running CURL program on the top of LDAP

Re: running CURL program on the top of LDAP

On Thu, 30 Sep 2004, De Yu Liu wrote:

> The curl program would actually do the transfer on the top of HTTP protocol. 
> What if I want the curl program to do the transfer on the top of LDAP 
> protocol to a LDAP server?

> What should I do?

Make sure you have an LDAP lib libcurl can use (OpenLDAP or the Windows 
wldap32.dll), and then use a proper ldap:// URL (RFC2255, see 
http://curl.haxx.se/rfc/rfc2255.txt).

--

-- 
      Daniel Stenberg -- http://curl.haxx.se -- http://daniel.haxx.se
       Dedicated custom curl help for hire: http://haxx.se/curl.html

Issue 45

TODO-RELEASE:
  45 - Chris' suspected race condition in the windows threaded resolver

I haven't payed attention and couldn't find any posts in the mail-archive
related to this. In what thread was this discussed?

--gv

Re: Remarks on the curl-7.12.1+srp-beta patch (issue 47)

> 
> Hi
> 
> I post this here since I want to discuss this patch on the list where everyone 
> can join in.
> 
> (People, Peter host his patch set here: http://www.edelweb.fr/EdelKey/ and 
> I've just reviewed his patch with the name in the Subject, that is available 
> from this page, or directly at 
> http://www.edelweb.fr/EdelKey/files/curl-7.12.1+srp-beta.patch.gz)
> 
> General:
> 
>   I certainly want libcurl to be able to speak SRP and I appreciate your work
>   on this!
Thanks.

> Remarks:
> 
>   o I don't like to mix the SRP stuff in the defines and variable used for
>     HTTP authentication. Using -u for user and password for the command line
>     tool could possibly be OK, but extending CURLOPT_HTTPAUTH is more than I
>     can take. What if you want SRP for FTPS connections. Should we require
>     users to set CURLOPT_HTTPAUTH for it? It would be really confusing.

I share your opinion about CURLOPT_HTTPAUTH.
The reason for this was to have a first minimal addition
to get a proof of concept (i.e. without adding new options to the setopt).

There is indeed already for FTP and TELNET a mode and implementation available
for clients and servers that use SRP for authentication.

I see a small problem in the user friendliness of the interface to
curl: If -u is used for both basic auth and srp auth, this may result
in a srp password transferred in clear if the user forgets to specify
--srp, etc. 

I tend to prefer simply --srpuser user --srppass password

and to have two new options in setopt.

>     Besides that, SRP doesn't prevent the HTTP server to ask for user and
>     password which will make it simply not work. I can't see how you can add
>     user and password for the transport layer without using new options for it,
>     or break something.
> 
>   o Would it be possible to reverse the OPENSSL_NO_SRP define? I find
>     constructs with double negations like #ifndef OPENSSL_NO_SRP very hard to
>     read.

I agree with you that it is hard to read. 
It follows the normal openssl logic e.g., OPENSSL_NO_ENGINE

> 
>   o Please make the code use less than 80 columns per line
That 
 can
 be
 done. 

> 
>   o Your code writes a zero byte to the user+password string where it finds a
>     colon. It will prevent the same string to be used multiple times, which we
>     indeed want to!

It reverts the zero to the initial value. The string is an internal copy, can
it be used concurrently by several threads (multi??). 

As indicated I'll propose that I remove the overloading
of CURLOPT_HTTPAUTH, and add two parameters, 
one for a user one for a password.

> 
> Again: thanks for your contribution!
I am very "lazy" person, adding <1% of code to some existing is easier work than
writing everything yourself.  

Any comments are welcome. (After today, I may not answer before next Wednesday).

Peter

strippath() crash

A command like "curl --form= <at> foo .." crashes in strippath()
where strdup() is given an address 1 from basename.

I think this basename() is better:

--- CVS-latest/lib/formdata.c      Fri Oct 01 08:36:11 2004
+++ lib/formdata.c   Fri Oct 01 12:09:12 2004
 <at>  <at>  -944,7 +944,7  <at>  <at> 
   if(s1 && s2) {
     path = (s1 > s2? s1 : s2)+1;
   }
-  else {
+  else if (s1 || s2) {
     path = (s1 ? s1 : s2)+1;
   }

A drive + driveletter ("c:\") should maybe be handled too?

--gv

Re: strippath() crash

Hello Gisele

Gisle Vanem wrote:
> A command like "curl --form= <at> foo .." crashes in strippath()
> where strdup() is given an address 1 from basename.
> 
> I think this basename() is better:
> 
> --- CVS-latest/lib/formdata.c      Fri Oct 01 08:36:11 2004
> +++ lib/formdata.c   Fri Oct 01 12:09:12 2004
>  <at>  <at>  -944,7 +944,7  <at>  <at> 
>   if(s1 && s2) {
>     path = (s1 > s2? s1 : s2)+1;
>   }
> -  else {
> +  else if (s1 || s2) {
>     path = (s1 ? s1 : s2)+1;
>   }

I think a

   else if (s1)
     path = s1+1;
   else if (s2)
     path = s2+1;

is simpler (and easier to read...)

Bye

Goetz

--

-- 
Goetz Babin-Ebell, software designer,
TC TrustCenter AG, Sonninstr. 24-28, 20097 Hamburg, Germany
Office: +49-(0)40 80 80 26 -0,  Fax: +49-(0)40 80 80 26 -126
www.trustcenter.de www.betrusted.com

Re: Issue 45

On Fri, 1 Oct 2004, Gisle Vanem wrote:

> 45 - Chris' suspected race condition in the windows threaded resolver
>
> I haven't payed attention and couldn't find any posts in the mail-archive 
> related to this. In what thread was this discussed?

His post is here:

 	http://curl.haxx.se/mail/lib-2004-09/0180.html

--

-- 
      Daniel Stenberg -- http://curl.haxx.se -- http://daniel.haxx.se
       Dedicated custom curl help for hire: http://haxx.se/curl.html

Re: Issue 45

"Daniel Stenberg" wrote:

>> I haven't payed attention and couldn't find any posts in the mail-archive 
>> related to this. In what thread was this discussed?
> 
> His post is here:
> 
>  http://curl.haxx.se/mail/lib-2004-09/0180.html

His (Cris / Bob Bob?) point makes sense. But then isn't the C-ares 
resolver is in trouble too? addrinfo_callback() should maybe set
'conn->async.done' after 'conn->async.dns'. Or Curl_is_resolved()
should stall while the callback is active.

--gv

Re: [patch] use only basename in "filename" attribute in -F post

On Mon, 27 Sep 2004, Fedor Karpelevitch wrote:

> Attached is my patch to fix this problem

Thanks, I did modify it somewhat and I've comitted it.

--

-- 
      Daniel Stenberg -- http://curl.haxx.se -- http://daniel.haxx.se
       Dedicated custom curl help for hire: http://haxx.se/curl.html

Re: [patch] libcurl 7.12.2-20040917 and CURLOPT_VERBOSE may read free()ed data

On Wed, 29 Sep 2004, Bertrand Demiddelaer wrote:

> Btw, my first attempt to put the code concerning dns cache update in 
> Curl_done() to Curl_disconnect() (basically copy-paste of the 
> 'Curl_resolv_unlock() .... Curl_hostcache_prune()' section) had lead me to a 
> infinite hang in test 001 (any ideas on it ?). That was another of the bad 
> reasons which made me study the current patch.

Post the patch here and I'll have a go at it!

--

-- 
      Daniel Stenberg -- http://curl.haxx.se -- http://daniel.haxx.se
       Dedicated custom curl help for hire: http://haxx.se/curl.html