|
Jan Vcelak |
ad070fc |
Accept nss certificate name in the form of tokenname:certnickname
|
|
Jan Vcelak |
ad070fc |
|
|
Jan Vcelak |
ad070fc |
Author: Rich Megginson <rmeggins@redhat.com>
|
|
Jan Vcelak |
ad070fc |
Upstream ITS: #7360
|
|
Jan Vcelak |
ad070fc |
|
|
Jan Vcelak |
ad070fc |
diff --git a/libraries/libldap/tls_m.c b/libraries/libldap/tls_m.c
|
|
Jan Vcelak |
ad070fc |
index 5022efb..7377bb1 100644
|
|
Jan Vcelak |
ad070fc |
--- a/libraries/libldap/tls_m.c
|
|
Jan Vcelak |
ad070fc |
+++ b/libraries/libldap/tls_m.c
|
|
Jan Vcelak |
ad070fc |
@@ -2102,6 +2102,22 @@ tlsm_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
|
|
Jan Vcelak |
ad070fc |
return 0;
|
|
Jan Vcelak |
ad070fc |
}
|
|
Jan Vcelak |
ad070fc |
|
|
Jan Vcelak |
ad070fc |
+/* returns true if the given string looks like
|
|
Jan Vcelak |
ad070fc |
+ "tokenname" ":" "certnickname"
|
|
Jan Vcelak |
ad070fc |
+ This is true if there is a ':' colon character
|
|
Jan Vcelak |
ad070fc |
+ in the string and the colon is not the first
|
|
Jan Vcelak |
ad070fc |
+ or the last character in the string
|
|
Jan Vcelak |
ad070fc |
+*/
|
|
Jan Vcelak |
ad070fc |
+static int
|
|
Jan Vcelak |
ad070fc |
+tlsm_is_tokenname_certnick( const char *certfile )
|
|
Jan Vcelak |
ad070fc |
+{
|
|
Jan Vcelak |
ad070fc |
+ if ( certfile ) {
|
|
Jan Vcelak |
ad070fc |
+ const char *ptr = PL_strchr( certfile, ':' );
|
|
Jan Vcelak |
ad070fc |
+ return ptr && (ptr != certfile) && (*(ptr+1));
|
|
Jan Vcelak |
ad070fc |
+ }
|
|
Jan Vcelak |
ad070fc |
+ return 0;
|
|
Jan Vcelak |
ad070fc |
+}
|
|
Jan Vcelak |
ad070fc |
+
|
|
Jan Vcelak |
ad070fc |
static int
|
|
Jan Vcelak |
ad070fc |
tlsm_deferred_ctx_init( void *arg )
|
|
Jan Vcelak |
ad070fc |
{
|
|
Jan Vcelak |
ad070fc |
@@ -2268,7 +2284,10 @@ tlsm_deferred_ctx_init( void *arg )
|
|
Jan Vcelak |
ad070fc |
} else {
|
|
Jan Vcelak |
ad070fc |
char *tmp_certname;
|
|
Jan Vcelak |
ad070fc |
|
|
Jan Vcelak |
ad070fc |
- if (ctx->tc_certdb_slot) {
|
|
Jan Vcelak |
ad070fc |
+ if (tlsm_is_tokenname_certnick(lt->lt_certfile)) {
|
|
Jan Vcelak |
ad070fc |
+ /* assume already in form tokenname:certnickname */
|
|
Jan Vcelak |
ad070fc |
+ tmp_certname = PL_strdup(lt->lt_certfile);
|
|
Jan Vcelak |
ad070fc |
+ } else if (ctx->tc_certdb_slot) {
|
|
Jan Vcelak |
ad070fc |
tmp_certname = PR_smprintf(TLSM_CERTDB_DESC_FMT ":%s", ctx->tc_unique, lt->lt_certfile);
|
|
Jan Vcelak |
ad070fc |
} else {
|
|
Jan Vcelak |
ad070fc |
tmp_certname = PR_smprintf("%s", lt->lt_certfile);
|
|
Jan Vcelak |
ad070fc |
--
|
|
Jan Vcelak |
ad070fc |
1.7.11.4
|
|
Jan Vcelak |
ad070fc |
|