3 * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
4 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
7 * Copyright (c) 1996 Regents of the University of Michigan.
10 * LIBLDAP url.c -- LDAP URL (RFC 2255) related routines
12 * LDAP URLs look like this:
13 * ldap[is]://host:port[/[dn[?[attributes][?[scope][?[filter][?exts]]]]]]
16 * attributes is a comma separated list
17 * scope is one of these three strings: base one sub (default=base)
18 * filter is an string-represented filter as in RFC 2254
20 * e.g., ldap://host:port/dc=com?o,cn?base?o=openldap?extension
22 * We also tolerate URLs that look like: <ldapurl> and <URL:ldapurl>
29 #include <ac/stdlib.h>
31 #include <ac/socket.h>
32 #include <ac/string.h>
39 static const char* skip_url_prefix LDAP_P((
42 const char **scheme ));
44 int ldap_pvt_url_scheme2proto( const char *scheme )
48 if( scheme == NULL ) {
52 if( strcmp("ldap", scheme) == 0 ) {
53 return LDAP_PROTO_TCP;
56 if( strcmp("ldapi", scheme) == 0 ) {
57 return LDAP_PROTO_IPC;
60 if( strcmp("ldaps", scheme) == 0 ) {
61 return LDAP_PROTO_TCP;
67 int ldap_pvt_url_scheme2tls( const char *scheme )
71 if( scheme == NULL ) {
75 return strcmp("ldaps", scheme) == 0;
79 ldap_is_ldap_url( LDAP_CONST char *url )
88 if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) {
96 ldap_is_ldaps_url( LDAP_CONST char *url )
105 if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) {
109 return strcmp(scheme, "ldaps") == 0;
113 ldap_is_ldapi_url( LDAP_CONST char *url )
122 if( skip_url_prefix( url, &enclosed, &scheme ) == NULL ) {
126 return strcmp(scheme, "ldapi") == 0;
133 const char **scheme )
136 * return non-zero if this looks like a LDAP URL; zero if not
137 * if non-zero returned, *urlp will be moved past "ldap://" part of URL
147 /* skip leading '<' (if any) */
155 /* skip leading "URL:" (if any) */
156 if ( strncasecmp( p, LDAP_URL_URLCOLON, LDAP_URL_URLCOLON_LEN ) == 0 )
158 p += LDAP_URL_URLCOLON_LEN;
161 /* check for "ldap://" prefix */
162 if ( strncasecmp( p, LDAP_URL_PREFIX, LDAP_URL_PREFIX_LEN ) == 0 ) {
163 /* skip over "ldap://" prefix and return success */
164 p += LDAP_URL_PREFIX_LEN;
169 /* check for "ldaps://" prefix */
170 if ( strncasecmp( p, LDAPS_URL_PREFIX, LDAPS_URL_PREFIX_LEN ) == 0 ) {
171 /* skip over "ldaps://" prefix and return success */
172 p += LDAPS_URL_PREFIX_LEN;
177 /* check for "ldapi://" prefix */
178 if ( strncasecmp( p, LDAPI_URL_PREFIX, LDAPI_URL_PREFIX_LEN ) == 0 ) {
179 /* skip over "ldapi://" prefix and return success */
180 p += LDAPI_URL_PREFIX_LEN;
189 static int str2scope( const char *p )
191 if ( strcasecmp( p, "one" ) == 0 ) {
192 return LDAP_SCOPE_ONELEVEL;
194 } else if ( strcasecmp( p, "onetree" ) == 0 ) {
195 return LDAP_SCOPE_ONELEVEL;
197 } else if ( strcasecmp( p, "base" ) == 0 ) {
198 return LDAP_SCOPE_BASE;
200 } else if ( strcasecmp( p, "sub" ) == 0 ) {
201 return LDAP_SCOPE_SUBTREE;
203 } else if ( strcasecmp( p, "subtree" ) == 0 ) {
204 return LDAP_SCOPE_SUBTREE;
212 ldap_url_parse( LDAP_CONST char *url_in, LDAPURLDesc **ludpp )
215 * Pick apart the pieces of an LDAP URL.
221 const char *scheme = NULL;
225 if( url_in == NULL && ludpp == NULL ) {
226 return LDAP_URL_ERR_PARAM;
229 #ifndef LDAP_INT_IN_KERNEL
230 /* Global options may not be created yet
231 * We can't test if the global options are initialized
232 * because a call to LDAP_INT_GLOBAL_OPT() will try to allocate
233 * the options and cause infinite recursion
235 Debug( LDAP_DEBUG_TRACE, "ldap_url_parse(%s)\n", url_in, 0, 0 );
238 *ludpp = NULL; /* pessimistic */
240 url_tmp = skip_url_prefix( url_in, &enclosed, &scheme );
242 if ( url_tmp == NULL ) {
243 return LDAP_URL_ERR_BADSCHEME;
248 /* make working copy of the remainder of the URL */
249 url = LDAP_STRDUP( url_tmp );
251 return LDAP_URL_ERR_MEM;
255 p = &url[strlen(url)-1];
259 return LDAP_URL_ERR_BADENCLOSURE;
265 /* allocate return struct */
266 ludp = (LDAPURLDesc *)LDAP_CALLOC( 1, sizeof( LDAPURLDesc ));
268 if ( ludp == NULL ) {
270 return LDAP_URL_ERR_MEM;
273 ludp->lud_next = NULL;
274 ludp->lud_host = NULL;
277 ludp->lud_attrs = NULL;
278 ludp->lud_filter = NULL;
279 ludp->lud_scope = LDAP_SCOPE_BASE;
280 ludp->lud_filter = NULL;
282 ludp->lud_scheme = LDAP_STRDUP( scheme );
284 if ( ludp->lud_scheme == NULL ) {
286 ldap_free_urldesc( ludp );
287 return LDAP_URL_ERR_MEM;
290 /* scan forward for '/' that marks end of hostport and begin. of dn */
291 p = strchr( url, '/' );
294 /* terminate hostport; point to start of dn */
298 /* IPv6 syntax with [ip address]:port */
300 r = strchr( url, ']' );
303 ldap_free_urldesc( ludp );
304 return LDAP_URL_ERR_BADURL;
307 q = strchr( r, ':' );
309 q = strchr( url, ':' );
314 ldap_pvt_hex_unescape( q );
318 ldap_free_urldesc( ludp );
319 return LDAP_URL_ERR_BADURL;
322 ludp->lud_port = atoi( q );
325 ldap_pvt_hex_unescape( url );
327 /* If [ip address]:port syntax, url is [ip and we skip the [ */
328 ludp->lud_host = LDAP_STRDUP( url + ( *url == '[' ) );
330 if( ludp->lud_host == NULL ) {
332 ldap_free_urldesc( ludp );
333 return LDAP_URL_ERR_MEM;
337 * Kludge. ldap://111.222.333.444:389??cn=abc,o=company
339 * On early Novell releases, search references/referrals were returned
340 * in this format, i.e., the dn was kind of in the scope position,
341 * but the required slash is missing. The whole thing is illegal syntax,
342 * but we need to account for it. Fortunately it can't be confused with
345 if( (p == NULL) && (q != NULL) && ((q = strchr( q, '?')) != NULL)) {
347 /* ? immediately followed by question */
352 ldap_pvt_hex_unescape( q );
353 ludp->lud_dn = LDAP_STRDUP( q );
355 ludp->lud_dn = LDAP_STRDUP( "" );
358 if( ludp->lud_dn == NULL ) {
360 ldap_free_urldesc( ludp );
361 return LDAP_URL_ERR_MEM;
369 return LDAP_URL_SUCCESS;
372 /* scan forward for '?' that may marks end of dn */
373 q = strchr( p, '?' );
376 /* terminate dn part */
382 ldap_pvt_hex_unescape( p );
383 ludp->lud_dn = LDAP_STRDUP( p );
385 ludp->lud_dn = LDAP_STRDUP( "" );
388 if( ludp->lud_dn == NULL ) {
390 ldap_free_urldesc( ludp );
391 return LDAP_URL_ERR_MEM;
398 return LDAP_URL_SUCCESS;
401 /* scan forward for '?' that may marks end of attributes */
403 q = strchr( p, '?' );
406 /* terminate attributes part */
411 /* parse attributes */
412 ldap_pvt_hex_unescape( p );
413 ludp->lud_attrs = ldap_str2charray( p, "," );
415 if( ludp->lud_attrs == NULL ) {
417 ldap_free_urldesc( ludp );
418 return LDAP_URL_ERR_BADATTRS;
426 return LDAP_URL_SUCCESS;
429 /* scan forward for '?' that may marks end of scope */
431 q = strchr( p, '?' );
434 /* terminate the scope part */
439 /* parse the scope */
440 ldap_pvt_hex_unescape( p );
441 ludp->lud_scope = str2scope( p );
443 if( ludp->lud_scope == -1 ) {
445 ldap_free_urldesc( ludp );
446 return LDAP_URL_ERR_BADSCOPE;
454 return LDAP_URL_SUCCESS;
457 /* scan forward for '?' that may marks end of filter */
459 q = strchr( p, '?' );
462 /* terminate the filter part */
467 /* parse the filter */
468 ldap_pvt_hex_unescape( p );
473 ldap_free_urldesc( ludp );
474 return LDAP_URL_ERR_BADFILTER;
477 LDAP_FREE( ludp->lud_filter );
478 ludp->lud_filter = LDAP_STRDUP( p );
480 if( ludp->lud_filter == NULL ) {
482 ldap_free_urldesc( ludp );
483 return LDAP_URL_ERR_MEM;
491 return LDAP_URL_SUCCESS;
494 /* scan forward for '?' that may marks end of extensions */
496 q = strchr( p, '?' );
501 ldap_free_urldesc( ludp );
502 return LDAP_URL_ERR_BADURL;
505 /* parse the extensions */
506 ludp->lud_exts = ldap_str2charray( p, "," );
508 if( ludp->lud_exts == NULL ) {
510 ldap_free_urldesc( ludp );
511 return LDAP_URL_ERR_BADEXTS;
514 for( i=0; ludp->lud_exts[i] != NULL; i++ ) {
515 ldap_pvt_hex_unescape( ludp->lud_exts[i] );
519 /* must have 1 or more */
520 ldap_charray_free( ludp->lud_exts );
522 ldap_free_urldesc( ludp );
523 return LDAP_URL_ERR_BADEXTS;
529 return LDAP_URL_SUCCESS;
533 ldap_url_dup ( LDAPURLDesc *ludp )
537 if ( ludp == NULL ) {
541 dest = LDAP_MALLOC( sizeof(LDAPURLDesc) );
546 dest->lud_scheme = NULL;
547 dest->lud_host = NULL;
549 dest->lud_filter = NULL;
550 dest->lud_attrs = NULL;
551 dest->lud_exts = NULL;
552 dest->lud_next = NULL;
554 if ( ludp->lud_scheme != NULL ) {
555 dest->lud_scheme = LDAP_STRDUP( ludp->lud_scheme );
556 if (dest->lud_scheme == NULL) {
557 ldap_free_urldesc(dest);
562 if ( ludp->lud_host != NULL ) {
563 dest->lud_host = LDAP_STRDUP( ludp->lud_host );
564 if (dest->lud_host == NULL) {
565 ldap_free_urldesc(dest);
570 if ( ludp->lud_dn != NULL ) {
571 dest->lud_dn = LDAP_STRDUP( ludp->lud_dn );
572 if (dest->lud_dn == NULL) {
573 ldap_free_urldesc(dest);
578 if ( ludp->lud_filter != NULL ) {
579 dest->lud_filter = LDAP_STRDUP( ludp->lud_filter );
580 if (dest->lud_filter == NULL) {
581 ldap_free_urldesc(dest);
586 if ( ludp->lud_attrs != NULL ) {
587 dest->lud_attrs = ldap_charray_dup( ludp->lud_attrs );
588 if (dest->lud_attrs == NULL) {
589 ldap_free_urldesc(dest);
594 if ( ludp->lud_exts != NULL ) {
595 dest->lud_exts = ldap_charray_dup( ludp->lud_exts );
596 if (dest->lud_exts == NULL) {
597 ldap_free_urldesc(dest);
606 ldap_url_duplist (LDAPURLDesc *ludlist)
608 LDAPURLDesc *dest, *tail, *ludp, *newludp;
612 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
613 newludp = ldap_url_dup(ludp);
614 if (newludp == NULL) {
615 ldap_free_urllist(dest);
621 tail->lud_next = newludp;
628 ldap_url_parselist (LDAPURLDesc **ludlist, const char *url )
637 return LDAP_PARAM_ERROR;
639 urls = ldap_str2charray((char *)url, ", ");
641 return LDAP_NO_MEMORY;
643 /* count the URLs... */
644 for (i = 0; urls[i] != NULL; i++) ;
645 /* ...and put them in the "stack" backward */
647 rc = ldap_url_parse( urls[i], &ludp );
649 ldap_charray_free(urls);
650 ldap_free_urllist(*ludlist);
654 ludp->lud_next = *ludlist;
657 ldap_charray_free(urls);
662 ldap_url_parsehosts (LDAPURLDesc **ludlist, const char *hosts )
671 return LDAP_PARAM_ERROR;
673 specs = ldap_str2charray((char *)hosts, ", ");
675 return LDAP_NO_MEMORY;
677 /* count the URLs... */
678 for (i = 0; specs[i] != NULL; i++) /* EMPTY */;
680 /* ...and put them in the "stack" backward */
682 ludp = LDAP_CALLOC( 1, sizeof(LDAPURLDesc) );
684 ldap_charray_free(specs);
685 ldap_free_urllist(*ludlist);
687 return LDAP_NO_MEMORY;
689 ludp->lud_host = specs[i];
691 p = strchr(ludp->lud_host, ':');
693 /* more than one :, IPv6 address */
694 if ( strchr(p+1, ':') != NULL ) {
695 /* allow [address] and [address]:port */
696 if ( *ludp->lud_host == '[' ) {
697 p = LDAP_STRDUP(ludp->lud_host+1);
698 /* copied, make sure we free source later */
699 specs[i] = ludp->lud_host;
701 p = strchr( ludp->lud_host, ']' );
703 return LDAP_PARAM_ERROR;
707 return LDAP_PARAM_ERROR;
716 ldap_pvt_hex_unescape(p);
717 ludp->lud_port = atoi(p);
720 ldap_pvt_hex_unescape(ludp->lud_host);
721 ludp->lud_scheme = LDAP_STRDUP("ldap");
722 ludp->lud_next = *ludlist;
726 /* this should be an array of NULLs now */
727 /* except entries starting with [ */
728 ldap_charray_free(specs);
733 ldap_url_list2hosts (LDAPURLDesc *ludlist)
737 char *s, *p, buf[32]; /* big enough to hold a long decimal # (overkill) */
742 /* figure out how big the string is */
743 size = 1; /* nul-term */
744 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
745 size += strlen(ludp->lud_host) + 1; /* host and space */
746 if (strchr(ludp->lud_host, ':')) /* will add [ ] below */
748 if (ludp->lud_port != 0)
749 size += sprintf(buf, ":%d", ludp->lud_port);
751 s = LDAP_MALLOC(size);
756 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
757 if (strchr(ludp->lud_host, ':')) {
758 p += sprintf(p, "[%s]", ludp->lud_host);
760 strcpy(p, ludp->lud_host);
761 p += strlen(ludp->lud_host);
763 if (ludp->lud_port != 0)
764 p += sprintf(p, ":%d", ludp->lud_port);
768 p--; /* nuke that extra space */
775 LDAPURLDesc *ludlist )
779 char *s, *p, buf[32]; /* big enough to hold a long decimal # (overkill) */
784 /* figure out how big the string is */
785 size = 1; /* nul-term */
786 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
787 size += strlen(ludp->lud_scheme) + strlen(ludp->lud_host);
788 if (strchr(ludp->lud_host, ':')) /* will add [ ] below */
790 size += sizeof(":/// ");
792 if (ludp->lud_port != 0) {
793 size += sprintf(buf, ":%d", ludp->lud_port);
797 s = LDAP_MALLOC(size);
803 for (ludp = ludlist; ludp != NULL; ludp = ludp->lud_next) {
805 strchr(ludp->lud_host, ':') ? "%s://[%s]" : "%s://%s",
806 ludp->lud_scheme, ludp->lud_host);
807 if (ludp->lud_port != 0)
808 p += sprintf(p, ":%d", ludp->lud_port);
813 p--; /* nuke that extra space */
819 ldap_free_urllist( LDAPURLDesc *ludlist )
821 LDAPURLDesc *ludp, *next;
823 for (ludp = ludlist; ludp != NULL; ludp = next) {
824 next = ludp->lud_next;
825 ldap_free_urldesc(ludp);
830 ldap_free_urldesc( LDAPURLDesc *ludp )
832 if ( ludp == NULL ) {
836 if ( ludp->lud_scheme != NULL ) {
837 LDAP_FREE( ludp->lud_scheme );
840 if ( ludp->lud_host != NULL ) {
841 LDAP_FREE( ludp->lud_host );
844 if ( ludp->lud_dn != NULL ) {
845 LDAP_FREE( ludp->lud_dn );
848 if ( ludp->lud_filter != NULL ) {
849 LDAP_FREE( ludp->lud_filter);
852 if ( ludp->lud_attrs != NULL ) {
853 LDAP_VFREE( ludp->lud_attrs );
856 if ( ludp->lud_exts != NULL ) {
857 LDAP_VFREE( ludp->lud_exts );
866 ldap_url_search( LDAP *ld, LDAP_CONST char *url, int attrsonly )
873 if ( ldap_url_parse( url, &ludp ) != 0 ) {
874 ld->ld_errno = LDAP_PARAM_ERROR;
878 ber = ldap_build_search_req( ld, ludp->lud_dn, ludp->lud_scope,
879 ludp->lud_filter, ludp->lud_attrs, attrsonly, NULL, NULL,
885 bind.ri_request = LDAP_REQ_SEARCH;
886 bind.ri_msgid = ld->ld_msgid;
887 bind.ri_url = (char *)url;
888 err = ldap_send_server_request(
889 ld, ber, ld->ld_msgid, NULL,
890 (ludp->lud_host != NULL || ludp->lud_port != 0)
895 ldap_free_urldesc( ludp );
901 ldap_url_search_st( LDAP *ld, LDAP_CONST char *url, int attrsonly,
902 struct timeval *timeout, LDAPMessage **res )
906 if (( msgid = ldap_url_search( ld, url, attrsonly )) == -1 ) {
907 return( ld->ld_errno );
910 if ( ldap_result( ld, msgid, 1, timeout, res ) == -1 ) {
911 return( ld->ld_errno );
914 if ( ld->ld_errno == LDAP_TIMEOUT ) {
915 (void) ldap_abandon( ld, msgid );
916 ld->ld_errno = LDAP_TIMEOUT;
917 return( ld->ld_errno );
920 return( ldap_result2error( ld, *res, 0 ));
926 LDAP *ld, LDAP_CONST char *url, int attrsonly, LDAPMessage **res )
930 if (( msgid = ldap_url_search( ld, url, attrsonly )) == -1 ) {
931 return( ld->ld_errno );
934 if ( ldap_result( ld, msgid, 1, (struct timeval *)NULL, res ) == -1 ) {
935 return( ld->ld_errno );
938 return( ldap_result2error( ld, *res, 0 ));
943 ldap_pvt_hex_unescape( char *s )
946 * Remove URL hex escapes from s... done in place. The basic concept for
947 * this routine is borrowed from the WWW library HTUnEscape() routine.
951 for ( p = s; *s != '\0'; ++s ) {
953 if ( *++s != '\0' ) {
954 *p = ldap_pvt_unhex( *s ) << 4;
956 if ( *++s != '\0' ) {
957 *p++ += ldap_pvt_unhex( *s );
969 ldap_pvt_unhex( int c )
971 return( c >= '0' && c <= '9' ? c - '0'
972 : c >= 'A' && c <= 'F' ? c - 'A' + 10