#define LDAP_OPT_X_TLS_RANDOM_FILE 0x6009
#define LDAP_OPT_X_TLS_SSL_CTX 0x600a
#define LDAP_OPT_X_TLS_CRLCHECK 0x600b
+#define LDAP_OPT_X_TLS_CONNECT_CB 0x600c
+#define LDAP_OPT_X_TLS_CONNECT_ARG 0x600d
#define LDAP_OPT_X_TLS_NEVER 0
#define LDAP_OPT_X_TLS_HARD 1
typedef int LDAPDN_rewrite_dummy LDAP_P (( void *dn, unsigned flags ));
+typedef int (LDAP_TLS_CONNECT_CB) LDAP_P (( struct ldap *ld, void *ssl,
+ void *ctx, void *arg ));
+
LDAP_F (int) ldap_pvt_tls_get_my_dn LDAP_P(( void *ctx, struct berval *dn,
LDAPDN_rewrite_dummy *func, unsigned flags ));
LDAP_F (int) ldap_pvt_tls_get_peer_dn LDAP_P(( void *ctx, struct berval *dn,
ber_sockbuf_ctrl( sb, LBER_SB_OPT_GET_SSL, (void *)&ssl );
} else {
+ struct ldapoptions *lo;
void *ctx = ld->ld_defconn
? ld->ld_defconn->lconn_tls_ctx : NULL;
LBER_SBIOD_LEVEL_TRANSPORT, (void *)ssl );
if( ctx == NULL ) {
+ ctx = tls_def_ctx;
conn->lconn_tls_ctx = tls_def_ctx;
}
+ lo = &ld->ld_options;
+ if ( lo->ldo_tls_connect_cb )
+ lo->ldo_tls_connect_cb( ld, ssl, ctx, lo->ldo_tls_connect_arg );
+ lo = LDAP_INT_GLOBAL_OPT();
+ if ( lo && lo->ldo_tls_connect_cb )
+ lo->ldo_tls_connect_cb( ld, ssl, ctx, lo->ldo_tls_connect_arg );
}
err = SSL_connect( ssl );
*(void **)arg = retval;
break;
}
+ case LDAP_OPT_X_TLS_CONNECT_CB:
+ *(LDAP_TLS_CONNECT_CB **)arg = lo->ldo_tls_connect_cb;
+ break;
+ case LDAP_OPT_X_TLS_CONNECT_ARG:
+ *(void **)arg = lo->ldo_tls_connect_arg;
+ break;
default:
return -1;
}
ld->ld_defconn->lconn_tls_ctx = arg;
}
return 0;
+ case LDAP_OPT_X_TLS_CONNECT_CB:
+ lo->ldo_tls_connect_cb = (LDAP_TLS_CONNECT_CB *)arg;
+ return 0;
+ case LDAP_OPT_X_TLS_CONNECT_ARG:
+ lo->ldo_tls_connect_arg = arg;
+ return 0;
}
if ( ld != NULL ) {
projects / openldap / commitdiff