Lines Matching +full:- +full:- +full:enable +full:- +full:ldaps
22 * SPDX-License-Identifier: curl
60 * Uncommenting this will enable the built-in debug logging of the openldap
146 * LDAPS protocol handler.
150 "ldaps", /* scheme */
190 struct SASL sasl; /* SASL-related parameters */
212 struct ldapconninfo *ldapc = data->conn->proto.ldapc; in oldap_state()
228 if(ldapc->state != newstate) in oldap_state()
230 (void *)ldapc, names[ldapc->state], names[newstate]); in oldap_state()
233 ldapc->state = newstate; in oldap_state()
271 if(!data->state.up.user && !data->state.up.password && in oldap_url_parse()
272 !data->state.up.options) in oldap_url_parse()
273 rc = ldap_url_parse(data->state.url, ludp); in oldap_url_parse()
279 rc -= LDAP_URL_SUCCESS; in oldap_url_parse()
291 struct ldapconninfo *li = conn->proto.ldapc; in oldap_parse_login_options()
292 const char *ptr = conn->options; in oldap_parse_login_options()
307 result = Curl_sasl_parse_url_auth_option(&li->sasl, value, ptr - value); in oldap_parse_login_options()
337 struct berval *servercred = data->conn->proto.ldapc->servercred; in oldap_get_message()
339 if(!servercred || !servercred->bv_val) in oldap_get_message()
341 Curl_bufref_set(out, servercred->bv_val, servercred->bv_len, NULL); in oldap_get_message()
351 struct connectdata *conn = data->conn; in oldap_perform_auth()
352 struct ldapconninfo *li = conn->proto.ldapc; in oldap_perform_auth()
361 rc = ldap_sasl_bind(li->ld, NULL, mech, pcred, NULL, NULL, &li->msgid); in oldap_perform_auth()
373 struct connectdata *conn = data->conn; in oldap_continue_auth()
374 struct ldapconninfo *li = conn->proto.ldapc; in oldap_continue_auth()
383 rc = ldap_sasl_bind(li->ld, NULL, mech, pcred, NULL, NULL, &li->msgid); in oldap_continue_auth()
394 struct ldapconninfo *li = data->conn->proto.ldapc; in oldap_cancel_auth()
395 int rc = ldap_sasl_bind(li->ld, NULL, LDAP_SASL_NULL, NULL, NULL, NULL, in oldap_cancel_auth()
396 &li->msgid); in oldap_cancel_auth()
407 struct connectdata *conn = data->conn; in oldap_perform_bind()
408 struct ldapconninfo *li = conn->proto.ldapc; in oldap_perform_bind()
416 if(data->state.aptr.user) { in oldap_perform_bind()
417 binddn = conn->user; in oldap_perform_bind()
418 passwd.bv_val = conn->passwd; in oldap_perform_bind()
422 rc = ldap_sasl_bind(li->ld, binddn, LDAP_SASL_SIMPLE, &passwd, in oldap_perform_bind()
423 NULL, NULL, &li->msgid); in oldap_perform_bind()
426 data->state.aptr.user ? in oldap_perform_bind()
435 struct ldapconninfo *li = data->conn->proto.ldapc; in oldap_perform_mechs()
442 rc = ldap_search_ext(li->ld, "", LDAP_SCOPE_BASE, "(objectclass=*)", in oldap_perform_mechs()
444 NULL, NULL, NULL, 0, &li->msgid); in oldap_perform_mechs()
455 struct ldapconninfo *li = data->conn->proto.ldapc; in oldap_perform_sasl()
456 CURLcode result = Curl_sasl_start(&li->sasl, data, TRUE, &progress); in oldap_perform_sasl()
469 return conn->proto.ldapc->recv != NULL; in ssl_installed()
474 struct connectdata *conn = data->conn; in oldap_ssl_connect()
475 struct ldapconninfo *li = conn->proto.ldapc; in oldap_ssl_connect()
485 ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb); in oldap_ssl_connect()
487 li->recv = conn->recv[FIRSTSOCKET]; in oldap_ssl_connect()
488 li->send = conn->send[FIRSTSOCKET]; in oldap_ssl_connect()
498 struct ldapconninfo *li = data->conn->proto.ldapc; in oldap_perform_starttls()
499 int rc = ldap_start_tls(li->ld, NULL, NULL, &li->msgid); in oldap_perform_starttls()
510 struct connectdata *conn = data->conn; in oldap_connect()
516 static int do_trace = -1; in oldap_connect()
521 DEBUGASSERT(!conn->proto.ldapc); in oldap_connect()
527 li->proto = ldap_pvt_url_scheme2proto(data->state.up.scheme); in oldap_connect()
528 conn->proto.ldapc = li; in oldap_connect()
531 Curl_sasl_init(&li->sasl, data, &saslldap); in oldap_connect()
534 conn->bits.tls_upgraded = FALSE; in oldap_connect()
542 conn->handler->scheme, in oldap_connect()
543 conn->bits.ipv6_ip ? "[" : "", in oldap_connect()
544 conn->host.name, in oldap_connect()
545 conn->bits.ipv6_ip ? "]" : "", in oldap_connect()
546 conn->remote_port); in oldap_connect()
550 rc = ldap_init_fd(conn->sock[FIRSTSOCKET], li->proto, hosturl, &li->ld); in oldap_connect()
566 ldap_set_option(li->ld, LDAP_OPT_DEBUG_LEVEL, &do_trace); in oldap_connect()
570 ldap_set_option(li->ld, LDAP_OPT_PROTOCOL_VERSION, &version); in oldap_connect()
573 ldap_set_option(li->ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); in oldap_connect()
579 if(data->set.use_ssl) { in oldap_connect()
582 if(!result || data->set.use_ssl != CURLUSESSL_TRY) in oldap_connect()
587 if(li->sasl.prefmech != SASL_AUTH_NONE) in oldap_connect()
599 struct connectdata *conn = data->conn; in oldap_state_mechs_resp()
600 struct ldapconninfo *li = conn->proto.ldapc; in oldap_state_mechs_resp()
612 rc = ldap_get_dn_ber(li->ld, msg, &ber, &bv); in oldap_state_mechs_resp()
615 for(rc = ldap_get_attribute_ber(li->ld, msg, ber, &bv, &bvals); in oldap_state_mechs_resp()
617 rc = ldap_get_attribute_ber(li->ld, msg, ber, &bv, &bvals)) { in oldap_state_mechs_resp()
629 li->sasl.authmechs |= mech; in oldap_state_mechs_resp()
644 if(Curl_sasl_can_authenticate(&li->sasl, data)) in oldap_state_mechs_resp()
664 struct connectdata *conn = data->conn; in oldap_state_sasl_resp()
665 struct ldapconninfo *li = conn->proto.ldapc; in oldap_state_sasl_resp()
670 li->servercred = NULL; in oldap_state_sasl_resp()
671 rc = ldap_parse_sasl_bind_result(li->ld, msg, &li->servercred, 0); in oldap_state_sasl_resp()
677 result = Curl_sasl_continue(&li->sasl, data, code, &progress); in oldap_state_sasl_resp()
682 if(li->servercred) in oldap_state_sasl_resp()
683 ber_bvfree(li->servercred); in oldap_state_sasl_resp()
691 struct connectdata *conn = data->conn; in oldap_state_bind_resp()
692 struct ldapconninfo *li = conn->proto.ldapc; in oldap_state_bind_resp()
700 rc = ldap_parse_sasl_bind_result(li->ld, msg, &bv, 0); in oldap_state_bind_resp()
717 struct connectdata *conn = data->conn; in oldap_connecting()
718 struct ldapconninfo *li = conn->proto.ldapc; in oldap_connecting()
724 if(li->state != OLDAP_SSL && li->state != OLDAP_TLS) { in oldap_connecting()
726 rc = ldap_result(li->ld, li->msgid, LDAP_MSG_ONE, &tv, &msg); in oldap_connecting()
734 li->msgid = 0; /* Nothing to abandon upon error. */ in oldap_connecting()
744 rc = ldap_parse_result(li->ld, msg, &code, NULL, NULL, NULL, NULL, 0); in oldap_connecting()
749 data->info.httpcode = code; in oldap_connecting()
753 if(code == LDAP_PROTOCOL_ERROR && li->state != OLDAP_BINDV2 && in oldap_connecting()
755 (ssl_installed(conn) || data->set.use_ssl <= CURLUSESSL_TRY) && in oldap_connecting()
757 li->sasl.prefmech == SASL_AUTH_NONE) { in oldap_connecting()
760 ldap_set_option(li->ld, LDAP_OPT_PROTOCOL_VERSION, &version); in oldap_connecting()
767 switch(li->state) { in oldap_connecting()
773 if(li->sasl.prefmech != SASL_AUTH_NONE) in oldap_connecting()
781 if(data->set.use_ssl != CURLUSESSL_TRY) in oldap_connecting()
783 else if(li->sasl.prefmech != SASL_AUTH_NONE) in oldap_connecting()
798 conn->bits.tls_upgraded = TRUE; in oldap_connecting()
799 if(li->sasl.prefmech != SASL_AUTH_NONE) in oldap_connecting()
801 else if(data->state.aptr.user) in oldap_connecting()
830 *done = li->state == OLDAP_STOP; in oldap_connecting()
832 conn->recv[FIRSTSOCKET] = oldap_recv; in oldap_connecting()
834 if(result && li->msgid) { in oldap_connecting()
835 ldap_abandon_ext(li->ld, li->msgid, NULL, NULL); in oldap_connecting()
836 li->msgid = 0; in oldap_connecting()
845 struct ldapconninfo *li = conn->proto.ldapc; in oldap_disconnect()
852 if(li->ld) { in oldap_disconnect()
856 ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb); in oldap_disconnect()
860 ldap_unbind_ext(li->ld, NULL, NULL); in oldap_disconnect()
861 li->ld = NULL; in oldap_disconnect()
863 Curl_sasl_cleanup(conn, li->sasl.authused); in oldap_disconnect()
864 conn->proto.ldapc = NULL; in oldap_disconnect()
872 struct connectdata *conn = data->conn; in oldap_do()
873 struct ldapconninfo *li = conn->proto.ldapc; in oldap_do()
882 infof(data, "LDAP local: %s", data->state.url); in oldap_do()
889 /* re-install the libcurl SSL handlers into the sockbuf. */ in oldap_do()
890 ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb); in oldap_do()
895 rc = ldap_search_ext(li->ld, lud->lud_dn, lud->lud_scope, in oldap_do()
896 lud->lud_filter, lud->lud_attrs, 0, in oldap_do()
906 ldap_abandon_ext(li->ld, msgid, NULL, NULL); in oldap_do()
910 lr->msgid = msgid; in oldap_do()
911 data->req.p.ldap = lr; in oldap_do()
912 Curl_xfer_setup1(data, CURL_XFER_RECV, -1, FALSE); in oldap_do()
923 struct connectdata *conn = data->conn; in oldap_done()
924 struct ldapreqinfo *lr = data->req.p.ldap; in oldap_done()
931 if(lr->msgid) { in oldap_done()
932 struct ldapconninfo *li = conn->proto.ldapc; in oldap_done()
933 ldap_abandon_ext(li->ld, lr->msgid, NULL, NULL); in oldap_done()
934 lr->msgid = 0; in oldap_done()
936 data->req.p.ldap = NULL; in oldap_done()
951 /* If we have a zero-length value and the prefix ends with a space in client_write()
953 if(!len && plen && prefix[plen - 1] == ' ') in client_write()
954 plen--; in client_write()
969 struct connectdata *conn = data->conn; in oldap_recv()
970 struct ldapconninfo *li = conn->proto.ldapc; in oldap_recv()
971 struct ldapreqinfo *lr = data->req.p.ldap; in oldap_recv()
986 rc = ldap_result(li->ld, lr->msgid, LDAP_MSG_ONE, &tv, &msg); in oldap_recv()
996 return -1; in oldap_recv()
1002 lr->msgid = 0; in oldap_recv()
1003 rc = ldap_parse_result(li->ld, msg, &code, NULL, &info, NULL, NULL, 0); in oldap_recv()
1012 data->info.httpcode = code; in oldap_recv()
1016 infof(data, "There are more than %d entries", lr->nument); in oldap_recv()
1019 data->req.size = data->req.bytecount; in oldap_recv()
1031 lr->nument++; in oldap_recv()
1032 rc = ldap_get_dn_ber(li->ld, msg, &ber, &bv); in oldap_recv()
1043 for(rc = ldap_get_attribute_ber(li->ld, msg, ber, &bv, &bvals); in oldap_recv()
1045 rc = ldap_get_attribute_ber(li->ld, msg, ber, &bv, &bvals)) { in oldap_recv()
1060 !strncmp(bv.bv_val + bv.bv_len - 7, ";binary", 7); in oldap_recv()
1073 ISBLANK(bvals[i].bv_val[bvals[i].bv_len - 1])) in oldap_recv()
1125 return result ? -1 : 0; in oldap_recv()
1132 sbiod->sbiod_pvt = arg; in ldapsb_tls_setup()
1139 sbiod->sbiod_pvt = NULL; in ldapsb_tls_remove()
1156 struct Curl_easy *data = sbiod->sbiod_pvt; in ldapsb_tls_ctrl()
1165 struct Curl_easy *data = sbiod->sbiod_pvt; in ldapsb_tls_read()
1168 struct connectdata *conn = data->conn; in ldapsb_tls_read()
1170 struct ldapconninfo *li = conn->proto.ldapc; in ldapsb_tls_read()
1173 ret = (li->recv)(data, FIRSTSOCKET, buf, len, &err); in ldapsb_tls_read()
1185 struct Curl_easy *data = sbiod->sbiod_pvt; in ldapsb_tls_write()
1188 struct connectdata *conn = data->conn; in ldapsb_tls_write()
1190 struct ldapconninfo *li = conn->proto.ldapc; in ldapsb_tls_write()
1192 ret = (li->send)(data, FIRSTSOCKET, buf, len, FALSE, &err); in ldapsb_tls_write()