diff options
| author | minfrin <minfrin@13f79535-47bb-0310-9956-ffa450edef68> | 2005-01-06 20:20:38 +0000 |
|---|---|---|
| committer | minfrin <minfrin@13f79535-47bb-0310-9956-ffa450edef68> | 2005-01-06 20:20:38 +0000 |
| commit | ac80c947eaf378222067e904760c6ceef193ffb9 (patch) | |
| tree | beac38168ff83fdc46f6b15d01fc9032351e1b0f | |
| parent | 32da6559bd067cfdbdc888e397f822377141cf41 (diff) | |
| download | libapr-util-ac80c947eaf378222067e904760c6ceef193ffb9.tar.gz | |
Add the ability to detect the flavour of the LDAP toolkit within configure,
making the APR_LDAP_*_LDAPSDK macros work correctly.
git-svn-id: http://svn.apache.org/repos/asf/apr/apr-util/trunk@124433 13f79535-47bb-0310-9956-ffa450edef68
| -rw-r--r-- | build/apu-conf.m4 | 52 | ||||
| -rw-r--r-- | include/apr_ldap.h.in | 37 | ||||
| -rw-r--r-- | include/apr_ldap.hnw | 31 | ||||
| -rw-r--r-- | include/apr_ldap.hw | 31 | ||||
| -rw-r--r-- | ldap/apr_ldap_init.c | 384 |
5 files changed, 253 insertions, 282 deletions
diff --git a/build/apu-conf.m4 b/build/apu-conf.m4 index 6d9d38bc..9f655559 100644 --- a/build/apu-conf.m4 +++ b/build/apu-conf.m4 @@ -246,6 +246,12 @@ apu_has_ldapssl_add_trusted_cert="0" apu_has_ldap_start_tls_s="0" apu_has_ldapssl_init="0" apu_has_ldap_sslinit="0" +apu_has_ldap_openldap="0" +apu_has_ldap_solaris="0" +apu_has_ldap_novell="0" +apu_has_ldap_microsoft="0" +apu_has_ldap_netscape="0" +apu_has_ldap_other="0" AC_ARG_WITH(ldap-include,[ --with-ldap-include=path path to ldap include files with trailing slash]) AC_ARG_WITH(ldap-lib,[ --with-ldap-lib=path path to ldap lib file]) @@ -304,6 +310,46 @@ dnl The iPlanet C SDK 5.0 is as yet untested... AC_CHECK_HEADERS(ldap_ssl.h, ldap_ssl_h=["#include <ldap_ssl.h>"]) + if test "$apr_cv_hdr_ldap_h" = "yes"; then + AC_CACHE_CHECK([for LDAP toolkit], + [apr_cv_ldap_toolkit], [ + if test "x$apr_cv_ldap_toolkit" = "x"; then + AC_EGREP_CPP([OpenLDAP], [$lber_h + $ldap_h + LDAP_VENDOR_NAME], [apu_has_ldap_openldap="1" + apr_cv_ldap_toolkit="OpenLDAP"]) + fi + if test "x$apr_cv_ldap_toolkit" = "x"; then + AC_EGREP_CPP([Sun Microsystems Inc.], [$lber_h + $ldap_h + LDAP_VENDOR_NAME], [apu_has_ldap_solaris="1" + apr_cv_ldap_toolkit="Solaris"]) + fi + if test "x$apr_cv_ldap_toolkit" = "x"; then + AC_EGREP_CPP([Novell], [$lber_h + $ldap_h + LDAP_VENDOR_NAME], [apu_has_ldap_novell="1" + apr_cv_ldap_toolkit="Novell"]) + fi + if test "x$apr_cv_ldap_toolkit" = "x"; then + AC_EGREP_CPP([Microsoft Corporation.], [$lber_h + $ldap_h + LDAP_VENDOR_NAME], [apu_has_ldap_microsoft="1" + apr_cv_ldap_toolkit="Microsoft"]) + fi + if test "x$apr_cv_ldap_toolkit" = "x"; then + AC_EGREP_CPP([Netscape Communications Corp.], [$lber_h + $ldap_h + LDAP_VENDOR_NAME], [apu_has_ldap_netscape="1" + apr_cv_ldap_toolkit="Netscape"]) + fi + if test "x$apr_cv_ldap_toolkit" = "x"; then + apu_has_ldap_other="1" + apr_cv_ldap_toolkit="unknown" + fi + ]) + fi + CPPFLAGS=$save_cppflags LDFLAGS=$save_ldflags LIBS=$save_libs @@ -319,6 +365,12 @@ AC_SUBST(apu_has_ldap_start_tls_s) AC_SUBST(apu_has_ldapssl_init) AC_SUBST(apu_has_ldap_sslinit) AC_SUBST(apu_has_ldap) +AC_SUBST(apu_has_ldap_openldap) +AC_SUBST(apu_has_ldap_solaris) +AC_SUBST(apu_has_ldap_novell) +AC_SUBST(apu_has_ldap_microsoft) +AC_SUBST(apu_has_ldap_netscape) +AC_SUBST(apu_has_ldap_other) ]) diff --git a/include/apr_ldap.h.in b/include/apr_ldap.h.in index ed3c4c87..b1fd0d80 100644 --- a/include/apr_ldap.h.in +++ b/include/apr_ldap.h.in @@ -32,29 +32,19 @@ /* this will be defined if LDAP support was compiled into apr-util */ #define APR_HAS_LDAP @apu_has_ldap@ - -/* - * Handle the case when LDAP is disabled - switch everything off by default - */ -#if !APR_HAS_LDAP - -/* - * The following #defines are DEPRECATED and should not be used. They do - * not work properly anyway. - */ -#define APR_HAS_NETSCAPE_LDAPSDK 0 -#define APR_HAS_NOVELL_LDAPSDK 0 -#define APR_HAS_OPENLDAP_LDAPSDK 0 -#define APR_HAS_MICROSOFT_LDAPSDK 0 -#define APR_HAS_OTHER_LDAPSDK 0 -#define APR_HAS_LDAP_SSL 0 -#define APR_HAS_LDAP_URL_PARSE 0 +/* identify the LDAP toolkit used */ +#define APR_HAS_NETSCAPE_LDAPSDK @apu_has_ldap_netscape@ +#define APR_HAS_SOLARIS_LDAPSDK @apu_has_ldap_solaris@ +#define APR_HAS_NOVELL_LDAPSDK @apu_has_ldap_novell@ +#define APR_HAS_OPENLDAP_LDAPSDK @apu_has_ldap_openldap@ +#define APR_HAS_MICROSOFT_LDAPSDK @apu_has_ldap_microsoft@ +#define APR_HAS_OTHER_LDAPSDK @apu_has_ldap_other@ /* * Handle the case when LDAP is enabled */ -#else /* ldap support available */ +#if APR_HAS_LDAP /* * The following #defines are DEPRECATED and should not be used for @@ -64,7 +54,6 @@ * apr_ldap_url_parse*() functions have been rewritten specifically for * APR, so the APR_HAS_LDAP_URL_PARSE macro is forced to zero. */ -#define APR_HAS_OPENLDAP_LDAPSDK 1 #define APR_HAS_LDAP_SSL 1 #define APR_HAS_LDAP_URL_PARSE 0 @@ -79,16 +68,6 @@ /* - * Vendor LDAP toolkits that we identify - */ -#define APR_LDAP_VENDOR_NOVELL "Novell" -#define APR_LDAP_VENDOR_NETSCAPE "Netscape Communications Corp." -#define APR_LDAP_VENDOR_MICROSOFT "Microsoft Corporation." -#define APR_LDAP_VENDOR_OPENLDAP "OpenLDAP" -#define APR_LDAP_VENDOR_SUN "Sun Microsystems Inc." - - -/* * Detected standard functions */ #define APR_HAS_LDAPSSL_CLIENT_INIT @apu_has_ldapssl_client_init@ diff --git a/include/apr_ldap.hnw b/include/apr_ldap.hnw index 6a3c15fa..f1a03e75 100644 --- a/include/apr_ldap.hnw +++ b/include/apr_ldap.hnw @@ -30,31 +30,21 @@ */ /* this will be defined if LDAP support was compiled into apr-util */ -#define APR_HAS_LDAP 1 +#define APR_HAS_LDAP 1 - -/* - * Handle the case when LDAP is disabled - switch everything off by default - */ -#if !APR_HAS_LDAP - -/* - * The following #defines are DEPRECATED and should not be used. They do - * not work properly anyway. - */ +/* identify the LDAP toolkit used */ #define APR_HAS_NETSCAPE_LDAPSDK 0 -#define APR_HAS_NOVELL_LDAPSDK 0 +#define APR_HAS_SOLARIS_LDAPSDK 0 +#define APR_HAS_NOVELL_LDAPSDK 1 #define APR_HAS_OPENLDAP_LDAPSDK 0 #define APR_HAS_MICROSOFT_LDAPSDK 0 #define APR_HAS_OTHER_LDAPSDK 0 -#define APR_HAS_LDAP_SSL 0 -#define APR_HAS_LDAP_URL_PARSE 0 /* * Handle the case when LDAP is enabled */ -#else /* ldap support available */ +#if APR_HAS_LDAP /* * The following #defines are DEPRECATED and should not be used for @@ -64,7 +54,6 @@ * apr_ldap_url_parse*() functions have been rewritten specifically for * APR, so the APR_HAS_LDAP_URL_PARSE macro is forced to zero. */ -#define APR_HAS_NOVELL_LDAPSDK 1 #define APR_HAS_LDAP_SSL 1 #define APR_HAS_LDAP_URL_PARSE 0 @@ -81,16 +70,6 @@ /* - * Vendor LDAP toolkits that we identify - */ -#define APR_LDAP_VENDOR_NOVELL "Novell" -#define APR_LDAP_VENDOR_NETSCAPE "Netscape Communications Corp." -#define APR_LDAP_VENDOR_MICROSOFT "Microsoft Corporation." -#define APR_LDAP_VENDOR_OPENLDAP "OpenLDAP" -#define APR_LDAP_VENDOR_SUN "Sun Microsystems Inc." - - -/* * Detected standard functions */ #define APR_HAS_LDAPSSL_CLIENT_INIT 1 diff --git a/include/apr_ldap.hw b/include/apr_ldap.hw index 7f792bdc..a2e02bcc 100644 --- a/include/apr_ldap.hw +++ b/include/apr_ldap.hw @@ -30,31 +30,21 @@ */ /* this will be defined if LDAP support was compiled into apr-util */ -#define APR_HAS_LDAP 1 +#define APR_HAS_LDAP 1 - -/* - * Handle the case when LDAP is disabled - switch everything off by default - */ -#if !APR_HAS_LDAP - -/* - * The following #defines are DEPRECATED and should not be used. They do - * not work properly anyway. - */ +/* identify the LDAP toolkit used */ #define APR_HAS_NETSCAPE_LDAPSDK 0 +#define APR_HAS_SOLARIS_LDAPSDK 0 #define APR_HAS_NOVELL_LDAPSDK 0 #define APR_HAS_OPENLDAP_LDAPSDK 0 -#define APR_HAS_MICROSOFT_LDAPSDK 0 +#define APR_HAS_MICROSOFT_LDAPSDK 1 #define APR_HAS_OTHER_LDAPSDK 0 -#define APR_HAS_LDAP_SSL 0 -#define APR_HAS_LDAP_URL_PARSE 0 /* * Handle the case when LDAP is enabled */ -#else /* ldap support available */ +#if APR_HAS_LDAP /* * The following #defines are DEPRECATED and should not be used for @@ -64,7 +54,6 @@ * apr_ldap_url_parse*() functions have been rewritten specifically for * APR, so the APR_HAS_LDAP_URL_PARSE macro is forced to zero. */ -#define APR_HAS_MICROSOFT_LDAPSDK 1 #define APR_HAS_LDAP_SSL 1 #define APR_HAS_LDAP_URL_PARSE 0 @@ -77,16 +66,6 @@ /* - * Vendor LDAP toolkits that we identify - */ -#define APR_LDAP_VENDOR_NOVELL "Novell" -#define APR_LDAP_VENDOR_NETSCAPE "Netscape Communications Corp." -#define APR_LDAP_VENDOR_MICROSOFT "Microsoft Corporation." -#define APR_LDAP_VENDOR_OPENLDAP "OpenLDAP" -#define APR_LDAP_VENDOR_SUN "Sun Microsystems Inc." - - -/* * Detected standard functions */ #define APR_HAS_LDAPSSL_CLIENT_INIT 0 diff --git a/ldap/apr_ldap_init.c b/ldap/apr_ldap_init.c index 448589e5..4de8e244 100644 --- a/ldap/apr_ldap_init.c +++ b/ldap/apr_ldap_init.c @@ -61,28 +61,26 @@ APU_DECLARE(int) apr_ldap_ssl_init(apr_pool_t *pool, #if APR_HAS_LDAP_SSL /* compiled with ssl support */ /* Novell needs special initialisation */ - if (!strcmp(LDAP_VENDOR_NAME, APR_LDAP_VENDOR_NOVELL)) { - +#if APR_HAS_NOVELL_LDAPSDK #if APR_HAS_LDAPSSL_CLIENT_INIT - result->rc = ldapssl_client_init(NULL, NULL); + result->rc = ldapssl_client_init(NULL, NULL); - if (LDAP_SUCCESS == result->rc) { - return APR_SUCCESS; - } - else { - result->msg = ldap_err2string(result-> rc); - result->reason = apr_pstrdup (pool, "LDAP: Could not " - "initialize SSL"); - return APR_EGENERAL; - } + if (LDAP_SUCCESS == result->rc) { + return APR_SUCCESS; + } + else { + result->msg = ldap_err2string(result-> rc); + result->reason = apr_pstrdup (pool, "LDAP: Could not " + "initialize SSL"); + return APR_EGENERAL; + } #else - result->reason = "LDAP: ldapssl_client_init() function not " - "supported by this Novell SDK. SSL not " - "initialised"; - result->rc = -1; + result->reason = "LDAP: ldapssl_client_init() function not " + "supported by this Novell SDK. SSL not " + "initialised"; + result->rc = -1; +#endif #endif - - } #endif } @@ -117,126 +115,117 @@ APU_DECLARE(int) apr_ldap_ssl_add_cert(apr_pool_t *pool, #if APR_HAS_LDAP_SSL /* compiled with ssl support */ /* Netscape SDK */ - if (!strcmp(LDAP_VENDOR_NAME, APR_LDAP_VENDOR_NETSCAPE)) { - +#if APR_HAS_NETSCAPE_LDAPSDK #if APR_HAS_LDAP_SSL_CLIENT_INIT - /* Netscape sdk only supports a cert7.db file - */ - if (cert_file_type == APR_LDAP_CA_TYPE_CERT7_DB) { - result->rc = ldapssl_client_init(cert_auth_file, NULL); - } - else { - result->reason = "LDAP: Invalid certificate type: " - "CERT7_DB type required"; - result->rc = -1; - } -#else - result->reason = "LDAP: ldapssl_client_init() function not " - "supported by this Netscape SDK. Certificate " - "authority file not set"; + /* Netscape sdk only supports a cert7.db file + */ + if (cert_file_type == APR_LDAP_CA_TYPE_CERT7_DB) { + result->rc = ldapssl_client_init(cert_auth_file, NULL); + } + else { + result->reason = "LDAP: Invalid certificate type: " + "CERT7_DB type required"; result->rc = -1; -#endif - } +#else + result->reason = "LDAP: ldapssl_client_init() function not " + "supported by this Netscape SDK. Certificate " + "authority file not set"; + result->rc = -1; +#endif +#endif /* Novell SDK */ - else if (!strcmp(LDAP_VENDOR_NAME, APR_LDAP_VENDOR_NOVELL)) { - +#if APR_HAS_NOVELL_LDAPSDK #if APR_HAS_LDAPSSL_CLIENT_INIT && APR_HAS_LDAPSSL_ADD_TRUSTED_CERT && APR_HAS_LDAPSSL_CLIENT_DEINIT - /* Novell SDK supports DER or BASE64 files - */ - if (cert_file_type == APR_LDAP_CA_TYPE_DER || - cert_file_type == APR_LDAP_CA_TYPE_BASE64 ) { - - result->rc = ldapssl_client_init(NULL, NULL); - if (LDAP_SUCCESS == result->rc) { - if (cert_file_type == APR_LDAP_CA_TYPE_BASE64) { - result->rc = ldapssl_add_trusted_cert((void*)cert_auth_file, - LDAPSSL_CERT_FILETYPE_B64); - } - else { - result->rc = ldapssl_add_trusted_cert((void*)cert_auth_file, - LDAPSSL_CERT_FILETYPE_DER); - } + /* Novell SDK supports DER or BASE64 files + */ + if (cert_file_type == APR_LDAP_CA_TYPE_DER || + cert_file_type == APR_LDAP_CA_TYPE_BASE64 ) { - if (LDAP_SUCCESS != result->rc) { - ldapssl_client_deinit(); - result->reason = apr_psprintf(pool, - "LDAP: Invalid certificate " - "or path: Could not add " - "trusted cert %s", - cert_auth_file); - } + result->rc = ldapssl_client_init(NULL, NULL); + if (LDAP_SUCCESS == result->rc) { + if (cert_file_type == APR_LDAP_CA_TYPE_BASE64) { + result->rc = ldapssl_add_trusted_cert((void*)cert_auth_file, + LDAPSSL_CERT_FILETYPE_B64); + } + else { + result->rc = ldapssl_add_trusted_cert((void*)cert_auth_file, + LDAPSSL_CERT_FILETYPE_DER); } - } - else { - result->reason = "LDAP: Invalid certificate type: " - "DER or BASE64 type required"; - result->rc = -1; - } -#else - result->reason = "LDAP: ldapssl_client_init(), " - "ldapssl_add_trusted_cert() or " - "ldapssl_client_deinit() functions not supported " - "by this Novell SDK. Certificate authority file " - "not set"; + if (LDAP_SUCCESS != result->rc) { + ldapssl_client_deinit(); + result->reason = apr_psprintf(pool, + "LDAP: Invalid certificate " + "or path: Could not add " + "trusted cert %s", + cert_auth_file); + } + } + } + else { + result->reason = "LDAP: Invalid certificate type: " + "DER or BASE64 type required"; result->rc = -1; -#endif } +#else + result->reason = "LDAP: ldapssl_client_init(), " + "ldapssl_add_trusted_cert() or " + "ldapssl_client_deinit() functions not supported " + "by this Novell SDK. Certificate authority file " + "not set"; + result->rc = -1; +#endif +#endif /* openldap SDK */ - else if (!strcmp(LDAP_VENDOR_NAME, APR_LDAP_VENDOR_OPENLDAP)) { +#if APR_HAS_OPENLDAP_LDAPSDK #ifdef LDAP_OPT_X_TLS_CACERTFILE - - /* OpenLDAP SDK supports BASE64 files - */ - if (cert_file_type == APR_LDAP_CA_TYPE_BASE64) { - result->rc = ldap_set_option(NULL, - LDAP_OPT_X_TLS_CACERTFILE, - cert_auth_file); - } - else { - result->reason = "LDAP: Invalid certificate type: " - "BASE64 type required"; - result->rc = -1; - } - -#else - result->reason = "LDAP: LDAP_OPT_X_TLS_CACERTFILE not " - "defined by this OpenLDAP SDK. Certificate " - "authority file not set"; + /* OpenLDAP SDK supports BASE64 files + */ + if (cert_file_type == APR_LDAP_CA_TYPE_BASE64) { + result->rc = ldap_set_option(NULL, + LDAP_OPT_X_TLS_CACERTFILE, + cert_auth_file); + } + else { + result->reason = "LDAP: Invalid certificate type: " + "BASE64 type required"; result->rc = -1; -#endif } +#else + result->reason = "LDAP: LDAP_OPT_X_TLS_CACERTFILE not " + "defined by this OpenLDAP SDK. Certificate " + "authority file not set"; + result->rc = -1; +#endif +#endif /* microsoft SDK */ - else if (!strcmp(LDAP_VENDOR_NAME, APR_LDAP_VENDOR_MICROSOFT)) { - - /* Microsoft SDK use the registry certificate store - always - * assume support is always available - */ - result->rc = LDAP_SUCCESS; - - } +#if APR_HAS_MICROSOFT_LDAPSDK + /* Microsoft SDK use the registry certificate store - always + * assume support is always available + */ + result->rc = LDAP_SUCCESS; +#endif /* Sun SDK */ - else if (!strcmp(LDAP_VENDOR_NAME, APR_LDAP_VENDOR_SUN)) { - result->reason = "LDAP: Attempt to set certificate store failed. " - "APR does not yet know how to set a certificate " - "store on the Sun toolkit"; - result->rc = -1; - } +#if APR_HAS_SOLARIS_LDAPSDK + result->reason = "LDAP: Attempt to set certificate store failed. " + "APR does not yet know how to set a certificate " + "store on the Sun toolkit"; + result->rc = -1; +#endif /* SDK not recognised */ - else { - - /* unknown toolkit type, assume no support available */ - result->reason = "LDAP: Attempt to set certificate store failed. " - "Toolkit type not recognised by APR as supporting " - "SSL"; - result->rc = -1; - } +#if APR_HAS_OTHER_LDAPSDK + /* unknown toolkit type, assume no support available */ + result->reason = "LDAP: Attempt to set certificate store failed. " + "Toolkit type not recognised by APR as supporting " + "SSL"; + result->rc = -1; +#endif #else /* not compiled with SSL Support */ @@ -327,112 +316,105 @@ APU_DECLARE(int) apr_ldap_init(apr_pool_t *pool, else { /* ssl connnection requested */ #if APR_HAS_LDAP_SSL - /* novell / netscape toolkit */ - if (!strcmp(LDAP_VENDOR_NAME, APR_LDAP_VENDOR_NOVELL) || - !strcmp(LDAP_VENDOR_NAME, APR_LDAP_VENDOR_NETSCAPE)) { + /* netscape toolkit */ +#if APR_HAS_NETSCAPE_LDAPSDK #if APR_HAS_LDAPSSL_INIT - if (secure == APR_LDAP_OPT_TLS_HARD) { - *ldap = ldapssl_init(hostname, portno, 1); - } - else { - *ldap = ldapssl_init(hostname, portno, 0); - result->rc = ldapssl_start_tls(*ldap); - if (LDAP_SUCCESS != result->rc) { - ldap_unbind_s(*ldap); - result->reason = "LDAP: ldapssl_start_tls failed, " - "could not set security mode for " - "apr_ldap_init()"; - result->msg = ldap_err2string(result->rc); - *ldap = NULL; - return APR_EGENERAL; - } - } + *ldap = ldapssl_init(hostname, portno, 1); #else - result->reason = "LDAP: SSL not yet supported by APR on " - "this version of the Novell/Netscape toolkit"; - return APR_ENOTIMPL; + result->reason = "LDAP: SSL not yet supported by APR on " + "this version of the Netscape toolkit"; + return APR_ENOTIMPL; +#endif #endif + + /* novell toolkit */ +#if APR_HAS_NOVELL_LDAPSDK + if (secure == APR_LDAP_OPT_TLS_HARD) { + *ldap = ldapssl_init(hostname, portno, 1); } + else { + *ldap = ldapssl_init(hostname, portno, 0); + result->rc = ldapssl_start_tls(*ldap); + if (LDAP_SUCCESS != result->rc) { + ldap_unbind_s(*ldap); + result->reason = "LDAP: ldapssl_start_tls failed, " + "could not set security mode for " + "apr_ldap_init()"; + result->msg = ldap_err2string(result->rc); + *ldap = NULL; + return APR_EGENERAL; + } + } +#endif /* openldap toolkit */ - else if (!strcmp(LDAP_VENDOR_NAME, APR_LDAP_VENDOR_OPENLDAP)) { +#if APR_HAS_OPENLDAP_LDAPSDK #ifdef LDAP_OPT_X_TLS - *ldap = ldap_init(hostname, portno); - if (NULL != *ldap) { - int SSLmode = secure; - result->rc = ldap_set_option(*ldap, LDAP_OPT_X_TLS, &SSLmode); - if (LDAP_SUCCESS != result->rc) { - ldap_unbind_s(*ldap); - result->reason = "LDAP: ldap_set_option failed, " - "could not set security mode for " - "apr_ldap_init()"; - result->msg = ldap_err2string(result->rc); - *ldap = NULL; - return APR_EGENERAL; - } + *ldap = ldap_init(hostname, portno); + if (NULL != *ldap) { + int SSLmode = secure; + result->rc = ldap_set_option(*ldap, LDAP_OPT_X_TLS, &SSLmode); + if (LDAP_SUCCESS != result->rc) { + ldap_unbind_s(*ldap); + result->reason = "LDAP: ldap_set_option failed, " + "could not set security mode for " + "apr_ldap_init()"; + result->msg = ldap_err2string(result->rc); + *ldap = NULL; + return APR_EGENERAL; } + } #else - result->reason = "LDAP: SSL/TLS not yet supported by APR on this " - "version of the OpenLDAP toolkit"; - return APR_ENOTIMPL; + result->reason = "LDAP: SSL/TLS not yet supported by APR on this " + "version of the OpenLDAP toolkit"; + return APR_ENOTIMPL; +#endif #endif - } /* microsoft toolkit */ - else if (!strcmp(LDAP_VENDOR_NAME, APR_LDAP_VENDOR_MICROSOFT)) { - if (APR_LDAP_OPT_TLS_HARD == secure) { -#if APR_HAS_LDAP_SSLINIT - *ldap = ldap_sslinit((char *)hostname, portno, 1); -#else - result->reason = "LDAP: ldap_sslinit() not yet supported by APR on " - "this version of the Microsoft toolkit"; - return APR_ENOTIMPL; -#endif - } - else { -#if APR_HAS_LDAP_START_TLS_S5 - if (APR_LDAP_OPT_TLS_DEMAND == secure) { - *ldap = ldap_init(hostname, portno); - if (NULL != *ldap) { - result->rc = ldap_start_tls_s(*ldap, NULL, NULL, NULL, NULL); - if (LDAP_SUCCESS != result->rc) { - ldap_unbind_s(*ldap); - result->reason = "LDAP: ldap_start_tls_s() failed, " - "could not set STARTTLS mode for " - "apr_ldap_init()"; - result->msg = ldap_err2string(result->rc); - *ldap = NULL; - return APR_EGENERAL; - } +#if APR_HAS_MICROSOFT_LDAPSDK + if (APR_LDAP_OPT_TLS_HARD == secure) { + *ldap = ldap_sslinit((char *)hostname, portno, 1); + } + else { + if (APR_LDAP_OPT_TLS_DEMAND == secure) { + *ldap = ldap_init(hostname, portno); + if (NULL != *ldap) { + result->rc = ldap_start_tls_s(*ldap, NULL, NULL, NULL, NULL); + if (LDAP_SUCCESS != result->rc) { + ldap_unbind_s(*ldap); + result->reason = "LDAP: ldap_start_tls_s() failed, " + "could not set STARTTLS mode for " + "apr_ldap_init()"; + result->msg = ldap_err2string(result->rc); + *ldap = NULL; + return APR_EGENERAL; } } - else { - result->reason = "LDAP: APR_LDAP_OPT_TLS_ALLOW and " - "APR_LDAP_OPT_TLS_TRY are not supported " - "by APR on this version of the Microsoft " - "toolkit. Use APR_LDAP_OPT_TLS_DEMAND " - "instead to enable STARTTLS"; - return APR_ENOTIMPL; - } -#else - result->reason = "LDAP: ldap_start_tls_s() not yet supported " - "by APR on this version of the Microsoft toolkit"; + } + else { + result->reason = "LDAP: APR_LDAP_OPT_TLS_ALLOW and " + "APR_LDAP_OPT_TLS_TRY are not supported " + "by APR on this version of the Microsoft " + "toolkit. Use APR_LDAP_OPT_TLS_DEMAND " + "instead to enable STARTTLS"; return APR_ENOTIMPL; -#endif } } +#endif /* sun toolkit */ - else if (!strcmp(LDAP_VENDOR_NAME, APR_LDAP_VENDOR_SUN)) { - result->reason = "LDAP: SSL not yet supported by APR on " - "this version of the Sun toolkit"; - return APR_ENOTIMPL; - } +#if APR_HAS_SOLARIS_LDAPSDK + result->reason = "LDAP: SSL not yet supported by APR on " + "this version of the Sun toolkit"; + return APR_ENOTIMPL; +#endif /* unknown toolkit - return not implemented */ - else { - return APR_ENOTIMPL; - } +#if APR_HAS_OTHER_LDAPSDK + return APR_ENOTIMPL; +#endif + #endif /* APR_HAS_LDAP_SSL */ } |