Lines Matching +full:- +full:- +full:enable +full:- +full:ldaps
22 * SPDX-License-Identifier: curl
60 * Uncommenting this will enable the built-in debug logging of the openldap
145 * LDAPS protocol handler.
149 "ldaps", /* scheme */
188 struct SASL sasl; /* SASL-related parameters */
210 struct ldapconninfo *ldapc = data->conn->proto.ldapc; in oldap_state()
226 if(ldapc->state != newstate) in oldap_state()
228 (void *)ldapc, names[ldapc->state], names[newstate]); in oldap_state()
231 ldapc->state = newstate; in oldap_state()
273 if(!data->state.up.user && !data->state.up.password && in oldap_url_parse()
274 !data->state.up.options) in oldap_url_parse()
275 rc = ldap_url_parse(data->state.url, ludp); in oldap_url_parse()
280 rc -= LDAP_URL_SUCCESS; in oldap_url_parse()
292 struct ldapconninfo *li = conn->proto.ldapc; in oldap_parse_login_options()
293 const char *ptr = conn->options; in oldap_parse_login_options()
308 result = Curl_sasl_parse_url_auth_option(&li->sasl, value, ptr - value); in oldap_parse_login_options()
338 struct berval *servercred = data->conn->proto.ldapc->servercred; in oldap_get_message()
340 if(!servercred || !servercred->bv_val) in oldap_get_message()
342 Curl_bufref_set(out, servercred->bv_val, servercred->bv_len, NULL); in oldap_get_message()
352 struct connectdata *conn = data->conn; in oldap_perform_auth()
353 struct ldapconninfo *li = conn->proto.ldapc; in oldap_perform_auth()
363 rc = ldap_sasl_bind(li->ld, NULL, mech, pcred, NULL, NULL, &li->msgid); in oldap_perform_auth()
375 struct connectdata *conn = data->conn; in oldap_continue_auth()
376 struct ldapconninfo *li = conn->proto.ldapc; in oldap_continue_auth()
386 rc = ldap_sasl_bind(li->ld, NULL, mech, pcred, NULL, NULL, &li->msgid); in oldap_continue_auth()
397 struct ldapconninfo *li = data->conn->proto.ldapc; in oldap_cancel_auth()
399 int rc = ldap_sasl_bind(li->ld, NULL, LDAP_SASL_NULL, NULL, NULL, NULL, in oldap_cancel_auth()
400 &li->msgid); in oldap_cancel_auth()
412 struct connectdata *conn = data->conn; in oldap_perform_bind()
413 struct ldapconninfo *li = conn->proto.ldapc; in oldap_perform_bind()
421 if(data->state.aptr.user) { in oldap_perform_bind()
422 binddn = conn->user; in oldap_perform_bind()
423 passwd.bv_val = conn->passwd; in oldap_perform_bind()
427 rc = ldap_sasl_bind(li->ld, binddn, LDAP_SASL_SIMPLE, &passwd, in oldap_perform_bind()
428 NULL, NULL, &li->msgid); in oldap_perform_bind()
433 data->state.aptr.user? in oldap_perform_bind()
442 struct ldapconninfo *li = data->conn->proto.ldapc; in oldap_perform_mechs()
449 rc = ldap_search_ext(li->ld, "", LDAP_SCOPE_BASE, "(objectclass=*)", in oldap_perform_mechs()
451 NULL, NULL, NULL, 0, &li->msgid); in oldap_perform_mechs()
463 struct ldapconninfo *li = data->conn->proto.ldapc; in oldap_perform_sasl()
464 CURLcode result = Curl_sasl_start(&li->sasl, data, TRUE, &progress); in oldap_perform_sasl()
477 return conn->proto.ldapc->recv != NULL; in ssl_installed()
483 struct connectdata *conn = data->conn; in oldap_ssl_connect()
484 struct ldapconninfo *li = conn->proto.ldapc; in oldap_ssl_connect()
495 ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb); in oldap_ssl_connect()
497 li->recv = conn->recv[FIRSTSOCKET]; in oldap_ssl_connect()
498 li->send = conn->send[FIRSTSOCKET]; in oldap_ssl_connect()
509 struct ldapconninfo *li = data->conn->proto.ldapc; in oldap_perform_starttls()
510 int rc = ldap_start_tls(li->ld, NULL, NULL, &li->msgid); in oldap_perform_starttls()
522 struct connectdata *conn = data->conn; in oldap_connect()
528 static int do_trace = -1; in oldap_connect()
533 DEBUGASSERT(!conn->proto.ldapc); in oldap_connect()
539 li->proto = ldap_pvt_url_scheme2proto(data->state.up.scheme); in oldap_connect()
540 conn->proto.ldapc = li; in oldap_connect()
543 Curl_sasl_init(&li->sasl, data, &saslldap); in oldap_connect()
546 conn->bits.tls_upgraded = FALSE; in oldap_connect()
554 conn->handler->scheme, in oldap_connect()
555 conn->bits.ipv6_ip? "[": "", in oldap_connect()
556 conn->host.name, in oldap_connect()
557 conn->bits.ipv6_ip? "]": "", in oldap_connect()
558 conn->remote_port); in oldap_connect()
562 rc = ldap_init_fd(conn->sock[FIRSTSOCKET], li->proto, hosturl, &li->ld); in oldap_connect()
578 ldap_set_option(li->ld, LDAP_OPT_DEBUG_LEVEL, &do_trace); in oldap_connect()
582 ldap_set_option(li->ld, LDAP_OPT_PROTOCOL_VERSION, &version); in oldap_connect()
585 ldap_set_option(li->ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); in oldap_connect()
588 if(conn->handler->flags & PROTOPT_SSL) in oldap_connect()
591 if(data->set.use_ssl) { in oldap_connect()
594 if(!result || data->set.use_ssl != CURLUSESSL_TRY) in oldap_connect()
599 if(li->sasl.prefmech != SASL_AUTH_NONE) in oldap_connect()
611 struct connectdata *conn = data->conn; in oldap_state_mechs_resp()
612 struct ldapconninfo *li = conn->proto.ldapc; in oldap_state_mechs_resp()
624 rc = ldap_get_dn_ber(li->ld, msg, &ber, &bv); in oldap_state_mechs_resp()
627 for(rc = ldap_get_attribute_ber(li->ld, msg, ber, &bv, &bvals); in oldap_state_mechs_resp()
629 rc = ldap_get_attribute_ber(li->ld, msg, ber, &bv, &bvals)) { in oldap_state_mechs_resp()
641 li->sasl.authmechs |= mech; in oldap_state_mechs_resp()
656 if(Curl_sasl_can_authenticate(&li->sasl, data)) in oldap_state_mechs_resp()
676 struct connectdata *conn = data->conn; in oldap_state_sasl_resp()
677 struct ldapconninfo *li = conn->proto.ldapc; in oldap_state_sasl_resp()
682 li->servercred = NULL; in oldap_state_sasl_resp()
683 rc = ldap_parse_sasl_bind_result(li->ld, msg, &li->servercred, 0); in oldap_state_sasl_resp()
689 result = Curl_sasl_continue(&li->sasl, data, code, &progress); in oldap_state_sasl_resp()
694 if(li->servercred) in oldap_state_sasl_resp()
695 ber_bvfree(li->servercred); in oldap_state_sasl_resp()
703 struct connectdata *conn = data->conn; in oldap_state_bind_resp()
704 struct ldapconninfo *li = conn->proto.ldapc; in oldap_state_bind_resp()
712 rc = ldap_parse_sasl_bind_result(li->ld, msg, &bv, 0); in oldap_state_bind_resp()
729 struct connectdata *conn = data->conn; in oldap_connecting()
730 struct ldapconninfo *li = conn->proto.ldapc; in oldap_connecting()
736 if(li->state != OLDAP_SSL && li->state != OLDAP_TLS) { in oldap_connecting()
738 rc = ldap_result(li->ld, li->msgid, LDAP_MSG_ONE, &tv, &msg); in oldap_connecting()
746 li->msgid = 0; /* Nothing to abandon upon error. */ in oldap_connecting()
756 rc = ldap_parse_result(li->ld, msg, &code, NULL, NULL, NULL, NULL, 0); in oldap_connecting()
761 data->info.httpcode = code; in oldap_connecting()
765 if(code == LDAP_PROTOCOL_ERROR && li->state != OLDAP_BINDV2 && in oldap_connecting()
767 (ssl_installed(conn) || data->set.use_ssl <= CURLUSESSL_TRY) && in oldap_connecting()
769 li->sasl.prefmech == SASL_AUTH_NONE) { in oldap_connecting()
772 ldap_set_option(li->ld, LDAP_OPT_PROTOCOL_VERSION, &version); in oldap_connecting()
779 switch(li->state) { in oldap_connecting()
785 if(li->sasl.prefmech != SASL_AUTH_NONE) in oldap_connecting()
793 if(data->set.use_ssl != CURLUSESSL_TRY) in oldap_connecting()
795 else if(li->sasl.prefmech != SASL_AUTH_NONE) in oldap_connecting()
810 conn->bits.tls_upgraded = TRUE; in oldap_connecting()
811 if(li->sasl.prefmech != SASL_AUTH_NONE) in oldap_connecting()
813 else if(data->state.aptr.user) in oldap_connecting()
842 *done = li->state == OLDAP_STOP; in oldap_connecting()
844 conn->recv[FIRSTSOCKET] = oldap_recv; in oldap_connecting()
846 if(result && li->msgid) { in oldap_connecting()
847 ldap_abandon_ext(li->ld, li->msgid, NULL, NULL); in oldap_connecting()
848 li->msgid = 0; in oldap_connecting()
857 struct ldapconninfo *li = conn->proto.ldapc; in oldap_disconnect()
864 if(li->ld) { in oldap_disconnect()
868 ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb); in oldap_disconnect()
872 ldap_unbind_ext(li->ld, NULL, NULL); in oldap_disconnect()
873 li->ld = NULL; in oldap_disconnect()
875 Curl_sasl_cleanup(conn, li->sasl.authused); in oldap_disconnect()
876 conn->proto.ldapc = NULL; in oldap_disconnect()
884 struct connectdata *conn = data->conn; in oldap_do()
885 struct ldapconninfo *li = conn->proto.ldapc; in oldap_do()
894 infof(data, "LDAP local: %s", data->state.url); in oldap_do()
901 /* re-install the libcurl SSL handlers into the sockbuf. */ in oldap_do()
902 ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb); in oldap_do()
907 rc = ldap_search_ext(li->ld, lud->lud_dn, lud->lud_scope, in oldap_do()
908 lud->lud_filter, lud->lud_attrs, 0, in oldap_do()
918 ldap_abandon_ext(li->ld, msgid, NULL, NULL); in oldap_do()
922 lr->msgid = msgid; in oldap_do()
923 data->req.p.ldap = lr; in oldap_do()
924 Curl_xfer_setup(data, FIRSTSOCKET, -1, FALSE, -1); in oldap_do()
935 struct connectdata *conn = data->conn; in oldap_done()
936 struct ldapreqinfo *lr = data->req.p.ldap; in oldap_done()
943 if(lr->msgid) { in oldap_done()
944 struct ldapconninfo *li = conn->proto.ldapc; in oldap_done()
945 ldap_abandon_ext(li->ld, lr->msgid, NULL, NULL); in oldap_done()
946 lr->msgid = 0; in oldap_done()
948 data->req.p.ldap = NULL; in oldap_done()
963 /* If we have a zero-length value and the prefix ends with a space in client_write()
965 if(!len && plen && prefix[plen - 1] == ' ') in client_write()
966 plen--; in client_write()
981 struct connectdata *conn = data->conn; in oldap_recv()
982 struct ldapconninfo *li = conn->proto.ldapc; in oldap_recv()
983 struct ldapreqinfo *lr = data->req.p.ldap; in oldap_recv()
998 rc = ldap_result(li->ld, lr->msgid, LDAP_MSG_ONE, &tv, &msg); in oldap_recv()
1008 return -1; in oldap_recv()
1014 lr->msgid = 0; in oldap_recv()
1015 rc = ldap_parse_result(li->ld, msg, &code, NULL, &info, NULL, NULL, 0); in oldap_recv()
1024 data->info.httpcode = code; in oldap_recv()
1028 infof(data, "There are more than %d entries", lr->nument); in oldap_recv()
1031 data->req.size = data->req.bytecount; in oldap_recv()
1043 lr->nument++; in oldap_recv()
1044 rc = ldap_get_dn_ber(li->ld, msg, &ber, &bv); in oldap_recv()
1055 for(rc = ldap_get_attribute_ber(li->ld, msg, ber, &bv, &bvals); in oldap_recv()
1057 rc = ldap_get_attribute_ber(li->ld, msg, ber, &bv, &bvals)) { in oldap_recv()
1072 !strncmp(bv.bv_val + bv.bv_len - 7, ";binary", 7); in oldap_recv()
1085 ISBLANK(bvals[i].bv_val[bvals[i].bv_len - 1])) in oldap_recv()
1137 return result? -1: 0; in oldap_recv()
1144 sbiod->sbiod_pvt = arg; in ldapsb_tls_setup()
1151 sbiod->sbiod_pvt = NULL; in ldapsb_tls_remove()
1168 struct Curl_easy *data = sbiod->sbiod_pvt; in ldapsb_tls_ctrl()
1177 struct Curl_easy *data = sbiod->sbiod_pvt; in ldapsb_tls_read()
1180 struct connectdata *conn = data->conn; in ldapsb_tls_read()
1182 struct ldapconninfo *li = conn->proto.ldapc; in ldapsb_tls_read()
1185 ret = (li->recv)(data, FIRSTSOCKET, buf, len, &err); in ldapsb_tls_read()
1197 struct Curl_easy *data = sbiod->sbiod_pvt; in ldapsb_tls_write()
1200 struct connectdata *conn = data->conn; in ldapsb_tls_write()
1202 struct ldapconninfo *li = conn->proto.ldapc; in ldapsb_tls_write()
1204 ret = (li->send)(data, FIRSTSOCKET, buf, len, &err); in ldapsb_tls_write()