From 4ecf780e48f3f73a62c8e61360d5b5e0548b3173 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Thu, 20 Apr 2000 14:15:39 +0000 Subject: [PATCH] StartTLS requires LDAPv3 Set version to required protocol. --- clients/tools/ldapdelete.c | 17 ++++++++++++++--- clients/tools/ldapmodify.c | 17 ++++++++++++++--- clients/tools/ldapmodrdn.c | 18 +++++++++++++++--- clients/tools/ldappasswd.c | 3 ++- clients/tools/ldapsearch.c | 18 ++++++++++++++---- 5 files changed, 59 insertions(+), 14 deletions(-) diff --git a/clients/tools/ldapdelete.c b/clients/tools/ldapdelete.c index bd2a61f1bf..4cbf84f1ee 100644 --- a/clients/tools/ldapdelete.c +++ b/clients/tools/ldapdelete.c @@ -240,23 +240,34 @@ main( int argc, char **argv ) if ( ( authmethod == LDAP_AUTH_KRBV4 ) || ( authmethod == LDAP_AUTH_KRBV41 ) ) { - if( version != LDAP_VERSION2 ) { + if( version > LDAP_VERSION2 ) { fprintf( stderr, "Kerberos requires LDAPv2\n" ); return( EXIT_FAILURE ); } + version = LDAP_VERSION2; } else if ( authmethod == LDAP_AUTH_SASL ) { - if( version != LDAP_VERSION3 ) { + if( version != -1 || version != LDAP_VERSION3 ) { fprintf( stderr, "SASL requires LDAPv3\n" ); return( EXIT_FAILURE ); } + version = LDAP_VERSION3; } if( manageDSAit ) { - if( version != LDAP_VERSION3 ) { + if( version != -1 || version != LDAP_VERSION3 ) { fprintf(stderr, "manage DSA control requires LDAPv3\n"); return EXIT_FAILURE; } + version = LDAP_VERSION3; + } + + if( use_tls ) { + if( version != -1 || version != LDAP_VERSION3 ) { + fprintf(stderr, "Start TLS requires LDAPv3\n"); + return EXIT_FAILURE; + } + version = LDAP_VERSION3; } if ( fp == NULL ) { diff --git a/clients/tools/ldapmodify.c b/clients/tools/ldapmodify.c index eed0b3f181..034b611b7c 100644 --- a/clients/tools/ldapmodify.c +++ b/clients/tools/ldapmodify.c @@ -300,23 +300,34 @@ main( int argc, char **argv ) if ( ( authmethod == LDAP_AUTH_KRBV4 ) || ( authmethod == LDAP_AUTH_KRBV41 ) ) { - if( version != LDAP_VERSION2 ) { + if( version > LDAP_VERSION2 ) { fprintf( stderr, "Kerberos requires LDAPv2\n" ); return( EXIT_FAILURE ); } + version = LDAP_VERSION2; } else if ( authmethod == LDAP_AUTH_SASL ) { - if( version != LDAP_VERSION3 ) { + if( version != -1 || version != LDAP_VERSION3 ) { fprintf( stderr, "SASL requires LDAPv3\n" ); return( EXIT_FAILURE ); } + version = LDAP_VERSION3; } if( manageDSAit ) { - if( version != LDAP_VERSION3 ) { + if( version != -1 || version != LDAP_VERSION3 ) { fprintf(stderr, "manage DSA control requires LDAPv3\n"); return EXIT_FAILURE; } + version = LDAP_VERSION3; + } + + if( use_tls ) { + if( version != -1 || version != LDAP_VERSION3 ) { + fprintf(stderr, "Start TLS requires LDAPv3\n"); + return EXIT_FAILURE; + } + version = LDAP_VERSION3; } if ( infile != NULL ) { diff --git a/clients/tools/ldapmodrdn.c b/clients/tools/ldapmodrdn.c index dbfe1629f8..360bb20c2b 100644 --- a/clients/tools/ldapmodrdn.c +++ b/clients/tools/ldapmodrdn.c @@ -256,23 +256,34 @@ main(int argc, char **argv) if ( ( authmethod == LDAP_AUTH_KRBV4 ) || ( authmethod == LDAP_AUTH_KRBV41 ) ) { - if( version != LDAP_VERSION2 ) { + if( version > LDAP_VERSION2 ) { fprintf( stderr, "Kerberos requires LDAPv2\n" ); return( EXIT_FAILURE ); } + version = LDAP_VERSION2; } else if ( authmethod == LDAP_AUTH_SASL ) { - if( version != LDAP_VERSION3 ) { + if( version != -1 || version != LDAP_VERSION3 ) { fprintf( stderr, "SASL requires LDAPv3\n" ); return( EXIT_FAILURE ); } + version = LDAP_VERSION3; } if( manageDSAit ) { - if( version != LDAP_VERSION3 ) { + if( version != -1 || version != LDAP_VERSION3 ) { fprintf(stderr, "manage DSA control requires LDAPv3\n"); return EXIT_FAILURE; } + version = LDAP_VERSION3; + } + + if( use_tls ) { + if( version != -1 || version != LDAP_VERSION3 ) { + fprintf(stderr, "Start TLS requires LDAPv3\n"); + return EXIT_FAILURE; + } + version = LDAP_VERSION3; } if (newSuperior != NULL) { @@ -283,6 +294,7 @@ main(int argc, char **argv) usage( argv[0] ); return( EXIT_FAILURE ); } + version = LDAP_VERSION3; } havedn = 0; diff --git a/clients/tools/ldappasswd.c b/clients/tools/ldappasswd.c index 70de7e6689..a5cd3db7ae 100644 --- a/clients/tools/ldappasswd.c +++ b/clients/tools/ldappasswd.c @@ -302,6 +302,7 @@ main( int argc, char *argv[] ) /* don't chase referrals */ ldap_set_option( ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF ); + /* LDAPv3 only */ version = 3; rc = ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ); @@ -448,5 +449,5 @@ main( int argc, char *argv[] ) /* disconnect from server */ ldap_unbind (ld); - return ( EXIT_SUCCESS ); + return EXIT_SUCCESS; } diff --git a/clients/tools/ldapsearch.c b/clients/tools/ldapsearch.c index ab700a729b..2603107e43 100644 --- a/clients/tools/ldapsearch.c +++ b/clients/tools/ldapsearch.c @@ -363,24 +363,34 @@ main( int argc, char **argv ) if ( ( authmethod == LDAP_AUTH_KRBV4 ) || ( authmethod == LDAP_AUTH_KRBV41 ) ) { - if( version != LDAP_VERSION2 ) { - + if( version > LDAP_VERSION2 ) { fprintf( stderr, "Kerberos requires LDAPv2\n" ); return( EXIT_FAILURE ); } + version = LDAP_VERSION2; } else if ( authmethod == LDAP_AUTH_SASL ) { - if( version != LDAP_VERSION3 ) { + if( version != -1 || version != LDAP_VERSION3 ) { fprintf( stderr, "SASL requires LDAPv3\n" ); return( EXIT_FAILURE ); } + version = LDAP_VERSION3; } if( manageDSAit ) { - if( version != LDAP_VERSION3 ) { + if( version != -1 || version != LDAP_VERSION3 ) { fprintf(stderr, "manage DSA control requires LDAPv3\n"); return EXIT_FAILURE; } + version = LDAP_VERSION3; + } + + if( use_tls ) { + if( version != -1 || version != LDAP_VERSION3 ) { + fprintf(stderr, "Start TLS requires LDAPv3\n"); + return EXIT_FAILURE; + } + version = LDAP_VERSION3; } if ( argc - optind < 1 ) { -- 2.39.5