From 1fadca541971537bf4ab6b2c2e4e04d469fa69c4 Mon Sep 17 00:00:00 2001 From: Mark Valence Date: Thu, 9 Dec 1999 22:41:45 +0000 Subject: [PATCH] Start TLS extended op routine. --- servers/slapd/starttls.c | 63 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 servers/slapd/starttls.c diff --git a/servers/slapd/starttls.c b/servers/slapd/starttls.c new file mode 100644 index 0000000000..daac4ce14f --- /dev/null +++ b/servers/slapd/starttls.c @@ -0,0 +1,63 @@ +/* $OpenLDAP$ */ +/* + * Copyright 1999 The OpenLDAP Foundation. + * All rights reserved. + * + * Redistribution and use in source and binary forms are permitted only + * as authorized by the OpenLDAP Public License. A copy of this + * license is available at http://www.OpenLDAP.org/license.html or + * in file LICENSE in the top-level directory of the distribution. + */ + +#include "portable.h" + +#include +#include + +#include "slap.h" + +#ifdef HAVE_TLS + +int +starttls_extop ( + SLAP_EXTOP_CALLBACK_FN cb, + Connection *conn, + Operation *op, + char * oid, + struct berval * reqdata, + struct berval ** rspdata, + char ** text ) +{ + /* can't start TLS if it is already started */ + if (conn->c_is_tls != 0) + return(LDAP_OPERATIONS_ERROR); + + /* can't start TLS if there are other op's around */ + if (conn->c_ops != NULL) { + if (conn->c_ops != op || op->o_next != NULL) + return(LDAP_OPERATIONS_ERROR); + } + if (conn->c_pending_ops != NULL) { + if (conn->c_pending_ops != op || op->o_next != NULL) + return(LDAP_OPERATIONS_ERROR); + } + + /* here's some pseudo-code if HAVE_TLS is defined + * but for some reason TLS is not available. + */ + /* + if (tls not really supported) { + if (referral exists) { + // caller will need to put the referral into the result + return(LDAP_REFERRAL); + } + return(LDAP_UNAVAILABLE); + } + */ + + conn->c_is_tls = 1; + conn->c_needs_tls_accept = 1; + return(LDAP_SUCCESS); +} + +#endif /* HAVE_TLS */ -- 2.39.5