diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 06:30:05 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 06:30:05 +0000 |
commit | a1e354165254cd9e346751e6c2ddc554feeb0e6d (patch) | |
tree | 5fd273cc604fd00efd630eb387a6f79ce102f4e3 /ldap | |
parent | Initial commit. (diff) | |
download | apr-util-a1e354165254cd9e346751e6c2ddc554feeb0e6d.tar.xz apr-util-a1e354165254cd9e346751e6c2ddc554feeb0e6d.zip |
Adding upstream version 1.6.3.upstream/1.6.3upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'ldap')
-rw-r--r-- | ldap/NWGNUmakefile | 263 | ||||
-rw-r--r-- | ldap/apr_ldap.dep | 37 | ||||
-rw-r--r-- | ldap/apr_ldap.dsp | 227 | ||||
-rw-r--r-- | ldap/apr_ldap.mak | 620 | ||||
-rw-r--r-- | ldap/apr_ldap_init.c | 235 | ||||
-rw-r--r-- | ldap/apr_ldap_option.c | 652 | ||||
-rw-r--r-- | ldap/apr_ldap_rebind.c | 377 | ||||
-rw-r--r-- | ldap/apr_ldap_stub.c | 145 | ||||
-rw-r--r-- | ldap/apr_ldap_url.c | 694 |
9 files changed, 3250 insertions, 0 deletions
diff --git a/ldap/NWGNUmakefile b/ldap/NWGNUmakefile new file mode 100644 index 0000000..06260d1 --- /dev/null +++ b/ldap/NWGNUmakefile @@ -0,0 +1,263 @@ +# +# Declare the sub-directories to be built here +# + +SUBDIRS = \ + $(EOLIST) + +# +# Get the 'head' of the build environment. This includes default targets and +# paths to tools +# + +include $(APR_WORK)/build/NWGNUhead.inc + +# +# build this level's files + +# +# Make sure all needed macro's are defined +# + +# +# These directories will be at the beginning of the include list, followed by +# INCDIRS +# +XINCDIRS += \ + $(APR)/include \ + $(APR)/include/arch/NetWare \ + $(APU)/include \ + $(APU)/include/private \ + $(LDAPSDK)/inc \ + $(EOLIST) + +# +# These flags will come after CFLAGS +# +XCFLAGS += \ + $(EOLIST) + +# +# These defines will come after DEFINES +# +XDEFINES += \ + $(EOLIST) + +# +#LDAP client requires the use of Winsock +# +ifdef USE_STDSOCKETS +XDEFINES += -DUSE_WINSOCK \ + $(EOLIST) +endif + +# +# These flags will be added to the link.opt file +# +XLFLAGS += \ + $(EOLIST) + +# +# These values will be appended to the correct variables based on the value of +# RELEASE +# +ifeq "$(RELEASE)" "debug" +XINCDIRS += \ + $(EOLIST) + +XCFLAGS += \ + $(EOLIST) + +XDEFINES += \ + $(EOLIST) + +XLFLAGS += \ + $(EOLIST) +endif + +ifeq "$(RELEASE)" "noopt" +XINCDIRS += \ + $(EOLIST) + +XCFLAGS += \ + $(EOLIST) + +XDEFINES += \ + $(EOLIST) + +XLFLAGS += \ + $(EOLIST) +endif + +ifeq "$(RELEASE)" "release" +XINCDIRS += \ + $(EOLIST) + +XCFLAGS += \ + $(EOLIST) + +XDEFINES += \ + $(EOLIST) + +XLFLAGS += \ + $(EOLIST) +endif + +# +# These are used by the link target if an NLM is being generated +# This is used by the link 'name' directive to name the nlm. If left blank +# TARGET_nlm (see below) will be used. +# +NLM_NAME = + +# +# This is used by the link '-desc ' directive. +# If left blank, NLM_NAME will be used. +# +NLM_DESCRIPTION = + +# +# This is used by the '-threadname' directive. If left blank, +# NLM_NAME Thread will be used. +# +NLM_THREAD_NAME = +# +# If this is specified, it will override VERSION value in +# $(APR_WORK)/build/NWGNUenvironment.inc +# +NLM_VERSION = + +# +# If this is specified, it will override the default of 64K +# +NLM_STACK_SIZE = + +# +# If this is specified it will be used by the link '-entry' directive +# +NLM_ENTRY_SYM = + +# +# If this is specified it will be used by the link '-exit' directive +# +NLM_EXIT_SYM = + +# +# If this is specified it will be used by the link '-check' directive +# +NLM_CHECK_SYM = + +# +# If this is specified it will be used by the link '-flags' directive +# +NLM_FLAGS = + +# +# If this is specified it will be linked in with the XDCData option in the def +# file instead of the default of $(APR)/misc/netware/apache.xdc. XDCData can +# be disabled by setting APACHE_UNIPROC in the environment +# +XDCDATA = + +# +# Declare all target files (you must add your files here) +# + +# +# If there is an NLM target, put it here +# +TARGET_nlm = \ + $(EOLIST) + +# +# If there is an LIB target, put it here +# +TARGET_lib = \ + $(OBJDIR)/apuldap.lib \ + $(EOLIST) + +# +# These are the OBJ files needed to create the NLM target above. +# Paths must all use the '/' character +# +FILES_nlm_objs = \ + $(EOLIST) + +# +# These are the LIB files needed to create the NLM target above. +# These will be added as a library command in the link.opt file. +# +FILES_nlm_libs = \ + $(EOLIST) + +# +# These are the modules that the above NLM target depends on to load. +# These will be added as a module command in the link.opt file. +# +FILES_nlm_modules = \ + $(EOLIST) + +# +# If the nlm has a msg file, put it's path here +# +FILE_nlm_msg = + +# +# If the nlm has a hlp file put it's path here +# +FILE_nlm_hlp = + +# +# If this is specified, it will override the default copyright. +# +FILE_nlm_copyright = + +# +# Any additional imports go here +# +FILES_nlm_Ximports = \ + $(EOLIST) + +# +# Any symbols exported to here +# +FILES_nlm_exports = \ + $(EOLIST) + +# +# These are the OBJ files needed to create the LIB target above. +# Paths must all use the '/' character +# +FILES_lib_objs = \ + $(OBJDIR)/apr_ldap_init.o \ + $(OBJDIR)/apr_ldap_option.o \ + $(OBJDIR)/apr_ldap_url.o \ + $(OBJDIR)/apr_ldap_rebind.o \ + $(OBJDIR)/apr_ldap_stub.o \ + $(EOLIST) + +# +# implement targets and dependancies (leave this section alone) +# + +libs :: $(OBJDIR) $(TARGET_lib) + +nlms :: libs $(TARGET_nlm) + +# +# Updated this target to create necessary directories and copy files to the +# correct place. (See $(APR_WORK)/build/NWGNUhead.inc for examples) +# +install :: nlms FORCE + +# +# Any specialized rules here +# + +# +# Include the 'tail' makefile that has targets that depend on variables defined +# in this makefile +# + +include $(APRBUILD)/NWGNUtail.inc + diff --git a/ldap/apr_ldap.dep b/ldap/apr_ldap.dep new file mode 100644 index 0000000..56cab56 --- /dev/null +++ b/ldap/apr_ldap.dep @@ -0,0 +1,37 @@ +# Microsoft Developer Studio Generated Dependency File, included by apr_ldap.mak
+
+.\apr_ldap_init.c : \
+ "..\include\apr_ldap.h"\
+ "..\include\apr_ldap_init.h"\
+ "..\include\apr_ldap_option.h"\
+ "..\include\apr_ldap_rebind.h"\
+ "..\include\apr_ldap_url.h"\
+ "..\include\apu.h"\
+ "..\include\private\apu_config.h"\
+ "..\include\private\apu_internal.h"\
+
+
+.\apr_ldap_option.c : \
+ "..\include\apr_ldap.h"\
+ "..\include\apr_ldap_init.h"\
+ "..\include\apr_ldap_option.h"\
+ "..\include\apr_ldap_rebind.h"\
+ "..\include\apr_ldap_url.h"\
+ "..\include\apu.h"\
+ "..\include\private\apu_config.h"\
+
+
+.\apr_ldap_rebind.c : \
+ "..\include\apr_ldap.h"\
+ "..\include\apr_ldap_init.h"\
+ "..\include\apr_ldap_option.h"\
+ "..\include\apr_ldap_rebind.h"\
+ "..\include\apr_ldap_url.h"\
+ "..\include\apu.h"\
+ "..\include\private\apu_config.h"\
+
+
+..\libaprutil.rc : \
+ "..\include\apu.h"\
+ "..\include\apu_version.h"\
+
diff --git a/ldap/apr_ldap.dsp b/ldap/apr_ldap.dsp new file mode 100644 index 0000000..095e3af --- /dev/null +++ b/ldap/apr_ldap.dsp @@ -0,0 +1,227 @@ +# Microsoft Developer Studio Project File - Name="apr_ldap" - Package Owner=<4> +# Microsoft Developer Studio Generated Build File, Format Version 6.00 +# ** DO NOT EDIT ** + +# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 + +CFG=apr_ldap - Win32 Release +!MESSAGE This is not a valid makefile. To build this project using NMAKE, +!MESSAGE use the Export Makefile command and run +!MESSAGE +!MESSAGE NMAKE /f "apr_ldap.mak". +!MESSAGE +!MESSAGE You can specify a configuration when running NMAKE +!MESSAGE by defining the macro CFG on the command line. For example: +!MESSAGE +!MESSAGE NMAKE /f "apr_ldap.mak" CFG="apr_ldap - Win32 Release" +!MESSAGE +!MESSAGE Possible choices for configuration are: +!MESSAGE +!MESSAGE "apr_ldap - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE "apr_ldap - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE "apr_ldap - x64 Release" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE "apr_ldap - x64 Debug" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE + +# Begin Project +# PROP AllowPerConfigDependencies 0 +# PROP Scc_ProjName "" +# PROP Scc_LocalPath "" +CPP=cl.exe +MTL=midl.exe +RSC=rc.exe + +!IF "$(CFG)" == "apr_ldap - Win32 Release" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 0 +# PROP BASE Output_Dir "Release" +# PROP BASE Intermediate_Dir "Release" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 0 +# PROP Output_Dir "Release" +# PROP Intermediate_Dir "Release" +# PROP Ignore_Export_Lib 0 +# PROP Target_Dir "" +# ADD BASE CPP /nologo /MD /W3 /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /FD /c +# ADD CPP /nologo /MD /W3 /Zi /O2 /Oy- /I "../include" /I "../../apr/include" /I "../include/private" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /Fo"$(INTDIR)\" /Fd"$(INTDIR)\apr_ldap_src" /FD /c +# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /o /win32 "NUL" +# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /o /win32 "NUL" +# ADD BASE RSC /l 0x409 /d "NDEBUG" +# ADD RSC /l 0x409 /fo"Release/apr_ldap-1.res" /d DLL_NAME="apr_ldap" /d "NDEBUG" /d "APU_VERSION_ONLY" /I "../include" /I "../../apr/include" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib ole32.lib /nologo /base:"0x6EEB0000" /subsystem:windows /dll /incremental:no /debug /opt:ref +# ADD LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib ole32.lib /nologo /base:"0x6EEB0000" /subsystem:windows /dll /incremental:no /debug /out:"Release\apr_ldap-1.dll" /pdb:"Release\apr_ldap-1.pdb" /implib:"Release\apr_ldap-1.lib" /MACHINE:X86 /opt:ref +# Begin Special Build Tool +TargetPath=Release\apr_ldap-1.dll +SOURCE="$(InputPath)" +PostBuild_Desc=Embed .manifest +PostBuild_Cmds=if exist $(TargetPath).manifest mt.exe -manifest $(TargetPath).manifest -outputresource:$(TargetPath);2 +# End Special Build Tool + +!ELSEIF "$(CFG)" == "apr_ldap - Win32 Debug" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 1 +# PROP BASE Output_Dir "Debug" +# PROP BASE Intermediate_Dir "Debug" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 1 +# PROP Output_Dir "Debug" +# PROP Intermediate_Dir "Debug" +# PROP Ignore_Export_Lib 0 +# PROP Target_Dir "" +# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /FD /EHsc /c +# ADD CPP /nologo /MDd /W3 /Zi /Od /I "../include" /I "../../apr/include" /I "../include/private" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /Fo"$(INTDIR)\" /Fd"$(INTDIR)\apr_ldap_src" /FD /EHsc /c +# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /o /win32 "NUL" +# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /o /win32 "NUL" +# ADD BASE RSC /l 0x409 /d "_DEBUG" +# ADD RSC /l 0x409 /fo"Debug/apr_ldap-1.res" /d DLL_NAME="apr_ldap" /d "_DEBUG" /d "APU_VERSION_ONLY" /I "../include" /I "../../apr/include" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib ole32.lib /nologo /base:"0x6EEB0000" /subsystem:windows /dll /incremental:no /debug +# ADD LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib ole32.lib /nologo /base:"0x6EEB0000" /subsystem:windows /dll /incremental:no /debug /out:"Debug\apr_ldap-1.dll" /pdb:"Debug\apr_ldap-1.pdb" /implib:"Debug\apr_ldap-1.lib" /MACHINE:X86 +# Begin Special Build Tool +TargetPath=Debug\apr_ldap-1.dll +SOURCE="$(InputPath)" +PostBuild_Desc=Embed .manifest +PostBuild_Cmds=if exist $(TargetPath).manifest mt.exe -manifest $(TargetPath).manifest -outputresource:$(TargetPath);2 +# End Special Build Tool + +!ELSEIF "$(CFG)" == "apr_ldap - x64 Release" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 0 +# PROP BASE Output_Dir "x64\Release" +# PROP BASE Intermediate_Dir "x64\Release" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 0 +# PROP Output_Dir "x64\Release" +# PROP Intermediate_Dir "x64\Release" +# PROP Ignore_Export_Lib 0 +# PROP Target_Dir "" +# ADD BASE CPP /nologo /MD /W3 /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /FD /c +# ADD CPP /nologo /MD /W3 /Zi /O2 /Oy- /I "../include" /I "../../apr/include" /I "../include/private" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /Fo"$(INTDIR)\" /Fd"$(INTDIR)\apr_ldap_src" /FD /c +# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /o /win32 "NUL" +# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /o /win32 "NUL" +# ADD BASE RSC /l 0x409 /d "NDEBUG" +# ADD RSC /l 0x409 /fo"x64/Release/apr_ldap-1.res" /d DLL_NAME="apr_ldap" /d "NDEBUG" /d "APU_VERSION_ONLY" /I "../include" /I "../../apr/include" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib ole32.lib /nologo /base:"0x6EEB0000" /subsystem:windows /dll /incremental:no /debug /opt:ref +# ADD LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib ole32.lib /nologo /base:"0x6EEB0000" /subsystem:windows /dll /incremental:no /debug /out:"x64\Release\apr_ldap-1.dll" /pdb:"x64\Release\apr_ldap-1.pdb" /implib:"x64\Release\apr_ldap-1.lib" /MACHINE:X64 /opt:ref +# Begin Special Build Tool +TargetPath=x64\Release\apr_ldap-1.dll +SOURCE="$(InputPath)" +PostBuild_Desc=Embed .manifest +PostBuild_Cmds=if exist $(TargetPath).manifest mt.exe -manifest $(TargetPath).manifest -outputresource:$(TargetPath);2 +# End Special Build Tool + +!ELSEIF "$(CFG)" == "apr_ldap - x64 Debug" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 1 +# PROP BASE Output_Dir "x64\Debug" +# PROP BASE Intermediate_Dir "x64\Debug" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 1 +# PROP Output_Dir "x64\Debug" +# PROP Intermediate_Dir "x64\Debug" +# PROP Ignore_Export_Lib 0 +# PROP Target_Dir "" +# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /FD /EHsc /c +# ADD CPP /nologo /MDd /W3 /Zi /Od /I "../include" /I "../../apr/include" /I "../include/private" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /Fo"$(INTDIR)\" /Fd"$(INTDIR)\apr_ldap_src" /FD /EHsc /c +# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /o /win32 "NUL" +# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /o /win32 "NUL" +# ADD BASE RSC /l 0x409 /d "_DEBUG" +# ADD RSC /l 0x409 /fo"x64/Debug/apr_ldap-1.res" /d DLL_NAME="apr_ldap" /d "_DEBUG" /d "APU_VERSION_ONLY" /I "../include" /I "../../apr/include" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib ole32.lib /nologo /base:"0x6EEB0000" /subsystem:windows /dll /incremental:no /debug +# ADD LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib ole32.lib /nologo /base:"0x6EEB0000" /subsystem:windows /dll /incremental:no /debug /out:"x64\Debug\apr_ldap-1.dll" /pdb:"x64\Debug\apr_ldap-1.pdb" /implib:"x64\Debug\apr_ldap-1.lib" /MACHINE:X64 +# Begin Special Build Tool +TargetPath=x64\Debug\apr_ldap-1.dll +SOURCE="$(InputPath)" +PostBuild_Desc=Embed .manifest +PostBuild_Cmds=if exist $(TargetPath).manifest mt.exe -manifest $(TargetPath).manifest -outputresource:$(TargetPath);2 +# End Special Build Tool + +!ENDIF + +# Begin Target + +# Name "apr_ldap - Win32 Release" +# Name "apr_ldap - Win32 Debug" +# Name "apr_ldap - x64 Release" +# Name "apr_ldap - x64 Debug" +# Begin Group "Source Files" + +# PROP Default_Filter "" +# Begin Source File + +SOURCE=.\apr_ldap_init.c +# End Source File +# Begin Source File + +SOURCE=.\apr_ldap_option.c +# End Source File +# Begin Source File + +SOURCE=.\apr_ldap_rebind.c +# End Source File +# End Group +# Begin Group "Public Header Files" + +# PROP Default_Filter "" +# Begin Source File + +SOURCE=..\include\apr_ldap.h +# End Source File +# Begin Source File + +SOURCE=..\include\apr_ldap_init.h +# End Source File +# Begin Source File + +SOURCE=..\include\apr_ldap_option.h +# End Source File +# Begin Source File + +SOURCE=..\include\apr_ldap_rebind.h +# End Source File +# Begin Source File + +SOURCE=..\include\apr_ldap_url.h +# End Source File +# End Group +# Begin Group "Internal Header Files" + +# PROP Default_Filter "" +# Begin Source File + +SOURCE=..\include\private\apu_config.h +# End Source File +# Begin Source File + +SOURCE=..\include\private\apu_internal.h +# End Source File +# End Group +# Begin Source File + +SOURCE=..\libaprutil.rc +# End Source File +# End Target +# End Project diff --git a/ldap/apr_ldap.mak b/ldap/apr_ldap.mak new file mode 100644 index 0000000..040ca67 --- /dev/null +++ b/ldap/apr_ldap.mak @@ -0,0 +1,620 @@ +# Microsoft Developer Studio Generated NMAKE File, Based on apr_ldap.dsp
+!IF "$(CFG)" == ""
+CFG=apr_ldap - Win32 Release
+!MESSAGE No configuration specified. Defaulting to apr_ldap - Win32 Release.
+!ENDIF
+
+!IF "$(CFG)" != "apr_ldap - Win32 Release" && "$(CFG)" != "apr_ldap - Win32 Debug" && "$(CFG)" != "apr_ldap - x64 Release" && "$(CFG)" != "apr_ldap - x64 Debug"
+!MESSAGE Invalid configuration "$(CFG)" specified.
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE
+!MESSAGE NMAKE /f "apr_ldap.mak" CFG="apr_ldap - Win32 Release"
+!MESSAGE
+!MESSAGE Possible choices for configuration are:
+!MESSAGE
+!MESSAGE "apr_ldap - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library")
+!MESSAGE "apr_ldap - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library")
+!MESSAGE "apr_ldap - x64 Release" (based on "Win32 (x86) Dynamic-Link Library")
+!MESSAGE "apr_ldap - x64 Debug" (based on "Win32 (x86) Dynamic-Link Library")
+!MESSAGE
+!ERROR An invalid configuration is specified.
+!ENDIF
+
+!IF "$(OS)" == "Windows_NT"
+NULL=
+!ELSE
+NULL=nul
+!ENDIF
+
+!IF "$(CFG)" == "apr_ldap - Win32 Release"
+
+OUTDIR=.\Release
+INTDIR=.\Release
+DS_POSTBUILD_DEP=$(INTDIR)\postbld.dep
+# Begin Custom Macros
+OutDir=.\Release
+# End Custom Macros
+
+!IF "$(RECURSE)" == "0"
+
+ALL : "$(OUTDIR)\apr_ldap-1.dll" "$(DS_POSTBUILD_DEP)"
+
+!ELSE
+
+ALL : "libaprutil - Win32 Release" "libapr - Win32 Release" "$(OUTDIR)\apr_ldap-1.dll" "$(DS_POSTBUILD_DEP)"
+
+!ENDIF
+
+!IF "$(RECURSE)" == "1"
+CLEAN :"libapr - Win32 ReleaseCLEAN" "libaprutil - Win32 ReleaseCLEAN"
+!ELSE
+CLEAN :
+!ENDIF
+ -@erase "$(INTDIR)\apr_ldap-1.res"
+ -@erase "$(INTDIR)\apr_ldap_init.obj"
+ -@erase "$(INTDIR)\apr_ldap_option.obj"
+ -@erase "$(INTDIR)\apr_ldap_rebind.obj"
+ -@erase "$(INTDIR)\apr_ldap_src.idb"
+ -@erase "$(INTDIR)\apr_ldap_src.pdb"
+ -@erase "$(OUTDIR)\apr_ldap-1.dll"
+ -@erase "$(OUTDIR)\apr_ldap-1.exp"
+ -@erase "$(OUTDIR)\apr_ldap-1.lib"
+ -@erase "$(OUTDIR)\apr_ldap-1.pdb"
+
+"$(OUTDIR)" :
+ if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
+
+CPP=cl.exe
+CPP_PROJ=/nologo /MD /W3 /Zi /O2 /Oy- /I "../include" /I "../../apr/include" /I "../include/private" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\apr_ldap_src" /FD /c
+
+.c{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cpp{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cxx{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.c{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cpp{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cxx{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+MTL=midl.exe
+MTL_PROJ=/nologo /D "NDEBUG" /mktyplib203 /o /win32 "NUL"
+RSC=rc.exe
+RSC_PROJ=/l 0x409 /fo"$(INTDIR)\apr_ldap-1.res" /i "../include" /i "../../apr/include" /d DLL_NAME="apr_ldap" /d "NDEBUG" /d "APU_VERSION_ONLY"
+BSC32=bscmake.exe
+BSC32_FLAGS=/nologo /o"$(OUTDIR)\apr_ldap.bsc"
+BSC32_SBRS= \
+
+LINK32=link.exe
+LINK32_FLAGS=kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib ole32.lib /nologo /base:"0x6EEB0000" /subsystem:windows /dll /incremental:no /pdb:"$(OUTDIR)\apr_ldap-1.pdb" /debug /out:"$(OUTDIR)\apr_ldap-1.dll" /implib:"$(OUTDIR)\apr_ldap-1.lib" /opt:ref
+LINK32_OBJS= \
+ "$(INTDIR)\apr_ldap_init.obj" \
+ "$(INTDIR)\apr_ldap_option.obj" \
+ "$(INTDIR)\apr_ldap_rebind.obj" \
+ "$(INTDIR)\apr_ldap-1.res" \
+ "..\..\apr\Release\libapr-1.lib" \
+ "..\Release\libaprutil-1.lib"
+
+"$(OUTDIR)\apr_ldap-1.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
+ $(LINK32) @<<
+ $(LINK32_FLAGS) $(LINK32_OBJS)
+<<
+
+TargetPath=.\Release\apr_ldap-1.dll
+SOURCE="$(InputPath)"
+PostBuild_Desc=Embed .manifest
+DS_POSTBUILD_DEP=$(INTDIR)\postbld.dep
+
+# Begin Custom Macros
+OutDir=.\Release
+# End Custom Macros
+
+"$(DS_POSTBUILD_DEP)" : "$(OUTDIR)\apr_ldap-1.dll"
+ if exist .\Release\apr_ldap-1.dll.manifest mt.exe -manifest .\Release\apr_ldap-1.dll.manifest -outputresource:.\Release\apr_ldap-1.dll;2
+ echo Helper for Post-build step > "$(DS_POSTBUILD_DEP)"
+
+!ELSEIF "$(CFG)" == "apr_ldap - Win32 Debug"
+
+OUTDIR=.\Debug
+INTDIR=.\Debug
+DS_POSTBUILD_DEP=$(INTDIR)\postbld.dep
+# Begin Custom Macros
+OutDir=.\Debug
+# End Custom Macros
+
+!IF "$(RECURSE)" == "0"
+
+ALL : "$(OUTDIR)\apr_ldap-1.dll" "$(DS_POSTBUILD_DEP)"
+
+!ELSE
+
+ALL : "libaprutil - Win32 Debug" "libapr - Win32 Debug" "$(OUTDIR)\apr_ldap-1.dll" "$(DS_POSTBUILD_DEP)"
+
+!ENDIF
+
+!IF "$(RECURSE)" == "1"
+CLEAN :"libapr - Win32 DebugCLEAN" "libaprutil - Win32 DebugCLEAN"
+!ELSE
+CLEAN :
+!ENDIF
+ -@erase "$(INTDIR)\apr_ldap-1.res"
+ -@erase "$(INTDIR)\apr_ldap_init.obj"
+ -@erase "$(INTDIR)\apr_ldap_option.obj"
+ -@erase "$(INTDIR)\apr_ldap_rebind.obj"
+ -@erase "$(INTDIR)\apr_ldap_src.idb"
+ -@erase "$(INTDIR)\apr_ldap_src.pdb"
+ -@erase "$(OUTDIR)\apr_ldap-1.dll"
+ -@erase "$(OUTDIR)\apr_ldap-1.exp"
+ -@erase "$(OUTDIR)\apr_ldap-1.lib"
+ -@erase "$(OUTDIR)\apr_ldap-1.pdb"
+
+"$(OUTDIR)" :
+ if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
+
+CPP=cl.exe
+CPP_PROJ=/nologo /MDd /W3 /Zi /Od /I "../include" /I "../../apr/include" /I "../include/private" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\apr_ldap_src" /FD /EHsc /c
+
+.c{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cpp{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cxx{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.c{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cpp{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cxx{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+MTL=midl.exe
+MTL_PROJ=/nologo /D "_DEBUG" /mktyplib203 /o /win32 "NUL"
+RSC=rc.exe
+RSC_PROJ=/l 0x409 /fo"$(INTDIR)\apr_ldap-1.res" /i "../include" /i "../../apr/include" /d DLL_NAME="apr_ldap" /d "_DEBUG" /d "APU_VERSION_ONLY"
+BSC32=bscmake.exe
+BSC32_FLAGS=/nologo /o"$(OUTDIR)\apr_ldap.bsc"
+BSC32_SBRS= \
+
+LINK32=link.exe
+LINK32_FLAGS=kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib ole32.lib /nologo /base:"0x6EEB0000" /subsystem:windows /dll /incremental:no /pdb:"$(OUTDIR)\apr_ldap-1.pdb" /debug /out:"$(OUTDIR)\apr_ldap-1.dll" /implib:"$(OUTDIR)\apr_ldap-1.lib"
+LINK32_OBJS= \
+ "$(INTDIR)\apr_ldap_init.obj" \
+ "$(INTDIR)\apr_ldap_option.obj" \
+ "$(INTDIR)\apr_ldap_rebind.obj" \
+ "$(INTDIR)\apr_ldap-1.res" \
+ "..\..\apr\Debug\libapr-1.lib" \
+ "..\Debug\libaprutil-1.lib"
+
+"$(OUTDIR)\apr_ldap-1.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
+ $(LINK32) @<<
+ $(LINK32_FLAGS) $(LINK32_OBJS)
+<<
+
+TargetPath=.\Debug\apr_ldap-1.dll
+SOURCE="$(InputPath)"
+PostBuild_Desc=Embed .manifest
+DS_POSTBUILD_DEP=$(INTDIR)\postbld.dep
+
+# Begin Custom Macros
+OutDir=.\Debug
+# End Custom Macros
+
+"$(DS_POSTBUILD_DEP)" : "$(OUTDIR)\apr_ldap-1.dll"
+ if exist .\Debug\apr_ldap-1.dll.manifest mt.exe -manifest .\Debug\apr_ldap-1.dll.manifest -outputresource:.\Debug\apr_ldap-1.dll;2
+ echo Helper for Post-build step > "$(DS_POSTBUILD_DEP)"
+
+!ELSEIF "$(CFG)" == "apr_ldap - x64 Release"
+
+OUTDIR=.\x64\Release
+INTDIR=.\x64\Release
+DS_POSTBUILD_DEP=$(INTDIR)\postbld.dep
+# Begin Custom Macros
+OutDir=.\x64\Release
+# End Custom Macros
+
+!IF "$(RECURSE)" == "0"
+
+ALL : "$(OUTDIR)\apr_ldap-1.dll" "$(DS_POSTBUILD_DEP)"
+
+!ELSE
+
+ALL : "libaprutil - x64 Release" "libapr - x64 Release" "$(OUTDIR)\apr_ldap-1.dll" "$(DS_POSTBUILD_DEP)"
+
+!ENDIF
+
+!IF "$(RECURSE)" == "1"
+CLEAN :"libapr - x64 ReleaseCLEAN" "libaprutil - x64 ReleaseCLEAN"
+!ELSE
+CLEAN :
+!ENDIF
+ -@erase "$(INTDIR)\apr_ldap-1.res"
+ -@erase "$(INTDIR)\apr_ldap_init.obj"
+ -@erase "$(INTDIR)\apr_ldap_option.obj"
+ -@erase "$(INTDIR)\apr_ldap_rebind.obj"
+ -@erase "$(INTDIR)\apr_ldap_src.idb"
+ -@erase "$(INTDIR)\apr_ldap_src.pdb"
+ -@erase "$(OUTDIR)\apr_ldap-1.dll"
+ -@erase "$(OUTDIR)\apr_ldap-1.exp"
+ -@erase "$(OUTDIR)\apr_ldap-1.lib"
+ -@erase "$(OUTDIR)\apr_ldap-1.pdb"
+
+"$(OUTDIR)" :
+ if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
+
+CPP=cl.exe
+CPP_PROJ=/nologo /MD /W3 /Zi /O2 /Oy- /I "../include" /I "../../apr/include" /I "../include/private" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\apr_ldap_src" /FD /c
+
+.c{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cpp{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cxx{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.c{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cpp{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cxx{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+MTL=midl.exe
+MTL_PROJ=/nologo /D "NDEBUG" /mktyplib203 /o /win32 "NUL"
+RSC=rc.exe
+RSC_PROJ=/l 0x409 /fo"$(INTDIR)\apr_ldap-1.res" /i "../include" /i "../../apr/include" /d DLL_NAME="apr_ldap" /d "NDEBUG" /d "APU_VERSION_ONLY"
+BSC32=bscmake.exe
+BSC32_FLAGS=/nologo /o"$(OUTDIR)\apr_ldap.bsc"
+BSC32_SBRS= \
+
+LINK32=link.exe
+LINK32_FLAGS=kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib ole32.lib /nologo /base:"0x6EEB0000" /subsystem:windows /dll /incremental:no /pdb:"$(OUTDIR)\apr_ldap-1.pdb" /debug /out:"$(OUTDIR)\apr_ldap-1.dll" /implib:"$(OUTDIR)\apr_ldap-1.lib" /MACHINE:X64 /opt:ref
+LINK32_OBJS= \
+ "$(INTDIR)\apr_ldap_init.obj" \
+ "$(INTDIR)\apr_ldap_option.obj" \
+ "$(INTDIR)\apr_ldap_rebind.obj" \
+ "$(INTDIR)\apr_ldap-1.res" \
+ "..\..\apr\x64\Release\libapr-1.lib" \
+ "..\x64\Release\libaprutil-1.lib"
+
+"$(OUTDIR)\apr_ldap-1.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
+ $(LINK32) @<<
+ $(LINK32_FLAGS) $(LINK32_OBJS)
+<<
+
+TargetPath=.\x64\Release\apr_ldap-1.dll
+SOURCE="$(InputPath)"
+PostBuild_Desc=Embed .manifest
+DS_POSTBUILD_DEP=$(INTDIR)\postbld.dep
+
+# Begin Custom Macros
+OutDir=.\x64\Release
+# End Custom Macros
+
+"$(DS_POSTBUILD_DEP)" : "$(OUTDIR)\apr_ldap-1.dll"
+ if exist .\x64\Release\apr_ldap-1.dll.manifest mt.exe -manifest .\x64\Release\apr_ldap-1.dll.manifest -outputresource:.\x64\Release\apr_ldap-1.dll;2
+ echo Helper for Post-build step > "$(DS_POSTBUILD_DEP)"
+
+!ELSEIF "$(CFG)" == "apr_ldap - x64 Debug"
+
+OUTDIR=.\x64\Debug
+INTDIR=.\x64\Debug
+DS_POSTBUILD_DEP=$(INTDIR)\postbld.dep
+# Begin Custom Macros
+OutDir=.\x64\Debug
+# End Custom Macros
+
+!IF "$(RECURSE)" == "0"
+
+ALL : "$(OUTDIR)\apr_ldap-1.dll" "$(DS_POSTBUILD_DEP)"
+
+!ELSE
+
+ALL : "libaprutil - x64 Debug" "libapr - x64 Debug" "$(OUTDIR)\apr_ldap-1.dll" "$(DS_POSTBUILD_DEP)"
+
+!ENDIF
+
+!IF "$(RECURSE)" == "1"
+CLEAN :"libapr - x64 DebugCLEAN" "libaprutil - x64 DebugCLEAN"
+!ELSE
+CLEAN :
+!ENDIF
+ -@erase "$(INTDIR)\apr_ldap-1.res"
+ -@erase "$(INTDIR)\apr_ldap_init.obj"
+ -@erase "$(INTDIR)\apr_ldap_option.obj"
+ -@erase "$(INTDIR)\apr_ldap_rebind.obj"
+ -@erase "$(INTDIR)\apr_ldap_src.idb"
+ -@erase "$(INTDIR)\apr_ldap_src.pdb"
+ -@erase "$(OUTDIR)\apr_ldap-1.dll"
+ -@erase "$(OUTDIR)\apr_ldap-1.exp"
+ -@erase "$(OUTDIR)\apr_ldap-1.lib"
+ -@erase "$(OUTDIR)\apr_ldap-1.pdb"
+
+"$(OUTDIR)" :
+ if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
+
+CPP=cl.exe
+CPP_PROJ=/nologo /MDd /W3 /Zi /Od /I "../include" /I "../../apr/include" /I "../include/private" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\apr_ldap_src" /FD /EHsc /c
+
+.c{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cpp{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cxx{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.c{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cpp{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cxx{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+MTL=midl.exe
+MTL_PROJ=/nologo /D "_DEBUG" /mktyplib203 /o /win32 "NUL"
+RSC=rc.exe
+RSC_PROJ=/l 0x409 /fo"$(INTDIR)\apr_ldap-1.res" /i "../include" /i "../../apr/include" /d DLL_NAME="apr_ldap" /d "_DEBUG" /d "APU_VERSION_ONLY"
+BSC32=bscmake.exe
+BSC32_FLAGS=/nologo /o"$(OUTDIR)\apr_ldap.bsc"
+BSC32_SBRS= \
+
+LINK32=link.exe
+LINK32_FLAGS=kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib ole32.lib /nologo /base:"0x6EEB0000" /subsystem:windows /dll /incremental:no /pdb:"$(OUTDIR)\apr_ldap-1.pdb" /debug /out:"$(OUTDIR)\apr_ldap-1.dll" /implib:"$(OUTDIR)\apr_ldap-1.lib" /MACHINE:X64
+LINK32_OBJS= \
+ "$(INTDIR)\apr_ldap_init.obj" \
+ "$(INTDIR)\apr_ldap_option.obj" \
+ "$(INTDIR)\apr_ldap_rebind.obj" \
+ "$(INTDIR)\apr_ldap-1.res" \
+ "..\..\apr\x64\Debug\libapr-1.lib" \
+ "..\x64\Debug\libaprutil-1.lib"
+
+"$(OUTDIR)\apr_ldap-1.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
+ $(LINK32) @<<
+ $(LINK32_FLAGS) $(LINK32_OBJS)
+<<
+
+TargetPath=.\x64\Debug\apr_ldap-1.dll
+SOURCE="$(InputPath)"
+PostBuild_Desc=Embed .manifest
+DS_POSTBUILD_DEP=$(INTDIR)\postbld.dep
+
+# Begin Custom Macros
+OutDir=.\x64\Debug
+# End Custom Macros
+
+"$(DS_POSTBUILD_DEP)" : "$(OUTDIR)\apr_ldap-1.dll"
+ if exist .\x64\Debug\apr_ldap-1.dll.manifest mt.exe -manifest .\x64\Debug\apr_ldap-1.dll.manifest -outputresource:.\x64\Debug\apr_ldap-1.dll;2
+ echo Helper for Post-build step > "$(DS_POSTBUILD_DEP)"
+
+!ENDIF
+
+
+!IF "$(NO_EXTERNAL_DEPS)" != "1"
+!IF EXISTS("apr_ldap.dep")
+!INCLUDE "apr_ldap.dep"
+!ELSE
+!MESSAGE Warning: cannot find "apr_ldap.dep"
+!ENDIF
+!ENDIF
+
+
+!IF "$(CFG)" == "apr_ldap - Win32 Release" || "$(CFG)" == "apr_ldap - Win32 Debug" || "$(CFG)" == "apr_ldap - x64 Release" || "$(CFG)" == "apr_ldap - x64 Debug"
+SOURCE=.\apr_ldap_init.c
+
+"$(INTDIR)\apr_ldap_init.obj" : $(SOURCE) "$(INTDIR)"
+
+
+SOURCE=.\apr_ldap_option.c
+
+"$(INTDIR)\apr_ldap_option.obj" : $(SOURCE) "$(INTDIR)"
+
+
+SOURCE=.\apr_ldap_rebind.c
+
+"$(INTDIR)\apr_ldap_rebind.obj" : $(SOURCE) "$(INTDIR)"
+
+
+!IF "$(CFG)" == "apr_ldap - Win32 Release"
+
+"libapr - Win32 Release" :
+ cd ".\..\..\apr"
+ $(MAKE) /$(MAKEFLAGS) /F ".\libapr.mak" CFG="libapr - Win32 Release"
+ cd "..\apr-util\ldap"
+
+"libapr - Win32 ReleaseCLEAN" :
+ cd ".\..\..\apr"
+ $(MAKE) /$(MAKEFLAGS) /F ".\libapr.mak" CFG="libapr - Win32 Release" RECURSE=1 CLEAN
+ cd "..\apr-util\ldap"
+
+!ELSEIF "$(CFG)" == "apr_ldap - Win32 Debug"
+
+"libapr - Win32 Debug" :
+ cd ".\..\..\apr"
+ $(MAKE) /$(MAKEFLAGS) /F ".\libapr.mak" CFG="libapr - Win32 Debug"
+ cd "..\apr-util\ldap"
+
+"libapr - Win32 DebugCLEAN" :
+ cd ".\..\..\apr"
+ $(MAKE) /$(MAKEFLAGS) /F ".\libapr.mak" CFG="libapr - Win32 Debug" RECURSE=1 CLEAN
+ cd "..\apr-util\ldap"
+
+!ELSEIF "$(CFG)" == "apr_ldap - x64 Release"
+
+"libapr - x64 Release" :
+ cd ".\..\..\apr"
+ $(MAKE) /$(MAKEFLAGS) /F ".\libapr.mak" CFG="libapr - x64 Release"
+ cd "..\apr-util\ldap"
+
+"libapr - x64 ReleaseCLEAN" :
+ cd ".\..\..\apr"
+ $(MAKE) /$(MAKEFLAGS) /F ".\libapr.mak" CFG="libapr - x64 Release" RECURSE=1 CLEAN
+ cd "..\apr-util\ldap"
+
+!ELSEIF "$(CFG)" == "apr_ldap - x64 Debug"
+
+"libapr - x64 Debug" :
+ cd ".\..\..\apr"
+ $(MAKE) /$(MAKEFLAGS) /F ".\libapr.mak" CFG="libapr - x64 Debug"
+ cd "..\apr-util\ldap"
+
+"libapr - x64 DebugCLEAN" :
+ cd ".\..\..\apr"
+ $(MAKE) /$(MAKEFLAGS) /F ".\libapr.mak" CFG="libapr - x64 Debug" RECURSE=1 CLEAN
+ cd "..\apr-util\ldap"
+
+!ENDIF
+
+!IF "$(CFG)" == "apr_ldap - Win32 Release"
+
+"libaprutil - Win32 Release" :
+ cd ".\.."
+ $(MAKE) /$(MAKEFLAGS) /F ".\libaprutil.mak" CFG="libaprutil - Win32 Release"
+ cd ".\ldap"
+
+"libaprutil - Win32 ReleaseCLEAN" :
+ cd ".\.."
+ $(MAKE) /$(MAKEFLAGS) /F ".\libaprutil.mak" CFG="libaprutil - Win32 Release" RECURSE=1 CLEAN
+ cd ".\ldap"
+
+!ELSEIF "$(CFG)" == "apr_ldap - Win32 Debug"
+
+"libaprutil - Win32 Debug" :
+ cd ".\.."
+ $(MAKE) /$(MAKEFLAGS) /F ".\libaprutil.mak" CFG="libaprutil - Win32 Debug"
+ cd ".\ldap"
+
+"libaprutil - Win32 DebugCLEAN" :
+ cd ".\.."
+ $(MAKE) /$(MAKEFLAGS) /F ".\libaprutil.mak" CFG="libaprutil - Win32 Debug" RECURSE=1 CLEAN
+ cd ".\ldap"
+
+!ELSEIF "$(CFG)" == "apr_ldap - x64 Release"
+
+"libaprutil - x64 Release" :
+ cd ".\.."
+ $(MAKE) /$(MAKEFLAGS) /F ".\libaprutil.mak" CFG="libaprutil - x64 Release"
+ cd ".\ldap"
+
+"libaprutil - x64 ReleaseCLEAN" :
+ cd ".\.."
+ $(MAKE) /$(MAKEFLAGS) /F ".\libaprutil.mak" CFG="libaprutil - x64 Release" RECURSE=1 CLEAN
+ cd ".\ldap"
+
+!ELSEIF "$(CFG)" == "apr_ldap - x64 Debug"
+
+"libaprutil - x64 Debug" :
+ cd ".\.."
+ $(MAKE) /$(MAKEFLAGS) /F ".\libaprutil.mak" CFG="libaprutil - x64 Debug"
+ cd ".\ldap"
+
+"libaprutil - x64 DebugCLEAN" :
+ cd ".\.."
+ $(MAKE) /$(MAKEFLAGS) /F ".\libaprutil.mak" CFG="libaprutil - x64 Debug" RECURSE=1 CLEAN
+ cd ".\ldap"
+
+!ENDIF
+
+SOURCE=..\libaprutil.rc
+
+!IF "$(CFG)" == "apr_ldap - Win32 Release"
+
+
+"$(INTDIR)\apr_ldap-1.res" : $(SOURCE) "$(INTDIR)"
+ $(RSC) /l 0x409 /fo"$(INTDIR)\apr_ldap-1.res" /i "../include" /i "../../apr/include" /i "\httpd-2.4.4\srclib\apr-util" /d DLL_NAME="apr_ldap" /d "NDEBUG" /d "APU_VERSION_ONLY" $(SOURCE)
+
+
+!ELSEIF "$(CFG)" == "apr_ldap - Win32 Debug"
+
+
+"$(INTDIR)\apr_ldap-1.res" : $(SOURCE) "$(INTDIR)"
+ $(RSC) /l 0x409 /fo"$(INTDIR)\apr_ldap-1.res" /i "../include" /i "../../apr/include" /i "\httpd-2.4.4\srclib\apr-util" /d DLL_NAME="apr_ldap" /d "_DEBUG" /d "APU_VERSION_ONLY" $(SOURCE)
+
+
+!ELSEIF "$(CFG)" == "apr_ldap - x64 Release"
+
+
+"$(INTDIR)\apr_ldap-1.res" : $(SOURCE) "$(INTDIR)"
+ $(RSC) /l 0x409 /fo"$(INTDIR)\apr_ldap-1.res" /i "../include" /i "../../apr/include" /i "\httpd-2.4.4\srclib\apr-util" /d DLL_NAME="apr_ldap" /d "NDEBUG" /d "APU_VERSION_ONLY" $(SOURCE)
+
+
+!ELSEIF "$(CFG)" == "apr_ldap - x64 Debug"
+
+
+"$(INTDIR)\apr_ldap-1.res" : $(SOURCE) "$(INTDIR)"
+ $(RSC) /l 0x409 /fo"$(INTDIR)\apr_ldap-1.res" /i "../include" /i "../../apr/include" /i "\httpd-2.4.4\srclib\apr-util" /d DLL_NAME="apr_ldap" /d "_DEBUG" /d "APU_VERSION_ONLY" $(SOURCE)
+
+
+!ENDIF
+
+
+!ENDIF
+
diff --git a/ldap/apr_ldap_init.c b/ldap/apr_ldap_init.c new file mode 100644 index 0000000..8aacb2a --- /dev/null +++ b/ldap/apr_ldap_init.c @@ -0,0 +1,235 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* + * apr_ldap_init.c: LDAP v2/v3 common initialise + * + * Original code from auth_ldap module for Apache v1.3: + * Copyright 1998, 1999 Enbridge Pipelines Inc. + * Copyright 1999-2001 Dave Carrigan + */ + +#include "apr.h" +#include "apu.h" +#include "apu_config.h" + +#if APU_DSO_BUILD +#define APU_DSO_LDAP_BUILD +#endif + +#include "apr_ldap.h" +#include "apu_internal.h" +#include "apr_errno.h" +#include "apr_pools.h" +#include "apr_strings.h" + +#if APR_HAS_LDAP + +/** + * APR LDAP SSL Initialise function + * + * This function initialises SSL on the underlying LDAP toolkit + * if this is necessary. + * + * If a CA certificate is provided, this is set, however the setting + * of certificates via this method has been deprecated and will be removed in + * APR v2.0. + * + * The apr_ldap_set_option() function with the APR_LDAP_OPT_TLS_CERT option + * should be used instead to set certificates. + * + * If SSL support is not available on this platform, or a problem + * was encountered while trying to set the certificate, the function + * will return APR_EGENERAL. Further LDAP specific error information + * can be found in result_err. + */ +APU_DECLARE_LDAP(int) apr_ldap_ssl_init(apr_pool_t *pool, + const char *cert_auth_file, + int cert_file_type, + apr_ldap_err_t **result_err) +{ + + apr_ldap_err_t *result = (apr_ldap_err_t *)apr_pcalloc(pool, sizeof(apr_ldap_err_t)); + *result_err = result; + +#if APR_HAS_LDAP_SSL /* compiled with ssl support */ + + /* Novell */ +#if APR_HAS_NOVELL_LDAPSDK + ldapssl_client_init(NULL, NULL); +#endif + + /* if a certificate was specified, set it */ + if (cert_auth_file) { + apr_ldap_opt_tls_cert_t *cert = (apr_ldap_opt_tls_cert_t *)apr_pcalloc(pool, sizeof(apr_ldap_opt_tls_cert_t)); + cert->type = cert_file_type; + cert->path = cert_auth_file; + return apr_ldap_set_option(pool, NULL, APR_LDAP_OPT_TLS_CERT, (void *)cert, result_err); + } + +#else /* not compiled with SSL Support */ + if (cert_auth_file) { + result->reason = "LDAP: Attempt to set certificate store failed. " + "Not built with SSL support"; + result->rc = -1; + } +#endif /* APR_HAS_LDAP_SSL */ + + if (result->rc != -1) { + result->msg = ldap_err2string(result->rc); + } + + if (LDAP_SUCCESS != result->rc) { + return APR_EGENERAL; + } + + return APR_SUCCESS; + +} + + +/** + * APR LDAP SSL De-Initialise function + * + * This function tears down any SSL certificate setup previously + * set using apr_ldap_ssl_init(). It should be called to clean + * up if a graceful restart of a service is attempted. + * + * This function only does anything on Netware. + * + * @todo currently we do not check whether apr_ldap_ssl_init() + * has been called first - should we? + */ +APU_DECLARE_LDAP(int) apr_ldap_ssl_deinit(void) +{ + +#if APR_HAS_LDAP_SSL && APR_HAS_LDAPSSL_CLIENT_DEINIT + ldapssl_client_deinit(); +#endif + return APR_SUCCESS; + +} + + +/** + * APR LDAP initialise function + * + * This function is responsible for initialising an LDAP + * connection in a toolkit independant way. It does the + * job of ldap_init() from the C api. + * + * It handles both the SSL and non-SSL case, and attempts + * to hide the complexity setup from the user. This function + * assumes that any certificate setup necessary has already + * been done. + * + * If SSL or STARTTLS needs to be enabled, and the underlying + * toolkit supports it, the following values are accepted for + * secure: + * + * APR_LDAP_NONE: No encryption + * APR_LDAP_SSL: SSL encryption (ldaps://) + * APR_LDAP_STARTTLS: Force STARTTLS on ldap:// + */ +APU_DECLARE_LDAP(int) apr_ldap_init(apr_pool_t *pool, + LDAP **ldap, + const char *hostname, + int portno, + int secure, + apr_ldap_err_t **result_err) +{ + + apr_ldap_err_t *result = (apr_ldap_err_t *)apr_pcalloc(pool, sizeof(apr_ldap_err_t)); + *result_err = result; + +#if APR_HAS_LDAPSSL_INIT +#if APR_HAS_SOLARIS_LDAPSDK + /* + * Using the secure argument should aways be possible. But as LDAP SDKs + * tend to have different quirks and bugs, this needs to be tested for + * for each of them, first. For Solaris LDAP it works, and the method + * with ldap_set_option doesn't. + */ + *ldap = ldapssl_init(hostname, portno, secure == APR_LDAP_SSL); +#else + *ldap = ldapssl_init(hostname, portno, 0); +#endif +#elif APR_HAS_LDAP_SSLINIT + *ldap = ldap_sslinit((char *)hostname, portno, 0); +#else + *ldap = ldap_init((char *)hostname, portno); +#endif + + if (*ldap != NULL) { +#if APR_HAS_SOLARIS_LDAPSDK + if (secure == APR_LDAP_SSL) + return APR_SUCCESS; + else +#endif + return apr_ldap_set_option(pool, *ldap, APR_LDAP_OPT_TLS, &secure, result_err); + } + else { + /* handle the error case */ + apr_ldap_err_t *result = (apr_ldap_err_t *)apr_pcalloc(pool, sizeof(apr_ldap_err_t)); + *result_err = result; + + result->reason = "APR LDAP: Unable to initialize the LDAP connection"; + result->rc = -1; + return APR_EGENERAL; + } + +} + + +/** + * APR LDAP info function + * + * This function returns a string describing the LDAP toolkit + * currently in use. The string is placed inside result_err->reason. + */ +APU_DECLARE_LDAP(int) apr_ldap_info(apr_pool_t *pool, + apr_ldap_err_t **result_err) +{ + apr_ldap_err_t *result = (apr_ldap_err_t *)apr_pcalloc(pool, sizeof(apr_ldap_err_t)); + *result_err = result; + + result->reason = "APR LDAP: Built with " + LDAP_VENDOR_NAME + " LDAP SDK"; + return APR_SUCCESS; + +} + +#if APU_DSO_BUILD + +/* For DSO builds, export the table of entry points into the apr_ldap DSO + * See include/private/apu_internal.h for the corresponding declarations + */ +APU_MODULE_DECLARE_DATA struct apr__ldap_dso_fntable apr__ldap_fns = { + apr_ldap_info, + apr_ldap_init, + apr_ldap_ssl_init, + apr_ldap_ssl_deinit, + apr_ldap_get_option, + apr_ldap_set_option, + apr_ldap_rebind_init, + apr_ldap_rebind_add, + apr_ldap_rebind_remove +}; + +#endif /* APU_DSO_BUILD */ + +#endif /* APR_HAS_LDAP */ diff --git a/ldap/apr_ldap_option.c b/ldap/apr_ldap_option.c new file mode 100644 index 0000000..0c055b4 --- /dev/null +++ b/ldap/apr_ldap_option.c @@ -0,0 +1,652 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* apr_ldap_option.c -- LDAP options + * + * The LDAP SDK allows the getting and setting of options on an LDAP + * connection. + * + */ + +#include "apr.h" +#include "apu.h" +#include "apu_config.h" + +#if APU_DSO_BUILD +#define APU_DSO_LDAP_BUILD +#endif + +#include "apr_ldap.h" +#include "apr_errno.h" +#include "apr_pools.h" +#include "apr_strings.h" +#include "apr_tables.h" + +#if APR_HAS_LDAP + +static void option_set_cert(apr_pool_t *pool, LDAP *ldap, const void *invalue, + apr_ldap_err_t *result); +static void option_set_tls(apr_pool_t *pool, LDAP *ldap, const void *invalue, + apr_ldap_err_t *result); + +/** + * APR LDAP get option function + * + * This function gets option values from a given LDAP session if + * one was specified. + */ +APU_DECLARE_LDAP(int) apr_ldap_get_option(apr_pool_t *pool, + LDAP *ldap, + int option, + void *outvalue, + apr_ldap_err_t **result_err) +{ + apr_ldap_err_t *result; + + result = apr_pcalloc(pool, sizeof(apr_ldap_err_t)); + *result_err = result; + if (!result) { + return APR_ENOMEM; + } + + /* get the option specified using the native LDAP function */ + result->rc = ldap_get_option(ldap, option, outvalue); + + /* handle the error case */ + if (result->rc != LDAP_SUCCESS) { + result->msg = ldap_err2string(result-> rc); + result->reason = apr_pstrdup(pool, "LDAP: Could not get an option"); + return APR_EGENERAL; + } + + return APR_SUCCESS; + +} + +/** + * APR LDAP set option function + * + * This function sets option values to a given LDAP session if + * one was specified. + * + * Where an option is not supported by an LDAP toolkit, this function + * will try and apply legacy functions to achieve the same effect, + * depending on the platform. + */ +APU_DECLARE_LDAP(int) apr_ldap_set_option(apr_pool_t *pool, + LDAP *ldap, + int option, + const void *invalue, + apr_ldap_err_t **result_err) +{ + apr_ldap_err_t *result; + + result = apr_pcalloc(pool, sizeof(apr_ldap_err_t)); + *result_err = result; + if (!result) { + return APR_ENOMEM; + } + + switch (option) { + case APR_LDAP_OPT_TLS_CERT: + option_set_cert(pool, ldap, invalue, result); + break; + + case APR_LDAP_OPT_TLS: + option_set_tls(pool, ldap, invalue, result); + break; + + case APR_LDAP_OPT_VERIFY_CERT: +#if APR_HAS_NETSCAPE_LDAPSDK || APR_HAS_SOLARIS_LDAPSDK || APR_HAS_MOZILLA_LDAPSK + result->reason = "LDAP: Verify certificate not yet supported by APR on the " + "Netscape, Solaris or Mozilla LDAP SDKs"; + result->rc = -1; + return APR_EGENERAL; +#endif +#if APR_HAS_NOVELL_LDAPSDK + if (*((int*)invalue)) { + result->rc = ldapssl_set_verify_mode(LDAPSSL_VERIFY_SERVER); + } + else { + result->rc = ldapssl_set_verify_mode(LDAPSSL_VERIFY_NONE); + } +#endif +#if APR_HAS_OPENLDAP_LDAPSDK +#ifdef LDAP_OPT_X_TLS + /* This is not a per-connection setting so just pass NULL for the + Ldap connection handle */ + if (*((int*)invalue)) { + int i = LDAP_OPT_X_TLS_DEMAND; + result->rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &i); + } + else { + int i = LDAP_OPT_X_TLS_NEVER; + result->rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &i); + } +#else + result->reason = "LDAP: SSL/TLS not yet supported by APR on this " + "version of the OpenLDAP toolkit"; + result->rc = -1; + return APR_EGENERAL; +#endif +#endif + + /* handle the error case */ + if (result->rc != LDAP_SUCCESS) { + result->msg = ldap_err2string(result->rc); + result->reason = "LDAP: Could not set verify mode"; + } + break; + + case APR_LDAP_OPT_REFERRALS: + /* Setting this option is supported on at least TIVOLI_SDK and OpenLDAP. Folks + * who know the NOVELL, NETSCAPE, MOZILLA, and SOLARIS SDKs should note here if + * the SDK at least tolerates this option being set, or add an elif to handle + * special cases (i.e. different LDAP_OPT_X value). + */ + result->rc = ldap_set_option(ldap, LDAP_OPT_REFERRALS, (void *)invalue); + + if (result->rc != LDAP_SUCCESS) { + result->reason = "Unable to set LDAP_OPT_REFERRALS."; + return(result->rc); + } + break; + + case APR_LDAP_OPT_REFHOPLIMIT: +#if !defined(LDAP_OPT_REFHOPLIMIT) || APR_HAS_NOVELL_LDAPSDK + /* If the LDAP_OPT_REFHOPLIMIT symbol is missing, assume that the + * particular LDAP library has a reasonable default. So far certain + * versions of the OpenLDAP SDK miss this symbol (but default to 5), + * and the Microsoft SDK misses the symbol (the default is not known). + */ + result->rc = LDAP_SUCCESS; +#else + /* Setting this option is supported on at least TIVOLI_SDK. Folks who know + * the NOVELL, NETSCAPE, MOZILLA, and SOLARIS SDKs should note here if + * the SDK at least tolerates this option being set, or add an elif to handle + * special cases so an error isn't returned if there is a perfectly good + * default value that just can't be changed (like openLDAP). + */ + result->rc = ldap_set_option(ldap, LDAP_OPT_REFHOPLIMIT, (void *)invalue); +#endif + + if (result->rc != LDAP_SUCCESS) { + result->reason = "Unable to set LDAP_OPT_REFHOPLIMIT."; + return(result->rc); + } + break; + + default: + /* set the option specified using the native LDAP function */ + result->rc = ldap_set_option(ldap, option, (void *)invalue); + + /* handle the error case */ + if (result->rc != LDAP_SUCCESS) { + result->msg = ldap_err2string(result->rc); + result->reason = "LDAP: Could not set an option"; + } + break; + } + + /* handle the error case */ + if (result->rc != LDAP_SUCCESS) { + return APR_EGENERAL; + } + + return APR_SUCCESS; + +} + +/** + * Handle APR_LDAP_OPT_TLS + * + * This function sets the type of TLS to be applied to this connection. + * The options are: + * APR_LDAP_NONE: no encryption + * APR_LDAP_SSL: SSL encryption (ldaps://) + * APR_LDAP_STARTTLS: STARTTLS encryption + * APR_LDAP_STOPTLS: Stop existing TLS connecttion + */ +static void option_set_tls(apr_pool_t *pool, LDAP *ldap, const void *invalue, + apr_ldap_err_t *result) +{ +#if APR_HAS_LDAP_SSL /* compiled with ssl support */ + + int tls = * (const int *)invalue; + + /* Netscape/Mozilla/Solaris SDK */ +#if APR_HAS_NETSCAPE_LDAPSDK || APR_HAS_SOLARIS_LDAPSDK || APR_HAS_MOZILLA_LDAPSK +#if APR_HAS_LDAPSSL_INSTALL_ROUTINES + if (tls == APR_LDAP_SSL) { + result->rc = ldapssl_install_routines(ldap); +#ifdef LDAP_OPT_SSL + /* apparently Netscape and Mozilla need this too, Solaris doesn't */ + if (result->rc == LDAP_SUCCESS) { + result->rc = ldap_set_option(ldap, LDAP_OPT_SSL, LDAP_OPT_ON); + } +#endif + if (result->rc != LDAP_SUCCESS) { + result->msg = ldap_err2string(result->rc); + result->reason = "LDAP: Could not switch SSL on for this " + "connection."; + } + } + else if (tls == APR_LDAP_STARTTLS) { + result->reason = "LDAP: STARTTLS is not supported by the " + "Netscape/Mozilla/Solaris SDK"; + result->rc = -1; + } + else if (tls == APR_LDAP_STOPTLS) { + result->reason = "LDAP: STOPTLS is not supported by the " + "Netscape/Mozilla/Solaris SDK"; + result->rc = -1; + } +#else + if (tls != APR_LDAP_NONE) { + result->reason = "LDAP: SSL/TLS is not supported by this version " + "of the Netscape/Mozilla/Solaris SDK"; + result->rc = -1; + } +#endif +#endif + + /* Novell SDK */ +#if APR_HAS_NOVELL_LDAPSDK + /* ldapssl_install_routines(ldap) + * Behavior is unpredictable when other LDAP functions are called + * between the ldap_init function and the ldapssl_install_routines + * function. + * + * STARTTLS is supported by the ldap_start_tls_s() method + */ + if (tls == APR_LDAP_SSL) { + result->rc = ldapssl_install_routines(ldap); + if (result->rc != LDAP_SUCCESS) { + result->msg = ldap_err2string(result->rc); + result->reason = "LDAP: Could not switch SSL on for this " + "connection."; + } + } + if (tls == APR_LDAP_STARTTLS) { + result->rc = ldapssl_start_tls(ldap); + if (result->rc != LDAP_SUCCESS) { + result->msg = ldap_err2string(result->rc); + result->reason = "LDAP: Could not start TLS on this connection"; + } + } + else if (tls == APR_LDAP_STOPTLS) { + result->rc = ldapssl_stop_tls(ldap); + if (result->rc != LDAP_SUCCESS) { + result->msg = ldap_err2string(result->rc); + result->reason = "LDAP: Could not stop TLS on this connection"; + } + } +#endif + + /* OpenLDAP SDK */ +#if APR_HAS_OPENLDAP_LDAPSDK +#ifdef LDAP_OPT_X_TLS + if (tls == APR_LDAP_SSL) { + int SSLmode = LDAP_OPT_X_TLS_HARD; + result->rc = ldap_set_option(ldap, LDAP_OPT_X_TLS, &SSLmode); + if (result->rc != LDAP_SUCCESS) { + result->reason = "LDAP: ldap_set_option failed. " + "Could not set LDAP_OPT_X_TLS to " + "LDAP_OPT_X_TLS_HARD"; + result->msg = ldap_err2string(result->rc); + } + } + else if (tls == APR_LDAP_STARTTLS) { + result->rc = ldap_start_tls_s(ldap, NULL, NULL); + if (result->rc != LDAP_SUCCESS) { + result->reason = "LDAP: ldap_start_tls_s() failed"; + result->msg = ldap_err2string(result->rc); + } + } + else if (tls == APR_LDAP_STOPTLS) { + result->reason = "LDAP: STOPTLS is not supported by the " + "OpenLDAP SDK"; + result->rc = -1; + } +#else + if (tls != APR_LDAP_NONE) { + result->reason = "LDAP: SSL/TLS not yet supported by APR on this " + "version of the OpenLDAP toolkit"; + result->rc = -1; + } +#endif +#endif + + /* Microsoft SDK */ +#if APR_HAS_MICROSOFT_LDAPSDK + if (tls == APR_LDAP_NONE) { + ULONG ul = (ULONG) LDAP_OPT_OFF; + result->rc = ldap_set_option(ldap, LDAP_OPT_SSL, &ul); + if (result->rc != LDAP_SUCCESS) { + result->reason = "LDAP: an attempt to set LDAP_OPT_SSL off " + "failed."; + result->msg = ldap_err2string(result->rc); + } + } + else if (tls == APR_LDAP_SSL) { + ULONG ul = (ULONG) LDAP_OPT_ON; + result->rc = ldap_set_option(ldap, LDAP_OPT_SSL, &ul); + if (result->rc != LDAP_SUCCESS) { + result->reason = "LDAP: an attempt to set LDAP_OPT_SSL on " + "failed."; + result->msg = ldap_err2string(result->rc); + } + } +#if APR_HAS_LDAP_START_TLS_S + else if (tls == APR_LDAP_STARTTLS) { + result->rc = ldap_start_tls_s(ldap, NULL, NULL, NULL, NULL); + if (result->rc != LDAP_SUCCESS) { + result->reason = "LDAP: ldap_start_tls_s() failed"; + result->msg = ldap_err2string(result->rc); + } + } + else if (tls == APR_LDAP_STOPTLS) { + result->rc = ldap_stop_tls_s(ldap); + if (result->rc != LDAP_SUCCESS) { + result->reason = "LDAP: ldap_stop_tls_s() failed"; + result->msg = ldap_err2string(result->rc); + } + } +#endif +#endif + +#if APR_HAS_OTHER_LDAPSDK + if (tls != APR_LDAP_NONE) { + result->reason = "LDAP: SSL/TLS is currently not supported by " + "APR on this LDAP SDK"; + result->rc = -1; + } +#endif + +#endif /* APR_HAS_LDAP_SSL */ + +} + +/** + * Handle APR_LDAP_OPT_TLS_CACERTFILE + * + * This function sets the CA certificate for further SSL/TLS connections. + * + * The file provided are in different formats depending on the toolkit used: + * + * Netscape: cert7.db file + * Novell: PEM or DER + * OpenLDAP: PEM (others supported?) + * Microsoft: unknown + * Solaris: unknown + */ +static void option_set_cert(apr_pool_t *pool, LDAP *ldap, + const void *invalue, apr_ldap_err_t *result) +{ +#if APR_HAS_LDAP_SSL +#if APR_HAS_LDAPSSL_CLIENT_INIT || APR_HAS_OPENLDAP_LDAPSDK + apr_array_header_t *certs = (apr_array_header_t *)invalue; + struct apr_ldap_opt_tls_cert_t *ents = (struct apr_ldap_opt_tls_cert_t *)certs->elts; + int i = 0; +#endif + + /* Netscape/Mozilla/Solaris SDK */ +#if APR_HAS_NETSCAPE_LDAPSDK || APR_HAS_SOLARIS_LDAPSDK || APR_HAS_MOZILLA_LDAPSDK +#if APR_HAS_LDAPSSL_CLIENT_INIT + const char *nickname = NULL; + const char *secmod = NULL; + const char *key3db = NULL; + const char *cert7db = NULL; + const char *password = NULL; + + /* set up cert7.db, key3.db and secmod parameters */ + for (i = 0; i < certs->nelts; i++) { + switch (ents[i].type) { + case APR_LDAP_CA_TYPE_CERT7_DB: + cert7db = ents[i].path; + break; + case APR_LDAP_CA_TYPE_SECMOD: + secmod = ents[i].path; + break; + case APR_LDAP_CERT_TYPE_KEY3_DB: + key3db = ents[i].path; + break; + case APR_LDAP_CERT_TYPE_NICKNAME: + nickname = ents[i].path; + password = ents[i].password; + break; + default: + result->rc = -1; + result->reason = "LDAP: The Netscape/Mozilla LDAP SDK only " + "understands the CERT7, KEY3 and SECMOD " + "file types."; + break; + } + if (result->rc != LDAP_SUCCESS) { + break; + } + } + + /* actually set the certificate parameters */ + if (result->rc == LDAP_SUCCESS) { + if (nickname) { + result->rc = ldapssl_enable_clientauth(ldap, "", + (char *)password, + (char *)nickname); + if (result->rc != LDAP_SUCCESS) { + result->reason = "LDAP: could not set client certificate: " + "ldapssl_enable_clientauth() failed."; + result->msg = ldap_err2string(result->rc); + } + } + else if (secmod) { + result->rc = ldapssl_advclientauth_init(cert7db, NULL, + key3db ? 1 : 0, key3db, NULL, + 1, secmod, LDAPSSL_AUTH_CNCHECK); + if (result->rc != LDAP_SUCCESS) { + result->reason = "LDAP: ldapssl_advclientauth_init() failed."; + result->msg = ldap_err2string(result->rc); + } + } + else if (key3db) { + result->rc = ldapssl_clientauth_init(cert7db, NULL, + 1, key3db, NULL); + if (result->rc != LDAP_SUCCESS) { + result->reason = "LDAP: ldapssl_clientauth_init() failed."; + result->msg = ldap_err2string(result->rc); + } + } + else { + result->rc = ldapssl_client_init(cert7db, NULL); + if (result->rc != LDAP_SUCCESS) { + result->reason = "LDAP: ldapssl_client_init() failed."; + result->msg = ldap_err2string(result->rc); + } + } + } +#else + result->reason = "LDAP: SSL/TLS ldapssl_client_init() function not " + "supported by this Netscape/Mozilla/Solaris SDK. " + "Certificate authority file not set"; + result->rc = -1; +#endif +#endif + + /* Novell SDK */ +#if APR_HAS_NOVELL_LDAPSDK +#if APR_HAS_LDAPSSL_CLIENT_INIT && APR_HAS_LDAPSSL_ADD_TRUSTED_CERT && APR_HAS_LDAPSSL_CLIENT_DEINIT + /* The Novell library cannot support per connection certificates. Error + * out if the ldap handle is provided. + */ + if (ldap) { + result->rc = -1; + result->reason = "LDAP: The Novell LDAP SDK cannot support the setting " + "of certificates or keys on a per connection basis."; + } + /* Novell's library needs to be initialised first */ + else { + result->rc = ldapssl_client_init(NULL, NULL); + if (result->rc != LDAP_SUCCESS) { + result->msg = ldap_err2string(result-> rc); + result->reason = apr_pstrdup(pool, "LDAP: Could not " + "initialize SSL"); + } + } + /* set one or more certificates */ + for (i = 0; LDAP_SUCCESS == result->rc && i < certs->nelts; i++) { + /* Novell SDK supports DER or BASE64 files. */ + switch (ents[i].type) { + case APR_LDAP_CA_TYPE_DER: + result->rc = ldapssl_add_trusted_cert((void *)ents[i].path, + LDAPSSL_CERT_FILETYPE_DER); + result->msg = ldap_err2string(result->rc); + break; + case APR_LDAP_CA_TYPE_BASE64: + result->rc = ldapssl_add_trusted_cert((void *)ents[i].path, + LDAPSSL_CERT_FILETYPE_B64); + result->msg = ldap_err2string(result->rc); + break; + case APR_LDAP_CERT_TYPE_DER: + result->rc = ldapssl_set_client_cert((void *)ents[i].path, + LDAPSSL_CERT_FILETYPE_DER, + (void*)ents[i].password); + result->msg = ldap_err2string(result->rc); + break; + case APR_LDAP_CERT_TYPE_BASE64: + result->rc = ldapssl_set_client_cert((void *)ents[i].path, + LDAPSSL_CERT_FILETYPE_B64, + (void*)ents[i].password); + result->msg = ldap_err2string(result->rc); + break; + case APR_LDAP_CERT_TYPE_PFX: + result->rc = ldapssl_set_client_cert((void *)ents[i].path, + LDAPSSL_FILETYPE_P12, + (void*)ents[i].password); + result->msg = ldap_err2string(result->rc); + break; + case APR_LDAP_KEY_TYPE_DER: + result->rc = ldapssl_set_client_private_key((void *)ents[i].path, + LDAPSSL_CERT_FILETYPE_DER, + (void*)ents[i].password); + result->msg = ldap_err2string(result->rc); + break; + case APR_LDAP_KEY_TYPE_BASE64: + result->rc = ldapssl_set_client_private_key((void *)ents[i].path, + LDAPSSL_CERT_FILETYPE_B64, + (void*)ents[i].password); + result->msg = ldap_err2string(result->rc); + break; + case APR_LDAP_KEY_TYPE_PFX: + result->rc = ldapssl_set_client_private_key((void *)ents[i].path, + LDAPSSL_FILETYPE_P12, + (void*)ents[i].password); + result->msg = ldap_err2string(result->rc); + break; + default: + result->rc = -1; + result->reason = "LDAP: The Novell LDAP SDK only understands the " + "DER and PEM (BASE64) file types."; + break; + } + if (result->rc != LDAP_SUCCESS) { + break; + } + } +#else + result->reason = "LDAP: ldapssl_client_init(), " + "ldapssl_add_trusted_cert() or " + "ldapssl_client_deinit() functions not supported " + "by this Novell SDK. Certificate authority file " + "not set"; + result->rc = -1; +#endif +#endif + + /* OpenLDAP SDK */ +#if APR_HAS_OPENLDAP_LDAPSDK +#ifdef LDAP_OPT_X_TLS_CACERTFILE + /* set one or more certificates */ + /* FIXME: make it support setting directories as well as files */ + for (i = 0; i < certs->nelts; i++) { + /* OpenLDAP SDK supports BASE64 files. */ + switch (ents[i].type) { + case APR_LDAP_CA_TYPE_BASE64: + result->rc = ldap_set_option(ldap, LDAP_OPT_X_TLS_CACERTFILE, + (void *)ents[i].path); + result->msg = ldap_err2string(result->rc); + break; + case APR_LDAP_CERT_TYPE_BASE64: + result->rc = ldap_set_option(ldap, LDAP_OPT_X_TLS_CERTFILE, + (void *)ents[i].path); + result->msg = ldap_err2string(result->rc); + break; + case APR_LDAP_KEY_TYPE_BASE64: + result->rc = ldap_set_option(ldap, LDAP_OPT_X_TLS_KEYFILE, + (void *)ents[i].path); + result->msg = ldap_err2string(result->rc); + break; +#ifdef LDAP_OPT_X_TLS_CACERTDIR + case APR_LDAP_CA_TYPE_CACERTDIR_BASE64: + result->rc = ldap_set_option(ldap, LDAP_OPT_X_TLS_CACERTDIR, + (void *)ents[i].path); + result->msg = ldap_err2string(result->rc); + break; +#endif + default: + result->rc = -1; + result->reason = "LDAP: The OpenLDAP SDK only understands the " + "PEM (BASE64) file type."; + break; + } + if (result->rc != LDAP_SUCCESS) { + break; + } + } +#else + result->reason = "LDAP: LDAP_OPT_X_TLS_CACERTFILE not " + "defined by this OpenLDAP SDK. Certificate " + "authority file not set"; + result->rc = -1; +#endif +#endif + + /* Microsoft SDK */ +#if APR_HAS_MICROSOFT_LDAPSDK + /* Microsoft SDK use the registry certificate store - error out + * here with a message explaining this. */ + result->reason = "LDAP: CA certificates cannot be set using this method, " + "as they are stored in the registry instead."; + result->rc = -1; +#endif + + /* SDK not recognised */ +#if APR_HAS_OTHER_LDAPSDK + result->reason = "LDAP: LDAP_OPT_X_TLS_CACERTFILE not " + "defined by this LDAP SDK. Certificate " + "authority file not set"; + result->rc = -1; +#endif + +#else /* not compiled with SSL Support */ + result->reason = "LDAP: Attempt to set certificate(s) failed. " + "Not built with SSL support"; + result->rc = -1; +#endif /* APR_HAS_LDAP_SSL */ + +} + +#endif /* APR_HAS_LDAP */ + diff --git a/ldap/apr_ldap_rebind.c b/ldap/apr_ldap_rebind.c new file mode 100644 index 0000000..1f91b2b --- /dev/null +++ b/ldap/apr_ldap_rebind.c @@ -0,0 +1,377 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* apr_ldap_rebind.c -- LDAP rebind callbacks for referrals + * + * The LDAP SDK allows a callback to be set to enable rebinding + * for referral processing. + * + */ + +#include "apr.h" +#include "apu.h" +#include "apu_config.h" + +#if APU_DSO_BUILD +#define APU_DSO_LDAP_BUILD +#endif + +#include "apr_ldap.h" +#include "apr_errno.h" +#include "apr_strings.h" +#include "apr_ldap_rebind.h" + +#include "stdio.h" + +#if APR_HAS_LDAP + +/* Used to store information about connections for use in the referral rebind callback. */ +struct apr_ldap_rebind_entry { + apr_pool_t *pool; + LDAP *index; + const char *bindDN; + const char *bindPW; + struct apr_ldap_rebind_entry *next; +}; +typedef struct apr_ldap_rebind_entry apr_ldap_rebind_entry_t; + + +#ifdef NETWARE +#include "apr_private.h" +#define get_apd APP_DATA* apd = (APP_DATA*)get_app_data(gLibId); +#define apr_ldap_xref_lock ((apr_thread_mutex_t *)(apd->gs_ldap_xref_lock)) +#define xref_head ((apr_ldap_rebind_entry_t *)(apd->gs_xref_head)) +#else +#if APR_HAS_THREADS +static apr_thread_mutex_t *apr_ldap_xref_lock = NULL; +#endif +static apr_ldap_rebind_entry_t *xref_head = NULL; +#endif + +static int apr_ldap_rebind_set_callback(LDAP *ld); +static apr_status_t apr_ldap_rebind_remove_helper(void *data); + +static apr_status_t apr_ldap_pool_cleanup_set_null(void *data_) +{ + void **ptr = (void **)data_; + *ptr = NULL; + return APR_SUCCESS; +} + + +/* APR utility routine used to create the xref_lock. */ +APU_DECLARE_LDAP(apr_status_t) apr_ldap_rebind_init(apr_pool_t *pool) +{ + apr_status_t retcode = APR_SUCCESS; + +#ifdef NETWARE + get_apd +#endif + +#if APR_HAS_THREADS + /* run after apr_thread_mutex_create cleanup */ + apr_pool_cleanup_register(pool, &apr_ldap_xref_lock, apr_ldap_pool_cleanup_set_null, + apr_pool_cleanup_null); + + if (apr_ldap_xref_lock == NULL) { + retcode = apr_thread_mutex_create(&apr_ldap_xref_lock, APR_THREAD_MUTEX_DEFAULT, pool); + } +#endif + + return(retcode); +} + + +APU_DECLARE_LDAP(apr_status_t) apr_ldap_rebind_add(apr_pool_t *pool, + LDAP *ld, + const char *bindDN, + const char *bindPW) +{ + apr_status_t retcode = APR_SUCCESS; + apr_ldap_rebind_entry_t *new_xref; + +#ifdef NETWARE + get_apd +#endif + + new_xref = (apr_ldap_rebind_entry_t *)apr_pcalloc(pool, sizeof(apr_ldap_rebind_entry_t)); + if (new_xref) { + new_xref->pool = pool; + new_xref->index = ld; + if (bindDN) { + new_xref->bindDN = apr_pstrdup(pool, bindDN); + } + if (bindPW) { + new_xref->bindPW = apr_pstrdup(pool, bindPW); + } + +#if APR_HAS_THREADS + retcode = apr_thread_mutex_lock(apr_ldap_xref_lock); + if (retcode != APR_SUCCESS) { + return retcode; + } +#endif + + new_xref->next = xref_head; + xref_head = new_xref; + +#if APR_HAS_THREADS + retcode = apr_thread_mutex_unlock(apr_ldap_xref_lock); + if (retcode != APR_SUCCESS) { + return retcode; + } +#endif + } + else { + return(APR_ENOMEM); + } + + retcode = apr_ldap_rebind_set_callback(ld); + if (APR_SUCCESS != retcode) { + apr_ldap_rebind_remove(ld); + return retcode; + } + + apr_pool_cleanup_register(pool, ld, + apr_ldap_rebind_remove_helper, + apr_pool_cleanup_null); + + return(APR_SUCCESS); +} + + +APU_DECLARE_LDAP(apr_status_t) apr_ldap_rebind_remove(LDAP *ld) +{ + apr_ldap_rebind_entry_t *tmp_xref, *prev = NULL; + apr_status_t retcode = 0; + +#ifdef NETWARE + get_apd +#endif + +#if APR_HAS_THREADS + retcode = apr_thread_mutex_lock(apr_ldap_xref_lock); + if (retcode != APR_SUCCESS) { + return retcode; + } +#endif + tmp_xref = xref_head; + + while ((tmp_xref) && (tmp_xref->index != ld)) { + prev = tmp_xref; + tmp_xref = tmp_xref->next; + } + + if (tmp_xref) { + if (tmp_xref == xref_head) { + xref_head = xref_head->next; + } + else { + prev->next = tmp_xref->next; + } + + /* tmp_xref and its contents were pool allocated so they don't need to be freed here. */ + + /* remove the cleanup, just in case this was done manually */ + apr_pool_cleanup_kill(tmp_xref->pool, tmp_xref->index, + apr_ldap_rebind_remove_helper); + } + +#if APR_HAS_THREADS + retcode = apr_thread_mutex_unlock(apr_ldap_xref_lock); + if (retcode != APR_SUCCESS) { + return retcode; + } +#endif + return APR_SUCCESS; +} + + +static apr_status_t apr_ldap_rebind_remove_helper(void *data) +{ + LDAP *ld = (LDAP *)data; + apr_ldap_rebind_remove(ld); + return APR_SUCCESS; +} + +#if APR_HAS_TIVOLI_LDAPSDK || APR_HAS_OPENLDAP_LDAPSDK || APR_HAS_NOVELL_LDAPSDK +static apr_ldap_rebind_entry_t *apr_ldap_rebind_lookup(LDAP *ld) +{ + apr_ldap_rebind_entry_t *tmp_xref, *match = NULL; + +#ifdef NETWARE + get_apd +#endif + +#if APR_HAS_THREADS + apr_thread_mutex_lock(apr_ldap_xref_lock); +#endif + tmp_xref = xref_head; + + while (tmp_xref) { + if (tmp_xref->index == ld) { + match = tmp_xref; + tmp_xref = NULL; + } + else { + tmp_xref = tmp_xref->next; + } + } + +#if APR_HAS_THREADS + apr_thread_mutex_unlock(apr_ldap_xref_lock); +#endif + + return (match); +} +#endif + +#if APR_HAS_TIVOLI_LDAPSDK + +/* LDAP_rebindproc() Tivoli LDAP style + * Rebind callback function. Called when chasing referrals. See API docs. + * ON ENTRY: + * ld Pointer to an LDAP control structure. (input only) + * binddnp Pointer to an Application DName used for binding (in *or* out) + * passwdp Pointer to the password associated with the DName (in *or* out) + * methodp Pointer to the Auth method (output only) + * freeit Flag to indicate if this is a lookup or a free request (input only) + */ +static int LDAP_rebindproc(LDAP *ld, char **binddnp, char **passwdp, int *methodp, int freeit) +{ + if (!freeit) { + apr_ldap_rebind_entry_t *my_conn; + + *methodp = LDAP_AUTH_SIMPLE; + my_conn = apr_ldap_rebind_lookup(ld); + + if ((my_conn) && (my_conn->bindDN != NULL)) { + *binddnp = strdup(my_conn->bindDN); + *passwdp = strdup(my_conn->bindPW); + } else { + *binddnp = NULL; + *passwdp = NULL; + } + } else { + if (*binddnp) { + free(*binddnp); + } + if (*passwdp) { + free(*passwdp); + } + } + + return LDAP_SUCCESS; +} + +static int apr_ldap_rebind_set_callback(LDAP *ld) +{ + ldap_set_rebind_proc(ld, (LDAPRebindProc)LDAP_rebindproc); + return APR_SUCCESS; +} + +#elif APR_HAS_OPENLDAP_LDAPSDK + +/* LDAP_rebindproc() openLDAP V3 style + * ON ENTRY: + * ld Pointer to an LDAP control structure. (input only) + * url Unused in this routine + * request Unused in this routine + * msgid Unused in this routine + * params Unused in this routine + * + * or + * + * ld Pointer to an LDAP control structure. (input only) + * url Unused in this routine + * request Unused in this routine + * msgid Unused in this routine + */ +#if defined(LDAP_SET_REBIND_PROC_THREE) +static int LDAP_rebindproc(LDAP *ld, LDAP_CONST char *url, ber_tag_t request, + ber_int_t msgid, void *params) +#else +static int LDAP_rebindproc(LDAP *ld, LDAP_CONST char *url, int request, + ber_int_t msgid) +#endif +{ + apr_ldap_rebind_entry_t *my_conn; + const char *bindDN = NULL; + const char *bindPW = NULL; + + my_conn = apr_ldap_rebind_lookup(ld); + + if ((my_conn) && (my_conn->bindDN != NULL)) { + bindDN = my_conn->bindDN; + bindPW = my_conn->bindPW; + } + + return (ldap_bind_s(ld, bindDN, bindPW, LDAP_AUTH_SIMPLE)); +} + +static int apr_ldap_rebind_set_callback(LDAP *ld) +{ +#if defined(LDAP_SET_REBIND_PROC_THREE) + ldap_set_rebind_proc(ld, LDAP_rebindproc, NULL); +#else + ldap_set_rebind_proc(ld, LDAP_rebindproc); +#endif + return APR_SUCCESS; +} + +#elif APR_HAS_NOVELL_LDAPSDK + +/* LDAP_rebindproc() openLDAP V3 style + * ON ENTRY: + * ld Pointer to an LDAP control structure. (input only) + * url Unused in this routine + * request Unused in this routine + * msgid Unused in this routine + */ +static int LDAP_rebindproc(LDAP *ld, LDAP_CONST char *url, int request, ber_int_t msgid) +{ + + apr_ldap_rebind_entry_t *my_conn; + const char *bindDN = NULL; + const char *bindPW = NULL; + + my_conn = apr_ldap_rebind_lookup(ld); + + if ((my_conn) && (my_conn->bindDN != NULL)) { + bindDN = my_conn->bindDN; + bindPW = my_conn->bindPW; + } + + return (ldap_bind_s(ld, bindDN, bindPW, LDAP_AUTH_SIMPLE)); +} + +static int apr_ldap_rebind_set_callback(LDAP *ld) +{ + ldap_set_rebind_proc(ld, LDAP_rebindproc); + return APR_SUCCESS; +} + +#else /* Implementation not recognised */ + +static int apr_ldap_rebind_set_callback(LDAP *ld) +{ + return APR_ENOTIMPL; +} + +#endif + + +#endif /* APR_HAS_LDAP */ diff --git a/ldap/apr_ldap_stub.c b/ldap/apr_ldap_stub.c new file mode 100644 index 0000000..97c1551 --- /dev/null +++ b/ldap/apr_ldap_stub.c @@ -0,0 +1,145 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "apr.h" +#include "apu.h" +#include "apu_config.h" +#include "apr_ldap.h" +#include "apu_internal.h" +#include "apr_dso.h" +#include "apr_errno.h" +#include "apr_pools.h" +#include "apr_strings.h" +#include "apu_version.h" + +#if APR_HAS_LDAP + +#if APU_DSO_BUILD + +static struct apr__ldap_dso_fntable *lfn = NULL; + +static apr_status_t load_ldap(apr_pool_t *pool) +{ + char *modname; + apr_dso_handle_sym_t symbol; + apr_status_t rv; + + /* deprecate in 2.0 - permit implicit initialization */ + apu_dso_init(pool); + + rv = apu_dso_mutex_lock(); + if (rv) { + return rv; + } + +#if defined(WIN32) + modname = "apr_ldap-" APU_STRINGIFY(APU_MAJOR_VERSION) ".dll"; +#else + modname = "apr_ldap-" APU_STRINGIFY(APU_MAJOR_VERSION) ".so"; +#endif + rv = apu_dso_load(NULL, &symbol, modname, "apr__ldap_fns", pool); + if (rv == APR_SUCCESS) { + lfn = symbol; + } + apu_dso_mutex_unlock(); + + return rv; +} + +#define LOAD_LDAP_STUB(pool, failres) \ + if (!lfn && (load_ldap(pool) != APR_SUCCESS)) \ + return failres; + +APU_DECLARE_LDAP(int) apr_ldap_info(apr_pool_t *pool, + apr_ldap_err_t **result_err) +{ + LOAD_LDAP_STUB(pool, -1); + return lfn->info(pool, result_err); +} + +APU_DECLARE_LDAP(int) apr_ldap_init(apr_pool_t *pool, + LDAP **ldap, + const char *hostname, + int portno, + int secure, + apr_ldap_err_t **result_err) +{ + LOAD_LDAP_STUB(pool, -1); + return lfn->init(pool, ldap, hostname, portno, secure, result_err); +} + +APU_DECLARE_LDAP(int) apr_ldap_ssl_init(apr_pool_t *pool, + const char *cert_auth_file, + int cert_file_type, + apr_ldap_err_t **result_err) +{ + LOAD_LDAP_STUB(pool, -1); + return lfn->ssl_init(pool, cert_auth_file, cert_file_type, result_err); +} + +APU_DECLARE_LDAP(int) apr_ldap_ssl_deinit(void) +{ + if (!lfn) + return -1; + return lfn->ssl_deinit(); +} + +APU_DECLARE_LDAP(int) apr_ldap_get_option(apr_pool_t *pool, + LDAP *ldap, + int option, + void *outvalue, + apr_ldap_err_t **result_err) +{ + LOAD_LDAP_STUB(pool, -1); + return lfn->get_option(pool, ldap, option, outvalue, result_err); +} + +APU_DECLARE_LDAP(int) apr_ldap_set_option(apr_pool_t *pool, + LDAP *ldap, + int option, + const void *invalue, + apr_ldap_err_t **result_err) +{ + LOAD_LDAP_STUB(pool, -1); + return lfn->set_option(pool, ldap, option, invalue, result_err); +} + +APU_DECLARE_LDAP(apr_status_t) apr_ldap_rebind_init(apr_pool_t *pool) +{ + LOAD_LDAP_STUB(pool, APR_EGENERAL); + return lfn->rebind_init(pool); +} + +APU_DECLARE_LDAP(apr_status_t) apr_ldap_rebind_add(apr_pool_t *pool, + LDAP *ld, + const char *bindDN, + const char *bindPW) +{ + LOAD_LDAP_STUB(pool, APR_EGENERAL); + return lfn->rebind_add(pool, ld, bindDN, bindPW); +} + +APU_DECLARE_LDAP(apr_status_t) apr_ldap_rebind_remove(LDAP *ld) +{ + if (!lfn) + return APR_EGENERAL; + return lfn->rebind_remove(ld); +} + +#endif /* APU_DSO_BUILD */ + +#endif /* APR_HAS_LDAP */ + diff --git a/ldap/apr_ldap_url.c b/ldap/apr_ldap_url.c new file mode 100644 index 0000000..52e37b2 --- /dev/null +++ b/ldap/apr_ldap_url.c @@ -0,0 +1,694 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* Portions Copyright 1998-2002 The OpenLDAP Foundation + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted only as authorized by the OpenLDAP + * Public License. A copy of this license is available at + * http://www.OpenLDAP.org/license.html or in file LICENSE in the + * top-level directory of the distribution. + * + * OpenLDAP is a registered trademark of the OpenLDAP Foundation. + * + * Individual files and/or contributed packages may be copyright by + * other parties and subject to additional restrictions. + * + * This work is derived from the University of Michigan LDAP v3.3 + * distribution. Information concerning this software is available + * at: http://www.umich.edu/~dirsvcs/ldap/ + * + * This work also contains materials derived from public sources. + * + * Additional information about OpenLDAP can be obtained at: + * http://www.openldap.org/ + */ + +/* + * Portions Copyright (c) 1992-1996 Regents of the University of Michigan. + * All rights reserved. + * + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and that due credit is given + * to the University of Michigan at Ann Arbor. The name of the University + * may not be used to endorse or promote products derived from this + * software without specific prior written permission. This software + * is provided ``as is'' without express or implied warranty. + */ + +/* apr_ldap_url.c -- LDAP URL (RFC 2255) related routines + * + * Win32 and perhaps other non-OpenLDAP based ldap libraries may be + * missing ldap_url_* APIs. We focus here on the one significant + * aspect, which is parsing. We have [for the time being] omitted + * the ldap_url_search APIs. + * + * LDAP URLs look like this: + * ldap[is]://host:port[/[dn[?[attributes][?[scope][?[filter][?exts]]]]]] + * + * where: + * attributes is a comma separated list + * scope is one of these three strings: base one sub (default=base) + * filter is an string-represented filter as in RFC 2254 + * + * e.g., ldap://host:port/dc=com?o,cn?base?o=openldap?extension + * + * Tolerates URLs that look like: <ldapurl> and <URL:ldapurl> + */ + +#include "apu.h" +#include "apr_pools.h" +#include "apr_general.h" +#include "apr_strings.h" +#include "apr_ldap.h" + +#if APR_HAS_LDAP + +#if APR_HAVE_STDLIB_H +#include <stdlib.h> +#endif + +#ifndef LDAPS_PORT +#define LDAPS_PORT 636 /* ldaps:/// default LDAP over TLS port */ +#endif + +#define APR_LDAP_URL_PREFIX "ldap://" +#define APR_LDAP_URL_PREFIX_LEN (sizeof(APR_LDAP_URL_PREFIX)-1) +#define APR_LDAPS_URL_PREFIX "ldaps://" +#define APR_LDAPS_URL_PREFIX_LEN (sizeof(APR_LDAPS_URL_PREFIX)-1) +#define APR_LDAPI_URL_PREFIX "ldapi://" +#define APR_LDAPI_URL_PREFIX_LEN (sizeof(APR_LDAPI_URL_PREFIX)-1) +#define APR_LDAP_URL_URLCOLON "URL:" +#define APR_LDAP_URL_URLCOLON_LEN (sizeof(APR_LDAP_URL_URLCOLON)-1) + + +/* local functions */ +static const char* skip_url_prefix(const char *url, + int *enclosedp, + const char **scheme); + +static void apr_ldap_pvt_hex_unescape(char *s); + +static int apr_ldap_pvt_unhex(int c); + +static char **apr_ldap_str2charray(apr_pool_t *pool, + const char *str, + const char *brkstr); + + +/** + * Is this URL an ldap url? + * + */ +APU_DECLARE(int) apr_ldap_is_ldap_url(const char *url) +{ + int enclosed; + const char * scheme; + + if( url == NULL ) { + return 0; + } + + if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) { + return 0; + } + + return 1; +} + +/** + * Is this URL a secure ldap url? + * + */ +APU_DECLARE(int) apr_ldap_is_ldaps_url(const char *url) +{ + int enclosed; + const char * scheme; + + if( url == NULL ) { + return 0; + } + + if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) { + return 0; + } + + return strcmp(scheme, "ldaps") == 0; +} + +/** + * Is this URL an ldap socket url? + * + */ +APU_DECLARE(int) apr_ldap_is_ldapi_url(const char *url) +{ + int enclosed; + const char * scheme; + + if( url == NULL ) { + return 0; + } + + if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) { + return 0; + } + + return strcmp(scheme, "ldapi") == 0; +} + + +static const char *skip_url_prefix(const char *url, int *enclosedp, + const char **scheme) +{ + /* + * return non-zero if this looks like a LDAP URL; zero if not + * if non-zero returned, *urlp will be moved past "ldap://" part of URL + */ + const char *p; + + if ( url == NULL ) { + return( NULL ); + } + + p = url; + + /* skip leading '<' (if any) */ + if ( *p == '<' ) { + *enclosedp = 1; + ++p; + } else { + *enclosedp = 0; + } + + /* skip leading "URL:" (if any) */ + if ( strncasecmp( p, APR_LDAP_URL_URLCOLON, APR_LDAP_URL_URLCOLON_LEN ) == 0 ) { + p += APR_LDAP_URL_URLCOLON_LEN; + } + + /* check for "ldap://" prefix */ + if ( strncasecmp( p, APR_LDAP_URL_PREFIX, APR_LDAP_URL_PREFIX_LEN ) == 0 ) { + /* skip over "ldap://" prefix and return success */ + p += APR_LDAP_URL_PREFIX_LEN; + *scheme = "ldap"; + return( p ); + } + + /* check for "ldaps://" prefix */ + if ( strncasecmp( p, APR_LDAPS_URL_PREFIX, APR_LDAPS_URL_PREFIX_LEN ) == 0 ) { + /* skip over "ldaps://" prefix and return success */ + p += APR_LDAPS_URL_PREFIX_LEN; + *scheme = "ldaps"; + return( p ); + } + + /* check for "ldapi://" prefix */ + if ( strncasecmp( p, APR_LDAPI_URL_PREFIX, APR_LDAPI_URL_PREFIX_LEN ) == 0 ) { + /* skip over "ldapi://" prefix and return success */ + p += APR_LDAPI_URL_PREFIX_LEN; + *scheme = "ldapi"; + return( p ); + } + + return( NULL ); +} + + +static int str2scope(const char *p) +{ + if ( strcasecmp( p, "one" ) == 0 ) { + return LDAP_SCOPE_ONELEVEL; + + } else if ( strcasecmp( p, "onetree" ) == 0 ) { + return LDAP_SCOPE_ONELEVEL; + + } else if ( strcasecmp( p, "base" ) == 0 ) { + return LDAP_SCOPE_BASE; + + } else if ( strcasecmp( p, "sub" ) == 0 ) { + return LDAP_SCOPE_SUBTREE; + + } else if ( strcasecmp( p, "subtree" ) == 0 ) { + return LDAP_SCOPE_SUBTREE; + } + + return( -1 ); +} + + +/** + * Parse the URL provided into an apr_ldap_url_desc_t object. + * + * APR_SUCCESS is returned on success, APR_EGENERAL on failure. + * The LDAP result code and reason string is returned in the + * apr_ldap_err_t structure. + */ +APU_DECLARE(int) apr_ldap_url_parse_ext(apr_pool_t *pool, + const char *url_in, + apr_ldap_url_desc_t **ludpp, + apr_ldap_err_t **result_err) +{ + apr_ldap_url_desc_t *ludp; + char *p, *q, *r; + int i, enclosed; + const char *scheme = NULL; + const char *url_tmp; + char *url; + + apr_ldap_err_t *result = (apr_ldap_err_t *)apr_pcalloc(pool, sizeof(apr_ldap_err_t)); + *result_err = result; + + /* sanity check our parameters */ + if( url_in == NULL || ludpp == NULL ) { + result->reason = "Either the LDAP URL, or the URL structure was NULL. Oops."; + result->rc = APR_LDAP_URL_ERR_PARAM; + return APR_EGENERAL; + } + + *ludpp = NULL; /* pessimistic */ + + url_tmp = skip_url_prefix( url_in, &enclosed, &scheme ); + if ( url_tmp == NULL ) { + result->reason = "The scheme was not recognised as a valid LDAP URL scheme."; + result->rc = APR_LDAP_URL_ERR_BADSCHEME; + return APR_EGENERAL; + } + + /* make working copy of the remainder of the URL */ + url = (char *)apr_pstrdup(pool, url_tmp); + if ( url == NULL ) { + result->reason = "Out of memory parsing LDAP URL."; + result->rc = APR_LDAP_URL_ERR_MEM; + return APR_EGENERAL; + } + + if ( enclosed ) { + p = &url[strlen(url)-1]; + + if( *p != '>' ) { + result->reason = "Bad enclosure error while parsing LDAP URL."; + result->rc = APR_LDAP_URL_ERR_BADENCLOSURE; + return APR_EGENERAL; + } + + *p = '\0'; + } + + /* allocate return struct */ + ludp = (apr_ldap_url_desc_t *)apr_pcalloc(pool, sizeof(apr_ldap_url_desc_t)); + if ( ludp == NULL ) { + result->reason = "Out of memory parsing LDAP URL."; + result->rc = APR_LDAP_URL_ERR_MEM; + return APR_EGENERAL; + } + + ludp->lud_next = NULL; + ludp->lud_host = NULL; + ludp->lud_port = LDAP_PORT; + ludp->lud_dn = NULL; + ludp->lud_attrs = NULL; + ludp->lud_filter = NULL; + ludp->lud_scope = -1; + ludp->lud_filter = NULL; + ludp->lud_exts = NULL; + + ludp->lud_scheme = (char *)apr_pstrdup(pool, scheme); + if ( ludp->lud_scheme == NULL ) { + result->reason = "Out of memory parsing LDAP URL."; + result->rc = APR_LDAP_URL_ERR_MEM; + return APR_EGENERAL; + } + + if( strcasecmp( ludp->lud_scheme, "ldaps" ) == 0 ) { + ludp->lud_port = LDAPS_PORT; + } + + /* scan forward for '/' that marks end of hostport and begin. of dn */ + p = strchr( url, '/' ); + + if( p != NULL ) { + /* terminate hostport; point to start of dn */ + *p++ = '\0'; + } + + /* IPv6 syntax with [ip address]:port */ + if ( *url == '[' ) { + r = strchr( url, ']' ); + if ( r == NULL ) { + result->reason = "Bad LDAP URL while parsing IPV6 syntax."; + result->rc = APR_LDAP_URL_ERR_BADURL; + return APR_EGENERAL; + } + *r++ = '\0'; + q = strrchr( r, ':' ); + } else { + q = strrchr( url, ':' ); + } + + if ( q != NULL ) { + apr_ldap_pvt_hex_unescape( ++q ); + + if( *q == '\0' ) { + result->reason = "Bad LDAP URL while parsing."; + result->rc = APR_LDAP_URL_ERR_BADURL; + return APR_EGENERAL; + } + + ludp->lud_port = atoi( q ); + } + + apr_ldap_pvt_hex_unescape( url ); + + /* If [ip address]:port syntax, url is [ip and we skip the [ */ + ludp->lud_host = (char *)apr_pstrdup(pool, url + ( *url == '[' )); + if( ludp->lud_host == NULL ) { + result->reason = "Out of memory parsing LDAP URL."; + result->rc = APR_LDAP_URL_ERR_MEM; + return APR_EGENERAL; + } + + /* + * Kludge. ldap://111.222.333.444:389??cn=abc,o=company + * + * On early Novell releases, search references/referrals were returned + * in this format, i.e., the dn was kind of in the scope position, + * but the required slash is missing. The whole thing is illegal syntax, + * but we need to account for it. Fortunately it can't be confused with + * anything real. + */ + if( (p == NULL) && (q != NULL) && ((q = strchr( q, '?')) != NULL)) { + q++; + /* ? immediately followed by question */ + if( *q == '?') { + q++; + if( *q != '\0' ) { + /* parse dn part */ + apr_ldap_pvt_hex_unescape( q ); + ludp->lud_dn = (char *)apr_pstrdup(pool, q); + } else { + ludp->lud_dn = (char *)apr_pstrdup(pool, ""); + } + + if( ludp->lud_dn == NULL ) { + result->reason = "Out of memory parsing LDAP URL."; + result->rc = APR_LDAP_URL_ERR_MEM; + return APR_EGENERAL; + } + } + } + + if( p == NULL ) { + *ludpp = ludp; + return APR_SUCCESS; + } + + /* scan forward for '?' that may marks end of dn */ + q = strchr( p, '?' ); + + if( q != NULL ) { + /* terminate dn part */ + *q++ = '\0'; + } + + if( *p != '\0' ) { + /* parse dn part */ + apr_ldap_pvt_hex_unescape( p ); + ludp->lud_dn = (char *)apr_pstrdup(pool, p); + } else { + ludp->lud_dn = (char *)apr_pstrdup(pool, ""); + } + + if( ludp->lud_dn == NULL ) { + result->reason = "Out of memory parsing LDAP URL."; + result->rc = APR_LDAP_URL_ERR_MEM; + return APR_EGENERAL; + } + + if( q == NULL ) { + /* no more */ + *ludpp = ludp; + return APR_SUCCESS; + } + + /* scan forward for '?' that may marks end of attributes */ + p = q; + q = strchr( p, '?' ); + + if( q != NULL ) { + /* terminate attributes part */ + *q++ = '\0'; + } + + if( *p != '\0' ) { + /* parse attributes */ + apr_ldap_pvt_hex_unescape( p ); + ludp->lud_attrs = apr_ldap_str2charray(pool, p, ","); + + if( ludp->lud_attrs == NULL ) { + result->reason = "Bad attributes encountered while parsing LDAP URL."; + result->rc = APR_LDAP_URL_ERR_BADATTRS; + return APR_EGENERAL; + } + } + + if ( q == NULL ) { + /* no more */ + *ludpp = ludp; + return APR_SUCCESS; + } + + /* scan forward for '?' that may marks end of scope */ + p = q; + q = strchr( p, '?' ); + + if( q != NULL ) { + /* terminate the scope part */ + *q++ = '\0'; + } + + if( *p != '\0' ) { + /* parse the scope */ + apr_ldap_pvt_hex_unescape( p ); + ludp->lud_scope = str2scope( p ); + + if( ludp->lud_scope == -1 ) { + result->reason = "Bad scope encountered while parsing LDAP URL."; + result->rc = APR_LDAP_URL_ERR_BADSCOPE; + return APR_EGENERAL; + } + } + + if ( q == NULL ) { + /* no more */ + *ludpp = ludp; + return APR_SUCCESS; + } + + /* scan forward for '?' that may marks end of filter */ + p = q; + q = strchr( p, '?' ); + + if( q != NULL ) { + /* terminate the filter part */ + *q++ = '\0'; + } + + if( *p != '\0' ) { + /* parse the filter */ + apr_ldap_pvt_hex_unescape( p ); + + if( ! *p ) { + /* missing filter */ + result->reason = "Bad filter encountered while parsing LDAP URL."; + result->rc = APR_LDAP_URL_ERR_BADFILTER; + return APR_EGENERAL; + } + + ludp->lud_filter = (char *)apr_pstrdup(pool, p); + if( ludp->lud_filter == NULL ) { + result->reason = "Out of memory parsing LDAP URL."; + result->rc = APR_LDAP_URL_ERR_MEM; + return APR_EGENERAL; + } + } + + if ( q == NULL ) { + /* no more */ + *ludpp = ludp; + return APR_SUCCESS; + } + + /* scan forward for '?' that may marks end of extensions */ + p = q; + q = strchr( p, '?' ); + + if( q != NULL ) { + /* extra '?' */ + result->reason = "Bad URL encountered while parsing LDAP URL."; + result->rc = APR_LDAP_URL_ERR_BADURL; + return APR_EGENERAL; + } + + /* parse the extensions */ + ludp->lud_exts = apr_ldap_str2charray(pool, p, ","); + if( ludp->lud_exts == NULL ) { + result->reason = "Bad extensions encountered while parsing LDAP URL."; + result->rc = APR_LDAP_URL_ERR_BADEXTS; + return APR_EGENERAL; + } + + for( i=0; ludp->lud_exts[i] != NULL; i++ ) { + apr_ldap_pvt_hex_unescape( ludp->lud_exts[i] ); + + if( *ludp->lud_exts[i] == '!' ) { + /* count the number of critical extensions */ + ludp->lud_crit_exts++; + } + } + + if( i == 0 ) { + /* must have 1 or more */ + result->reason = "Bad extensions encountered while parsing LDAP URL."; + result->rc = APR_LDAP_URL_ERR_BADEXTS; + return APR_EGENERAL; + } + + /* no more */ + *ludpp = ludp; + return APR_SUCCESS; +} + + +/** + * Parse the URL provided into an apr_ldap_url_desc_t object. + * + * APR_SUCCESS is returned on success, APR_EGENERAL on failure. + * The LDAP result code and reason string is returned in the + * apr_ldap_err_t structure. + */ +APU_DECLARE(int) apr_ldap_url_parse(apr_pool_t *pool, + const char *url_in, + apr_ldap_url_desc_t **ludpp, + apr_ldap_err_t **result_err) +{ + + int rc = apr_ldap_url_parse_ext(pool, url_in, ludpp, result_err); + if( rc != APR_SUCCESS ) { + return rc; + } + + if ((*ludpp)->lud_scope == -1) { + (*ludpp)->lud_scope = LDAP_SCOPE_BASE; + } + + if ((*ludpp)->lud_host != NULL && *(*ludpp)->lud_host == '\0') { + (*ludpp)->lud_host = NULL; + } + + return rc; + +} + + +static void apr_ldap_pvt_hex_unescape(char *s) +{ + /* + * Remove URL hex escapes from s... done in place. The basic concept for + * this routine is borrowed from the WWW library HTUnEscape() routine. + */ + char *p; + + for ( p = s; *s != '\0'; ++s ) { + if ( *s == '%' ) { + if ( *++s == '\0' ) { + break; + } + *p = apr_ldap_pvt_unhex( *s ) << 4; + if ( *++s == '\0' ) { + break; + } + *p++ += apr_ldap_pvt_unhex( *s ); + } else { + *p++ = *s; + } + } + + *p = '\0'; +} + + +static int apr_ldap_pvt_unhex(int c) +{ + return( c >= '0' && c <= '9' ? c - '0' + : c >= 'A' && c <= 'F' ? c - 'A' + 10 + : c - 'a' + 10 ); +} + + +/** + * Convert a string to a character array + */ +static char **apr_ldap_str2charray(apr_pool_t *pool, + const char *str_in, + const char *brkstr) +{ + char **res; + char *str, *s; + char *lasts; + int i; + + /* protect the input string from strtok */ + str = (char *)apr_pstrdup(pool, str_in); + if( str == NULL ) { + return NULL; + } + + i = 1; + for ( s = str; *s; s++ ) { + /* Warning: this strchr was previously ldap_utf8_strchr(), check + * whether this particular code has any charset issues. + */ + if ( strchr( brkstr, *s ) != NULL ) { + i++; + } + } + + res = (char **) apr_pcalloc(pool, (i + 1) * sizeof(char *)); + if( res == NULL ) { + return NULL; + } + + i = 0; + + for ( s = (char *)apr_strtok( str, brkstr, &lasts ); + s != NULL; + s = (char *)apr_strtok( NULL, brkstr, &lasts ) ) { + + res[i] = (char *)apr_pstrdup(pool, s); + if(res[i] == NULL) { + return NULL; + } + + i++; + } + + res[i] = NULL; + + return( res ); + +} + +#endif /* APR_HAS_LDAP */ |