]> git.sur5r.net Git - openldap/commitdiff
Add register_certificate_map_function() native plugin API for registering
authorLuke Howard <lukeh@openldap.org>
Mon, 20 Sep 2004 03:52:39 +0000 (03:52 +0000)
committerLuke Howard <lukeh@openldap.org>
Mon, 20 Sep 2004 03:52:39 +0000 (03:52 +0000)
alternate X.509 peer normalization function

servers/slapd/dn.c
servers/slapd/proto-slap.h

index 8e2a0247dc90abcd2e5713925bb018fd88aaee3a..05e5ea6916140b8a926ad9b9ce0edde7a7c33d9b 100644 (file)
@@ -1357,6 +1357,20 @@ dnIsOneLevelRDN( struct berval *rdn )
        return 1;
 }
 
+static SLAP_CERT_MAP_FN *DNX509PeerNormalizeCertMap = NULL;
+
+int register_certificate_map_function(SLAP_CERT_MAP_FN *fn)
+{
+#ifdef HAVE_TLS
+       if ( DNX509PeerNormalizeCertMap == NULL ) {
+               DNX509PeerNormalizeCertMap = fn;
+               return 0;
+       }
+#endif
+
+       return -1;
+}
+
 #ifdef HAVE_TLS
 /*
  * Convert an X.509 DN into a normalized LDAP DN
@@ -1379,7 +1393,16 @@ dnX509normalize( void *x509_name, struct berval *out )
 int
 dnX509peerNormalize( void *ssl, struct berval *dn )
 {
-       return ldap_pvt_tls_get_peer_dn( ssl, dn,
-               (LDAPDN_rewrite_dummy *)LDAPDN_rewrite, 0 );
+       int rc = LDAP_INVALID_CREDENTIALS;
+
+       if ( DNX509PeerNormalizeCertMap != NULL )
+               rc = (*DNX509PeerNormalizeCertMap)( ssl, dn );
+
+       if ( rc != LDAP_SUCCESS ) {
+               rc = ldap_pvt_tls_get_peer_dn( ssl, dn,
+                       (LDAPDN_rewrite_dummy *)LDAPDN_rewrite, 0 );
+       }
+
+       return rc;
 }
 #endif
index 99dae3ace4c35f68de0f23ac3b56538da84ddb49..707a1c47a91162cc55cf3f814d60fe7d54753fd6 100644 (file)
@@ -558,6 +558,8 @@ LDAP_SLAPD_F (int) dnPrettyNormalDN LDAP_P(( Syntax *syntax, struct berval *val,
 #define dnNormalDN(syntax, val, dn, ctx) \
        dnPrettyNormalDN((syntax),(val),(dn), 0, ctx)
 
+typedef int (SLAP_CERT_MAP_FN) LDAP_P(( void *ssl, struct berval *dn ));
+LDAP_SLAPD_F (int) register_certificate_map_function LDAP_P(( SLAP_CERT_MAP_FN *fn ));
 
 /*
  * entry.c