curl-library
Re: Problem with LDAP access through SOCKS v4/v5
Date: Thu, 4 Sep 2008 11:09:34 +0200
Hi Patrick.
Thank you for your help.
I don't think it's an authorization problem, since using the following code:
(withouth socks proxy through a modem connection)
CURL *curl;
CURLcode res;
FILE *outfile;
char *cpErrBuff = new char [4096];
memset (cpErrBuff, 0, 4096);
curl_global_init(CURL_GLOBAL_ALL);
curl = curl_easy_init();
if(curl)
{
outfile = fopen("C:/test_curl.crl", "wb");
printf ("CURL Version : %s\n", curl_version( ));
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, cpErrBuff);
curl_easy_setopt(curl, CURLOPT_URL, "ldap://
ldap.actalis.it:389/cn=Actalis Qualified Certificates CA,ou=Qualified
Certification Service Provider,o=Actalis
S.p.A.,c=IT?certificateRevocationList=*,certificateRevocationList;binary?subtree?objectClass=*");
curl_easy_setopt(curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible;
MSIE 6.0; Windows NT 5.1; SV1)");
curl_easy_setopt(curl, CURLOPT_WRITEDATA, outfile);
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, my_write_func);
curl_easy_setopt(curl, CURLOPT_READFUNCTION, my_read_func);
res = curl_easy_perform(curl);
cout << endl << cpErrBuff<< endl << endl;
fclose(outfile);
curl_easy_cleanup(curl);
}
I get the following printout:
CURL Version : libcurl/7.18.2:
* About to connect() to ldap.actalis.it port 389 (#0)
* Trying 193.203.230.228... * connected
* Connected to ldap.actalis.it (193.203.230.228) port 389 (#0)
* LDAP local: LDAP Vendor = Microsoft Corporation. ; LDAP Version = 510
* LDAP local: ldap://ldap.actalis.it:389/cn=Actalis Qualified Certificates
CA,ou
=Qualified Certification Service Provider,o=Actalis
S.p.A.,c=IT?certificateRevoc
ationList=*,certificateRevocationList;binary?subtree?objectClass=*
* LDAP local: trying to establish cleartext connection
Closing connection #0
and I succeed to get the CRL file.
If I add the instruction:
curl_easy_setopt(curl, CURLOPT_USERPWD, "anonymous");
I get the following error:
CURL Version : libcurl/7.18.2:
* About to connect() to ldap.actalis.it port 389 (#0)
* Trying 193.203.230.228... * connected
* Connected to ldap.actalis.it (193.203.230.228) port 389 (#0)
* LDAP local: LDAP Vendor = Microsoft Corporation. ; LDAP Version = 510
* LDAP local: ldap://ldap.actalis.it:389/cn=Actalis Qualified Certificates
CA,ou
=Qualified Certification Service Provider,o=Actalis
S.p.A.,c=IT?certificateRevoc
ationList=*,certificateRevocationList;binary?subtree?objectClass=*
* LDAP local: trying to establish cleartext connection
* LDAP local: ldap_simple_bind_s DN syntax not valid
Closing connection #0
When I try to perform the same ldap request trough a Socket 4/5
with the following code:
CURL *curl;
CURLcode res;
FILE *outfile;
char *cpErrBuff = new char [4096];
memset (cpErrBuff, 0, 4096);
curl_global_init(CURL_GLOBAL_ALL);
curl = curl_easy_init();
if(curl)
{
outfile = fopen("C:/test_curl.crl", "wb");
printf ("CURL Version : %s\n", curl_version( ));
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, cpErrBuff);
curl_easy_setopt(curl, CURLOPT_URL, "ldap://
ldap.actalis.it:389/cn=Actalis Qualified Certificates CA,ou=Qualified
Certification Service Provider,o=Actalis
S.p.A.,c=IT?certificateRevocationList=*,certificateRevocationList;binary?subtree?objectClass=*");
curl_easy_setopt(curl, CURLOPT_PROXY, "xxx.xxx.xxx.xxx:1080");
curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS4);
//curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
curl_easy_setopt(curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible;
MSIE 6.0; Windows NT 5.1; SV1)");
curl_easy_setopt(curl, CURLOPT_WRITEDATA, outfile);
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, my_write_func);
curl_easy_setopt(curl, CURLOPT_READFUNCTION, my_read_func);
res = curl_easy_perform(curl);
cout << endl << cpErrBuff<< endl << endl;
fclose(outfile);
curl_easy_cleanup(curl);
}
I get the following printout:
CURL Version : libcurl/7.18.2:
* About to connect() to proxy xxx.yyy.www.zzz port 1080 (#0)
* Trying xxx.xxx.xxx.xxx... * connected
* SOCKS4 request granted.
* Connected to xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx) port 1080 (#0)
* LDAP local: LDAP Vendor = Microsoft Corporation. ; LDAP Version = 510
* LDAP local: ldap://ldap.actalis.it:389/cn=Actalis Qualified Certificates
CA,ou
=Qualified Certification Service Provider,o=Actalis
S.p.A.,c=IT?certificateRevoc
ationList=*,certificateRevocationList;binary?subtree?objectClass=*
* LDAP local: trying to establish cleartext connection
* LDAP local: ldap_simple_bind_s Not available
Closing connection #0
wherever I add or not the statement:
curl_easy_setopt(curl, CURLOPT_USERPWD, "anonymous");
I need to use ldap trough a socket server.
Can someone please help me?
Thank you in advance,
Massimiliano Ziccardi
On Wed, Sep 3, 2008 at 4:38 PM, Patrick Monnerat
<Patrick.Monnerat_at_datasphere.ch> wrote:
>
> Massimiliano Ziccardi wrote:
>
> > and I got the same error with message: LDAP local: ldap_simple_bind_s
> Not available
> using both SOCKS4 and SOCKS5.
>
> I remember I had the same kind of problems months ago, without SOCKS,
> and without curl :-/
> They came from the server (M$ AD), and the "not available" message did
> not refer to the listed API, but to the authentication: the password was
> good, but the user was not authorized on the given root DN. The same
> errors on a non M$ server resulted in better error messages !
>
> I cannot be sure about that, but I suspect an
> authentication/authorization problem. Perhaps try with some command like
> "ldapsearch" to help determine the problem.
>
> Also make sure the LDAP server is accessible: the error message could
> well be understood as: "LDAP agent not available"...
>
> Hope this helps,
> Patrick
>
Received on 2008-09-04