Annotation of embedaddon/curl/lib/openldap.c, revision 1.1.1.1
1.1 misho 1: /***************************************************************************
2: * _ _ ____ _
3: * Project ___| | | | _ \| |
4: * / __| | | | |_) | |
5: * | (__| |_| | _ <| |___
6: * \___|\___/|_| \_\_____|
7: *
8: * Copyright (C) 2010, Howard Chu, <hyc@openldap.org>
9: * Copyright (C) 2011 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
10: *
11: * This software is licensed as described in the file COPYING, which
12: * you should have received as part of this distribution. The terms
13: * are also available at https://curl.haxx.se/docs/copyright.html.
14: *
15: * You may opt to use, copy, modify, merge, publish, distribute and/or sell
16: * copies of the Software, and permit persons to whom the Software is
17: * furnished to do so, under the terms of the COPYING file.
18: *
19: * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
20: * KIND, either express or implied.
21: *
22: ***************************************************************************/
23:
24: #include "curl_setup.h"
25:
26: #if !defined(CURL_DISABLE_LDAP) && defined(USE_OPENLDAP)
27:
28: /*
29: * Notice that USE_OPENLDAP is only a source code selection switch. When
30: * libcurl is built with USE_OPENLDAP defined the libcurl source code that
31: * gets compiled is the code from openldap.c, otherwise the code that gets
32: * compiled is the code from ldap.c.
33: *
34: * When USE_OPENLDAP is defined a recent version of the OpenLDAP library
35: * might be required for compilation and runtime. In order to use ancient
36: * OpenLDAP library versions, USE_OPENLDAP shall not be defined.
37: */
38:
39: #include <ldap.h>
40:
41: #include "urldata.h"
42: #include <curl/curl.h>
43: #include "sendf.h"
44: #include "vtls/vtls.h"
45: #include "transfer.h"
46: #include "curl_ldap.h"
47: #include "curl_base64.h"
48: #include "connect.h"
49: /* The last 3 #include files should be in this order */
50: #include "curl_printf.h"
51: #include "curl_memory.h"
52: #include "memdebug.h"
53:
54: /*
55: * Uncommenting this will enable the built-in debug logging of the openldap
56: * library. The debug log level can be set using the CURL_OPENLDAP_TRACE
57: * environment variable. The debug output is written to stderr.
58: *
59: * The library supports the following debug flags:
60: * LDAP_DEBUG_NONE 0x0000
61: * LDAP_DEBUG_TRACE 0x0001
62: * LDAP_DEBUG_CONSTRUCT 0x0002
63: * LDAP_DEBUG_DESTROY 0x0004
64: * LDAP_DEBUG_PARAMETER 0x0008
65: * LDAP_DEBUG_ANY 0xffff
66: *
67: * For example, use CURL_OPENLDAP_TRACE=0 for no debug,
68: * CURL_OPENLDAP_TRACE=2 for LDAP_DEBUG_CONSTRUCT messages only,
69: * CURL_OPENLDAP_TRACE=65535 for all debug message levels.
70: */
71: /* #define CURL_OPENLDAP_DEBUG */
72:
73: #ifndef _LDAP_PVT_H
74: extern int ldap_pvt_url_scheme2proto(const char *);
75: extern int ldap_init_fd(ber_socket_t fd, int proto, const char *url,
76: LDAP **ld);
77: #endif
78:
79: static CURLcode ldap_setup_connection(struct connectdata *conn);
80: static CURLcode ldap_do(struct connectdata *conn, bool *done);
81: static CURLcode ldap_done(struct connectdata *conn, CURLcode, bool);
82: static CURLcode ldap_connect(struct connectdata *conn, bool *done);
83: static CURLcode ldap_connecting(struct connectdata *conn, bool *done);
84: static CURLcode ldap_disconnect(struct connectdata *conn, bool dead);
85:
86: static Curl_recv ldap_recv;
87:
88: /*
89: * LDAP protocol handler.
90: */
91:
92: const struct Curl_handler Curl_handler_ldap = {
93: "LDAP", /* scheme */
94: ldap_setup_connection, /* setup_connection */
95: ldap_do, /* do_it */
96: ldap_done, /* done */
97: ZERO_NULL, /* do_more */
98: ldap_connect, /* connect_it */
99: ldap_connecting, /* connecting */
100: ZERO_NULL, /* doing */
101: ZERO_NULL, /* proto_getsock */
102: ZERO_NULL, /* doing_getsock */
103: ZERO_NULL, /* domore_getsock */
104: ZERO_NULL, /* perform_getsock */
105: ldap_disconnect, /* disconnect */
106: ZERO_NULL, /* readwrite */
107: ZERO_NULL, /* connection_check */
108: PORT_LDAP, /* defport */
109: CURLPROTO_LDAP, /* protocol */
110: PROTOPT_NONE /* flags */
111: };
112:
113: #ifdef USE_SSL
114: /*
115: * LDAPS protocol handler.
116: */
117:
118: const struct Curl_handler Curl_handler_ldaps = {
119: "LDAPS", /* scheme */
120: ldap_setup_connection, /* setup_connection */
121: ldap_do, /* do_it */
122: ldap_done, /* done */
123: ZERO_NULL, /* do_more */
124: ldap_connect, /* connect_it */
125: ldap_connecting, /* connecting */
126: ZERO_NULL, /* doing */
127: ZERO_NULL, /* proto_getsock */
128: ZERO_NULL, /* doing_getsock */
129: ZERO_NULL, /* domore_getsock */
130: ZERO_NULL, /* perform_getsock */
131: ldap_disconnect, /* disconnect */
132: ZERO_NULL, /* readwrite */
133: ZERO_NULL, /* connection_check */
134: PORT_LDAPS, /* defport */
135: CURLPROTO_LDAP, /* protocol */
136: PROTOPT_SSL /* flags */
137: };
138: #endif
139:
140: static const char *url_errs[] = {
141: "success",
142: "out of memory",
143: "bad parameter",
144: "unrecognized scheme",
145: "unbalanced delimiter",
146: "bad URL",
147: "bad host or port",
148: "bad or missing attributes",
149: "bad or missing scope",
150: "bad or missing filter",
151: "bad or missing extensions"
152: };
153:
154: struct ldapconninfo {
155: LDAP *ld;
156: Curl_recv *recv; /* for stacking SSL handler */
157: Curl_send *send;
158: int proto;
159: int msgid;
160: bool ssldone;
161: bool sslinst;
162: bool didbind;
163: };
164:
165: typedef struct ldapreqinfo {
166: int msgid;
167: int nument;
168: } ldapreqinfo;
169:
170: static CURLcode ldap_setup_connection(struct connectdata *conn)
171: {
172: struct ldapconninfo *li;
173: LDAPURLDesc *lud;
174: struct Curl_easy *data = conn->data;
175: int rc, proto;
176: CURLcode status;
177:
178: rc = ldap_url_parse(data->change.url, &lud);
179: if(rc != LDAP_URL_SUCCESS) {
180: const char *msg = "url parsing problem";
181: status = CURLE_URL_MALFORMAT;
182: if(rc > LDAP_URL_SUCCESS && rc <= LDAP_URL_ERR_BADEXTS) {
183: if(rc == LDAP_URL_ERR_MEM)
184: status = CURLE_OUT_OF_MEMORY;
185: msg = url_errs[rc];
186: }
187: failf(conn->data, "LDAP local: %s", msg);
188: return status;
189: }
190: proto = ldap_pvt_url_scheme2proto(lud->lud_scheme);
191: ldap_free_urldesc(lud);
192:
193: li = calloc(1, sizeof(struct ldapconninfo));
194: if(!li)
195: return CURLE_OUT_OF_MEMORY;
196: li->proto = proto;
197: conn->proto.ldapc = li;
198: connkeep(conn, "OpenLDAP default");
199: return CURLE_OK;
200: }
201:
202: #ifdef USE_SSL
203: static Sockbuf_IO ldapsb_tls;
204: #endif
205:
206: static CURLcode ldap_connect(struct connectdata *conn, bool *done)
207: {
208: struct ldapconninfo *li = conn->proto.ldapc;
209: struct Curl_easy *data = conn->data;
210: int rc, proto = LDAP_VERSION3;
211: char hosturl[1024];
212: char *ptr;
213:
214: (void)done;
215:
216: strcpy(hosturl, "ldap");
217: ptr = hosturl + 4;
218: if(conn->handler->flags & PROTOPT_SSL)
219: *ptr++ = 's';
220: msnprintf(ptr, sizeof(hosturl)-(ptr-hosturl), "://%s:%d",
221: conn->host.name, conn->remote_port);
222:
223: #ifdef CURL_OPENLDAP_DEBUG
224: static int do_trace = 0;
225: const char *env = getenv("CURL_OPENLDAP_TRACE");
226: do_trace = (env && strtol(env, NULL, 10) > 0);
227: if(do_trace) {
228: ldap_set_option(li->ld, LDAP_OPT_DEBUG_LEVEL, &do_trace);
229: }
230: #endif
231:
232: rc = ldap_init_fd(conn->sock[FIRSTSOCKET], li->proto, hosturl, &li->ld);
233: if(rc) {
234: failf(data, "LDAP local: Cannot connect to %s, %s",
235: hosturl, ldap_err2string(rc));
236: return CURLE_COULDNT_CONNECT;
237: }
238:
239: ldap_set_option(li->ld, LDAP_OPT_PROTOCOL_VERSION, &proto);
240:
241: #ifdef USE_SSL
242: if(conn->handler->flags & PROTOPT_SSL) {
243: CURLcode result;
244: result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, &li->ssldone);
245: if(result)
246: return result;
247: }
248: #endif
249:
250: return CURLE_OK;
251: }
252:
253: static CURLcode ldap_connecting(struct connectdata *conn, bool *done)
254: {
255: struct ldapconninfo *li = conn->proto.ldapc;
256: struct Curl_easy *data = conn->data;
257: LDAPMessage *msg = NULL;
258: struct timeval tv = {0, 1}, *tvp;
259: int rc, err;
260: char *info = NULL;
261:
262: #ifdef USE_SSL
263: if(conn->handler->flags & PROTOPT_SSL) {
264: /* Is the SSL handshake complete yet? */
265: if(!li->ssldone) {
266: CURLcode result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET,
267: &li->ssldone);
268: if(result || !li->ssldone)
269: return result;
270: }
271:
272: /* Have we installed the libcurl SSL handlers into the sockbuf yet? */
273: if(!li->sslinst) {
274: Sockbuf *sb;
275: ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb);
276: ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, conn);
277: li->sslinst = TRUE;
278: li->recv = conn->recv[FIRSTSOCKET];
279: li->send = conn->send[FIRSTSOCKET];
280: }
281: }
282: #endif
283:
284: tvp = &tv;
285:
286: retry:
287: if(!li->didbind) {
288: char *binddn;
289: struct berval passwd;
290:
291: if(conn->bits.user_passwd) {
292: binddn = conn->user;
293: passwd.bv_val = conn->passwd;
294: passwd.bv_len = strlen(passwd.bv_val);
295: }
296: else {
297: binddn = NULL;
298: passwd.bv_val = NULL;
299: passwd.bv_len = 0;
300: }
301: rc = ldap_sasl_bind(li->ld, binddn, LDAP_SASL_SIMPLE, &passwd,
302: NULL, NULL, &li->msgid);
303: if(rc)
304: return CURLE_LDAP_CANNOT_BIND;
305: li->didbind = TRUE;
306: if(tvp)
307: return CURLE_OK;
308: }
309:
310: rc = ldap_result(li->ld, li->msgid, LDAP_MSG_ONE, tvp, &msg);
311: if(rc < 0) {
312: failf(data, "LDAP local: bind ldap_result %s", ldap_err2string(rc));
313: return CURLE_LDAP_CANNOT_BIND;
314: }
315: if(rc == 0) {
316: /* timed out */
317: return CURLE_OK;
318: }
319:
320: rc = ldap_parse_result(li->ld, msg, &err, NULL, &info, NULL, NULL, 1);
321: if(rc) {
322: failf(data, "LDAP local: bind ldap_parse_result %s", ldap_err2string(rc));
323: return CURLE_LDAP_CANNOT_BIND;
324: }
325:
326: /* Try to fallback to LDAPv2? */
327: if(err == LDAP_PROTOCOL_ERROR) {
328: int proto;
329: ldap_get_option(li->ld, LDAP_OPT_PROTOCOL_VERSION, &proto);
330: if(proto == LDAP_VERSION3) {
331: if(info) {
332: ldap_memfree(info);
333: info = NULL;
334: }
335: proto = LDAP_VERSION2;
336: ldap_set_option(li->ld, LDAP_OPT_PROTOCOL_VERSION, &proto);
337: li->didbind = FALSE;
338: goto retry;
339: }
340: }
341:
342: if(err) {
343: failf(data, "LDAP remote: bind failed %s %s", ldap_err2string(rc),
344: info ? info : "");
345: if(info)
346: ldap_memfree(info);
347: return CURLE_LOGIN_DENIED;
348: }
349:
350: if(info)
351: ldap_memfree(info);
352: conn->recv[FIRSTSOCKET] = ldap_recv;
353: *done = TRUE;
354:
355: return CURLE_OK;
356: }
357:
358: static CURLcode ldap_disconnect(struct connectdata *conn, bool dead_connection)
359: {
360: struct ldapconninfo *li = conn->proto.ldapc;
361: (void) dead_connection;
362:
363: if(li) {
364: if(li->ld) {
365: ldap_unbind_ext(li->ld, NULL, NULL);
366: li->ld = NULL;
367: }
368: conn->proto.ldapc = NULL;
369: free(li);
370: }
371: return CURLE_OK;
372: }
373:
374: static CURLcode ldap_do(struct connectdata *conn, bool *done)
375: {
376: struct ldapconninfo *li = conn->proto.ldapc;
377: ldapreqinfo *lr;
378: CURLcode status = CURLE_OK;
379: int rc = 0;
380: LDAPURLDesc *ludp = NULL;
381: int msgid;
382: struct Curl_easy *data = conn->data;
383:
384: connkeep(conn, "OpenLDAP do");
385:
386: infof(data, "LDAP local: %s\n", data->change.url);
387:
388: rc = ldap_url_parse(data->change.url, &ludp);
389: if(rc != LDAP_URL_SUCCESS) {
390: const char *msg = "url parsing problem";
391: status = CURLE_URL_MALFORMAT;
392: if(rc > LDAP_URL_SUCCESS && rc <= LDAP_URL_ERR_BADEXTS) {
393: if(rc == LDAP_URL_ERR_MEM)
394: status = CURLE_OUT_OF_MEMORY;
395: msg = url_errs[rc];
396: }
397: failf(conn->data, "LDAP local: %s", msg);
398: return status;
399: }
400:
401: rc = ldap_search_ext(li->ld, ludp->lud_dn, ludp->lud_scope,
402: ludp->lud_filter, ludp->lud_attrs, 0,
403: NULL, NULL, NULL, 0, &msgid);
404: ldap_free_urldesc(ludp);
405: if(rc != LDAP_SUCCESS) {
406: failf(data, "LDAP local: ldap_search_ext %s", ldap_err2string(rc));
407: return CURLE_LDAP_SEARCH_FAILED;
408: }
409: lr = calloc(1, sizeof(ldapreqinfo));
410: if(!lr)
411: return CURLE_OUT_OF_MEMORY;
412: lr->msgid = msgid;
413: data->req.protop = lr;
414: Curl_setup_transfer(data, FIRSTSOCKET, -1, FALSE, -1);
415: *done = TRUE;
416: return CURLE_OK;
417: }
418:
419: static CURLcode ldap_done(struct connectdata *conn, CURLcode res,
420: bool premature)
421: {
422: ldapreqinfo *lr = conn->data->req.protop;
423:
424: (void)res;
425: (void)premature;
426:
427: if(lr) {
428: /* if there was a search in progress, abandon it */
429: if(lr->msgid) {
430: struct ldapconninfo *li = conn->proto.ldapc;
431: ldap_abandon_ext(li->ld, lr->msgid, NULL, NULL);
432: lr->msgid = 0;
433: }
434: conn->data->req.protop = NULL;
435: free(lr);
436: }
437:
438: return CURLE_OK;
439: }
440:
441: static ssize_t ldap_recv(struct connectdata *conn, int sockindex, char *buf,
442: size_t len, CURLcode *err)
443: {
444: struct ldapconninfo *li = conn->proto.ldapc;
445: struct Curl_easy *data = conn->data;
446: ldapreqinfo *lr = data->req.protop;
447: int rc, ret;
448: LDAPMessage *msg = NULL;
449: LDAPMessage *ent;
450: BerElement *ber = NULL;
451: struct timeval tv = {0, 1};
452:
453: (void)len;
454: (void)buf;
455: (void)sockindex;
456:
457: rc = ldap_result(li->ld, lr->msgid, LDAP_MSG_RECEIVED, &tv, &msg);
458: if(rc < 0) {
459: failf(data, "LDAP local: search ldap_result %s", ldap_err2string(rc));
460: *err = CURLE_RECV_ERROR;
461: return -1;
462: }
463:
464: *err = CURLE_AGAIN;
465: ret = -1;
466:
467: /* timed out */
468: if(!msg)
469: return ret;
470:
471: for(ent = ldap_first_message(li->ld, msg); ent;
472: ent = ldap_next_message(li->ld, ent)) {
473: struct berval bv, *bvals;
474: int binary = 0, msgtype;
475: CURLcode writeerr;
476:
477: msgtype = ldap_msgtype(ent);
478: if(msgtype == LDAP_RES_SEARCH_RESULT) {
479: int code;
480: char *info = NULL;
481: rc = ldap_parse_result(li->ld, ent, &code, NULL, &info, NULL, NULL, 0);
482: if(rc) {
483: failf(data, "LDAP local: search ldap_parse_result %s",
484: ldap_err2string(rc));
485: *err = CURLE_LDAP_SEARCH_FAILED;
486: }
487: else if(code && code != LDAP_SIZELIMIT_EXCEEDED) {
488: failf(data, "LDAP remote: search failed %s %s", ldap_err2string(rc),
489: info ? info : "");
490: *err = CURLE_LDAP_SEARCH_FAILED;
491: }
492: else {
493: /* successful */
494: if(code == LDAP_SIZELIMIT_EXCEEDED)
495: infof(data, "There are more than %d entries\n", lr->nument);
496: data->req.size = data->req.bytecount;
497: *err = CURLE_OK;
498: ret = 0;
499: }
500: lr->msgid = 0;
501: ldap_memfree(info);
502: break;
503: }
504: else if(msgtype != LDAP_RES_SEARCH_ENTRY)
505: continue;
506:
507: lr->nument++;
508: rc = ldap_get_dn_ber(li->ld, ent, &ber, &bv);
509: if(rc < 0) {
510: *err = CURLE_RECV_ERROR;
511: return -1;
512: }
513: writeerr = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"DN: ", 4);
514: if(writeerr) {
515: *err = writeerr;
516: return -1;
517: }
518:
519: writeerr = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)bv.bv_val,
520: bv.bv_len);
521: if(writeerr) {
522: *err = writeerr;
523: return -1;
524: }
525:
526: writeerr = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"\n", 1);
527: if(writeerr) {
528: *err = writeerr;
529: return -1;
530: }
531: data->req.bytecount += bv.bv_len + 5;
532:
533: for(rc = ldap_get_attribute_ber(li->ld, ent, ber, &bv, &bvals);
534: rc == LDAP_SUCCESS;
535: rc = ldap_get_attribute_ber(li->ld, ent, ber, &bv, &bvals)) {
536: int i;
537:
538: if(bv.bv_val == NULL)
539: break;
540:
541: if(bv.bv_len > 7 && !strncmp(bv.bv_val + bv.bv_len - 7, ";binary", 7))
542: binary = 1;
543: else
544: binary = 0;
545:
546: if(bvals == NULL) {
547: writeerr = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"\t", 1);
548: if(writeerr) {
549: *err = writeerr;
550: return -1;
551: }
552: writeerr = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)bv.bv_val,
553: bv.bv_len);
554: if(writeerr) {
555: *err = writeerr;
556: return -1;
557: }
558: writeerr = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)":\n", 2);
559: if(writeerr) {
560: *err = writeerr;
561: return -1;
562: }
563: data->req.bytecount += bv.bv_len + 3;
564: continue;
565: }
566:
567: for(i = 0; bvals[i].bv_val != NULL; i++) {
568: int binval = 0;
569: writeerr = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"\t", 1);
570: if(writeerr) {
571: *err = writeerr;
572: return -1;
573: }
574:
575: writeerr = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)bv.bv_val,
576: bv.bv_len);
577: if(writeerr) {
578: *err = writeerr;
579: return -1;
580: }
581:
582: writeerr = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)":", 1);
583: if(writeerr) {
584: *err = writeerr;
585: return -1;
586: }
587: data->req.bytecount += bv.bv_len + 2;
588:
589: if(!binary) {
590: /* check for leading or trailing whitespace */
591: if(ISSPACE(bvals[i].bv_val[0]) ||
592: ISSPACE(bvals[i].bv_val[bvals[i].bv_len-1]))
593: binval = 1;
594: else {
595: /* check for unprintable characters */
596: unsigned int j;
597: for(j = 0; j<bvals[i].bv_len; j++)
598: if(!ISPRINT(bvals[i].bv_val[j])) {
599: binval = 1;
600: break;
601: }
602: }
603: }
604: if(binary || binval) {
605: char *val_b64 = NULL;
606: size_t val_b64_sz = 0;
607: /* Binary value, encode to base64. */
608: CURLcode error = Curl_base64_encode(data,
609: bvals[i].bv_val,
610: bvals[i].bv_len,
611: &val_b64,
612: &val_b64_sz);
613: if(error) {
614: ber_memfree(bvals);
615: ber_free(ber, 0);
616: ldap_msgfree(msg);
617: *err = error;
618: return -1;
619: }
620: writeerr = Curl_client_write(conn, CLIENTWRITE_BODY,
621: (char *)": ", 2);
622: if(writeerr) {
623: *err = writeerr;
624: return -1;
625: }
626:
627: data->req.bytecount += 2;
628: if(val_b64_sz > 0) {
629: writeerr = Curl_client_write(conn, CLIENTWRITE_BODY, val_b64,
630: val_b64_sz);
631: if(writeerr) {
632: *err = writeerr;
633: return -1;
634: }
635: free(val_b64);
636: data->req.bytecount += val_b64_sz;
637: }
638: }
639: else {
640: writeerr = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)" ", 1);
641: if(writeerr) {
642: *err = writeerr;
643: return -1;
644: }
645:
646: writeerr = Curl_client_write(conn, CLIENTWRITE_BODY, bvals[i].bv_val,
647: bvals[i].bv_len);
648: if(writeerr) {
649: *err = writeerr;
650: return -1;
651: }
652:
653: data->req.bytecount += bvals[i].bv_len + 1;
654: }
655: writeerr = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"\n", 0);
656: if(writeerr) {
657: *err = writeerr;
658: return -1;
659: }
660:
661: data->req.bytecount++;
662: }
663: ber_memfree(bvals);
664: writeerr = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"\n", 0);
665: if(writeerr) {
666: *err = writeerr;
667: return -1;
668: }
669: data->req.bytecount++;
670: }
671: writeerr = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)"\n", 0);
672: if(writeerr) {
673: *err = writeerr;
674: return -1;
675: }
676: data->req.bytecount++;
677: ber_free(ber, 0);
678: }
679: ldap_msgfree(msg);
680: return ret;
681: }
682:
683: #ifdef USE_SSL
684: static int
685: ldapsb_tls_setup(Sockbuf_IO_Desc *sbiod, void *arg)
686: {
687: sbiod->sbiod_pvt = arg;
688: return 0;
689: }
690:
691: static int
692: ldapsb_tls_remove(Sockbuf_IO_Desc *sbiod)
693: {
694: sbiod->sbiod_pvt = NULL;
695: return 0;
696: }
697:
698: /* We don't need to do anything because libcurl does it already */
699: static int
700: ldapsb_tls_close(Sockbuf_IO_Desc *sbiod)
701: {
702: (void)sbiod;
703: return 0;
704: }
705:
706: static int
707: ldapsb_tls_ctrl(Sockbuf_IO_Desc *sbiod, int opt, void *arg)
708: {
709: (void)arg;
710: if(opt == LBER_SB_OPT_DATA_READY) {
711: struct connectdata *conn = sbiod->sbiod_pvt;
712: return Curl_ssl_data_pending(conn, FIRSTSOCKET);
713: }
714: return 0;
715: }
716:
717: static ber_slen_t
718: ldapsb_tls_read(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
719: {
720: struct connectdata *conn = sbiod->sbiod_pvt;
721: struct ldapconninfo *li = conn->proto.ldapc;
722: ber_slen_t ret;
723: CURLcode err = CURLE_RECV_ERROR;
724:
725: ret = (li->recv)(conn, FIRSTSOCKET, buf, len, &err);
726: if(ret < 0 && err == CURLE_AGAIN) {
727: SET_SOCKERRNO(EWOULDBLOCK);
728: }
729: return ret;
730: }
731:
732: static ber_slen_t
733: ldapsb_tls_write(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
734: {
735: struct connectdata *conn = sbiod->sbiod_pvt;
736: struct ldapconninfo *li = conn->proto.ldapc;
737: ber_slen_t ret;
738: CURLcode err = CURLE_SEND_ERROR;
739:
740: ret = (li->send)(conn, FIRSTSOCKET, buf, len, &err);
741: if(ret < 0 && err == CURLE_AGAIN) {
742: SET_SOCKERRNO(EWOULDBLOCK);
743: }
744: return ret;
745: }
746:
747: static Sockbuf_IO ldapsb_tls =
748: {
749: ldapsb_tls_setup,
750: ldapsb_tls_remove,
751: ldapsb_tls_ctrl,
752: ldapsb_tls_read,
753: ldapsb_tls_write,
754: ldapsb_tls_close
755: };
756: #endif /* USE_SSL */
757:
758: #endif /* !CURL_DISABLE_LDAP && USE_OPENLDAP */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to openldap.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / curl / lib