summaryrefslogtreecommitdiff
path: root/lib/ldap.c
Commit message (Collapse)AuthorAgeFilesLines
* ldap: fix LDAP URL parsing regressionsSamuel Surtees2018-12-111-5/+10
| | | | | | | | | - Match URL scheme with LDAP and LDAPS - Retrieve attributes, scope and filter from URL query instead Regression brought in 46e164069d1a5230 (7.62.0) Closes #3362
* ldap: show precise LDAP call in error message on WindowsViktor Szakats2018-10-091-1/+7
| | | | | | | | | | Also add a unique but common text ('bind via') to make it easy to grep this specific failure regardless of platform. Ref: https://github.com/curl/curl/pull/878/files#diff-7a636f08047c4edb53a240f540b4ecf6R468 Closes https://github.com/curl/curl/pull/3118 Reviewed-by: Daniel Stenberg <daniel@haxx.se> Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
* url: use the URL API internally as wellDaniel Stenberg2018-09-221-5/+5
| | | | | | ... to make it a truly unified URL parser. Closes #3017
* boringssl + schannel: undef X509_NAME in lib/schannel.hGisle Vanem2018-06-081-9/+0
| | | | | | | Fixes the build problem when both boringssl and schannel are enabled. Fixes #2634 Closes #2643
* ldap: silence clang warningViktor Szakats2017-10-151-1/+3
| | | | | | | Use memset() to initialize a structure to avoid LLVM/Clang warning: ldap.c:193:39: warning: missing field 'UserLength' initializer [-Wmissing-field-initializers] Closes https://github.com/curl/curl/pull/1992
* code style: use spaces around equals signsDaniel Stenberg2017-09-111-2/+2
|
* ldap: fix MinGW compiler warningMarcel Raad2017-07-101-2/+1
| | | | | | | | | | ldap_bind_s is marked as deprecated in w32api's winldap.h shipping with the latest original MinGW, resulting in compiler warnings since commit f0fe66f13c93d3d0af45d9fb1231c9164e0f9dc8. Fix this for the non-SSPI case by using ldap_simple_bind_s again instead of ldap_bind_s with LDAP_AUTH_SIMPLE. Closes https://github.com/curl/curl/pull/1664
* handler: refactor connection checkingMax Dymond2017-06-301-0/+2
| | | | | | Add a new type of callback to Curl_handler which performs checks on the connection. Alter RTSP so that it uses this callback to do its own check on connection health.
* LDAP: fixed checksrc issueSergei Nikulov2017-05-241-2/+2
|
* LDAP: using ldap_bind_s on Windows with methods (#878)Sergei Nikulov2017-05-231-16/+85
| | | | | | | | * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
* checksrc: stricter no-space-before-paren enforcementDaniel Stenberg2016-12-131-16/+16
| | | | In order to make the code style more uniform everywhere
* checksrc: code style: use 'char *name' styleDaniel Stenberg2016-11-241-1/+1
|
* proxy: Support HTTPS proxy and SOCKS+HTTP(s)Alex Rousskov2016-11-241-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
* ldap: fix includeDaniel Stenberg2016-10-311-1/+0
| | | | Fix bug from 811a693b80
* strcase: s/strequal/strcasecompareDaniel Stenberg2016-10-311-13/+13
| | | | some more follow-ups to 811a693b80
* ldap: fix strcase useDaniel Stenberg2016-10-311-1/+1
| | | | follow-up to 811a693b80
* strcasecompare: all case insensitive string compares ignore locale nowDaniel Stenberg2016-10-311-2/+2
| | | | | We had some confusions on when each function was used. We should not act differently on different locales anyway.
* escape: avoid using curl_easy_unescape() internallyDaniel Stenberg2016-10-311-11/+15
| | | | Since the internal Curl_urldecode() function has a better API.
* internals: rename the SessionHandle struct to Curl_easyDaniel Stenberg2016-06-221-1/+1
|
* lib: include curl_printf.h as one of the last headersDaniel Stenberg2016-04-291-2/+1
| | | | | | | | | | | | | | | | | | | | curl_printf.h defines printf to curl_mprintf, etc. This can cause problems with external headers which may use __attribute__((format(printf, ...))) markers etc. To avoid that they cause problems with system includes, we include curl_printf.h after any system headers. That makes the three last headers to always be, and we keep them in this order: curl_printf.h curl_memory.h memdebug.h None of them include system headers, they all do funny #defines. Reported-by: David Benjamin Fixes #743
* code: style updatesDaniel Stenberg2016-04-031-3/+3
|
* URLs: change all http:// URLs to https://Daniel Stenberg2016-02-031-1/+1
|
* curl_memory: make curl_memory.h the second-last header file loadedDan Fandrich2015-03-241-1/+3
| | | | | | | This header file must be included after all header files except memdebug.h, as it does similar memory function redefinitions and can be similarly affected by conflicting definitions in system or dependent library headers.
* checksrc: use space after commaDaniel Stenberg2015-03-171-1/+1
|
* free: instead of Curl_safefree()Daniel Stenberg2015-03-161-5/+5
| | | | | | | | | | | | Since we just started make use of free(NULL) in order to simplify code, this change takes it a step further and: - converts lots of Curl_safefree() calls to good old free() - makes Curl_safefree() not check the pointer before free() The (new) rule of thumb is: if you really want a function call that frees a pointer and then assigns it to NULL, then use Curl_safefree(). But we will prefer just using free() from now on.
* Bug #149: Deletion of unnecessary checks before calls of the function "free"Markus Elfring2015-03-161-5/+2
| | | | | | | | | | | The function "free" is documented in the way that no action shall occur for a passed null pointer. It is therefore not needed that a function caller repeats a corresponding check. http://stackoverflow.com/questions/18775608/free-a-null-pointer-anyway-or-check-first This issue was fixed by using the software Coccinelle 1.0.0-rc24. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
* mprintf.h: remove #ifdef CURLDEBUGDaniel Stenberg2015-03-031-4/+1
| | | | | ... and as a consequence, introduce curl_printf.h with that re-define magic instead and make all libcurl code use that instead.
* ldap: build with BoringSSLGisle Vanem2015-01-281-0/+9
|
* ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAPSteve Holme2015-01-181-27/+27
| | | | | For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define.
* ldap: Convert attribute output to UTF-8 when UnicodeSteve Holme2015-01-071-5/+40
|
* ldap: Convert DN output to UTF-8 when UnicodeSteve Holme2015-01-071-5/+27
|
* ldap/imap: Fixed spelling mistake in comments and variable namesSteve Holme2015-01-071-24/+24
| | | | Reported-by: Michael Osipov
* ldap: Fixed Unicode usage for all Win32 buildsSteve Holme2015-01-041-24/+12
| | | | | | Otherwise, the fixes in the previous commits would only be applicable to IDN and SSPI based builds and not others such as OpenSSL with LDAP enabled.
* ldap: Fixed memory leak from commit efb64fdf80Steve Holme2015-01-041-4/+1
|
* ldap: Fix memory leak from commit 3a805c5cc1Steve Holme2015-01-041-0/+2
|
* ldap: Fixed attribute variable warnings when Unicode is enabledSteve Holme2015-01-041-0/+10
| | | | Use 'TCHAR *' for local attribute variable rather than 'char *'.
* ldap: Fixed DN variable warnings when Unicode is enabledSteve Holme2015-01-041-0/+6
| | | | Use 'TCHAR *' for local DN variable rather than 'char *'.
* ldap: Remove the unescape_elements() functionSteve Holme2015-01-041-15/+3
| | | | Due to the recent modifications this function is no longer used.
* ldap.c: Fixed compilation warningSteve Holme2015-01-041-1/+1
| | | | ldap.c:98: warning: extra tokens at end of #endif directive
* ldap: Fixed support for Unicode filter in Win32 search callSteve Holme2015-01-041-15/+43
|
* ldap.c: Fixed compilation warningSteve Holme2015-01-041-1/+1
| | | | | ldap.c:802: warning: comparison between signed and unsigned integer expressions
* ldap: Fixed support for Unicode attributes in Win32 search callSteve Holme2015-01-041-28/+80
|
* ldap: Fixed memory leak from commit efb64fdf80Steve Holme2015-01-041-2/+6
| | | | The unescapped DN was not freed after a successful character conversion.
* ldap.c: Fixed compilation errorSteve Holme2015-01-041-1/+1
| | | | | ldap.c:738: error: macro "LDAP_TRACE" passed 2 arguments, but takes just 1
* ldap.c: Fixed compilation warningSteve Holme2015-01-041-1/+1
| | | | ldap.c:89: warning: extra tokens at end of #endif directive
* ldap: Fixed support for Unicode DN in Win32 search callSteve Holme2015-01-041-26/+66
|
* ldap: Fixed Unicode user and password in Win32 bind callsSteve Holme2015-01-041-6/+23
|
* ldap: Fixed Unicode host name in Win32 initialisation callsSteve Holme2015-01-041-4/+28
|
* ldap: Use host.dispname for infof() connection failure messagesSteve Holme2015-01-041-3/+3
| | | | As host.name may be encoded use dispname for infof() failure messages.
* ldap: Prefer 'CURLcode result' for curl result codesSteve Holme2015-01-031-7/+7
|