/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2016 The OpenLDAP Foundation.
+ * Copyright 1998-2017 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
#endif /* HAVE_TLS */
+#ifndef HAVE_MOZNSS
#define LDAP_USE_NON_BLOCKING_TLS
+#endif
/* RFC2459 minimum required set of supported attribute types
* in a certificate DN
tls_init( ti );
if ( is_server && !lts.lt_certfile && !lts.lt_keyfile &&
- !lts.lt_cacertfile && !lts.lt_cacertdir ) {
+ !lts.lt_cacertfile && !lts.lt_cacertdir &&
+ !lts.lt_cacert.bv_val && !lts.lt_cert.bv_val &&
+ !lts.lt_key.bv_val ) {
/* minimum configuration not provided */
return LDAP_NOT_SUPPORTED;
}
}
break;
}
+ case LDAP_OPT_X_TLS_CACERT: {
+ struct berval *bv = arg;
+ if ( lo->ldo_tls_cacert.bv_val ) {
+ ber_dupbv( bv, &lo->ldo_tls_cacert );
+ } else {
+ BER_BVZERO( bv );
+ }
+ break;
+ }
+ case LDAP_OPT_X_TLS_CERT: {
+ struct berval *bv = arg;
+ if ( lo->ldo_tls_cert.bv_val ) {
+ ber_dupbv( bv, &lo->ldo_tls_cert );
+ } else {
+ BER_BVZERO( bv );
+ }
+ break;
+ }
+ case LDAP_OPT_X_TLS_KEY: {
+ struct berval *bv = arg;
+ if ( lo->ldo_tls_key.bv_val ) {
+ ber_dupbv( bv, &lo->ldo_tls_key );
+ } else {
+ BER_BVZERO( bv );
+ }
+ break;
+ }
default:
return -1;
ldap_pvt_tls_ctx_free( lo->ldo_tls_ctx );
lo->ldo_tls_ctx = NULL;
return ldap_int_tls_init_ctx( lo, *(int *)arg );
+ case LDAP_OPT_X_TLS_CACERT:
+ if ( lo->ldo_tls_cacert.bv_val )
+ LDAP_FREE( lo->ldo_tls_cacert.bv_val );
+ if ( arg ) {
+ lo->ldo_tls_cacert.bv_len = ((struct berval *)arg)->bv_len;
+ lo->ldo_tls_cacert.bv_val = LDAP_MALLOC( lo->ldo_tls_cacert.bv_len );
+ if ( !lo->ldo_tls_cacert.bv_val )
+ return -1;
+ AC_MEMCPY( lo->ldo_tls_cacert.bv_val, ((struct berval *)arg)->bv_val, lo->ldo_tls_cacert.bv_len );
+ } else {
+ BER_BVZERO( &lo->ldo_tls_cacert );
+ }
+ break;
+ case LDAP_OPT_X_TLS_CERT:
+ if ( lo->ldo_tls_cert.bv_val )
+ LDAP_FREE( lo->ldo_tls_cert.bv_val );
+ if ( arg ) {
+ lo->ldo_tls_cert.bv_len = ((struct berval *)arg)->bv_len;
+ lo->ldo_tls_cert.bv_val = LDAP_MALLOC( lo->ldo_tls_cert.bv_len );
+ if ( !lo->ldo_tls_cert.bv_val )
+ return -1;
+ AC_MEMCPY( lo->ldo_tls_cert.bv_val, ((struct berval *)arg)->bv_val, lo->ldo_tls_cert.bv_len );
+ } else {
+ BER_BVZERO( &lo->ldo_tls_cert );
+ }
+ break;
+ case LDAP_OPT_X_TLS_KEY:
+ if ( lo->ldo_tls_key.bv_val )
+ LDAP_FREE( lo->ldo_tls_key.bv_val );
+ if ( arg ) {
+ lo->ldo_tls_key.bv_len = ((struct berval *)arg)->bv_len;
+ lo->ldo_tls_key.bv_val = LDAP_MALLOC( lo->ldo_tls_key.bv_len );
+ if ( !lo->ldo_tls_key.bv_val )
+ return -1;
+ AC_MEMCPY( lo->ldo_tls_key.bv_val, ((struct berval *)arg)->bv_val, lo->ldo_tls_key.bv_len );
+ } else {
+ BER_BVZERO( &lo->ldo_tls_key );
+ }
+ break;
default:
return -1;
}