/* This is extracted from the OpenLDAP sources.
*
* Stuff that isn't used in e-book-backend-ldap.c was dropped, like
* the LDAPSchemaExtensionItem stuff.
*
* This file basically has three parts:
*
* - some general macros from OpenLDAP that work as such on all
* implementations.
*
* - ldap_str2objectclass()
*
* - ldap_url_parse()
*/
/* This work is part of OpenLDAP Software .
*
* Copyright 1998-2005 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in file COPYING.OPENLDAP in
* the top-level directory of the distribution or, alternatively, at
* .
*/
#include
#include
/* from various header files */
#define LDAP_CONST const
#define LDAP_PORT 389 /* ldap:/// default LDAP port */
#define LDAPS_PORT 636 /* ldaps:/// default LDAP over TLS port */
#define LDAP_ROOT_DSE ""
#define LDAP_SPACE(c) ((c) == ' ' || (c) == '\t' || (c) == '\n')
#define LDAP_DIGIT(c) ((c) >= '0' && (c) <= '9')
#define LDAP_EXOP_START_TLS "1.3.6.1.4.1.1466.20037" /* RFC 2830 */
#define LDAP_MALLOC(n) malloc((n))
#define LDAP_CALLOC(n,s) calloc((n),(s))
#define LDAP_REALLOC(p,s) realloc((p),(s))
#define LDAP_FREE(p) free((p))
#define LDAP_VFREE(p) vfree((gpointer *)(p))
#define LDAP_STRDUP(s) strdup((s))
#define LDAP_RANGE(n,x,y) (((x) <= (n)) && ((n) <= (y)))
#define LDAP_NAME_ERROR(n) LDAP_RANGE((n),0x20,0x24) /* 32-34,36 */
#define ldap_msgtype(lm) (lm)->lm_msgtype
#define ldap_msgid(lm) (lm)->lm_msgid
#ifndef LDAP_TYPE_OR_VALUE_EXISTS
#define LDAP_TYPE_OR_VALUE_EXISTS 0x14
#endif
#ifndef LDAP_SCOPE_DEFAULT
#define LDAP_SCOPE_DEFAULT -1
#endif
#ifndef LDAP_OPT_SUCCESS
#define LDAP_OPT_SUCCESS 0x00
#endif
#ifndef LDAP_INSUFFICIENT_ACCESS
#define LDAP_INSUFFICIENT_ACCESS 0x32
#endif
#define LDAP_SCHERR_OUTOFMEM 1
#define LDAP_SCHERR_UNEXPTOKEN 2
#define LDAP_SCHERR_NOLEFTPAREN 3
#define LDAP_SCHERR_NORIGHTPAREN 4
#define LDAP_SCHERR_NODIGIT 5
#define LDAP_SCHERR_BADNAME 6
#define LDAP_SCHERR_BADDESC 7
#define LDAP_SCHERR_BADSUP 8
#define LDAP_SCHERR_DUPOPT 9
#define LDAP_SCHERR_EMPTY 10
#define LDAP_SCHERR_MISSING 11
#define LDAP_SCHERR_OUT_OF_ORDER 12
#define LDAP_SCHEMA_YES 1
#define LDAP_SCHEMA_ABSTRACT 0
#define LDAP_SCHEMA_STRUCTURAL 1
#define LDAP_SCHEMA_AUXILIARY 2
#define LDAP_SCHEMA_ALLOW_NONE 0x00U /* Strict parsing */
#define LDAP_SCHEMA_ALLOW_NO_OID 0x01U /* Allow missing oid */
#define LDAP_SCHEMA_ALLOW_QUOTED 0x02U /* Allow bogus extra quotes */
#define LDAP_SCHEMA_ALLOW_DESCR 0x04U /* Allow descr instead of OID */
#define LDAP_SCHEMA_ALLOW_DESCR_PREFIX 0x08U /* Allow descr as OID prefix */
#define LDAP_SCHEMA_ALLOW_OID_MACRO 0x10U /* Allow OID macros in slapd */
#define LDAP_SCHEMA_ALLOW_OUT_OF_ORDER_FIELDS 0x20U /* Allow fields in most any order */
#define LDAP_SCHEMA_ALLOW_ALL 0x3fU /* Be very liberal in parsing */
#define LDAP_SCHEMA_SKIP 0x80U /* Don't malloc any result */
typedef struct ldap_objectclass {
gchar *oc_oid; /* REQUIRED */
gchar **oc_names; /* OPTIONAL */
gchar *oc_desc; /* OPTIONAL */
gint oc_obsolete; /* 0=no, 1=yes */
gchar **oc_sup_oids; /* OPTIONAL */
gint oc_kind; /* 0=ABSTRACT, 1=STRUCTURAL, 2=AUXILIARY */
gchar **oc_at_oids_must; /* OPTIONAL */
gchar **oc_at_oids_may; /* OPTIONAL */
} LDAPObjectClass;
static void
vfree (gpointer *vec)
{
gint i;
for (i = 0; vec[i] != NULL; i++)
free (vec[i]);
}
/* from schema.c */
/*
* Now come the parsers. There is one parser for each entity type:
* objectclasses, attributetypes, etc.
*
* Each of them is written as a recursive-descent parser, except that
* none of them is really recursive. But the idea is kept: there
* is one routine per non-terminal that eithers gobbles lexical tokens
* or calls lower-level routines, etc.
*
* The scanner is implemented in the routine get_token. Actually,
* get_token is more than a scanner and will return tokens that are
* in fact non-terminals in the grammar. So you can see the whole
* approach as the combination of a low-level bottom-up recognizer
* combined with a scanner and a number of top-down parsers. Or just
* consider that the real grammars recognized by the parsers are not
* those of the standards. As a matter of fact, our parsers are more
* liberal than the spec when there is no ambiguity.
*
* The difference is pretty academic (modulo bugs or incorrect
* interpretation of the specs).
*/
#define TK_NOENDQUOTE -2
#define TK_OUTOFMEM -1
#define TK_EOS 0
#define TK_UNEXPCHAR 1
#define TK_BAREWORD 2
#define TK_QDSTRING 3
#define TK_LEFTPAREN 4
#define TK_RIGHTPAREN 5
#define TK_DOLLAR 6
#define TK_QDESCR TK_QDSTRING
struct token {
gint type;
gchar *sval;
};
static gint
get_token (const gchar **sp,
gchar **token_val)
{
gint kind;
const gchar *p;
const gchar *q;
gchar *res;
*token_val = NULL;
switch (**sp) {
case '\0':
kind = TK_EOS;
(*sp)++;
break;
case '(':
kind = TK_LEFTPAREN;
(*sp)++;
break;
case ')':
kind = TK_RIGHTPAREN;
(*sp)++;
break;
case '$':
kind = TK_DOLLAR;
(*sp)++;
break;
case '\'':
kind = TK_QDSTRING;
(*sp)++;
p = *sp;
while (**sp != '\'' && **sp != '\0')
(*sp)++;
if (**sp == '\'') {
q = *sp;
res = LDAP_MALLOC (q - p + 1);
if (!res) {
kind = TK_OUTOFMEM;
} else {
strncpy (res,p,q - p);
res[q - p] = '\0';
*token_val = res;
}
(*sp)++;
} else {
kind = TK_NOENDQUOTE;
}
break;
default:
kind = TK_BAREWORD;
p = *sp;
while (!LDAP_SPACE (**sp) &&
**sp != '(' &&
**sp != ')' &&
**sp != '$' &&
**sp != '\'' &&
**sp != '\0')
(*sp)++;
q = *sp;
res = LDAP_MALLOC (q - p + 1);
if (!res) {
kind = TK_OUTOFMEM;
} else {
strncpy (res,p,q - p);
res[q - p] = '\0';
*token_val = res;
}
break;
/* kind = TK_UNEXPCHAR; */
/* break; */
}
return kind;
}
/* Gobble optional whitespace */
static void
parse_whsp (const gchar **sp)
{
while (LDAP_SPACE (**sp))
(*sp)++;
}
/* Parse a sequence of dot-separated decimal strings */
static gchar *
ldap_int_parse_numericoid (const gchar **sp, gint *code, const gint flags)
{
gchar *res = NULL;
const gchar *start = *sp;
gint len;
gint quoted = 0;
/* Netscape puts the SYNTAX value in quotes (incorrectly) */
if (flags & LDAP_SCHEMA_ALLOW_QUOTED && **sp == '\'') {
quoted = 1;
(*sp)++;
start++;
}
/* Each iteration of this loop gets one decimal string */
while (**sp) {
if (!LDAP_DIGIT (**sp)) {
/*
* Initial gchar is not a digit or gchar after dot is
* not a digit
*/
*code = LDAP_SCHERR_NODIGIT;
return NULL;
}
(*sp)++;
while (LDAP_DIGIT (**sp))
(*sp)++;
if (**sp != '.')
break;
/* Otherwise, gobble the dot and loop again */
(*sp)++;
}
/* Now *sp points at the gchar past the numericoid. Perfect. */
len = *sp - start;
if (flags & LDAP_SCHEMA_ALLOW_QUOTED && quoted) {
if (**sp == '\'') {
(*sp)++;
} else {
*code = LDAP_SCHERR_UNEXPTOKEN;
return NULL;
}
}
if (flags & LDAP_SCHEMA_SKIP) {
res = (gchar *) start;
} else {
res = LDAP_MALLOC (len + 1);
if (!res) {
*code = LDAP_SCHERR_OUTOFMEM;
return (NULL);
}
strncpy (res,start,len);
res[len] = '\0';
}
return (res);
}
/* Parse a qdescr or a list of them enclosed in () */
static gchar **
parse_qdescrs (const gchar **sp, gint *code)
{
gchar ** res;
gchar ** res1;
gint kind;
gchar *sval;
gint size;
gint pos;
parse_whsp (sp);
kind = get_token (sp,&sval);
if (kind == TK_LEFTPAREN) {
/* Let's presume there will be at least 2 entries */
size = 3;
res = LDAP_CALLOC (3,sizeof (gchar *));
if (!res) {
*code = LDAP_SCHERR_OUTOFMEM;
return NULL;
}
pos = 0;
while (1) {
parse_whsp (sp);
kind = get_token (sp,&sval);
if (kind == TK_RIGHTPAREN)
break;
if (kind == TK_QDESCR) {
if (pos == size - 2) {
size++;
res1 = LDAP_REALLOC (res,size * sizeof (gchar *));
if (!res1) {
LDAP_VFREE (res);
LDAP_FREE (sval);
*code = LDAP_SCHERR_OUTOFMEM;
return (NULL);
}
res = res1;
}
res[pos++] = sval;
res[pos] = NULL;
parse_whsp (sp);
} else {
LDAP_VFREE (res);
LDAP_FREE (sval);
*code = LDAP_SCHERR_UNEXPTOKEN;
return (NULL);
}
}
parse_whsp (sp);
return (res);
} else if (kind == TK_QDESCR) {
res = LDAP_CALLOC (2,sizeof (gchar *));
if (!res) {
*code = LDAP_SCHERR_OUTOFMEM;
return NULL;
}
res[0] = sval;
res[1] = NULL;
parse_whsp (sp);
return res;
} else {
LDAP_FREE (sval);
*code = LDAP_SCHERR_BADNAME;
return NULL;
}
}
/* Parse a woid or a $-separated list of them enclosed in () */
static gchar **
parse_oids (const gchar **sp, gint *code, const gint allow_quoted)
{
gchar ** res;
gchar ** res1;
gint kind;
gchar *sval;
gint size;
gint pos;
/*
* Strictly speaking, doing this here accepts whsp before the
* ( at the begining of an oidlist, but this is harmless. Also,
* we are very liberal in what we accept as an OID. Maybe
* refine later.
*/
parse_whsp (sp);
kind = get_token (sp,&sval);
if (kind == TK_LEFTPAREN) {
/* Let's presume there will be at least 2 entries */
size = 3;
res = LDAP_CALLOC (3,sizeof (gchar *));
if (!res) {
*code = LDAP_SCHERR_OUTOFMEM;
return NULL;
}
pos = 0;
parse_whsp (sp);
kind = get_token (sp,&sval);
if (kind == TK_BAREWORD ||
(allow_quoted && kind == TK_QDSTRING)) {
res[pos++] = sval;
res[pos] = NULL;
} else {
*code = LDAP_SCHERR_UNEXPTOKEN;
LDAP_FREE (sval);
LDAP_VFREE (res);
/* cppcheck-suppress memleak */
return NULL;
}
parse_whsp (sp);
while (1) {
kind = get_token (sp,&sval);
if (kind == TK_RIGHTPAREN)
break;
if (kind == TK_DOLLAR) {
parse_whsp (sp);
kind = get_token (sp,&sval);
if (kind == TK_BAREWORD ||
(allow_quoted &&
kind == TK_QDSTRING)) {
if (pos == size - 2) {
size++;
res1 = LDAP_REALLOC (res,size * sizeof (gchar *));
if (!res1) {
LDAP_FREE (sval);
LDAP_VFREE (res);
*code = LDAP_SCHERR_OUTOFMEM;
return (NULL);
}
res = res1;
}
res[pos++] = sval;
res[pos] = NULL;
} else {
*code = LDAP_SCHERR_UNEXPTOKEN;
LDAP_FREE (sval);
LDAP_VFREE (res);
return NULL;
}
parse_whsp (sp);
} else {
*code = LDAP_SCHERR_UNEXPTOKEN;
LDAP_FREE (sval);
LDAP_VFREE (res);
return NULL;
}
}
parse_whsp (sp);
return (res);
} else if (kind == TK_BAREWORD ||
(allow_quoted && kind == TK_QDSTRING)) {
res = LDAP_CALLOC (2,sizeof (gchar *));
if (!res) {
LDAP_FREE (sval);
*code = LDAP_SCHERR_OUTOFMEM;
return NULL;
}
res[0] = sval;
res[1] = NULL;
parse_whsp (sp);
return res;
} else {
LDAP_FREE (sval);
*code = LDAP_SCHERR_BADNAME;
return NULL;
}
}
static void
ldap_objectclass_free (LDAPObjectClass *oc)
{
LDAP_FREE (oc->oc_oid);
if (oc->oc_names) LDAP_VFREE (oc->oc_names);
if (oc->oc_desc) LDAP_FREE (oc->oc_desc);
if (oc->oc_sup_oids) LDAP_VFREE (oc->oc_sup_oids);
if (oc->oc_at_oids_must) LDAP_VFREE (oc->oc_at_oids_must);
if (oc->oc_at_oids_may) LDAP_VFREE (oc->oc_at_oids_may);
LDAP_FREE (oc);
}
static LDAPObjectClass *
ldap_str2objectclass (LDAP_CONST gchar *s,
gint *code,
LDAP_CONST gchar **errp,
LDAP_CONST unsigned flags)
{
gint kind;
const gchar *ss = s;
gchar *sval;
gint seen_name = 0;
gint seen_desc = 0;
gint seen_obsolete = 0;
gint seen_sup = 0;
gint seen_kind = 0;
gint seen_must = 0;
gint seen_may = 0;
LDAPObjectClass *oc;
gchar ** ext_vals;
const gchar *savepos;
if (!s) {
*code = LDAP_SCHERR_EMPTY;
*errp = "";
return NULL;
}
*errp = s;
oc = LDAP_CALLOC (1,sizeof (LDAPObjectClass));
if (!oc) {
*code = LDAP_SCHERR_OUTOFMEM;
return NULL;
}
oc->oc_kind = LDAP_SCHEMA_STRUCTURAL;
kind = get_token (&ss,&sval);
if (kind != TK_LEFTPAREN) {
*code = LDAP_SCHERR_NOLEFTPAREN;
LDAP_FREE (sval);
ldap_objectclass_free (oc);
return NULL;
}
/*
* Definitions MUST begin with an OID in the numericoid format.
* However, this routine is used by clients to parse the response
* from servers and very well known servers will provide an OID
* in the wrong format or even no OID at all. We do our best to
* extract info from those servers.
*/
parse_whsp (&ss);
savepos = ss;
oc->oc_oid = ldap_int_parse_numericoid (&ss,code,0);
if (!oc->oc_oid) {
if ((flags & LDAP_SCHEMA_ALLOW_ALL) && (ss == savepos)) {
/* Backtracking */
ss = savepos;
kind = get_token (&ss,&sval);
if (kind == TK_BAREWORD) {
if (!strcasecmp (sval, "NAME") ||
!strcasecmp (sval, "DESC") ||
!strcasecmp (sval, "OBSOLETE") ||
!strcasecmp (sval, "SUP") ||
!strcasecmp (sval, "ABSTRACT") ||
!strcasecmp (sval, "STRUCTURAL") ||
!strcasecmp (sval, "AUXILIARY") ||
!strcasecmp (sval, "MUST") ||
!strcasecmp (sval, "MAY") ||
!strncasecmp (sval, "X-", 2)) {
/* Missing OID, backtrack */
ss = savepos;
} else if (flags &
LDAP_SCHEMA_ALLOW_OID_MACRO) {
/* Non-numerical OID, ignore */
gint len = ss - savepos;
oc->oc_oid = LDAP_MALLOC (len + 1);
strncpy (oc->oc_oid, savepos, len);
oc->oc_oid[len] = 0;
}
}
LDAP_FREE (sval);
} else {
*errp = ss;
ldap_objectclass_free (oc);
return NULL;
}
}
parse_whsp (&ss);
/*
* Beyond this point we will be liberal an accept the items
* in any order.
*/
while (1) {
kind = get_token (&ss,&sval);
switch (kind) {
case TK_EOS:
*code = LDAP_SCHERR_NORIGHTPAREN;
*errp = ss;
ldap_objectclass_free (oc);
return NULL;
case TK_RIGHTPAREN:
return oc;
case TK_BAREWORD:
if (!strcasecmp (sval,"NAME")) {
LDAP_FREE (sval);
if (seen_name) {
*code = LDAP_SCHERR_DUPOPT;
*errp = ss;
ldap_objectclass_free (oc);
return (NULL);
}
seen_name = 1;
oc->oc_names = parse_qdescrs (&ss,code);
if (!oc->oc_names) {
if (*code != LDAP_SCHERR_OUTOFMEM)
*code = LDAP_SCHERR_BADNAME;
*errp = ss;
ldap_objectclass_free (oc);
return NULL;
}
} else if (!strcasecmp (sval,"DESC")) {
LDAP_FREE (sval);
if (seen_desc) {
*code = LDAP_SCHERR_DUPOPT;
*errp = ss;
ldap_objectclass_free (oc);
return (NULL);
}
seen_desc = 1;
parse_whsp (&ss);
kind = get_token (&ss,&sval);
if (kind != TK_QDSTRING) {
*code = LDAP_SCHERR_UNEXPTOKEN;
*errp = ss;
LDAP_FREE (sval);
ldap_objectclass_free (oc);
return NULL;
}
oc->oc_desc = sval;
parse_whsp (&ss);
} else if (!strcasecmp (sval,"OBSOLETE")) {
LDAP_FREE (sval);
if (seen_obsolete) {
*code = LDAP_SCHERR_DUPOPT;
*errp = ss;
ldap_objectclass_free (oc);
return (NULL);
}
seen_obsolete = 1;
oc->oc_obsolete = LDAP_SCHEMA_YES;
parse_whsp (&ss);
} else if (!strcasecmp (sval,"SUP")) {
LDAP_FREE (sval);
if (seen_sup) {
*code = LDAP_SCHERR_DUPOPT;
*errp = ss;
ldap_objectclass_free (oc);
return (NULL);
}
seen_sup = 1;
oc->oc_sup_oids = parse_oids (&ss,
code,
flags);
if (!oc->oc_sup_oids) {
*errp = ss;
ldap_objectclass_free (oc);
return NULL;
}
} else if (!strcasecmp (sval,"ABSTRACT")) {
LDAP_FREE (sval);
if (seen_kind) {
*code = LDAP_SCHERR_DUPOPT;
*errp = ss;
ldap_objectclass_free (oc);
return (NULL);
}
seen_kind = 1;
oc->oc_kind = LDAP_SCHEMA_ABSTRACT;
parse_whsp (&ss);
} else if (!strcasecmp (sval,"STRUCTURAL")) {
LDAP_FREE (sval);
if (seen_kind) {
*code = LDAP_SCHERR_DUPOPT;
*errp = ss;
ldap_objectclass_free (oc);
return (NULL);
}
seen_kind = 1;
oc->oc_kind = LDAP_SCHEMA_STRUCTURAL;
parse_whsp (&ss);
} else if (!strcasecmp (sval,"AUXILIARY")) {
LDAP_FREE (sval);
if (seen_kind) {
*code = LDAP_SCHERR_DUPOPT;
*errp = ss;
ldap_objectclass_free (oc);
return (NULL);
}
seen_kind = 1;
oc->oc_kind = LDAP_SCHEMA_AUXILIARY;
parse_whsp (&ss);
} else if (!strcasecmp (sval,"MUST")) {
LDAP_FREE (sval);
if (seen_must) {
*code = LDAP_SCHERR_DUPOPT;
*errp = ss;
ldap_objectclass_free (oc);
return (NULL);
}
seen_must = 1;
oc->oc_at_oids_must = parse_oids (&ss,code,0);
if (!oc->oc_at_oids_must) {
*errp = ss;
ldap_objectclass_free (oc);
return NULL;
}
parse_whsp (&ss);
} else if (!strcasecmp (sval,"MAY")) {
LDAP_FREE (sval);
if (seen_may) {
*code = LDAP_SCHERR_DUPOPT;
*errp = ss;
ldap_objectclass_free (oc);
return (NULL);
}
seen_may = 1;
oc->oc_at_oids_may = parse_oids (&ss,code,0);
if (!oc->oc_at_oids_may) {
*errp = ss;
ldap_objectclass_free (oc);
return NULL;
}
parse_whsp (&ss);
} else if (sval[0] == 'X' && sval[1] == '-') {
/* Should be parse_qdstrings */
ext_vals = parse_qdescrs (&ss, code);
if (!ext_vals) {
*errp = ss;
ldap_objectclass_free (oc);
return NULL;
}
#if 0
if (add_extension (&oc->oc_extensions,
sval, ext_vals)) {
*code = LDAP_SCHERR_OUTOFMEM;
*errp = ss;
LDAP_FREE (sval);
ldap_objectclass_free (oc);
return NULL;
}
#endif
} else {
*code = LDAP_SCHERR_UNEXPTOKEN;
*errp = ss;
LDAP_FREE (sval);
ldap_objectclass_free (oc);
return NULL;
}
break;
default:
*code = LDAP_SCHERR_UNEXPTOKEN;
*errp = ss;
LDAP_FREE (sval);
ldap_objectclass_free (oc);
return NULL;
}
}
}
/* from utf-8.c */
#define LDAP_UTF8_NEXT(p) g_utf8_next_char((p))
#define LDAP_UTF8_INCR(p) ((p)=LDAP_UTF8_NEXT((p)))
#define ldap_x_utf8_to_ucs4(str) g_utf8_get_char(str)
static gchar *
ldap_utf8_strchr (const gchar *str,
const gchar *chr)
{
for (; *str != '\0'; LDAP_UTF8_INCR (str)) {
if (ldap_x_utf8_to_ucs4 (str) == ldap_x_utf8_to_ucs4 (chr)) {
return (gchar *) str;
}
}
return NULL;
}
static gsize
ldap_utf8_strcspn (const gchar *str,
const gchar *set)
{
const gchar *cstr;
const gchar *cset;
for (cstr = str; *cstr != '\0'; LDAP_UTF8_INCR (cstr)) {
for (cset = set; *cset != '\0'; LDAP_UTF8_INCR (cset)) {
if (ldap_x_utf8_to_ucs4 (cstr) == ldap_x_utf8_to_ucs4 (cset)) {
return cstr - str;
}
}
}
return cstr - str;
}
static gsize
ldap_utf8_strspn (const gchar *str,
const gchar *set)
{
const gchar *cstr;
const gchar *cset;
for (cstr = str; *cstr != '\0'; LDAP_UTF8_INCR (cstr)) {
for (cset = set; ; LDAP_UTF8_INCR (cset)) {
if (*cset == '\0') {
return cstr - str;
}
if (ldap_x_utf8_to_ucs4 (cstr) == ldap_x_utf8_to_ucs4 (cset)) {
break;
}
}
}
return cstr - str;
}
static gchar *ldap_utf8_strtok (gchar *str, const gchar *sep, gchar **last)
{
gchar *begin;
gchar *end;
if (last == NULL) return NULL;
begin = str ? str : *last;
begin += ldap_utf8_strspn (begin, sep);
if (*begin == '\0') {
*last = NULL;
return NULL;
}
end = &begin[ ldap_utf8_strcspn (begin, sep) ];
if (*end != '\0') {
gchar *next = LDAP_UTF8_NEXT (end);
*end = '\0';
end = next;
}
*last = end;
return begin;
}
/* from ldap.h */
#define LDAP_URL_SUCCESS 0x00 /* Success */
#define LDAP_URL_ERR_MEM 0x01 /* can't allocate memory space */
#define LDAP_URL_ERR_PARAM 0x02 /* parameter is bad */
#define LDAP_URL_ERR_BADSCHEME 0x03 /* URL doesn't begin with "ldap[si]://" */
#define LDAP_URL_ERR_BADENCLOSURE 0x04 /* URL is missing trailing ">" */
#define LDAP_URL_ERR_BADURL 0x05 /* URL is bad */
#define LDAP_URL_ERR_BADHOST 0x06 /* host port is bad */
#define LDAP_URL_ERR_BADATTRS 0x07 /* bad (or missing) attributes */
#define LDAP_URL_ERR_BADSCOPE 0x08 /* scope string is invalid (or missing) */
#define LDAP_URL_ERR_BADFILTER 0x09 /* bad or missing filter */
#define LDAP_URL_ERR_BADEXTS 0x0a /* bad or missing extensions */
#define LDAP_URL_PREFIX "ldap://"
#define LDAP_URL_PREFIX_LEN (sizeof(LDAP_URL_PREFIX)-1)
#define LDAPS_URL_PREFIX "ldaps://"
#define LDAPS_URL_PREFIX_LEN (sizeof(LDAPS_URL_PREFIX)-1)
#define LDAPI_URL_PREFIX "ldapi://"
#define LDAPI_URL_PREFIX_LEN (sizeof(LDAPI_URL_PREFIX)-1)
#define LDAP_URL_URLCOLON "URL:"
#define LDAP_URL_URLCOLON_LEN (sizeof(LDAP_URL_URLCOLON)-1)
typedef struct ldap_url_desc {
struct ldap_url_desc *lud_next;
gchar *lud_scheme;
gchar *lud_host;
gint lud_port;
gchar *lud_dn;
gchar **lud_attrs;
gint lud_scope;
gchar *lud_filter;
gchar **lud_exts;
gint lud_crit_exts;
} LDAPURLDesc;
/* from url.c */
static const gchar *
skip_url_prefix (
const gchar *url,
gint *enclosedp,
const gchar **scheme)
{
/*
* return non-zero if this looks like a LDAP URL; zero if not
* if non-zero returned, *urlp will be moved past "ldap://" part of URL
*/
const gchar *p;
if (url == NULL) {
return (NULL);
}
p = url;
/* skip leading '<' (if any) */
if (*p == '<') {
*enclosedp = 1;
++p;
} else {
*enclosedp = 0;
}
/* skip leading "URL:" (if any) */
if (strncasecmp (p, LDAP_URL_URLCOLON, LDAP_URL_URLCOLON_LEN) == 0) {
p += LDAP_URL_URLCOLON_LEN;
}
/* check for "ldap://" prefix */
if (strncasecmp (p, LDAP_URL_PREFIX, LDAP_URL_PREFIX_LEN) == 0) {
/* skip over "ldap://" prefix and return success */
p += LDAP_URL_PREFIX_LEN;
*scheme = "ldap";
return (p);
}
/* check for "ldaps://" prefix */
if (strncasecmp (p, LDAPS_URL_PREFIX, LDAPS_URL_PREFIX_LEN) == 0) {
/* skip over "ldaps://" prefix and return success */
p += LDAPS_URL_PREFIX_LEN;
*scheme = "ldaps";
return (p);
}
/* check for "ldapi://" prefix */
if (strncasecmp (p, LDAPI_URL_PREFIX, LDAPI_URL_PREFIX_LEN) == 0) {
/* skip over "ldapi://" prefix and return success */
p += LDAPI_URL_PREFIX_LEN;
*scheme = "ldapi";
return (p);
}
#ifdef LDAP_CONNECTIONLESS
/* check for "cldap://" prefix */
if (strncasecmp (p, LDAPC_URL_PREFIX, LDAPC_URL_PREFIX_LEN) == 0) {
/* skip over "cldap://" prefix and return success */
p += LDAPC_URL_PREFIX_LEN;
*scheme = "cldap";
return (p);
}
#endif
return (NULL);
}
static gint
str2scope (const gchar *p)
{
if (strcasecmp (p, "one") == 0) {
return LDAP_SCOPE_ONELEVEL;
} else if (strcasecmp (p, "onelevel") == 0) {
return LDAP_SCOPE_ONELEVEL;
} else if (strcasecmp (p, "base") == 0) {
return LDAP_SCOPE_BASE;
} else if (strcasecmp (p, "sub") == 0) {
return LDAP_SCOPE_SUBTREE;
} else if (strcasecmp (p, "subtree") == 0) {
return LDAP_SCOPE_SUBTREE;
}
return (-1);
}
static void
ldap_free_urldesc (LDAPURLDesc *ludp)
{
if (ludp == NULL) {
return;
}
if (ludp->lud_scheme != NULL) {
LDAP_FREE (ludp->lud_scheme);
}
if (ludp->lud_host != NULL) {
LDAP_FREE (ludp->lud_host);
}
if (ludp->lud_dn != NULL) {
LDAP_FREE (ludp->lud_dn);
}
if (ludp->lud_filter != NULL) {
LDAP_FREE (ludp->lud_filter);
}
if (ludp->lud_attrs != NULL) {
LDAP_VFREE (ludp->lud_attrs);
}
if (ludp->lud_exts != NULL) {
LDAP_VFREE (ludp->lud_exts);
}
LDAP_FREE (ludp);
}
static gint
ldap_int_unhex (gint c)
{
return (c >= '0' && c <= '9' ? c - '0'
: c >= 'A' && c <= 'F' ? c - 'A' + 10
: c - 'a' + 10);
}
static void
ldap_pvt_hex_unescape (gchar *s)
{
/*
* Remove URL hex escapes from s... done in place. The basic concept for
* this routine is borrowed from the WWW library HTUnEscape() routine.
*/
gchar *p;
for (p = s; *s != '\0'; ++s) {
if (*s == '%') {
if (*++s == '\0') {
break;
}
*p = ldap_int_unhex(*s) << 4;
if (*++s == '\0') {
break;
}
*p++ += ldap_int_unhex(*s);
} else {
*p++ = *s;
}
}
*p = '\0';
}
static gchar **
ldap_str2charray (const gchar *str_in,
const gchar *brkstr)
{
gchar **res;
gchar *str, *s;
gchar *lasts;
gint i;
/* protect the input string from strtok */
str = LDAP_STRDUP (str_in);
if (str == NULL) {
return NULL;
}
i = 1;
for (s = str; *s; s++) {
if (ldap_utf8_strchr (brkstr, s) != NULL) {
i++;
}
}
res = (gchar **) LDAP_MALLOC ((i + 1) * sizeof (gchar *));
if (res == NULL) {
LDAP_FREE (str);
return NULL;
}
i = 0;
for (s = ldap_utf8_strtok (str, brkstr, &lasts);
s != NULL;
s = ldap_utf8_strtok (NULL, brkstr, &lasts))
{
res[i] = LDAP_STRDUP (s);
if (res[i] == NULL) {
for (--i; i >= 0; i--) {
LDAP_FREE (res[i]);
}
LDAP_FREE (res);
LDAP_FREE (str);
return NULL;
}
i++;
}
res[i] = NULL;
LDAP_FREE (str);
return (res);
}
static gint
ldap_url_parse_ext (LDAP_CONST gchar *url_in,
LDAPURLDesc **ludpp)
{
/*
* Pick apart the pieces of an LDAP URL.
*/
LDAPURLDesc *ludp;
gchar *p, *q, *r;
gint i, enclosed;
const gchar *scheme = NULL;
const gchar *url_tmp;
gchar *url;
if (url_in == NULL || ludpp == NULL) {
return LDAP_URL_ERR_PARAM;
}
*ludpp = NULL; /* pessimistic */
url_tmp = skip_url_prefix (url_in, &enclosed, &scheme);
if (url_tmp == NULL) {
return LDAP_URL_ERR_BADSCHEME;
}
assert (scheme);
/* make working copy of the remainder of the URL */
url = LDAP_STRDUP (url_tmp);
if (url == NULL) {
return LDAP_URL_ERR_MEM;
}
if (enclosed) {
p = &url[strlen (url) - 1];
if (*p != '>') {
LDAP_FREE (url);
return LDAP_URL_ERR_BADENCLOSURE;
}
*p = '\0';
}
/* allocate return struct */
ludp = (LDAPURLDesc *) LDAP_CALLOC (1, sizeof (LDAPURLDesc));
if (ludp == NULL) {
LDAP_FREE (url);
return LDAP_URL_ERR_MEM;
}
ludp->lud_next = NULL;
ludp->lud_host = NULL;
ludp->lud_port = 0;
ludp->lud_dn = NULL;
ludp->lud_attrs = NULL;
ludp->lud_filter = NULL;
ludp->lud_scope = LDAP_SCOPE_DEFAULT;
ludp->lud_filter = NULL;
ludp->lud_exts = NULL;
ludp->lud_scheme = LDAP_STRDUP (scheme);
if (ludp->lud_scheme == NULL) {
LDAP_FREE (url);
ldap_free_urldesc (ludp);
return LDAP_URL_ERR_MEM;
}
/* scan forward for '/' that marks end of hostport and begin. of dn */
p = strchr (url, '/');
if (p != NULL) {
/* terminate hostport; point to start of dn */
*p++ = '\0';
}
/* IPv6 syntax with [ip address]:port */
if (*url == '[') {
r = strchr (url, ']');
if (r == NULL) {
LDAP_FREE (url);
ldap_free_urldesc (ludp);
return LDAP_URL_ERR_BADURL;
}
*r++ = '\0';
q = strchr (r, ':');
} else {
q = strchr (url, ':');
}
if (q != NULL) {
gchar *next;
*q++ = '\0';
ldap_pvt_hex_unescape (q);
if (*q == '\0') {
LDAP_FREE (url);
ldap_free_urldesc (ludp);
return LDAP_URL_ERR_BADURL;
}
ludp->lud_port = strtol (q, &next, 10);
if (next == NULL || next[0] != '\0') {
LDAP_FREE (url);
ldap_free_urldesc (ludp);
return LDAP_URL_ERR_BADURL;
}
}
ldap_pvt_hex_unescape (url);
/* If [ip address]:port syntax, url is [ip and we skip the [ */
ludp->lud_host = LDAP_STRDUP (url + (*url == '['));
if (ludp->lud_host == NULL) {
LDAP_FREE (url);
ldap_free_urldesc (ludp);
return LDAP_URL_ERR_MEM;
}
/*
* Kludge. ldap://111.222.333.444:389??cn=abc,o=company
*
* On early Novell releases, search references/referrals were returned
* in this format, i.e., the dn was kind of in the scope position,
* but the required slash is missing. The whole thing is illegal syntax,
* but we need to account for it. Fortunately it can't be confused with
* anything real.
*/
if ((p == NULL) && (q != NULL) && ((q = strchr (q, '?')) != NULL)) {
q++;
/* ? immediately followed by question */
if (*q == '?') {
q++;
if (*q != '\0') {
/* parse dn part */
ldap_pvt_hex_unescape (q);
ludp->lud_dn = LDAP_STRDUP (q);
} else {
ludp->lud_dn = LDAP_STRDUP ("");
}
if (ludp->lud_dn == NULL) {
LDAP_FREE (url);
ldap_free_urldesc (ludp);
return LDAP_URL_ERR_MEM;
}
}
}
if (p == NULL) {
LDAP_FREE (url);
*ludpp = ludp;
return LDAP_URL_SUCCESS;
}
/* scan forward for '?' that may marks end of dn */
q = strchr (p, '?');
if (q != NULL) {
/* terminate dn part */
*q++ = '\0';
}
if (*p != '\0') {
/* parse dn part */
ldap_pvt_hex_unescape (p);
ludp->lud_dn = LDAP_STRDUP (p);
} else {
ludp->lud_dn = LDAP_STRDUP ("");
}
if (ludp->lud_dn == NULL) {
LDAP_FREE (url);
ldap_free_urldesc (ludp);
return LDAP_URL_ERR_MEM;
}
if (q == NULL) {
/* no more */
LDAP_FREE (url);
*ludpp = ludp;
return LDAP_URL_SUCCESS;
}
/* scan forward for '?' that may marks end of attributes */
p = q;
q = strchr (p, '?');
if (q != NULL) {
/* terminate attributes part */
*q++ = '\0';
}
if (*p != '\0') {
/* parse attributes */
ldap_pvt_hex_unescape (p);
ludp->lud_attrs = ldap_str2charray (p, ",");
if (ludp->lud_attrs == NULL) {
LDAP_FREE (url);
ldap_free_urldesc (ludp);
return LDAP_URL_ERR_BADATTRS;
}
}
if (q == NULL) {
/* no more */
LDAP_FREE (url);
*ludpp = ludp;
return LDAP_URL_SUCCESS;
}
/* scan forward for '?' that may marks end of scope */
p = q;
q = strchr (p, '?');
if (q != NULL) {
/* terminate the scope part */
*q++ = '\0';
}
if (*p != '\0') {
/* parse the scope */
ldap_pvt_hex_unescape (p);
ludp->lud_scope = str2scope (p);
if (ludp->lud_scope == -1) {
LDAP_FREE (url);
ldap_free_urldesc (ludp);
return LDAP_URL_ERR_BADSCOPE;
}
}
if (q == NULL) {
/* no more */
LDAP_FREE (url);
*ludpp = ludp;
return LDAP_URL_SUCCESS;
}
/* scan forward for '?' that may marks end of filter */
p = q;
q = strchr (p, '?');
if (q != NULL) {
/* terminate the filter part */
*q++ = '\0';
}
if (*p != '\0') {
/* parse the filter */
ldap_pvt_hex_unescape (p);
if (!*p) {
/* missing filter */
LDAP_FREE (url);
ldap_free_urldesc (ludp);
return LDAP_URL_ERR_BADFILTER;
}
LDAP_FREE (ludp->lud_filter);
ludp->lud_filter = LDAP_STRDUP (p);
if (ludp->lud_filter == NULL) {
LDAP_FREE (url);
ldap_free_urldesc (ludp);
return LDAP_URL_ERR_MEM;
}
}
if (q == NULL) {
/* no more */
LDAP_FREE (url);
*ludpp = ludp;
return LDAP_URL_SUCCESS;
}
/* scan forward for '?' that may marks end of extensions */
p = q;
q = strchr (p, '?');
if (q != NULL) {
/* extra '?' */
LDAP_FREE (url);
ldap_free_urldesc (ludp);
return LDAP_URL_ERR_BADURL;
}
/* parse the extensions */
ludp->lud_exts = ldap_str2charray (p, ",");
if (ludp->lud_exts == NULL) {
LDAP_FREE (url);
ldap_free_urldesc (ludp);
return LDAP_URL_ERR_BADEXTS;
}
for (i = 0; ludp->lud_exts[i] != NULL; i++) {
ldap_pvt_hex_unescape (ludp->lud_exts[i]);
if (*ludp->lud_exts[i] == '!') {
/* count the number of critical extensions */
ludp->lud_crit_exts++;
}
}
if (i == 0) {
/* must have 1 or more */
LDAP_FREE (url);
ldap_free_urldesc (ludp);
return LDAP_URL_ERR_BADEXTS;
}
/* no more */
*ludpp = ludp;
LDAP_FREE (url);
return LDAP_URL_SUCCESS;
}
static gint
ldap_url_parse (LDAP_CONST gchar *url_in,
LDAPURLDesc **ludpp)
{
gint rc = ldap_url_parse_ext (url_in, ludpp);
if (rc != LDAP_URL_SUCCESS) {
return rc;
}
if ((*ludpp)->lud_scope == LDAP_SCOPE_DEFAULT) {
(*ludpp)->lud_scope = LDAP_SCOPE_BASE;
}
if ((*ludpp)->lud_host != NULL && *(*ludpp)->lud_host == '\0') {
LDAP_FREE ((*ludpp)->lud_host);
(*ludpp)->lud_host = NULL;
}
if ((*ludpp)->lud_port == 0) {
if (strcmp ((*ludpp)->lud_scheme, "ldap") == 0) {
(*ludpp)->lud_port = LDAP_PORT;
#ifdef LDAP_CONNECTIONLESS
} else if (strcmp ((*ludpp)->lud_scheme, "cldap") == 0) {
(*ludpp)->lud_port = LDAP_PORT;
#endif
} else if (strcmp ((*ludpp)->lud_scheme, "ldaps") == 0) {
(*ludpp)->lud_port = LDAPS_PORT;
}
}
return rc;
}