mod_ldap: Updated to use the new apr-util v1.1 apr_ldap_*_option()

API for the setting of server and client SSL certificates. Replaced
LDAPTrustedCA directive with LDAPTrustedGlobalCert and
LDAPTrustedClientCert directives to correctly support global certs
(CA certs / Netware client certs) and per connection client certs
as supported by Netware, OpenLDAP and Netscape/Mozilla.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@125645 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 7 insertions, 4 deletions

diff --git a/include/util_ldap.h b/include/util_ldap.h
index f036d3b0a8..ce21063516 100644
--- a/include/util_ldap.h
+++ b/include/util_ldap.h
@@ -90,7 +90,8 @@ typedef struct util_ldap_connection_t {
     const char *binddn;                 /* DN to bind to server (can be NULL) */
     const char *bindpw;                 /* Password to bind to server (can be NULL) */
 
-    int secure;                         /* True if use SSL connection */
+    int secure;                         /* SSL/TLS mode of the connection */
+    apr_array_header_t *client_certs;   /* Client certificates on this connection */
 
     const char *reason;                 /* Reason for an error failure */
 
@@ -113,9 +114,11 @@ typedef struct util_ldap_state_t {
     long compare_cache_size;    /* Size (in entries) of compare cache */
 
     struct util_ldap_connection_t *connections;
-    char *cert_auth_file; 
-    int   cert_file_type;
-    int   ssl_support;
+    int   ssl_supported;
+    apr_array_header_t *global_certs;  /* Global CA certificates */
+    apr_array_header_t *client_certs;  /* Client certificates */
+    int   secure;
+    int   secure_set;
 
 #if APR_HAS_SHARED_MEMORY
     apr_shm_t *cache_shm;