From: Howard Chu Date: Sun, 13 May 2007 01:34:12 +0000 (+0000) Subject: Add CRLfile option for GNUtls X-Git-Tag: OPENLDAP_REL_ENG_2_4_MP~487 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=bdd8bf41334a2ebcdb77098f4150b8495832dd0a;p=openldap Add CRLfile option for GNUtls --- diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c index 21d5b00299..d157296d60 100644 --- a/servers/slapd/bconfig.c +++ b/servers/slapd/bconfig.c @@ -148,6 +148,7 @@ enum { CFG_TLS_DH_FILE, CFG_TLS_VERIFY, CFG_TLS_CRLCHECK, + CFG_TLS_CRL_FILE, CFG_CONCUR, CFG_THREADS, CFG_SALT, @@ -613,6 +614,14 @@ static ConfigTable config_back_cf_table[] = { #endif "( OLcfgGlAt:73 NAME 'olcTLSCRLCheck' " "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL }, + { "TLSCRLFile", NULL, 0, 0, 0, +#if defined(HAVE_GNUTLS) + CFG_TLS_CRL_FILE|ARG_STRING|ARG_MAGIC, &config_tls_option, +#else + ARG_IGNORED, NULL, +#endif + "( OLcfgGlAt:82 NAME 'olcTLSCRLFile' " + "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL }, { "TLSRandFile", NULL, 0, 0, 0, #ifdef HAVE_TLS CFG_TLS_RAND|ARG_STRING|ARG_MAGIC, &config_tls_option, @@ -697,7 +706,7 @@ static ConfigOCs cf_ocs[] = { "olcTLSCACertificatePath $ olcTLSCertificateFile $ " "olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ " "olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ " - "olcToolThreads $ " + "olcTLSCRLFile $ olcToolThreads $ " "olcObjectIdentifier $ olcAttributeTypes $ olcObjectClasses $ " "olcDitContentRules ) )", Cft_Global }, { "( OLcfgGlOc:2 " @@ -2883,6 +2892,9 @@ config_tls_option(ConfigArgs *c) { case CFG_TLS_CA_PATH: flag = LDAP_OPT_X_TLS_CACERTDIR; break; case CFG_TLS_CA_FILE: flag = LDAP_OPT_X_TLS_CACERTFILE; break; case CFG_TLS_DH_FILE: flag = LDAP_OPT_X_TLS_DHFILE; break; +#ifdef HAVE_GNUTLS + case CFG_TLS_CRL_FILE: flag = LDAP_OPT_X_TLS_CRLFILE; break; +#endif default: Debug(LDAP_DEBUG_ANY, "%s: " "unknown tls_option <0x%x>\n", c->log, c->type, 0);