Lines Matching +full:- +full:- +full:disable +full:- +full:ldap
21 * SPDX-License-Identifier: curl
33 * compiled is the code from ldap.c.
52 #ifdef USE_WIN32_LDAP /* Use Windows LDAP implementation. */
55 # pragma warning(disable: 4201)
63 # error Your Platform SDK is NOT sufficient for LDAP support! \
64 Update your Platform SDK, or disable LDAP support!
73 # include <ldap.h>
163 * LDAP protocol handler.
167 "ldap", /* scheme */
223 static int ldap_win_bind_auth(LDAP *server, const char *user, in ldap_win_bind_auth()
270 static int ldap_win_bind(struct Curl_easy *data, LDAP *server, in ldap_win_bind()
278 if(user && passwd && (data->set.httpauth & CURLAUTH_BASIC)) { in ldap_win_bind()
289 rc = ldap_win_bind_auth(server, user, passwd, data->set.httpauth); in ldap_win_bind()
308 LDAP *server = NULL; in ldap_do()
313 struct connectdata *conn = data->conn; in ldap_do()
330 infof(data, "LDAP local: LDAP Vendor = %s ; LDAP Version = %d", in ldap_do()
332 infof(data, "LDAP local: %s", data->state.url); in ldap_do()
335 rc = ldap_url_parse(data->state.url, &ludp); in ldap_do()
340 failf(data, "Bad LDAP URL: %s", ldap_err2string(rc)); in ldap_do()
345 /* Get the URL scheme (either ldap or ldaps) */ in ldap_do()
346 if(conn->given->flags & PROTOPT_SSL) in ldap_do()
348 infof(data, "LDAP local: trying to establish %s connection", in ldap_do()
352 host = curlx_convert_UTF8_to_tchar(conn->host.name); in ldap_do()
359 host = conn->host.name; in ldap_do()
362 if(data->state.aptr.user) { in ldap_do()
363 user = conn->user; in ldap_do()
364 passwd = conn->passwd; in ldap_do()
375 /* Win32 LDAP SDK doesn't support insecure mode without CA! */ in ldap_do()
376 server = ldap_sslinit(host, conn->primary.remote_port, 1); in ldap_do()
380 char *ldap_ca = conn->ssl_config.CAfile; in ldap_do()
384 failf(data, "LDAP local: ldapssl_client_init %s", ldap_err2string(rc)); in ldap_do()
388 if(conn->ssl_config.verifypeer) { in ldap_do()
391 if((data->set.ssl.cert_type) && in ldap_do()
392 (strcasecompare(data->set.ssl.cert_type, "DER"))) in ldap_do()
395 failf(data, "LDAP local: ERROR %s CA cert not set", in ldap_do()
400 infof(data, "LDAP local: using %s CA cert '%s'", in ldap_do()
405 failf(data, "LDAP local: ERROR setting %s CA cert: %s", in ldap_do()
417 failf(data, "LDAP local: ERROR setting cert verify mode: %s", in ldap_do()
422 server = ldapssl_init(host, conn->primary.remote_port, 1); in ldap_do()
424 failf(data, "LDAP local: Cannot connect to %s:%u", in ldap_do()
425 conn->host.dispname, conn->primary.remote_port); in ldap_do()
430 if(conn->ssl_config.verifypeer) { in ldap_do()
432 if((data->set.ssl.cert_type) && in ldap_do()
433 (!strcasecompare(data->set.ssl.cert_type, "PEM"))) { in ldap_do()
434 failf(data, "LDAP local: ERROR OpenLDAP only supports PEM cert-type"); in ldap_do()
439 failf(data, "LDAP local: ERROR PEM CA cert not set"); in ldap_do()
443 infof(data, "LDAP local: using PEM CA cert: %s", ldap_ca); in ldap_do()
446 failf(data, "LDAP local: ERROR setting PEM CA cert: %s", in ldap_do()
458 failf(data, "LDAP local: ERROR setting cert verify mode: %s", in ldap_do()
463 server = ldap_init(host, conn->primary.remote_port); in ldap_do()
465 failf(data, "LDAP local: Cannot connect to %s:%u", in ldap_do()
466 conn->host.dispname, conn->primary.remote_port); in ldap_do()
473 failf(data, "LDAP local: ERROR setting SSL/TLS mode: %s", in ldap_do()
481 failf(data, "LDAP local: ERROR starting SSL/TLS mode: %s", in ldap_do()
491 should check in first place if we can support LDAP SSL/TLS */ in ldap_do()
492 failf(data, "LDAP local: SSL/TLS not supported with this version " in ldap_do()
500 else if(data->set.use_ssl > CURLUSESSL_TRY) { in ldap_do()
501 failf(data, "LDAP local: explicit TLS not supported"); in ldap_do()
506 server = ldap_init(host, conn->primary.remote_port); in ldap_do()
508 failf(data, "LDAP local: Cannot connect to %s:%u", in ldap_do()
509 conn->host.dispname, conn->primary.remote_port); in ldap_do()
531 failf(data, "LDAP local: bind via ldap_win_bind %s", in ldap_do()
534 failf(data, "LDAP local: bind via ldap_simple_bind_s %s", in ldap_do()
542 rc = ldap_search_s(server, ludp->lud_dn, ludp->lud_scope, in ldap_do()
543 ludp->lud_filter, ludp->lud_attrs, 0, &ldapmsg); in ldap_do()
546 failf(data, "LDAP remote: %s", ldap_err2string(rc)); in ldap_do()
666 (strcmp(";binary", attr + (attr_len - 7)) == 0)) { in ldap_do()
668 result = Curl_base64_encode(vals[i]->bv_val, vals[i]->bv_len, in ldap_do()
696 result = Curl_client_write(data, CLIENTWRITE_BODY, vals[i]->bv_val, in ldap_do()
697 vals[i]->bv_len); in ldap_do()
757 Curl_xfer_setup(data, -1, -1, FALSE, -1); in ldap_do()
758 connclose(conn, "LDAP connection always disable reuse"); in ldap_do()
766 static int do_trace = -1; in _ldap_trace()
769 if(do_trace == -1) { in _ldap_trace()
785 * Return scope-value for a scope-string.
799 return (-1); in str2scope()
835 * Break apart the pieces of an LDAP URL.
837 * ldap://<hostname>:<port>/<base_dn>?<attributes>?<scope>?<filter>?<ext>
839 * <hostname> already known from 'conn->host.name'.
840 * <port> already known from 'conn->remote_port'.
841 * extract the rest from 'data->state.path+1'. All fields are optional.
843 * ldap://<hostname>:<port>/?<attributes>?<scope>?<filter>
844 * yields ludp->lud_dn = "".
859 !data->state.up.path || in _ldap_url_parse2()
860 data->state.up.path[0] != '/' || in _ldap_url_parse2()
861 !strncasecompare("LDAP", data->state.up.scheme, 4)) in _ldap_url_parse2()
864 ludp->lud_scope = LDAP_SCOPE_BASE; in _ldap_url_parse2()
865 ludp->lud_port = conn->remote_port; in _ldap_url_parse2()
866 ludp->lud_host = conn->host.name; in _ldap_url_parse2()
869 p = path = strdup(data->state.up.path + 1); in _ldap_url_parse2()
874 if(data->state.up.query) { in _ldap_url_parse2()
875 q = query = strdup(data->state.up.query); in _ldap_url_parse2()
900 ludp->lud_dn = curlx_convert_UTF8_to_tchar(unescaped); in _ldap_url_parse2()
905 if(!ludp->lud_dn) { in _ldap_url_parse2()
911 ludp->lud_dn = unescaped; in _ldap_url_parse2()
937 ludp->lud_attrs = calloc(count + 1, sizeof(TCHAR *)); in _ldap_url_parse2()
939 ludp->lud_attrs = calloc(count + 1, sizeof(char *)); in _ldap_url_parse2()
941 if(!ludp->lud_attrs) { in _ldap_url_parse2()
968 ludp->lud_attrs[i] = curlx_convert_UTF8_to_tchar(unescaped); in _ldap_url_parse2()
973 if(!ludp->lud_attrs[i]) { in _ldap_url_parse2()
981 ludp->lud_attrs[i] = unescaped; in _ldap_url_parse2()
984 ludp->lud_attrs_dups++; in _ldap_url_parse2()
1000 ludp->lud_scope = str2scope(p); in _ldap_url_parse2()
1001 if(ludp->lud_scope == -1) { in _ldap_url_parse2()
1006 LDAP_TRACE(("scope %d\n", ludp->lud_scope)); in _ldap_url_parse2()
1035 ludp->lud_filter = curlx_convert_UTF8_to_tchar(unescaped); in _ldap_url_parse2()
1040 if(!ludp->lud_filter) { in _ldap_url_parse2()
1046 ludp->lud_filter = unescaped; in _ldap_url_parse2()
1090 curlx_unicodefree(ludp->lud_dn); in _ldap_free_urldesc()
1091 curlx_unicodefree(ludp->lud_filter); in _ldap_free_urldesc()
1093 free(ludp->lud_dn); in _ldap_free_urldesc()
1094 free(ludp->lud_filter); in _ldap_free_urldesc()
1097 if(ludp->lud_attrs) { in _ldap_free_urldesc()
1099 for(i = 0; i < ludp->lud_attrs_dups; i++) { in _ldap_free_urldesc()
1101 curlx_unicodefree(ludp->lud_attrs[i]); in _ldap_free_urldesc()
1103 free(ludp->lud_attrs[i]); in _ldap_free_urldesc()
1106 free(ludp->lud_attrs); in _ldap_free_urldesc()