/* LIBLDAP url.c -- LDAP URL (RFC 4516) related routines */ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1998-2024 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in the file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* Portions Copyright (c) 1996 Regents of the University of Michigan. * All rights reserved. */ /* * LDAP URLs look like this: * [p]ldap[is]://host[:port][/[dn[?[attributes][?[scope][?[filter][?exts]]]]]] * * where: * attributes is a comma separated list * scope is one of these three strings: base one sub (default=base) * filter is an string-represented filter as in RFC 4515 * * e.g., ldap://host:port/dc=com?o,cn?base?(o=openldap)?extension * * We also tolerate URLs that look like: and */ #include "portable.h" #include #include #include #include #include #include #include "ldap-int.h" /* local functions */ static const char* skip_url_prefix LDAP_P(( const char *url, int *enclosedp, const char **scheme )); int ldap_pvt_url_scheme2proto( const char *scheme ) { assert( scheme != NULL ); if( scheme == NULL ) { return -1; } if( strcmp("ldap", scheme) == 0 || strcmp("pldap", scheme) == 0 ) { return LDAP_PROTO_TCP; } if( strcmp("ldapi", scheme) == 0 ) { return LDAP_PROTO_IPC; } if( strcmp("ldaps", scheme) == 0 || strcmp("pldaps", scheme) == 0 ) { return LDAP_PROTO_TCP; } #ifdef LDAP_CONNECTIONLESS if( strcmp("cldap", scheme) == 0 ) { return LDAP_PROTO_UDP; } #endif return -1; } int ldap_pvt_url_scheme_port( const char *scheme, int port ) { assert( scheme != NULL ); if( port ) return port; if( scheme == NULL ) return port; if( strcmp("ldap", scheme) == 0 || strcmp("pldap", scheme) == 0 ) { return LDAP_PORT; } if( strcmp("ldapi", scheme) == 0 ) { return -1; } if( strcmp("ldaps", scheme) == 0 || strcmp("pldaps", scheme) == 0 ) { return LDAPS_PORT; } #ifdef LDAP_CONNECTIONLESS if( strcmp("cldap", scheme) == 0 ) { return LDAP_PORT; } #endif return -1; } int ldap_pvt_url_scheme2tls( const char *scheme ) { assert( scheme != NULL ); if( scheme == NULL ) { return -1; } return strcmp("ldaps", scheme) == 0 || strcmp("pldaps", scheme) == 0; } int ldap_pvt_url_scheme2proxied( const char *scheme ) { assert( scheme != NULL ); if( scheme == NULL ) { return -1; } return strcmp("pldap", scheme) == 0 || strcmp("pldaps", scheme) == 0; } int ldap_is_ldap_url( LDAP_CONST char *url ) { int enclosed; const char * scheme; if( url == NULL ) { return 0; } if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) { return 0; } return 1; } int ldap_is_ldaps_url( LDAP_CONST char *url ) { int enclosed; const char * scheme; if( url == NULL ) { return 0; } if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) { return 0; } return strcmp(scheme, "ldaps") == 0 || strcmp(scheme, "pldaps") == 0; } int ldap_is_ldapi_url( LDAP_CONST char *url ) { int enclosed; const char * scheme; if( url == NULL ) { return 0; } if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) { return 0; } return strcmp(scheme, "ldapi") == 0; } #ifdef LDAP_CONNECTIONLESS int ldap_is_ldapc_url( LDAP_CONST char *url ) { int enclosed; const char * scheme; if( url == NULL ) { return 0; } if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) { return 0; } return strcmp(scheme, "cldap") == 0; } #endif static const char* skip_url_prefix( const char *url, int *enclosedp, const char **scheme ) { /* * return non-zero if this looks like a LDAP URL; zero if not * if non-zero returned, *urlp will be moved past "ldap://" part of URL */ const char *p; if ( url == NULL ) { return( NULL ); } p = url; /* skip leading '<' (if any) */ if ( *p == '<' ) { *enclosedp = 1; ++p; } else { *enclosedp = 0; } /* skip leading "URL:" (if any) */ if ( strncasecmp( p, LDAP_URL_URLCOLON, LDAP_URL_URLCOLON_LEN ) == 0 ) { p += LDAP_URL_URLCOLON_LEN; } /* check for "ldap://" prefix */ if ( strncasecmp( p, LDAP_URL_PREFIX, LDAP_URL_PREFIX_LEN ) == 0 ) { /* skip over "ldap://" prefix and return success */ p += LDAP_URL_PREFIX_LEN; *scheme = "ldap"; return( p ); } /* check for "pldap://" prefix */ if ( strncasecmp( p, PLDAP_URL_PREFIX, PLDAP_URL_PREFIX_LEN ) == 0 ) { /* skip over "pldap://" prefix and return success */ p += PLDAP_URL_PREFIX_LEN; *scheme = "pldap"; return( p ); } /* check for "ldaps://" prefix */ if ( strncasecmp( p, LDAPS_URL_PREFIX, LDAPS_URL_PREFIX_LEN ) == 0 ) { /* skip over "ldaps://" prefix and return success */ p += LDAPS_URL_PREFIX_LEN; *scheme = "ldaps"; return( p ); } /* check for "pldaps://" prefix */ if ( strncasecmp( p, PLDAPS_URL_PREFIX, PLDAPS_URL_PREFIX_LEN ) == 0 ) { /* skip over "pldaps://" prefix and return success */ p += PLDAPS_URL_PREFIX_LEN; *scheme = "pldaps"; return( p ); } /* check for "ldapi://" prefix */ if ( strncasecmp( p, LDAPI_URL_PREFIX, LDAPI_URL_PREFIX_LEN ) == 0 ) { /* skip over "ldapi://" prefix and return success */ p += LDAPI_URL_PREFIX_LEN; *scheme = "ldapi"; return( p ); } #ifdef LDAP_CONNECTIONLESS /* check for "cldap://" prefix */ if ( strncasecmp( p, LDAPC_URL_PREFIX, LDAPC_URL_PREFIX_LEN ) == 0 ) { /* skip over "cldap://" prefix and return success */ p += LDAPC_URL_PREFIX_LEN; *scheme = "cldap"; return( p ); } #endif return( NULL ); } int ldap_pvt_scope2bv( int scope, struct berval *bv ) { switch ( scope ) { case LDAP_SCOPE_BASE: BER_BVSTR( bv, "base" ); break; case LDAP_SCOPE_ONELEVEL: BER_BVSTR( bv, "one" ); break; case LDAP_SCOPE_SUBTREE: BER_BVSTR( bv, "sub" ); break; case LDAP_SCOPE_SUBORDINATE: BER_BVSTR( bv, "subordinate" ); break; default: return LDAP_OTHER; } return LDAP_SUCCESS; } const char * ldap_pvt_scope2str( int scope ) { struct berval bv; if ( ldap_pvt_scope2bv( scope, &bv ) == LDAP_SUCCESS ) { return bv.bv_val; } return NULL; } int ldap_pvt_bv2scope( struct berval *bv ) { static struct { struct berval bv; int scope; } v[] = { { BER_BVC( "one" ), LDAP_SCOPE_ONELEVEL }, { BER_BVC( "onelevel" ), LDAP_SCOPE_ONELEVEL }, { BER_BVC( "base" ), LDAP_SCOPE_BASE }, { BER_BVC( "sub" ), LDAP_SCOPE_SUBTREE }, { BER_BVC( "subtree" ), LDAP_SCOPE_SUBTREE }, { BER_BVC( "subord" ), LDAP_SCOPE_SUBORDINATE }, { BER_BVC( "subordinate" ), LDAP_SCOPE_SUBORDINATE }, { BER_BVC( "children" ), LDAP_SCOPE_SUBORDINATE }, { BER_BVNULL, -1 } }; int i; for ( i = 0; v[ i ].scope != -1; i++ ) { if ( ber_bvstrcasecmp( bv, &v[ i ].bv ) == 0 ) { return v[ i ].scope; } } return( -1 ); } int ldap_pvt_str2scope( const char *p ) { struct berval bv; ber_str2bv( p, 0, 0, &bv ); return ldap_pvt_bv2scope( &bv ); } static const char hex[] = "0123456789ABCDEF"; #define URLESC_NONE 0x0000U #define URLESC_COMMA 0x0001U #define URLESC_SLASH 0x0002U static int hex_escape_len( const char *s, unsigned list ) { int len; if ( s == NULL ) { return 0; } for ( len = 0; s[0]; s++ ) { switch ( s[0] ) { /* RFC 2396: reserved */ case '?': len += 3; break; case ',': if ( list & URLESC_COMMA ) { len += 3; } else { len++; } break; case '/': if ( list & URLESC_SLASH ) { len += 3; } else { len++; } break; case ';': case ':': case '@': case '&': case '=': case '+': case '$': /* RFC 2396: unreserved mark */ case '-': case '_': case '.': case '!': case '~': case '*': case '\'': case '(': case ')': len++; break; /* RFC 2396: unreserved alphanum */ default: if ( !isalnum( (unsigned char) s[0] ) ) { len += 3; } else { len++; } break; } } return len; } static int hex_escape( char *buf, int len, const char *s, unsigned list ) { int i; int pos; if ( s == NULL ) { return 0; } for ( pos = 0, i = 0; s[i] && pos < len; i++ ) { int escape = 0; switch ( s[i] ) { /* RFC 2396: reserved */ case '?': escape = 1; break; case ',': if ( list & URLESC_COMMA ) { escape = 1; } break; case '/': if ( list & URLESC_SLASH ) { escape = 1; } break; case ';': case ':': case '@': case '&': case '=': case '+': case '$': /* RFC 2396: unreserved mark */ case '-': case '_': case '.': case '!': case '~': case '*': case '\'': case '(': case ')': break; /* RFC 2396: unreserved alphanum */ default: if ( !isalnum( (unsigned char) s[i] ) ) { escape = 1; } break; } if ( escape ) { buf[pos++] = '%'; buf[pos++] = hex[ (s[i] >> 4) & 0x0f ]; buf[pos++] = hex[ s[i] & 0x0f ]; } else { buf[pos++] = s[i]; } } buf[pos] = '\0'; return pos; } static int hex_escape_len_list( char **s, unsigned flags ) { int len; int i; if ( s == NULL ) { return 0; } len = 0; for ( i = 0; s[i] != NULL; i++ ) { if ( len ) { len++; } len += hex_escape_len( s[i], flags ); } return len; } static int hex_escape_list( char *buf, int len, char **s, unsigned flags ) { int pos; int i; if ( s == NULL ) { return 0; } pos = 0; for ( i = 0; s[i] != NULL; i++ ) { int curlen; if ( pos ) { buf[pos++] = ','; len--; } curlen = hex_escape( &buf[pos], len, s[i], flags ); len -= curlen; pos += curlen; } return pos; } static int desc2str_len( LDAPURLDesc *u ) { int sep = 0; int len = 0; int is_ipc = 0; struct berval scope; if ( u == NULL || u->lud_scheme == NULL ) { return -1; } if ( !strcmp( "ldapi", u->lud_scheme )) { is_ipc = 1; } if ( u->lud_exts ) { len += hex_escape_len_list( u->lud_exts, URLESC_COMMA ); if ( !sep ) { sep = 5; } } if ( u->lud_filter ) { len += hex_escape_len( u->lud_filter, URLESC_NONE ); if ( !sep ) { sep = 4; } } if ( ldap_pvt_scope2bv( u->lud_scope, &scope ) == LDAP_SUCCESS ) { len += scope.bv_len; if ( !sep ) { sep = 3; } } if ( u->lud_attrs ) { len += hex_escape_len_list( u->lud_attrs, URLESC_NONE ); if ( !sep ) { sep = 2; } } if ( u->lud_dn && u->lud_dn[0] ) { len += hex_escape_len( u->lud_dn, URLESC_NONE ); if ( !sep ) { sep = 1; } }; len += sep; if ( u->lud_port ) { unsigned p = u->lud_port; if ( p > 65535 ) return -1; len += (p > 999 ? 5 + (p > 9999) : p > 99 ? 4 : 2 + (p > 9)); } if ( u->lud_host && u->lud_host[0] ) { char *ptr; len += hex_escape_len( u->lud_host, URLESC_SLASH ); if ( !is_ipc && ( ptr = strchr( u->lud_host, ':' ))) { if ( strchr( ptr+1, ':' )) len += 2; /* IPv6, [] */ } } len += strlen( u->lud_scheme ) + STRLENOF( "://" ); return len; } static int desc2str( LDAPURLDesc *u, char *s, int len ) { int i; int sep = 0; int sofar = 0; int is_v6 = 0; int is_ipc = 0; struct berval scope = BER_BVNULL; char *ptr; if ( u == NULL ) { return -1; } if ( s == NULL ) { return -1; } if ( u->lud_scheme && !strcmp( "ldapi", u->lud_scheme )) { is_ipc = 1; } ldap_pvt_scope2bv( u->lud_scope, &scope ); if ( u->lud_exts ) { sep = 5; } else if ( u->lud_filter ) { sep = 4; } else if ( !BER_BVISEMPTY( &scope ) ) { sep = 3; } else if ( u->lud_attrs ) { sep = 2; } else if ( u->lud_dn && u->lud_dn[0] ) { sep = 1; } if ( !is_ipc && u->lud_host && ( ptr = strchr( u->lud_host, ':' ))) { if ( strchr( ptr+1, ':' )) is_v6 = 1; } if ( u->lud_port ) { sofar = sprintf( s, "%s://%s%s%s:%d", u->lud_scheme, is_v6 ? "[" : "", u->lud_host ? u->lud_host : "", is_v6 ? "]" : "", u->lud_port ); len -= sofar; } else { sofar = sprintf( s, "%s://", u->lud_scheme ); len -= sofar; if ( u->lud_host && u->lud_host[0] ) { if ( is_v6 ) { s[sofar++] = '['; len--; } i = hex_escape( &s[sofar], len, u->lud_host, URLESC_SLASH ); sofar += i; len -= i; if ( is_v6 ) { s[sofar++] = ']'; len--; } } } assert( len >= 0 ); if ( sep < 1 ) { goto done; } s[sofar++] = '/'; len--; assert( len >= 0 ); if ( u->lud_dn && u->lud_dn[0] ) { i = hex_escape( &s[sofar], len, u->lud_dn, URLESC_NONE ); sofar += i; len -= i; assert( len >= 0 ); } if ( sep < 2 ) { goto done; } s[sofar++] = '?'; len--; assert( len >= 0 ); i = hex_escape_list( &s[sofar], len, u->lud_attrs, URLESC_NONE ); sofar += i; len -= i; assert( len >= 0 ); if ( sep < 3 ) { goto done; } s[sofar++] = '?'; len--; assert( len >= 0 ); if ( !BER_BVISNULL( &scope ) ) { strcpy( &s[sofar], scope.bv_val ); sofar += scope.bv_len; len -= scope.bv_len; } assert( len >= 0 ); if ( sep < 4 ) { goto done; } s[sofar++] = '?'; len--; assert( len >= 0 ); i = hex_escape( &s[sofar], len, u->lud_filter, URLESC_NONE ); sofar += i; len -= i; assert( len >= 0 ); if ( sep < 5 ) { goto done; } s[sofar++] = '?'; len--; assert( len >= 0 ); i = hex_escape_list( &s[sofar], len, u->lud_exts, URLESC_COMMA ); sofar += i; len -= i; assert( len >= 0 ); done: if ( len < 0 ) { return -1; } return sofar; } char * ldap_url_desc2str( LDAPURLDesc *u ) { int len; char *s; if ( u == NULL ) { return NULL; } len = desc2str_len( u ); if ( len < 0 ) { return NULL; } /* allocate enough to hex escape everything -- overkill */ s = LDAP_MALLOC( len + 1 ); if ( s == NULL ) { return NULL; } if ( desc2str( u, s, len ) != len ) { LDAP_FREE( s ); return NULL; } s[len] = '\0'; return s; } int ldap_url_parse_ext( LDAP_CONST char *url_in, LDAPURLDesc **ludpp, unsigned flags ) { /* * Pick apart the pieces of an LDAP URL. */ LDAPURLDesc *ludp; char *p, *q, *r; int i, enclosed, proto, is_v6 = 0; const char *scheme = NULL; const char *url_tmp; char *url; int check_dn = 1; if( url_in == NULL || ludpp == NULL ) { return LDAP_URL_ERR_PARAM; } #ifndef LDAP_INT_IN_KERNEL /* Global options may not be created yet * We can't test if the global options are initialized * because a call to LDAP_INT_GLOBAL_OPT() will try to allocate * the options and cause infinite recursion */ Debug1( LDAP_DEBUG_TRACE, "ldap_url_parse_ext(%s)\n", url_in ); #endif *ludpp = NULL; /* pessimistic */ url_tmp = skip_url_prefix( url_in, &enclosed, &scheme ); if ( url_tmp == NULL ) { return LDAP_URL_ERR_BADSCHEME; } assert( scheme != NULL ); proto = ldap_pvt_url_scheme2proto( scheme ); if ( proto == -1 ) { return LDAP_URL_ERR_BADSCHEME; } /* make working copy of the remainder of the URL */ url = LDAP_STRDUP( url_tmp ); if ( url == NULL ) { return LDAP_URL_ERR_MEM; } if ( enclosed ) { if ( ! *url ) { LDAP_FREE( url ); return LDAP_URL_ERR_BADENCLOSURE; } p = &url[strlen(url)-1]; if( *p != '>' ) { LDAP_FREE( url ); return LDAP_URL_ERR_BADENCLOSURE; } *p = '\0'; } /* allocate return struct */ ludp = (LDAPURLDesc *)LDAP_CALLOC( 1, sizeof( LDAPURLDesc )); if ( ludp == NULL ) { LDAP_FREE( url ); return LDAP_URL_ERR_MEM; } ludp->lud_next = NULL; ludp->lud_host = NULL; ludp->lud_port = 0; ludp->lud_dn = NULL; ludp->lud_attrs = NULL; ludp->lud_scope = ( flags & LDAP_PVT_URL_PARSE_NODEF_SCOPE ) ? LDAP_SCOPE_BASE : LDAP_SCOPE_DEFAULT; ludp->lud_filter = NULL; ludp->lud_exts = NULL; ludp->lud_scheme = LDAP_STRDUP( scheme ); if ( ludp->lud_scheme == NULL ) { LDAP_FREE( url ); ldap_free_urldesc( ludp ); return LDAP_URL_ERR_MEM; } /* scan forward for '/' that marks end of hostport and begin. of dn */ p = strchr( url, '/' ); q = NULL; if( p != NULL ) { /* terminate hostport; point to start of dn */ *p++ = '\0'; } else { /* check for Novell kludge, see below */ p = strchr( url, '?' ); if ( p ) { *p++ = '\0'; q = p; p = NULL; } } if ( proto != LDAP_PROTO_IPC ) { /* IPv6 syntax with [ip address]:port */ if ( *url == '[' ) { r = strchr( url, ']' ); if ( r == NULL ) { LDAP_FREE( url ); ldap_free_urldesc( ludp ); return LDAP_URL_ERR_BADURL; } *r++ = '\0'; q = strchr( r, ':' ); if ( q && q != r ) { LDAP_FREE( url ); ldap_free_urldesc( ludp ); return LDAP_URL_ERR_BADURL; } is_v6 = 1; } else { q = strchr( url, ':' ); } if ( q != NULL ) { char *next; *q++ = '\0'; ldap_pvt_hex_unescape( q ); if( *q == '\0' ) { LDAP_FREE( url ); ldap_free_urldesc( ludp ); return LDAP_URL_ERR_BADURL; } ludp->lud_port = strtol( q, &next, 10 ); if ( next == q || next[0] != '\0' ) { LDAP_FREE( url ); ldap_free_urldesc( ludp ); return LDAP_URL_ERR_BADURL; } /* check for Novell kludge */ if ( !p ) { if ( *next != '\0' ) { q = &next[1]; } else { q = NULL; } } } if ( ( flags & LDAP_PVT_URL_PARSE_DEF_PORT ) && ludp->lud_port == 0 ) { if ( strcmp( ludp->lud_scheme, "ldaps" ) == 0 ) { ludp->lud_port = LDAPS_PORT; } else { ludp->lud_port = LDAP_PORT; } } } ldap_pvt_hex_unescape( url ); /* If [ip address]:port syntax, url is [ip and we skip the [ */ ludp->lud_host = LDAP_STRDUP( url + is_v6 ); if( ludp->lud_host == NULL ) { LDAP_FREE( url ); ldap_free_urldesc( ludp ); return LDAP_URL_ERR_MEM; } if ( ( flags & LDAP_PVT_URL_PARSE_NOEMPTY_HOST ) && ludp->lud_host != NULL && *ludp->lud_host == '\0' ) { LDAP_FREE( ludp->lud_host ); ludp->lud_host = NULL; } /* * Kludge. ldap://111.222.333.444:389??cn=abc,o=company * * On early Novell releases, search references/referrals were returned * in this format, i.e., the dn was kind of in the scope position, * but the required slash is missing. The whole thing is illegal syntax, * but we need to account for it. Fortunately it can't be confused with * anything real. */ if( (p == NULL) && (q != NULL) && (*q == '?') ) { /* ? immediately followed by question */ q++; if( *q != '\0' ) { /* parse dn part */ ldap_pvt_hex_unescape( q ); ludp->lud_dn = LDAP_STRDUP( q ); } else if ( !( flags & LDAP_PVT_URL_PARSE_NOEMPTY_DN ) ) { ludp->lud_dn = LDAP_STRDUP( "" ); } else { check_dn = 0; } if ( check_dn && ludp->lud_dn == NULL ) { LDAP_FREE( url ); ldap_free_urldesc( ludp ); return LDAP_URL_ERR_MEM; } } if( p == NULL ) { LDAP_FREE( url ); *ludpp = ludp; return LDAP_URL_SUCCESS; } /* scan forward for '?' that may marks end of dn */ q = strchr( p, '?' ); if( q != NULL ) { /* terminate dn part */ *q++ = '\0'; } if( *p != '\0' ) { /* parse dn part */ ldap_pvt_hex_unescape( p ); ludp->lud_dn = LDAP_STRDUP( p ); } else if ( !( flags & LDAP_PVT_URL_PARSE_NOEMPTY_DN ) ) { ludp->lud_dn = LDAP_STRDUP( "" ); } else { check_dn = 0; } if( check_dn && ludp->lud_dn == NULL ) { LDAP_FREE( url ); ldap_free_urldesc( ludp ); return LDAP_URL_ERR_MEM; } if( q == NULL ) { /* no more */ LDAP_FREE( url ); *ludpp = ludp; return LDAP_URL_SUCCESS; } /* scan forward for '?' that may marks end of attributes */ p = q; q = strchr( p, '?' ); if( q != NULL ) { /* terminate attributes part */ *q++ = '\0'; } if( *p != '\0' ) { /* parse attributes */ ldap_pvt_hex_unescape( p ); ludp->lud_attrs = ldap_str2charray( p, "," ); if( ludp->lud_attrs == NULL ) { LDAP_FREE( url ); ldap_free_urldesc( ludp ); return LDAP_URL_ERR_BADATTRS; } } if ( q == NULL ) { /* no more */ LDAP_FREE( url ); *ludpp = ludp; return LDAP_URL_SUCCESS; } /* scan forward for '?' that may marks end of scope */ p = q; q = strchr( p, '?' ); if( q != NULL ) { /* terminate the scope part */ *q++ = '\0'; } if( *p != '\0' ) { /* parse the scope */ ldap_pvt_hex_unescape( p ); ludp->lud_scope = ldap_pvt_str2scope( p ); if( ludp->lud_scope == -1 ) { LDAP_FREE( url ); ldap_free_urldesc( ludp ); return LDAP_URL_ERR_BADSCOPE; } } if ( q == NULL ) { /* no more */ LDAP_FREE( url ); *ludpp = ludp; return LDAP_URL_SUCCESS; } /* scan forward for '?' that may marks end of filter */ p = q; q = strchr( p, '?' ); if( q != NULL ) { /* terminate the filter part */ *q++ = '\0'; } if( *p != '\0' ) { /* parse the filter */ ldap_pvt_hex_unescape( p ); if( ! *p ) { /* missing filter */ LDAP_FREE( url ); ldap_free_urldesc( ludp ); return LDAP_URL_ERR_BADFILTER; } ludp->lud_filter = LDAP_STRDUP( p ); if( ludp->lud_filter == NULL ) { LDAP_FREE( url ); ldap_free_urldesc( ludp ); return LDAP_URL_ERR_MEM; } } if ( q == NULL ) { /* no more */ LDAP_FREE( url ); *ludpp = ludp; return LDAP_URL_SUCCESS; } /* scan forward for '?' that may marks end of extensions */ p = q; q = strchr( p, '?' ); if( q != NULL ) { /* extra '?' */ LDAP_FREE( url ); ldap_free_urldesc( ludp ); return LDAP_URL_ERR_BADURL; } /* parse the extensions */ ludp->lud_exts = ldap_str2charray( p, "," ); if( ludp->lud_exts == NULL ) { LDAP_FREE( url ); ldap_free_urldesc( ludp ); return LDAP_URL_ERR_BADEXTS; } for( i=0; ludp->lud_exts[i] != NULL; i++ ) { ldap_pvt_hex_unescape( ludp->lud_exts[i] ); if( *ludp->lud_exts[i] == '!' ) { /* count the number of critical extensions */ ludp->lud_crit_exts++; } } if( i == 0 ) { /* must have 1 or more */ LDAP_FREE( url ); ldap_free_urldesc( ludp ); return LDAP_URL_ERR_BADEXTS; } /* no more */ *ludpp = ludp; LDAP_FREE( url ); return LDAP_URL_SUCCESS; } int ldap_url_parse( LDAP_CONST char *url_in, LDAPURLDesc **ludpp ) { return ldap_url_parse_ext( url_in, ludpp, LDAP_PVT_URL_PARSE_HISTORIC ); } LDAPURLDesc * ldap_url_dup ( LDAPURLDesc *ludp ) { LDAPURLDesc *dest; if ( ludp == NULL ) { return NULL; } dest = LDAP_MALLOC( sizeof(LDAPURLDesc) ); if (dest == NULL) return NULL; *dest = *ludp; dest->lud_scheme = NULL; dest->lud_host = NULL; dest->lud_dn = NULL; dest->lud_filter = NULL; dest->lud_attrs = NULL; dest->lud_exts = NULL; dest->lud_next = NULL; if ( ludp->lud_scheme != NULL ) { dest->lud_scheme = LDAP_STRDUP( ludp->lud_scheme ); if (dest->lud_scheme == NULL) { ldap_free_urldesc(dest); return NULL; } } if ( ludp->lud_host != NULL ) { dest->lud_host = LDAP_STRDUP( ludp->lud_host ); if (dest->lud_host == NULL) { ldap_free_urldesc(dest); return NULL; } } if ( ludp->lud_dn != NULL ) { dest->lud_dn = LDAP_STRDUP( ludp->lud_dn ); if (dest->lud_dn == NULL) { ldap_free_urldesc(dest); return NULL; } } if ( ludp->lud_filter != NULL ) { dest->lud_filter = LDAP_STRDUP( ludp->lud_filter ); if (dest->lud_filter == NULL) { ldap_free_urldesc(dest); return NULL; } } if ( ludp->lud_attrs != NULL ) { dest->lud_attrs = ldap_charray_dup( ludp->lud_attrs ); if (dest->lud_attrs == NULL) { ldap_free_urldesc(dest); return NULL; } } if ( ludp->lud_exts != NULL ) { dest->lud_exts = ldap_charray_dup( ludp->lud_exts ); if (dest->lud_exts == NULL) { ldap_free_urldesc(dest); return NULL; } } return dest; } LDAPURLDesc * ldap_url_duplist (LDAPURLDesc *ludlist) { LDAPURLDesc *dest, *tail, *ludp, *newludp; dest = NULL; tail = NULL; for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) { newludp = ldap_url_dup(ludp); if (newludp == NULL) { ldap_free_urllist(dest); return NULL; } if (tail == NULL) dest = newludp; else tail->lud_next = newludp; tail = newludp; } return dest; } static int ldap_url_parselist_int (LDAPURLDesc **ludlist, const char *url, const char *sep, unsigned flags ) { int i, rc; LDAPURLDesc *ludp; char **urls; assert( ludlist != NULL ); assert( url != NULL ); *ludlist = NULL; if ( sep == NULL ) { sep = ", "; } urls = ldap_str2charray( url, sep ); if (urls == NULL) return LDAP_URL_ERR_MEM; /* count the URLs... */ for (i = 0; urls[i] != NULL; i++) ; /* ...and put them in the "stack" backward */ while (--i >= 0) { rc = ldap_url_parse_ext( urls[i], &ludp, flags ); if ( rc != 0 ) { ldap_charray_free( urls ); ldap_free_urllist( *ludlist ); *ludlist = NULL; return rc; } ludp->lud_next = *ludlist; *ludlist = ludp; } ldap_charray_free( urls ); return LDAP_URL_SUCCESS; } int ldap_url_parselist (LDAPURLDesc **ludlist, const char *url ) { return ldap_url_parselist_int( ludlist, url, ", ", LDAP_PVT_URL_PARSE_HISTORIC ); } int ldap_url_parselist_ext (LDAPURLDesc **ludlist, const char *url, const char *sep, unsigned flags ) { return ldap_url_parselist_int( ludlist, url, sep, flags ); } int ldap_url_parsehosts( LDAPURLDesc **ludlist, const char *hosts, int port ) { int i; LDAPURLDesc *ludp; char **specs, *p; assert( ludlist != NULL ); assert( hosts != NULL ); *ludlist = NULL; specs = ldap_str2charray(hosts, ", "); if (specs == NULL) return LDAP_NO_MEMORY; /* count the URLs... */ for (i = 0; specs[i] != NULL; i++) /* EMPTY */; /* ...and put them in the "stack" backward */ while (--i >= 0) { ludp = LDAP_CALLOC( 1, sizeof(LDAPURLDesc) ); if (ludp == NULL) { ldap_charray_free(specs); ldap_free_urllist(*ludlist); *ludlist = NULL; return LDAP_NO_MEMORY; } ludp->lud_port = port; ludp->lud_host = specs[i]; p = strchr(ludp->lud_host, ':'); if (p != NULL) { /* more than one :, IPv6 address */ if ( strchr(p+1, ':') != NULL ) { /* allow [address] and [address]:port */ if ( *ludp->lud_host == '[' ) { p = strchr( ludp->lud_host+1, ']' ); if ( p == NULL ) { LDAP_FREE(ludp); ldap_charray_free(specs); return LDAP_PARAM_ERROR; } /* Truncate trailing ']' and shift hostname down 1 char */ *p = '\0'; AC_MEMCPY( ludp->lud_host, ludp->lud_host+1, p - ludp->lud_host ); p++; if ( *p != ':' ) { if ( *p != '\0' ) { LDAP_FREE(ludp); ldap_charray_free(specs); return LDAP_PARAM_ERROR; } p = NULL; } } else { p = NULL; } } if (p != NULL) { char *next; *p++ = 0; ldap_pvt_hex_unescape(p); ludp->lud_port = strtol( p, &next, 10 ); if ( next == p || next[0] != '\0' ) { LDAP_FREE(ludp); ldap_charray_free(specs); return LDAP_PARAM_ERROR; } } } ludp->lud_scheme = LDAP_STRDUP("ldap"); if ( ludp->lud_scheme == NULL ) { LDAP_FREE(ludp); ldap_charray_free(specs); return LDAP_NO_MEMORY; } specs[i] = NULL; ldap_pvt_hex_unescape(ludp->lud_host); ludp->lud_next = *ludlist; *ludlist = ludp; } /* this should be an array of NULLs now */ ldap_charray_free(specs); return LDAP_SUCCESS; } char * ldap_url_list2hosts (LDAPURLDesc *ludlist) { LDAPURLDesc *ludp; int size; char *s, *p, buf[32]; /* big enough to hold a long decimal # (overkill) */ if (ludlist == NULL) return NULL; /* figure out how big the string is */ size = 1; /* nul-term */ for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) { if ( ludp->lud_host == NULL ) continue; size += strlen(ludp->lud_host) + 1; /* host and space */ if (strchr(ludp->lud_host, ':')) /* will add [ ] below */ size += 2; if (ludp->lud_port != 0) size += sprintf(buf, ":%d", ludp->lud_port); } s = LDAP_MALLOC(size); if (s == NULL) return NULL; p = s; for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) { if ( ludp->lud_host == NULL ) continue; if (strchr(ludp->lud_host, ':')) { p += sprintf(p, "[%s]", ludp->lud_host); } else { strcpy(p, ludp->lud_host); p += strlen(ludp->lud_host); } if (ludp->lud_port != 0) p += sprintf(p, ":%d", ludp->lud_port); *p++ = ' '; } if (p != s) p--; /* nuke that extra space */ *p = '\0'; return s; } char * ldap_url_list2urls( LDAPURLDesc *ludlist ) { LDAPURLDesc *ludp; int size, sofar; char *s; if ( ludlist == NULL ) { return NULL; } /* figure out how big the string is */ for ( size = 0, ludp = ludlist; ludp != NULL; ludp = ludp->lud_next ) { int len = desc2str_len( ludp ); if ( len < 0 ) { return NULL; } size += len + 1; } s = LDAP_MALLOC( size ); if ( s == NULL ) { return NULL; } for ( sofar = 0, ludp = ludlist; ludp != NULL; ludp = ludp->lud_next ) { int len; len = desc2str( ludp, &s[sofar], size ); if ( len < 0 ) { LDAP_FREE( s ); return NULL; } sofar += len; size -= len; s[sofar++] = ' '; size--; assert( size >= 0 ); } s[sofar - 1] = '\0'; return s; } void ldap_free_urllist( LDAPURLDesc *ludlist ) { LDAPURLDesc *ludp, *next; for (ludp = ludlist; ludp != NULL; ludp = next) { next = ludp->lud_next; ldap_free_urldesc(ludp); } } void ldap_free_urldesc( LDAPURLDesc *ludp ) { if ( ludp == NULL ) { return; } if ( ludp->lud_scheme != NULL ) { LDAP_FREE( ludp->lud_scheme ); } if ( ludp->lud_host != NULL ) { LDAP_FREE( ludp->lud_host ); } if ( ludp->lud_dn != NULL ) { LDAP_FREE( ludp->lud_dn ); } if ( ludp->lud_filter != NULL ) { LDAP_FREE( ludp->lud_filter); } if ( ludp->lud_attrs != NULL ) { LDAP_VFREE( ludp->lud_attrs ); } if ( ludp->lud_exts != NULL ) { LDAP_VFREE( ludp->lud_exts ); } LDAP_FREE( ludp ); } static int ldap_int_is_hexpair( char *s ) { int i; for ( i = 0; i < 2; i++ ) { if ( s[i] >= '0' && s[i] <= '9' ) { continue; } if ( s[i] >= 'A' && s[i] <= 'F' ) { continue; } if ( s[i] >= 'a' && s[i] <= 'f' ) { continue; } return 0; } return 1; } static int ldap_int_unhex( int c ) { return( c >= '0' && c <= '9' ? c - '0' : c >= 'A' && c <= 'F' ? c - 'A' + 10 : c - 'a' + 10 ); } void ldap_pvt_hex_unescape( char *s ) { /* * Remove URL hex escapes from s... done in place. The basic concept for * this routine is borrowed from the WWW library HTUnEscape() routine. */ char *p, *save_s = s; for ( p = s; *s != '\0'; ++s ) { if ( *s == '%' ) { /* * FIXME: what if '%' is followed * by non-hexpair chars? */ if ( !ldap_int_is_hexpair( s + 1 ) ) { p = save_s; break; } if ( *++s == '\0' ) { break; } *p = ldap_int_unhex( *s ) << 4; if ( *++s == '\0' ) { break; } *p++ += ldap_int_unhex( *s ); } else { *p++ = *s; } } *p = '\0'; }