You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@apr.apache.org by bn...@apache.org on 2005/01/10 20:05:20 UTC
svn commit: r124824 - /apr/apr-util/trunk/ldap/apr_ldap_option.c
Author: bnicholes
Date: Mon Jan 10 11:05:18 2005
New Revision: 124824
URL: http://svn.apache.org/viewcvs?view=rev&rev=124824
Log:
Remove the call to ldapssl_install_routines for the Novell SDK. Do to the warning that states that if any other ldap call is made between the calls to ldap_init() and ldapssl_install_routines(), it is safer for the Novell SDK to always initialize the connection using ldapssl_init(). Suggest that other SDKs do the same.
Modified:
apr/apr-util/trunk/ldap/apr_ldap_option.c
Modified: apr/apr-util/trunk/ldap/apr_ldap_option.c
Url: http://svn.apache.org/viewcvs/apr/apr-util/trunk/ldap/apr_ldap_option.c?view=diff&rev=124824&p1=apr/apr-util/trunk/ldap/apr_ldap_option.c&r1=124823&p2=apr/apr-util/trunk/ldap/apr_ldap_option.c&r2=124824
==============================================================================
--- apr/apr-util/trunk/ldap/apr_ldap_option.c (original)
+++ apr/apr-util/trunk/ldap/apr_ldap_option.c Mon Jan 10 11:05:18 2005
@@ -164,7 +164,7 @@
#endif
/* Novell SDK */
-#if APR_HAS_NOVELL_SDK
+#if APR_HAS_NOVELL_LDAPSDK
/* ldapssl_install_routines(ldap)
* Behavior is unpredictable when other LDAP functions are called
* between the ldap_init function and the ldapssl_install_routines
@@ -172,15 +172,15 @@
*
* STARTTLS is supported by the ldap_start_tls_s() method
*/
- if (APR_LDAP_SSL == tls) {
+ /*if ((APR_LDAP_SSL == tls) || (APR_LDAP_STARTTLS == tls)) {
result->rc = ldapssl_install_routines(ldap);
if (result->rc != LDAP_SUCCESS) {
result->msg = ldap_err2string(result->rc);
result->reason = "LDAP: Could not switch SSL on for this "
"connection.";
}
- }
- else if (APR_LDAP_STARTTLS == tls) {
+ }*/
+ if (APR_LDAP_STARTTLS == tls) {
result->rc = ldapssl_start_tls(ldap);
if (result->rc != LDAP_SUCCESS) {
result->msg = ldap_err2string(result->rc);
@@ -415,28 +415,28 @@
case APR_LDAP_CERT_TYPE_DER: {
result->rc = ldapssl_set_client_cert((void *)cert->path,
LDAPSSL_CERT_FILETYPE_DER,
- cert->password);
+ (void*)cert->password);
result->msg = ldap_err2string(result->rc);
break;
}
case APR_LDAP_CERT_TYPE_BASE64: {
result->rc = ldapssl_set_client_cert((void *)cert->path,
LDAPSSL_CERT_FILETYPE_B64,
- cert->password);
+ (void*)cert->password);
result->msg = ldap_err2string(result->rc);
break;
}
case APR_LDAP_KEY_TYPE_DER: {
result->rc = ldapssl_set_client_private_key((void *)cert->path,
LDAPSSL_CERT_FILETYPE_DER,
- cert->password);
+ (void*)cert->password);
result->msg = ldap_err2string(result->rc);
break;
}
case APR_LDAP_KEY_TYPE_BASE64: {
result->rc = ldapssl_set_client_private_key((void *)cert->path,
LDAPSSL_CERT_FILETYPE_B64,
- cert->password);
+ (void*)cert->password);
result->msg = ldap_err2string(result->rc);
break;
}
Re: svn commit: r124824 - /apr/apr-util/trunk/ldap/apr_ldap_option.c
Posted by Graham Leggett <mi...@sharp.fm>.
bnicholes@apache.org wrote:
> URL: http://svn.apache.org/viewcvs?view=rev&rev=124824
> Log:
> Remove the call to ldapssl_install_routines for the Novell SDK. Do to the warning that states that if any other ldap call is made between the calls to ldap_init() and ldapssl_install_routines(), it is safer for the Novell SDK to always initialize the connection using ldapssl_init(). Suggest that other SDKs do the same.
This is incompatible with client certificates on OpenLDAP - here client
certs are configured between ldap_init() and apr_ldap_set_option() on a
per connection basis, which is impossible if you use ldapssl_init() to
init the connection.
:(
Regards,
Graham
--
Re: svn commit: r124824 - /apr/apr-util/trunk/ldap/apr_ldap_option.c
Posted by Graham Leggett <mi...@sharp.fm>.
bnicholes@apache.org wrote:
> URL: http://svn.apache.org/viewcvs?view=rev&rev=124824
> Log:
> Remove the call to ldapssl_install_routines for the Novell SDK. Do to the warning that states that if any other ldap call is made between the calls to ldap_init() and ldapssl_install_routines(), it is safer for the Novell SDK to always initialize the connection using ldapssl_init(). Suggest that other SDKs do the same.
This is incompatible with client certificates on OpenLDAP - here client
certs are configured between ldap_init() and apr_ldap_set_option() on a
per connection basis, which is impossible if you use ldapssl_init() to
init the connection.
:(
Regards,
Graham
--