expose ldap_tls_inplace()

[openldap] / libraries / libldap / tls.c

diff --git a/libraries/libldap/tls.c b/libraries/libldap/tls.c
index 0672ce5952401c6b9f0dfd61385cf78ae9a6bf7a..4f7a08b9e6b580464314138595b14fa2c3acf778 100644 (file)
--- a/libraries/libldap/tls.c
+++ b/libraries/libldap/tls.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2004 The OpenLDAP Foundation.
+ * Copyright 1998-2005 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -827,6 +827,20 @@ ldap_pvt_tls_inplace ( Sockbuf *sb )
        return HAS_TLS( sb ) ? 1 : 0;
 }
 
+int
+ldap_tls_inplace( LDAP *ld )
+{
+       Sockbuf         *sb = NULL;
+       int             rc;
+
+       rc = ldap_get_option( ld, LDAP_OPT_SOCKBUF, (void *)&sb );
+       if ( rc != LDAP_SUCCESS || sb == NULL ) {
+               return 0;
+       }
+
+       return ldap_pvt_tls_inplace( sb );
+}
+
 static X509 *
 tls_get_cert( SSL *s )
 {
@@ -1651,14 +1665,39 @@ ldap_pvt_tls_get_my_dn( void *s, struct berval *dn, LDAPDN_rewrite_dummy *func,
 #endif
 }
 
+int
+ldap_start_tls( LDAP *ld,
+       LDAPControl **serverctrls,
+       LDAPControl **clientctrls,
+       int *msgidp )
+{
+       return ldap_extended_operation( ld, LDAP_EXOP_START_TLS,
+               NULL, serverctrls, clientctrls, msgidp );
+}
+
+int
+ldap_install_tls( LDAP *ld )
+{
+#ifndef HAVE_TLS
+       return LDAP_NOT_SUPPORTED;
+#else
+       if ( ld->ld_sb != NULL && ldap_pvt_tls_inplace( ld->ld_sb ) != 0 ) {
+               return LDAP_LOCAL_ERROR;
+       }
+
+       return ldap_int_tls_start( ld, ld->ld_defconn, NULL );
+#endif
+}
+
 int
 ldap_start_tls_s ( LDAP *ld,
        LDAPControl **serverctrls,
        LDAPControl **clientctrls )
 {
+#ifndef HAVE_TLS
+       return LDAP_NOT_SUPPORTED;
+#else
        int rc;
-
-#ifdef HAVE_TLS
        char *rspoid = NULL;
        struct berval *rspdata = NULL;
 
@@ -1683,9 +1722,7 @@ ldap_start_tls_s ( LDAP *ld,
                rc = ldap_int_tls_start( ld, ld->ld_defconn, NULL );
        }
 
-#else
-       rc = LDAP_NOT_SUPPORTED;
-#endif
        return rc;
+#endif
 }