]> git.sur5r.net Git - openldap/blobdiff - servers/slapd/dn.c
projects / openldap / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
ITS#2919 move OpenLDAPtime to OpenLDAPperson
[openldap] / servers / slapd / dn.c
diff --git a/servers/slapd/dn.c b/servers/slapd/dn.c
index 8e2a0247dc90abcd2e5713925bb018fd88aaee3a..6ed1b0cda032e9a15af34ea0547824779e2a15ea 100644 (file)
--- a/servers/slapd/dn.c
+++ b/servers/slapd/dn.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2004 The OpenLDAP Foundation.
+ * Copyright 1998-2005 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -34,7 +34,6 @@
 #include <ac/time.h>
 
 #include "slap.h"
-#include "ldap_pvt.h" /* must be after slap.h, to get ldap_bv2dn_x() & co */
 #include "lutil.h"
 
 /*
@@ -1300,7 +1299,7 @@ build_new_dn( struct berval * new_dn,
        new_dn->bv_len = parent_dn->bv_len + newrdn->bv_len + 1;
        new_dn->bv_val = (char *) slap_sl_malloc( new_dn->bv_len + 1, memctx );
 
-       ptr = lutil_strcopy( new_dn->bv_val, newrdn->bv_val );
+       ptr = lutil_strncopy( new_dn->bv_val, newrdn->bv_val, newrdn->bv_len );
        *ptr++ = ',';
        strcpy( ptr, parent_dn->bv_val );
 }
@@ -1357,6 +1356,22 @@ dnIsOneLevelRDN( struct berval *rdn )
        return 1;
 }
 
+#ifdef HAVE_TLS
+static SLAP_CERT_MAP_FN *DNX509PeerNormalizeCertMap = NULL;
+#endif
+
+int register_certificate_map_function(SLAP_CERT_MAP_FN *fn)
+{
+#ifdef HAVE_TLS
+       if ( DNX509PeerNormalizeCertMap == NULL ) {
+               DNX509PeerNormalizeCertMap = fn;
+               return 0;
+       }
+#endif
+
+       return -1;
+}
+
 #ifdef HAVE_TLS
 /*
  * Convert an X.509 DN into a normalized LDAP DN
@@ -1379,7 +1394,16 @@ dnX509normalize( void *x509_name, struct berval *out )
 int
 dnX509peerNormalize( void *ssl, struct berval *dn )
 {
-       return ldap_pvt_tls_get_peer_dn( ssl, dn,
-               (LDAPDN_rewrite_dummy *)LDAPDN_rewrite, 0 );
+       int rc = LDAP_INVALID_CREDENTIALS;
+
+       if ( DNX509PeerNormalizeCertMap != NULL )
+               rc = (*DNX509PeerNormalizeCertMap)( ssl, dn );
+
+       if ( rc != LDAP_SUCCESS ) {
+               rc = ldap_pvt_tls_get_peer_dn( ssl, dn,
+                       (LDAPDN_rewrite_dummy *)LDAPDN_rewrite, 0 );
+       }
+
+       return rc;
 }
 #endif
Cloned from git://git.openldap.org/openldap.git