You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@apr.apache.org by mi...@apache.org on 2004/08/01 18:55:14 UTC
cvs commit: apr-util/ldap apr_ldap_init.c
minfrin 2004/08/01 09:55:14
Modified: . CHANGES
include apr_ldap.h.in apr_ldap.hnw apr_ldap.hw
ldap apr_ldap_init.c
Log:
Add an apr_ldap_err_t structure to handle the return of LDAP
specific error codes.
Revision Changes Path
1.134 +3 -0 apr-util/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/apr-util/CHANGES,v
retrieving revision 1.133
retrieving revision 1.134
diff -u -r1.133 -r1.134
--- CHANGES 30 Jul 2004 19:40:44 -0000 1.133
+++ CHANGES 1 Aug 2004 16:55:14 -0000 1.134
@@ -1,5 +1,8 @@
Changes with APR-util 1.0
+ *) Add an apr_ldap_err_t structure to handle the return of LDAP
+ specific error codes. [Graham Leggett, Brad Nicholes]
+
*) Add APR functions to do the job of ldap_init(), hiding toolkit
specific SSL/TLS handling. Code derived from httpd util_ldap.
[Graham Leggett]
1.13 +11 -0 apr-util/include/apr_ldap.h.in
Index: apr_ldap.h.in
===================================================================
RCS file: /home/cvs/apr-util/include/apr_ldap.h.in,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- apr_ldap.h.in 30 Jul 2004 19:40:44 -0000 1.12
+++ apr_ldap.h.in 1 Aug 2004 16:55:14 -0000 1.13
@@ -140,6 +140,17 @@
#define LDAP_URL_ERR_NODN LDAP_URL_ERR_BADURL
#endif
+/**
+ * This structure allows the C LDAP API error codes to be returned
+ * along with plain text error messages that explain to us more mortals
+ * what really happened.
+ */
+typedef struct apr_ldap_err_t {
+ const char *reason;
+ const char *msg;
+ int rc;
+} apr_ldap_err_t;
+
/** @} */
#endif /* APR_HAS_LDAP */
#endif /* APU_LDAP_H */
1.10 +11 -0 apr-util/include/apr_ldap.hnw
Index: apr_ldap.hnw
===================================================================
RCS file: /home/cvs/apr-util/include/apr_ldap.hnw,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- apr_ldap.hnw 30 Jul 2004 19:40:44 -0000 1.9
+++ apr_ldap.hnw 1 Aug 2004 16:55:14 -0000 1.10
@@ -139,6 +139,17 @@
#define LDAP_URL_ERR_NODN LDAP_URL_ERR_BADURL
#endif
+/**
+ * This structure allows the C LDAP API error codes to be returned
+ * along with plain text error messages that explain to us more mortals
+ * what really happened.
+ */
+typedef struct apr_ldap_err_t {
+ const char *reason;
+ const char *msg;
+ int rc;
+} apr_ldap_err_t;
+
/** @} */
#endif /* APU_HAS_LDAP */
#endif /* APU_LDAP_H */
1.10 +11 -0 apr-util/include/apr_ldap.hw
Index: apr_ldap.hw
===================================================================
RCS file: /home/cvs/apr-util/include/apr_ldap.hw,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- apr_ldap.hw 30 Jul 2004 19:40:44 -0000 1.9
+++ apr_ldap.hw 1 Aug 2004 16:55:14 -0000 1.10
@@ -142,6 +142,17 @@
#define LDAP_URL_ERR_NODN LDAP_URL_ERR_BADURL
#endif
+/**
+ * This structure allows the C LDAP API error codes to be returned
+ * along with plain text error messages that explain to us more mortals
+ * what really happened.
+ */
+typedef struct apr_ldap_err_t {
+ const char *reason;
+ const char *msg;
+ int rc;
+} apr_ldap_err_t;
+
/** @} */
#endif /* APR_HAS_LDAP */
#endif /* APU_LDAP_H */
1.3 +54 -37 apr-util/ldap/apr_ldap_init.c
Index: apr_ldap_init.c
===================================================================
RCS file: /home/cvs/apr-util/ldap/apr_ldap_init.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- apr_ldap_init.c 30 Jul 2004 20:50:02 -0000 1.2
+++ apr_ldap_init.c 1 Aug 2004 16:55:14 -0000 1.3
@@ -24,6 +24,7 @@
#include <apu.h>
#include <apr_ldap.h>
#include <apr_errno.h>
+#include <apr_pools.h>
#if APR_HAS_LDAP
@@ -36,12 +37,16 @@
*
* If SSL support is not available on this platform, or a problem
* was encountered while trying to set the certificate, the function
- * will return APR_EGENERAL.
+ * will return APR_EGENERAL. Further LDAP specific error information
+ * can be found in result_err.
*/
-APU_DECLARE(int) apr_ldap_ssl_init(const char *cert_auth_file,
+APU_DECLARE(int) apr_ldap_ssl_init(apr_ldap_err_t **result_err,
+ const char *cert_auth_file,
int cert_file_type,
- const char **reason) {
- int rc;
+ apr_pool_t *pool) {
+
+ apr_ldap_err_t *result = (apr_ldap_err_t *)apr_pcalloc(pool, sizeof(apr_ldap_err_t));
+ *result_err = result;
if (cert_auth_file) {
#if APR_HAS_LDAP_SSL /* compiled with ssl support */
@@ -51,12 +56,12 @@
/* Netscape sdk only supports a cert7.db file
*/
if (cert_file_type == APR_LDAP_CA_TYPE_CERT7_DB) {
- rc = ldapssl_client_init(cert_auth_file, NULL);
+ result->rc = ldapssl_client_init(cert_auth_file, NULL);
}
else {
- *reason = "LDAP: Invalid certificate type: "
- "CERT7_DB type required";
- rc = -1;
+ result->reason = "LDAP: Invalid certificate type: "
+ "CERT7_DB type required";
+ result->rc = -1;
}
#elif APR_HAS_NOVELL_LDAPSDK
@@ -66,26 +71,26 @@
if (cert_file_type == APR_LDAP_CA_TYPE_DER ||
cert_file_type == APR_LDAP_CA_TYPE_BASE64 ) {
- rc = ldapssl_client_init(NULL, NULL);
- if (LDAP_SUCCESS == rc) {
+ result->rc = ldapssl_client_init(NULL, NULL);
+ if (LDAP_SUCCESS == result->rc) {
if (cert_file_type == APR_LDAP_CA_TYPE_BASE64) {
- rc = ldapssl_add_trusted_cert((void*)cert_auth_file,
+ result->rc = ldapssl_add_trusted_cert((void*)cert_auth_file,
LDAPSSL_CERT_FILETYPE_B64);
}
else {
- rc = ldapssl_add_trusted_cert((void*)cert_auth_file,
+ result->rc = ldapssl_add_trusted_cert((void*)cert_auth_file,
LDAPSSL_CERT_FILETYPE_DER);
}
- if (LDAP_SUCCESS != rc) {
+ if (LDAP_SUCCESS != result->rc) {
ldapssl_client_deinit();
}
}
}
else {
- *reason = "LDAP: Invalid certificate type: "
+ result->reason = "LDAP: Invalid certificate type: "
"DER or BASE64 type required";
- rc = -1;
+ result->rc = -1;
}
#elif APR_HAS_OPENLDAP_LDAPSDK
@@ -93,12 +98,12 @@
/* OpenLDAP SDK supports BASE64 files
*/
if (cert_file_type == APR_LDAP_CA_TYPE_BASE64) {
- rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, cert_auth_file);
+ result->rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, cert_auth_file);
}
else {
- *reason = "LDAP: Invalid certificate type: "
+ result->reason = "LDAP: Invalid certificate type: "
"BASE64 type required";
- rc = -1;
+ result->rc = -1;
}
#elif APR_HAS_MICROSOFT_LDAPSDK
@@ -106,30 +111,33 @@
/* Microsoft SDK use the registry certificate store - always
* assume support is always available
*/
- rc = LDAP_SUCCESS;
+ result->rc = LDAP_SUCCESS;
#else
/* unknown toolkit type, assume no support available */
- *reason = "LDAP: Attempt to set certificate store failed. "
+ result->reason = "LDAP: Attempt to set certificate store failed. "
"Toolkit type not recognised as supporting SSL.";
- rc = -1;
+ result->rc = -1;
#endif /* APR_HAS_NETSCAPE_LDAPSDK */
#else /* not compiled with SSL Support */
- *reason = "LDAP: Attempt to set certificate store failed. "
+ result->reason = "LDAP: Attempt to set certificate store failed. "
"Not built with SSL support.";
- rc = -1;
+ result->rc = -1;
#endif /* APR_HAS_LDAP_SSL */
- if (LDAP_SUCCESS == rc) {
+ if (result->rc != -1) {
+ result->msg = ldap_err2string(result-> rc);
+ }
+
+ if (LDAP_SUCCESS == result->rc) {
return APR_SUCCESS;
}
else {
- /* @todo Return the LDAP error code here if not -1 */
return APR_EGENERAL;
}
}
@@ -176,11 +184,15 @@
* assumes that any certificate setup necessary has already
* been done.
*/
-APU_DECLARE(int) apr_ldap_init(LDAP **ldap,
+APU_DECLARE(int) apr_ldap_init(apr_ldap_err_t **result_err,
+ LDAP **ldap,
const char *hostname,
int portno,
int secure,
- const char *reason) {
+ apr_pool_t *pool) {
+
+ apr_ldap_err_t *result = (apr_ldap_err_t *)apr_pcalloc(pool, sizeof(apr_ldap_err_t));
+ *result_err = result;
/* clear connection requested */
if (!secure) {
@@ -196,10 +208,11 @@
*ldap = ldap_init(hostname, portno);
if (NULL != *ldap) {
int SSLmode = LDAP_OPT_X_TLS_HARD;
- int result = ldap_set_option(*ldap, LDAP_OPT_X_TLS, &SSLmode);
- if (LDAP_SUCCESS != result) {
+ result->rc = ldap_set_option(*ldap, LDAP_OPT_X_TLS, &SSLmode);
+ if (LDAP_SUCCESS != result->rc) {
ldap_unbind_s(*ldap);
- reason = "LDAP: ldap_set_option - LDAP_OPT_X_TLS_HARD failed";
+ result->reason = "LDAP: ldap_set_option - LDAP_OPT_X_TLS_HARD failed";
+ result->msg = ldap_err2string(result->rc);
*ldap = NULL;
/* @todo make proper APR error codes for LDAP codes */
return APR_EGENERAL;
@@ -231,20 +244,24 @@
* APR LDAP info function
*
* This function returns a string describing the LDAP toolkit
- * currently in use.
+ * currently in use. The string is placed inside result_err->reason.
*/
-APU_DECLARE(int) apr_ldap_info(const char **info) {
+APU_DECLARE(int) apr_ldap_info(apr_ldap_err_t **result_err,
+ apr_pool_t *pool) {
+
+ apr_ldap_err_t *result = (apr_ldap_err_t *)apr_pcalloc(pool, sizeof(apr_ldap_err_t));
+ *result_err = result;
#if APR_HAS_NETSCAPE_LDAPSDK
- *info = ("APR LDAP: Built with Netscape LDAP SDK");
+ result->reason = "APR LDAP: Built with Netscape LDAP SDK";
#elif APR_HAS_NOVELL_LDAPSDK
- *info = ("APR LDAP: Built with Novell LDAP SDK");
+ result->reason = "APR LDAP: Built with Novell LDAP SDK";
#elif APR_HAS_OPENLDAP_LDAPSDK
- *info = ("APR LDAP: Built with OpenLDAP LDAP SDK");
+ result->reason = "APR LDAP: Built with OpenLDAP LDAP SDK";
#elif APR_HAS_MICROSOFT_LDAPSDK
- *info = ("APR LDAP: Built with Microsoft LDAP SDK");
+ result->reason = "APR LDAP: Built with Microsoft LDAP SDK";
#else
- *info = ("APR LDAP: Built with an unknown LDAP SDK");
+ result->reason = "APR LDAP: Built with an unknown LDAP SDK";
#endif
return APR_SUCCESS;