35 lines
1.4 KiB
Text
35 lines
1.4 KiB
Text
$NetBSD: patch-ag,v 1.1 2005/11/02 03:11:36 aolcarton Exp $
|
|
|
|
--- lib/check.c.orig 2001-03-26 05:36:41.000000000 -0500
|
|
+++ lib/check.c
|
|
@@ -92,6 +92,7 @@ int check_challenge(scep_t *scep) {
|
|
char *challenge, *dn;
|
|
X509_NAME *subject;
|
|
LDAP *ldap = NULL;
|
|
+ int version3 = 3, rc;
|
|
|
|
/* the clientreq field in the scep structure contains the */
|
|
/* request, even for getcertinitial messages where the request */
|
|
@@ -135,10 +136,18 @@ int check_challenge(scep_t *scep) {
|
|
__FILE__, __LINE__, dn);
|
|
|
|
/* connect to the ldap directory */
|
|
- ldap = ldap_open(scep->l.ldaphost, scep->l.ldapport);
|
|
- if (ldap == NULL) {
|
|
- BIO_printf(bio_err, "%s:%d: cannot connect to %s:%d\n",
|
|
- __FILE__, __LINE__, scep->l.ldaphost, scep->l.ldapport);
|
|
+ rc = ldap_initialize(&ldap, scep->l.ldapuri);
|
|
+ if (rc || ldap == NULL) {
|
|
+ BIO_printf(bio_err, "%s:%d: cannot initialize LDAP connection to %s: %s (%d)\n",
|
|
+ __FILE__, __LINE__, scep->l.ldapuri != NULL ? scep->l.ldapuri : "<DEFAULT>", ldap_err2string(rc), rc);
|
|
+ syslog(LOG_ERR, "%s:%d: cannot initialize LDAP connection to %s: %s (%d)\n",
|
|
+ __FILE__, __LINE__, scep->l.ldapuri != NULL ? scep->l.ldapuri : "<DEFAULT>", ldap_err2string(rc), rc);
|
|
+ goto err;
|
|
+ }
|
|
+ if (ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION, &version3)
|
|
+ != LDAP_OPT_SUCCESS ) {
|
|
+ BIO_printf(bio_err, "%s:%d: couldn't set LDAP protocol version 3\n",
|
|
+ __FILE__, __LINE__);
|
|
goto err;
|
|
}
|
|
|