/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2013 The OpenLDAP Foundation.
+ * Copyright 1998-2015 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
#endif /* HAVE_TLS */
-#ifdef LDAP_DEVEL
#define LDAP_USE_NON_BLOCKING_TLS
-#endif /* LDAP_DEVEL */
/* RFC2459 minimum required set of supported attribute types
* in a certificate DN
case LDAP_OPT_X_TLS_CONNECT_ARG:
*(void **)arg = lo->ldo_tls_connect_arg;
break;
+ case LDAP_OPT_X_TLS_VERSION: {
+ void *sess = NULL;
+ const char *retval = NULL;
+ if ( ld != NULL ) {
+ LDAPConn *conn = ld->ld_defconn;
+ if ( conn != NULL ) {
+ Sockbuf *sb = conn->lconn_sb;
+ sess = ldap_pvt_tls_sb_ctx( sb );
+ if ( sess != NULL )
+ retval = ldap_pvt_tls_get_version( sess );
+ }
+ }
+ *(char **)arg = retval ? LDAP_STRDUP( retval ) : NULL;
+ break;
+ }
+ case LDAP_OPT_X_TLS_CIPHER: {
+ void *sess = NULL;
+ const char *retval = NULL;
+ if ( ld != NULL ) {
+ LDAPConn *conn = ld->ld_defconn;
+ if ( conn != NULL ) {
+ Sockbuf *sb = conn->lconn_sb;
+ sess = ldap_pvt_tls_sb_ctx( sb );
+ if ( sess != NULL )
+ retval = ldap_pvt_tls_get_cipher( sess );
+ }
+ }
+ *(char **)arg = retval ? LDAP_STRDUP( retval ) : NULL;
+ break;
+ }
+ case LDAP_OPT_X_TLS_PEERCERT: {
+ void *sess = NULL;
+ struct berval *bv = arg;
+ bv->bv_len = 0;
+ bv->bv_val = NULL;
+ if ( ld != NULL ) {
+ LDAPConn *conn = ld->ld_defconn;
+ if ( conn != NULL ) {
+ Sockbuf *sb = conn->lconn_sb;
+ sess = ldap_pvt_tls_sb_ctx( sb );
+ if ( sess != NULL )
+ return ldap_pvt_tls_get_peercert( sess, bv );
+ }
+ }
+ break;
+ }
+
default:
return -1;
}
tls_session *session = s;
return tls_imp->ti_session_cipher( session );
}
+
+int
+ldap_pvt_tls_get_peercert( void *s, struct berval *der )
+{
+ tls_session *session = s;
+ return tls_imp->ti_session_peercert( session, der );
+}
#endif /* HAVE_TLS */
int