21  * SPDX-License-Identifier: curl
32  * gets compiled is the code from openldap.c, otherwise the code that gets
35  * When USE_OPENLDAP is defined a recent version of the OpenLDAP library
37  * OpenLDAP library versions, USE_OPENLDAP shall not be defined.
278   if(user && passwd && (data->set.httpauth & CURLAUTH_BASIC)) {  in ldap_win_bind()
289     rc = ldap_win_bind_auth(server, user, passwd, data->set.httpauth);  in ldap_win_bind()
313   struct connectdata *conn = data->conn;  in ldap_do()
332   infof(data, "LDAP local: %s", data->state.url);  in ldap_do()
335   rc = ldap_url_parse(data->state.url, &ludp);  in ldap_do()
346   if(conn->given->flags & PROTOPT_SSL)  in ldap_do()
352   host = curlx_convert_UTF8_to_tchar(conn->host.name);  in ldap_do()
359   host = conn->host.name;  in ldap_do()
362   if(data->state.aptr.user) {  in ldap_do()
363     user = conn->user;  in ldap_do()
364     passwd = conn->passwd;  in ldap_do()
376     server = ldap_sslinit(host, conn->primary.remote_port, 1);  in ldap_do()
380     char *ldap_ca = conn->ssl_config.CAfile;  in ldap_do()
388     if(conn->ssl_config.verifypeer) {  in ldap_do()
391       if((data->set.ssl.cert_type) &&  in ldap_do()
392          (strcasecompare(data->set.ssl.cert_type, "DER")))  in ldap_do()
422     server = ldapssl_init(host, conn->primary.remote_port, 1);  in ldap_do()
425             conn->host.dispname, conn->primary.remote_port);  in ldap_do()
430     if(conn->ssl_config.verifypeer) {  in ldap_do()
431       /* OpenLDAP SDK supports BASE64 files. */  in ldap_do()
432       if((data->set.ssl.cert_type) &&  in ldap_do()
433          (!strcasecompare(data->set.ssl.cert_type, "PEM"))) {  in ldap_do()
434         failf(data, "LDAP local: ERROR OpenLDAP only supports PEM cert-type");  in ldap_do()
463     server = ldap_init(host, conn->primary.remote_port);  in ldap_do()
466             conn->host.dispname, conn->primary.remote_port);  in ldap_do()
493             "of the OpenLDAP toolkit\n");  in ldap_do()
500   else if(data->set.use_ssl > CURLUSESSL_TRY) {  in ldap_do()
506     server = ldap_init(host, conn->primary.remote_port);  in ldap_do()
509             conn->host.dispname, conn->primary.remote_port);  in ldap_do()
542   rc = ldap_search_s(server, ludp->lud_dn, ludp->lud_scope,  in ldap_do()
543                      ludp->lud_filter, ludp->lud_attrs, 0, &ldapmsg);  in ldap_do()
563     /* Get the DN and write it to the client */  in ldap_do()
608     /* Get the attributes and write them to the client */  in ldap_do()
666              (strcmp(";binary", attr + (attr_len - 7)) == 0)) {  in ldap_do()
668             result = Curl_base64_encode(vals[i]->bv_val, vals[i]->bv_len,  in ldap_do()
696             result = Curl_client_write(data, CLIENTWRITE_BODY, vals[i]->bv_val,  in ldap_do()
697                                        vals[i]->bv_len);  in ldap_do()
757   Curl_xfer_setup(data, -1, -1, FALSE, -1);  in ldap_do()
766   static int do_trace = -1;  in _ldap_trace()
769   if(do_trace == -1) {  in _ldap_trace()
785  * Return scope-value for a scope-string.
799   return (-1);  in str2scope()
839  * <hostname> already known from 'conn->host.name'.
840  * <port>     already known from 'conn->remote_port'.
841  * extract the rest from 'data->state.path+1'. All fields are optional.
844  * yields ludp->lud_dn = "".
859      !data->state.up.path ||  in _ldap_url_parse2()
860      data->state.up.path[0] != '/' ||  in _ldap_url_parse2()
861      !strncasecompare("LDAP", data->state.up.scheme, 4))  in _ldap_url_parse2()
864   ludp->lud_scope = LDAP_SCOPE_BASE;  in _ldap_url_parse2()
865   ludp->lud_port  = conn->remote_port;  in _ldap_url_parse2()
866   ludp->lud_host  = conn->host.name;  in _ldap_url_parse2()
869   p = path = strdup(data->state.up.path + 1);  in _ldap_url_parse2()
874   if(data->state.up.query) {  in _ldap_url_parse2()
875     q = query = strdup(data->state.up.query);  in _ldap_url_parse2()
900     ludp->lud_dn = curlx_convert_UTF8_to_tchar(unescaped);  in _ldap_url_parse2()
905     if(!ludp->lud_dn) {  in _ldap_url_parse2()
911     ludp->lud_dn = unescaped;  in _ldap_url_parse2()
937     ludp->lud_attrs = calloc(count + 1, sizeof(TCHAR *));  in _ldap_url_parse2()
939     ludp->lud_attrs = calloc(count + 1, sizeof(char *));  in _ldap_url_parse2()
941     if(!ludp->lud_attrs) {  in _ldap_url_parse2()
968       ludp->lud_attrs[i] = curlx_convert_UTF8_to_tchar(unescaped);  in _ldap_url_parse2()
973       if(!ludp->lud_attrs[i]) {  in _ldap_url_parse2()
981       ludp->lud_attrs[i] = unescaped;  in _ldap_url_parse2()
984       ludp->lud_attrs_dups++;  in _ldap_url_parse2()
1000     ludp->lud_scope = str2scope(p);  in _ldap_url_parse2()
1001     if(ludp->lud_scope == -1) {  in _ldap_url_parse2()
1006     LDAP_TRACE(("scope %d\n", ludp->lud_scope));  in _ldap_url_parse2()
1035     ludp->lud_filter = curlx_convert_UTF8_to_tchar(unescaped);  in _ldap_url_parse2()
1040     if(!ludp->lud_filter) {  in _ldap_url_parse2()
1046     ludp->lud_filter = unescaped;  in _ldap_url_parse2()
1090   curlx_unicodefree(ludp->lud_dn);  in _ldap_free_urldesc()
1091   curlx_unicodefree(ludp->lud_filter);  in _ldap_free_urldesc()
1093   free(ludp->lud_dn);  in _ldap_free_urldesc()
1094   free(ludp->lud_filter);  in _ldap_free_urldesc()
1097   if(ludp->lud_attrs) {  in _ldap_free_urldesc()
1099     for(i = 0; i < ludp->lud_attrs_dups; i++) {  in _ldap_free_urldesc()
1101       curlx_unicodefree(ludp->lud_attrs[i]);  in _ldap_free_urldesc()
1103       free(ludp->lud_attrs[i]);  in _ldap_free_urldesc()
1106     free(ludp->lud_attrs);  in _ldap_free_urldesc()