diff options
| author | deshevoy <deshevoy@yandex-team.ru> | 2022-02-10 16:46:57 +0300 |
|---|---|---|
| committer | Daniil Cherednik <dcherednik@yandex-team.ru> | 2022-02-10 16:46:57 +0300 |
| commit | 28148f76dbfcc644d96427d41c92f36cbf2fdc6e (patch) | |
| tree | b83306b6e37edeea782e9eed673d89286c4fef35 /contrib/libs/curl/lib/ldap.c | |
| parent | e988f30484abe5fdeedcc7a5d3c226c01a21800c (diff) | |
| download | ydb-28148f76dbfcc644d96427d41c92f36cbf2fdc6e.tar.gz | |
Restoring authorship annotation for <deshevoy@yandex-team.ru>. Commit 2 of 2.
Diffstat (limited to 'contrib/libs/curl/lib/ldap.c')
| -rw-r--r-- | contrib/libs/curl/lib/ldap.c | 1052 |
1 files changed, 526 insertions, 526 deletions
diff --git a/contrib/libs/curl/lib/ldap.c b/contrib/libs/curl/lib/ldap.c index 2654eef462b..ab607042252 100644 --- a/contrib/libs/curl/lib/ldap.c +++ b/contrib/libs/curl/lib/ldap.c @@ -35,7 +35,7 @@ * OpenLDAP library versions, USE_OPENLDAP shall not be defined. */ -#ifdef USE_WIN32_LDAP /* Use Windows LDAP implementation. */ +#ifdef USE_WIN32_LDAP /* Use Windows LDAP implementation. */ # include <winldap.h> # ifndef LDAP_VENDOR_NAME # error Your Platform SDK is NOT sufficient for LDAP support! \ @@ -60,14 +60,14 @@ #include "escape.h" #include "progress.h" #include "transfer.h" -#include "strcase.h" +#include "strcase.h" #include "strtok.h" #include "curl_ldap.h" -#include "curl_multibyte.h" -#include "curl_base64.h" -#include "connect.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +#include "curl_multibyte.h" +#include "curl_base64.h" +#include "connect.h" +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" #include "memdebug.h" @@ -78,19 +78,19 @@ struct ldap_urldesc { char *lud_host; int lud_port; -#if defined(USE_WIN32_LDAP) - TCHAR *lud_dn; - TCHAR **lud_attrs; -#else +#if defined(USE_WIN32_LDAP) + TCHAR *lud_dn; + TCHAR **lud_attrs; +#else char *lud_dn; char **lud_attrs; -#endif +#endif int lud_scope; -#if defined(USE_WIN32_LDAP) - TCHAR *lud_filter; -#else +#if defined(USE_WIN32_LDAP) + TCHAR *lud_filter; +#else char *lud_filter; -#endif +#endif char **lud_exts; size_t lud_attrs_dups; /* how many were dup'ed, this field is not in the "real" struct so can only be used in code @@ -100,9 +100,9 @@ struct ldap_urldesc { #undef LDAPURLDesc #define LDAPURLDesc struct ldap_urldesc -static int _ldap_url_parse(const struct connectdata *conn, - LDAPURLDesc **ludp); -static void _ldap_free_urldesc(LDAPURLDesc *ludp); +static int _ldap_url_parse(const struct connectdata *conn, + LDAPURLDesc **ludp); +static void _ldap_free_urldesc(LDAPURLDesc *ludp); #undef ldap_free_urldesc #define ldap_free_urldesc _ldap_free_urldesc @@ -110,11 +110,11 @@ static void _ldap_free_urldesc(LDAPURLDesc *ludp); #ifdef DEBUG_LDAP #define LDAP_TRACE(x) do { \ - _ldap_trace("%u: ", __LINE__); \ + _ldap_trace("%u: ", __LINE__); \ _ldap_trace x; \ } while(0) - static void _ldap_trace(const char *fmt, ...); + static void _ldap_trace(const char *fmt, ...); #else #define LDAP_TRACE(x) Curl_nop_stmt #endif @@ -147,7 +147,7 @@ const struct Curl_handler Curl_handler_ldap = { ZERO_NULL, /* perform_getsock */ ZERO_NULL, /* disconnect */ ZERO_NULL, /* readwrite */ - ZERO_NULL, /* connection_check */ + ZERO_NULL, /* connection_check */ PORT_LDAP, /* defport */ CURLPROTO_LDAP, /* protocol */ CURLPROTO_LDAP, /* family */ @@ -174,91 +174,91 @@ const struct Curl_handler Curl_handler_ldaps = { ZERO_NULL, /* perform_getsock */ ZERO_NULL, /* disconnect */ ZERO_NULL, /* readwrite */ - ZERO_NULL, /* connection_check */ + ZERO_NULL, /* connection_check */ PORT_LDAPS, /* defport */ - CURLPROTO_LDAPS, /* protocol */ + CURLPROTO_LDAPS, /* protocol */ CURLPROTO_LDAP, /* family */ PROTOPT_SSL /* flags */ }; #endif -#if defined(USE_WIN32_LDAP) - -#if defined(USE_WINDOWS_SSPI) -static int ldap_win_bind_auth(LDAP *server, const char *user, - const char *passwd, unsigned long authflags) -{ - ULONG method = 0; - SEC_WINNT_AUTH_IDENTITY cred; - int rc = LDAP_AUTH_METHOD_NOT_SUPPORTED; - - memset(&cred, 0, sizeof(cred)); - -#if defined(USE_SPNEGO) - if(authflags & CURLAUTH_NEGOTIATE) { - method = LDAP_AUTH_NEGOTIATE; - } - else -#endif -#if defined(USE_NTLM) - if(authflags & CURLAUTH_NTLM) { - method = LDAP_AUTH_NTLM; - } - else -#endif -#if !defined(CURL_DISABLE_CRYPTO_AUTH) - if(authflags & CURLAUTH_DIGEST) { - method = LDAP_AUTH_DIGEST; - } - else -#endif - { - /* required anyway if one of upper preprocessor definitions enabled */ - } - - if(method && user && passwd) { - rc = Curl_create_sspi_identity(user, passwd, &cred); - if(!rc) { - rc = ldap_bind_s(server, NULL, (TCHAR *)&cred, method); - Curl_sspi_free_identity(&cred); - } - } - else { - /* proceed with current user credentials */ - method = LDAP_AUTH_NEGOTIATE; - rc = ldap_bind_s(server, NULL, NULL, method); - } - return rc; -} -#endif /* #if defined(USE_WINDOWS_SSPI) */ - -static int ldap_win_bind(struct connectdata *conn, LDAP *server, - const char *user, const char *passwd) -{ - int rc = LDAP_INVALID_CREDENTIALS; - - PTCHAR inuser = NULL; - PTCHAR inpass = NULL; - - if(user && passwd && (conn->data->set.httpauth & CURLAUTH_BASIC)) { +#if defined(USE_WIN32_LDAP) + +#if defined(USE_WINDOWS_SSPI) +static int ldap_win_bind_auth(LDAP *server, const char *user, + const char *passwd, unsigned long authflags) +{ + ULONG method = 0; + SEC_WINNT_AUTH_IDENTITY cred; + int rc = LDAP_AUTH_METHOD_NOT_SUPPORTED; + + memset(&cred, 0, sizeof(cred)); + +#if defined(USE_SPNEGO) + if(authflags & CURLAUTH_NEGOTIATE) { + method = LDAP_AUTH_NEGOTIATE; + } + else +#endif +#if defined(USE_NTLM) + if(authflags & CURLAUTH_NTLM) { + method = LDAP_AUTH_NTLM; + } + else +#endif +#if !defined(CURL_DISABLE_CRYPTO_AUTH) + if(authflags & CURLAUTH_DIGEST) { + method = LDAP_AUTH_DIGEST; + } + else +#endif + { + /* required anyway if one of upper preprocessor definitions enabled */ + } + + if(method && user && passwd) { + rc = Curl_create_sspi_identity(user, passwd, &cred); + if(!rc) { + rc = ldap_bind_s(server, NULL, (TCHAR *)&cred, method); + Curl_sspi_free_identity(&cred); + } + } + else { + /* proceed with current user credentials */ + method = LDAP_AUTH_NEGOTIATE; + rc = ldap_bind_s(server, NULL, NULL, method); + } + return rc; +} +#endif /* #if defined(USE_WINDOWS_SSPI) */ + +static int ldap_win_bind(struct connectdata *conn, LDAP *server, + const char *user, const char *passwd) +{ + int rc = LDAP_INVALID_CREDENTIALS; + + PTCHAR inuser = NULL; + PTCHAR inpass = NULL; + + if(user && passwd && (conn->data->set.httpauth & CURLAUTH_BASIC)) { inuser = curlx_convert_UTF8_to_tchar((char *) user); inpass = curlx_convert_UTF8_to_tchar((char *) passwd); - - rc = ldap_simple_bind_s(server, inuser, inpass); - + + rc = ldap_simple_bind_s(server, inuser, inpass); + curlx_unicodefree(inuser); curlx_unicodefree(inpass); - } -#if defined(USE_WINDOWS_SSPI) - else { - rc = ldap_win_bind_auth(server, user, passwd, conn->data->set.httpauth); - } -#endif - - return rc; -} -#endif /* #if defined(USE_WIN32_LDAP) */ - + } +#if defined(USE_WINDOWS_SSPI) + else { + rc = ldap_win_bind_auth(server, user, passwd, conn->data->set.httpauth); + } +#endif + + return rc; +} +#endif /* #if defined(USE_WIN32_LDAP) */ + #if defined(USE_WIN32_LDAP) #define FREE_ON_WINLDAP(x) curlx_unicodefree(x) #else @@ -268,29 +268,29 @@ static int ldap_win_bind(struct connectdata *conn, LDAP *server, static CURLcode Curl_ldap(struct connectdata *conn, bool *done) { - CURLcode result = CURLE_OK; + CURLcode result = CURLE_OK; int rc = 0; LDAP *server = NULL; LDAPURLDesc *ludp = NULL; - LDAPMessage *ldapmsg = NULL; + LDAPMessage *ldapmsg = NULL; LDAPMessage *entryIterator; int num = 0; - struct Curl_easy *data = conn->data; + struct Curl_easy *data = conn->data; int ldap_proto = LDAP_VERSION3; int ldap_ssl = 0; char *val_b64 = NULL; size_t val_b64_sz = 0; curl_off_t dlsize = 0; #ifdef LDAP_OPT_NETWORK_TIMEOUT - struct timeval ldap_timeout = {10, 0}; /* 10 sec connection/search timeout */ + struct timeval ldap_timeout = {10, 0}; /* 10 sec connection/search timeout */ #endif -#if defined(USE_WIN32_LDAP) - TCHAR *host = NULL; -#else - char *host = NULL; -#endif - char *user = NULL; - char *passwd = NULL; +#if defined(USE_WIN32_LDAP) + TCHAR *host = NULL; +#else + char *host = NULL; +#endif + char *user = NULL; + char *passwd = NULL; *done = TRUE; /* unconditionally */ infof(data, "LDAP local: LDAP Vendor = %s ; LDAP Version = %d\n", @@ -304,32 +304,32 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool *done) #endif if(rc != 0) { failf(data, "LDAP local: %s", ldap_err2string(rc)); - result = CURLE_LDAP_INVALID_URL; + result = CURLE_LDAP_INVALID_URL; goto quit; } - /* Get the URL scheme (either ldap or ldaps) */ + /* Get the URL scheme (either ldap or ldaps) */ if(conn->given->flags & PROTOPT_SSL) ldap_ssl = 1; infof(data, "LDAP local: trying to establish %s connection\n", ldap_ssl ? "encrypted" : "cleartext"); -#if defined(USE_WIN32_LDAP) +#if defined(USE_WIN32_LDAP) host = curlx_convert_UTF8_to_tchar(conn->host.name); - if(!host) { - result = CURLE_OUT_OF_MEMORY; - - goto quit; - } -#else - host = conn->host.name; -#endif - - if(conn->bits.user_passwd) { - user = conn->user; - passwd = conn->passwd; - } - + if(!host) { + result = CURLE_OUT_OF_MEMORY; + + goto quit; + } +#else + host = conn->host.name; +#endif + + if(conn->bits.user_passwd) { + user = conn->user; + passwd = conn->passwd; + } + #ifdef LDAP_OPT_NETWORK_TIMEOUT ldap_set_option(NULL, LDAP_OPT_NETWORK_TIMEOUT, &ldap_timeout); #endif @@ -337,30 +337,30 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool *done) if(ldap_ssl) { #ifdef HAVE_LDAP_SSL -#ifdef USE_WIN32_LDAP +#ifdef USE_WIN32_LDAP /* Win32 LDAP SDK doesn't support insecure mode without CA! */ - server = ldap_sslinit(host, (int)conn->port, 1); + server = ldap_sslinit(host, (int)conn->port, 1); ldap_set_option(server, LDAP_OPT_SSL, LDAP_OPT_ON); #else int ldap_option; - char *ldap_ca = conn->ssl_config.CAfile; + char *ldap_ca = conn->ssl_config.CAfile; #if defined(CURL_HAS_NOVELL_LDAPSDK) rc = ldapssl_client_init(NULL, NULL); if(rc != LDAP_SUCCESS) { failf(data, "LDAP local: ldapssl_client_init %s", ldap_err2string(rc)); - result = CURLE_SSL_CERTPROBLEM; + result = CURLE_SSL_CERTPROBLEM; goto quit; } - if(conn->ssl_config.verifypeer) { + if(conn->ssl_config.verifypeer) { /* Novell SDK supports DER or BASE64 files. */ int cert_type = LDAPSSL_CERT_FILETYPE_B64; - if((data->set.ssl.cert_type) && - (strcasecompare(data->set.ssl.cert_type, "DER"))) + if((data->set.ssl.cert_type) && + (strcasecompare(data->set.ssl.cert_type, "DER"))) cert_type = LDAPSSL_CERT_FILETYPE_DER; if(!ldap_ca) { failf(data, "LDAP local: ERROR %s CA cert not set!", (cert_type == LDAPSSL_CERT_FILETYPE_DER ? "DER" : "PEM")); - result = CURLE_SSL_CERTPROBLEM; + result = CURLE_SSL_CERTPROBLEM; goto quit; } infof(data, "LDAP local: using %s CA cert '%s'\n", @@ -371,7 +371,7 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool *done) failf(data, "LDAP local: ERROR setting %s CA cert: %s", (cert_type == LDAPSSL_CERT_FILETYPE_DER ? "DER" : "PEM"), ldap_err2string(rc)); - result = CURLE_SSL_CERTPROBLEM; + result = CURLE_SSL_CERTPROBLEM; goto quit; } ldap_option = LDAPSSL_VERIFY_SERVER; @@ -382,28 +382,28 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool *done) if(rc != LDAP_SUCCESS) { failf(data, "LDAP local: ERROR setting cert verify mode: %s", ldap_err2string(rc)); - result = CURLE_SSL_CERTPROBLEM; + result = CURLE_SSL_CERTPROBLEM; goto quit; } - server = ldapssl_init(host, (int)conn->port, 1); + server = ldapssl_init(host, (int)conn->port, 1); if(server == NULL) { failf(data, "LDAP local: Cannot connect to %s:%ld", - conn->host.dispname, conn->port); - result = CURLE_COULDNT_CONNECT; + conn->host.dispname, conn->port); + result = CURLE_COULDNT_CONNECT; goto quit; } #elif defined(LDAP_OPT_X_TLS) - if(conn->ssl_config.verifypeer) { + if(conn->ssl_config.verifypeer) { /* OpenLDAP SDK supports BASE64 files. */ - if((data->set.ssl.cert_type) && - (!strcasecompare(data->set.ssl.cert_type, "PEM"))) { + if((data->set.ssl.cert_type) && + (!strcasecompare(data->set.ssl.cert_type, "PEM"))) { failf(data, "LDAP local: ERROR OpenLDAP only supports PEM cert-type!"); - result = CURLE_SSL_CERTPROBLEM; + result = CURLE_SSL_CERTPROBLEM; goto quit; } if(!ldap_ca) { failf(data, "LDAP local: ERROR PEM CA cert not set!"); - result = CURLE_SSL_CERTPROBLEM; + result = CURLE_SSL_CERTPROBLEM; goto quit; } infof(data, "LDAP local: using PEM CA cert: %s\n", ldap_ca); @@ -411,7 +411,7 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool *done) if(rc != LDAP_SUCCESS) { failf(data, "LDAP local: ERROR setting PEM CA cert: %s", ldap_err2string(rc)); - result = CURLE_SSL_CERTPROBLEM; + result = CURLE_SSL_CERTPROBLEM; goto quit; } ldap_option = LDAP_OPT_X_TLS_DEMAND; @@ -423,14 +423,14 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool *done) if(rc != LDAP_SUCCESS) { failf(data, "LDAP local: ERROR setting cert verify mode: %s", ldap_err2string(rc)); - result = CURLE_SSL_CERTPROBLEM; + result = CURLE_SSL_CERTPROBLEM; goto quit; } - server = ldap_init(host, (int)conn->port); + server = ldap_init(host, (int)conn->port); if(server == NULL) { failf(data, "LDAP local: Cannot connect to %s:%ld", - conn->host.dispname, conn->port); - result = CURLE_COULDNT_CONNECT; + conn->host.dispname, conn->port); + result = CURLE_COULDNT_CONNECT; goto quit; } ldap_option = LDAP_OPT_X_TLS_HARD; @@ -438,7 +438,7 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool *done) if(rc != LDAP_SUCCESS) { failf(data, "LDAP local: ERROR setting SSL/TLS mode: %s", ldap_err2string(rc)); - result = CURLE_SSL_CERTPROBLEM; + result = CURLE_SSL_CERTPROBLEM; goto quit; } /* @@ -446,7 +446,7 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool *done) if(rc != LDAP_SUCCESS) { failf(data, "LDAP local: ERROR starting SSL/TLS mode: %s", ldap_err2string(rc)); - result = CURLE_SSL_CERTPROBLEM; + result = CURLE_SSL_CERTPROBLEM; goto quit; } */ @@ -455,264 +455,264 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool *done) should check in first place if we can support LDAP SSL/TLS */ failf(data, "LDAP local: SSL/TLS not supported with this version " "of the OpenLDAP toolkit\n"); - result = CURLE_SSL_CERTPROBLEM; + result = CURLE_SSL_CERTPROBLEM; goto quit; #endif #endif #endif /* CURL_LDAP_USE_SSL */ } else { - server = ldap_init(host, (int)conn->port); + server = ldap_init(host, (int)conn->port); if(server == NULL) { failf(data, "LDAP local: Cannot connect to %s:%ld", - conn->host.dispname, conn->port); - result = CURLE_COULDNT_CONNECT; + conn->host.dispname, conn->port); + result = CURLE_COULDNT_CONNECT; goto quit; } } -#ifdef USE_WIN32_LDAP +#ifdef USE_WIN32_LDAP ldap_set_option(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto); - rc = ldap_win_bind(conn, server, user, passwd); -#else - rc = ldap_simple_bind_s(server, user, passwd); -#endif + rc = ldap_win_bind(conn, server, user, passwd); +#else + rc = ldap_simple_bind_s(server, user, passwd); +#endif if(!ldap_ssl && rc != 0) { ldap_proto = LDAP_VERSION2; ldap_set_option(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto); -#ifdef USE_WIN32_LDAP - rc = ldap_win_bind(conn, server, user, passwd); -#else - rc = ldap_simple_bind_s(server, user, passwd); -#endif +#ifdef USE_WIN32_LDAP + rc = ldap_win_bind(conn, server, user, passwd); +#else + rc = ldap_simple_bind_s(server, user, passwd); +#endif } if(rc != 0) { -#ifdef USE_WIN32_LDAP - failf(data, "LDAP local: bind via ldap_win_bind %s", - ldap_err2string(rc)); -#else - failf(data, "LDAP local: bind via ldap_simple_bind_s %s", - ldap_err2string(rc)); -#endif - result = CURLE_LDAP_CANNOT_BIND; +#ifdef USE_WIN32_LDAP + failf(data, "LDAP local: bind via ldap_win_bind %s", + ldap_err2string(rc)); +#else + failf(data, "LDAP local: bind via ldap_simple_bind_s %s", + ldap_err2string(rc)); +#endif + result = CURLE_LDAP_CANNOT_BIND; goto quit; } rc = ldap_search_s(server, ludp->lud_dn, ludp->lud_scope, - ludp->lud_filter, ludp->lud_attrs, 0, &ldapmsg); + ludp->lud_filter, ludp->lud_attrs, 0, &ldapmsg); if(rc != 0 && rc != LDAP_SIZELIMIT_EXCEEDED) { failf(data, "LDAP remote: %s", ldap_err2string(rc)); - result = CURLE_LDAP_SEARCH_FAILED; + result = CURLE_LDAP_SEARCH_FAILED; goto quit; } - for(num = 0, entryIterator = ldap_first_entry(server, ldapmsg); + for(num = 0, entryIterator = ldap_first_entry(server, ldapmsg); entryIterator; entryIterator = ldap_next_entry(server, entryIterator), num++) { BerElement *ber = NULL; -#if defined(USE_WIN32_LDAP) - TCHAR *attribute; -#else +#if defined(USE_WIN32_LDAP) + TCHAR *attribute; +#else char *attribute; -#endif +#endif int i; - /* Get the DN and write it to the client */ - { - char *name; - size_t name_len; -#if defined(USE_WIN32_LDAP) - TCHAR *dn = ldap_get_dn(server, entryIterator); + /* Get the DN and write it to the client */ + { + char *name; + size_t name_len; +#if defined(USE_WIN32_LDAP) + TCHAR *dn = ldap_get_dn(server, entryIterator); name = curlx_convert_tchar_to_UTF8(dn); - if(!name) { - ldap_memfree(dn); - - result = CURLE_OUT_OF_MEMORY; - - goto quit; - } -#else - char *dn = name = ldap_get_dn(server, entryIterator); -#endif - name_len = strlen(name); - - result = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"DN: ", 4); - if(result) { + if(!name) { + ldap_memfree(dn); + + result = CURLE_OUT_OF_MEMORY; + + goto quit; + } +#else + char *dn = name = ldap_get_dn(server, entryIterator); +#endif + name_len = strlen(name); + + result = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"DN: ", 4); + if(result) { FREE_ON_WINLDAP(name); - ldap_memfree(dn); - goto quit; - } - - result = Curl_client_write(conn, CLIENTWRITE_BODY, (char *) name, - name_len); - if(result) { + ldap_memfree(dn); + goto quit; + } + + result = Curl_client_write(conn, CLIENTWRITE_BODY, (char *) name, + name_len); + if(result) { FREE_ON_WINLDAP(name); - ldap_memfree(dn); - goto quit; - } - - result = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"\n", 1); - if(result) { + ldap_memfree(dn); + goto quit; + } + + result = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"\n", 1); + if(result) { FREE_ON_WINLDAP(name); - ldap_memfree(dn); - - goto quit; - } - - dlsize += name_len + 5; - + ldap_memfree(dn); + + goto quit; + } + + dlsize += name_len + 5; + FREE_ON_WINLDAP(name); - ldap_memfree(dn); - } - - /* Get the attributes and write them to the client */ + ldap_memfree(dn); + } + + /* Get the attributes and write them to the client */ for(attribute = ldap_first_attribute(server, entryIterator, &ber); attribute; attribute = ldap_next_attribute(server, entryIterator, ber)) { - BerValue **vals; - size_t attr_len; -#if defined(USE_WIN32_LDAP) + BerValue **vals; + size_t attr_len; +#if defined(USE_WIN32_LDAP) char *attr = curlx_convert_tchar_to_UTF8(attribute); - if(!attr) { - if(ber) - ber_free(ber, 0); - - result = CURLE_OUT_OF_MEMORY; - - goto quit; - } -#else - char *attr = attribute; -#endif - attr_len = strlen(attr); - - vals = ldap_get_values_len(server, entryIterator, attribute); + if(!attr) { + if(ber) + ber_free(ber, 0); + + result = CURLE_OUT_OF_MEMORY; + + goto quit; + } +#else + char *attr = attribute; +#endif + attr_len = strlen(attr); + + vals = ldap_get_values_len(server, entryIterator, attribute); if(vals != NULL) { for(i = 0; (vals[i] != NULL); i++) { - result = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"\t", 1); - if(result) { - ldap_value_free_len(vals); + result = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"\t", 1); + if(result) { + ldap_value_free_len(vals); FREE_ON_WINLDAP(attr); - ldap_memfree(attribute); - if(ber) - ber_free(ber, 0); - - goto quit; - } - - result = Curl_client_write(conn, CLIENTWRITE_BODY, - (char *) attr, attr_len); - if(result) { - ldap_value_free_len(vals); + ldap_memfree(attribute); + if(ber) + ber_free(ber, 0); + + goto quit; + } + + result = Curl_client_write(conn, CLIENTWRITE_BODY, + (char *) attr, attr_len); + if(result) { + ldap_value_free_len(vals); FREE_ON_WINLDAP(attr); - ldap_memfree(attribute); - if(ber) - ber_free(ber, 0); - - goto quit; - } - - result = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)": ", 2); - if(result) { - ldap_value_free_len(vals); + ldap_memfree(attribute); + if(ber) + ber_free(ber, 0); + + goto quit; + } + + result = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)": ", 2); + if(result) { + ldap_value_free_len(vals); FREE_ON_WINLDAP(attr); - ldap_memfree(attribute); - if(ber) - ber_free(ber, 0); - - goto quit; - } - - dlsize += attr_len + 3; - - if((attr_len > 7) && - (strcmp(";binary", (char *) attr + (attr_len - 7)) == 0)) { + ldap_memfree(attribute); + if(ber) + ber_free(ber, 0); + + goto quit; + } + + dlsize += attr_len + 3; + + if((attr_len > 7) && + (strcmp(";binary", (char *) attr + (attr_len - 7)) == 0)) { /* Binary attribute, encode to base64. */ - result = Curl_base64_encode(data, - vals[i]->bv_val, - vals[i]->bv_len, - &val_b64, - &val_b64_sz); - if(result) { + result = Curl_base64_encode(data, + vals[i]->bv_val, + vals[i]->bv_len, + &val_b64, + &val_b64_sz); + if(result) { ldap_value_free_len(vals); FREE_ON_WINLDAP(attr); ldap_memfree(attribute); if(ber) ber_free(ber, 0); - + goto quit; } - + if(val_b64_sz > 0) { - result = Curl_client_write(conn, CLIENTWRITE_BODY, val_b64, - val_b64_sz); + result = Curl_client_write(conn, CLIENTWRITE_BODY, val_b64, + val_b64_sz); free(val_b64); - if(result) { - ldap_value_free_len(vals); + if(result) { + ldap_value_free_len(vals); FREE_ON_WINLDAP(attr); - ldap_memfree(attribute); - if(ber) - ber_free(ber, 0); - - goto quit; - } - + ldap_memfree(attribute); + if(ber) + ber_free(ber, 0); + + goto quit; + } + dlsize += val_b64_sz; } } else { - result = Curl_client_write(conn, CLIENTWRITE_BODY, vals[i]->bv_val, - vals[i]->bv_len); - if(result) { - ldap_value_free_len(vals); + result = Curl_client_write(conn, CLIENTWRITE_BODY, vals[i]->bv_val, + vals[i]->bv_len); + if(result) { + ldap_value_free_len(vals); FREE_ON_WINLDAP(attr); - ldap_memfree(attribute); - if(ber) - ber_free(ber, 0); - - goto quit; - } - + ldap_memfree(attribute); + if(ber) + ber_free(ber, 0); + + goto quit; + } + dlsize += vals[i]->bv_len; } - - result = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"\n", 1); - if(result) { - ldap_value_free_len(vals); + + result = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"\n", 1); + if(result) { + ldap_value_free_len(vals); FREE_ON_WINLDAP(attr); - ldap_memfree(attribute); - if(ber) - ber_free(ber, 0); - - goto quit; - } - + ldap_memfree(attribute); + if(ber) + ber_free(ber, 0); + + goto quit; + } + dlsize++; } /* Free memory used to store values */ ldap_value_free_len(vals); } - - /* Free the attribute as we are done with it */ + + /* Free the attribute as we are done with it */ FREE_ON_WINLDAP(attr); - ldap_memfree(attribute); - - result = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"\n", 1); - if(result) - goto quit; + ldap_memfree(attribute); + + result = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"\n", 1); + if(result) + goto quit; dlsize++; Curl_pgrsSetDownloadCounter(data, dlsize); } - + if(ber) ber_free(ber, 0); } quit: - if(ldapmsg) { - ldap_msgfree(ldapmsg); - LDAP_TRACE(("Received %d entries\n", num)); + if(ldapmsg) { + ldap_msgfree(ldapmsg); + LDAP_TRACE(("Received %d entries\n", num)); } if(rc == LDAP_SIZELIMIT_EXCEEDED) infof(data, "There are more than %d entries\n", num); @@ -726,16 +726,16 @@ quit: #endif /* HAVE_LDAP_SSL && CURL_HAS_NOVELL_LDAPSDK */ FREE_ON_WINLDAP(host); - + /* no data to transfer */ Curl_setup_transfer(data, -1, -1, FALSE, -1); - connclose(conn, "LDAP connection always disable re-use"); + connclose(conn, "LDAP connection always disable re-use"); - return result; + return result; } #ifdef DEBUG_LDAP -static void _ldap_trace(const char *fmt, ...) +static void _ldap_trace(const char *fmt, ...) { static int do_trace = -1; va_list args; @@ -747,9 +747,9 @@ static void _ldap_trace(const char *fmt, ...) if(!do_trace) return; - va_start(args, fmt); - vfprintf(stderr, fmt, args); - va_end(args); + va_start(args, fmt); + vfprintf(stderr, fmt, args); + va_end(args); } #endif @@ -758,51 +758,51 @@ static void _ldap_trace(const char *fmt, ...) /* * Return scope-value for a scope-string. */ -static int str2scope(const char *p) +static int str2scope(const char *p) { - if(strcasecompare(p, "one")) - return LDAP_SCOPE_ONELEVEL; - if(strcasecompare(p, "onetree")) - return LDAP_SCOPE_ONELEVEL; - if(strcasecompare(p, "base")) - return LDAP_SCOPE_BASE; - if(strcasecompare(p, "sub")) - return LDAP_SCOPE_SUBTREE; - if(strcasecompare(p, "subtree")) - return LDAP_SCOPE_SUBTREE; + if(strcasecompare(p, "one")) + return LDAP_SCOPE_ONELEVEL; + if(strcasecompare(p, "onetree")) + return LDAP_SCOPE_ONELEVEL; + if(strcasecompare(p, "base")) + return LDAP_SCOPE_BASE; + if(strcasecompare(p, "sub")) + return LDAP_SCOPE_SUBTREE; + if(strcasecompare(p, "subtree")) + return LDAP_SCOPE_SUBTREE; return (-1); } /* * Split 'str' into strings separated by commas. - * Note: out[] points into 'str'. + * Note: out[] points into 'str'. */ -static bool split_str(char *str, char ***out, size_t *count) +static bool split_str(char *str, char ***out, size_t *count) { - char **res; - char *lasts; - char *s; - size_t i; - size_t items = 1; - - s = strchr(str, ','); - while(s) { - items++; - s = strchr(++s, ','); - } - - res = calloc(items, sizeof(char *)); + char **res; + char *lasts; + char *s; + size_t i; + size_t items = 1; + + s = strchr(str, ','); + while(s) { + items++; + s = strchr(++s, ','); + } + + res = calloc(items, sizeof(char *)); if(!res) - return FALSE; + return FALSE; - for(i = 0, s = strtok_r(str, ",", &lasts); s && i < items; + for(i = 0, s = strtok_r(str, ",", &lasts); s && i < items; s = strtok_r(NULL, ",", &lasts), i++) res[i] = s; - *out = res; - *count = items; + *out = res; + *count = items; - return TRUE; + return TRUE; } /* @@ -819,28 +819,28 @@ static bool split_str(char *str, char ***out, size_t *count) * * Defined in RFC4516 section 2. */ -static int _ldap_url_parse2(const struct connectdata *conn, LDAPURLDesc *ludp) +static int _ldap_url_parse2(const struct connectdata *conn, LDAPURLDesc *ludp) { - int rc = LDAP_SUCCESS; + int rc = LDAP_SUCCESS; char *p; - char *path; + char *path; char *q = NULL; char *query = NULL; - size_t i; + size_t i; if(!conn->data || - !conn->data->state.up.path || - conn->data->state.up.path[0] != '/' || - !strncasecompare("LDAP", conn->data->state.up.scheme, 4)) + !conn->data->state.up.path || + conn->data->state.up.path[0] != '/' || + !strncasecompare("LDAP", conn->data->state.up.scheme, 4)) return LDAP_INVALID_SYNTAX; ludp->lud_scope = LDAP_SCOPE_BASE; ludp->lud_port = conn->remote_port; ludp->lud_host = conn->host.name; - /* Duplicate the path */ - p = path = strdup(conn->data->state.up.path + 1); - if(!path) + /* Duplicate the path */ + p = path = strdup(conn->data->state.up.path + 1); + if(!path) return LDAP_NO_MEMORY; /* Duplicate the query if present */ @@ -850,193 +850,193 @@ static int _ldap_url_parse2(const struct connectdata *conn, LDAPURLDesc *ludp) free(path); return LDAP_NO_MEMORY; } - } - - /* Parse the DN (Distinguished Name) */ - if(*p) { - char *dn = p; - char *unescaped; - CURLcode result; - - LDAP_TRACE(("DN '%s'\n", dn)); - - /* Unescape the DN */ + } + + /* Parse the DN (Distinguished Name) */ + if(*p) { + char *dn = p; + char *unescaped; + CURLcode result; + + LDAP_TRACE(("DN '%s'\n", dn)); + + /* Unescape the DN */ result = Curl_urldecode(conn->data, dn, 0, &unescaped, NULL, REJECT_ZERO); - if(result) { - rc = LDAP_NO_MEMORY; - - goto quit; - } - -#if defined(USE_WIN32_LDAP) - /* Convert the unescaped string to a tchar */ + if(result) { + rc = LDAP_NO_MEMORY; + + goto quit; + } + +#if defined(USE_WIN32_LDAP) + /* Convert the unescaped string to a tchar */ ludp->lud_dn = curlx_convert_UTF8_to_tchar(unescaped); - - /* Free the unescaped string as we are done with it */ + + /* Free the unescaped string as we are done with it */ curlx_unicodefree(unescaped); - - if(!ludp->lud_dn) { - rc = LDAP_NO_MEMORY; - - goto quit; - } -#else - ludp->lud_dn = unescaped; -#endif - } - - p = q; + + if(!ludp->lud_dn) { + rc = LDAP_NO_MEMORY; + + goto quit; + } +#else + ludp->lud_dn = unescaped; +#endif + } + + p = q; if(!p) - goto quit; + goto quit; - /* Parse the attributes. skip "??" */ + /* Parse the attributes. skip "??" */ q = strchr(p, '?'); if(q) *q++ = '\0'; - if(*p) { - char **attributes; - size_t count = 0; - - /* Split the string into an array of attributes */ - if(!split_str(p, &attributes, &count)) { - rc = LDAP_NO_MEMORY; - - goto quit; - } - - /* Allocate our array (+1 for the NULL entry) */ -#if defined(USE_WIN32_LDAP) - ludp->lud_attrs = calloc(count + 1, sizeof(TCHAR *)); -#else - ludp->lud_attrs = calloc(count + 1, sizeof(char *)); -#endif - if(!ludp->lud_attrs) { - free(attributes); - - rc = LDAP_NO_MEMORY; - - goto quit; - } - - for(i = 0; i < count; i++) { - char *unescaped; - CURLcode result; - + if(*p) { + char **attributes; + size_t count = 0; + + /* Split the string into an array of attributes */ + if(!split_str(p, &attributes, &count)) { + rc = LDAP_NO_MEMORY; + + goto quit; + } + + /* Allocate our array (+1 for the NULL entry) */ +#if defined(USE_WIN32_LDAP) + ludp->lud_attrs = calloc(count + 1, sizeof(TCHAR *)); +#else + ludp->lud_attrs = calloc(count + 1, sizeof(char *)); +#endif + if(!ludp->lud_attrs) { + free(attributes); + + rc = LDAP_NO_MEMORY; + + goto quit; + } + + for(i = 0; i < count; i++) { + char *unescaped; + CURLcode result; + LDAP_TRACE(("attr[%zu] '%s'\n", i, attributes[i])); - - /* Unescape the attribute */ - result = Curl_urldecode(conn->data, attributes[i], 0, &unescaped, NULL, + + /* Unescape the attribute */ + result = Curl_urldecode(conn->data, attributes[i], 0, &unescaped, NULL, REJECT_ZERO); - if(result) { - free(attributes); - - rc = LDAP_NO_MEMORY; - - goto quit; - } - -#if defined(USE_WIN32_LDAP) - /* Convert the unescaped string to a tchar */ + if(result) { + free(attributes); + + rc = LDAP_NO_MEMORY; + + goto quit; + } + +#if defined(USE_WIN32_LDAP) + /* Convert the unescaped string to a tchar */ ludp->lud_attrs[i] = curlx_convert_UTF8_to_tchar(unescaped); - - /* Free the unescaped string as we are done with it */ + + /* Free the unescaped string as we are done with it */ curlx_unicodefree(unescaped); - - if(!ludp->lud_attrs[i]) { - free(attributes); - - rc = LDAP_NO_MEMORY; - - goto quit; - } -#else - ludp->lud_attrs[i] = unescaped; -#endif - - ludp->lud_attrs_dups++; - } - - free(attributes); + + if(!ludp->lud_attrs[i]) { + free(attributes); + + rc = LDAP_NO_MEMORY; + + goto quit; + } +#else + ludp->lud_attrs[i] = unescaped; +#endif + + ludp->lud_attrs_dups++; + } + + free(attributes); } p = q; if(!p) - goto quit; + goto quit; - /* Parse the scope. skip "??" */ + /* Parse the scope. skip "??" */ q = strchr(p, '?'); if(q) *q++ = '\0'; - if(*p) { + if(*p) { ludp->lud_scope = str2scope(p); if(ludp->lud_scope == -1) { - rc = LDAP_INVALID_SYNTAX; - - goto quit; + rc = LDAP_INVALID_SYNTAX; + + goto quit; } - LDAP_TRACE(("scope %d\n", ludp->lud_scope)); + LDAP_TRACE(("scope %d\n", ludp->lud_scope)); } p = q; if(!p) - goto quit; + goto quit; - /* Parse the filter */ + /* Parse the filter */ q = strchr(p, '?'); if(q) *q++ = '\0'; - - if(*p) { - char *filter = p; - char *unescaped; - CURLcode result; - - LDAP_TRACE(("filter '%s'\n", filter)); - - /* Unescape the filter */ + + if(*p) { + char *filter = p; + char *unescaped; + CURLcode result; + + LDAP_TRACE(("filter '%s'\n", filter)); + + /* Unescape the filter */ result = Curl_urldecode(conn->data, filter, 0, &unescaped, NULL, REJECT_ZERO); - if(result) { - rc = LDAP_NO_MEMORY; - - goto quit; - } - -#if defined(USE_WIN32_LDAP) - /* Convert the unescaped string to a tchar */ + if(result) { + rc = LDAP_NO_MEMORY; + + goto quit; + } + +#if defined(USE_WIN32_LDAP) + /* Convert the unescaped string to a tchar */ ludp->lud_filter = curlx_convert_UTF8_to_tchar(unescaped); - - /* Free the unescaped string as we are done with it */ + + /* Free the unescaped string as we are done with it */ curlx_unicodefree(unescaped); - - if(!ludp->lud_filter) { - rc = LDAP_NO_MEMORY; - - goto quit; - } -#else - ludp->lud_filter = unescaped; -#endif + + if(!ludp->lud_filter) { + rc = LDAP_NO_MEMORY; + + goto quit; + } +#else + ludp->lud_filter = unescaped; +#endif + } + + p = q; + if(p && !*p) { + rc = LDAP_INVALID_SYNTAX; + + goto quit; } - p = q; - if(p && !*p) { - rc = LDAP_INVALID_SYNTAX; - - goto quit; - } - -quit: - free(path); - free(query); - - return rc; +quit: + free(path); + free(query); + + return rc; } -static int _ldap_url_parse(const struct connectdata *conn, - LDAPURLDesc **ludpp) +static int _ldap_url_parse(const struct connectdata *conn, + LDAPURLDesc **ludpp) { LDAPURLDesc *ludp = calloc(1, sizeof(*ludp)); int rc; @@ -1045,7 +1045,7 @@ static int _ldap_url_parse(const struct connectdata *conn, if(!ludp) return LDAP_NO_MEMORY; - rc = _ldap_url_parse2(conn, ludp); + rc = _ldap_url_parse2(conn, ludp); if(rc != LDAP_SUCCESS) { _ldap_free_urldesc(ludp); ludp = NULL; @@ -1054,13 +1054,13 @@ static int _ldap_url_parse(const struct connectdata *conn, return (rc); } -static void _ldap_free_urldesc(LDAPURLDesc *ludp) +static void _ldap_free_urldesc(LDAPURLDesc *ludp) { if(!ludp) return; - free(ludp->lud_dn); - free(ludp->lud_filter); + free(ludp->lud_dn); + free(ludp->lud_filter); if(ludp->lud_attrs) { size_t i; @@ -1069,7 +1069,7 @@ static void _ldap_free_urldesc(LDAPURLDesc *ludp) free(ludp->lud_attrs); } - free(ludp); + free(ludp); } #endif /* !HAVE_LDAP_URL_PARSE */ #endif /* !CURL_DISABLE_LDAP && !USE_OPENLDAP */ |