diff options
Diffstat (limited to 'ldap/apr_ldap_url.c')
-rw-r--r-- | ldap/apr_ldap_url.c | 694 |
1 files changed, 0 insertions, 694 deletions
diff --git a/ldap/apr_ldap_url.c b/ldap/apr_ldap_url.c deleted file mode 100644 index 52e37b25..00000000 --- a/ldap/apr_ldap_url.c +++ /dev/null @@ -1,694 +0,0 @@ -/* Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/* Portions Copyright 1998-2002 The OpenLDAP Foundation - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted only as authorized by the OpenLDAP - * Public License. A copy of this license is available at - * http://www.OpenLDAP.org/license.html or in file LICENSE in the - * top-level directory of the distribution. - * - * OpenLDAP is a registered trademark of the OpenLDAP Foundation. - * - * Individual files and/or contributed packages may be copyright by - * other parties and subject to additional restrictions. - * - * This work is derived from the University of Michigan LDAP v3.3 - * distribution. Information concerning this software is available - * at: http://www.umich.edu/~dirsvcs/ldap/ - * - * This work also contains materials derived from public sources. - * - * Additional information about OpenLDAP can be obtained at: - * http://www.openldap.org/ - */ - -/* - * Portions Copyright (c) 1992-1996 Regents of the University of Michigan. - * All rights reserved. - * - * Redistribution and use in source and binary forms are permitted - * provided that this notice is preserved and that due credit is given - * to the University of Michigan at Ann Arbor. The name of the University - * may not be used to endorse or promote products derived from this - * software without specific prior written permission. This software - * is provided ``as is'' without express or implied warranty. - */ - -/* apr_ldap_url.c -- LDAP URL (RFC 2255) related routines - * - * Win32 and perhaps other non-OpenLDAP based ldap libraries may be - * missing ldap_url_* APIs. We focus here on the one significant - * aspect, which is parsing. We have [for the time being] omitted - * the ldap_url_search APIs. - * - * LDAP URLs look like this: - * ldap[is]://host:port[/[dn[?[attributes][?[scope][?[filter][?exts]]]]]] - * - * where: - * attributes is a comma separated list - * scope is one of these three strings: base one sub (default=base) - * filter is an string-represented filter as in RFC 2254 - * - * e.g., ldap://host:port/dc=com?o,cn?base?o=openldap?extension - * - * Tolerates URLs that look like: <ldapurl> and <URL:ldapurl> - */ - -#include "apu.h" -#include "apr_pools.h" -#include "apr_general.h" -#include "apr_strings.h" -#include "apr_ldap.h" - -#if APR_HAS_LDAP - -#if APR_HAVE_STDLIB_H -#include <stdlib.h> -#endif - -#ifndef LDAPS_PORT -#define LDAPS_PORT 636 /* ldaps:/// default LDAP over TLS port */ -#endif - -#define APR_LDAP_URL_PREFIX "ldap://" -#define APR_LDAP_URL_PREFIX_LEN (sizeof(APR_LDAP_URL_PREFIX)-1) -#define APR_LDAPS_URL_PREFIX "ldaps://" -#define APR_LDAPS_URL_PREFIX_LEN (sizeof(APR_LDAPS_URL_PREFIX)-1) -#define APR_LDAPI_URL_PREFIX "ldapi://" -#define APR_LDAPI_URL_PREFIX_LEN (sizeof(APR_LDAPI_URL_PREFIX)-1) -#define APR_LDAP_URL_URLCOLON "URL:" -#define APR_LDAP_URL_URLCOLON_LEN (sizeof(APR_LDAP_URL_URLCOLON)-1) - - -/* local functions */ -static const char* skip_url_prefix(const char *url, - int *enclosedp, - const char **scheme); - -static void apr_ldap_pvt_hex_unescape(char *s); - -static int apr_ldap_pvt_unhex(int c); - -static char **apr_ldap_str2charray(apr_pool_t *pool, - const char *str, - const char *brkstr); - - -/** - * Is this URL an ldap url? - * - */ -APU_DECLARE(int) apr_ldap_is_ldap_url(const char *url) -{ - int enclosed; - const char * scheme; - - if( url == NULL ) { - return 0; - } - - if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) { - return 0; - } - - return 1; -} - -/** - * Is this URL a secure ldap url? - * - */ -APU_DECLARE(int) apr_ldap_is_ldaps_url(const char *url) -{ - int enclosed; - const char * scheme; - - if( url == NULL ) { - return 0; - } - - if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) { - return 0; - } - - return strcmp(scheme, "ldaps") == 0; -} - -/** - * Is this URL an ldap socket url? - * - */ -APU_DECLARE(int) apr_ldap_is_ldapi_url(const char *url) -{ - int enclosed; - const char * scheme; - - if( url == NULL ) { - return 0; - } - - if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) { - return 0; - } - - return strcmp(scheme, "ldapi") == 0; -} - - -static const char *skip_url_prefix(const char *url, int *enclosedp, - const char **scheme) -{ - /* - * return non-zero if this looks like a LDAP URL; zero if not - * if non-zero returned, *urlp will be moved past "ldap://" part of URL - */ - const char *p; - - if ( url == NULL ) { - return( NULL ); - } - - p = url; - - /* skip leading '<' (if any) */ - if ( *p == '<' ) { - *enclosedp = 1; - ++p; - } else { - *enclosedp = 0; - } - - /* skip leading "URL:" (if any) */ - if ( strncasecmp( p, APR_LDAP_URL_URLCOLON, APR_LDAP_URL_URLCOLON_LEN ) == 0 ) { - p += APR_LDAP_URL_URLCOLON_LEN; - } - - /* check for "ldap://" prefix */ - if ( strncasecmp( p, APR_LDAP_URL_PREFIX, APR_LDAP_URL_PREFIX_LEN ) == 0 ) { - /* skip over "ldap://" prefix and return success */ - p += APR_LDAP_URL_PREFIX_LEN; - *scheme = "ldap"; - return( p ); - } - - /* check for "ldaps://" prefix */ - if ( strncasecmp( p, APR_LDAPS_URL_PREFIX, APR_LDAPS_URL_PREFIX_LEN ) == 0 ) { - /* skip over "ldaps://" prefix and return success */ - p += APR_LDAPS_URL_PREFIX_LEN; - *scheme = "ldaps"; - return( p ); - } - - /* check for "ldapi://" prefix */ - if ( strncasecmp( p, APR_LDAPI_URL_PREFIX, APR_LDAPI_URL_PREFIX_LEN ) == 0 ) { - /* skip over "ldapi://" prefix and return success */ - p += APR_LDAPI_URL_PREFIX_LEN; - *scheme = "ldapi"; - return( p ); - } - - return( NULL ); -} - - -static int str2scope(const char *p) -{ - if ( strcasecmp( p, "one" ) == 0 ) { - return LDAP_SCOPE_ONELEVEL; - - } else if ( strcasecmp( p, "onetree" ) == 0 ) { - return LDAP_SCOPE_ONELEVEL; - - } else if ( strcasecmp( p, "base" ) == 0 ) { - return LDAP_SCOPE_BASE; - - } else if ( strcasecmp( p, "sub" ) == 0 ) { - return LDAP_SCOPE_SUBTREE; - - } else if ( strcasecmp( p, "subtree" ) == 0 ) { - return LDAP_SCOPE_SUBTREE; - } - - return( -1 ); -} - - -/** - * Parse the URL provided into an apr_ldap_url_desc_t object. - * - * APR_SUCCESS is returned on success, APR_EGENERAL on failure. - * The LDAP result code and reason string is returned in the - * apr_ldap_err_t structure. - */ -APU_DECLARE(int) apr_ldap_url_parse_ext(apr_pool_t *pool, - const char *url_in, - apr_ldap_url_desc_t **ludpp, - apr_ldap_err_t **result_err) -{ - apr_ldap_url_desc_t *ludp; - char *p, *q, *r; - int i, enclosed; - const char *scheme = NULL; - const char *url_tmp; - char *url; - - apr_ldap_err_t *result = (apr_ldap_err_t *)apr_pcalloc(pool, sizeof(apr_ldap_err_t)); - *result_err = result; - - /* sanity check our parameters */ - if( url_in == NULL || ludpp == NULL ) { - result->reason = "Either the LDAP URL, or the URL structure was NULL. Oops."; - result->rc = APR_LDAP_URL_ERR_PARAM; - return APR_EGENERAL; - } - - *ludpp = NULL; /* pessimistic */ - - url_tmp = skip_url_prefix( url_in, &enclosed, &scheme ); - if ( url_tmp == NULL ) { - result->reason = "The scheme was not recognised as a valid LDAP URL scheme."; - result->rc = APR_LDAP_URL_ERR_BADSCHEME; - return APR_EGENERAL; - } - - /* make working copy of the remainder of the URL */ - url = (char *)apr_pstrdup(pool, url_tmp); - if ( url == NULL ) { - result->reason = "Out of memory parsing LDAP URL."; - result->rc = APR_LDAP_URL_ERR_MEM; - return APR_EGENERAL; - } - - if ( enclosed ) { - p = &url[strlen(url)-1]; - - if( *p != '>' ) { - result->reason = "Bad enclosure error while parsing LDAP URL."; - result->rc = APR_LDAP_URL_ERR_BADENCLOSURE; - return APR_EGENERAL; - } - - *p = '\0'; - } - - /* allocate return struct */ - ludp = (apr_ldap_url_desc_t *)apr_pcalloc(pool, sizeof(apr_ldap_url_desc_t)); - if ( ludp == NULL ) { - result->reason = "Out of memory parsing LDAP URL."; - result->rc = APR_LDAP_URL_ERR_MEM; - return APR_EGENERAL; - } - - ludp->lud_next = NULL; - ludp->lud_host = NULL; - ludp->lud_port = LDAP_PORT; - ludp->lud_dn = NULL; - ludp->lud_attrs = NULL; - ludp->lud_filter = NULL; - ludp->lud_scope = -1; - ludp->lud_filter = NULL; - ludp->lud_exts = NULL; - - ludp->lud_scheme = (char *)apr_pstrdup(pool, scheme); - if ( ludp->lud_scheme == NULL ) { - result->reason = "Out of memory parsing LDAP URL."; - result->rc = APR_LDAP_URL_ERR_MEM; - return APR_EGENERAL; - } - - if( strcasecmp( ludp->lud_scheme, "ldaps" ) == 0 ) { - ludp->lud_port = LDAPS_PORT; - } - - /* scan forward for '/' that marks end of hostport and begin. of dn */ - p = strchr( url, '/' ); - - if( p != NULL ) { - /* terminate hostport; point to start of dn */ - *p++ = '\0'; - } - - /* IPv6 syntax with [ip address]:port */ - if ( *url == '[' ) { - r = strchr( url, ']' ); - if ( r == NULL ) { - result->reason = "Bad LDAP URL while parsing IPV6 syntax."; - result->rc = APR_LDAP_URL_ERR_BADURL; - return APR_EGENERAL; - } - *r++ = '\0'; - q = strrchr( r, ':' ); - } else { - q = strrchr( url, ':' ); - } - - if ( q != NULL ) { - apr_ldap_pvt_hex_unescape( ++q ); - - if( *q == '\0' ) { - result->reason = "Bad LDAP URL while parsing."; - result->rc = APR_LDAP_URL_ERR_BADURL; - return APR_EGENERAL; - } - - ludp->lud_port = atoi( q ); - } - - apr_ldap_pvt_hex_unescape( url ); - - /* If [ip address]:port syntax, url is [ip and we skip the [ */ - ludp->lud_host = (char *)apr_pstrdup(pool, url + ( *url == '[' )); - if( ludp->lud_host == NULL ) { - result->reason = "Out of memory parsing LDAP URL."; - result->rc = APR_LDAP_URL_ERR_MEM; - return APR_EGENERAL; - } - - /* - * Kludge. ldap://111.222.333.444:389??cn=abc,o=company - * - * On early Novell releases, search references/referrals were returned - * in this format, i.e., the dn was kind of in the scope position, - * but the required slash is missing. The whole thing is illegal syntax, - * but we need to account for it. Fortunately it can't be confused with - * anything real. - */ - if( (p == NULL) && (q != NULL) && ((q = strchr( q, '?')) != NULL)) { - q++; - /* ? immediately followed by question */ - if( *q == '?') { - q++; - if( *q != '\0' ) { - /* parse dn part */ - apr_ldap_pvt_hex_unescape( q ); - ludp->lud_dn = (char *)apr_pstrdup(pool, q); - } else { - ludp->lud_dn = (char *)apr_pstrdup(pool, ""); - } - - if( ludp->lud_dn == NULL ) { - result->reason = "Out of memory parsing LDAP URL."; - result->rc = APR_LDAP_URL_ERR_MEM; - return APR_EGENERAL; - } - } - } - - if( p == NULL ) { - *ludpp = ludp; - return APR_SUCCESS; - } - - /* scan forward for '?' that may marks end of dn */ - q = strchr( p, '?' ); - - if( q != NULL ) { - /* terminate dn part */ - *q++ = '\0'; - } - - if( *p != '\0' ) { - /* parse dn part */ - apr_ldap_pvt_hex_unescape( p ); - ludp->lud_dn = (char *)apr_pstrdup(pool, p); - } else { - ludp->lud_dn = (char *)apr_pstrdup(pool, ""); - } - - if( ludp->lud_dn == NULL ) { - result->reason = "Out of memory parsing LDAP URL."; - result->rc = APR_LDAP_URL_ERR_MEM; - return APR_EGENERAL; - } - - if( q == NULL ) { - /* no more */ - *ludpp = ludp; - return APR_SUCCESS; - } - - /* scan forward for '?' that may marks end of attributes */ - p = q; - q = strchr( p, '?' ); - - if( q != NULL ) { - /* terminate attributes part */ - *q++ = '\0'; - } - - if( *p != '\0' ) { - /* parse attributes */ - apr_ldap_pvt_hex_unescape( p ); - ludp->lud_attrs = apr_ldap_str2charray(pool, p, ","); - - if( ludp->lud_attrs == NULL ) { - result->reason = "Bad attributes encountered while parsing LDAP URL."; - result->rc = APR_LDAP_URL_ERR_BADATTRS; - return APR_EGENERAL; - } - } - - if ( q == NULL ) { - /* no more */ - *ludpp = ludp; - return APR_SUCCESS; - } - - /* scan forward for '?' that may marks end of scope */ - p = q; - q = strchr( p, '?' ); - - if( q != NULL ) { - /* terminate the scope part */ - *q++ = '\0'; - } - - if( *p != '\0' ) { - /* parse the scope */ - apr_ldap_pvt_hex_unescape( p ); - ludp->lud_scope = str2scope( p ); - - if( ludp->lud_scope == -1 ) { - result->reason = "Bad scope encountered while parsing LDAP URL."; - result->rc = APR_LDAP_URL_ERR_BADSCOPE; - return APR_EGENERAL; - } - } - - if ( q == NULL ) { - /* no more */ - *ludpp = ludp; - return APR_SUCCESS; - } - - /* scan forward for '?' that may marks end of filter */ - p = q; - q = strchr( p, '?' ); - - if( q != NULL ) { - /* terminate the filter part */ - *q++ = '\0'; - } - - if( *p != '\0' ) { - /* parse the filter */ - apr_ldap_pvt_hex_unescape( p ); - - if( ! *p ) { - /* missing filter */ - result->reason = "Bad filter encountered while parsing LDAP URL."; - result->rc = APR_LDAP_URL_ERR_BADFILTER; - return APR_EGENERAL; - } - - ludp->lud_filter = (char *)apr_pstrdup(pool, p); - if( ludp->lud_filter == NULL ) { - result->reason = "Out of memory parsing LDAP URL."; - result->rc = APR_LDAP_URL_ERR_MEM; - return APR_EGENERAL; - } - } - - if ( q == NULL ) { - /* no more */ - *ludpp = ludp; - return APR_SUCCESS; - } - - /* scan forward for '?' that may marks end of extensions */ - p = q; - q = strchr( p, '?' ); - - if( q != NULL ) { - /* extra '?' */ - result->reason = "Bad URL encountered while parsing LDAP URL."; - result->rc = APR_LDAP_URL_ERR_BADURL; - return APR_EGENERAL; - } - - /* parse the extensions */ - ludp->lud_exts = apr_ldap_str2charray(pool, p, ","); - if( ludp->lud_exts == NULL ) { - result->reason = "Bad extensions encountered while parsing LDAP URL."; - result->rc = APR_LDAP_URL_ERR_BADEXTS; - return APR_EGENERAL; - } - - for( i=0; ludp->lud_exts[i] != NULL; i++ ) { - apr_ldap_pvt_hex_unescape( ludp->lud_exts[i] ); - - if( *ludp->lud_exts[i] == '!' ) { - /* count the number of critical extensions */ - ludp->lud_crit_exts++; - } - } - - if( i == 0 ) { - /* must have 1 or more */ - result->reason = "Bad extensions encountered while parsing LDAP URL."; - result->rc = APR_LDAP_URL_ERR_BADEXTS; - return APR_EGENERAL; - } - - /* no more */ - *ludpp = ludp; - return APR_SUCCESS; -} - - -/** - * Parse the URL provided into an apr_ldap_url_desc_t object. - * - * APR_SUCCESS is returned on success, APR_EGENERAL on failure. - * The LDAP result code and reason string is returned in the - * apr_ldap_err_t structure. - */ -APU_DECLARE(int) apr_ldap_url_parse(apr_pool_t *pool, - const char *url_in, - apr_ldap_url_desc_t **ludpp, - apr_ldap_err_t **result_err) -{ - - int rc = apr_ldap_url_parse_ext(pool, url_in, ludpp, result_err); - if( rc != APR_SUCCESS ) { - return rc; - } - - if ((*ludpp)->lud_scope == -1) { - (*ludpp)->lud_scope = LDAP_SCOPE_BASE; - } - - if ((*ludpp)->lud_host != NULL && *(*ludpp)->lud_host == '\0') { - (*ludpp)->lud_host = NULL; - } - - return rc; - -} - - -static void apr_ldap_pvt_hex_unescape(char *s) -{ - /* - * Remove URL hex escapes from s... done in place. The basic concept for - * this routine is borrowed from the WWW library HTUnEscape() routine. - */ - char *p; - - for ( p = s; *s != '\0'; ++s ) { - if ( *s == '%' ) { - if ( *++s == '\0' ) { - break; - } - *p = apr_ldap_pvt_unhex( *s ) << 4; - if ( *++s == '\0' ) { - break; - } - *p++ += apr_ldap_pvt_unhex( *s ); - } else { - *p++ = *s; - } - } - - *p = '\0'; -} - - -static int apr_ldap_pvt_unhex(int c) -{ - return( c >= '0' && c <= '9' ? c - '0' - : c >= 'A' && c <= 'F' ? c - 'A' + 10 - : c - 'a' + 10 ); -} - - -/** - * Convert a string to a character array - */ -static char **apr_ldap_str2charray(apr_pool_t *pool, - const char *str_in, - const char *brkstr) -{ - char **res; - char *str, *s; - char *lasts; - int i; - - /* protect the input string from strtok */ - str = (char *)apr_pstrdup(pool, str_in); - if( str == NULL ) { - return NULL; - } - - i = 1; - for ( s = str; *s; s++ ) { - /* Warning: this strchr was previously ldap_utf8_strchr(), check - * whether this particular code has any charset issues. - */ - if ( strchr( brkstr, *s ) != NULL ) { - i++; - } - } - - res = (char **) apr_pcalloc(pool, (i + 1) * sizeof(char *)); - if( res == NULL ) { - return NULL; - } - - i = 0; - - for ( s = (char *)apr_strtok( str, brkstr, &lasts ); - s != NULL; - s = (char *)apr_strtok( NULL, brkstr, &lasts ) ) { - - res[i] = (char *)apr_pstrdup(pool, s); - if(res[i] == NULL) { - return NULL; - } - - i++; - } - - res[i] = NULL; - - return( res ); - -} - -#endif /* APR_HAS_LDAP */ |