X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=libraries%2Flibldap%2Fopen.c;h=91368ec9786a80802a0988c4de638dad7312fd63;hb=8e48a3c3178e7ba17305a8553602b49be0c25f24;hp=4ee3c1b269d56c0f06f89c55153338b4ddec22c4;hpb=95eea5acccaffb85ee2ac4ffcf4cd45dbb0fc4a0;p=openldap
diff --git a/libraries/libldap/open.c b/libraries/libldap/open.c
index 4ee3c1b269..91368ec978 100644
--- a/libraries/libldap/open.c
+++ b/libraries/libldap/open.c
@@ -1,19 +1,27 @@
/* $OpenLDAP$ */
-/*
- * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
- */
-/* Portions
- * Copyright (c) 1995 Regents of the University of Michigan.
- * All rights reserved.
+/* This work is part of OpenLDAP Software .
+ *
+ * Copyright 1998-2006 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
*
- * open.c
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * .
+ */
+/* Portions Copyright (c) 1995 Regents of the University of Michigan.
+ * All rights reserved.
*/
#include "portable.h"
#include
+#ifdef HAVE_LIMITS_H
#include
+#endif
#include
@@ -22,12 +30,16 @@
#include
#include
+#include
+
#include "ldap-int.h"
+#include "ldap_log.h"
+/* Caller should hold the req_mutex if simultaneous accesses are possible */
int ldap_open_defconn( LDAP *ld )
{
ld->ld_defconn = ldap_new_connection( ld,
- ld->ld_options.ldo_defludp, 1, 1, NULL );
+ &ld->ld_options.ldo_defludp, 1, 1, NULL );
if( ld->ld_defconn == NULL ) {
ld->ld_errno = LDAP_SERVER_DOWN;
@@ -54,9 +66,11 @@ ldap_open( LDAP_CONST char *host, int port )
int rc;
LDAP *ld;
- Debug( LDAP_DEBUG_TRACE, "ldap_open\n", 0, 0, 0 );
+ Debug( LDAP_DEBUG_TRACE, "ldap_open(%s, %d)\n",
+ host, port, 0 );
- if (( ld = ldap_init( host, port )) == NULL ) {
+ ld = ldap_init( host, port );
+ if ( ld == NULL ) {
return( NULL );
}
@@ -64,13 +78,13 @@ ldap_open( LDAP_CONST char *host, int port )
if( rc < 0 ) {
ldap_ld_free( ld, 0, NULL, NULL );
- return( NULL );
+ ld = NULL;
}
- Debug( LDAP_DEBUG_TRACE, "ldap_open successful, ld_host is %s\n",
- ( ld->ld_host == NULL ) ? "(null)" : ld->ld_host, 0, 0 );
+ Debug( LDAP_DEBUG_TRACE, "ldap_open: %s\n",
+ ld == NULL ? "succeeded" : "failed", 0, 0 );
- return( ld );
+ return ld;
}
@@ -90,58 +104,27 @@ ldap_create( LDAP **ldp )
/* Initialize the global options, if not already done. */
if( gopts->ldo_valid != LDAP_INITIALIZED ) {
ldap_int_initialize(gopts, NULL);
+ if ( gopts->ldo_valid != LDAP_INITIALIZED )
+ return LDAP_LOCAL_ERROR;
}
Debug( LDAP_DEBUG_TRACE, "ldap_create\n", 0, 0, 0 );
-#ifdef HAVE_WINSOCK2
-{ WORD wVersionRequested;
- WSADATA wsaData;
-
- wVersionRequested = MAKEWORD( 2, 0 );
- if ( WSAStartup( wVersionRequested, &wsaData ) != 0 ) {
- /* Tell the user that we couldn't find a usable */
- /* WinSock DLL. */
- return LDAP_LOCAL_ERROR;
- }
-
- /* Confirm that the WinSock DLL supports 2.0.*/
- /* Note that if the DLL supports versions greater */
- /* than 2.0 in addition to 2.0, it will still return */
- /* 2.0 in wVersion since that is the version we */
- /* requested. */
-
- if ( LOBYTE( wsaData.wVersion ) != 2 ||
- HIBYTE( wsaData.wVersion ) != 0 )
- {
- /* Tell the user that we couldn't find a usable */
- /* WinSock DLL. */
- WSACleanup( );
- return LDAP_LOCAL_ERROR;
- }
-} /* The WinSock DLL is acceptable. Proceed. */
-
-#elif HAVE_WINSOCK
-{ WSADATA wsaData;
- if ( WSAStartup( 0x0101, &wsaData ) != 0 ) {
- return LDAP_LOCAL_ERROR;
- }
-}
-#endif
-
if ( (ld = (LDAP *) LDAP_CALLOC( 1, sizeof(LDAP) )) == NULL ) {
- WSACleanup( );
return( LDAP_NO_MEMORY );
}
/* copy the global options */
- memcpy(&ld->ld_options, gopts, sizeof(ld->ld_options));
+ AC_MEMCPY(&ld->ld_options, gopts, sizeof(ld->ld_options));
ld->ld_valid = LDAP_VALID_SESSION;
/* but not pointers to malloc'ed items */
ld->ld_options.ldo_sctrls = NULL;
ld->ld_options.ldo_cctrls = NULL;
+ ld->ld_options.ldo_tm_api = NULL;
+ ld->ld_options.ldo_tm_net = NULL;
+ ld->ld_options.ldo_defludp = NULL;
#ifdef HAVE_CYRUS_SASL
ld->ld_options.ldo_def_sasl_mech = gopts->ldo_def_sasl_mech
@@ -154,33 +137,57 @@ ldap_create( LDAP **ldp )
? LDAP_STRDUP( gopts->ldo_def_sasl_authzid ) : NULL;
#endif
- ld->ld_options.ldo_defludp = ldap_url_duplist(gopts->ldo_defludp);
+#ifdef HAVE_TLS
+ /* We explicitly inherit the SSL_CTX, don't need the names/paths. Leave
+ * them empty to allow new SSL_CTX's to be created from scratch.
+ */
+ memset( &ld->ld_options.ldo_tls_info, 0,
+ sizeof( ld->ld_options.ldo_tls_info ));
+ ld->ld_options.ldo_tls_ctx = NULL;
+#endif
- if ( ld->ld_options.ldo_defludp == NULL ) {
- LDAP_FREE( (char*)ld );
- WSACleanup( );
- return LDAP_NO_MEMORY;
- }
+ if ( gopts->ldo_tm_api &&
+ ldap_int_timeval_dup( &ld->ld_options.ldo_tm_api, gopts->ldo_tm_api ))
+ goto nomem;
- if (( ld->ld_selectinfo = ldap_new_select_info()) == NULL ) {
- ldap_free_urllist( ld->ld_options.ldo_defludp );
- LDAP_FREE( (char*) ld );
- WSACleanup( );
- return LDAP_NO_MEMORY;
+ if ( gopts->ldo_tm_net &&
+ ldap_int_timeval_dup( &ld->ld_options.ldo_tm_net, gopts->ldo_tm_net ))
+ goto nomem;
+
+ if ( gopts->ldo_defludp ) {
+ ld->ld_options.ldo_defludp = ldap_url_duplist(gopts->ldo_defludp);
+
+ if ( ld->ld_options.ldo_defludp == NULL ) goto nomem;
}
+ if (( ld->ld_selectinfo = ldap_new_select_info()) == NULL ) goto nomem;
+
ld->ld_lberoptions = LBER_USE_DER;
ld->ld_sb = ber_sockbuf_alloc( );
- if ( ld->ld_sb == NULL ) {
- ldap_free_urllist( ld->ld_options.ldo_defludp );
- LDAP_FREE( (char*) ld );
- WSACleanup( );
- return LDAP_NO_MEMORY;
- }
+ if ( ld->ld_sb == NULL ) goto nomem;
+#ifdef LDAP_R_COMPILE
+ ldap_pvt_thread_mutex_init( &ld->ld_req_mutex );
+ ldap_pvt_thread_mutex_init( &ld->ld_res_mutex );
+ ldap_pvt_thread_mutex_init( &ld->ld_conn_mutex );
+#endif
*ldp = ld;
return LDAP_SUCCESS;
+
+nomem:
+ ldap_free_select_info( ld->ld_selectinfo );
+ ldap_free_urllist( ld->ld_options.ldo_defludp );
+ LDAP_FREE( ld->ld_options.ldo_tm_net );
+ LDAP_FREE( ld->ld_options.ldo_tm_api );
+#ifdef HAVE_CYRUS_SASL
+ LDAP_FREE( ld->ld_options.ldo_def_sasl_authzid );
+ LDAP_FREE( ld->ld_options.ldo_def_sasl_authcid );
+ LDAP_FREE( ld->ld_options.ldo_def_sasl_realm );
+ LDAP_FREE( ld->ld_options.ldo_def_sasl_mech );
+#endif
+ LDAP_FREE( (char *)ld );
+ return LDAP_NO_MEMORY;
}
/*
@@ -234,53 +241,16 @@ ldap_initialize( LDAP **ldp, LDAP_CONST char *url )
ldap_ld_free(ld, 1, NULL, NULL);
return rc;
}
+#ifdef LDAP_CONNECTIONLESS
+ if (ldap_is_ldapc_url(url))
+ LDAP_IS_UDP(ld) = 1;
+#endif
}
*ldp = ld;
return LDAP_SUCCESS;
}
-int
-ldap_start_tls_s ( LDAP *ld,
- LDAPControl **serverctrls,
- LDAPControl **clientctrls )
-{
-#ifdef HAVE_TLS
- LDAPConn *lc;
- int rc;
- char *rspoid = NULL;
- struct berval *rspdata = NULL;
-
- if (ld->ld_conns == NULL) {
- rc = ldap_open_defconn( ld );
- if (rc != LDAP_SUCCESS)
- return(rc);
- }
-
- for (lc = ld->ld_conns; lc != NULL; lc = lc->lconn_next) {
- if (ldap_pvt_tls_inplace(lc->lconn_sb) != 0)
- return LDAP_OPERATIONS_ERROR;
-
- /* XXYYZ: this initiates operaton only on default connection! */
- rc = ldap_extended_operation_s(ld, LDAP_EXOP_START_TLS,
- NULL, serverctrls, clientctrls, &rspoid, &rspdata);
-
- if (rc != LDAP_SUCCESS)
- return rc;
- if (rspoid != NULL)
- LDAP_FREE(rspoid);
- if (rspdata != NULL)
- ber_bvfree(rspdata);
- rc = ldap_pvt_tls_start( ld, lc->lconn_sb, ld->ld_options.ldo_tls_ctx );
- if (rc != LDAP_SUCCESS)
- return rc;
- }
- return LDAP_SUCCESS;
-#else
- return LDAP_NOT_SUPPORTED;
-#endif
-}
-
int
ldap_int_open_connection(
LDAP *ld,
@@ -289,56 +259,85 @@ ldap_int_open_connection(
int async )
{
int rc = -1;
-#ifdef HAVE_CYRUS_SASL
- char *sasl_host = NULL;
- int sasl_ssf = 0;
-#endif
- int port;
- long addr;
+ char *host;
+ int port, proto;
Debug( LDAP_DEBUG_TRACE, "ldap_int_open_connection\n", 0, 0, 0 );
- port = srv->lud_port;
- if (port == 0)
- port = ld->ld_options.ldo_defport;
- port = htons( (short) port );
+ switch ( proto = ldap_pvt_url_scheme2proto( srv->lud_scheme ) ) {
+ case LDAP_PROTO_TCP:
+ port = srv->lud_port;
- addr = 0;
- if ( srv->lud_host == NULL || *srv->lud_host == 0 )
- addr = htonl( INADDR_LOOPBACK );
+ if ( srv->lud_host == NULL || *srv->lud_host == 0 ) {
+ host = NULL;
+ } else {
+ host = srv->lud_host;
+ }
+
+ if( !port ) {
+ if( strcmp(srv->lud_scheme, "ldaps") == 0 ) {
+ port = LDAPS_PORT;
+ } else {
+ port = LDAP_PORT;
+ }
+ }
+
+ rc = ldap_connect_to_host( ld, conn->lconn_sb,
+ proto, host, port, async );
- switch ( ldap_pvt_url_scheme2proto( srv->lud_scheme ) ) {
- case LDAP_PROTO_TCP:
- rc = ldap_connect_to_host( ld, conn->lconn_sb, 0,
- srv->lud_host, addr, port, async );
if ( rc == -1 ) return rc;
+
+#ifdef LDAP_DEBUG
+ ber_sockbuf_add_io( conn->lconn_sb, &ber_sockbuf_io_debug,
+ LBER_SBIOD_LEVEL_PROVIDER, (void *)"tcp_" );
+#endif
ber_sockbuf_add_io( conn->lconn_sb, &ber_sockbuf_io_tcp,
LBER_SBIOD_LEVEL_PROVIDER, NULL );
-#ifdef HAVE_CYRUS_SASL
- sasl_host = ldap_host_connected_to( conn->lconn_sb );
-#endif
break;
+
+#ifdef LDAP_CONNECTIONLESS
case LDAP_PROTO_UDP:
- rc = ldap_connect_to_host( ld, conn->lconn_sb, 1,
- srv->lud_host, addr, port, async );
+ port = srv->lud_port;
+
+ if ( srv->lud_host == NULL || *srv->lud_host == 0 ) {
+ host = NULL;
+ } else {
+ host = srv->lud_host;
+ }
+
+ if( !port ) port = LDAP_PORT;
+
+ LDAP_IS_UDP(ld) = 1;
+ rc = ldap_connect_to_host( ld, conn->lconn_sb,
+ proto, host, port, async );
+
if ( rc == -1 ) return rc;
+#ifdef LDAP_DEBUG
+ ber_sockbuf_add_io( conn->lconn_sb, &ber_sockbuf_io_debug,
+ LBER_SBIOD_LEVEL_PROVIDER, (void *)"udp_" );
+#endif
ber_sockbuf_add_io( conn->lconn_sb, &ber_sockbuf_io_udp,
LBER_SBIOD_LEVEL_PROVIDER, NULL );
+
+ ber_sockbuf_add_io( conn->lconn_sb, &ber_sockbuf_io_readahead,
+ LBER_SBIOD_LEVEL_PROVIDER, NULL );
+
break;
+#endif
case LDAP_PROTO_IPC:
#ifdef LDAP_PF_LOCAL
/* only IPC mechanism supported is PF_LOCAL (PF_UNIX) */
- rc = ldap_connect_to_path( ld, conn->lconn_sb, 0,
+ rc = ldap_connect_to_path( ld, conn->lconn_sb,
srv->lud_host, async );
if ( rc == -1 ) return rc;
+#ifdef LDAP_DEBUG
+ ber_sockbuf_add_io( conn->lconn_sb, &ber_sockbuf_io_debug,
+ LBER_SBIOD_LEVEL_PROVIDER, (void *)"ipc_" );
+#endif
ber_sockbuf_add_io( conn->lconn_sb, &ber_sockbuf_io_fd,
LBER_SBIOD_LEVEL_PROVIDER, NULL );
-#ifdef HAVE_CYRUS_SASL
- sasl_host = ldap_host_connected_to( conn->lconn_sb );
- sasl_ssf = LDAP_PVT_SASL_LOCAL_SSF;
-#endif
break;
#endif /* LDAP_PF_LOCAL */
default:
@@ -346,43 +345,98 @@ ldap_int_open_connection(
break;
}
-#ifdef HAVE_CYRUS_SASL
- if( sasl_host != NULL ) {
- ldap_int_sasl_open( ld, conn, sasl_host, sasl_ssf );
- }
-#endif
-
- ber_sockbuf_add_io( conn->lconn_sb, &ber_sockbuf_io_readahead,
- LBER_SBIOD_LEVEL_PROVIDER, NULL );
#ifdef LDAP_DEBUG
ber_sockbuf_add_io( conn->lconn_sb, &ber_sockbuf_io_debug,
- INT_MAX, NULL );
+ INT_MAX, (void *)"ldap_" );
+#endif
+
+#ifdef LDAP_CONNECTIONLESS
+ if( proto == LDAP_PROTO_UDP ) return 0;
#endif
#ifdef HAVE_TLS
if (ld->ld_options.ldo_tls_mode == LDAP_OPT_X_TLS_HARD ||
strcmp( srv->lud_scheme, "ldaps" ) == 0 )
{
- rc = ldap_pvt_tls_start( ld, conn->lconn_sb,
- ld->ld_options.ldo_tls_ctx );
- if (rc != LDAP_SUCCESS)
- return rc;
+ ++conn->lconn_refcnt; /* avoid premature free */
+
+ rc = ldap_int_tls_start( ld, conn, srv );
+
+ --conn->lconn_refcnt;
+
+ if (rc != LDAP_SUCCESS) {
+ return -1;
+ }
}
#endif
- if ( conn->lconn_krbinstance != NULL ) {
#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
+ if ( conn->lconn_krbinstance == NULL ) {
char *c;
- conn->lconn_krbinstance = ldap_host_connected_to( conn->sb );
+ conn->lconn_krbinstance = ldap_host_connected_to(
+ conn->lconn_sb, host );
if( conn->lconn_krbinstance != NULL &&
( c = strchr( conn->lconn_krbinstance, '.' )) != NULL ) {
*c = '\0';
}
-#else /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
- conn->lconn_krbinstance = NULL;
-#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
}
+#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
return( 0 );
}
+
+
+int
+ldap_open_internal_connection( LDAP **ldp, ber_socket_t *fdp )
+{
+ int rc;
+ LDAPConn *c;
+ LDAPRequest *lr;
+
+ rc = ldap_create( ldp );
+ if( rc != LDAP_SUCCESS ) {
+ *ldp = NULL;
+ return( rc );
+ }
+
+ /* Make it appear that a search request, msgid 0, was sent */
+ lr = (LDAPRequest *)LDAP_CALLOC( 1, sizeof( LDAPRequest ));
+ if( lr == NULL ) {
+ ldap_unbind_ext( *ldp, NULL, NULL );
+ *ldp = NULL;
+ return( LDAP_NO_MEMORY );
+ }
+ memset(lr, 0, sizeof( LDAPRequest ));
+ lr->lr_msgid = 0;
+ lr->lr_status = LDAP_REQST_INPROGRESS;
+ lr->lr_res_errno = LDAP_SUCCESS;
+ /* no mutex lock needed, we just created this ld here */
+ (*ldp)->ld_requests = lr;
+
+ /* Attach the passed socket as the *LDAP's connection */
+ c = ldap_new_connection( *ldp, NULL, 1, 0, NULL);
+ if( c == NULL ) {
+ ldap_unbind_ext( *ldp, NULL, NULL );
+ *ldp = NULL;
+ return( LDAP_NO_MEMORY );
+ }
+ ber_sockbuf_ctrl( c->lconn_sb, LBER_SB_OPT_SET_FD, fdp );
+#ifdef LDAP_DEBUG
+ ber_sockbuf_add_io( c->lconn_sb, &ber_sockbuf_io_debug,
+ LBER_SBIOD_LEVEL_PROVIDER, (void *)"int_" );
+#endif
+ ber_sockbuf_add_io( c->lconn_sb, &ber_sockbuf_io_tcp,
+ LBER_SBIOD_LEVEL_PROVIDER, NULL );
+ (*ldp)->ld_defconn = c;
+
+ /* Add the connection to the *LDAP's select pool */
+ ldap_mark_select_read( *ldp, c->lconn_sb );
+ ldap_mark_select_write( *ldp, c->lconn_sb );
+
+ /* Make this connection an LDAP V3 protocol connection */
+ rc = LDAP_VERSION3;
+ ldap_set_option( *ldp, LDAP_OPT_PROTOCOL_VERSION, &rc );
+
+ return( LDAP_SUCCESS );
+}