Return-Path: 
 <cvs-return-14676-apmail-httpd-cvs-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org
Received: (qmail 74045 invoked by uid 500); 21 Jan 2003 11:06:49 -0000
Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help: <mailto:cvs-help@httpd.apache.org>
list-unsubscribe: <mailto:cvs-unsubscribe@httpd.apache.org>
list-post: <mailto:cvs@httpd.apache.org>
Delivered-To: mailing list cvs@httpd.apache.org
Received: (qmail 74034 invoked by uid 500); 21 Jan 2003 11:06:49 -0000
Delivered-To: apmail-httpd-2.0-cvs@apache.org
Date: 21 Jan 2003 11:06:47 -0000
Message-ID: <20030121110647.81958.qmail@icarus.apache.org>
From: minfrin@apache.org
To: httpd-2.0-cvs@apache.org
Subject: cvs commit: httpd-2.0/modules/experimental util_ldap.c
X-Spam-Rating: 208.185.179.12.available.above.net 1.6.2 0/1000/N

minfrin     2003/01/21 03:06:47

  Modified:    .        CHANGES
               modules/experimental util_ldap.c
  Log:
  Ensure LDAP version is set to v3 on every bind.
  PR: 14235
  Submitted by:	Sergey A. Lipnevich <sergeyli@pisem.net>
  Reviewed by:	Graham Leggett
  
  Revision  Changes    Path
  1.1031    +3 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.1030
  retrieving revision 1.1031
  diff -u -r1.1030 -r1.1031
  --- CHANGES	21 Jan 2003 10:46:57 -0000	1.1030
  +++ CHANGES	21 Jan 2003 11:06:47 -0000	1.1031
  @@ -65,6 +65,9 @@
   
   Changes with Apache 2.0.45
   
  +  *) Ensure LDAP version is set to v3 on every bind. PR 14235.
  +     [Sergey A. Lipnevich <sergeyli@pisem.net>]
  +
     *) Fix mod_ldap to open an existing shared memory file should one
        already exist. PR 12757. [Scooter Morris <scooter@gene.com>, 
        Graham Leggett]
  
  
  
  1.10      +13 -8     httpd-2.0/modules/experimental/util_ldap.c
  
  Index: util_ldap.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/experimental/util_ldap.c,v
  retrieving revision 1.9
  retrieving revision 1.10
  diff -u -r1.9 -r1.10
  --- util_ldap.c	21 Jan 2003 10:53:09 -0000	1.9
  +++ util_ldap.c	21 Jan 2003 11:06:47 -0000	1.10
  @@ -265,6 +265,18 @@
                                     util_ldap_connection_destroy,
                                     apr_pool_cleanup_null);
   
  +#if LDAP_VENDOR_VERSION >= 20000
  +    /* set protocol version 3 on this connection */
  +        {
  +            int version = LDAP_VERSION3;
  +
  +            if ((result = ldap_set_option(ldc->ldap, LDAP_OPT_PROTOCOL_VERSION,
  +                                         &version)) != LDAP_SUCCESS) {
  +                /* setting LDAP version failed - ignore error */
  +            }
  +        }
  +#endif
  +
           /* Set the alias dereferencing option */
   #if LDAP_VERSION_MAX == 2
           ldc->ldap->ld_deref = ldc->deref;
  @@ -301,14 +313,7 @@
   
   #ifdef APU_HAS_LDAP_STARTTLS
           if (ldc->starttls) {
  -            int version = LDAP_VERSION3;
  -
  -            /* Also we have to set the connection to use protocol version 3,
  -             * since we're using TLS. */
  -            if ((result = ldap_set_option(ldc->ldap, LDAP_OPT_PROTOCOL_VERSION,
  -                                         &version)) != LDAP_SUCCESS) {
  -		/* setting LDAP version failed - ignore error */
  -            }
  +            /* LDAP protocol version 3 is required for TLS */
   
               /* 
                * In util_ldap_connection_find, we compare ldc->withtls to