3 * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
4 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
7 * Copyright (c) 1996 Regents of the University of Michigan.
10 * LIBLDAP url.c -- LDAP URL (RFC 2255) related routines
12 * LDAP URLs look like this:
13 * ldap[is]://host:port[/[dn[?[attributes][?[scope][?[filter][?exts]]]]]]
16 * attributes is a comma separated list
17 * scope is one of these three strings: base one sub (default=base)
18 * filter is an string-represented filter as in RFC 2254
20 * e.g., ldap://host:port/dc=com?o,cn?base?(o=openldap)?extension
22 * We also tolerate URLs that look like: <ldapurl> and <URL:ldapurl>
29 #include <ac/stdlib.h>
31 #include <ac/socket.h>
32 #include <ac/string.h>
39 static const char* skip_url_prefix LDAP_P((
42 const char **scheme ));
44 int ldap_pvt_url_scheme2proto( const char *scheme )
48 if( scheme == NULL ) {
52 if( strcmp("ldap", scheme) == 0 ) {
53 return LDAP_PROTO_TCP;
56 if( strcmp("ldapi", scheme) == 0 ) {
57 return LDAP_PROTO_IPC;
60 if( strcmp("ldaps", scheme) == 0 ) {
61 return LDAP_PROTO_TCP;
63 #ifdef LDAP_CONNECTIONLESS
64 if( strcmp("cldap", scheme) == 0 ) {
65 return LDAP_PROTO_UDP;
73 ldap_pvt_url_scheme2tls( const char *scheme )
77 if( scheme == NULL ) {
81 return strcmp("ldaps", scheme) == 0;
85 ldap_is_ldap_url( LDAP_CONST char *url )
94 if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) {
102 ldap_is_ldaps_url( LDAP_CONST char *url )
111 if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) {
115 return strcmp(scheme, "ldaps") == 0;
119 ldap_is_ldapi_url( LDAP_CONST char *url )
128 if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) {
132 return strcmp(scheme, "ldapi") == 0;
135 #ifdef LDAP_CONNECTIONLESS
137 ldap_is_ldapc_url( LDAP_CONST char *url )
146 if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) {
150 return strcmp(scheme, "cldap") == 0;
158 const char **scheme )
161 * return non-zero if this looks like a LDAP URL; zero if not
162 * if non-zero returned, *urlp will be moved past "ldap://" part of URL
172 /* skip leading '<' (if any) */
180 /* skip leading "URL:" (if any) */
181 if ( strncasecmp( p, LDAP_URL_URLCOLON, LDAP_URL_URLCOLON_LEN ) == 0 ) {
182 p += LDAP_URL_URLCOLON_LEN;
185 /* check for "ldap://" prefix */
186 if ( strncasecmp( p, LDAP_URL_PREFIX, LDAP_URL_PREFIX_LEN ) == 0 ) {
187 /* skip over "ldap://" prefix and return success */
188 p += LDAP_URL_PREFIX_LEN;
193 /* check for "ldaps://" prefix */
194 if ( strncasecmp( p, LDAPS_URL_PREFIX, LDAPS_URL_PREFIX_LEN ) == 0 ) {
195 /* skip over "ldaps://" prefix and return success */
196 p += LDAPS_URL_PREFIX_LEN;
201 /* check for "ldapi://" prefix */
202 if ( strncasecmp( p, LDAPI_URL_PREFIX, LDAPI_URL_PREFIX_LEN ) == 0 ) {
203 /* skip over "ldapi://" prefix and return success */
204 p += LDAPI_URL_PREFIX_LEN;
209 #ifdef LDAP_CONNECTIONLESS
210 /* check for "cldap://" prefix */
211 if ( strncasecmp( p, LDAPC_URL_PREFIX, LDAPC_URL_PREFIX_LEN ) == 0 ) {
212 /* skip over "cldap://" prefix and return success */
213 p += LDAPC_URL_PREFIX_LEN;
223 static int str2scope( const char *p )
225 if ( strcasecmp( p, "one" ) == 0 ) {
226 return LDAP_SCOPE_ONELEVEL;
228 } else if ( strcasecmp( p, "onetree" ) == 0 ) {
229 return LDAP_SCOPE_ONELEVEL;
231 } else if ( strcasecmp( p, "base" ) == 0 ) {
232 return LDAP_SCOPE_BASE;
234 } else if ( strcasecmp( p, "sub" ) == 0 ) {
235 return LDAP_SCOPE_SUBTREE;
237 } else if ( strcasecmp( p, "subtree" ) == 0 ) {
238 return LDAP_SCOPE_SUBTREE;
244 static int hex_escape( char *buf, const char *s, int list )
248 static const char hex[] = "0123456789ABCDEF";
250 if( s == NULL ) return 0;
252 for( pos=0,i=0; s[i]; i++ ) {
278 escape = s[i] < 0x20 || 0x1f >= s[i];
283 buf[pos++] = hex[ (s[i] >> 4) & 0x0f ];
284 buf[pos++] = hex[ s[i] & 0x0f ];
294 static int hex_escape_args( char *buf, char **s )
299 if( s == NULL ) return 0;
302 for( i=0; s[i] != NULL; i++ ) {
306 pos += hex_escape( &buf[pos], s[i], 1 );
312 char * ldap_url_desc2str( LDAPURLDesc *u )
319 if( u == NULL ) return NULL;
322 for( i=0; u->lud_exts[i]; i++ ) {
323 len += strlen( u->lud_exts[i] ) + 1;
328 if( u->lud_filter ) {
329 len += strlen( u->lud_filter );
332 if ( len ) len++; /* ? */
334 switch( u->lud_scope ) {
335 case LDAP_SCOPE_ONELEVEL:
336 case LDAP_SCOPE_SUBTREE:
337 case LDAP_SCOPE_BASE:
338 len += sizeof("base");
343 if ( len ) len++; /* ? */
347 for( i=0; u->lud_attrs[i]; i++ ) {
348 len += strlen( u->lud_attrs[i] ) + 1;
351 } else if ( len ) len++; /* ? */
354 len += strlen( u->lud_dn ) + 1;
363 len+=strlen( u->lud_host );
366 len += strlen( u->lud_scheme ) + sizeof("://");
368 /* allocate enough to hex escape everything -- overkill */
369 s = LDAP_MALLOC( 3*len );
371 if( s == NULL ) return NULL;
374 sprintf( s, "%s://%s:%d%n", u->lud_scheme,
375 u->lud_host, u->lud_port, &sofar );
377 sprintf( s, "%s://%s%n", u->lud_scheme,
378 u->lud_host, &sofar );
381 if( sep < 1 ) goto done;
384 sofar += hex_escape( &s[sofar], u->lud_dn, 0 );
386 if( sep < 2 ) goto done;
389 sofar += hex_escape_args( &s[sofar], u->lud_attrs );
391 if( sep < 3 ) goto done;
394 switch( u->lud_scope ) {
395 case LDAP_SCOPE_BASE:
396 strcpy( &s[sofar], "base" );
397 sofar += sizeof("base") - 1;
399 case LDAP_SCOPE_ONELEVEL:
400 strcpy( &s[sofar], "one" );
401 sofar += sizeof("one") - 1;
403 case LDAP_SCOPE_SUBTREE:
404 strcpy( &s[sofar], "sub" );
405 sofar += sizeof("sub") - 1;
409 if( sep < 4 ) goto done;
412 sofar += hex_escape( &s[sofar], u->lud_filter, 0 );
414 if( sep < 5 ) goto done;
417 sofar += hex_escape_args( &s[sofar], u->lud_exts );
425 ldap_url_parse_ext( LDAP_CONST char *url_in, LDAPURLDesc **ludpp )
428 * Pick apart the pieces of an LDAP URL.
434 const char *scheme = NULL;
438 if( url_in == NULL || ludpp == NULL ) {
439 return LDAP_URL_ERR_PARAM;
442 #ifndef LDAP_INT_IN_KERNEL
443 /* Global options may not be created yet
444 * We can't test if the global options are initialized
445 * because a call to LDAP_INT_GLOBAL_OPT() will try to allocate
446 * the options and cause infinite recursion
449 LDAP_LOG (( "url", LDAP_LEVEL_ENTRY, "ldap_url_parse_ext(%s)\n", url_in ));
451 Debug( LDAP_DEBUG_TRACE, "ldap_url_parse_ext(%s)\n", url_in, 0, 0 );
455 *ludpp = NULL; /* pessimistic */
457 url_tmp = skip_url_prefix( url_in, &enclosed, &scheme );
459 if ( url_tmp == NULL ) {
460 return LDAP_URL_ERR_BADSCHEME;
465 /* make working copy of the remainder of the URL */
466 url = LDAP_STRDUP( url_tmp );
468 return LDAP_URL_ERR_MEM;
472 p = &url[strlen(url)-1];
476 return LDAP_URL_ERR_BADENCLOSURE;
482 /* allocate return struct */
483 ludp = (LDAPURLDesc *)LDAP_CALLOC( 1, sizeof( LDAPURLDesc ));
485 if ( ludp == NULL ) {
487 return LDAP_URL_ERR_MEM;
490 ludp->lud_next = NULL;
491 ludp->lud_host = NULL;
494 ludp->lud_attrs = NULL;
495 ludp->lud_filter = NULL;
496 ludp->lud_scope = LDAP_SCOPE_DEFAULT;
497 ludp->lud_filter = NULL;
498 ludp->lud_exts = NULL;
500 ludp->lud_scheme = LDAP_STRDUP( scheme );
502 if ( ludp->lud_scheme == NULL ) {
504 ldap_free_urldesc( ludp );
505 return LDAP_URL_ERR_MEM;
508 /* scan forward for '/' that marks end of hostport and begin. of dn */
509 p = strchr( url, '/' );
512 /* terminate hostport; point to start of dn */
516 /* IPv6 syntax with [ip address]:port */
518 r = strchr( url, ']' );
521 ldap_free_urldesc( ludp );
522 return LDAP_URL_ERR_BADURL;
525 q = strchr( r, ':' );
527 q = strchr( url, ':' );
532 ldap_pvt_hex_unescape( q );
536 ldap_free_urldesc( ludp );
537 return LDAP_URL_ERR_BADURL;
540 ludp->lud_port = atoi( q );
543 ldap_pvt_hex_unescape( url );
545 /* If [ip address]:port syntax, url is [ip and we skip the [ */
546 ludp->lud_host = LDAP_STRDUP( url + ( *url == '[' ) );
548 if( ludp->lud_host == NULL ) {
550 ldap_free_urldesc( ludp );
551 return LDAP_URL_ERR_MEM;
555 * Kludge. ldap://111.222.333.444:389??cn=abc,o=company
557 * On early Novell releases, search references/referrals were returned
558 * in this format, i.e., the dn was kind of in the scope position,
559 * but the required slash is missing. The whole thing is illegal syntax,
560 * but we need to account for it. Fortunately it can't be confused with
563 if( (p == NULL) && (q != NULL) && ((q = strchr( q, '?')) != NULL)) {
565 /* ? immediately followed by question */
570 ldap_pvt_hex_unescape( q );
571 ludp->lud_dn = LDAP_STRDUP( q );
573 ludp->lud_dn = LDAP_STRDUP( "" );
576 if( ludp->lud_dn == NULL ) {
578 ldap_free_urldesc( ludp );
579 return LDAP_URL_ERR_MEM;
587 return LDAP_URL_SUCCESS;
590 /* scan forward for '?' that may marks end of dn */
591 q = strchr( p, '?' );
594 /* terminate dn part */
600 ldap_pvt_hex_unescape( p );
601 ludp->lud_dn = LDAP_STRDUP( p );
603 ludp->lud_dn = LDAP_STRDUP( "" );
606 if( ludp->lud_dn == NULL ) {
608 ldap_free_urldesc( ludp );
609 return LDAP_URL_ERR_MEM;
616 return LDAP_URL_SUCCESS;
619 /* scan forward for '?' that may marks end of attributes */
621 q = strchr( p, '?' );
624 /* terminate attributes part */
629 /* parse attributes */
630 ldap_pvt_hex_unescape( p );
631 ludp->lud_attrs = ldap_str2charray( p, "," );
633 if( ludp->lud_attrs == NULL ) {
635 ldap_free_urldesc( ludp );
636 return LDAP_URL_ERR_BADATTRS;
644 return LDAP_URL_SUCCESS;
647 /* scan forward for '?' that may marks end of scope */
649 q = strchr( p, '?' );
652 /* terminate the scope part */
657 /* parse the scope */
658 ldap_pvt_hex_unescape( p );
659 ludp->lud_scope = str2scope( p );
661 if( ludp->lud_scope == -1 ) {
663 ldap_free_urldesc( ludp );
664 return LDAP_URL_ERR_BADSCOPE;
672 return LDAP_URL_SUCCESS;
675 /* scan forward for '?' that may marks end of filter */
677 q = strchr( p, '?' );
680 /* terminate the filter part */
685 /* parse the filter */
686 ldap_pvt_hex_unescape( p );
691 ldap_free_urldesc( ludp );
692 return LDAP_URL_ERR_BADFILTER;
695 LDAP_FREE( ludp->lud_filter );
696 ludp->lud_filter = LDAP_STRDUP( p );
698 if( ludp->lud_filter == NULL ) {
700 ldap_free_urldesc( ludp );
701 return LDAP_URL_ERR_MEM;
709 return LDAP_URL_SUCCESS;
712 /* scan forward for '?' that may marks end of extensions */
714 q = strchr( p, '?' );
719 ldap_free_urldesc( ludp );
720 return LDAP_URL_ERR_BADURL;
723 /* parse the extensions */
724 ludp->lud_exts = ldap_str2charray( p, "," );
726 if( ludp->lud_exts == NULL ) {
728 ldap_free_urldesc( ludp );
729 return LDAP_URL_ERR_BADEXTS;
732 for( i=0; ludp->lud_exts[i] != NULL; i++ ) {
733 ldap_pvt_hex_unescape( ludp->lud_exts[i] );
735 if( *ludp->lud_exts[i] == '!' ) {
736 /* count the number of critical extensions */
737 ludp->lud_crit_exts++;
742 /* must have 1 or more */
744 ldap_free_urldesc( ludp );
745 return LDAP_URL_ERR_BADEXTS;
751 return LDAP_URL_SUCCESS;
755 ldap_url_parse( LDAP_CONST char *url_in, LDAPURLDesc **ludpp )
757 int rc = ldap_url_parse_ext( url_in, ludpp );
759 if( rc != LDAP_URL_SUCCESS ) {
763 if ((*ludpp)->lud_scope == LDAP_SCOPE_DEFAULT) {
764 (*ludpp)->lud_scope = LDAP_SCOPE_BASE;
767 if ((*ludpp)->lud_host != NULL && *(*ludpp)->lud_host == '\0') {
768 LDAP_FREE( (*ludpp)->lud_host );
769 (*ludpp)->lud_host = NULL;
772 if ((*ludpp)->lud_port == 0) {
773 if( strcmp((*ludpp)->lud_scheme, "ldap") == 0 ) {
774 (*ludpp)->lud_port = LDAP_PORT;
775 #ifdef LDAP_CONNECTIONLESS
776 } else if( strcmp((*ludpp)->lud_scheme, "cldap") == 0 ) {
777 (*ludpp)->lud_port = LDAP_PORT;
779 } else if( strcmp((*ludpp)->lud_scheme, "ldaps") == 0 ) {
780 (*ludpp)->lud_port = LDAPS_PORT;
788 ldap_url_dup ( LDAPURLDesc *ludp )
792 if ( ludp == NULL ) {
796 dest = LDAP_MALLOC( sizeof(LDAPURLDesc) );
801 dest->lud_scheme = NULL;
802 dest->lud_host = NULL;
804 dest->lud_filter = NULL;
805 dest->lud_attrs = NULL;
806 dest->lud_exts = NULL;
807 dest->lud_next = NULL;
809 if ( ludp->lud_scheme != NULL ) {
810 dest->lud_scheme = LDAP_STRDUP( ludp->lud_scheme );
811 if (dest->lud_scheme == NULL) {
812 ldap_free_urldesc(dest);
817 if ( ludp->lud_host != NULL ) {
818 dest->lud_host = LDAP_STRDUP( ludp->lud_host );
819 if (dest->lud_host == NULL) {
820 ldap_free_urldesc(dest);
825 if ( ludp->lud_dn != NULL ) {
826 dest->lud_dn = LDAP_STRDUP( ludp->lud_dn );
827 if (dest->lud_dn == NULL) {
828 ldap_free_urldesc(dest);
833 if ( ludp->lud_filter != NULL ) {
834 dest->lud_filter = LDAP_STRDUP( ludp->lud_filter );
835 if (dest->lud_filter == NULL) {
836 ldap_free_urldesc(dest);
841 if ( ludp->lud_attrs != NULL ) {
842 dest->lud_attrs = ldap_charray_dup( ludp->lud_attrs );
843 if (dest->lud_attrs == NULL) {
844 ldap_free_urldesc(dest);
849 if ( ludp->lud_exts != NULL ) {
850 dest->lud_exts = ldap_charray_dup( ludp->lud_exts );
851 if (dest->lud_exts == NULL) {
852 ldap_free_urldesc(dest);
861 ldap_url_duplist (LDAPURLDesc *ludlist)
863 LDAPURLDesc *dest, *tail, *ludp, *newludp;
867 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
868 newludp = ldap_url_dup(ludp);
869 if (newludp == NULL) {
870 ldap_free_urllist(dest);
876 tail->lud_next = newludp;
883 ldap_url_parselist (LDAPURLDesc **ludlist, const char *url )
892 return LDAP_PARAM_ERROR;
894 urls = ldap_str2charray(url, ", ");
896 return LDAP_NO_MEMORY;
898 /* count the URLs... */
899 for (i = 0; urls[i] != NULL; i++) ;
900 /* ...and put them in the "stack" backward */
902 rc = ldap_url_parse( urls[i], &ludp );
904 ldap_charray_free(urls);
905 ldap_free_urllist(*ludlist);
909 ludp->lud_next = *ludlist;
912 ldap_charray_free(urls);
918 LDAPURLDesc **ludlist,
929 return LDAP_PARAM_ERROR;
931 specs = ldap_str2charray(hosts, ", ");
933 return LDAP_NO_MEMORY;
935 /* count the URLs... */
936 for (i = 0; specs[i] != NULL; i++) /* EMPTY */;
938 /* ...and put them in the "stack" backward */
940 ludp = LDAP_CALLOC( 1, sizeof(LDAPURLDesc) );
942 ldap_charray_free(specs);
943 ldap_free_urllist(*ludlist);
945 return LDAP_NO_MEMORY;
947 ludp->lud_port = port;
948 ludp->lud_host = specs[i];
950 p = strchr(ludp->lud_host, ':');
952 /* more than one :, IPv6 address */
953 if ( strchr(p+1, ':') != NULL ) {
954 /* allow [address] and [address]:port */
955 if ( *ludp->lud_host == '[' ) {
956 p = LDAP_STRDUP(ludp->lud_host+1);
957 /* copied, make sure we free source later */
958 specs[i] = ludp->lud_host;
960 p = strchr( ludp->lud_host, ']' );
962 return LDAP_PARAM_ERROR;
966 return LDAP_PARAM_ERROR;
975 ldap_pvt_hex_unescape(p);
976 ludp->lud_port = atoi(p);
979 ldap_pvt_hex_unescape(ludp->lud_host);
980 ludp->lud_scheme = LDAP_STRDUP("ldap");
981 ludp->lud_next = *ludlist;
985 /* this should be an array of NULLs now */
986 /* except entries starting with [ */
987 ldap_charray_free(specs);
992 ldap_url_list2hosts (LDAPURLDesc *ludlist)
996 char *s, *p, buf[32]; /* big enough to hold a long decimal # (overkill) */
1001 /* figure out how big the string is */
1002 size = 1; /* nul-term */
1003 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
1004 size += strlen(ludp->lud_host) + 1; /* host and space */
1005 if (strchr(ludp->lud_host, ':')) /* will add [ ] below */
1007 if (ludp->lud_port != 0)
1008 size += sprintf(buf, ":%d", ludp->lud_port);
1010 s = LDAP_MALLOC(size);
1015 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
1016 if (strchr(ludp->lud_host, ':')) {
1017 p += sprintf(p, "[%s]", ludp->lud_host);
1019 strcpy(p, ludp->lud_host);
1020 p += strlen(ludp->lud_host);
1022 if (ludp->lud_port != 0)
1023 p += sprintf(p, ":%d", ludp->lud_port);
1027 p--; /* nuke that extra space */
1034 LDAPURLDesc *ludlist )
1038 char *s, *p, buf[32]; /* big enough to hold a long decimal # (overkill) */
1040 if (ludlist == NULL)
1043 /* figure out how big the string is */
1044 size = 1; /* nul-term */
1045 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
1046 size += strlen(ludp->lud_scheme) + strlen(ludp->lud_host);
1047 if (strchr(ludp->lud_host, ':')) /* will add [ ] below */
1049 size += sizeof(":/// ");
1051 if (ludp->lud_port != 0) {
1052 size += sprintf(buf, ":%d", ludp->lud_port);
1056 s = LDAP_MALLOC(size);
1062 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
1064 strchr(ludp->lud_host, ':') ? "%s://[%s]" : "%s://%s",
1065 ludp->lud_scheme, ludp->lud_host);
1066 if (ludp->lud_port != 0)
1067 p += sprintf(p, ":%d", ludp->lud_port);
1072 p--; /* nuke that extra space */
1078 ldap_free_urllist( LDAPURLDesc *ludlist )
1080 LDAPURLDesc *ludp, *next;
1082 for (ludp = ludlist; ludp != NULL; ludp = next) {
1083 next = ludp->lud_next;
1084 ldap_free_urldesc(ludp);
1089 ldap_free_urldesc( LDAPURLDesc *ludp )
1091 if ( ludp == NULL ) {
1095 if ( ludp->lud_scheme != NULL ) {
1096 LDAP_FREE( ludp->lud_scheme );
1099 if ( ludp->lud_host != NULL ) {
1100 LDAP_FREE( ludp->lud_host );
1103 if ( ludp->lud_dn != NULL ) {
1104 LDAP_FREE( ludp->lud_dn );
1107 if ( ludp->lud_filter != NULL ) {
1108 LDAP_FREE( ludp->lud_filter);
1111 if ( ludp->lud_attrs != NULL ) {
1112 LDAP_VFREE( ludp->lud_attrs );
1115 if ( ludp->lud_exts != NULL ) {
1116 LDAP_VFREE( ludp->lud_exts );
1123 ldap_int_unhex( int c )
1125 return( c >= '0' && c <= '9' ? c - '0'
1126 : c >= 'A' && c <= 'F' ? c - 'A' + 10
1131 ldap_pvt_hex_unescape( char *s )
1134 * Remove URL hex escapes from s... done in place. The basic concept for
1135 * this routine is borrowed from the WWW library HTUnEscape() routine.
1139 for ( p = s; *s != '\0'; ++s ) {
1141 if ( *++s != '\0' ) {
1142 *p = ldap_int_unhex( *s ) << 4;
1144 if ( *++s != '\0' ) {
1145 *p++ += ldap_int_unhex( *s );
projects / openldap / blob