Author: bnicholes Date: Wed Dec 15 08:24:10 2004 New Revision: 111988 URL: http://svn.apache.org/viewcvs?view=rev&rev=111988 Log: Added the apr_ldap_ssl_add_cert() API to allow multiple certificates to be stored and used when establishing an SSL connection to different LDAP servers. Modified: apr/apr-util/trunk/CHANGES apr/apr-util/trunk/include/apr_ldap_init.h apr/apr-util/trunk/ldap/apr_ldap_init.c
Modified: apr/apr-util/trunk/CHANGES Url: http://svn.apache.org/viewcvs/apr/apr-util/trunk/CHANGES?view=diff&rev=111988&p1=apr/apr-util/trunk/CHANGES&r1=111987&p2=apr/apr-util/trunk/CHANGES&r2=111988 ============================================================================== --- apr/apr-util/trunk/CHANGES (original) +++ apr/apr-util/trunk/CHANGES Wed Dec 15 08:24:10 2004 @@ -1,5 +1,9 @@ Changes with APR-util 1.1.0 + *) Added the apr_ldap_ssl_add_cert() API to allow multiple certificates + to be stored and used when establishing an SSL connection to different + LDAP servers. [Brad Nicholes] + *) Emit the run-time link path option in apu-config after installation if the user is linking with libtool. [Justin Erenkrantz] Modified: apr/apr-util/trunk/include/apr_ldap_init.h Url: http://svn.apache.org/viewcvs/apr/apr-util/trunk/include/apr_ldap_init.h?view=diff&rev=111988&p1=apr/apr-util/trunk/include/apr_ldap_init.h&r1=111987&p2=apr/apr-util/trunk/include/apr_ldap_init.h&r2=111988 ============================================================================== --- apr/apr-util/trunk/include/apr_ldap_init.h (original) +++ apr/apr-util/trunk/include/apr_ldap_init.h Wed Dec 15 08:24:10 2004 @@ -34,6 +34,11 @@ int cert_file_type, apr_ldap_err_t **result_err); +APU_DECLARE(int) apr_ldap_ssl_add_cert(apr_pool_t *pool, + const char *cert_auth_file, + int cert_file_type, + apr_ldap_err_t **result_err); + APU_DECLARE(int) apr_ldap_ssl_deinit(void); APU_DECLARE(int) apr_ldap_init(apr_pool_t *pool, Modified: apr/apr-util/trunk/ldap/apr_ldap_init.c Url: http://svn.apache.org/viewcvs/apr/apr-util/trunk/ldap/apr_ldap_init.c?view=diff&rev=111988&p1=apr/apr-util/trunk/ldap/apr_ldap_init.c&r1=111987&p2=apr/apr-util/trunk/ldap/apr_ldap_init.c&r2=111988 ============================================================================== --- apr/apr-util/trunk/ldap/apr_ldap_init.c (original) +++ apr/apr-util/trunk/ldap/apr_ldap_init.c Wed Dec 15 08:24:10 2004 @@ -46,6 +46,49 @@ int cert_file_type, apr_ldap_err_t **result_err) { + apr_ldap_err_t *result; + + if (cert_auth_file) { + return apr_ldap_ssl_add_cert(pool, cert_auth_file, cert_file_type, result_err); + } + else { + result = (apr_ldap_err_t *)apr_pcalloc(pool, sizeof(apr_ldap_err_t)); + *result_err = result; +#if APR_HAS_LDAP_SSL /* compiled with ssl support */ + +#if APR_HAS_NOVELL_LDAPSDK + result->rc = ldapssl_client_init(NULL, NULL); + + if (LDAP_SUCCESS == result->rc) { + return APR_SUCCESS; + } + else { + result->msg = ldap_err2string(result-> rc); + result->reason = apr_pstrdup (pool, "LDAP: Could not initialize SSL"); + return APR_EGENERAL; + } +#endif + +#else + result->reason = "LDAP: Attempt to initialize SSL failed. " + "Not built with SSL support."; + result->rc = -1; + return APR_EGENERAL; +#endif + } + + /* if no cert_auth_file was passed, we assume SSL support + * is possible, as we have not been specifically told otherwise. + */ + return APR_SUCCESS; + +} + +APU_DECLARE(int) apr_ldap_ssl_add_cert(apr_pool_t *pool, + const char *cert_auth_file, + int cert_file_type, + apr_ldap_err_t **result_err) { + apr_ldap_err_t *result = (apr_ldap_err_t *)apr_pcalloc(pool, sizeof(apr_ldap_err_t)); *result_err = result; @@ -96,7 +139,7 @@ result->reason = "LDAP: Invalid certificate type: " "DER or BASE64 type required"; result->rc = -1; - } + } #elif APR_HAS_OPENLDAP_LDAPSDK
