimes point to data within an allocated area. This change introduces a lud_attrs_dup[] array for the duplicated string pointers, and it removes the unused lud_exts array. Bug: http://curl.haxx.se/mail/lib-2013-08/0209.html
2013-09-06 05:51:53 +08:00
char **lud_exts;
ldap.c: Corrected build error from commit 857f999353f333
2013-09-11 02:30:07 +08:00
size_t lud_attrs_dups; /* how many were dup'ed, this field is not in the
"real" struct so can only be used in code
without HAVE_LDAP_URL_PARSE defined */
source cleanup: remove all custom typedef structs - Stick to a single unified way to use structs - Make checksrc complain on 'typedef struct {' - Allow them in tests, public headers and examples - Let MD4_CTX, MD5_CTX, and SHA256_CTX typedefs remain as they actually typedef different types/structs depending on build conditions. Closes #5338
2020-05-14 06:05:04 +08:00
};
Simplify and rename internal structure to avoid potential name clash with LDAP header file.
2007-08-13 21:03:08 +08:00
#undef LDAPURLDesc
source cleanup: remove all custom typedef structs - Stick to a single unified way to use structs - Make checksrc complain on 'typedef struct {' - Allow them in tests, public headers and examples - Let MD4_CTX, MD5_CTX, and SHA256_CTX typedefs remain as they actually typedef different types/structs depending on build conditions. Closes #5338
2020-05-14 06:05:04 +08:00
#define LDAPURLDesc struct ldap_urldesc
Henrik Storner's update to make libcurl work with OpenLDAP 2.1.22 (current). Also reported to work with OpenLDAP 2.0.26.
2003-09-01 16:23:31 +08:00
lib: remove conn->data uses Closes #6515
2021-01-25 01:57:02 +08:00
static int _ldap_url_parse(struct Curl_easy *data,
const struct connectdata *conn,
checksrc: stricter no-space-before-paren enforcement In order to make the code style more uniform everywhere
2016-12-14 06:34:59 +08:00
LDAPURLDesc **ludp);
static void _ldap_free_urldesc(LDAPURLDesc *ludp);
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
Simplify and rename internal structure to avoid potential name clash with LDAP header file.
2007-08-13 21:03:08 +08:00
#undef ldap_free_urldesc
#define ldap_free_urldesc _ldap_free_urldesc
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
#endif
#ifdef DEBUG_LDAP
#define LDAP_TRACE(x) do { \
checksrc: stricter no-space-before-paren enforcement In order to make the code style more uniform everywhere
2016-12-14 06:34:59 +08:00
_ldap_trace("%u: ", __LINE__); \
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
_ldap_trace x; \
build: Disable Visual Studio warning "conditional expression is constant" - Disable warning C4127 "conditional expression is constant" globally in curl_setup.h for when building with Microsoft's compiler. This mainly affects building with the Visual Studio project files found in the projects dir. Prior to this change the cmake and winbuild build systems already disabled 4127 globally for when building with Microsoft's compiler. Also, 4127 was already disabled for all build systems in the limited circumstance of the WHILE_FALSE macro which disabled the warning specifically for while(0). This commit removes the WHILE_FALSE macro and all other cruft in favor of disabling globally in curl_setup. Background: We have various macros that cause 0 or 1 to be evaluated, which would cause warning C4127 in Visual Studio. For example this causes it: #define Curl_resolver_asynch() 1 Full behavior is not clearly defined and inconsistent across versions. However it is documented that since VS 2015 Update 3 Microsoft has addressed this somewhat but not entirely, not warning on while(true) for example. Prior to this change some C4127 warnings occurred when I built with Visual Studio using the generated projects in the projects dir. Closes https://github.com/curl/curl/pull/4658
2019-11-30 16:29:36 +08:00
} while(0)
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
build: enable missing OpenSSF-recommended warnings, with fixes https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html as of 2023-11-29 [1]. Enable new recommended warnings (except `-Wsign-conversion`): - enable `-Wformat=2` for clang (in both cmake and autotools). - add `CURL_PRINTF()` internal attribute and mark functions accepting printf arguments with it. This is a copy of existing `CURL_TEMP_PRINTF()` but using `__printf__` to make it compatible with redefinting the `printf` symbol: https://gcc.gnu.org/onlinedocs/gcc-3.0.4/gcc_5.html#SEC94 - fix `CURL_PRINTF()` and existing `CURL_TEMP_PRINTF()` for mingw-w64 and enable it on this platform. - enable `-Wimplicit-fallthrough`. - enable `-Wtrampolines`. - add `-Wsign-conversion` commented with a FIXME. - cmake: enable `-pedantic-errors` the way we do it with autotools. Follow-up to d5c0351055d5709da8f3e16c91348092fdb481aa #2747 - lib/curl_trc.h: use `CURL_FORMAT()`, this also fixes it to enable format checks. Previously it was always disabled due to the internal `printf` macro. Fix them: - fix bug where an `set_ipv6_v6only()` call was missed in builds with `--disable-verbose` / `CURL_DISABLE_VERBOSE_STRINGS=ON`. - add internal `FALLTHROUGH()` macro. - replace obsolete fall-through comments with `FALLTHROUGH()`. - fix fallthrough markups: Delete redundant ones (showing up as warnings in most cases). Add missing ones. Fix indentation. - silence `-Wformat-nonliteral` warnings with llvm/clang. - fix one `-Wformat-nonliteral` warning. - fix new `-Wformat` and `-Wformat-security` warnings. - fix `CURL_FORMAT_SOCKET_T` value for mingw-w64. Also move its definition to `lib/curl_setup.h` allowing use in `tests/server`. - lib: fix two wrongly passed string arguments in log outputs. Co-authored-by: Jay Satiro - fix new `-Wformat` warnings on mingw-w64. [1] https://github.com/ossf/wg-best-practices-os-developers/blob/56c0fde3895bfc55c8a973ef49a2572c507b2ae1/docs/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C%2B%2B.md Closes #12489
2023-12-08 21:05:09 +08:00
static void _ldap_trace(const char *fmt, ...) CURL_PRINTF(1, 2);
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
#else
fix a bunch of MSVC compiler warnings
2011-09-03 22:06:10 +08:00
#define LDAP_TRACE(x) Curl_nop_stmt
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
#endif
ldap: Stop using wide char version of ldapp_err2string Despite ldapp_err2string being documented by MS as returning a PCHAR (char *), when UNICODE it is mapped to ldap_err2stringW and returns PWCHAR (wchar_t *). We have lots of code that expects ldap_err2string to return char *, most of it failf used like this: failf(data, "LDAP local: Some error: %s", ldap_err2string(rc)); Closes https://github.com/curl/curl/pull/4272
2019-08-28 02:20:20 +08:00
#if defined(USE_WIN32_LDAP) && defined(ldap_err2string)
tidy-up: OS names Use these words and casing more consistently across text, comments and one curl tool output: AIX, ALPN, ANSI, BSD, Cygwin, Darwin, FreeBSD, GitHub, HP-UX, Linux, macOS, MS-DOS, MSYS, MinGW, NTLM, POSIX, Solaris, UNIX, Unix, Unicode, WINE, WebDAV, Win32, winbind, WinIDN, Windows, Windows CE, Winsock. Mostly OS names and a few more. Also a couple of other minor text fixups. Closes #14360
2024-08-03 07:09:57 +08:00
/* Use ANSI error strings in Unicode builds */
ldap: Stop using wide char version of ldapp_err2string Despite ldapp_err2string being documented by MS as returning a PCHAR (char *), when UNICODE it is mapped to ldap_err2stringW and returns PWCHAR (wchar_t *). We have lots of code that expects ldap_err2string to return char *, most of it failf used like this: failf(data, "LDAP local: Some error: %s", ldap_err2string(rc)); Closes https://github.com/curl/curl/pull/4272
2019-08-28 02:20:20 +08:00
#undef ldap_err2string
#define ldap_err2string ldap_err2stringA
#endif
cmake: fix enabling LDAPS on Windows Before this patch, enabling LDAPS required a manual C flag: https://github.com/curl/curl-for-win/blob/c1cfc31cfc04f24f7a4f946564d6f0e1b4d7dd36/curl-cmake.sh#L105 Fix this and enable LDAPS automatically when using `wldap32` (and when not explicitly disabled). This matches autotools and `Makefile.mk` behavior. Also remove issue from KNOWN_BUGS. Add workaround for MSVS 2010 warning triggered by LDAPS now enabled in more CI tests: `ldap.c(360): warning C4306: 'type cast' : conversion from 'int' to 'void *' of greater size` Ref: https://ci.appveyor.com/project/curlorg/curl/builds/46408284/job/v8mwl9yfbmoeqwlr#L312 Reported-by: JackBoosY on github Reviewed-by: Jay Satiro Reviewed-by: Marcel Raad Fixes #6284 Closes #10674
2023-03-06 03:55:14 +08:00
#if defined(USE_WIN32_LDAP) && defined(_MSC_VER) && (_MSC_VER <= 1600)
/* Workaround for warning:
'type cast' : conversion from 'int' to 'void *' of greater size */
#undef LDAP_OPT_ON
#undef LDAP_OPT_OFF
#define LDAP_OPT_ON ((void *)(size_t)1)
#define LDAP_OPT_OFF ((void *)(size_t)0)
#endif
Henrik Storner's update to make libcurl work with OpenLDAP 2.1.22 (current). Also reported to work with OpenLDAP 2.0.26.
2003-09-01 16:23:31 +08:00
lib: pass in 'struct Curl_easy *' to most functions ... in most cases instead of 'struct connectdata *' but in some cases in addition to. - We mostly operate on transfers and not connections. - We need the transfer handle to log, store data and more. Everything in libcurl is driven by a transfer (the CURL * in the public API). - This work clarifies and separates the transfers from the connections better. - We should avoid "conn->data". Since individual connections can be used by many transfers when multiplexing, making sure that conn->data points to the current and correct transfer at all times is difficult and has been notoriously error-prone over the years. The goal is to ultimately remove the conn->data pointer for this reason. Closes #6425
2021-01-09 00:58:15 +08:00
static CURLcode ldap_do(struct Curl_easy *data, bool *done);
Added per-protocol callback static tables, replacing callback ptr storage in the connectdata structure by a single handler table ptr.
2007-10-12 21:36:37 +08:00
/*
* LDAP protocol handler.
*/
const struct Curl_handler Curl_handler_ldap = {
lib: make protocol handlers store scheme name lowercase - saves a lowercase operation when the "[scheme]_proxy" name is generated - appears less "shouting" - update test 970, 972, 1438 and 1536 Closes #13553
2024-05-07 22:55:23 +08:00
"ldap", /* scheme */
We use this ZERO_NULL to avoid picky compiler warnings, when assigning a NULL pointer to a function pointer var.
2007-10-18 00:58:32 +08:00
ZERO_NULL, /* setup_connection */
ldap: remove Curl_ prefix from static functions
2021-01-13 18:47:41 +08:00
ldap_do, /* do_it */
We use this ZERO_NULL to avoid picky compiler warnings, when assigning a NULL pointer to a function pointer var.
2007-10-18 00:58:32 +08:00
ZERO_NULL, /* done */
ZERO_NULL, /* do_more */
ZERO_NULL, /* connect_it */
ZERO_NULL, /* connecting */
ZERO_NULL, /* doing */
ZERO_NULL, /* proto_getsock */
ZERO_NULL, /* doing_getsock */
curl_multi_fdset: correct fdset with FTP PORT use After a PORT has been issued, and the multi handle would switch to the CURLM_STATE_DO_MORE state (which is unique for FTP), libcurl would return the wrong fdset to wait for when curl_multi_fdset() is called. The code would blindly assume that it was waiting for a connect of the second connection, while that isn't true immediately after the PORT command. Also, the function multi.c:domore_getsock() was highly FTP-centric and therefore ugly to keep in protocol-agnostic code. I solved this problem by introducing a new function pointer in the Curl_handler struct called domore_getsock() which is only called during the DOMORE state for protocols that set that pointer. The new ftp.c:ftp_domore_getsock() function now returns fdset info about the control connection's command/response handling while such a state is in use, and goes over to waiting for a writable second connection first once the commands are done. The original problem could be seen by running test 525 and checking the time stamps in the FTP server log. I can verify that this fix at least fixes this problem. Bug: http://curl.haxx.se/mail/lib-2011-10/0250.html Reported by: Gokhan Sengun
2011-10-22 05:36:54 +08:00
ZERO_NULL, /* domore_getsock */
- Using the libssh2 0.19 function libssh2_session_block_directions(), libcurl now has an improved ability to do right when the multi interface (both "regular" and multi_socket) is used for SCP and SFTP transfers. This should result in (much) less busy-loop situations and thus less CPU usage with no speed loss.
2008-12-20 05:14:52 +08:00
ZERO_NULL, /* perform_getsock */
We use this ZERO_NULL to avoid picky compiler warnings, when assigning a NULL pointer to a function pointer var.
2007-10-18 00:58:32 +08:00
ZERO_NULL, /* disconnect */
lib: replace readwrite with write_resp This clarifies the handling of server responses by folding the code for the complicated protocols into their protocol handlers. This concerns mainly HTTP and its bastard sibling RTSP. The terms "read" and "write" are often used without clear context if they refer to the connect or the client/application side of a transfer. This PR uses "read/write" for operations on the client side and "send/receive" for the connection, e.g. server side. If this is considered useful, we can revisit renaming of further methods in another PR. Curl's protocol handler `readwrite()` method been changed: ```diff - CURLcode (*readwrite)(struct Curl_easy *data, struct connectdata *conn, - const char *buf, size_t blen, - size_t *pconsumed, bool *readmore); + CURLcode (*write_resp)(struct Curl_easy *data, const char *buf, size_t blen, + bool is_eos, bool *done); ``` The name was changed to clarify that this writes reponse data to the client side. The parameter changes are: * `conn` removed as it always operates on `data->conn` * `pconsumed` removed as the method needs to handle all data on success * `readmore` removed as no longer necessary * `is_eos` as indicator that this is the last call for the transfer response (end-of-stream). * `done` TRUE on return iff the transfer response is to be treated as finished This change affects many files only because of updated comments in handlers that provide no implementation. The real change is that the HTTP protocol handlers now provide an implementation. The HTTP protocol handlers `write_resp()` implementation will get passed **all** raw data of a server response for the transfer. The HTTP/1.x formatted status and headers, as well as the undecoded response body. `Curl_http_write_resp_hds()` is used internally to parse the response headers and pass them on. This method is public as the RTSP protocol handler also uses it. HTTP/1.1 "chunked" transport encoding is now part of the general *content encoding* writer stack, just like other encodings. A new flag `CLIENTWRITE_EOS` was added for the last client write. This allows writers to verify that they are in a valid end state. The chunked decoder will check if it indeed has seen the last chunk. The general response handling in `transfer.c:466` happens in function `readwrite_data()`. This mainly operates now like: ``` static CURLcode readwrite_data(data, ...) { do { Curl_xfer_recv_resp(data, buf) ... Curl_xfer_write_resp(data, buf) ... } while(interested); ... } ``` All the response data handling is implemented in `Curl_xfer_write_resp()`. It calls the protocol handler's `write_resp()` implementation if available, or does the default behaviour. All raw response data needs to pass through this function. Which also means that anyone in possession of such data may call `Curl_xfer_write_resp()`. Closes #12480
2023-12-01 20:50:32 +08:00
ZERO_NULL, /* write_resp */
lib: add Curl_xfer_write_resp_hd Add method in protocol handlers to allow writing of a single, 0-terminated header line. Avoids parsing and copying these lines. Closes #13165
2024-03-21 19:15:59 +08:00
ZERO_NULL, /* write_resp_hd */
handler: refactor connection checking Add a new type of callback to Curl_handler which performs checks on the connection. Alter RTSP so that it uses this callback to do its own check on connection health.
2017-05-31 19:09:56 +08:00
ZERO_NULL, /* connection_check */
conn: add 'attach' to protocol handler, make libssh2 use it The libssh2 backend has SSH session associated with the connection but the callback context is the easy handle, so when a connection gets attached to a transfer, the protocol handler now allows for a custom function to get used to set things up correctly. Reported-by: Michael O'Farrell Fixes #6898 Closes #7078
2021-05-17 14:54:00 +08:00
ZERO_NULL, /* attach connection */
Added per-protocol callback static tables, replacing callback ptr storage in the connectdata structure by a single handler table ptr.
2007-10-12 21:36:37 +08:00
PORT_LDAP, /* defport */
ldap: use the new protocol handler setup Use the new flags field and stop using the old protocol defines.
2011-03-15 16:13:11 +08:00
CURLPROTO_LDAP, /* protocol */
Curl_handler: add 'family' to each protocol Makes get_protocol_family() faster and it moves the knowledge about the "families" to each protocol handler, where it belongs. Closes #5986
2020-09-21 19:45:24 +08:00
CURLPROTO_LDAP, /* family */
buildfix: spell define correctly
2011-03-15 23:44:50 +08:00
PROTOPT_NONE /* flags */
Added per-protocol callback static tables, replacing callback ptr storage in the connectdata structure by a single handler table ptr.
2007-10-12 21:36:37 +08:00
};
#ifdef HAVE_LDAP_SSL
/*
* LDAPS protocol handler.
*/
const struct Curl_handler Curl_handler_ldaps = {
lib: make protocol handlers store scheme name lowercase - saves a lowercase operation when the "[scheme]_proxy" name is generated - appears less "shouting" - update test 970, 972, 1438 and 1536 Closes #13553
2024-05-07 22:55:23 +08:00
"ldaps", /* scheme */
We use this ZERO_NULL to avoid picky compiler warnings, when assigning a NULL pointer to a function pointer var.
2007-10-18 00:58:32 +08:00
ZERO_NULL, /* setup_connection */
ldap: remove Curl_ prefix from static functions
2021-01-13 18:47:41 +08:00
ldap_do, /* do_it */
We use this ZERO_NULL to avoid picky compiler warnings, when assigning a NULL pointer to a function pointer var.
2007-10-18 00:58:32 +08:00
ZERO_NULL, /* done */
ZERO_NULL, /* do_more */
ZERO_NULL, /* connect_it */
ZERO_NULL, /* connecting */
ZERO_NULL, /* doing */
ZERO_NULL, /* proto_getsock */
ZERO_NULL, /* doing_getsock */
curl_multi_fdset: correct fdset with FTP PORT use After a PORT has been issued, and the multi handle would switch to the CURLM_STATE_DO_MORE state (which is unique for FTP), libcurl would return the wrong fdset to wait for when curl_multi_fdset() is called. The code would blindly assume that it was waiting for a connect of the second connection, while that isn't true immediately after the PORT command. Also, the function multi.c:domore_getsock() was highly FTP-centric and therefore ugly to keep in protocol-agnostic code. I solved this problem by introducing a new function pointer in the Curl_handler struct called domore_getsock() which is only called during the DOMORE state for protocols that set that pointer. The new ftp.c:ftp_domore_getsock() function now returns fdset info about the control connection's command/response handling while such a state is in use, and goes over to waiting for a writable second connection first once the commands are done. The original problem could be seen by running test 525 and checking the time stamps in the FTP server log. I can verify that this fix at least fixes this problem. Bug: http://curl.haxx.se/mail/lib-2011-10/0250.html Reported by: Gokhan Sengun
2011-10-22 05:36:54 +08:00
ZERO_NULL, /* domore_getsock */
- Using the libssh2 0.19 function libssh2_session_block_directions(), libcurl now has an improved ability to do right when the multi interface (both "regular" and multi_socket) is used for SCP and SFTP transfers. This should result in (much) less busy-loop situations and thus less CPU usage with no speed loss.
2008-12-20 05:14:52 +08:00
ZERO_NULL, /* perform_getsock */
We use this ZERO_NULL to avoid picky compiler warnings, when assigning a NULL pointer to a function pointer var.
2007-10-18 00:58:32 +08:00
ZERO_NULL, /* disconnect */
lib: replace readwrite with write_resp This clarifies the handling of server responses by folding the code for the complicated protocols into their protocol handlers. This concerns mainly HTTP and its bastard sibling RTSP. The terms "read" and "write" are often used without clear context if they refer to the connect or the client/application side of a transfer. This PR uses "read/write" for operations on the client side and "send/receive" for the connection, e.g. server side. If this is considered useful, we can revisit renaming of further methods in another PR. Curl's protocol handler `readwrite()` method been changed: ```diff - CURLcode (*readwrite)(struct Curl_easy *data, struct connectdata *conn, - const char *buf, size_t blen, - size_t *pconsumed, bool *readmore); + CURLcode (*write_resp)(struct Curl_easy *data, const char *buf, size_t blen, + bool is_eos, bool *done); ``` The name was changed to clarify that this writes reponse data to the client side. The parameter changes are: * `conn` removed as it always operates on `data->conn` * `pconsumed` removed as the method needs to handle all data on success * `readmore` removed as no longer necessary * `is_eos` as indicator that this is the last call for the transfer response (end-of-stream). * `done` TRUE on return iff the transfer response is to be treated as finished This change affects many files only because of updated comments in handlers that provide no implementation. The real change is that the HTTP protocol handlers now provide an implementation. The HTTP protocol handlers `write_resp()` implementation will get passed **all** raw data of a server response for the transfer. The HTTP/1.x formatted status and headers, as well as the undecoded response body. `Curl_http_write_resp_hds()` is used internally to parse the response headers and pass them on. This method is public as the RTSP protocol handler also uses it. HTTP/1.1 "chunked" transport encoding is now part of the general *content encoding* writer stack, just like other encodings. A new flag `CLIENTWRITE_EOS` was added for the last client write. This allows writers to verify that they are in a valid end state. The chunked decoder will check if it indeed has seen the last chunk. The general response handling in `transfer.c:466` happens in function `readwrite_data()`. This mainly operates now like: ``` static CURLcode readwrite_data(data, ...) { do { Curl_xfer_recv_resp(data, buf) ... Curl_xfer_write_resp(data, buf) ... } while(interested); ... } ``` All the response data handling is implemented in `Curl_xfer_write_resp()`. It calls the protocol handler's `write_resp()` implementation if available, or does the default behaviour. All raw response data needs to pass through this function. Which also means that anyone in possession of such data may call `Curl_xfer_write_resp()`. Closes #12480
2023-12-01 20:50:32 +08:00
ZERO_NULL, /* write_resp */
lib: add Curl_xfer_write_resp_hd Add method in protocol handlers to allow writing of a single, 0-terminated header line. Avoids parsing and copying these lines. Closes #13165
2024-03-21 19:15:59 +08:00
ZERO_NULL, /* write_resp_hd */
handler: refactor connection checking Add a new type of callback to Curl_handler which performs checks on the connection. Alter RTSP so that it uses this callback to do its own check on connection health.
2017-05-31 19:09:56 +08:00
ZERO_NULL, /* connection_check */
conn: add 'attach' to protocol handler, make libssh2 use it The libssh2 backend has SSH session associated with the connection but the callback context is the easy handle, so when a connection gets attached to a transfer, the protocol handler now allows for a custom function to get used to set things up correctly. Reported-by: Michael O'Farrell Fixes #6898 Closes #7078
2021-05-17 14:54:00 +08:00
ZERO_NULL, /* attach connection */
Added per-protocol callback static tables, replacing callback ptr storage in the connectdata structure by a single handler table ptr.
2007-10-12 21:36:37 +08:00
PORT_LDAPS, /* defport */
handler: make 'protocol' always specified as a single bit This makes the findprotocol() function work as intended so that libcurl can properly be restricted to not support HTTP while still supporting HTTPS - since the HTTPS handler previously set both the HTTP and HTTPS bits in the protocol field. This fixes --proto and --proto-redir for most SSL protocols. This is done by adding a few new convenience defines that groups HTTP and HTTPS, FTP and FTPS etc that should then be used when the code wants to check for both protocols at once. PROTO_FAMILY_[protocol] style. Bug: https://github.com/bagder/curl/pull/97 Reported-by: drizzt
2014-04-21 01:37:54 +08:00
CURLPROTO_LDAPS, /* protocol */
Curl_handler: add 'family' to each protocol Makes get_protocol_family() faster and it moves the knowledge about the "families" to each protocol handler, where it belongs. Closes #5986
2020-09-21 19:45:24 +08:00
CURLPROTO_LDAP, /* family */
ldap: use the new protocol handler setup Use the new flags field and stop using the old protocol defines.
2011-03-15 16:13:11 +08:00
PROTOPT_SSL /* flags */
Added per-protocol callback static tables, replacing callback ptr storage in the connectdata structure by a single handler table ptr.
2007-10-12 21:36:37 +08:00
};
#endif
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
#if defined(USE_WIN32_LDAP)
#if defined(USE_WINDOWS_SSPI)
static int ldap_win_bind_auth(LDAP *server, const char *user,
const char *passwd, unsigned long authflags)
{
ULONG method = 0;
ldap: silence clang warning Use memset() to initialize a structure to avoid LLVM/Clang warning: ldap.c:193:39: warning: missing field 'UserLength' initializer [-Wmissing-field-initializers] Closes https://github.com/curl/curl/pull/1992
2017-10-15 23:59:43 +08:00
SEC_WINNT_AUTH_IDENTITY cred;
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
int rc = LDAP_AUTH_METHOD_NOT_SUPPORTED;
ldap: silence clang warning Use memset() to initialize a structure to avoid LLVM/Clang warning: ldap.c:193:39: warning: missing field 'UserLength' initializer [-Wmissing-field-initializers] Closes https://github.com/curl/curl/pull/1992
2017-10-15 23:59:43 +08:00
memset(&cred, 0, sizeof(cred));
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
#if defined(USE_SPNEGO)
if(authflags & CURLAUTH_NEGOTIATE) {
method = LDAP_AUTH_NEGOTIATE;
}
else
#endif
#if defined(USE_NTLM)
if(authflags & CURLAUTH_NTLM) {
method = LDAP_AUTH_NTLM;
}
else
#endif
lib: add ability to disable auths individually Both with configure and cmake Closes #11490
2023-07-20 22:09:04 +08:00
#if !defined(CURL_DISABLE_DIGEST_AUTH)
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
if(authflags & CURLAUTH_DIGEST) {
method = LDAP_AUTH_DIGEST;
}
else
#endif
{
/* required anyway if one of upper preprocessor definitions enabled */
}
if(method && user && passwd) {
lib: tidy up types and casts Cherry-picked from #13489 Closes #13862
2024-06-03 04:30:52 +08:00
CURLcode res = Curl_create_sspi_identity(user, passwd, &cred);
rc = (int)res;
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
if(!rc) {
lib: tidy up types and casts Cherry-picked from #13489 Closes #13862
2024-06-03 04:30:52 +08:00
rc = (int)ldap_bind_s(server, NULL, (TCHAR *)&cred, method);
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
Curl_sspi_free_identity(&cred);
}
}
else {
/* proceed with current user credentials */
method = LDAP_AUTH_NEGOTIATE;
lib: tidy up types and casts Cherry-picked from #13489 Closes #13862
2024-06-03 04:30:52 +08:00
rc = (int)ldap_bind_s(server, NULL, NULL, method);
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
}
return rc;
}
#endif /* #if defined(USE_WINDOWS_SSPI) */
lib: remove conn->data uses Closes #6515
2021-01-25 01:57:02 +08:00
static int ldap_win_bind(struct Curl_easy *data, LDAP *server,
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
const char *user, const char *passwd)
{
int rc = LDAP_INVALID_CREDENTIALS;
PTCHAR inuser = NULL;
PTCHAR inpass = NULL;
lib: remove conn->data uses Closes #6515
2021-01-25 01:57:02 +08:00
if(user && passwd && (data->set.httpauth & CURLAUTH_BASIC)) {
curl_multibyte: add to curlx This will also be needed in the tool and tests. Ref: https://github.com/curl/curl/pull/3758#issuecomment-482197512 Closes https://github.com/curl/curl/pull/3784
2019-04-14 04:55:51 +08:00
inuser = curlx_convert_UTF8_to_tchar((char *) user);
inpass = curlx_convert_UTF8_to_tchar((char *) passwd);
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
lib: tidy up types and casts Cherry-picked from #13489 Closes #13862
2024-06-03 04:30:52 +08:00
rc = (int)ldap_simple_bind_s(server, inuser, inpass);
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
curl_multibyte: add to curlx This will also be needed in the tool and tests. Ref: https://github.com/curl/curl/pull/3758#issuecomment-482197512 Closes https://github.com/curl/curl/pull/3784
2019-04-14 04:55:51 +08:00
curlx_unicodefree(inuser);
curlx_unicodefree(inpass);
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
}
#if defined(USE_WINDOWS_SSPI)
else {
lib: tidy up types and casts Cherry-picked from #13489 Closes #13862
2024-06-03 04:30:52 +08:00
rc = (int)ldap_win_bind_auth(server, user, passwd, data->set.httpauth);
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
}
#endif
return rc;
}
#endif /* #if defined(USE_WIN32_LDAP) */
Added per-protocol callback static tables, replacing callback ptr storage in the connectdata structure by a single handler table ptr.
2007-10-12 21:36:37 +08:00
ldap: reduce the amount of #ifdefs needed Closes #6035
2020-10-02 17:18:21 +08:00
#if defined(USE_WIN32_LDAP)
#define FREE_ON_WINLDAP(x) curlx_unicodefree(x)
lib: tidy up types and casts Cherry-picked from #13489 Closes #13862
2024-06-03 04:30:52 +08:00
#define curl_ldap_num_t ULONG
ldap: reduce the amount of #ifdefs needed Closes #6035
2020-10-02 17:18:21 +08:00
#else
#define FREE_ON_WINLDAP(x)
lib: tidy up types and casts Cherry-picked from #13489 Closes #13862
2024-06-03 04:30:52 +08:00
#define curl_ldap_num_t int
ldap: reduce the amount of #ifdefs needed Closes #6035
2020-10-02 17:18:21 +08:00
#endif
lib: pass in 'struct Curl_easy *' to most functions ... in most cases instead of 'struct connectdata *' but in some cases in addition to. - We mostly operate on transfers and not connections. - We need the transfer handle to log, store data and more. Everything in libcurl is driven by a transfer (the CURL * in the public API). - This work clarifies and separates the transfers from the connections better. - We should avoid "conn->data". Since individual connections can be used by many transfers when multiplexing, making sure that conn->data points to the current and correct transfer at all times is difficult and has been notoriously error-prone over the years. The goal is to ultimately remove the conn->data pointer for this reason. Closes #6425
2021-01-09 00:58:15 +08:00
static CURLcode ldap_do(struct Curl_easy *data, bool *done)
Initial revision
1999-12-29 22:20:26 +08:00
{
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
CURLcode result = CURLE_OK;
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
int rc = 0;
fixed warning about uninitialized.
2007-08-16 23:23:39 +08:00
LDAP *server = NULL;
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
LDAPURLDesc *ludp = NULL;
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
LDAPMessage *ldapmsg = NULL;
Patrick Monnerat modified the LDAP code and approach in curl. Starting now, the configure script checks for openldap and friends and we link with those libs just like we link all other third party libraries, and we no longer dlopen() those libraries. Our private header file lib/ldap.h was renamed to lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix) just before this commit, just in case.
2007-08-12 04:57:54 +08:00
LDAPMessage *entryIterator;
unused variable removed
2004-05-06 15:22:32 +08:00
int num = 0;
lib: pass in 'struct Curl_easy *' to most functions ... in most cases instead of 'struct connectdata *' but in some cases in addition to. - We mostly operate on transfers and not connections. - We need the transfer handle to log, store data and more. Everything in libcurl is driven by a transfer (the CURL * in the public API). - This work clarifies and separates the transfers from the connections better. - We should avoid "conn->data". Since individual connections can be used by many transfers when multiplexing, making sure that conn->data points to the current and correct transfer at all times is difficult and has been notoriously error-prone over the years. The goal is to ultimately remove the conn->data pointer for this reason. Closes #6425
2021-01-09 00:58:15 +08:00
struct connectdata *conn = data->conn;
fixed ldap support for winldap.
2007-09-16 04:03:03 +08:00
int ldap_proto = LDAP_VERSION3;
added basic ldaps support; for now its ifdef'd with HAVE_LDAP_SSL unless we know its fully working, and available with all LDAP SDKs. Win32 requires to have the trusted CA in local keystore - I've not found yet a way to disable the cert check.
2007-08-16 22:08:47 +08:00
int ldap_ssl = 0;
base64: fix Curl_base64_encode and Curl_base64_decode interfaces Previous interfaces for these libcurl internal functions did not allow to tell apart a legitimate zero size result from an error condition. These functions now return a CURLcode indicating function success or otherwise specific error. Output size is returned using a pointer argument. All usage of these two functions, and others closely related, has been adapted to the new interfaces. Relative error and OOM handling adapted or added where missing. Unit test 1302 also adapted.
2011-08-24 14:07:36 +08:00
char *val_b64 = NULL;
size_t val_b64_sz = 0;
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
#ifdef LDAP_OPT_NETWORK_TIMEOUT
checksrc: use space after comma
2015-03-17 20:41:49 +08:00
struct timeval ldap_timeout = {10, 0}; /* 10 sec connection/search timeout */
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
#endif
ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define.
2015-01-19 04:25:37 +08:00
#if defined(USE_WIN32_LDAP)
ldap: Fixed Unicode host name in Win32 initialisation calls
2015-01-04 03:59:12 +08:00
TCHAR *host = NULL;
#else
char *host = NULL;
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
#endif
ldap: Fixed Unicode user and password in Win32 bind calls
2015-01-04 04:16:26 +08:00
char *user = NULL;
char *passwd = NULL;
Initial revision
1999-12-29 22:20:26 +08:00
FTP code turned into state machine. Not completely yet, but a good start. The tag 'before_ftp_statemachine' was set just before this commit in case of future need.
2005-02-09 21:06:40 +08:00
*done = TRUE; /* unconditionally */
infof: remove newline from format strings, always append it - the data needs to be "line-based" anyway since it's also passed to the debug callback/application - it makes infof() work like failf() and consistency is good - there's an assert that triggers on newlines in the format string - Also removes a few instances of "..." - Removes the code that would append "..." to the end of the data *iff* it was truncated in infof() Closes #7357
2021-07-06 23:05:17 +08:00
infof(data, "LDAP local: LDAP Vendor = %s ; LDAP Version = %d",
build: variadic macro tidy-ups - delete unused `HAVE_VARIADIC_MACROS_C99/GCC` feature checks. (both autotools and CMake.) - delete duplicate `NULL` check in `Curl_trc_cf_infof()`. - fix compiler warning in `CURL_DISABLE_VERBOSE_STRINGS` builds. ``` ./lib/cf-socket.c:122:41: warning: unused parameter 'data' [-Wunused-parameter] static void nosigpipe(struct Curl_easy *data, ^ ``` - fix `#ifdef` comments in `lib/curl_trc.{c,h}`. - fix indentation in some `infof()` calls. Follow-up to dac293cfb7026b1ca4175d88b80f1432d3d3c684 #12167 Cherry-picked from #12105 Closes #12210
2023-10-13 08:25:20 +08:00
LDAP_VENDOR_NAME, LDAP_VENDOR_VERSION);
infof: remove newline from format strings, always append it - the data needs to be "line-based" anyway since it's also passed to the debug callback/application - it makes infof() work like failf() and consistency is good - there's an assert that triggers on newlines in the format string - Also removes a few instances of "..." - Removes the code that would append "..." to the end of the data *iff* it was truncated in infof() Closes #7357
2021-07-06 23:05:17 +08:00
infof(data, "LDAP local: %s", data->state.url);
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
Reversed the 'HAVE_LDAP_URL_PARSE' ifdef statement.
2007-08-23 02:05:46 +08:00
#ifdef HAVE_LDAP_URL_PARSE
urldata: merge "struct DynamicStatic" into "struct UrlState" Both were used for the same purposes and there was no logical separation between them. Combined, this also saves 16 bytes in less holes in my test build. Closes #6798
2021-03-26 21:25:45 +08:00
rc = ldap_url_parse(data->state.url, &ludp);
Reversed the 'HAVE_LDAP_URL_PARSE' ifdef statement.
2007-08-23 02:05:46 +08:00
#else
lib: remove conn->data uses Closes #6515
2021-01-25 01:57:02 +08:00
rc = _ldap_url_parse(data, conn, &ludp);
added basic ldaps support; for now its ifdef'd with HAVE_LDAP_SSL unless we know its fully working, and available with all LDAP SDKs. Win32 requires to have the trusted CA in local keystore - I've not found yet a way to disable the cert check.
2007-08-16 22:08:47 +08:00
#endif
tidy-up: make conditional checks more consistent ... remove '== NULL' and '!= 0' Closes #6912
2021-04-19 16:46:11 +08:00
if(rc) {
lib: tidy up types and casts Cherry-picked from #13489 Closes #13862
2024-06-03 04:30:52 +08:00
failf(data, "Bad LDAP URL: %s", ldap_err2string((curl_ldap_num_t)rc));
ldap: return CURLE_URL_MALFORMAT for bad URL For consistency, use the same return code for URL malformats, independently of what scheme that is used. Previously this would return CURLE_LDAP_INVALID_URL, but starting now that error cannot be returned. Closes #8170
2022-01-10 05:38:22 +08:00
result = CURLE_URL_MALFORMAT;
added basic ldaps support; for now its ifdef'd with HAVE_LDAP_SSL unless we know its fully working, and available with all LDAP SDKs. Win32 requires to have the trusted CA in local keystore - I've not found yet a way to disable the cert check.
2007-08-16 22:08:47 +08:00
goto quit;
}
code: style updates
2016-04-04 02:28:34 +08:00
/* Get the URL scheme (either ldap or ldaps) */
SSL: check for SSL, not specific protocols Code cleanup to check less for protocols and more for the specific relevant feature. Like if SSL is required.
2011-05-05 21:49:43 +08:00
if(conn->given->flags & PROTOPT_SSL)
added basic ldaps support; for now its ifdef'd with HAVE_LDAP_SSL unless we know its fully working, and available with all LDAP SDKs. Win32 requires to have the trusted CA in local keystore - I've not found yet a way to disable the cert check.
2007-08-16 22:08:47 +08:00
ldap_ssl = 1;
infof: remove newline from format strings, always append it - the data needs to be "line-based" anyway since it's also passed to the debug callback/application - it makes infof() work like failf() and consistency is good - there's an assert that triggers on newlines in the format string - Also removes a few instances of "..." - Removes the code that would append "..." to the end of the data *iff* it was truncated in infof() Closes #7357
2021-07-06 23:05:17 +08:00
infof(data, "LDAP local: trying to establish %s connection",
build: variadic macro tidy-ups - delete unused `HAVE_VARIADIC_MACROS_C99/GCC` feature checks. (both autotools and CMake.) - delete duplicate `NULL` check in `Curl_trc_cf_infof()`. - fix compiler warning in `CURL_DISABLE_VERBOSE_STRINGS` builds. ``` ./lib/cf-socket.c:122:41: warning: unused parameter 'data' [-Wunused-parameter] static void nosigpipe(struct Curl_easy *data, ^ ``` - fix `#ifdef` comments in `lib/curl_trc.{c,h}`. - fix indentation in some `infof()` calls. Follow-up to dac293cfb7026b1ca4175d88b80f1432d3d3c684 #12167 Cherry-picked from #12105 Closes #12210
2023-10-13 08:25:20 +08:00
ldap_ssl ? "encrypted" : "cleartext");
added basic ldaps support; for now its ifdef'd with HAVE_LDAP_SSL unless we know its fully working, and available with all LDAP SDKs. Win32 requires to have the trusted CA in local keystore - I've not found yet a way to disable the cert check.
2007-08-16 22:08:47 +08:00
ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define.
2015-01-19 04:25:37 +08:00
#if defined(USE_WIN32_LDAP)
curl_multibyte: add to curlx This will also be needed in the tool and tests. Ref: https://github.com/curl/curl/pull/3758#issuecomment-482197512 Closes https://github.com/curl/curl/pull/3784
2019-04-14 04:55:51 +08:00
host = curlx_convert_UTF8_to_tchar(conn->host.name);
ldap: Fixed Unicode host name in Win32 initialisation calls
2015-01-04 03:59:12 +08:00
if(!host) {
result = CURLE_OUT_OF_MEMORY;
goto quit;
}
#else
host = conn->host.name;
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
#endif
ldap: Fixed Unicode user and password in Win32 bind calls
2015-01-04 04:16:26 +08:00
urldata: remove conn->bits.user_passwd The authentication status should be told by the transfer and not the connection. Reported-by: John H. Ayad Fixes #8449 Closes #8451
2022-02-15 00:33:50 +08:00
if(data->state.aptr.user) {
ldap: Fixed Unicode user and password in Win32 bind calls
2015-01-04 04:16:26 +08:00
user = conn->user;
passwd = conn->passwd;
}
ldap: Fixed Unicode host name in Win32 initialisation calls
2015-01-04 03:59:12 +08:00
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
#ifdef LDAP_OPT_NETWORK_TIMEOUT
added basic ldaps support; for now its ifdef'd with HAVE_LDAP_SSL unless we know its fully working, and available with all LDAP SDKs. Win32 requires to have the trusted CA in local keystore - I've not found yet a way to disable the cert check.
2007-08-16 22:08:47 +08:00
ldap_set_option(NULL, LDAP_OPT_NETWORK_TIMEOUT, &ldap_timeout);
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
#endif
added basic ldaps support; for now its ifdef'd with HAVE_LDAP_SSL unless we know its fully working, and available with all LDAP SDKs. Win32 requires to have the trusted CA in local keystore - I've not found yet a way to disable the cert check.
2007-08-16 22:08:47 +08:00
ldap_set_option(NULL, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto);
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(ldap_ssl) {
added basic ldaps support; for now its ifdef'd with HAVE_LDAP_SSL unless we know its fully working, and available with all LDAP SDKs. Win32 requires to have the trusted CA in local keystore - I've not found yet a way to disable the cert check.
2007-08-16 22:08:47 +08:00
#ifdef HAVE_LDAP_SSL
ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define.
2015-01-19 04:25:37 +08:00
#ifdef USE_WIN32_LDAP
code: language cleanup in comments Based on the standards and guidelines we use for our documentation. - expand contractions (they're => they are etc) - host name = > hostname - file name => filename - user name = username - man page => manpage - run-time => runtime - set-up => setup - back-end => backend - a HTTP => an HTTP - Two spaces after a period => one space after period Closes #14073
2024-07-01 22:47:21 +08:00
/* Win32 LDAP SDK does not support insecure mode without CA! */
lib: tidy up types and casts Cherry-picked from #13489 Closes #13862
2024-06-03 04:30:52 +08:00
server = ldap_sslinit(host, (curl_ldap_num_t)conn->primary.remote_port, 1);
added basic ldaps support; for now its ifdef'd with HAVE_LDAP_SSL unless we know its fully working, and available with all LDAP SDKs. Win32 requires to have the trusted CA in local keystore - I've not found yet a way to disable the cert check.
2007-08-16 22:08:47 +08:00
ldap_set_option(server, LDAP_OPT_SSL, LDAP_OPT_ON);
#else
fixed warning with unused var; removed now obsolete defines since we include now ldap headers which define these.
2007-08-21 07:31:26 +08:00
int ldap_option;
checksrc: code style: use 'char *name' style
2016-11-23 14:53:24 +08:00
char *ldap_ca = conn->ssl_config.CAfile;
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
#if defined(CURL_HAS_NOVELL_LDAPSDK)
rc = ldapssl_client_init(NULL, NULL);
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(rc != LDAP_SUCCESS) {
added support for CA cert verification; default now to verify cert unless data->set.ssl.verifypeer is 0.
2007-08-23 08:10:56 +08:00
failf(data, "LDAP local: ldapssl_client_init %s", ldap_err2string(rc));
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
result = CURLE_SSL_CERTPROBLEM;
added basic ldaps support; for now its ifdef'd with HAVE_LDAP_SSL unless we know its fully working, and available with all LDAP SDKs. Win32 requires to have the trusted CA in local keystore - I've not found yet a way to disable the cert check.
2007-08-16 22:08:47 +08:00
goto quit;
}
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-17 01:49:15 +08:00
if(conn->ssl_config.verifypeer) {
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
/* Novell SDK supports DER or BASE64 files. */
added support for CA cert verification; default now to verify cert unless data->set.ssl.verifypeer is 0.
2007-08-23 08:10:56 +08:00
int cert_type = LDAPSSL_CERT_FILETYPE_B64;
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-17 01:49:15 +08:00
if((data->set.ssl.cert_type) &&
(strcasecompare(data->set.ssl.cert_type, "DER")))
added support for CA cert verification; default now to verify cert unless data->set.ssl.verifypeer is 0.
2007-08-23 08:10:56 +08:00
cert_type = LDAPSSL_CERT_FILETYPE_DER;
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(!ldap_ca) {
lib: remove exclamation marks ... from infof() and failf() calls. Make them less attention seeking. Closes #8713
2022-04-16 17:55:05 +08:00
failf(data, "LDAP local: ERROR %s CA cert not set",
added support for CA cert verification; default now to verify cert unless data->set.ssl.verifypeer is 0.
2007-08-23 08:10:56 +08:00
(cert_type == LDAPSSL_CERT_FILETYPE_DER ? "DER" : "PEM"));
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
result = CURLE_SSL_CERTPROBLEM;
added support for CA cert verification; default now to verify cert unless data->set.ssl.verifypeer is 0.
2007-08-23 08:10:56 +08:00
goto quit;
}
infof: remove newline from format strings, always append it - the data needs to be "line-based" anyway since it's also passed to the debug callback/application - it makes infof() work like failf() and consistency is good - there's an assert that triggers on newlines in the format string - Also removes a few instances of "..." - Removes the code that would append "..." to the end of the data *iff* it was truncated in infof() Closes #7357
2021-07-06 23:05:17 +08:00
infof(data, "LDAP local: using %s CA cert '%s'",
(cert_type == LDAPSSL_CERT_FILETYPE_DER ? "DER" : "PEM"),
ldap_ca);
added support for CA cert verification; default now to verify cert unless data->set.ssl.verifypeer is 0.
2007-08-23 08:10:56 +08:00
rc = ldapssl_add_trusted_cert(ldap_ca, cert_type);
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(rc != LDAP_SUCCESS) {
added support for CA cert verification; default now to verify cert unless data->set.ssl.verifypeer is 0.
2007-08-23 08:10:56 +08:00
failf(data, "LDAP local: ERROR setting %s CA cert: %s",
infof: remove newline from format strings, always append it - the data needs to be "line-based" anyway since it's also passed to the debug callback/application - it makes infof() work like failf() and consistency is good - there's an assert that triggers on newlines in the format string - Also removes a few instances of "..." - Removes the code that would append "..." to the end of the data *iff* it was truncated in infof() Closes #7357
2021-07-06 23:05:17 +08:00
(cert_type == LDAPSSL_CERT_FILETYPE_DER ? "DER" : "PEM"),
ldap_err2string(rc));
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
result = CURLE_SSL_CERTPROBLEM;
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
goto quit;
}
ldap_option = LDAPSSL_VERIFY_SERVER;
}
source cleanup: unify look, style and indent levels By the use of a the new lib/checksrc.pl script that checks that our basic source style rules are followed.
2011-04-20 21:17:42 +08:00
else
ldap_option = LDAPSSL_VERIFY_NONE;
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
rc = ldapssl_set_verify_mode(ldap_option);
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(rc != LDAP_SUCCESS) {
added support for CA cert verification; default now to verify cert unless data->set.ssl.verifypeer is 0.
2007-08-23 08:10:56 +08:00
failf(data, "LDAP local: ERROR setting cert verify mode: %s",
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
ldap_err2string(rc));
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
result = CURLE_SSL_CERTPROBLEM;
added basic ldaps support; for now its ifdef'd with HAVE_LDAP_SSL unless we know its fully working, and available with all LDAP SDKs. Win32 requires to have the trusted CA in local keystore - I've not found yet a way to disable the cert check.
2007-08-16 22:08:47 +08:00
goto quit;
}
lib: keep conn IP information together new struct ip_quadruple for holding local/remote addr+port - used in data->info and conn and cf-socket.c - copy back and forth complete struct - add 'secondary' to conn - use secondary in reporting success for ftp 2nd connection Reported-by: DasKutti on github Fixes #13084 Closes #13090
2024-03-08 17:45:14 +08:00
server = ldapssl_init(host, conn->primary.remote_port, 1);
tidy-up: make conditional checks more consistent ... remove '== NULL' and '!= 0' Closes #6912
2021-04-19 16:46:11 +08:00
if(!server) {
ldap: adapt to conn->port now being an 'int' Remove typecasts. Fix printf() formats. Follow-up from 764c6bd3bf. Pointed out by Coverity CID 1507858. Closes #9281
2022-08-08 22:23:03 +08:00
failf(data, "LDAP local: Cannot connect to %s:%u",
lib: keep conn IP information together new struct ip_quadruple for holding local/remote addr+port - used in data->info and conn and cf-socket.c - copy back and forth complete struct - add 'secondary' to conn - use secondary in reporting success for ftp 2nd connection Reported-by: DasKutti on github Fixes #13084 Closes #13090
2024-03-08 17:45:14 +08:00
conn->host.dispname, conn->primary.remote_port);
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
result = CURLE_COULDNT_CONNECT;
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
goto quit;
}
#elif defined(LDAP_OPT_X_TLS)
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-17 01:49:15 +08:00
if(conn->ssl_config.verifypeer) {
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
/* OpenLDAP SDK supports BASE64 files. */
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-17 01:49:15 +08:00
if((data->set.ssl.cert_type) &&
(!strcasecompare(data->set.ssl.cert_type, "PEM"))) {
lib: remove exclamation marks ... from infof() and failf() calls. Make them less attention seeking. Closes #8713
2022-04-16 17:55:05 +08:00
failf(data, "LDAP local: ERROR OpenLDAP only supports PEM cert-type");
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
result = CURLE_SSL_CERTPROBLEM;
bail out with error if someone tries to use another cert than PEM with OpenLDAP.
2007-08-25 20:10:30 +08:00
goto quit;
}
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(!ldap_ca) {
lib: remove exclamation marks ... from infof() and failf() calls. Make them less attention seeking. Closes #8713
2022-04-16 17:55:05 +08:00
failf(data, "LDAP local: ERROR PEM CA cert not set");
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
result = CURLE_SSL_CERTPROBLEM;
added support for CA cert verification; default now to verify cert unless data->set.ssl.verifypeer is 0.
2007-08-23 08:10:56 +08:00
goto quit;
}
infof: remove newline from format strings, always append it - the data needs to be "line-based" anyway since it's also passed to the debug callback/application - it makes infof() work like failf() and consistency is good - there's an assert that triggers on newlines in the format string - Also removes a few instances of "..." - Removes the code that would append "..." to the end of the data *iff* it was truncated in infof() Closes #7357
2021-07-06 23:05:17 +08:00
infof(data, "LDAP local: using PEM CA cert: %s", ldap_ca);
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, ldap_ca);
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(rc != LDAP_SUCCESS) {
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
failf(data, "LDAP local: ERROR setting PEM CA cert: %s",
ldap_err2string(rc));
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
result = CURLE_SSL_CERTPROBLEM;
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
goto quit;
}
ldap_option = LDAP_OPT_X_TLS_DEMAND;
}
source cleanup: unify look, style and indent levels By the use of a the new lib/checksrc.pl script that checks that our basic source style rules are followed.
2011-04-20 21:17:42 +08:00
else
ldap_option = LDAP_OPT_X_TLS_NEVER;
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &ldap_option);
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(rc != LDAP_SUCCESS) {
added support for CA cert verification; default now to verify cert unless data->set.ssl.verifypeer is 0.
2007-08-23 08:10:56 +08:00
failf(data, "LDAP local: ERROR setting cert verify mode: %s",
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
ldap_err2string(rc));
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
result = CURLE_SSL_CERTPROBLEM;
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
goto quit;
}
lib: keep conn IP information together new struct ip_quadruple for holding local/remote addr+port - used in data->info and conn and cf-socket.c - copy back and forth complete struct - add 'secondary' to conn - use secondary in reporting success for ftp 2nd connection Reported-by: DasKutti on github Fixes #13084 Closes #13090
2024-03-08 17:45:14 +08:00
server = ldap_init(host, conn->primary.remote_port);
tidy-up: make conditional checks more consistent ... remove '== NULL' and '!= 0' Closes #6912
2021-04-19 16:46:11 +08:00
if(!server) {
ldap: adapt to conn->port now being an 'int' Remove typecasts. Fix printf() formats. Follow-up from 764c6bd3bf. Pointed out by Coverity CID 1507858. Closes #9281
2022-08-08 22:23:03 +08:00
failf(data, "LDAP local: Cannot connect to %s:%u",
lib: keep conn IP information together new struct ip_quadruple for holding local/remote addr+port - used in data->info and conn and cf-socket.c - copy back and forth complete struct - add 'secondary' to conn - use secondary in reporting success for ftp 2nd connection Reported-by: DasKutti on github Fixes #13084 Closes #13090
2024-03-08 17:45:14 +08:00
conn->host.dispname, conn->primary.remote_port);
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
result = CURLE_COULDNT_CONNECT;
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
goto quit;
}
ldap_option = LDAP_OPT_X_TLS_HARD;
rc = ldap_set_option(server, LDAP_OPT_X_TLS, &ldap_option);
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(rc != LDAP_SUCCESS) {
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
failf(data, "LDAP local: ERROR setting SSL/TLS mode: %s",
ldap_err2string(rc));
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
result = CURLE_SSL_CERTPROBLEM;
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
goto quit;
}
for now comment the tls_start section...
2007-08-22 18:14:57 +08:00
/*
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
rc = ldap_start_tls_s(server, NULL, NULL);
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(rc != LDAP_SUCCESS) {
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
failf(data, "LDAP local: ERROR starting SSL/TLS mode: %s",
ldap_err2string(rc));
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
result = CURLE_SSL_CERTPROBLEM;
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
goto quit;
}
for now comment the tls_start section...
2007-08-22 18:14:57 +08:00
*/
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
#else
ldap: fix unused variables (seen on OmniOS) ``` ../../lib/ldap.c: In function 'ldap_do': ../../lib/ldap.c:380:11: error: unused variable 'ldap_ca' [-Werror=unused-variable] 380 | char *ldap_ca = conn->ssl_config.CAfile; | ^~~~~~~ ../../lib/ldap.c:379:9: error: unused variable 'ldap_option' [-Werror=unused-variable] 379 | int ldap_option; | ^~~~~~~~~~~ ``` Ref: https://github.com/curl/curl/actions/runs/9033564377/job/24824192730#step:3:6059 Ref: #13583 Closes #13588
2024-05-10 23:03:26 +08:00
(void)ldap_option;
(void)ldap_ca;
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
/* we should probably never come up to here since configure
should check in first place if we can support LDAP SSL/TLS */
failf(data, "LDAP local: SSL/TLS not supported with this version "
"of the OpenLDAP toolkit\n");
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
result = CURLE_SSL_CERTPROBLEM;
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
goto quit;
#endif
added basic ldaps support; for now its ifdef'd with HAVE_LDAP_SSL unless we know its fully working, and available with all LDAP SDKs. Win32 requires to have the trusted CA in local keystore - I've not found yet a way to disable the cert check.
2007-08-16 22:08:47 +08:00
#endif
#endif /* CURL_LDAP_USE_SSL */
source cleanup: unify look, style and indent levels By the use of a the new lib/checksrc.pl script that checks that our basic source style rules are followed.
2011-04-20 21:17:42 +08:00
}
openldap: implement STARTTLS As this introduces use of CURLOPT_USE_SSL option for LDAP, also check this option in ldap.c as it is not supported by this backend. Closes #8065
2021-12-01 00:48:28 +08:00
else if(data->set.use_ssl > CURLUSESSL_TRY) {
failf(data, "LDAP local: explicit TLS not supported");
result = CURLE_NOT_BUILT_IN;
goto quit;
}
source cleanup: unify look, style and indent levels By the use of a the new lib/checksrc.pl script that checks that our basic source style rules are followed.
2011-04-20 21:17:42 +08:00
else {
lib: tidy up types and casts Cherry-picked from #13489 Closes #13862
2024-06-03 04:30:52 +08:00
server = ldap_init(host, (curl_ldap_num_t)conn->primary.remote_port);
tidy-up: make conditional checks more consistent ... remove '== NULL' and '!= 0' Closes #6912
2021-04-19 16:46:11 +08:00
if(!server) {
ldap: adapt to conn->port now being an 'int' Remove typecasts. Fix printf() formats. Follow-up from 764c6bd3bf. Pointed out by Coverity CID 1507858. Closes #9281
2022-08-08 22:23:03 +08:00
failf(data, "LDAP local: Cannot connect to %s:%u",
lib: keep conn IP information together new struct ip_quadruple for holding local/remote addr+port - used in data->info and conn and cf-socket.c - copy back and forth complete struct - add 'secondary' to conn - use secondary in reporting success for ftp 2nd connection Reported-by: DasKutti on github Fixes #13084 Closes #13090
2024-03-08 17:45:14 +08:00
conn->host.dispname, conn->primary.remote_port);
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
result = CURLE_COULDNT_CONNECT;
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
goto quit;
}
Make sure DynaGetFunction() returns a function pointer, not a data pointer. The standards don't actually allow typecasts between data and functions so some picky compilers warn about this.
2004-02-06 15:28:49 +08:00
}
ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define.
2015-01-19 04:25:37 +08:00
#ifdef USE_WIN32_LDAP
fixed ldap support for winldap.
2007-09-16 04:03:03 +08:00
ldap_set_option(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto);
lib: remove conn->data uses Closes #6515
2021-01-25 01:57:02 +08:00
rc = ldap_win_bind(data, server, user, passwd);
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
#else
ldap: Fixed Unicode user and password in Win32 bind calls
2015-01-04 04:16:26 +08:00
rc = ldap_simple_bind_s(server, user, passwd);
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
#endif
tidy-up: make conditional checks more consistent ... remove '== NULL' and '!= 0' Closes #6912
2021-04-19 16:46:11 +08:00
if(!ldap_ssl && rc) {
Vilmos Nebehaj improved libcurl's LDAP abilities: The LDAP code in libcurl can't handle LDAP servers of LDAPv3 nor binary attributes in LDAP objects. So, I made a quick patch to address these problems. The solution is simple: if we connect to an LDAP server, first try LDAPv3 (which is the preferred protocol as of now) and then fall back to LDAPv2. In case of binary attributes, we first convert them to base64, just like the openldap client does. It uses ldap_get_values_len() instead of ldap_get_values() to be able to retrieve binary attributes correctly. I defined the necessary LDAP macros in lib/ldap.c to be able to compile libcurl without the presence of libldap
2005-10-31 16:55:01 +08:00
ldap_proto = LDAP_VERSION2;
Patrick Monnerat modified the LDAP code and approach in curl. Starting now, the configure script checks for openldap and friends and we link with those libs just like we link all other third party libraries, and we no longer dlopen() those libraries. Our private header file lib/ldap.h was renamed to lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix) just before this commit, just in case.
2007-08-12 04:57:54 +08:00
ldap_set_option(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto);
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
#ifdef USE_WIN32_LDAP
lib: remove conn->data uses Closes #6515
2021-01-25 01:57:02 +08:00
rc = ldap_win_bind(data, server, user, passwd);
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
#else
ldap: Fixed Unicode user and password in Win32 bind calls
2015-01-04 04:16:26 +08:00
rc = ldap_simple_bind_s(server, user, passwd);
LDAP: using ldap_bind_s on Windows with methods (#878) * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-24 03:45:39 +08:00
#endif
Vilmos Nebehaj improved libcurl's LDAP abilities: The LDAP code in libcurl can't handle LDAP servers of LDAPv3 nor binary attributes in LDAP objects. So, I made a quick patch to address these problems. The solution is simple: if we connect to an LDAP server, first try LDAPv3 (which is the preferred protocol as of now) and then fall back to LDAPv2. In case of binary attributes, we first convert them to base64, just like the openldap client does. It uses ldap_get_values_len() instead of ldap_get_values() to be able to retrieve binary attributes correctly. I defined the necessary LDAP macros in lib/ldap.c to be able to compile libcurl without the presence of libldap
2005-10-31 16:55:01 +08:00
}
tidy-up: make conditional checks more consistent ... remove '== NULL' and '!= 0' Closes #6912
2021-04-19 16:46:11 +08:00
if(rc) {
ldap: show precise LDAP call in error message on Windows Also add a unique but common text ('bind via') to make it easy to grep this specific failure regardless of platform. Ref: https://github.com/curl/curl/pull/878/files#diff-7a636f08047c4edb53a240f540b4ecf6R468 Closes https://github.com/curl/curl/pull/3118 Reviewed-by: Daniel Stenberg <daniel@haxx.se> Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
2018-10-09 23:05:35 +08:00
#ifdef USE_WIN32_LDAP
failf(data, "LDAP local: bind via ldap_win_bind %s",
lib: tidy up types and casts Cherry-picked from #13489 Closes #13862
2024-06-03 04:30:52 +08:00
ldap_err2string((ULONG)rc));
ldap: show precise LDAP call in error message on Windows Also add a unique but common text ('bind via') to make it easy to grep this specific failure regardless of platform. Ref: https://github.com/curl/curl/pull/878/files#diff-7a636f08047c4edb53a240f540b4ecf6R468 Closes https://github.com/curl/curl/pull/3118 Reviewed-by: Daniel Stenberg <daniel@haxx.se> Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
2018-10-09 23:05:35 +08:00
#else
failf(data, "LDAP local: bind via ldap_simple_bind_s %s",
ldap_err2string(rc));
#endif
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
result = CURLE_LDAP_CANNOT_BIND;
source cleanup: unify look, style and indent levels By the use of a the new lib/checksrc.pl script that checks that our basic source style rules are followed.
2011-04-20 21:17:42 +08:00
goto quit;
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
}
lib: client writer, part 2, accounting + logging This PR has these changes: Renaming of unencode_* to cwriter, e.g. client writers - documentation of sendf.h functions - move max decode stack checks back to content_encoding.c - define writer phase which was used as order before - introduce phases for monitoring inbetween decode phases - offering default implementations for init/write/close Add type paramter to client writer's do_write() - always pass all writes through the writer stack - writers who only care about BODY data will pass other writes unchanged add RAW and PROTOCOL client writers - RAW used for Curl_debug() logging of CURLINFO_DATA_IN - PROTOCOL used for updates to data->req.bytecount, max_filesize checks and Curl_pgrsSetDownloadCounter() - remove all updates of data->req.bytecount and calls to Curl_pgrsSetDownloadCounter() and Curl_debug() from other code - adjust test457 expected output to no longer see the excess write Closes #12184
2023-10-23 16:33:07 +08:00
Curl_pgrsSetDownloadCounter(data, 0);
lib: tidy up types and casts Cherry-picked from #13489 Closes #13862
2024-06-03 04:30:52 +08:00
rc = (int)ldap_search_s(server, ludp->lud_dn,
(curl_ldap_num_t)ludp->lud_scope,
ludp->lud_filter, ludp->lud_attrs, 0, &ldapmsg);
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
tidy-up: make conditional checks more consistent ... remove '== NULL' and '!= 0' Closes #6912
2021-04-19 16:46:11 +08:00
if(rc && rc != LDAP_SIZELIMIT_EXCEEDED) {
lib: tidy up types and casts Cherry-picked from #13489 Closes #13862
2024-06-03 04:30:52 +08:00
failf(data, "LDAP remote: %s", ldap_err2string((curl_ldap_num_t)rc));
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
result = CURLE_LDAP_SEARCH_FAILED;
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
goto quit;
}
lib: silence warnings on comma misuse Building curl with -Wcomma, I see warnings about "possible misuse of comma operator here" and moving fields assignment out of the for() fixes it. Closes #13392
2024-04-17 16:27:42 +08:00
num = 0;
for(entryIterator = ldap_first_entry(server, ldapmsg);
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
entryIterator;
source cleanup: unify look, style and indent levels By the use of a the new lib/checksrc.pl script that checks that our basic source style rules are followed.
2011-04-20 21:17:42 +08:00
entryIterator = ldap_next_entry(server, entryIterator), num++) {
Patrick Monnerat modified the LDAP code and approach in curl. Starting now, the configure script checks for openldap and friends and we link with those libs just like we link all other third party libraries, and we no longer dlopen() those libraries. Our private header file lib/ldap.h was renamed to lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix) just before this commit, just in case.
2007-08-12 04:57:54 +08:00
BerElement *ber = NULL;
ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define.
2015-01-19 04:25:37 +08:00
#if defined(USE_WIN32_LDAP)
ldap: Fixed attribute variable warnings when Unicode is enabled Use 'TCHAR *' for local attribute variable rather than 'char *'.
2015-01-04 05:19:11 +08:00
TCHAR *attribute;
#else
ldap: reduce the amount of #ifdefs needed Closes #6035
2020-10-02 17:18:21 +08:00
char *attribute;
ldap: Fixed attribute variable warnings when Unicode is enabled Use 'TCHAR *' for local attribute variable rather than 'char *'.
2015-01-04 05:19:11 +08:00
#endif
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
int i;
ldap: Fixed DN memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:05:50 +08:00
/* Get the DN and write it to the client */
{
ldap: Convert DN output to UTF-8 when Unicode
2015-01-08 03:19:20 +08:00
char *name;
size_t name_len;
ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define.
2015-01-19 04:25:37 +08:00
#if defined(USE_WIN32_LDAP)
ldap: Fixed DN variable warnings when Unicode is enabled Use 'TCHAR *' for local DN variable rather than 'char *'.
2015-01-04 05:12:56 +08:00
TCHAR *dn = ldap_get_dn(server, entryIterator);
curl_multibyte: add to curlx This will also be needed in the tool and tests. Ref: https://github.com/curl/curl/pull/3758#issuecomment-482197512 Closes https://github.com/curl/curl/pull/3784
2019-04-14 04:55:51 +08:00
name = curlx_convert_tchar_to_UTF8(dn);
ldap: Convert DN output to UTF-8 when Unicode
2015-01-08 03:19:20 +08:00
if(!name) {
ldap_memfree(dn);
result = CURLE_OUT_OF_MEMORY;
goto quit;
}
ldap: Fixed DN variable warnings when Unicode is enabled Use 'TCHAR *' for local DN variable rather than 'char *'.
2015-01-04 05:12:56 +08:00
#else
ldap: Convert DN output to UTF-8 when Unicode
2015-01-08 03:19:20 +08:00
char *dn = name = ldap_get_dn(server, entryIterator);
ldap: Fixed DN variable warnings when Unicode is enabled Use 'TCHAR *' for local DN variable rather than 'char *'.
2015-01-04 05:12:56 +08:00
#endif
ldap: Convert DN output to UTF-8 when Unicode
2015-01-08 03:19:20 +08:00
name_len = strlen(name);
ldap: check Curl_client_write() return codes There might be one or two memory leaks left in the error paths.
2014-12-10 07:41:32 +08:00
lib: pass in 'struct Curl_easy *' to most functions ... in most cases instead of 'struct connectdata *' but in some cases in addition to. - We mostly operate on transfers and not connections. - We need the transfer handle to log, store data and more. Everything in libcurl is driven by a transfer (the CURL * in the public API). - This work clarifies and separates the transfers from the connections better. - We should avoid "conn->data". Since individual connections can be used by many transfers when multiplexing, making sure that conn->data points to the current and correct transfer at all times is difficult and has been notoriously error-prone over the years. The goal is to ultimately remove the conn->data pointer for this reason. Closes #6425
2021-01-09 00:58:15 +08:00
result = Curl_client_write(data, CLIENTWRITE_BODY, (char *)"DN: ", 4);
ldap: Fixed DN memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:05:50 +08:00
if(result) {
ldap: reduce the amount of #ifdefs needed Closes #6035
2020-10-02 17:18:21 +08:00
FREE_ON_WINLDAP(name);
ldap: Fixed DN memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:05:50 +08:00
ldap_memfree(dn);
goto quit;
}
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
lib: fix some type mismatches and remove unneeded typecasts Many of these castings are unneeded if we change the variables to work better with each other. Ref: https://github.com/curl/curl/pull/9823 Closes https://github.com/curl/curl/pull/9835
2022-10-29 00:32:09 +08:00
result = Curl_client_write(data, CLIENTWRITE_BODY, name, name_len);
ldap: Fixed DN memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:05:50 +08:00
if(result) {
ldap: reduce the amount of #ifdefs needed Closes #6035
2020-10-02 17:18:21 +08:00
FREE_ON_WINLDAP(name);
ldap: Fixed DN memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:05:50 +08:00
ldap_memfree(dn);
goto quit;
}
lib: pass in 'struct Curl_easy *' to most functions ... in most cases instead of 'struct connectdata *' but in some cases in addition to. - We mostly operate on transfers and not connections. - We need the transfer handle to log, store data and more. Everything in libcurl is driven by a transfer (the CURL * in the public API). - This work clarifies and separates the transfers from the connections better. - We should avoid "conn->data". Since individual connections can be used by many transfers when multiplexing, making sure that conn->data points to the current and correct transfer at all times is difficult and has been notoriously error-prone over the years. The goal is to ultimately remove the conn->data pointer for this reason. Closes #6425
2021-01-09 00:58:15 +08:00
result = Curl_client_write(data, CLIENTWRITE_BODY, (char *)"\n", 1);
ldap: Fixed DN memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:05:50 +08:00
if(result) {
ldap: reduce the amount of #ifdefs needed Closes #6035
2020-10-02 17:18:21 +08:00
FREE_ON_WINLDAP(name);
ldap: Fixed DN memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:05:50 +08:00
ldap_memfree(dn);
goto quit;
}
ldap: reduce the amount of #ifdefs needed Closes #6035
2020-10-02 17:18:21 +08:00
FREE_ON_WINLDAP(name);
ldap: Fixed DN memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:05:50 +08:00
ldap_memfree(dn);
}
- As reported independent by both Stan van de Burgt and Didier Brisebourg, CURLINFO_SIZE_DOWNLOAD (the -w variable size_download) didn't work when getting data from ldap!
2009-11-03 02:49:56 +08:00
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
/* Get the attributes and write them to the client */
source cleanup: unify look, style and indent levels By the use of a the new lib/checksrc.pl script that checks that our basic source style rules are followed.
2011-04-20 21:17:42 +08:00
for(attribute = ldap_first_attribute(server, entryIterator, &ber);
attribute;
attribute = ldap_next_attribute(server, entryIterator, ber)) {
ldap: Convert attribute output to UTF-8 when Unicode
2015-01-08 03:45:24 +08:00
BerValue **vals;
size_t attr_len;
ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define.
2015-01-19 04:25:37 +08:00
#if defined(USE_WIN32_LDAP)
curl_multibyte: add to curlx This will also be needed in the tool and tests. Ref: https://github.com/curl/curl/pull/3758#issuecomment-482197512 Closes https://github.com/curl/curl/pull/3784
2019-04-14 04:55:51 +08:00
char *attr = curlx_convert_tchar_to_UTF8(attribute);
ldap: Convert attribute output to UTF-8 when Unicode
2015-01-08 03:45:24 +08:00
if(!attr) {
if(ber)
ber_free(ber, 0);
result = CURLE_OUT_OF_MEMORY;
goto quit;
lib: fix some misuse of curlx_convert_UTF8_to_tchar curlx_convert_UTF8_to_tchar must be freed by curlx_unicodefree, but prior to this change some uses mistakenly called free. I've reviewed all other uses of curlx_convert_UTF8_to_tchar and curlx_convert_tchar_to_UTF8. Bug: https://github.com/curl/curl/pull/6602#issuecomment-825236763 Reported-by: sergio-nsk@users.noreply.github.com Closes https://github.com/curl/curl/pull/6938
2021-04-23 12:21:16 +08:00
}
ldap: Fixed attribute variable warnings when Unicode is enabled Use 'TCHAR *' for local attribute variable rather than 'char *'.
2015-01-04 05:19:11 +08:00
#else
ldap: Convert attribute output to UTF-8 when Unicode
2015-01-08 03:45:24 +08:00
char *attr = attribute;
ldap: Fixed attribute variable warnings when Unicode is enabled Use 'TCHAR *' for local attribute variable rather than 'char *'.
2015-01-04 05:19:11 +08:00
#endif
ldap: Convert attribute output to UTF-8 when Unicode
2015-01-08 03:45:24 +08:00
attr_len = strlen(attr);
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
ldap: Convert attribute output to UTF-8 when Unicode
2015-01-08 03:45:24 +08:00
vals = ldap_get_values_len(server, entryIterator, attribute);
checksrc: detect more kinds of NULL comparisons we avoid Co-authored-by: Jay Satiro Closes #8180
2021-12-26 04:41:14 +08:00
if(vals) {
source cleanup: unify look, style and indent levels By the use of a the new lib/checksrc.pl script that checks that our basic source style rules are followed.
2011-04-20 21:17:42 +08:00
for(i = 0; (vals[i] != NULL); i++) {
lib: pass in 'struct Curl_easy *' to most functions ... in most cases instead of 'struct connectdata *' but in some cases in addition to. - We mostly operate on transfers and not connections. - We need the transfer handle to log, store data and more. Everything in libcurl is driven by a transfer (the CURL * in the public API). - This work clarifies and separates the transfers from the connections better. - We should avoid "conn->data". Since individual connections can be used by many transfers when multiplexing, making sure that conn->data points to the current and correct transfer at all times is difficult and has been notoriously error-prone over the years. The goal is to ultimately remove the conn->data pointer for this reason. Closes #6425
2021-01-09 00:58:15 +08:00
result = Curl_client_write(data, CLIENTWRITE_BODY, (char *)"\t", 1);
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
if(result) {
ldap_value_free_len(vals);
ldap: reduce the amount of #ifdefs needed Closes #6035
2020-10-02 17:18:21 +08:00
FREE_ON_WINLDAP(attr);
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
ldap_memfree(attribute);
if(ber)
ber_free(ber, 0);
ldap: check Curl_client_write() return codes There might be one or two memory leaks left in the error paths.
2014-12-10 07:41:32 +08:00
goto quit;
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
}
ldap: check Curl_client_write() return codes There might be one or two memory leaks left in the error paths.
2014-12-10 07:41:32 +08:00
lib: fix some type mismatches and remove unneeded typecasts Many of these castings are unneeded if we change the variables to work better with each other. Ref: https://github.com/curl/curl/pull/9823 Closes https://github.com/curl/curl/pull/9835
2022-10-29 00:32:09 +08:00
result = Curl_client_write(data, CLIENTWRITE_BODY, attr, attr_len);
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
if(result) {
ldap_value_free_len(vals);
ldap: reduce the amount of #ifdefs needed Closes #6035
2020-10-02 17:18:21 +08:00
FREE_ON_WINLDAP(attr);
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
ldap_memfree(attribute);
if(ber)
ber_free(ber, 0);
ldap: check Curl_client_write() return codes There might be one or two memory leaks left in the error paths.
2014-12-10 07:41:32 +08:00
goto quit;
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
}
ldap: check Curl_client_write() return codes There might be one or two memory leaks left in the error paths.
2014-12-10 07:41:32 +08:00
lib: pass in 'struct Curl_easy *' to most functions ... in most cases instead of 'struct connectdata *' but in some cases in addition to. - We mostly operate on transfers and not connections. - We need the transfer handle to log, store data and more. Everything in libcurl is driven by a transfer (the CURL * in the public API). - This work clarifies and separates the transfers from the connections better. - We should avoid "conn->data". Since individual connections can be used by many transfers when multiplexing, making sure that conn->data points to the current and correct transfer at all times is difficult and has been notoriously error-prone over the years. The goal is to ultimately remove the conn->data pointer for this reason. Closes #6425
2021-01-09 00:58:15 +08:00
result = Curl_client_write(data, CLIENTWRITE_BODY, (char *)": ", 2);
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
if(result) {
ldap_value_free_len(vals);
ldap: reduce the amount of #ifdefs needed Closes #6035
2020-10-02 17:18:21 +08:00
FREE_ON_WINLDAP(attr);
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
ldap_memfree(attribute);
if(ber)
ber_free(ber, 0);
ldap: check Curl_client_write() return codes There might be one or two memory leaks left in the error paths.
2014-12-10 07:41:32 +08:00
goto quit;
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
}
ldap: Pass write length in all Curl_client_write() calls As we get the length for the DN and attribute variables, and we know the length for the line terminator, pass the length values rather than zero as this will save Curl_client_write() from having to perform an additional strlen() call.
2015-01-04 01:39:23 +08:00
if((attr_len > 7) &&
lib: fix some type mismatches and remove unneeded typecasts Many of these castings are unneeded if we change the variables to work better with each other. Ref: https://github.com/curl/curl/pull/9823 Closes https://github.com/curl/curl/pull/9835
2022-10-29 00:32:09 +08:00
(strcmp(";binary", attr + (attr_len - 7)) == 0)) {
Vilmos Nebehaj improved libcurl's LDAP abilities: The LDAP code in libcurl can't handle LDAP servers of LDAPv3 nor binary attributes in LDAP objects. So, I made a quick patch to address these problems. The solution is simple: if we connect to an LDAP server, first try LDAPv3 (which is the preferred protocol as of now) and then fall back to LDAPv2. In case of binary attributes, we first convert them to base64, just like the openldap client does. It uses ldap_get_values_len() instead of ldap_get_values() to be able to retrieve binary attributes correctly. I defined the necessary LDAP macros in lib/ldap.c to be able to compile libcurl without the presence of libldap
2005-10-31 16:55:01 +08:00
/* Binary attribute, encode to base64. */
lib: remove support for CURL_DOES_CONVERSIONS TPF was the only user and support for that was dropped. Closes #8378
2022-02-03 20:04:30 +08:00
result = Curl_base64_encode(vals[i]->bv_val, vals[i]->bv_len,
&val_b64, &val_b64_sz);
ldap: Prefer 'CURLcode result' for curl result codes
2015-01-04 01:45:51 +08:00
if(result) {
base64: fix Curl_base64_encode and Curl_base64_decode interfaces Previous interfaces for these libcurl internal functions did not allow to tell apart a legitimate zero size result from an error condition. These functions now return a CURLcode indicating function success or otherwise specific error. Output size is returned using a pointer argument. All usage of these two functions, and others closely related, has been adapted to the new interfaces. Relative error and OOM handling adapted or added where missing. Unit test 1302 also adapted.
2011-08-24 14:07:36 +08:00
ldap_value_free_len(vals);
ldap: reduce the amount of #ifdefs needed Closes #6035
2020-10-02 17:18:21 +08:00
FREE_ON_WINLDAP(attr);
base64: fix Curl_base64_encode and Curl_base64_decode interfaces Previous interfaces for these libcurl internal functions did not allow to tell apart a legitimate zero size result from an error condition. These functions now return a CURLcode indicating function success or otherwise specific error. Output size is returned using a pointer argument. All usage of these two functions, and others closely related, has been adapted to the new interfaces. Relative error and OOM handling adapted or added where missing. Unit test 1302 also adapted.
2011-08-24 14:07:36 +08:00
ldap_memfree(attribute);
if(ber)
ber_free(ber, 0);
ldap: Prefer 'CURLcode result' for curl result codes
2015-01-04 01:45:51 +08:00
base64: fix Curl_base64_encode and Curl_base64_decode interfaces Previous interfaces for these libcurl internal functions did not allow to tell apart a legitimate zero size result from an error condition. These functions now return a CURLcode indicating function success or otherwise specific error. Output size is returned using a pointer argument. All usage of these two functions, and others closely related, has been adapted to the new interfaces. Relative error and OOM handling adapted or added where missing. Unit test 1302 also adapted.
2011-08-24 14:07:36 +08:00
goto quit;
}
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(val_b64_sz > 0) {
lib: pass in 'struct Curl_easy *' to most functions ... in most cases instead of 'struct connectdata *' but in some cases in addition to. - We mostly operate on transfers and not connections. - We need the transfer handle to log, store data and more. Everything in libcurl is driven by a transfer (the CURL * in the public API). - This work clarifies and separates the transfers from the connections better. - We should avoid "conn->data". Since individual connections can be used by many transfers when multiplexing, making sure that conn->data points to the current and correct transfer at all times is difficult and has been notoriously error-prone over the years. The goal is to ultimately remove the conn->data pointer for this reason. Closes #6425
2021-01-09 00:58:15 +08:00
result = Curl_client_write(data, CLIENTWRITE_BODY, val_b64,
ldap: check Curl_client_write() return codes There might be one or two memory leaks left in the error paths.
2014-12-10 07:41:32 +08:00
val_b64_sz);
Vilmos Nebehaj improved libcurl's LDAP abilities: The LDAP code in libcurl can't handle LDAP servers of LDAPv3 nor binary attributes in LDAP objects. So, I made a quick patch to address these problems. The solution is simple: if we connect to an LDAP server, first try LDAPv3 (which is the preferred protocol as of now) and then fall back to LDAPv2. In case of binary attributes, we first convert them to base64, just like the openldap client does. It uses ldap_get_values_len() instead of ldap_get_values() to be able to retrieve binary attributes correctly. I defined the necessary LDAP macros in lib/ldap.c to be able to compile libcurl without the presence of libldap
2005-10-31 16:55:01 +08:00
free(val_b64);
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
if(result) {
ldap_value_free_len(vals);
ldap: reduce the amount of #ifdefs needed Closes #6035
2020-10-02 17:18:21 +08:00
FREE_ON_WINLDAP(attr);
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
ldap_memfree(attribute);
if(ber)
ber_free(ber, 0);
ldap: check Curl_client_write() return codes There might be one or two memory leaks left in the error paths.
2014-12-10 07:41:32 +08:00
goto quit;
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
}
Vilmos Nebehaj improved libcurl's LDAP abilities: The LDAP code in libcurl can't handle LDAP servers of LDAPv3 nor binary attributes in LDAP objects. So, I made a quick patch to address these problems. The solution is simple: if we connect to an LDAP server, first try LDAPv3 (which is the preferred protocol as of now) and then fall back to LDAPv2. In case of binary attributes, we first convert them to base64, just like the openldap client does. It uses ldap_get_values_len() instead of ldap_get_values() to be able to retrieve binary attributes correctly. I defined the necessary LDAP macros in lib/ldap.c to be able to compile libcurl without the presence of libldap
2005-10-31 16:55:01 +08:00
}
- As reported independent by both Stan van de Burgt and Didier Brisebourg, CURLINFO_SIZE_DOWNLOAD (the -w variable size_download) didn't work when getting data from ldap!
2009-11-03 02:49:56 +08:00
}
else {
lib: pass in 'struct Curl_easy *' to most functions ... in most cases instead of 'struct connectdata *' but in some cases in addition to. - We mostly operate on transfers and not connections. - We need the transfer handle to log, store data and more. Everything in libcurl is driven by a transfer (the CURL * in the public API). - This work clarifies and separates the transfers from the connections better. - We should avoid "conn->data". Since individual connections can be used by many transfers when multiplexing, making sure that conn->data points to the current and correct transfer at all times is difficult and has been notoriously error-prone over the years. The goal is to ultimately remove the conn->data pointer for this reason. Closes #6425
2021-01-09 00:58:15 +08:00
result = Curl_client_write(data, CLIENTWRITE_BODY, vals[i]->bv_val,
ldap: check Curl_client_write() return codes There might be one or two memory leaks left in the error paths.
2014-12-10 07:41:32 +08:00
vals[i]->bv_len);
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
if(result) {
ldap_value_free_len(vals);
ldap: reduce the amount of #ifdefs needed Closes #6035
2020-10-02 17:18:21 +08:00
FREE_ON_WINLDAP(attr);
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
ldap_memfree(attribute);
if(ber)
ber_free(ber, 0);
ldap: check Curl_client_write() return codes There might be one or two memory leaks left in the error paths.
2014-12-10 07:41:32 +08:00
goto quit;
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
}
- As reported independent by both Stan van de Burgt and Didier Brisebourg, CURLINFO_SIZE_DOWNLOAD (the -w variable size_download) didn't work when getting data from ldap!
2009-11-03 02:49:56 +08:00
}
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
lib: pass in 'struct Curl_easy *' to most functions ... in most cases instead of 'struct connectdata *' but in some cases in addition to. - We mostly operate on transfers and not connections. - We need the transfer handle to log, store data and more. Everything in libcurl is driven by a transfer (the CURL * in the public API). - This work clarifies and separates the transfers from the connections better. - We should avoid "conn->data". Since individual connections can be used by many transfers when multiplexing, making sure that conn->data points to the current and correct transfer at all times is difficult and has been notoriously error-prone over the years. The goal is to ultimately remove the conn->data pointer for this reason. Closes #6425
2021-01-09 00:58:15 +08:00
result = Curl_client_write(data, CLIENTWRITE_BODY, (char *)"\n", 1);
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
if(result) {
ldap_value_free_len(vals);
ldap: reduce the amount of #ifdefs needed Closes #6035
2020-10-02 17:18:21 +08:00
FREE_ON_WINLDAP(attr);
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
ldap_memfree(attribute);
if(ber)
ber_free(ber, 0);
ldap: check Curl_client_write() return codes There might be one or two memory leaks left in the error paths.
2014-12-10 07:41:32 +08:00
goto quit;
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
}
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
}
/* Free memory used to store values */
Patrick Monnerat modified the LDAP code and approach in curl. Starting now, the configure script checks for openldap and friends and we link with those libs just like we link all other third party libraries, and we no longer dlopen() those libraries. Our private header file lib/ldap.h was renamed to lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix) just before this commit, just in case.
2007-08-12 04:57:54 +08:00
ldap_value_free_len(vals);
Initial revision
1999-12-29 22:20:26 +08:00
}
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
/* Free the attribute as we are done with it */
ldap: reduce the amount of #ifdefs needed Closes #6035
2020-10-02 17:18:21 +08:00
FREE_ON_WINLDAP(attr);
ldap: Fixed attribute memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:25:11 +08:00
ldap_memfree(attribute);
lib: pass in 'struct Curl_easy *' to most functions ... in most cases instead of 'struct connectdata *' but in some cases in addition to. - We mostly operate on transfers and not connections. - We need the transfer handle to log, store data and more. Everything in libcurl is driven by a transfer (the CURL * in the public API). - This work clarifies and separates the transfers from the connections better. - We should avoid "conn->data". Since individual connections can be used by many transfers when multiplexing, making sure that conn->data points to the current and correct transfer at all times is difficult and has been notoriously error-prone over the years. The goal is to ultimately remove the conn->data pointer for this reason. Closes #6425
2021-01-09 00:58:15 +08:00
result = Curl_client_write(data, CLIENTWRITE_BODY, (char *)"\n", 1);
ldap: check Curl_client_write() return codes There might be one or two memory leaks left in the error paths.
2014-12-10 07:41:32 +08:00
if(result)
goto quit;
Initial revision
1999-12-29 22:20:26 +08:00
}
ldap: Fixed DN memory leaks on failed client write Fixed memory leaks from commit 086ad79970 as was noted in the commit comments.
2015-01-04 01:05:50 +08:00
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(ber)
checksrc: find bad indentation in conditions without open brace If the previous line starts with if/while/for AND ends with a closed parenthesis and there's an equal number of open and closed parentheses on that line, verify that this line is indented $indent more steps, if not a cpp line. Also adjust the fall-out from this fix. Closes #11054
2023-04-29 00:07:33 +08:00
ber_free(ber, 0);
Initial revision
1999-12-29 22:20:26 +08:00
}
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
quit:
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
if(ldapmsg) {
ldap_msgfree(ldapmsg);
checksrc: stricter no-space-before-paren enforcement In order to make the code style more uniform everywhere
2016-12-14 06:34:59 +08:00
LDAP_TRACE(("Received %d entries\n", num));
added basic ldaps support; for now its ifdef'd with HAVE_LDAP_SSL unless we know its fully working, and available with all LDAP SDKs. Win32 requires to have the trusted CA in local keystore - I've not found yet a way to disable the cert check.
2007-08-16 22:08:47 +08:00
}
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(rc == LDAP_SIZELIMIT_EXCEEDED)
infof: remove newline from format strings, always append it - the data needs to be "line-based" anyway since it's also passed to the debug callback/application - it makes infof() work like failf() and consistency is good - there's an assert that triggers on newlines in the format string - Also removes a few instances of "..." - Removes the code that would append "..." to the end of the data *iff* it was truncated in infof() Closes #7357
2021-07-06 23:05:17 +08:00
infof(data, "There are more than %d entries", num);
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(ludp)
added basic ldaps support; for now its ifdef'd with HAVE_LDAP_SSL unless we know its fully working, and available with all LDAP SDKs. Win32 requires to have the trusted CA in local keystore - I've not found yet a way to disable the cert check.
2007-08-16 22:08:47 +08:00
ldap_free_urldesc(ludp);
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(server)
added basic ldaps support; for now its ifdef'd with HAVE_LDAP_SSL unless we know its fully working, and available with all LDAP SDKs. Win32 requires to have the trusted CA in local keystore - I've not found yet a way to disable the cert check.
2007-08-16 22:08:47 +08:00
ldap_unbind_s(server);
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
#if defined(HAVE_LDAP_SSL) && defined(CURL_HAS_NOVELL_LDAPSDK)
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(ldap_ssl)
added basic ldaps support; for now its ifdef'd with HAVE_LDAP_SSL unless we know its fully working, and available with all LDAP SDKs. Win32 requires to have the trusted CA in local keystore - I've not found yet a way to disable the cert check.
2007-08-16 22:08:47 +08:00
ldapssl_client_deinit();
fixed ldaps section for OpenLDAP. Still not working, but at least it compiles now, and should serve as base to get it finally working. Also seems that the ifdefs can be arranged some better because the Solaris and Netscape/iPlanet/Mozilla LDAP SDKs seem to be closer to the Novell section than the OpenLDAP one.
2007-08-21 00:30:41 +08:00
#endif /* HAVE_LDAP_SSL && CURL_HAS_NOVELL_LDAPSDK */
bug report #474568 - We need to set "no further data to download" before the Curl_ldap() function returns, as otherwise it'll hang on that assumed transfer.
2001-10-25 16:28:29 +08:00
ldap: reduce the amount of #ifdefs needed Closes #6035
2020-10-02 17:18:21 +08:00
FREE_ON_WINLDAP(host);
ldap: Fixed Unicode host name in Win32 initialisation calls
2015-01-04 03:59:12 +08:00
bug report #474568 - We need to set "no further data to download" before the Curl_ldap() function returns, as otherwise it'll hang on that assumed transfer.
2001-10-25 16:28:29 +08:00
/* no data to transfer */
lib: xfer_setup and non-blocking shutdown - clarify Curl_xfer_setup() with RECV/SEND flags and different calls for which socket they operate on. Add a shutdown flag for secondary sockets - change Curl_xfer_setup() calls to new functions - implement non-blocking connection shutdown at the end of receiving or sending a transfer Closes #13913
2024-06-10 19:32:13 +08:00
Curl_xfer_setup_nop(data);
spelling: use 'reuse' not 're-use' in code and elsewhere Unify the spelling as both versions were previously used intermittently Closes #11717
2023-08-23 20:47:45 +08:00
connclose(conn, "LDAP connection always disable reuse");
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
ldap: rename variables to comply to curl standards
2014-12-10 07:36:31 +08:00
return result;
Initial revision
1999-12-29 22:20:26 +08:00
}
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
#ifdef DEBUG_LDAP
checksrc: stricter no-space-before-paren enforcement In order to make the code style more uniform everywhere
2016-12-14 06:34:59 +08:00
static void _ldap_trace(const char *fmt, ...)
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
{
static int do_trace = -1;
va_list args;
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(do_trace == -1) {
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
const char *env = getenv("CURL_TRACE");
atoi: remove atoi usage
2010-11-29 06:11:14 +08:00
do_trace = (env && strtol(env, NULL, 10) > 0);
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
}
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(!do_trace)
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
return;
checksrc: stricter no-space-before-paren enforcement In order to make the code style more uniform everywhere
2016-12-14 06:34:59 +08:00
va_start(args, fmt);
vfprintf(stderr, fmt, args);
va_end(args);
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
}
added disable-[protocol] support, largely provided by Miklos Nemeth
2002-06-11 19:13:01 +08:00
#endif
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
Patrick Monnerat modified the LDAP code and approach in curl. Starting now, the configure script checks for openldap and friends and we link with those libs just like we link all other third party libraries, and we no longer dlopen() those libraries. Our private header file lib/ldap.h was renamed to lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix) just before this commit, just in case.
2007-08-12 04:57:54 +08:00
#ifndef HAVE_LDAP_URL_PARSE
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
/*
* Return scope-value for a scope-string.
*/
checksrc: stricter no-space-before-paren enforcement In order to make the code style more uniform everywhere
2016-12-14 06:34:59 +08:00
static int str2scope(const char *p)
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
{
strcase: s/strequal/strcasecompare some more follow-ups to 811a693b80
2016-10-31 16:37:30 +08:00
if(strcasecompare(p, "one"))
return LDAP_SCOPE_ONELEVEL;
if(strcasecompare(p, "onetree"))
return LDAP_SCOPE_ONELEVEL;
if(strcasecompare(p, "base"))
return LDAP_SCOPE_BASE;
if(strcasecompare(p, "sub"))
return LDAP_SCOPE_SUBTREE;
if(strcasecompare(p, "subtree"))
return LDAP_SCOPE_SUBTREE;
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
return (-1);
}
/*
* Split 'str' into strings separated by commas.
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
* Note: out[] points into 'str'.
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
*/
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
static bool split_str(char *str, char ***out, size_t *count)
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
{
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
char **res;
char *lasts;
char *s;
size_t i;
size_t items = 1;
s = strchr(str, ',');
while(s) {
items++;
s = strchr(++s, ',');
}
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
res = calloc(items, sizeof(char *));
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(!res)
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
return FALSE;
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
strtok: use namespaced `strtok_r` macro instead of redefining it krb5 defines `strtok_r` for Windows unconditionally in its public header: https://github.com/krb5/krb5/blob/dc5554394e5a4363b3e109623edbeb9ad6c18a62/src/include/win-mac.h#L214-L215 resulting in this warning: ``` lib\strtok.h(31,9): warning C4005: 'strtok_r': macro redefinition C:\vcpkg\installed\x64-windows\include\win-mac.h(215,9): see previous definition of 'strtok_r' ``` The krb5 macro collides with curl's internal definition, in case the `strtok_r` function is undetected and falling back to a local replacement. Reported-by: Tal Regev Bug: https://github.com/curl/curl/pull/15549#issuecomment-2468251761 Closes #15564
2024-11-12 20:37:33 +08:00
for(i = 0, s = Curl_strtok_r(str, ",", &lasts); s && i < items;
s = Curl_strtok_r(NULL, ",", &lasts), i++)
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
res[i] = s;
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
*out = res;
*count = items;
return TRUE;
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
}
/*
* Break apart the pieces of an LDAP URL.
* Syntax:
* ldap://<hostname>:<port>/<base_dn>?<attributes>?<scope>?<filter>?<ext>
*
* <hostname> already known from 'conn->host.name'.
* <port> already known from 'conn->remote_port'.
lib: remove conn->data uses Closes #6515
2021-01-25 01:57:02 +08:00
* extract the rest from 'data->state.path+1'. All fields are optional.
Update comment reflecting structure change.
2006-09-08 20:17:58 +08:00
* e.g.
* ldap://<hostname>:<port>/?<attributes>?<scope>?<filter>
* yields ludp->lud_dn = "".
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
*
Update LDAP URL format reference
2009-10-13 22:48:35 +08:00
* Defined in RFC4516 section 2.
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
*/
lib: remove conn->data uses Closes #6515
2021-01-25 01:57:02 +08:00
static int _ldap_url_parse2(struct Curl_easy *data,
const struct connectdata *conn, LDAPURLDesc *ludp)
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
{
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
int rc = LDAP_SUCCESS;
char *p;
ldap: fix OOM error on missing query string - Allow missing queries, don't return NO_MEMORY error in such a case. It is acceptable for there to be no specified query string, for example: curl ldap://ldap.forumsys.com A regression bug in 1b443a7 caused this issue. This is a partial fix for #4261. Bug: https://github.com/curl/curl/issues/4261#issuecomment-525543077 Reported-by: Jojojov@users.noreply.github.com Analyzed-by: Samuel Surtees Closes https://github.com/curl/curl/pull/4467
2019-10-05 09:49:43 +08:00
char *path;
char *q = NULL;
char *query = NULL;
ldap.c: Fixed compilation warning ldap.c:802: warning: comparison between signed and unsigned integer expressions
2015-01-04 23:16:04 +08:00
size_t i;
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
lib: remove conn->data uses Closes #6515
2021-01-25 01:57:02 +08:00
if(!data ||
!data->state.up.path ||
data->state.up.path[0] != '/' ||
!strncasecompare("LDAP", data->state.up.scheme, 4))
Fixed the LDAP_DEPRECATED #define as suggested by Daniel Johnson, and indented some of the code to curl-style
2007-08-13 06:25:50 +08:00
return LDAP_INVALID_SYNTAX;
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
ludp->lud_scope = LDAP_SCOPE_BASE;
ludp->lud_port = conn->remote_port;
ludp->lud_host = conn->host.name;
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
/* Duplicate the path */
lib: remove conn->data uses Closes #6515
2021-01-25 01:57:02 +08:00
p = path = strdup(data->state.up.path + 1);
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
if(!path)
Fixed the LDAP_DEPRECATED #define as suggested by Daniel Johnson, and indented some of the code to curl-style
2007-08-13 06:25:50 +08:00
return LDAP_NO_MEMORY;
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
ldap: fix OOM error on missing query string - Allow missing queries, don't return NO_MEMORY error in such a case. It is acceptable for there to be no specified query string, for example: curl ldap://ldap.forumsys.com A regression bug in 1b443a7 caused this issue. This is a partial fix for #4261. Bug: https://github.com/curl/curl/issues/4261#issuecomment-525543077 Reported-by: Jojojov@users.noreply.github.com Analyzed-by: Samuel Surtees Closes https://github.com/curl/curl/pull/4467
2019-10-05 09:49:43 +08:00
/* Duplicate the query if present */
lib: remove conn->data uses Closes #6515
2021-01-25 01:57:02 +08:00
if(data->state.up.query) {
q = query = strdup(data->state.up.query);
ldap: fix OOM error on missing query string - Allow missing queries, don't return NO_MEMORY error in such a case. It is acceptable for there to be no specified query string, for example: curl ldap://ldap.forumsys.com A regression bug in 1b443a7 caused this issue. This is a partial fix for #4261. Bug: https://github.com/curl/curl/issues/4261#issuecomment-525543077 Reported-by: Jojojov@users.noreply.github.com Analyzed-by: Samuel Surtees Closes https://github.com/curl/curl/pull/4467
2019-10-05 09:49:43 +08:00
if(!query) {
free(path);
return LDAP_NO_MEMORY;
}
ldap: fix LDAP URL parsing regressions - Match URL scheme with LDAP and LDAPS - Retrieve attributes, scope and filter from URL query instead Regression brought in 46e164069d1a5230 (7.62.0) Closes #3362
2018-12-11 18:15:15 +08:00
}
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
ldap: fix LDAP URL parsing regressions - Match URL scheme with LDAP and LDAPS - Retrieve attributes, scope and filter from URL query instead Regression brought in 46e164069d1a5230 (7.62.0) Closes #3362
2018-12-11 18:15:15 +08:00
/* Parse the DN (Distinguished Name) */
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
if(*p) {
char *dn = p;
ldap/imap: Fixed spelling mistake in comments and variable names Reported-by: Michael Osipov
2015-01-07 21:50:56 +08:00
char *unescaped;
escape: avoid using curl_easy_unescape() internally Since the internal Curl_urldecode() function has a better API.
2016-10-08 17:21:38 +08:00
CURLcode result;
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
checksrc: stricter no-space-before-paren enforcement In order to make the code style more uniform everywhere
2016-12-14 06:34:59 +08:00
LDAP_TRACE(("DN '%s'\n", dn));
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
ldap: Fixed memory leak from commit efb64fdf80 The unescapped DN was not freed after a successful character conversion.
2015-01-04 22:11:02 +08:00
/* Unescape the DN */
lib: remove support for CURL_DOES_CONVERSIONS TPF was the only user and support for that was dropped. Closes #8378
2022-02-03 20:04:30 +08:00
result = Curl_urldecode(dn, 0, &unescaped, NULL, REJECT_ZERO);
escape: avoid using curl_easy_unescape() internally Since the internal Curl_urldecode() function has a better API.
2016-10-08 17:21:38 +08:00
if(result) {
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
rc = LDAP_NO_MEMORY;
goto quit;
}
ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define.
2015-01-19 04:25:37 +08:00
#if defined(USE_WIN32_LDAP)
ldap/imap: Fixed spelling mistake in comments and variable names Reported-by: Michael Osipov
2015-01-07 21:50:56 +08:00
/* Convert the unescaped string to a tchar */
curl_multibyte: add to curlx This will also be needed in the tool and tests. Ref: https://github.com/curl/curl/pull/3758#issuecomment-482197512 Closes https://github.com/curl/curl/pull/3784
2019-04-14 04:55:51 +08:00
ludp->lud_dn = curlx_convert_UTF8_to_tchar(unescaped);
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
ldap/imap: Fixed spelling mistake in comments and variable names Reported-by: Michael Osipov
2015-01-07 21:50:56 +08:00
/* Free the unescaped string as we are done with it */
ldap: use correct memory free function unescaped is coming from Curl_urldecode and not a unicode conversion function, so reclaiming its memory should be performed with a normal call to free rather than curlx_unicodefree. In reality, this is the same thing as curlx_unicodefree is implemented as a call to free but that's not guaranteed to always hold. Using the curlx macro present issues with memory debugging as well. Closes #6671 Reviewed-by: Jay Satiro <raysatiro@yahoo.com> Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2021-03-01 16:31:33 +08:00
free(unescaped);
ldap: Fixed memory leak from commit efb64fdf80 The unescapped DN was not freed after a successful character conversion.
2015-01-04 22:11:02 +08:00
if(!ludp->lud_dn) {
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
rc = LDAP_NO_MEMORY;
goto quit;
}
#else
ldap/imap: Fixed spelling mistake in comments and variable names Reported-by: Michael Osipov
2015-01-07 21:50:56 +08:00
ludp->lud_dn = unescaped;
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
#endif
}
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
p = q;
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(!p)
ldap: Remove the unescape_elements() function Due to the recent modifications this function is no longer used.
2015-01-04 05:04:13 +08:00
goto quit;
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
/* Parse the attributes. skip "??" */
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
q = strchr(p, '?');
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(q)
Fixed the LDAP_DEPRECATED #define as suggested by Daniel Johnson, and indented some of the code to curl-style
2007-08-13 06:25:50 +08:00
*q++ = '\0';
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
if(*p) {
char **attributes;
size_t count = 0;
/* Split the string into an array of attributes */
if(!split_str(p, &attributes, &count)) {
rc = LDAP_NO_MEMORY;
goto quit;
}
/* Allocate our array (+1 for the NULL entry) */
ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define.
2015-01-19 04:25:37 +08:00
#if defined(USE_WIN32_LDAP)
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
ludp->lud_attrs = calloc(count + 1, sizeof(TCHAR *));
#else
ludp->lud_attrs = calloc(count + 1, sizeof(char *));
#endif
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
if(!ludp->lud_attrs) {
free: instead of Curl_safefree() Since we just started make use of free(NULL) in order to simplify code, this change takes it a step further and: - converts lots of Curl_safefree() calls to good old free() - makes Curl_safefree() not check the pointer before free() The (new) rule of thumb is: if you really want a function call that frees a pointer and then assigns it to NULL, then use Curl_safefree(). But we will prefer just using free() from now on.
2015-03-16 22:01:15 +08:00
free(attributes);
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
rc = LDAP_NO_MEMORY;
goto quit;
}
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
for(i = 0; i < count; i++) {
ldap/imap: Fixed spelling mistake in comments and variable names Reported-by: Michael Osipov
2015-01-07 21:50:56 +08:00
char *unescaped;
escape: avoid using curl_easy_unescape() internally Since the internal Curl_urldecode() function has a better API.
2016-10-08 17:21:38 +08:00
CURLcode result;
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
infof/failf calls: fix format specifiers Update a few format specifiers to match what is being printed. Closes #6241
2020-11-24 05:42:07 +08:00
LDAP_TRACE(("attr[%zu] '%s'\n", i, attributes[i]));
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
/* Unescape the attribute */
lib: remove support for CURL_DOES_CONVERSIONS TPF was the only user and support for that was dropped. Closes #8378
2022-02-03 20:04:30 +08:00
result = Curl_urldecode(attributes[i], 0, &unescaped, NULL,
escape: make the URL decode able to reject only %00 bytes ... or all "control codes" or nothing. Assisted-by: Nicolas Sterchele
2020-06-23 22:13:50 +08:00
REJECT_ZERO);
escape: avoid using curl_easy_unescape() internally Since the internal Curl_urldecode() function has a better API.
2016-10-08 17:21:38 +08:00
if(result) {
free: instead of Curl_safefree() Since we just started make use of free(NULL) in order to simplify code, this change takes it a step further and: - converts lots of Curl_safefree() calls to good old free() - makes Curl_safefree() not check the pointer before free() The (new) rule of thumb is: if you really want a function call that frees a pointer and then assigns it to NULL, then use Curl_safefree(). But we will prefer just using free() from now on.
2015-03-16 22:01:15 +08:00
free(attributes);
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
rc = LDAP_NO_MEMORY;
goto quit;
}
ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define.
2015-01-19 04:25:37 +08:00
#if defined(USE_WIN32_LDAP)
ldap/imap: Fixed spelling mistake in comments and variable names Reported-by: Michael Osipov
2015-01-07 21:50:56 +08:00
/* Convert the unescaped string to a tchar */
curl_multibyte: add to curlx This will also be needed in the tool and tests. Ref: https://github.com/curl/curl/pull/3758#issuecomment-482197512 Closes https://github.com/curl/curl/pull/3784
2019-04-14 04:55:51 +08:00
ludp->lud_attrs[i] = curlx_convert_UTF8_to_tchar(unescaped);
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
ldap/imap: Fixed spelling mistake in comments and variable names Reported-by: Michael Osipov
2015-01-07 21:50:56 +08:00
/* Free the unescaped string as we are done with it */
ldap: use correct memory free function unescaped is coming from Curl_urldecode and not a unicode conversion function, so reclaiming its memory should be performed with a normal call to free rather than curlx_unicodefree. In reality, this is the same thing as curlx_unicodefree is implemented as a call to free but that's not guaranteed to always hold. Using the curlx macro present issues with memory debugging as well. Closes #6671 Reviewed-by: Jay Satiro <raysatiro@yahoo.com> Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2021-03-01 16:31:33 +08:00
free(unescaped);
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
if(!ludp->lud_attrs[i]) {
free: instead of Curl_safefree() Since we just started make use of free(NULL) in order to simplify code, this change takes it a step further and: - converts lots of Curl_safefree() calls to good old free() - makes Curl_safefree() not check the pointer before free() The (new) rule of thumb is: if you really want a function call that frees a pointer and then assigns it to NULL, then use Curl_safefree(). But we will prefer just using free() from now on.
2015-03-16 22:01:15 +08:00
free(attributes);
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
rc = LDAP_NO_MEMORY;
goto quit;
}
#else
ldap/imap: Fixed spelling mistake in comments and variable names Reported-by: Michael Osipov
2015-01-07 21:50:56 +08:00
ludp->lud_attrs[i] = unescaped;
ldap: Fixed support for Unicode attributes in Win32 search call
2015-01-04 04:49:11 +08:00
#endif
ludp->lud_attrs_dups++;
}
ldap: Fix memory leak from commit 3a805c5cc1
2015-01-05 04:06:04 +08:00
free: instead of Curl_safefree() Since we just started make use of free(NULL) in order to simplify code, this change takes it a step further and: - converts lots of Curl_safefree() calls to good old free() - makes Curl_safefree() not check the pointer before free() The (new) rule of thumb is: if you really want a function call that frees a pointer and then assigns it to NULL, then use Curl_safefree(). But we will prefer just using free() from now on.
2015-03-16 22:01:15 +08:00
free(attributes);
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
}
p = q;
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(!p)
ldap: Remove the unescape_elements() function Due to the recent modifications this function is no longer used.
2015-01-04 05:04:13 +08:00
goto quit;
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
ldap: Fixed support for Unicode filter in Win32 search call
2015-01-04 04:58:29 +08:00
/* Parse the scope. skip "??" */
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
q = strchr(p, '?');
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(q)
Fixed the LDAP_DEPRECATED #define as suggested by Daniel Johnson, and indented some of the code to curl-style
2007-08-13 06:25:50 +08:00
*q++ = '\0';
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
ldap: Fixed support for Unicode filter in Win32 search call
2015-01-04 04:58:29 +08:00
if(*p) {
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
ludp->lud_scope = str2scope(p);
LDAP: fix bad free() when URL parsing failed When an error occurs parsing an LDAP URL, The ludp->lud_attrs[i] entries could be freed even though they sometimes point to data within an allocated area. This change introduces a lud_attrs_dup[] array for the duplicated string pointers, and it removes the unused lud_exts array. Bug: http://curl.haxx.se/mail/lib-2013-08/0209.html
2013-09-06 05:51:53 +08:00
if(ludp->lud_scope == -1) {
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
rc = LDAP_INVALID_SYNTAX;
goto quit;
LDAP: fix bad free() when URL parsing failed When an error occurs parsing an LDAP URL, The ludp->lud_attrs[i] entries could be freed even though they sometimes point to data within an allocated area. This change introduces a lud_attrs_dup[] array for the duplicated string pointers, and it removes the unused lud_exts array. Bug: http://curl.haxx.se/mail/lib-2013-08/0209.html
2013-09-06 05:51:53 +08:00
}
checksrc: stricter no-space-before-paren enforcement In order to make the code style more uniform everywhere
2016-12-14 06:34:59 +08:00
LDAP_TRACE(("scope %d\n", ludp->lud_scope));
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
}
p = q;
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(!p)
ldap: Remove the unescape_elements() function Due to the recent modifications this function is no longer used.
2015-01-04 05:04:13 +08:00
goto quit;
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
ldap: Fixed support for Unicode filter in Win32 search call
2015-01-04 04:58:29 +08:00
/* Parse the filter */
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
q = strchr(p, '?');
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(q)
Fixed the LDAP_DEPRECATED #define as suggested by Daniel Johnson, and indented some of the code to curl-style
2007-08-13 06:25:50 +08:00
*q++ = '\0';
ldap: Fixed support for Unicode filter in Win32 search call
2015-01-04 04:58:29 +08:00
if(*p) {
char *filter = p;
ldap/imap: Fixed spelling mistake in comments and variable names Reported-by: Michael Osipov
2015-01-07 21:50:56 +08:00
char *unescaped;
escape: avoid using curl_easy_unescape() internally Since the internal Curl_urldecode() function has a better API.
2016-10-08 17:21:38 +08:00
CURLcode result;
ldap: Fixed support for Unicode filter in Win32 search call
2015-01-04 04:58:29 +08:00
checksrc: stricter no-space-before-paren enforcement In order to make the code style more uniform everywhere
2016-12-14 06:34:59 +08:00
LDAP_TRACE(("filter '%s'\n", filter));
ldap: Fixed support for Unicode filter in Win32 search call
2015-01-04 04:58:29 +08:00
/* Unescape the filter */
lib: remove support for CURL_DOES_CONVERSIONS TPF was the only user and support for that was dropped. Closes #8378
2022-02-03 20:04:30 +08:00
result = Curl_urldecode(filter, 0, &unescaped, NULL, REJECT_ZERO);
escape: avoid using curl_easy_unescape() internally Since the internal Curl_urldecode() function has a better API.
2016-10-08 17:21:38 +08:00
if(result) {
ldap: Fixed support for Unicode filter in Win32 search call
2015-01-04 04:58:29 +08:00
rc = LDAP_NO_MEMORY;
goto quit;
}
ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define.
2015-01-19 04:25:37 +08:00
#if defined(USE_WIN32_LDAP)
ldap/imap: Fixed spelling mistake in comments and variable names Reported-by: Michael Osipov
2015-01-07 21:50:56 +08:00
/* Convert the unescaped string to a tchar */
curl_multibyte: add to curlx This will also be needed in the tool and tests. Ref: https://github.com/curl/curl/pull/3758#issuecomment-482197512 Closes https://github.com/curl/curl/pull/3784
2019-04-14 04:55:51 +08:00
ludp->lud_filter = curlx_convert_UTF8_to_tchar(unescaped);
ldap: Fixed support for Unicode filter in Win32 search call
2015-01-04 04:58:29 +08:00
ldap/imap: Fixed spelling mistake in comments and variable names Reported-by: Michael Osipov
2015-01-07 21:50:56 +08:00
/* Free the unescaped string as we are done with it */
ldap: use correct memory free function unescaped is coming from Curl_urldecode and not a unicode conversion function, so reclaiming its memory should be performed with a normal call to free rather than curlx_unicodefree. In reality, this is the same thing as curlx_unicodefree is implemented as a call to free but that's not guaranteed to always hold. Using the curlx macro present issues with memory debugging as well. Closes #6671 Reviewed-by: Jay Satiro <raysatiro@yahoo.com> Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2021-03-01 16:31:33 +08:00
free(unescaped);
ldap: Fixed support for Unicode filter in Win32 search call
2015-01-04 04:58:29 +08:00
if(!ludp->lud_filter) {
rc = LDAP_NO_MEMORY;
goto quit;
}
#else
ldap/imap: Fixed spelling mistake in comments and variable names Reported-by: Michael Osipov
2015-01-07 21:50:56 +08:00
ludp->lud_filter = unescaped;
ldap: Fixed support for Unicode filter in Win32 search call
2015-01-04 04:58:29 +08:00
#endif
}
p = q;
if(p && !*p) {
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
rc = LDAP_INVALID_SYNTAX;
goto quit;
LDAP: fix bad free() when URL parsing failed When an error occurs parsing an LDAP URL, The ludp->lud_attrs[i] entries could be freed even though they sometimes point to data within an allocated area. This change introduces a lud_attrs_dup[] array for the duplicated string pointers, and it removes the unused lud_exts array. Bug: http://curl.haxx.se/mail/lib-2013-08/0209.html
2013-09-06 05:51:53 +08:00
}
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
quit:
free: instead of Curl_safefree() Since we just started make use of free(NULL) in order to simplify code, this change takes it a step further and: - converts lots of Curl_safefree() calls to good old free() - makes Curl_safefree() not check the pointer before free() The (new) rule of thumb is: if you really want a function call that frees a pointer and then assigns it to NULL, then use Curl_safefree(). But we will prefer just using free() from now on.
2015-03-16 22:01:15 +08:00
free(path);
ldap: fix LDAP URL parsing regressions - Match URL scheme with LDAP and LDAPS - Retrieve attributes, scope and filter from URL query instead Regression brought in 46e164069d1a5230 (7.62.0) Closes #3362
2018-12-11 18:15:15 +08:00
free(query);
ldap: Fixed support for Unicode DN in Win32 search call
2015-01-04 04:36:10 +08:00
return rc;
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
}
lib: remove conn->data uses Closes #6515
2021-01-25 01:57:02 +08:00
static int _ldap_url_parse(struct Curl_easy *data,
const struct connectdata *conn,
escape: avoid using curl_easy_unescape() internally Since the internal Curl_urldecode() function has a better API.
2016-10-08 17:21:38 +08:00
LDAPURLDesc **ludpp)
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
{
Make usage of calloc()'s arguments consistent with rest of code base
2009-11-18 18:33:54 +08:00
LDAPURLDesc *ludp = calloc(1, sizeof(*ludp));
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
int rc;
*ludpp = NULL;
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(!ludp)
checksrc: find bad indentation in conditions without open brace If the previous line starts with if/while/for AND ends with a closed parenthesis and there's an equal number of open and closed parentheses on that line, verify that this line is indented $indent more steps, if not a cpp line. Also adjust the fall-out from this fix. Closes #11054
2023-04-29 00:07:33 +08:00
return LDAP_NO_MEMORY;
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
lib: remove conn->data uses Closes #6515
2021-01-25 01:57:02 +08:00
rc = _ldap_url_parse2(data, conn, ludp);
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(rc != LDAP_SUCCESS) {
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
_ldap_free_urldesc(ludp);
ludp = NULL;
}
*ludpp = ludp;
return (rc);
}
escape: avoid using curl_easy_unescape() internally Since the internal Curl_urldecode() function has a better API.
2016-10-08 17:21:38 +08:00
static void _ldap_free_urldesc(LDAPURLDesc *ludp)
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
{
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(!ludp)
source cleanup: unify look, style and indent levels By the use of a the new lib/checksrc.pl script that checks that our basic source style rules are followed.
2011-04-20 21:17:42 +08:00
return;
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
lib: fix some misuse of curlx_convert_UTF8_to_tchar curlx_convert_UTF8_to_tchar must be freed by curlx_unicodefree, but prior to this change some uses mistakenly called free. I've reviewed all other uses of curlx_convert_UTF8_to_tchar and curlx_convert_tchar_to_UTF8. Bug: https://github.com/curl/curl/pull/6602#issuecomment-825236763 Reported-by: sergio-nsk@users.noreply.github.com Closes https://github.com/curl/curl/pull/6938
2021-04-23 12:21:16 +08:00
#if defined(USE_WIN32_LDAP)
curlx_unicodefree(ludp->lud_dn);
curlx_unicodefree(ludp->lud_filter);
#else
Bug #149: Deletion of unnecessary checks before calls of the function "free" The function "free" is documented in the way that no action shall occur for a passed null pointer. It is therefore not needed that a function caller repeats a corresponding check. http://stackoverflow.com/questions/18775608/free-a-null-pointer-anyway-or-check-first This issue was fixed by using the software Coccinelle 1.0.0-rc24. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
2015-03-12 00:41:01 +08:00
free(ludp->lud_dn);
free(ludp->lud_filter);
lib: fix some misuse of curlx_convert_UTF8_to_tchar curlx_convert_UTF8_to_tchar must be freed by curlx_unicodefree, but prior to this change some uses mistakenly called free. I've reviewed all other uses of curlx_convert_UTF8_to_tchar and curlx_convert_tchar_to_UTF8. Bug: https://github.com/curl/curl/pull/6602#issuecomment-825236763 Reported-by: sergio-nsk@users.noreply.github.com Closes https://github.com/curl/curl/pull/6938
2021-04-23 12:21:16 +08:00
#endif
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
removed space after if and while before the parenthesis for better source code consistency
2007-11-05 17:45:09 +08:00
if(ludp->lud_attrs) {
lib: reduce variable scopes Fixes Codacy/CppCheck warnings. Closes https://github.com/curl/curl/pull/3872
2019-05-12 03:42:48 +08:00
size_t i;
lib: fix some misuse of curlx_convert_UTF8_to_tchar curlx_convert_UTF8_to_tchar must be freed by curlx_unicodefree, but prior to this change some uses mistakenly called free. I've reviewed all other uses of curlx_convert_UTF8_to_tchar and curlx_convert_tchar_to_UTF8. Bug: https://github.com/curl/curl/pull/6602#issuecomment-825236763 Reported-by: sergio-nsk@users.noreply.github.com Closes https://github.com/curl/curl/pull/6938
2021-04-23 12:21:16 +08:00
for(i = 0; i < ludp->lud_attrs_dups; i++) {
#if defined(USE_WIN32_LDAP)
curlx_unicodefree(ludp->lud_attrs[i]);
#else
ldap: fix the build for systems with ldap_url_parse() Make sure that the custom struct fields are only used by code that doesn't use a struct defintion from the outside. Attempts to fix the problem introduced in 3dc6fc42bfc61b
2013-09-09 06:01:52 +08:00
free(ludp->lud_attrs[i]);
lib: fix some misuse of curlx_convert_UTF8_to_tchar curlx_convert_UTF8_to_tchar must be freed by curlx_unicodefree, but prior to this change some uses mistakenly called free. I've reviewed all other uses of curlx_convert_UTF8_to_tchar and curlx_convert_tchar_to_UTF8. Bug: https://github.com/curl/curl/pull/6602#issuecomment-825236763 Reported-by: sergio-nsk@users.noreply.github.com Closes https://github.com/curl/curl/pull/6938
2021-04-23 12:21:16 +08:00
#endif
}
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
free(ludp->lud_attrs);
}
checksrc: stricter no-space-before-paren enforcement In order to make the code style more uniform everywhere
2016-12-14 06:34:59 +08:00
free(ludp);
Gisle Vanem: Patch for ldap.c under Windows. It works with wldap32.dll as supplied with Win-98/ME/2000/XP, so no extra .dlls are required. I've mostly tested it against Verisign's ldap server. Added code in the case there are to many responses (rc = LDAP_SIZELIMIT_EXCEEDED) and print only those we got. E.g. curl ldap://directory.verisign.net/?cn,display-name,mail,info?subtree?(cn=*Nelson*) will print the first 10 results. My only problem with it is that ldap_search_s() fails with "filter error" when CURLDEBUG is defined ?! Maybe someone can spot the error.
2004-05-03 17:14:12 +08:00
}
Reversed the 'HAVE_LDAP_URL_PARSE' ifdef statement.
2007-08-23 02:05:46 +08:00
#endif /* !HAVE_LDAP_URL_PARSE */
fix ldap related compilation issues
2010-06-01 23:25:03 +08:00
#endif /* !CURL_DISABLE_LDAP && !USE_OPENLDAP */
Reference in New Issue Copy Permalink