From fd49eacc4baa9cc534db394c6d8ee5460b7ad030 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Julio=20S=C3=A1nchez=20Fern=C3=A1ndez?=
 <jsanchez@openldap.org>
Date: Thu, 15 Jul 1999 21:05:08 +0000
Subject: [PATCH] Parse more TLS options in slapd.conf

---
 servers/slapd/config.c | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/servers/slapd/config.c b/servers/slapd/config.c
index f95adad34f..2b9a05f920 100644
--- a/servers/slapd/config.c
+++ b/servers/slapd/config.c
@@ -601,6 +601,20 @@ read_config( char *fname )
 #endif /*SLAPD_MODULES*/
 
 #ifdef HAVE_TLS
+		} else if ( !strcasecmp( cargv[0], "SSLProtocol" ) ) {
+			rc = ldap_pvt_tls_set_option( NULL,
+						      LDAP_OPT_X_TLS_PROTOCOL,
+						      cargv[1] );
+			if ( rc )
+				return rc;
+
+		} else if ( !strcasecmp( cargv[0], "SSLCipherSuite" ) ) {
+			rc = ldap_pvt_tls_set_option( NULL,
+						      LDAP_OPT_X_TLS_CIPHER_SUITE,
+						      cargv[1] );
+			if ( rc )
+				return rc;
+
 		} else if ( !strcasecmp( cargv[0], "SSLCertificateFile" ) ) {
 			rc = ldap_pvt_tls_set_option( NULL,
 						      LDAP_OPT_X_TLS_CERTFILE,
@@ -614,6 +628,21 @@ read_config( char *fname )
 						      cargv[1] );
 			if ( rc )
 				return rc;
+
+		} else if ( !strcasecmp( cargv[0], "SSLCACertificatePath" ) ) {
+			rc = ldap_pvt_tls_set_option( NULL,
+						      LDAP_OPT_X_TLS_CACERTDIR,
+						      cargv[1] );
+			if ( rc )
+				return rc;
+
+		} else if ( !strcasecmp( cargv[0], "SSLCACertificateFile" ) ) {
+			rc = ldap_pvt_tls_set_option( NULL,
+						      LDAP_OPT_X_TLS_CACERTFILE,
+						      cargv[1] );
+			if ( rc )
+				return rc;
+
 #endif
 
 		/* pass anything else to the current backend info/db config routine */
-- 
2.39.5