- The library now supports StartTLS. The patch was provided by Jeff Costlow

  <j.costlow@f5.com>

diff --git a/contrib/ldapc++/src/LDAPAsynConnection.cpp b/contrib/ldapc++/src/LDAPAsynConnection.cpp
index d422dff332eeb08329386f176eeb1f6e2a18d71a..79223c94e48f2ad2427dcae55cec3c5c28ff1167 100644 (file)
--- a/contrib/ldapc++/src/LDAPAsynConnection.cpp
+++ b/contrib/ldapc++/src/LDAPAsynConnection.cpp
@@ -36,8 +36,8 @@ LDAPAsynConnection::LDAPAsynConnection(const string& hostname, int port,
 LDAPAsynConnection::~LDAPAsynConnection(){
     DEBUG(LDAP_DEBUG_DESTROY,
             "LDAPAsynConnection::~LDAPAsynConnection()" << endl);
-    delete m_constr;        
     unbind();
+    //delete m_constr;        
 }
 
 void LDAPAsynConnection::init(const string& hostname, int port){
@@ -53,6 +53,10 @@ void LDAPAsynConnection::init(const string& hostname, int port){
     ldap_set_option(cur_session, LDAP_OPT_PROTOCOL_VERSION, &opt);
 }
 
+int LDAPAsynConnection::start_tls(){
+    return ldap_start_tls_s( cur_session, NULL, NULL );
+}
+
 LDAPMessageQueue* LDAPAsynConnection::bind(const string& dn,
         const string& passwd, const LDAPConstraints *cons){
     DEBUG(LDAP_DEBUG_TRACE, "LDAPAsynConnection::bind()" <<  endl);

diff --git a/contrib/ldapc++/src/LDAPAsynConnection.h b/contrib/ldapc++/src/LDAPAsynConnection.h
index 899af2d15d78f80c2e6f46e307e576dce340e8b5..1b3edf497ed0f20b5de19f289abad6af1a061330 100644 (file)
--- a/contrib/ldapc++/src/LDAPAsynConnection.h
+++ b/contrib/ldapc++/src/LDAPAsynConnection.h
@@ -77,7 +77,7 @@ class LDAPAsynConnection{
         virtual ~LDAPAsynConnection();
 
         /** 
-         * Initzializes a connection to a server. 
+         * Initializes a connection to a server. 
          * 
          * There actually no
          * communication to the server. Just the object is initialized
@@ -89,6 +89,14 @@ class LDAPAsynConnection{
          */
         void init(const string& hostname, int port);
 
+        /**
+         * Start TLS on this connection.  This isn't in the constructor,
+         * because it could fail (i.e. server doesn't have SSL cert, client
+         * api wasn't compiled against OpenSSL, etc.).  If you need TLS,
+         * then you should error if this call fails with an error code.
+         */
+        int start_tls();
+
         /** Simple authentication to a LDAP-Server
          *
          * @throws LDAPException If the Request could not be sent to the

diff --git a/contrib/ldapc++/src/LDAPConnection.cpp b/contrib/ldapc++/src/LDAPConnection.cpp
index de83f32093c5a689de443dba96e7681388fb4ddd..cc8d713d49277aa486d2e8c449efa0b5f54b2ea8 100644 (file)
--- a/contrib/ldapc++/src/LDAPConnection.cpp
+++ b/contrib/ldapc++/src/LDAPConnection.cpp
@@ -22,6 +22,10 @@ LDAPConnection::LDAPConnection(const string& hostname, int port,
 
 LDAPConnection::~LDAPConnection(){
 }
+
+int LDAPConnection::start_tls(){
+    return LDAPAsynConnection::start_tls();
+}
    
 void LDAPConnection::bind(const string& dn, const string& passwd,
         LDAPConstraints* cons){

diff --git a/contrib/ldapc++/src/LDAPConnection.h b/contrib/ldapc++/src/LDAPConnection.h
index 7016665fe325328ff7cf021f2686c267df1f12b5..c40b4443186ca9cba95460fbcce50f2984ad5ab1 100644 (file)
--- a/contrib/ldapc++/src/LDAPConnection.h
+++ b/contrib/ldapc++/src/LDAPConnection.h
@@ -68,6 +68,14 @@ class LDAPConnection : private LDAPAsynConnection {
          */
         void init(const string& hostname, int port);
         
+        /**
+         * Start TLS on this connection.  This isn't in the constructor,
+         * because it could fail (i.e. server doesn't have SSL cert, client
+         * api wasn't compiled against OpenSSL, etc.).  If you need TLS,
+         * then you should error if this call fails with an error code.
+         */
+        int start_tls();
+
         /** 
          * Performs a simple authentication with the server
          *