3 * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
4 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
7 * Copyright (c) 1996 Regents of the University of Michigan.
10 * LIBLDAP url.c -- LDAP URL (RFC 2255) related routines
12 * LDAP URLs look like this:
13 * ldap[is]://host:port[/[dn[?[attributes][?[scope][?[filter][?exts]]]]]]
16 * attributes is a comma separated list
17 * scope is one of these three strings: base one sub (default=base)
18 * filter is an string-represented filter as in RFC 2254
20 * e.g., ldap://host:port/dc=com?o,cn?base?o=openldap?extension
22 * We also tolerate URLs that look like: <ldapurl> and <URL:ldapurl>
29 #include <ac/stdlib.h>
32 #include <ac/socket.h>
33 #include <ac/string.h>
40 static const char* skip_url_prefix LDAP_P((
43 const char **scheme ));
45 int ldap_pvt_url_scheme2proto( const char *scheme )
49 if( scheme == NULL ) {
53 if( strcmp("ldap", scheme) == 0 ) {
54 return LDAP_PROTO_TCP;
57 if( strcmp("ldapi", scheme) == 0 ) {
58 return LDAP_PROTO_IPC;
61 if( strcmp("ldaps", scheme) == 0 ) {
62 return LDAP_PROTO_TCP;
68 int ldap_pvt_url_scheme2tls( const char *scheme )
72 if( scheme == NULL ) {
76 return strcmp("ldaps", scheme) == 0;
80 ldap_is_ldap_url( LDAP_CONST char *url )
89 if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) {
97 ldap_is_ldaps_url( LDAP_CONST char *url )
106 if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) {
110 return strcmp(scheme, "ldaps") == 0;
114 ldap_is_ldapi_url( LDAP_CONST char *url )
123 if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) {
127 return strcmp(scheme, "ldapi") == 0;
134 const char **scheme )
137 * return non-zero if this looks like a LDAP URL; zero if not
138 * if non-zero returned, *urlp will be moved past "ldap://" part of URL
148 /* skip leading '<' (if any) */
156 /* skip leading "URL:" (if any) */
157 if ( strncasecmp( p, LDAP_URL_URLCOLON, LDAP_URL_URLCOLON_LEN ) == 0 )
159 p += LDAP_URL_URLCOLON_LEN;
162 /* check for "ldap://" prefix */
163 if ( strncasecmp( p, LDAP_URL_PREFIX, LDAP_URL_PREFIX_LEN ) == 0 ) {
164 /* skip over "ldap://" prefix and return success */
165 p += LDAP_URL_PREFIX_LEN;
170 /* check for "ldaps://" prefix */
171 if ( strncasecmp( p, LDAPS_URL_PREFIX, LDAPS_URL_PREFIX_LEN ) == 0 ) {
172 /* skip over "ldaps://" prefix and return success */
173 p += LDAPS_URL_PREFIX_LEN;
178 /* check for "ldapi://" prefix */
179 if ( strncasecmp( p, LDAPI_URL_PREFIX, LDAPI_URL_PREFIX_LEN ) == 0 ) {
180 /* skip over "ldapi://" prefix and return success */
181 p += LDAPI_URL_PREFIX_LEN;
190 static int str2scope( const char *p )
192 if ( strcasecmp( p, "one" ) == 0 ) {
193 return LDAP_SCOPE_ONELEVEL;
195 } else if ( strcasecmp( p, "onetree" ) == 0 ) {
196 return LDAP_SCOPE_ONELEVEL;
198 } else if ( strcasecmp( p, "base" ) == 0 ) {
199 return LDAP_SCOPE_BASE;
201 } else if ( strcasecmp( p, "sub" ) == 0 ) {
202 return LDAP_SCOPE_SUBTREE;
204 } else if ( strcasecmp( p, "subtree" ) == 0 ) {
205 return LDAP_SCOPE_SUBTREE;
213 ldap_url_parse( LDAP_CONST char *url_in, LDAPURLDesc **ludpp )
216 * Pick apart the pieces of an LDAP URL.
222 const char *scheme = NULL;
226 if( url_in == NULL && ludpp == NULL ) {
227 return LDAP_URL_ERR_PARAM;
230 #ifndef LDAP_INT_IN_KERNEL
231 /* Global options may not be created yet
232 * We can't test if the global options are initialized
233 * because a call to LDAP_INT_GLOBAL_OPT() will try to allocate
234 * the options and cause infinite recursion
236 Debug( LDAP_DEBUG_TRACE, "ldap_url_parse(%s)\n", url_in, 0, 0 );
239 *ludpp = NULL; /* pessimistic */
241 url_tmp = skip_url_prefix( url_in, &enclosed, &scheme );
243 if ( url_tmp == NULL ) {
244 return LDAP_URL_ERR_BADSCHEME;
249 /* make working copy of the remainder of the URL */
250 url = LDAP_STRDUP( url_tmp );
252 return LDAP_URL_ERR_MEM;
256 p = &url[strlen(url)-1];
260 return LDAP_URL_ERR_BADENCLOSURE;
266 /* allocate return struct */
267 ludp = (LDAPURLDesc *)LDAP_CALLOC( 1, sizeof( LDAPURLDesc ));
269 if ( ludp == NULL ) {
271 return LDAP_URL_ERR_MEM;
274 ludp->lud_next = NULL;
275 ludp->lud_host = NULL;
278 ludp->lud_attrs = NULL;
279 ludp->lud_filter = NULL;
280 ludp->lud_scope = LDAP_SCOPE_BASE;
281 ludp->lud_filter = NULL;
283 ludp->lud_scheme = LDAP_STRDUP( scheme );
285 if ( ludp->lud_scheme == NULL ) {
287 ldap_free_urldesc( ludp );
288 return LDAP_URL_ERR_MEM;
291 /* scan forward for '/' that marks end of hostport and begin. of dn */
292 p = strchr( url, '/' );
295 /* terminate hostport; point to start of dn */
299 /* IPv6 syntax with [ip address]:port */
301 r = strchr( url, ']' );
304 ldap_free_urldesc( ludp );
305 return LDAP_URL_ERR_BADURL;
308 q = strchr( r, ':' );
310 q = strchr( url, ':' );
315 ldap_pvt_hex_unescape( q );
319 ldap_free_urldesc( ludp );
320 return LDAP_URL_ERR_BADURL;
323 ludp->lud_port = atoi( q );
326 ldap_pvt_hex_unescape( url );
328 /* If [ip address]:port syntax, url is [ip and we skip the [ */
329 ludp->lud_host = LDAP_STRDUP( url + ( *url == '[' ) );
331 if( ludp->lud_host == NULL ) {
333 ldap_free_urldesc( ludp );
334 return LDAP_URL_ERR_MEM;
338 * Kludge. ldap://111.222.333.444:389??cn=abc,o=company
340 * On early Novell releases, search references/referrals were returned
341 * in this format, i.e., the dn was kind of in the scope position,
342 * but the required slash is missing. The whole thing is illegal syntax,
343 * but we need to account for it. Fortunately it can't be confused with
346 if( (p == NULL) && (q != NULL) && ((q = strchr( q, '?')) != NULL)) {
348 /* ? immediately followed by question */
353 ldap_pvt_hex_unescape( q );
354 ludp->lud_dn = LDAP_STRDUP( q );
356 ludp->lud_dn = LDAP_STRDUP( "" );
359 if( ludp->lud_dn == NULL ) {
361 ldap_free_urldesc( ludp );
362 return LDAP_URL_ERR_MEM;
370 return LDAP_URL_SUCCESS;
373 /* scan forward for '?' that may marks end of dn */
374 q = strchr( p, '?' );
377 /* terminate dn part */
383 ldap_pvt_hex_unescape( p );
384 ludp->lud_dn = LDAP_STRDUP( p );
386 ludp->lud_dn = LDAP_STRDUP( "" );
389 if( ludp->lud_dn == NULL ) {
391 ldap_free_urldesc( ludp );
392 return LDAP_URL_ERR_MEM;
399 return LDAP_URL_SUCCESS;
402 /* scan forward for '?' that may marks end of attributes */
404 q = strchr( p, '?' );
407 /* terminate attributes part */
412 /* parse attributes */
413 ldap_pvt_hex_unescape( p );
414 ludp->lud_attrs = ldap_str2charray( p, "," );
416 if( ludp->lud_attrs == NULL ) {
418 ldap_free_urldesc( ludp );
419 return LDAP_URL_ERR_BADATTRS;
427 return LDAP_URL_SUCCESS;
430 /* scan forward for '?' that may marks end of scope */
432 q = strchr( p, '?' );
435 /* terminate the scope part */
440 /* parse the scope */
441 ldap_pvt_hex_unescape( p );
442 ludp->lud_scope = str2scope( p );
444 if( ludp->lud_scope == -1 ) {
446 ldap_free_urldesc( ludp );
447 return LDAP_URL_ERR_BADSCOPE;
455 return LDAP_URL_SUCCESS;
458 /* scan forward for '?' that may marks end of filter */
460 q = strchr( p, '?' );
463 /* terminate the filter part */
468 /* parse the filter */
469 ldap_pvt_hex_unescape( p );
474 ldap_free_urldesc( ludp );
475 return LDAP_URL_ERR_BADFILTER;
478 LDAP_FREE( ludp->lud_filter );
479 ludp->lud_filter = LDAP_STRDUP( p );
481 if( ludp->lud_filter == NULL ) {
483 ldap_free_urldesc( ludp );
484 return LDAP_URL_ERR_MEM;
492 return LDAP_URL_SUCCESS;
495 /* scan forward for '?' that may marks end of extensions */
497 q = strchr( p, '?' );
502 ldap_free_urldesc( ludp );
503 return LDAP_URL_ERR_BADURL;
506 /* parse the extensions */
507 ludp->lud_exts = ldap_str2charray( p, "," );
509 if( ludp->lud_exts == NULL ) {
511 ldap_free_urldesc( ludp );
512 return LDAP_URL_ERR_BADEXTS;
515 for( i=0; ludp->lud_exts[i] != NULL; i++ ) {
516 ldap_pvt_hex_unescape( ludp->lud_exts[i] );
520 /* must have 1 or more */
521 ldap_charray_free( ludp->lud_exts );
523 ldap_free_urldesc( ludp );
524 return LDAP_URL_ERR_BADEXTS;
530 return LDAP_URL_SUCCESS;
534 ldap_url_dup ( LDAPURLDesc *ludp )
538 if ( ludp == NULL ) {
542 dest = LDAP_MALLOC( sizeof(LDAPURLDesc) );
547 dest->lud_scheme = NULL;
548 dest->lud_host = NULL;
550 dest->lud_filter = NULL;
551 dest->lud_attrs = NULL;
552 dest->lud_exts = NULL;
553 dest->lud_next = NULL;
555 if ( ludp->lud_scheme != NULL ) {
556 dest->lud_scheme = LDAP_STRDUP( ludp->lud_scheme );
557 if (dest->lud_scheme == NULL) {
558 ldap_free_urldesc(dest);
563 if ( ludp->lud_host != NULL ) {
564 dest->lud_host = LDAP_STRDUP( ludp->lud_host );
565 if (dest->lud_host == NULL) {
566 ldap_free_urldesc(dest);
571 if ( ludp->lud_dn != NULL ) {
572 dest->lud_dn = LDAP_STRDUP( ludp->lud_dn );
573 if (dest->lud_dn == NULL) {
574 ldap_free_urldesc(dest);
579 if ( ludp->lud_filter != NULL ) {
580 dest->lud_filter = LDAP_STRDUP( ludp->lud_filter );
581 if (dest->lud_filter == NULL) {
582 ldap_free_urldesc(dest);
587 if ( ludp->lud_attrs != NULL ) {
588 dest->lud_attrs = ldap_charray_dup( ludp->lud_attrs );
589 if (dest->lud_attrs == NULL) {
590 ldap_free_urldesc(dest);
595 if ( ludp->lud_exts != NULL ) {
596 dest->lud_exts = ldap_charray_dup( ludp->lud_exts );
597 if (dest->lud_exts == NULL) {
598 ldap_free_urldesc(dest);
607 ldap_url_duplist (LDAPURLDesc *ludlist)
609 LDAPURLDesc *dest, *tail, *ludp, *newludp;
613 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
614 newludp = ldap_url_dup(ludp);
615 if (newludp == NULL) {
616 ldap_free_urllist(dest);
622 tail->lud_next = newludp;
629 ldap_url_parselist (LDAPURLDesc **ludlist, const char *url )
638 return LDAP_PARAM_ERROR;
640 urls = ldap_str2charray((char *)url, ", ");
642 return LDAP_NO_MEMORY;
644 /* count the URLs... */
645 for (i = 0; urls[i] != NULL; i++) ;
646 /* ...and put them in the "stack" backward */
648 rc = ldap_url_parse( urls[i], &ludp );
650 ldap_charray_free(urls);
651 ldap_free_urllist(*ludlist);
655 ludp->lud_next = *ludlist;
658 ldap_charray_free(urls);
663 ldap_url_parsehosts (LDAPURLDesc **ludlist, const char *hosts )
672 return LDAP_PARAM_ERROR;
674 specs = ldap_str2charray((char *)hosts, ", ");
676 return LDAP_NO_MEMORY;
678 /* count the URLs... */
679 for (i = 0; specs[i] != NULL; i++) /* EMPTY */;
681 /* ...and put them in the "stack" backward */
683 ludp = LDAP_CALLOC( 1, sizeof(LDAPURLDesc) );
685 ldap_charray_free(specs);
686 ldap_free_urllist(*ludlist);
688 return LDAP_NO_MEMORY;
690 ludp->lud_host = specs[i];
692 p = strchr(ludp->lud_host, ':');
694 /* more than one :, IPv6 address */
695 if ( strchr(p+1, ':') != NULL ) {
696 /* allow [address] and [address]:port */
697 if ( *ludp->lud_host == '[' ) {
698 p = LDAP_STRDUP(ludp->lud_host+1);
699 /* copied, make sure we free source later */
700 specs[i] = ludp->lud_host;
702 p = strchr( ludp->lud_host, ']' );
704 return LDAP_PARAM_ERROR;
708 return LDAP_PARAM_ERROR;
717 ldap_pvt_hex_unescape(p);
718 ludp->lud_port = atoi(p);
721 ldap_pvt_hex_unescape(ludp->lud_host);
722 ludp->lud_scheme = LDAP_STRDUP("ldap");
723 ludp->lud_next = *ludlist;
727 /* this should be an array of NULLs now */
728 /* except entries starting with [ */
729 ldap_charray_free(specs);
734 ldap_url_list2hosts (LDAPURLDesc *ludlist)
738 char *s, *p, buf[32]; /* big enough to hold a long decimal # (overkill) */
743 /* figure out how big the string is */
744 size = 1; /* nul-term */
745 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
746 size += strlen(ludp->lud_host) + 1; /* host and space */
747 if (strchr(ludp->lud_host, ':')) /* will add [ ] below */
749 if (ludp->lud_port != 0)
750 size += sprintf(buf, ":%d", ludp->lud_port);
752 s = LDAP_MALLOC(size);
757 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
758 if (strchr(ludp->lud_host, ':')) {
759 p += sprintf(p, "[%s]", ludp->lud_host);
761 strcpy(p, ludp->lud_host);
762 p += strlen(ludp->lud_host);
764 if (ludp->lud_port != 0)
765 p += sprintf(p, ":%d", ludp->lud_port);
769 p--; /* nuke that extra space */
776 LDAPURLDesc *ludlist )
780 char *s, *p, buf[32]; /* big enough to hold a long decimal # (overkill) */
785 /* figure out how big the string is */
786 size = 1; /* nul-term */
787 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
788 size += strlen(ludp->lud_scheme) + strlen(ludp->lud_host);
789 if (strchr(ludp->lud_host, ':')) /* will add [ ] below */
791 size += sizeof(":/// ");
793 if (ludp->lud_port != 0) {
794 size += sprintf(buf, ":%d", ludp->lud_port);
798 s = LDAP_MALLOC(size);
804 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
806 strchr(ludp->lud_host, ':') ? "%s://[%s]" : "%s://%s",
807 ludp->lud_scheme, ludp->lud_host);
808 if (ludp->lud_port != 0)
809 p += sprintf(p, ":%d", ludp->lud_port);
814 p--; /* nuke that extra space */
820 ldap_free_urllist( LDAPURLDesc *ludlist )
822 LDAPURLDesc *ludp, *next;
824 for (ludp = ludlist; ludp != NULL; ludp = next) {
825 next = ludp->lud_next;
826 ldap_free_urldesc(ludp);
831 ldap_free_urldesc( LDAPURLDesc *ludp )
833 if ( ludp == NULL ) {
837 if ( ludp->lud_scheme != NULL ) {
838 LDAP_FREE( ludp->lud_scheme );
841 if ( ludp->lud_host != NULL ) {
842 LDAP_FREE( ludp->lud_host );
845 if ( ludp->lud_dn != NULL ) {
846 LDAP_FREE( ludp->lud_dn );
849 if ( ludp->lud_filter != NULL ) {
850 LDAP_FREE( ludp->lud_filter);
853 if ( ludp->lud_attrs != NULL ) {
854 LDAP_VFREE( ludp->lud_attrs );
857 if ( ludp->lud_exts != NULL ) {
858 LDAP_VFREE( ludp->lud_exts );
867 ldap_url_search( LDAP *ld, LDAP_CONST char *url, int attrsonly )
874 if ( ldap_url_parse( url, &ludp ) != 0 ) {
875 ld->ld_errno = LDAP_PARAM_ERROR;
879 ber = ldap_build_search_req( ld, ludp->lud_dn, ludp->lud_scope,
880 ludp->lud_filter, ludp->lud_attrs, attrsonly, NULL, NULL,
886 bind.ri_request = LDAP_REQ_SEARCH;
887 bind.ri_msgid = ld->ld_msgid;
888 bind.ri_url = (char *)url;
889 err = ldap_send_server_request(
890 ld, ber, ld->ld_msgid, NULL,
891 (ludp->lud_host != NULL || ludp->lud_port != 0)
896 ldap_free_urldesc( ludp );
902 ldap_url_search_st( LDAP *ld, LDAP_CONST char *url, int attrsonly,
903 struct timeval *timeout, LDAPMessage **res )
907 if (( msgid = ldap_url_search( ld, url, attrsonly )) == -1 ) {
908 return( ld->ld_errno );
911 if ( ldap_result( ld, msgid, 1, timeout, res ) == -1 ) {
912 return( ld->ld_errno );
915 if ( ld->ld_errno == LDAP_TIMEOUT ) {
916 (void) ldap_abandon( ld, msgid );
917 ld->ld_errno = LDAP_TIMEOUT;
918 return( ld->ld_errno );
921 return( ldap_result2error( ld, *res, 0 ));
927 LDAP *ld, LDAP_CONST char *url, int attrsonly, LDAPMessage **res )
931 if (( msgid = ldap_url_search( ld, url, attrsonly )) == -1 ) {
932 return( ld->ld_errno );
935 if ( ldap_result( ld, msgid, 1, (struct timeval *)NULL, res ) == -1 ) {
936 return( ld->ld_errno );
939 return( ldap_result2error( ld, *res, 0 ));
944 ldap_pvt_hex_unescape( char *s )
947 * Remove URL hex escapes from s... done in place. The basic concept for
948 * this routine is borrowed from the WWW library HTUnEscape() routine.
952 for ( p = s; *s != '\0'; ++s ) {
954 if ( *++s != '\0' ) {
955 *p = ldap_pvt_unhex( *s ) << 4;
957 if ( *++s != '\0' ) {
958 *p++ += ldap_pvt_unhex( *s );
970 ldap_pvt_unhex( int c )
972 return( c >= '0' && c <= '9' ? c - '0'
973 : c >= 'A' && c <= 'F' ? c - 'A' + 10