Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Why did CentOS 8.x curl drop ldap url support?
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Jamshid Afshar via curl-users <curl-users_at_lists.haxx.se>
Date: Thu, 31 Mar 2022 23:13:11 -0500
I'm hoping someone on curl-users knows why CentOS 8, and probably
RedHat 8.x, have dropped "ldap" support in their pre-installed curl?
It now reports:
curl: (1) Protocol "ldap" not supported or disabled in libcurl
Was it a conscious decision, maybe to reduce attack surface, or save a
few bytes?
I should post this to a CentOS forum but I don't have much luck there.
Curl's support for ldap is really helpful when diagnosing network and
configuration issues. Remember ldap urls can include search
parameters.
I see ldap support is in Fedora's curl (see below tests using docker),
so maybe support will come back to centos 8.x?
Thanks,
Jamshid
==========================
# centos 8 curl dropped support for ldap, it is in centos 7.
% docker run -ti centos:8 bash
[root_at_d23ca25a38cb /]# curl ldap://openldap.example.com
curl: (1) Protocol "ldap" not supported or disabled in libcurl
[root_at_d23ca25a38cb /]# curl -V
curl 7.61.1 (x86_64-redhat-linux-gnu) libcurl/7.61.1 OpenSSL/1.1.1g
zlib/1.2.11 nghttp2/1.33.0
Release-Date: 2018-09-05
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s
rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IPv6 Largefile GSS-API Kerberos SPNEGO NTLM
NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets HTTPS-proxy Metalink
# Fedora still has ldap support, maybe that means it will come back in centos 8?
% docker run -ti fedora:latest bash
[root_at_5a056cca9b75 /]# curl ldap://openldap.example.com
DN:
objectClass: top
objectClass: OpenLDAProotDSE
[root_at_5a056cca9b75 /]# curl -V
curl 7.79.1 (x86_64-redhat-linux-gnu) libcurl/7.79.1
OpenSSL/1.1.1l-fips zlib/1.2.11 brotli/1.0.9 libidn2/2.3.2
libpsl/0.21.1 (+libidn2/2.3.2) libssh/0.9.6/openssl/zlib
nghttp2/1.45.1 OpenLDAP/2.4.59
Release-Date: 2021-09-22
Protocols: dict file ftp ftps gopher gophers http https imap imaps
ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet
tftp
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN
IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP
UnixSockets
[root_at_5a056cca9b75 /]#
% docker run -ti debian:11 bash
root_at_f5ca979da060:/# apt-get update && apt-get install -y curl
root_at_f5ca979da060:/# curl -V
curl 7.74.0 (x86_64-pc-linux-gnu) libcurl/7.74.0 OpenSSL/1.1.1k
zlib/1.2.11 brotli/1.0.9 libidn2/2.3.0 libpsl/0.21.0 (+libidn2/2.3.0)
libssh2/1.9.0 nghttp2/1.43.0 librtmp/2.3
Release-Date: 2020-12-09
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps
mqtt pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli GSS-API HTTP2 HTTPS-proxy IDN IPv6
Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP
UnixSockets
root_at_f5ca979da060:/# curl ldap://openldap.example.com
DN:
objectClass: top
objectClass: OpenLDAProotDSE
Date: Thu, 31 Mar 2022 23:13:11 -0500
I'm hoping someone on curl-users knows why CentOS 8, and probably
RedHat 8.x, have dropped "ldap" support in their pre-installed curl?
It now reports:
curl: (1) Protocol "ldap" not supported or disabled in libcurl
Was it a conscious decision, maybe to reduce attack surface, or save a
few bytes?
I should post this to a CentOS forum but I don't have much luck there.
Curl's support for ldap is really helpful when diagnosing network and
configuration issues. Remember ldap urls can include search
parameters.
I see ldap support is in Fedora's curl (see below tests using docker),
so maybe support will come back to centos 8.x?
Thanks,
Jamshid
==========================
# centos 8 curl dropped support for ldap, it is in centos 7.
% docker run -ti centos:8 bash
[root_at_d23ca25a38cb /]# curl ldap://openldap.example.com
curl: (1) Protocol "ldap" not supported or disabled in libcurl
[root_at_d23ca25a38cb /]# curl -V
curl 7.61.1 (x86_64-redhat-linux-gnu) libcurl/7.61.1 OpenSSL/1.1.1g
zlib/1.2.11 nghttp2/1.33.0
Release-Date: 2018-09-05
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s
rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IPv6 Largefile GSS-API Kerberos SPNEGO NTLM
NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets HTTPS-proxy Metalink
# Fedora still has ldap support, maybe that means it will come back in centos 8?
% docker run -ti fedora:latest bash
[root_at_5a056cca9b75 /]# curl ldap://openldap.example.com
DN:
objectClass: top
objectClass: OpenLDAProotDSE
[root_at_5a056cca9b75 /]# curl -V
curl 7.79.1 (x86_64-redhat-linux-gnu) libcurl/7.79.1
OpenSSL/1.1.1l-fips zlib/1.2.11 brotli/1.0.9 libidn2/2.3.2
libpsl/0.21.1 (+libidn2/2.3.2) libssh/0.9.6/openssl/zlib
nghttp2/1.45.1 OpenLDAP/2.4.59
Release-Date: 2021-09-22
Protocols: dict file ftp ftps gopher gophers http https imap imaps
ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet
tftp
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN
IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP
UnixSockets
[root_at_5a056cca9b75 /]#
% docker run -ti debian:11 bash
root_at_f5ca979da060:/# apt-get update && apt-get install -y curl
root_at_f5ca979da060:/# curl -V
curl 7.74.0 (x86_64-pc-linux-gnu) libcurl/7.74.0 OpenSSL/1.1.1k
zlib/1.2.11 brotli/1.0.9 libidn2/2.3.0 libpsl/0.21.0 (+libidn2/2.3.0)
libssh2/1.9.0 nghttp2/1.43.0 librtmp/2.3
Release-Date: 2020-12-09
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps
mqtt pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli GSS-API HTTP2 HTTPS-proxy IDN IPv6
Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP
UnixSockets
root_at_f5ca979da060:/# curl ldap://openldap.example.com
DN:
objectClass: top
objectClass: OpenLDAProotDSE
-- Unsubscribe: https://lists.haxx.se/listinfo/curl-users Etiquette: https://curl.haxx.se/mail/etiquette.htmlReceived on 2022-04-01