From: Julio Sánchez Fernández <jsanchez@openldap.org>
Date: Thu, 15 Jul 1999 21:05:08 +0000 (+0000)
Subject: Parse more TLS options in slapd.conf
X-Git-Tag: OPENLDAP_REL_ENG_2_BP~123
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=fd49eacc4baa9cc534db394c6d8ee5460b7ad030;p=openldap

Parse more TLS options in slapd.conf
---

diff --git a/servers/slapd/config.c b/servers/slapd/config.c
index f95adad34f..2b9a05f920 100644
--- a/servers/slapd/config.c
+++ b/servers/slapd/config.c
@@ -601,6 +601,20 @@ read_config( char *fname )
 #endif /*SLAPD_MODULES*/
 
 #ifdef HAVE_TLS
+		} else if ( !strcasecmp( cargv[0], "SSLProtocol" ) ) {
+			rc = ldap_pvt_tls_set_option( NULL,
+						      LDAP_OPT_X_TLS_PROTOCOL,
+						      cargv[1] );
+			if ( rc )
+				return rc;
+
+		} else if ( !strcasecmp( cargv[0], "SSLCipherSuite" ) ) {
+			rc = ldap_pvt_tls_set_option( NULL,
+						      LDAP_OPT_X_TLS_CIPHER_SUITE,
+						      cargv[1] );
+			if ( rc )
+				return rc;
+
 		} else if ( !strcasecmp( cargv[0], "SSLCertificateFile" ) ) {
 			rc = ldap_pvt_tls_set_option( NULL,
 						      LDAP_OPT_X_TLS_CERTFILE,
@@ -614,6 +628,21 @@ read_config( char *fname )
 						      cargv[1] );
 			if ( rc )
 				return rc;
+
+		} else if ( !strcasecmp( cargv[0], "SSLCACertificatePath" ) ) {
+			rc = ldap_pvt_tls_set_option( NULL,
+						      LDAP_OPT_X_TLS_CACERTDIR,
+						      cargv[1] );
+			if ( rc )
+				return rc;
+
+		} else if ( !strcasecmp( cargv[0], "SSLCACertificateFile" ) ) {
+			rc = ldap_pvt_tls_set_option( NULL,
+						      LDAP_OPT_X_TLS_CACERTFILE,
+						      cargv[1] );
+			if ( rc )
+				return rc;
+
 #endif
 
 		/* pass anything else to the current backend info/db config routine */