You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by bn...@apache.org on 2005/01/20 21:22:34 UTC
svn commit: r125810 - /httpd/httpd/trunk/docs/manual/mod/mod_ldap.xml /httpd/httpd/trunk/modules/ldap/util_ldap.c
Author: bnicholes
Date: Thu Jan 20 12:22:31 2005
New Revision: 125810
URL: http://svn.apache.org/viewcvs?view=rev&rev=125810
Log:
Recognize the new certificate formats
Modified:
httpd/httpd/trunk/docs/manual/mod/mod_ldap.xml
httpd/httpd/trunk/modules/ldap/util_ldap.c
Modified: httpd/httpd/trunk/docs/manual/mod/mod_ldap.xml
Url: http://svn.apache.org/viewcvs/httpd/httpd/trunk/docs/manual/mod/mod_ldap.xml?view=diff&rev=125810&p1=httpd/httpd/trunk/docs/manual/mod/mod_ldap.xml&r1=125809&p2=httpd/httpd/trunk/docs/manual/mod/mod_ldap.xml&r2=125810
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_ldap.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_ldap.xml Thu Jan 20 12:22:31 2005
@@ -480,8 +480,10 @@
<li>CERT_BASE64 - PEM encoded client certificate</li>
<li>CERT_KEY3_DB - Netscape key3.db client certificate database file</li>
<li>CERT_NICKNAME - Client certificate "nickname" (Netscape SDK)</li>
+ <li>CERT_PFX - PKCS#12 encoded client certificate (Novell SDK)</li>
<li>KEY_DER - binary DER encoded private key</li>
<li>KEY_BASE64 - PEM encoded private key</li>
+ <li>KEY_PFX - PKCS#12 encoded private key (Novell SDK)</li>
</ul>
</usage>
</directivesynopsis>
Modified: httpd/httpd/trunk/modules/ldap/util_ldap.c
Url: http://svn.apache.org/viewcvs/httpd/httpd/trunk/modules/ldap/util_ldap.c?view=diff&rev=125810&p1=httpd/httpd/trunk/modules/ldap/util_ldap.c&r1=125809&p2=httpd/httpd/trunk/modules/ldap/util_ldap.c&r2=125810
==============================================================================
--- httpd/httpd/trunk/modules/ldap/util_ldap.c (original)
+++ httpd/httpd/trunk/modules/ldap/util_ldap.c Thu Jan 20 12:22:31 2005
@@ -1381,6 +1381,11 @@
return APR_LDAP_CERT_TYPE_BASE64;
}
+ /* Client cert file in PKCS#12 format */
+ else if (0 == strcasecmp("CERT_PFX", type)) {
+ return APR_LDAP_CERT_TYPE_PFX;
+ }
+
/* Netscape client cert database file/directory */
else if (0 == strcasecmp("CERT_KEY3_DB", type)) {
return APR_LDAP_CERT_TYPE_KEY3_DB;
@@ -1401,6 +1406,11 @@
return APR_LDAP_KEY_TYPE_BASE64;
}
+ /* Client cert key file in PKCS#12 format */
+ else if (0 == strcasecmp("KEY_PFX", type)) {
+ return APR_LDAP_KEY_TYPE_PFX;
+ }
+
else {
return APR_LDAP_CA_TYPE_UNKNOWN;
}
@@ -1504,13 +1514,14 @@
return apr_psprintf(cmd->pool, "The certificate type \"%s\" is "
"not recognised. It should be one "
"of CERT_DER, CERT_BASE64, "
- "CERT_NICKNAME, "
- "KEY_DER, KEY_BASE64", type);
+ "CERT_NICKNAME, CERT_PFX,"
+ "KEY_DER, KEY_BASE64, KEY_PFX", type);
}
else if (APR_LDAP_CA_TYPE_DER == cert_type ||
APR_LDAP_CA_TYPE_BASE64 == cert_type ||
APR_LDAP_CA_TYPE_CERT7_DB == cert_type ||
APR_LDAP_CA_TYPE_SECMOD == cert_type ||
+ APR_LDAP_CERT_TYPE_PFX == cert_type ||
APR_LDAP_CERT_TYPE_KEY3_DB == cert_type) {
return apr_psprintf(cmd->pool, "The certificate type \"%s\" is "
"only valid within a "