3 * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
4 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
7 * Copyright (c) 1996 Regents of the University of Michigan.
10 * LIBLDAP url.c -- LDAP URL (RFC 2255) related routines
12 * LDAP URLs look like this:
13 * ldap[is]://host:port[/[dn[?[attributes][?[scope][?[filter][?exts]]]]]]
16 * attributes is a comma separated list
17 * scope is one of these three strings: base one sub (default=base)
18 * filter is an string-represented filter as in RFC 2254
20 * e.g., ldap://host:port/dc=com?o,cn?base?o=openldap?extension
22 * We also tolerate URLs that look like: <ldapurl> and <URL:ldapurl>
29 #include <ac/stdlib.h>
31 #include <ac/socket.h>
32 #include <ac/string.h>
39 static const char* skip_url_prefix LDAP_P((
42 const char **scheme ));
44 int ldap_pvt_url_scheme2proto( const char *scheme )
48 if( scheme == NULL ) {
52 if( strcmp("ldap", scheme) == 0 ) {
53 return LDAP_PROTO_TCP;
56 if( strcmp("ldapi", scheme) == 0 ) {
57 return LDAP_PROTO_IPC;
60 if( strcmp("ldaps", scheme) == 0 ) {
61 return LDAP_PROTO_TCP;
67 int ldap_pvt_url_scheme2tls( const char *scheme )
71 if( scheme == NULL ) {
75 return strcmp("ldaps", scheme) == 0;
79 ldap_is_ldap_url( LDAP_CONST char *url )
88 if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) {
96 ldap_is_ldaps_url( LDAP_CONST char *url )
105 if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) {
109 return strcmp(scheme, "ldaps") == 0;
113 ldap_is_ldapi_url( LDAP_CONST char *url )
122 if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) {
126 return strcmp(scheme, "ldapi") == 0;
133 const char **scheme )
136 * return non-zero if this looks like a LDAP URL; zero if not
137 * if non-zero returned, *urlp will be moved past "ldap://" part of URL
147 /* skip leading '<' (if any) */
155 /* skip leading "URL:" (if any) */
156 if ( strncasecmp( p, LDAP_URL_URLCOLON, LDAP_URL_URLCOLON_LEN ) == 0 ) {
157 p += LDAP_URL_URLCOLON_LEN;
160 /* check for "ldap://" prefix */
161 if ( strncasecmp( p, LDAP_URL_PREFIX, LDAP_URL_PREFIX_LEN ) == 0 ) {
162 /* skip over "ldap://" prefix and return success */
163 p += LDAP_URL_PREFIX_LEN;
168 /* check for "ldaps://" prefix */
169 if ( strncasecmp( p, LDAPS_URL_PREFIX, LDAPS_URL_PREFIX_LEN ) == 0 ) {
170 /* skip over "ldaps://" prefix and return success */
171 p += LDAPS_URL_PREFIX_LEN;
176 /* check for "ldapi://" prefix */
177 if ( strncasecmp( p, LDAPI_URL_PREFIX, LDAPI_URL_PREFIX_LEN ) == 0 ) {
178 /* skip over "ldapi://" prefix and return success */
179 p += LDAPI_URL_PREFIX_LEN;
188 static int str2scope( const char *p )
190 if ( strcasecmp( p, "one" ) == 0 ) {
191 return LDAP_SCOPE_ONELEVEL;
193 } else if ( strcasecmp( p, "onetree" ) == 0 ) {
194 return LDAP_SCOPE_ONELEVEL;
196 } else if ( strcasecmp( p, "base" ) == 0 ) {
197 return LDAP_SCOPE_BASE;
199 } else if ( strcasecmp( p, "sub" ) == 0 ) {
200 return LDAP_SCOPE_SUBTREE;
202 } else if ( strcasecmp( p, "subtree" ) == 0 ) {
203 return LDAP_SCOPE_SUBTREE;
211 ldap_url_parse_ext( LDAP_CONST char *url_in, LDAPURLDesc **ludpp )
214 * Pick apart the pieces of an LDAP URL.
220 const char *scheme = NULL;
224 if( url_in == NULL && ludpp == NULL ) {
225 return LDAP_URL_ERR_PARAM;
228 #ifndef LDAP_INT_IN_KERNEL
229 /* Global options may not be created yet
230 * We can't test if the global options are initialized
231 * because a call to LDAP_INT_GLOBAL_OPT() will try to allocate
232 * the options and cause infinite recursion
234 Debug( LDAP_DEBUG_TRACE, "ldap_url_parse_ext(%s)\n", url_in, 0, 0 );
237 *ludpp = NULL; /* pessimistic */
239 url_tmp = skip_url_prefix( url_in, &enclosed, &scheme );
241 if ( url_tmp == NULL ) {
242 return LDAP_URL_ERR_BADSCHEME;
247 /* make working copy of the remainder of the URL */
248 url = LDAP_STRDUP( url_tmp );
250 return LDAP_URL_ERR_MEM;
254 p = &url[strlen(url)-1];
258 return LDAP_URL_ERR_BADENCLOSURE;
264 /* allocate return struct */
265 ludp = (LDAPURLDesc *)LDAP_CALLOC( 1, sizeof( LDAPURLDesc ));
267 if ( ludp == NULL ) {
269 return LDAP_URL_ERR_MEM;
272 ludp->lud_next = NULL;
273 ludp->lud_host = NULL;
274 ludp->lud_port = LDAP_PORT;
276 ludp->lud_attrs = NULL;
277 ludp->lud_filter = NULL;
278 ludp->lud_scope = LDAP_SCOPE_DEFAULT;
279 ludp->lud_filter = NULL;
280 ludp->lud_exts = NULL;
282 ludp->lud_scheme = LDAP_STRDUP( scheme );
284 if ( ludp->lud_scheme == NULL ) {
286 ldap_free_urldesc( ludp );
287 return LDAP_URL_ERR_MEM;
290 if( strcasecmp( ludp->lud_scheme, "ldaps" ) == 0 ) {
291 ludp->lud_port = LDAPS_PORT;
294 /* scan forward for '/' that marks end of hostport and begin. of dn */
295 p = strchr( url, '/' );
298 /* terminate hostport; point to start of dn */
302 /* IPv6 syntax with [ip address]:port */
304 r = strchr( url, ']' );
307 ldap_free_urldesc( ludp );
308 return LDAP_URL_ERR_BADURL;
311 q = strchr( r, ':' );
313 q = strchr( url, ':' );
318 ldap_pvt_hex_unescape( q );
322 ldap_free_urldesc( ludp );
323 return LDAP_URL_ERR_BADURL;
326 ludp->lud_port = atoi( q );
329 ldap_pvt_hex_unescape( url );
331 /* If [ip address]:port syntax, url is [ip and we skip the [ */
332 ludp->lud_host = LDAP_STRDUP( url + ( *url == '[' ) );
334 if( ludp->lud_host == NULL ) {
336 ldap_free_urldesc( ludp );
337 return LDAP_URL_ERR_MEM;
341 * Kludge. ldap://111.222.333.444:389??cn=abc,o=company
343 * On early Novell releases, search references/referrals were returned
344 * in this format, i.e., the dn was kind of in the scope position,
345 * but the required slash is missing. The whole thing is illegal syntax,
346 * but we need to account for it. Fortunately it can't be confused with
349 if( (p == NULL) && (q != NULL) && ((q = strchr( q, '?')) != NULL)) {
351 /* ? immediately followed by question */
356 ldap_pvt_hex_unescape( q );
357 ludp->lud_dn = LDAP_STRDUP( q );
359 ludp->lud_dn = LDAP_STRDUP( "" );
362 if( ludp->lud_dn == NULL ) {
364 ldap_free_urldesc( ludp );
365 return LDAP_URL_ERR_MEM;
373 return LDAP_URL_SUCCESS;
376 /* scan forward for '?' that may marks end of dn */
377 q = strchr( p, '?' );
380 /* terminate dn part */
386 ldap_pvt_hex_unescape( p );
387 ludp->lud_dn = LDAP_STRDUP( p );
389 ludp->lud_dn = LDAP_STRDUP( "" );
392 if( ludp->lud_dn == NULL ) {
394 ldap_free_urldesc( ludp );
395 return LDAP_URL_ERR_MEM;
402 return LDAP_URL_SUCCESS;
405 /* scan forward for '?' that may marks end of attributes */
407 q = strchr( p, '?' );
410 /* terminate attributes part */
415 /* parse attributes */
416 ldap_pvt_hex_unescape( p );
417 ludp->lud_attrs = ldap_str2charray( p, "," );
419 if( ludp->lud_attrs == NULL ) {
421 ldap_free_urldesc( ludp );
422 return LDAP_URL_ERR_BADATTRS;
430 return LDAP_URL_SUCCESS;
433 /* scan forward for '?' that may marks end of scope */
435 q = strchr( p, '?' );
438 /* terminate the scope part */
443 /* parse the scope */
444 ldap_pvt_hex_unescape( p );
445 ludp->lud_scope = str2scope( p );
447 if( ludp->lud_scope == -1 ) {
449 ldap_free_urldesc( ludp );
450 return LDAP_URL_ERR_BADSCOPE;
458 return LDAP_URL_SUCCESS;
461 /* scan forward for '?' that may marks end of filter */
463 q = strchr( p, '?' );
466 /* terminate the filter part */
471 /* parse the filter */
472 ldap_pvt_hex_unescape( p );
477 ldap_free_urldesc( ludp );
478 return LDAP_URL_ERR_BADFILTER;
481 LDAP_FREE( ludp->lud_filter );
482 ludp->lud_filter = LDAP_STRDUP( p );
484 if( ludp->lud_filter == NULL ) {
486 ldap_free_urldesc( ludp );
487 return LDAP_URL_ERR_MEM;
495 return LDAP_URL_SUCCESS;
498 /* scan forward for '?' that may marks end of extensions */
500 q = strchr( p, '?' );
505 ldap_free_urldesc( ludp );
506 return LDAP_URL_ERR_BADURL;
509 /* parse the extensions */
510 ludp->lud_exts = ldap_str2charray( p, "," );
512 if( ludp->lud_exts == NULL ) {
514 ldap_free_urldesc( ludp );
515 return LDAP_URL_ERR_BADEXTS;
518 for( i=0; ludp->lud_exts[i] != NULL; i++ ) {
519 ldap_pvt_hex_unescape( ludp->lud_exts[i] );
521 if( *ludp->lud_exts[i] == '!' ) {
522 /* count the number of critical extensions */
523 ludp->lud_crit_exts++;
528 /* must have 1 or more */
529 ldap_charray_free( ludp->lud_exts );
531 ldap_free_urldesc( ludp );
532 return LDAP_URL_ERR_BADEXTS;
538 return LDAP_URL_SUCCESS;
542 ldap_url_parse( LDAP_CONST char *url_in, LDAPURLDesc **ludpp )
544 int rc = ldap_url_parse_ext( url_in, ludpp );
546 if( rc != LDAP_URL_SUCCESS ) {
550 if ((*ludpp)->lud_scope == LDAP_SCOPE_DEFAULT) {
551 (*ludpp)->lud_scope = LDAP_SCOPE_BASE;
554 if ((*ludpp)->lud_host != NULL && *(*ludpp)->lud_host == '\0') {
555 LDAP_FREE( (*ludpp)->lud_host );
556 (*ludpp)->lud_host = NULL;
563 ldap_url_dup ( LDAPURLDesc *ludp )
567 if ( ludp == NULL ) {
571 dest = LDAP_MALLOC( sizeof(LDAPURLDesc) );
576 dest->lud_scheme = NULL;
577 dest->lud_host = NULL;
579 dest->lud_filter = NULL;
580 dest->lud_attrs = NULL;
581 dest->lud_exts = NULL;
582 dest->lud_next = NULL;
584 if ( ludp->lud_scheme != NULL ) {
585 dest->lud_scheme = LDAP_STRDUP( ludp->lud_scheme );
586 if (dest->lud_scheme == NULL) {
587 ldap_free_urldesc(dest);
592 if ( ludp->lud_host != NULL ) {
593 dest->lud_host = LDAP_STRDUP( ludp->lud_host );
594 if (dest->lud_host == NULL) {
595 ldap_free_urldesc(dest);
600 if ( ludp->lud_dn != NULL ) {
601 dest->lud_dn = LDAP_STRDUP( ludp->lud_dn );
602 if (dest->lud_dn == NULL) {
603 ldap_free_urldesc(dest);
608 if ( ludp->lud_filter != NULL ) {
609 dest->lud_filter = LDAP_STRDUP( ludp->lud_filter );
610 if (dest->lud_filter == NULL) {
611 ldap_free_urldesc(dest);
616 if ( ludp->lud_attrs != NULL ) {
617 dest->lud_attrs = ldap_charray_dup( ludp->lud_attrs );
618 if (dest->lud_attrs == NULL) {
619 ldap_free_urldesc(dest);
624 if ( ludp->lud_exts != NULL ) {
625 dest->lud_exts = ldap_charray_dup( ludp->lud_exts );
626 if (dest->lud_exts == NULL) {
627 ldap_free_urldesc(dest);
636 ldap_url_duplist (LDAPURLDesc *ludlist)
638 LDAPURLDesc *dest, *tail, *ludp, *newludp;
642 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
643 newludp = ldap_url_dup(ludp);
644 if (newludp == NULL) {
645 ldap_free_urllist(dest);
651 tail->lud_next = newludp;
658 ldap_url_parselist (LDAPURLDesc **ludlist, const char *url )
667 return LDAP_PARAM_ERROR;
669 urls = ldap_str2charray((char *)url, ", ");
671 return LDAP_NO_MEMORY;
673 /* count the URLs... */
674 for (i = 0; urls[i] != NULL; i++) ;
675 /* ...and put them in the "stack" backward */
677 rc = ldap_url_parse( urls[i], &ludp );
679 ldap_charray_free(urls);
680 ldap_free_urllist(*ludlist);
684 ludp->lud_next = *ludlist;
687 ldap_charray_free(urls);
693 LDAPURLDesc **ludlist,
704 return LDAP_PARAM_ERROR;
706 specs = ldap_str2charray((char *)hosts, ", ");
708 return LDAP_NO_MEMORY;
710 /* count the URLs... */
711 for (i = 0; specs[i] != NULL; i++) /* EMPTY */;
713 /* ...and put them in the "stack" backward */
715 ludp = LDAP_CALLOC( 1, sizeof(LDAPURLDesc) );
717 ldap_charray_free(specs);
718 ldap_free_urllist(*ludlist);
720 return LDAP_NO_MEMORY;
722 ludp->lud_port = port;
723 ludp->lud_host = specs[i];
725 p = strchr(ludp->lud_host, ':');
727 /* more than one :, IPv6 address */
728 if ( strchr(p+1, ':') != NULL ) {
729 /* allow [address] and [address]:port */
730 if ( *ludp->lud_host == '[' ) {
731 p = LDAP_STRDUP(ludp->lud_host+1);
732 /* copied, make sure we free source later */
733 specs[i] = ludp->lud_host;
735 p = strchr( ludp->lud_host, ']' );
737 return LDAP_PARAM_ERROR;
741 return LDAP_PARAM_ERROR;
750 ldap_pvt_hex_unescape(p);
751 ludp->lud_port = atoi(p);
754 ldap_pvt_hex_unescape(ludp->lud_host);
755 ludp->lud_scheme = LDAP_STRDUP("ldap");
756 ludp->lud_next = *ludlist;
760 /* this should be an array of NULLs now */
761 /* except entries starting with [ */
762 ldap_charray_free(specs);
767 ldap_url_list2hosts (LDAPURLDesc *ludlist)
771 char *s, *p, buf[32]; /* big enough to hold a long decimal # (overkill) */
776 /* figure out how big the string is */
777 size = 1; /* nul-term */
778 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
779 size += strlen(ludp->lud_host) + 1; /* host and space */
780 if (strchr(ludp->lud_host, ':')) /* will add [ ] below */
782 if (ludp->lud_port != 0)
783 size += sprintf(buf, ":%d", ludp->lud_port);
785 s = LDAP_MALLOC(size);
790 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
791 if (strchr(ludp->lud_host, ':')) {
792 p += sprintf(p, "[%s]", ludp->lud_host);
794 strcpy(p, ludp->lud_host);
795 p += strlen(ludp->lud_host);
797 if (ludp->lud_port != 0)
798 p += sprintf(p, ":%d", ludp->lud_port);
802 p--; /* nuke that extra space */
809 LDAPURLDesc *ludlist )
813 char *s, *p, buf[32]; /* big enough to hold a long decimal # (overkill) */
818 /* figure out how big the string is */
819 size = 1; /* nul-term */
820 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
821 size += strlen(ludp->lud_scheme) + strlen(ludp->lud_host);
822 if (strchr(ludp->lud_host, ':')) /* will add [ ] below */
824 size += sizeof(":/// ");
826 if (ludp->lud_port != 0) {
827 size += sprintf(buf, ":%d", ludp->lud_port);
831 s = LDAP_MALLOC(size);
837 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
839 strchr(ludp->lud_host, ':') ? "%s://[%s]" : "%s://%s",
840 ludp->lud_scheme, ludp->lud_host);
841 if (ludp->lud_port != 0)
842 p += sprintf(p, ":%d", ludp->lud_port);
847 p--; /* nuke that extra space */
853 ldap_free_urllist( LDAPURLDesc *ludlist )
855 LDAPURLDesc *ludp, *next;
857 for (ludp = ludlist; ludp != NULL; ludp = next) {
858 next = ludp->lud_next;
859 ldap_free_urldesc(ludp);
864 ldap_free_urldesc( LDAPURLDesc *ludp )
866 if ( ludp == NULL ) {
870 if ( ludp->lud_scheme != NULL ) {
871 LDAP_FREE( ludp->lud_scheme );
874 if ( ludp->lud_host != NULL ) {
875 LDAP_FREE( ludp->lud_host );
878 if ( ludp->lud_dn != NULL ) {
879 LDAP_FREE( ludp->lud_dn );
882 if ( ludp->lud_filter != NULL ) {
883 LDAP_FREE( ludp->lud_filter);
886 if ( ludp->lud_attrs != NULL ) {
887 LDAP_VFREE( ludp->lud_attrs );
890 if ( ludp->lud_exts != NULL ) {
891 LDAP_VFREE( ludp->lud_exts );
900 ldap_url_search( LDAP *ld, LDAP_CONST char *url, int attrsonly )
907 assert( ld != NULL );
908 assert( LDAP_VALID( ld ) );
910 if ( ldap_url_parse( url, &ludp ) != 0 ) {
911 ld->ld_errno = LDAP_PARAM_ERROR;
915 if( ludp->lud_crit_exts ) {
916 /* we don't support any extension (yet) */
917 ld->ld_errno = LDAP_NOT_SUPPORTED;
921 ber = ldap_build_search_req( ld, ludp->lud_dn, ludp->lud_scope,
922 ludp->lud_filter, ludp->lud_attrs, attrsonly, NULL, NULL,
928 bind.ri_request = LDAP_REQ_SEARCH;
929 bind.ri_msgid = ld->ld_msgid;
930 bind.ri_url = (char *)url;
931 err = ldap_send_server_request(
932 ld, ber, ld->ld_msgid, NULL,
936 ldap_free_urldesc( ludp );
942 ldap_url_search_st( LDAP *ld, LDAP_CONST char *url, int attrsonly,
943 struct timeval *timeout, LDAPMessage **res )
947 if (( msgid = ldap_url_search( ld, url, attrsonly )) == -1 ) {
948 return( ld->ld_errno );
951 if ( ldap_result( ld, msgid, 1, timeout, res ) == -1 ) {
952 return( ld->ld_errno );
955 if ( ld->ld_errno == LDAP_TIMEOUT ) {
956 (void) ldap_abandon( ld, msgid );
957 ld->ld_errno = LDAP_TIMEOUT;
958 return( ld->ld_errno );
961 return( ldap_result2error( ld, *res, 0 ));
967 LDAP *ld, LDAP_CONST char *url, int attrsonly, LDAPMessage **res )
971 if (( msgid = ldap_url_search( ld, url, attrsonly )) == -1 ) {
972 return( ld->ld_errno );
975 if ( ldap_result( ld, msgid, 1, (struct timeval *)NULL, res ) == -1 ) {
976 return( ld->ld_errno );
979 return( ldap_result2error( ld, *res, 0 ));
984 ldap_pvt_hex_unescape( char *s )
987 * Remove URL hex escapes from s... done in place. The basic concept for
988 * this routine is borrowed from the WWW library HTUnEscape() routine.
992 for ( p = s; *s != '\0'; ++s ) {
994 if ( *++s != '\0' ) {
995 *p = ldap_pvt_unhex( *s ) << 4;
997 if ( *++s != '\0' ) {
998 *p++ += ldap_pvt_unhex( *s );
1010 ldap_pvt_unhex( int c )
1012 return( c >= '0' && c <= '9' ? c - '0'
1013 : c >= 'A' && c <= 'F' ? c - 'A' + 10
projects / openldap / blob