Patrick Monnerat modified the LDAP code and approach in curl. Starting now,
the configure script checks for openldap and friends and we link with those libs just like we link all other third party libraries, and we no longer dlopen() those libraries. Our private header file lib/ldap.h was renamed to lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix) just before this commit, just in case.
This commit is contained in:
Daniel Stenberg
315
lib/ldap.c
315
lib/ldap.c
@@ -35,18 +35,25 @@
|
||||
#endif
|
||||
#include <errno.h>
|
||||
|
||||
#if defined(WIN32)
|
||||
#ifdef CURL_LDAP_HYBRID /* If W$ definitions are needed. */
|
||||
# include <windows.h>
|
||||
/* Remember we are NOT in a W$ compiler! */
|
||||
# undef WIN32
|
||||
# undef _WIN32
|
||||
# undef __WIN32__
|
||||
#endif
|
||||
|
||||
#ifdef CURL_LDAP_WIN /* Use W$ LDAP implementation. */
|
||||
# include <winldap.h>
|
||||
#else
|
||||
#define LDAP_DEPRECATED /* Be sure ldap_init() is defined. */
|
||||
# include <ldap.h>
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_UNISTD_H
|
||||
# include <unistd.h>
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_DLFCN_H
|
||||
# include <dlfcn.h>
|
||||
#endif
|
||||
|
||||
#include "urldata.h"
|
||||
#include <curl/curl.h>
|
||||
#include "sendf.h"
|
||||
@@ -54,7 +61,7 @@
|
||||
#include "transfer.h"
|
||||
#include "strequal.h"
|
||||
#include "strtok.h"
|
||||
#include "ldap.h"
|
||||
#include "curl_ldap.h"
|
||||
#include "memory.h"
|
||||
#include "base64.h"
|
||||
|
||||
@@ -63,160 +70,10 @@
|
||||
|
||||
#include "memdebug.h"
|
||||
|
||||
/* WLdap32.dll functions are *not* stdcall. Must call these via __cdecl
|
||||
* pointers in case libcurl was compiled as fastcall (cl -Gr). Watcom
|
||||
* uses fastcall by default.
|
||||
*/
|
||||
#if !defined(WIN32) && !defined(__cdecl)
|
||||
#define __cdecl
|
||||
#endif
|
||||
#ifndef HAVE_LDAP_URL_PARSE
|
||||
|
||||
#ifndef LDAP_SIZELIMIT_EXCEEDED
|
||||
#define LDAP_SIZELIMIT_EXCEEDED 4
|
||||
#endif
|
||||
#ifndef LDAP_VERSION2
|
||||
#define LDAP_VERSION2 2
|
||||
#endif
|
||||
#ifndef LDAP_VERSION3
|
||||
#define LDAP_VERSION3 3
|
||||
#endif
|
||||
#ifndef LDAP_OPT_PROTOCOL_VERSION
|
||||
#define LDAP_OPT_PROTOCOL_VERSION 0x0011
|
||||
#endif
|
||||
/* Use our own implementation. */
|
||||
|
||||
#define DLOPEN_MODE RTLD_LAZY /*! assume all dlopen() implementations have
|
||||
this */
|
||||
|
||||
#if defined(RTLD_LAZY_GLOBAL) /* It turns out some systems use this: */
|
||||
# undef DLOPEN_MODE
|
||||
# define DLOPEN_MODE RTLD_LAZY_GLOBAL
|
||||
#elif defined(RTLD_GLOBAL)
|
||||
# undef DLOPEN_MODE
|
||||
# define DLOPEN_MODE (RTLD_LAZY | RTLD_GLOBAL)
|
||||
#endif
|
||||
|
||||
#define DYNA_GET_FUNCTION(type, fnc) do { \
|
||||
(fnc) = (type)DynaGetFunction(#fnc); \
|
||||
if ((fnc) == NULL) \
|
||||
return CURLE_FUNCTION_NOT_FOUND; \
|
||||
} while (0)
|
||||
|
||||
/*! CygWin etc. configure could set these, but we don't want it.
|
||||
* Must use WLdap32.dll code.
|
||||
*/
|
||||
#if defined(WIN32)
|
||||
#undef HAVE_DLOPEN
|
||||
#undef HAVE_LIBDL
|
||||
#endif
|
||||
|
||||
/*
|
||||
* We use this ZERO_NULL to avoid picky compiler warnings,
|
||||
* when assigning a NULL pointer to a function pointer var.
|
||||
*/
|
||||
|
||||
#define ZERO_NULL 0
|
||||
|
||||
typedef void * (*dynafunc)(void *input);
|
||||
|
||||
/***********************************************************************
|
||||
*/
|
||||
#if defined(HAVE_DLOPEN) || defined(HAVE_LIBDL) || defined(WIN32)
|
||||
static void *libldap = NULL;
|
||||
#if defined(DL_LBER_FILE)
|
||||
static void *liblber = NULL;
|
||||
#endif
|
||||
#endif
|
||||
|
||||
struct bv {
|
||||
unsigned long bv_len;
|
||||
char *bv_val;
|
||||
};
|
||||
|
||||
static int DynaOpen(const char **mod_name)
|
||||
{
|
||||
#if defined(HAVE_DLOPEN) || defined(HAVE_LIBDL)
|
||||
if (libldap == NULL) {
|
||||
/*
|
||||
* libldap.so can normally resolve its dependency on liblber.so
|
||||
* automatically, but in broken installation it does not so
|
||||
* handle it here by opening liblber.so as global.
|
||||
*/
|
||||
#ifdef DL_LBER_FILE
|
||||
*mod_name = DL_LBER_FILE;
|
||||
liblber = dlopen(*mod_name, DLOPEN_MODE);
|
||||
if (!liblber)
|
||||
return 0;
|
||||
#endif
|
||||
|
||||
/* Assume loading libldap.so will fail if loading of liblber.so failed
|
||||
*/
|
||||
*mod_name = DL_LDAP_FILE;
|
||||
libldap = dlopen(*mod_name, RTLD_LAZY);
|
||||
}
|
||||
return (libldap != NULL);
|
||||
|
||||
#elif defined(WIN32)
|
||||
*mod_name = DL_LDAP_FILE;
|
||||
if (!libldap)
|
||||
libldap = (void*)LoadLibrary(*mod_name);
|
||||
return (libldap != NULL);
|
||||
|
||||
#else
|
||||
*mod_name = "";
|
||||
return (0);
|
||||
#endif
|
||||
}
|
||||
|
||||
static void DynaClose(void)
|
||||
{
|
||||
#if defined(HAVE_DLOPEN) || defined(HAVE_LIBDL)
|
||||
if (libldap) {
|
||||
dlclose(libldap);
|
||||
libldap=NULL;
|
||||
}
|
||||
#ifdef DL_LBER_FILE
|
||||
if (liblber) {
|
||||
dlclose(liblber);
|
||||
liblber=NULL;
|
||||
}
|
||||
#endif
|
||||
#elif defined(WIN32)
|
||||
if (libldap) {
|
||||
FreeLibrary ((HMODULE)libldap);
|
||||
libldap = NULL;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
static dynafunc DynaGetFunction(const char *name)
|
||||
{
|
||||
dynafunc func = (dynafunc)ZERO_NULL;
|
||||
|
||||
#if defined(HAVE_DLOPEN) || defined(HAVE_LIBDL)
|
||||
if (libldap) {
|
||||
/* This typecast magic below was brought by Joe Halpin. In ISO C, you
|
||||
* cannot typecast a data pointer to a function pointer, but that's
|
||||
* exactly what we need to do here to avoid compiler warnings on picky
|
||||
* compilers! */
|
||||
*(void**) (&func) = dlsym(libldap, name);
|
||||
}
|
||||
#ifdef DL_LBER_FILE
|
||||
if (!func && liblber) {
|
||||
*(void**) (&func) = dlsym(liblber, name);
|
||||
}
|
||||
#endif
|
||||
#elif defined(WIN32)
|
||||
if (libldap) {
|
||||
func = (dynafunc)GetProcAddress((HINSTANCE)libldap, name);
|
||||
}
|
||||
#else
|
||||
(void) name;
|
||||
#endif
|
||||
return func;
|
||||
}
|
||||
|
||||
/***********************************************************************
|
||||
*/
|
||||
typedef struct ldap_url_desc {
|
||||
struct ldap_url_desc *lud_next;
|
||||
char *lud_scheme;
|
||||
@@ -230,7 +87,6 @@ typedef struct ldap_url_desc {
|
||||
int lud_crit_exts;
|
||||
} LDAPURLDesc;
|
||||
|
||||
#ifdef WIN32
|
||||
static int _ldap_url_parse (const struct connectdata *conn,
|
||||
LDAPURLDesc **ludp);
|
||||
static void _ldap_free_urldesc (LDAPURLDesc *ludp);
|
||||
@@ -238,6 +94,19 @@ static void _ldap_free_urldesc (LDAPURLDesc *ludp);
|
||||
static void (*ldap_free_urldesc)(LDAPURLDesc *) = _ldap_free_urldesc;
|
||||
#endif
|
||||
|
||||
#ifndef LDAP_SIZELIMIT_EXCEEDED
|
||||
#define LDAP_SIZELIMIT_EXCEEDED 4
|
||||
#endif
|
||||
#ifndef LDAP_VERSION2
|
||||
#define LDAP_VERSION2 2
|
||||
#endif
|
||||
#ifndef LDAP_VERSION3
|
||||
#define LDAP_VERSION3 3
|
||||
#endif
|
||||
#ifndef LDAP_OPT_PROTOCOL_VERSION
|
||||
#define LDAP_OPT_PROTOCOL_VERSION 0x0011
|
||||
#endif
|
||||
|
||||
#ifdef DEBUG_LDAP
|
||||
#define LDAP_TRACE(x) do { \
|
||||
_ldap_trace ("%u: ", __LINE__); \
|
||||
@@ -254,32 +123,11 @@ CURLcode Curl_ldap(struct connectdata *conn, bool *done)
|
||||
{
|
||||
CURLcode status = CURLE_OK;
|
||||
int rc = 0;
|
||||
#ifndef WIN32
|
||||
int (*ldap_url_parse)(char *, LDAPURLDesc **);
|
||||
void (*ldap_free_urldesc)(void *);
|
||||
#endif
|
||||
void *(__cdecl *ldap_init)(char *, int);
|
||||
int (__cdecl *ldap_simple_bind_s)(void *, char *, char *);
|
||||
int (__cdecl *ldap_unbind_s)(void *);
|
||||
int (__cdecl *ldap_search_s)(void *, char *, int, char *, char **,
|
||||
int, void **);
|
||||
void *(__cdecl *ldap_first_entry)(void *, void *);
|
||||
void *(__cdecl *ldap_next_entry)(void *, void *);
|
||||
char *(__cdecl *ldap_err2string)(int);
|
||||
char *(__cdecl *ldap_get_dn)(void *, void *);
|
||||
char *(__cdecl *ldap_first_attribute)(void *, void *, void **);
|
||||
char *(__cdecl *ldap_next_attribute)(void *, void *, void *);
|
||||
void **(__cdecl *ldap_get_values_len)(void *, void *, const char *);
|
||||
void (__cdecl *ldap_value_free_len)(void **);
|
||||
void (__cdecl *ldap_memfree)(void *);
|
||||
void (__cdecl *ber_free)(void *, int);
|
||||
int (__cdecl *ldap_set_option)(void *, int, void *);
|
||||
|
||||
void *server;
|
||||
LDAP *server;
|
||||
LDAPURLDesc *ludp = NULL;
|
||||
const char *mod_name;
|
||||
void *result;
|
||||
void *entryIterator; /*! type should be 'LDAPMessage *' */
|
||||
LDAPMessage *result;
|
||||
LDAPMessage *entryIterator;
|
||||
int num = 0;
|
||||
struct SessionHandle *data=conn->data;
|
||||
int ldap_proto;
|
||||
@@ -289,40 +137,7 @@ CURLcode Curl_ldap(struct connectdata *conn, bool *done)
|
||||
*done = TRUE; /* unconditionally */
|
||||
infof(data, "LDAP local: %s\n", data->change.url);
|
||||
|
||||
if (!DynaOpen(&mod_name)) {
|
||||
failf(data, "The %s LDAP library/libraries couldn't be opened", mod_name);
|
||||
return CURLE_LIBRARY_NOT_FOUND;
|
||||
}
|
||||
|
||||
/* The types are needed because ANSI C distinguishes between
|
||||
* pointer-to-object (data) and pointer-to-function.
|
||||
*/
|
||||
DYNA_GET_FUNCTION(void *(__cdecl *)(char *, int), ldap_init);
|
||||
DYNA_GET_FUNCTION(int (__cdecl *)(void *, char *, char *),
|
||||
ldap_simple_bind_s);
|
||||
DYNA_GET_FUNCTION(int (__cdecl *)(void *), ldap_unbind_s);
|
||||
#ifndef WIN32
|
||||
DYNA_GET_FUNCTION(int (*)(char *, LDAPURLDesc **), ldap_url_parse);
|
||||
DYNA_GET_FUNCTION(void (*)(void *), ldap_free_urldesc);
|
||||
#endif
|
||||
DYNA_GET_FUNCTION(int (__cdecl *)(void *, char *, int, char *, char **, int,
|
||||
void **), ldap_search_s);
|
||||
DYNA_GET_FUNCTION(void *(__cdecl *)(void *, void *), ldap_first_entry);
|
||||
DYNA_GET_FUNCTION(void *(__cdecl *)(void *, void *), ldap_next_entry);
|
||||
DYNA_GET_FUNCTION(char *(__cdecl *)(int), ldap_err2string);
|
||||
DYNA_GET_FUNCTION(char *(__cdecl *)(void *, void *), ldap_get_dn);
|
||||
DYNA_GET_FUNCTION(char *(__cdecl *)(void *, void *, void **),
|
||||
ldap_first_attribute);
|
||||
DYNA_GET_FUNCTION(char *(__cdecl *)(void *, void *, void *),
|
||||
ldap_next_attribute);
|
||||
DYNA_GET_FUNCTION(void **(__cdecl *)(void *, void *, const char *),
|
||||
ldap_get_values_len);
|
||||
DYNA_GET_FUNCTION(void (__cdecl *)(void **), ldap_value_free_len);
|
||||
DYNA_GET_FUNCTION(void (__cdecl *)(void *), ldap_memfree);
|
||||
DYNA_GET_FUNCTION(void (__cdecl *)(void *, int), ber_free);
|
||||
DYNA_GET_FUNCTION(int (__cdecl *)(void *, int, void *), ldap_set_option);
|
||||
|
||||
server = (*ldap_init)(conn->host.name, (int)conn->port);
|
||||
server = ldap_init(conn->host.name, (int)conn->port);
|
||||
if (server == NULL) {
|
||||
failf(data, "LDAP local: Cannot connect to %s:%d",
|
||||
conn->host.name, conn->port);
|
||||
@@ -331,63 +146,62 @@ CURLcode Curl_ldap(struct connectdata *conn, bool *done)
|
||||
}
|
||||
|
||||
ldap_proto = LDAP_VERSION3;
|
||||
(*ldap_set_option)(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto);
|
||||
rc = (*ldap_simple_bind_s)(server,
|
||||
conn->bits.user_passwd ? conn->user : NULL,
|
||||
conn->bits.user_passwd ? conn->passwd : NULL);
|
||||
ldap_set_option(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto);
|
||||
rc = ldap_simple_bind_s(server,
|
||||
conn->bits.user_passwd ? conn->user : NULL,
|
||||
conn->bits.user_passwd ? conn->passwd : NULL);
|
||||
if (rc != 0) {
|
||||
ldap_proto = LDAP_VERSION2;
|
||||
(*ldap_set_option)(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto);
|
||||
rc = (*ldap_simple_bind_s)(server,
|
||||
conn->bits.user_passwd ? conn->user : NULL,
|
||||
conn->bits.user_passwd ? conn->passwd : NULL);
|
||||
ldap_set_option(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto);
|
||||
rc = ldap_simple_bind_s(server,
|
||||
conn->bits.user_passwd ? conn->user : NULL,
|
||||
conn->bits.user_passwd ? conn->passwd : NULL);
|
||||
}
|
||||
if (rc != 0) {
|
||||
failf(data, "LDAP local: %s", (*ldap_err2string)(rc));
|
||||
failf(data, "LDAP local: %s", ldap_err2string(rc));
|
||||
status = CURLE_LDAP_CANNOT_BIND;
|
||||
goto quit;
|
||||
}
|
||||
|
||||
#ifdef WIN32
|
||||
#ifndef HAVE_LDAP_URL_PARSE
|
||||
rc = _ldap_url_parse(conn, &ludp);
|
||||
#else
|
||||
rc = (*ldap_url_parse)(data->change.url, &ludp);
|
||||
rc = ldap_url_parse(data->change.url, &ludp);
|
||||
#endif
|
||||
|
||||
if (rc != 0) {
|
||||
failf(data, "LDAP local: %s", (*ldap_err2string)(rc));
|
||||
failf(data, "LDAP local: %s", ldap_err2string(rc));
|
||||
status = CURLE_LDAP_INVALID_URL;
|
||||
goto quit;
|
||||
}
|
||||
|
||||
rc = (*ldap_search_s)(server, ludp->lud_dn, ludp->lud_scope,
|
||||
ludp->lud_filter, ludp->lud_attrs, 0, &result);
|
||||
rc = ldap_search_s(server, ludp->lud_dn, ludp->lud_scope,
|
||||
ludp->lud_filter, ludp->lud_attrs, 0, &result);
|
||||
|
||||
if (rc != 0 && rc != LDAP_SIZELIMIT_EXCEEDED) {
|
||||
failf(data, "LDAP remote: %s", (*ldap_err2string)(rc));
|
||||
failf(data, "LDAP remote: %s", ldap_err2string(rc));
|
||||
status = CURLE_LDAP_SEARCH_FAILED;
|
||||
goto quit;
|
||||
}
|
||||
|
||||
for(num = 0, entryIterator = (*ldap_first_entry)(server, result);
|
||||
for(num = 0, entryIterator = ldap_first_entry(server, result);
|
||||
entryIterator;
|
||||
entryIterator = (*ldap_next_entry)(server, entryIterator), num++)
|
||||
entryIterator = ldap_next_entry(server, entryIterator), num++)
|
||||
{
|
||||
void *ber = NULL; /*! is really 'BerElement **' */
|
||||
void *attribute; /*! suspicious that this isn't 'const' */
|
||||
char *dn = (*ldap_get_dn)(server, entryIterator);
|
||||
BerElement *ber = NULL;
|
||||
char *attribute; /*! suspicious that this isn't 'const' */
|
||||
char *dn = ldap_get_dn(server, entryIterator);
|
||||
int i;
|
||||
|
||||
Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"DN: ", 4);
|
||||
Curl_client_write(conn, CLIENTWRITE_BODY, (char *)dn, 0);
|
||||
Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"\n", 1);
|
||||
|
||||
for (attribute = (*ldap_first_attribute)(server, entryIterator, &ber);
|
||||
for (attribute = ldap_first_attribute(server, entryIterator, &ber);
|
||||
attribute;
|
||||
attribute = (*ldap_next_attribute)(server, entryIterator, ber))
|
||||
attribute = ldap_next_attribute(server, entryIterator, ber))
|
||||
{
|
||||
struct bv **vals = (struct bv **)
|
||||
(*ldap_get_values_len)(server, entryIterator, attribute);
|
||||
BerValue **vals = ldap_get_values_len(server, entryIterator, attribute);
|
||||
|
||||
if (vals != NULL)
|
||||
{
|
||||
@@ -416,15 +230,15 @@ CURLcode Curl_ldap(struct connectdata *conn, bool *done)
|
||||
}
|
||||
|
||||
/* Free memory used to store values */
|
||||
(*ldap_value_free_len)((void **)vals);
|
||||
ldap_value_free_len(vals);
|
||||
}
|
||||
Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"\n", 1);
|
||||
|
||||
(*ldap_memfree)(attribute);
|
||||
ldap_memfree(attribute);
|
||||
}
|
||||
(*ldap_memfree)(dn);
|
||||
ldap_memfree(dn);
|
||||
if (ber)
|
||||
(*ber_free)(ber, 0);
|
||||
ber_free(ber, 0);
|
||||
}
|
||||
|
||||
quit:
|
||||
@@ -432,11 +246,9 @@ quit:
|
||||
if (rc == LDAP_SIZELIMIT_EXCEEDED)
|
||||
infof(data, "There are more than %d entries\n", num);
|
||||
if (ludp)
|
||||
(*ldap_free_urldesc)(ludp);
|
||||
ldap_free_urldesc(ludp);
|
||||
if (server)
|
||||
(*ldap_unbind_s)(server);
|
||||
|
||||
DynaClose();
|
||||
ldap_unbind_s(server);
|
||||
|
||||
/* no data to transfer */
|
||||
Curl_setup_transfer(conn, -1, -1, FALSE, NULL, -1, NULL);
|
||||
@@ -464,7 +276,8 @@ static void _ldap_trace (const char *fmt, ...)
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef WIN32
|
||||
#ifndef HAVE_LDAP_URL_PARSE
|
||||
|
||||
/*
|
||||
* Return scope-value for a scope-string.
|
||||
*/
|
||||
@@ -697,5 +510,5 @@ static void _ldap_free_urldesc (LDAPURLDesc *ludp)
|
||||
}
|
||||
free (ludp);
|
||||
}
|
||||
#endif /* WIN32 */
|
||||
#endif /* HAVE_LDAP_URL_PARSE */
|
||||
#endif /* CURL_DISABLE_LDAP */
|
||||
|
||||
Reference in New Issue
Block a user