LDAP: Support for tunnelling queries through HTTP proxy
As of curl-7.21.1 tunnelling ldap queries through HTTP Proxies is not supported. Actually if --proxytunnel command-line option (or equivalent CURLOPT_HTTPPROXYTUNNEL) is used for ldap queries like ldap://ldap.my.server.com/... You are unable to successfully execute the query. In facts ldap_*_bind is executed directly against the ldap server and proxy is totally ignored. This is true for both openLDAP and Microsoft LDAP API. Step to reproduce the error: Just launch "curl --proxytunnel --proxy 192.168.1.1:8080 ldap://ldap.my.server.com/dc=... " This fix adds an invocation to Curl_proxyCONNECT against the provided proxy address and on successful "CONNECT" it tunnels ldap query to the final ldap server through the HTTP proxy. As far as I know Microsoft LDAP APIs don't permit tunnelling in any way so the patch provided is for OpenLDAP only. The patch has been developed against OpenLDAP 2.4.23 and has been tested with Microsoft ISA Server 2006 and works properly with basic, digest and NTLM authentication.
parent
a76f852c
Please register or sign in to comment