svn commit: r124249 - /apr/apr-util/trunk/ldap/apr_ldap_init.c

[bn...@apache.org]

Author: bnicholes
Date: Wed Jan  5 11:11:50 2005
New Revision: 124249

URL: http://svn.apache.org/viewcvs?view=rev&rev=124249
Log:
Implement the startTLS functionality for Novell LDAP SDK
Modified:
   apr/apr-util/trunk/ldap/apr_ldap_init.c

Modified: apr/apr-util/trunk/ldap/apr_ldap_init.c
Url: http://svn.apache.org/viewcvs/apr/apr-util/trunk/ldap/apr_ldap_init.c?view=diff&rev=124249&p1=apr/apr-util/trunk/ldap/apr_ldap_init.c&r1=124248&p2=apr/apr-util/trunk/ldap/apr_ldap_init.c&r2=124249
==============================================================================
--- apr/apr-util/trunk/ldap/apr_ldap_init.c	(original)
+++ apr/apr-util/trunk/ldap/apr_ldap_init.c	Wed Jan  5 11:11:50 2005
@@ -330,7 +330,22 @@
         if (!strcmp(LDAP_VENDOR_NAME, APR_LDAP_VENDOR_NOVELL) ||
             !strcmp(LDAP_VENDOR_NAME, APR_LDAP_VENDOR_NETSCAPE)) {
 #if APR_HAS_LDAPSSL_INIT
-            *ldap = ldapssl_init(hostname, portno, 1);
+            if (secure == APR_LDAP_OPT_TLS_HARD) {
+                *ldap = ldapssl_init(hostname, portno, 1);
+            }
+            else {
+                *ldap = ldapssl_init(hostname, portno, 0);
+                result->rc = ldapssl_start_tls(*ldap);
+                if (LDAP_SUCCESS != result->rc) {
+                    ldap_unbind_s(*ldap);
+                    result->reason = "LDAP: ldapssl_start_tls failed, "
+                                     "could not set security mode for "
+                                     "apr_ldap_init()";
+                    result->msg = ldap_err2string(result->rc);
+                    *ldap = NULL;
+                    return APR_EGENERAL;
+                }
+            }
 #else
             result->reason = "LDAP: SSL not yet supported by APR on "
                              "this version of the Novell/Netscape toolkit";