Attached is an update that (for the time being) disables APR_HAS_LDAP_SSL
if APR_HAS_TIVOLI_LDAPSDK is set. Later, when the rest of the SSL code gets
added to the IBM Tivoli portions of the ldap modules, the disable code can
be removed.
Jeff Trawick wrote:
On 7/18/07, Paul J. Reder <[EMAIL PROTECTED]> wrote:
Since I don't seem to have karma to commit to APR/APR-util trunks, I'm
attaching a patch that adds the ability to identify the existence of
IBM's
Tivoli Directory Server LDAP client SDK. APR will then be able to look
for APR_HAS_TIVOLI_LDAPSDK to determine if that SDK is present.
It seems that APR_HAS_LDAP_SSL gets defined but some of the guts are
missing? In option_set_tls() there is a lack of code.
option_set_cert() may have the same issue.
If no guts, then no APR_HAS_LDAP_SSL glory.
--
Paul J. Reder
-----------------------------------------------------------
"The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
his share in this defense are the constitutional rights secure."
-- Albert Einstein
Index: apr-util-trunk/include/apr_ldap.h.in
===================================================================
--- apr-util-trunk/include/apr_ldap.h.in (revision 559641)
+++ apr-util-trunk/include/apr_ldap.h.in (working copy)
@@ -40,6 +40,7 @@
#define APR_HAS_MOZILLA_LDAPSDK @apu_has_ldap_mozilla@
#define APR_HAS_OPENLDAP_LDAPSDK @apu_has_ldap_openldap@
#define APR_HAS_MICROSOFT_LDAPSDK @apu_has_ldap_microsoft@
+#define APR_HAS_TIVOLI_LDAPSDK @apu_has_ldap_tivoli@
#define APR_HAS_ZOS_LDAPSDK @apu_has_ldap_zos@
#define APR_HAS_OTHER_LDAPSDK @apu_has_ldap_other@
@@ -57,7 +58,16 @@
* apr_ldap_url_parse*() functions have been rewritten specifically for
* APR, so the APR_HAS_LDAP_URL_PARSE macro is forced to zero.
*/
+#if APR_HAS_TIVOLI_LDAPSDK
+/* IBM Tivoli LDAP *does* provide SSL support, but adding SSL to LDAP modules
is
+ * complicated so for a first pass let's just recognize the LDAP portion and
+ * disable SSL for now. When SSL support is enabled, this needs to be rmoved.
+ */
+#define APR_HAS_LDAP_SSL 0
+#else
#define APR_HAS_LDAP_SSL 1
+#endif
+
#define APR_HAS_LDAP_URL_PARSE 0
#if APR_HAS_OPENLDAP_LDAPSDK && !defined(LDAP_DEPRECATED)
Index: apr-util-trunk/build/apu-conf.m4
===================================================================
--- apr-util-trunk/build/apu-conf.m4 (revision 559641)
+++ apr-util-trunk/build/apu-conf.m4 (working copy)
@@ -219,6 +219,7 @@
apu_has_ldap_microsoft="0"
apu_has_ldap_netscape="0"
apu_has_ldap_mozilla="0"
+apu_has_ldap_tivoli="0"
apu_has_ldap_zos="0"
apu_has_ldap_other="0"
@@ -321,6 +322,12 @@
apr_cv_ldap_toolkit="Mozilla"])
fi
if test "x$apr_cv_ldap_toolkit" = "x"; then
+ AC_EGREP_CPP([International Business Machines], [$lber_h
+ $ldap_h
+ LDAP_VENDOR_NAME], [apu_has_ldap_tivoli="1"
+ apr_cv_ldap_toolkit="Tivoli"])
+ fi
+ if test "x$apr_cv_ldap_toolkit" = "x"; then
case "$host" in
*-ibm-os390)
AC_EGREP_CPP([IBM], [$lber_h
@@ -358,6 +365,7 @@
AC_SUBST(apu_has_ldap_microsoft)
AC_SUBST(apu_has_ldap_netscape)
AC_SUBST(apu_has_ldap_mozilla)
+AC_SUBST(apu_has_ldap_tivoli)
AC_SUBST(apu_has_ldap_zos)
AC_SUBST(apu_has_ldap_other)
