Commit 6997f7a7 authored by Ralf Haferkamp's avatar Ralf Haferkamp
Browse files

- The library now supports StartTLS. The patch was provided by Jeff Costlow

  <j.costlow@f5.com>
parent 20690a53
......@@ -36,8 +36,8 @@ LDAPAsynConnection::LDAPAsynConnection(const string& hostname, int port,
LDAPAsynConnection::~LDAPAsynConnection(){
DEBUG(LDAP_DEBUG_DESTROY,
"LDAPAsynConnection::~LDAPAsynConnection()" << endl);
delete m_constr;
unbind();
//delete m_constr;
}
void LDAPAsynConnection::init(const string& hostname, int port){
......@@ -53,6 +53,10 @@ void LDAPAsynConnection::init(const string& hostname, int port){
ldap_set_option(cur_session, LDAP_OPT_PROTOCOL_VERSION, &opt);
}
int LDAPAsynConnection::start_tls(){
return ldap_start_tls_s( cur_session, NULL, NULL );
}
LDAPMessageQueue* LDAPAsynConnection::bind(const string& dn,
const string& passwd, const LDAPConstraints *cons){
DEBUG(LDAP_DEBUG_TRACE, "LDAPAsynConnection::bind()" << endl);
......
......@@ -77,7 +77,7 @@ class LDAPAsynConnection{
virtual ~LDAPAsynConnection();
/**
* Initzializes a connection to a server.
* Initializes a connection to a server.
*
* There actually no
* communication to the server. Just the object is initialized
......@@ -89,6 +89,14 @@ class LDAPAsynConnection{
*/
void init(const string& hostname, int port);
/**
* Start TLS on this connection. This isn't in the constructor,
* because it could fail (i.e. server doesn't have SSL cert, client
* api wasn't compiled against OpenSSL, etc.). If you need TLS,
* then you should error if this call fails with an error code.
*/
int start_tls();
/** Simple authentication to a LDAP-Server
*
* @throws LDAPException If the Request could not be sent to the
......
......@@ -22,6 +22,10 @@ LDAPConnection::LDAPConnection(const string& hostname, int port,
LDAPConnection::~LDAPConnection(){
}
int LDAPConnection::start_tls(){
return LDAPAsynConnection::start_tls();
}
void LDAPConnection::bind(const string& dn, const string& passwd,
LDAPConstraints* cons){
......
......@@ -68,6 +68,14 @@ class LDAPConnection : private LDAPAsynConnection {
*/
void init(const string& hostname, int port);
/**
* Start TLS on this connection. This isn't in the constructor,
* because it could fail (i.e. server doesn't have SSL cert, client
* api wasn't compiled against OpenSSL, etc.). If you need TLS,
* then you should error if this call fails with an error code.
*/
int start_tls();
/**
* Performs a simple authentication with the server
*
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment