apr-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bnicho...@apache.org
Subject svn commit: r111988 - /apr/apr-util/trunk/CHANGES /apr/apr-util/trunk/include/apr_ldap_init.h /apr/apr-util/trunk/ldap/apr_ldap_init.c
Date Wed, 15 Dec 2004 16:24:12 GMT
Author: bnicholes
Date: Wed Dec 15 08:24:10 2004
New Revision: 111988

URL: http://svn.apache.org/viewcvs?view=rev&rev=111988
Log:
Added the apr_ldap_ssl_add_cert() API to allow multiple certificates to be stored and used
when establishing an SSL connection to different LDAP servers.
Modified:
   apr/apr-util/trunk/CHANGES
   apr/apr-util/trunk/include/apr_ldap_init.h
   apr/apr-util/trunk/ldap/apr_ldap_init.c

Modified: apr/apr-util/trunk/CHANGES
Url: http://svn.apache.org/viewcvs/apr/apr-util/trunk/CHANGES?view=diff&rev=111988&p1=apr/apr-util/trunk/CHANGES&r1=111987&p2=apr/apr-util/trunk/CHANGES&r2=111988
==============================================================================
--- apr/apr-util/trunk/CHANGES	(original)
+++ apr/apr-util/trunk/CHANGES	Wed Dec 15 08:24:10 2004
@@ -1,5 +1,9 @@
 Changes with APR-util 1.1.0
 
+  *) Added the apr_ldap_ssl_add_cert() API to allow multiple certificates
+     to be stored and used when establishing an SSL connection to different
+     LDAP servers. [Brad Nicholes]
+     
   *) Emit the run-time link path option in apu-config after installation
      if the user is linking with libtool.  [Justin Erenkrantz]
 

Modified: apr/apr-util/trunk/include/apr_ldap_init.h
Url: http://svn.apache.org/viewcvs/apr/apr-util/trunk/include/apr_ldap_init.h?view=diff&rev=111988&p1=apr/apr-util/trunk/include/apr_ldap_init.h&r1=111987&p2=apr/apr-util/trunk/include/apr_ldap_init.h&r2=111988
==============================================================================
--- apr/apr-util/trunk/include/apr_ldap_init.h	(original)
+++ apr/apr-util/trunk/include/apr_ldap_init.h	Wed Dec 15 08:24:10 2004
@@ -34,6 +34,11 @@
                                    int cert_file_type,
                                    apr_ldap_err_t **result_err);
 
+APU_DECLARE(int) apr_ldap_ssl_add_cert(apr_pool_t *pool,
+                                   const char *cert_auth_file,
+                                   int cert_file_type,
+                                   apr_ldap_err_t **result_err);
+
 APU_DECLARE(int) apr_ldap_ssl_deinit(void);
 
 APU_DECLARE(int) apr_ldap_init(apr_pool_t *pool,

Modified: apr/apr-util/trunk/ldap/apr_ldap_init.c
Url: http://svn.apache.org/viewcvs/apr/apr-util/trunk/ldap/apr_ldap_init.c?view=diff&rev=111988&p1=apr/apr-util/trunk/ldap/apr_ldap_init.c&r1=111987&p2=apr/apr-util/trunk/ldap/apr_ldap_init.c&r2=111988
==============================================================================
--- apr/apr-util/trunk/ldap/apr_ldap_init.c	(original)
+++ apr/apr-util/trunk/ldap/apr_ldap_init.c	Wed Dec 15 08:24:10 2004
@@ -46,6 +46,49 @@
                                    int cert_file_type,
                                    apr_ldap_err_t **result_err) {
 
+    apr_ldap_err_t *result;
+
+    if (cert_auth_file) {
+        return apr_ldap_ssl_add_cert(pool, cert_auth_file, cert_file_type, result_err);
+    }
+    else {
+        result = (apr_ldap_err_t *)apr_pcalloc(pool, sizeof(apr_ldap_err_t));
+        *result_err = result;
+#if APR_HAS_LDAP_SSL /* compiled with ssl support */
+
+#if APR_HAS_NOVELL_LDAPSDK
+        result->rc = ldapssl_client_init(NULL, NULL);
+
+        if (LDAP_SUCCESS == result->rc) {
+            return APR_SUCCESS;
+        }
+        else {
+            result->msg = ldap_err2string(result-> rc);
+            result->reason = apr_pstrdup (pool, "LDAP: Could not initialize SSL");
+            return APR_EGENERAL;
+        }
+#endif
+
+#else
+        result->reason = "LDAP: Attempt to initialize SSL failed. "
+                  "Not built with SSL support.";
+        result->rc = -1;
+        return APR_EGENERAL;
+#endif
+    }
+
+    /* if no cert_auth_file was passed, we assume SSL support
+     * is possible, as we have not been specifically told otherwise.
+     */
+    return APR_SUCCESS;
+
+} 
+
+APU_DECLARE(int) apr_ldap_ssl_add_cert(apr_pool_t *pool,
+                                   const char *cert_auth_file,
+                                   int cert_file_type,
+                                   apr_ldap_err_t **result_err) {
+
     apr_ldap_err_t *result = (apr_ldap_err_t *)apr_pcalloc(pool, sizeof(apr_ldap_err_t));
     *result_err = result;
 
@@ -96,7 +139,7 @@
             result->reason = "LDAP: Invalid certificate type: "
                              "DER or BASE64 type required";
             result->rc = -1;
-        }
+        }        
 
 #elif APR_HAS_OPENLDAP_LDAPSDK
 

Mime
View raw message