Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/nslcd/cfg.c
diff options
context:
space:
mode:
authorArthur de Jong <arthur@arthurdejong.org>2021-01-23 15:53:21 +0100
committerArthur de Jong <arthur@arthurdejong.org>2021-01-23 16:44:39 +0100
commit026f08c6ad794657e516cd97a5cadbf98b92ecaa (patch)
tree999b5fb0c29ddacf0a68b6e63e1f927bc2d37ee3 /nslcd/cfg.c
parent78c00f172ea4d4fd244db7f91ca7eb101efe2038 (diff)
Add tls_crlfile to check local CRL file
This option is passed to the LDAP library if it is supported.
Diffstat (limited to 'nslcd/cfg.c')
-rw-r--r--nslcd/cfg.c24
1 files changed, 22 insertions, 2 deletions
diff --git a/nslcd/cfg.c b/nslcd/cfg.c
index b00546c..13905f6 100644
--- a/nslcd/cfg.c
+++ b/nslcd/cfg.c
@@ -1599,12 +1599,32 @@ static void cfg_read(const char *filename, struct ldap_config *cfg)
LDAP_SET_OPTION(NULL, LDAP_OPT_X_TLS_KEYFILE, value);
free(value);
}
-#ifdef LDAP_OPT_X_TLS_CRLCHECK
else if (strcasecmp(keyword, "tls_crlcheck") == 0)
{
+#ifdef LDAP_OPT_X_TLS_CRLCHECK
handle_tls_crlcheck(filename, lnr, keyword, line);
- }
+#else /* not LDAP_OPT_X_TLS_CRLCHECK */
+ log_log(LOG_ERR, "%s:%d: option %s not supported on platform",
+ filename, lnr, keyword);
+ exit(EXIT_FAILURE);
#endif /* LDAP_OPT_X_TLS_CRLCHECK */
+ }
+ else if (strcasecmp(keyword, "tls_crlfile") == 0)
+ {
+#ifdef LDAP_OPT_X_TLS_CRLFILE
+ value = get_strdup(filename, lnr, keyword, &line);
+ get_eol(filename, lnr, keyword, &line);
+ check_readable(filename, lnr, keyword, value);
+ log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_X_TLS_CRLFILE,\"%s\")",
+ value);
+ LDAP_SET_OPTION(NULL, LDAP_OPT_X_TLS_CRLFILE, value);
+ free(value);
+#else /* not LDAP_OPT_X_TLS_CRLFILE */
+ log_log(LOG_ERR, "%s:%d: option %s not supported on platform",
+ filename, lnr, keyword);
+ exit(EXIT_FAILURE);
+#endif /* LDAP_OPT_X_TLS_CRLFILE */
+ }
#endif /* LDAP_OPT_X_TLS */
/* other options */
else if (strcasecmp(keyword, "pagesize") == 0)