mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-30 13:30:57 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fixup cacert/cert/key options

Browse Source 
Add get_option support, allow delete by setting a NULL arg.
This commit is contained in:
Howard Chu 2017-04-09 14:49:48 +01:00
parent 2860fd4c6c
commit 83fb515555
1 changed files with 54 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
libraries/libldap/tls2.c
View File

@ -734,6 +734,33 @@ ldap_pvt_tls_get_option( LDAP *ld, int option, void *arg )
}
break;
}
case LDAP_OPT_X_TLS_CACERT: {
struct berval *bv = arg;
if ( lo->ldo_tls_cacert.bv_val ) {
ber_dupbv( bv, &lo->ldo_tls_cacert );
} else {
BER_BVZERO( bv );
}
break;
}
case LDAP_OPT_X_TLS_CERT: {
struct berval *bv = arg;
if ( lo->ldo_tls_cert.bv_val ) {
ber_dupbv( bv, &lo->ldo_tls_cert );
} else {
BER_BVZERO( bv );
}
break;
}
case LDAP_OPT_X_TLS_KEY: {
struct berval *bv = arg;
if ( lo->ldo_tls_key.bv_val ) {
ber_dupbv( bv, &lo->ldo_tls_key );
} else {
BER_BVZERO( bv );
}
break;
}
default:
return -1;
@ -867,34 +894,43 @@ ldap_pvt_tls_set_option( LDAP *ld, int option, void *arg )
lo->ldo_tls_ctx = NULL;
return ldap_int_tls_init_ctx( lo, *(int *)arg );
case LDAP_OPT_X_TLS_CACERT:
if ( !arg ) return -1;
if ( lo->ldo_tls_cacert.bv_val )
LDAP_FREE( lo->ldo_tls_cacert.bv_val );
lo->ldo_tls_cacert.bv_len = ((struct berval *)arg)->bv_len;
lo->ldo_tls_cacert.bv_val = LDAP_MALLOC( lo->ldo_tls_cacert.bv_len );
if ( !lo->ldo_tls_cacert.bv_val )
return -1;
AC_MEMCPY( lo->ldo_tls_cacert.bv_val, ((struct berval *)arg)->bv_val, lo->ldo_tls_cacert.bv_len );
if ( arg ) {
lo->ldo_tls_cacert.bv_len = ((struct berval *)arg)->bv_len;
lo->ldo_tls_cacert.bv_val = LDAP_MALLOC( lo->ldo_tls_cacert.bv_len );
if ( !lo->ldo_tls_cacert.bv_val )
return -1;
AC_MEMCPY( lo->ldo_tls_cacert.bv_val, ((struct berval *)arg)->bv_val, lo->ldo_tls_cacert.bv_len );
} else {
BER_BVZERO( &lo->ldo_tls_cacert );
}
break;
case LDAP_OPT_X_TLS_CERT:
if ( !arg ) return -1;
if ( lo->ldo_tls_cert.bv_val )
LDAP_FREE( lo->ldo_tls_cert.bv_val );
lo->ldo_tls_cert.bv_len = ((struct berval *)arg)->bv_len;
lo->ldo_tls_cert.bv_val = LDAP_MALLOC( lo->ldo_tls_cert.bv_len );
if ( !lo->ldo_tls_cert.bv_val )
return -1;
AC_MEMCPY( lo->ldo_tls_cert.bv_val, ((struct berval *)arg)->bv_val, lo->ldo_tls_cert.bv_len );
if ( arg ) {
lo->ldo_tls_cert.bv_len = ((struct berval *)arg)->bv_len;
lo->ldo_tls_cert.bv_val = LDAP_MALLOC( lo->ldo_tls_cert.bv_len );
if ( !lo->ldo_tls_cert.bv_val )
return -1;
AC_MEMCPY( lo->ldo_tls_cert.bv_val, ((struct berval *)arg)->bv_val, lo->ldo_tls_cert.bv_len );
} else {
BER_BVZERO( &lo->ldo_tls_cert );
}
break;
case LDAP_OPT_X_TLS_KEY:
if ( !arg ) return -1;
if ( lo->ldo_tls_key.bv_val )
LDAP_FREE( lo->ldo_tls_key.bv_val );
lo->ldo_tls_key.bv_len = ((struct berval *)arg)->bv_len;
lo->ldo_tls_key.bv_val = LDAP_MALLOC( lo->ldo_tls_key.bv_len );
if ( !lo->ldo_tls_key.bv_val )
return -1;
AC_MEMCPY( lo->ldo_tls_key.bv_val, ((struct berval *)arg)->bv_val, lo->ldo_tls_key.bv_len );
if ( arg ) {
lo->ldo_tls_key.bv_len = ((struct berval *)arg)->bv_len;
lo->ldo_tls_key.bv_val = LDAP_MALLOC( lo->ldo_tls_key.bv_len );
if ( !lo->ldo_tls_key.bv_val )
return -1;
AC_MEMCPY( lo->ldo_tls_key.bv_val, ((struct berval *)arg)->bv_val, lo->ldo_tls_key.bv_len );
} else {
BER_BVZERO( &lo->ldo_tls_key );
}
break;
default:
return -1;