Commit 7a5d12cc authored by Howard Chu's avatar Howard Chu
Browse files

Add TLS options to bindconf struct

parent 8c1b8d3f
...@@ -1034,6 +1034,17 @@ static slap_cf_aux_table bindkey[] = { ...@@ -1034,6 +1034,17 @@ static slap_cf_aux_table bindkey[] = {
{ BER_BVC("realm="), offsetof(slap_bindconf, sb_realm), 'b', 0, NULL }, { BER_BVC("realm="), offsetof(slap_bindconf, sb_realm), 'b', 0, NULL },
{ BER_BVC("authcID="), offsetof(slap_bindconf, sb_authcId), 'b', 0, NULL }, { BER_BVC("authcID="), offsetof(slap_bindconf, sb_authcId), 'b', 0, NULL },
{ BER_BVC("authzID="), offsetof(slap_bindconf, sb_authzId), 'b', 1, NULL }, { BER_BVC("authzID="), offsetof(slap_bindconf, sb_authzId), 'b', 1, NULL },
#ifdef HAVE_TLS
{ BER_BVC("tls_cert="), offsetof(slap_bindconf, sb_tls_cert), 's', 1, NULL },
{ BER_BVC("tls_key="), offsetof(slap_bindconf, sb_tls_key), 's', 1, NULL },
{ BER_BVC("tls_cacert="), offsetof(slap_bindconf, sb_tls_cacert), 's', 1, NULL },
{ BER_BVC("tls_cacertdir="), offsetof(slap_bindconf, sb_tls_cacertdir), 's', 1, NULL },
{ BER_BVC("tls_reqcert="), offsetof(slap_bindconf, sb_tls_reqcert), 's', 1, NULL },
{ BER_BVC("tls_cipher_suite="), offsetof(slap_bindconf, sb_tls_cipher_suite), 's', 1, NULL },
#ifdef HAVE_OPENSSL_CRL
{ BER_BVC("tls_crlcheck="), offsetof(slap_bindconf, sb_tls_crlcheck), 's', 1, NULL },
#endif
#endif
{ BER_BVNULL, 0, 0, 0, NULL } { BER_BVNULL, 0, 0, 0, NULL }
}; };
...@@ -1243,6 +1254,38 @@ void bindconf_free( slap_bindconf *bc ) { ...@@ -1243,6 +1254,38 @@ void bindconf_free( slap_bindconf *bc ) {
ch_free( bc->sb_authzId.bv_val ); ch_free( bc->sb_authzId.bv_val );
BER_BVZERO( &bc->sb_authzId ); BER_BVZERO( &bc->sb_authzId );
} }
#ifdef HAVE_TLS
if ( bc->sb_tls_cert ) {
ch_free( bc->sb_tls_cert );
bc->sb_tls_cert = NULL;
}
if ( bc->sb_tls_key ) {
ch_free( bc->sb_tls_key );
bc->sb_tls_key = NULL;
}
if ( bc->sb_tls_cacert ) {
ch_free( bc->sb_tls_cacert );
bc->sb_tls_cacert = NULL;
}
if ( bc->sb_tls_cacertdir ) {
ch_free( bc->sb_tls_cacertdir );
bc->sb_tls_cacertdir = NULL;
}
if ( bc->sb_tls_reqcert ) {
ch_free( bc->sb_tls_reqcert );
bc->sb_tls_reqcert = NULL;
}
if ( bc->sb_tls_cipher_suite ) {
ch_free( bc->sb_tls_cipher_suite );
bc->sb_tls_cipher_suite = NULL;
}
#ifdef HAVE_OPENSSL_CRL
if ( bc->sb_tls_crlcheck ) {
ch_free( bc->sb_tls_crlcheck );
bc->sb_tls_crlcheck = NULL;
}
#endif
#endif
} }
......
...@@ -1520,6 +1520,17 @@ typedef struct slap_bindconf { ...@@ -1520,6 +1520,17 @@ typedef struct slap_bindconf {
struct berval sb_realm; struct berval sb_realm;
struct berval sb_authcId; struct berval sb_authcId;
struct berval sb_authzId; struct berval sb_authzId;
#ifdef HAVE_TLS
char *sb_tls_cert;
char *sb_tls_key;
char *sb_tls_cacert;
char *sb_tls_cacertdir;
char *sb_tls_reqcert;
char *sb_tls_cipher_suite;
#ifdef HAVE_OPENSSL_CRL
char *sb_tls_crlcheck;
#endif
#endif
} slap_bindconf; } slap_bindconf;
struct slap_replica_info { struct slap_replica_info {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment