21  * SPDX-License-Identifier: curl
31 #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
37  * gets compiled is the code from openldap.c, otherwise the code that gets
40  * When USE_OPENLDAP is defined a recent version of the OpenLDAP library
42  * OpenLDAP library versions, USE_OPENLDAP shall not be defined.
287   if(user && passwd && (data->set.httpauth & CURLAUTH_BASIC)) {  in ldap_win_bind()
298     rc = (int)ldap_win_bind_auth(server, user, passwd, data->set.httpauth);  in ldap_win_bind()
324   struct connectdata *conn = data->conn;  in ldap_do()
343   infof(data, "LDAP local: %s", data->state.url);  in ldap_do()
346   rc = ldap_url_parse(data->state.url, &ludp);  in ldap_do()
363   host = curlx_convert_UTF8_to_tchar(conn->host.name);  in ldap_do()
370   host = conn->host.name;  in ldap_do()
373   if(data->state.aptr.user) {  in ldap_do()
374     user = conn->user;  in ldap_do()
375     passwd = conn->passwd;  in ldap_do()
387     server = ldap_sslinit(host, (curl_ldap_num_t)conn->primary.remote_port, 1);  in ldap_do()
391     char *ldap_ca = conn->ssl_config.CAfile;  in ldap_do()
399     if(conn->ssl_config.verifypeer) {  in ldap_do()
402       if((data->set.ssl.cert_type) &&  in ldap_do()
403          (strcasecompare(data->set.ssl.cert_type, "DER")))  in ldap_do()
433     server = ldapssl_init(host, conn->primary.remote_port, 1);  in ldap_do()
436             conn->host.dispname, conn->primary.remote_port);  in ldap_do()
441     if(conn->ssl_config.verifypeer) {  in ldap_do()
442       /* OpenLDAP SDK supports BASE64 files. */  in ldap_do()
443       if((data->set.ssl.cert_type) &&  in ldap_do()
444          (!strcasecompare(data->set.ssl.cert_type, "PEM"))) {  in ldap_do()
445         failf(data, "LDAP local: ERROR OpenLDAP only supports PEM cert-type");  in ldap_do()
474     server = ldap_init(host, conn->primary.remote_port);  in ldap_do()
477             conn->host.dispname, conn->primary.remote_port);  in ldap_do()
504             "of the OpenLDAP toolkit\n");  in ldap_do()
511   else if(data->set.use_ssl > CURLUSESSL_TRY) {  in ldap_do()
517     server = ldap_init(host, (curl_ldap_num_t)conn->primary.remote_port);  in ldap_do()
520             conn->host.dispname, conn->primary.remote_port);  in ldap_do()
553   rc = (int)ldap_search_s(server, ludp->lud_dn,  in ldap_do()
554                           (curl_ldap_num_t)ludp->lud_scope,  in ldap_do()
555                           ludp->lud_filter, ludp->lud_attrs, 0, &ldapmsg);  in ldap_do()
575     /* Get the DN and write it to the client */  in ldap_do()
620     /* Get the attributes and write them to the client */  in ldap_do()
678              (strcmp(";binary", attr + (attr_len - 7)) == 0)) {  in ldap_do()
680             result = Curl_base64_encode(vals[i]->bv_val, vals[i]->bv_len,  in ldap_do()
708             result = Curl_client_write(data, CLIENTWRITE_BODY, vals[i]->bv_val,  in ldap_do()
709                                        vals[i]->bv_len);  in ldap_do()
778   static int do_trace = -1;  in _ldap_trace()
781   if(do_trace == -1) {  in _ldap_trace()
797  * Return scope-value for a scope-string.
811   return -1;  in str2scope()
851  * <hostname> already known from 'conn->host.name'.
852  * <port>     already known from 'conn->remote_port'.
853  * extract the rest from 'data->state.path+1'. All fields are optional.
856  * yields ludp->lud_dn = "".
871      !data->state.up.path ||  in _ldap_url_parse2()
872      data->state.up.path[0] != '/' ||  in _ldap_url_parse2()
873      !strncasecompare("LDAP", data->state.up.scheme, 4))  in _ldap_url_parse2()
876   ludp->lud_scope = LDAP_SCOPE_BASE;  in _ldap_url_parse2()
877   ludp->lud_port  = conn->remote_port;  in _ldap_url_parse2()
878   ludp->lud_host  = conn->host.name;  in _ldap_url_parse2()
881   p = path = strdup(data->state.up.path + 1);  in _ldap_url_parse2()
886   if(data->state.up.query) {  in _ldap_url_parse2()
887     q = query = strdup(data->state.up.query);  in _ldap_url_parse2()
912     ludp->lud_dn = curlx_convert_UTF8_to_tchar(unescaped);  in _ldap_url_parse2()
917     if(!ludp->lud_dn) {  in _ldap_url_parse2()
923     ludp->lud_dn = unescaped;  in _ldap_url_parse2()
949     ludp->lud_attrs = calloc(count + 1, sizeof(TCHAR *));  in _ldap_url_parse2()
951     ludp->lud_attrs = calloc(count + 1, sizeof(char *));  in _ldap_url_parse2()
953     if(!ludp->lud_attrs) {  in _ldap_url_parse2()
980       ludp->lud_attrs[i] = curlx_convert_UTF8_to_tchar(unescaped);  in _ldap_url_parse2()
985       if(!ludp->lud_attrs[i]) {  in _ldap_url_parse2()
993       ludp->lud_attrs[i] = unescaped;  in _ldap_url_parse2()
996       ludp->lud_attrs_dups++;  in _ldap_url_parse2()
1012     ludp->lud_scope = str2scope(p);  in _ldap_url_parse2()
1013     if(ludp->lud_scope == -1) {  in _ldap_url_parse2()
1018     LDAP_TRACE(("scope %d\n", ludp->lud_scope));  in _ldap_url_parse2()
1047     ludp->lud_filter = curlx_convert_UTF8_to_tchar(unescaped);  in _ldap_url_parse2()
1052     if(!ludp->lud_filter) {  in _ldap_url_parse2()
1058     ludp->lud_filter = unescaped;  in _ldap_url_parse2()
1102   curlx_unicodefree(ludp->lud_dn);  in _ldap_free_urldesc()
1103   curlx_unicodefree(ludp->lud_filter);  in _ldap_free_urldesc()
1105   free(ludp->lud_dn);  in _ldap_free_urldesc()
1106   free(ludp->lud_filter);  in _ldap_free_urldesc()
1109   if(ludp->lud_attrs) {  in _ldap_free_urldesc()
1111     for(i = 0; i < ludp->lud_attrs_dups; i++) {  in _ldap_free_urldesc()
1113       curlx_unicodefree(ludp->lud_attrs[i]);  in _ldap_free_urldesc()
1115       free(ludp->lud_attrs[i]);  in _ldap_free_urldesc()
1118     free(ludp->lud_attrs);  in _ldap_free_urldesc()