Back to index

openldap  2.4.31
Public Types | Public Member Functions | Private Member Functions | Private Attributes | Friends
TlsOptions Class Reference

Class to access the global (and connection specific) TLS Settings To access the global TLS Settings just instantiate a TlsOption object using the default constructor. More...

#include <TlsOptions.h>

List of all members.

Public Types

enum  tls_option {
  CACERTFILE = 0, CACERTDIR, CERTFILE, KEYFILE,
  REQUIRE_CERT, PROTOCOL_MIN, CIPHER_SUITE, RANDOM_FILE,
  CRLCHECK, DHFILE
}
 Available TLS Options. More...
enum  verifyMode {
  NEVER = 0, HARD, DEMAND, ALLOW,
  TRY
}
 Possible Values for the REQUIRE_CERT option. More...
enum  crlMode { CRL_NONE = 0, CRL_PEER, CRL_ALL }
 Possible Values for the CRLCHECK option. More...

Public Member Functions

 TlsOptions ()
 Default constructor.
void setOption (tls_option opt, const std::string &value) const
 Set string valued options.
void setOption (tls_option opt, int value) const
 Set integer valued options.
void setOption (tls_option opt, void *value) const
 Generic setOption variant.
int getIntOption (tls_option opt) const
 Read integer valued options.
std::string getStringOption (tls_option opt) const
 Read string valued options.
void getOption (tls_option opt, void *value) const
 Read options value.

Private Member Functions

 TlsOptions (LDAP *ld)
void newCtx () const

Private Attributes

LDAP * m_ld

Friends

class LDAPAsynConnection

Detailed Description

Class to access the global (and connection specific) TLS Settings To access the global TLS Settings just instantiate a TlsOption object using the default constructor.

To access connection specific settings instantiate a TlsOption object through the getTlsOptions() method from the corresponding LDAPConnection/LDAPAsynConnection object.

Definition at line 21 of file TlsOptions.h.


Member Enumeration Documentation

Possible Values for the CRLCHECK option.

Enumerator:
CRL_NONE 
CRL_PEER 
CRL_ALL 

Definition at line 57 of file TlsOptions.h.

Available TLS Options.

Enumerator:
CACERTFILE 
CACERTDIR 
CERTFILE 
KEYFILE 
REQUIRE_CERT 
PROTOCOL_MIN 
CIPHER_SUITE 
RANDOM_FILE 
CRLCHECK 
DHFILE 

Definition at line 27 of file TlsOptions.h.

Possible Values for the REQUIRE_CERT option.

Enumerator:
NEVER 
HARD 
DEMAND 
ALLOW 
TRY 

Definition at line 46 of file TlsOptions.h.

                        {
            NEVER=0,
            HARD,
            DEMAND,
            ALLOW,
            TRY
        };

Constructor & Destructor Documentation

Default constructor.

Gives access to the global TlsSettings

Definition at line 51 of file TlsOptions.cpp.

: m_ld(NULL) {}
TlsOptions::TlsOptions ( LDAP *  ld) [private]

Definition at line 53 of file TlsOptions.cpp.

: m_ld(ld) { }

Member Function Documentation

Read integer valued options.

Returns:
Option value
Exceptions:
LDAPExceptionin case of error (invalid on non-integer valued option is requested)

Definition at line 90 of file TlsOptions.cpp.

                                                   {
    int value;
    checkOpt(opt, INT);
    ldap_get_option( m_ld, optmap[opt].optval, (void*) &value);
    return value;
}

Here is the call graph for this function:

Here is the caller graph for this function:

void TlsOptions::getOption ( tls_option  opt,
void value 
) const

Read options value.

Usually you should prefer to use either getIntOption() or getStringOption()

Parameters:
valuepoints to a buffer containing the option value
Exceptions:
LDAPExceptionin case of error (invalid on non-string valued option is requested)

Definition at line 78 of file TlsOptions.cpp.

                                                              {
    int ret = ldap_get_option( m_ld, optmap[opt].optval, value);
    if ( ret != LDAP_OPT_SUCCESS )
    {
        if ( ret != LDAP_OPT_ERROR ){
            throw( LDAPException( ret ));
        } else {
            throw( LDAPException( LDAP_PARAM_ERROR, "error while reading TLS option" ) );
        }
    }
}

Here is the call graph for this function:

std::string TlsOptions::getStringOption ( tls_option  opt) const

Read string valued options.

Returns:
Option value
Exceptions:
LDAPExceptionin case of error (invalid on non-string valued option is requested)

Definition at line 97 of file TlsOptions.cpp.

                                                            {
    char *value;
    checkOpt(opt, STRING);
    ldap_get_option( m_ld, optmap[opt].optval, (void*) &value);
    std::string strval;
    if (value)
    {
        strval=std::string(value);
        ldap_memfree(value);
    }
    return strval;
}

Here is the call graph for this function:

Here is the caller graph for this function:

void TlsOptions::newCtx ( ) const [private]

Definition at line 110 of file TlsOptions.cpp.

                              {
    int val = 0;
    int ret = ldap_set_option( m_ld, LDAP_OPT_X_TLS_NEWCTX, &val);
    if ( ret != LDAP_OPT_SUCCESS )
    {
        if ( ret != LDAP_OPT_ERROR ){
            throw( LDAPException( ret ));
        } else {
            throw( LDAPException( LDAP_LOCAL_ERROR, "error while renewing TLS context" ) );
        }
    }
}

Here is the call graph for this function:

Here is the caller graph for this function:

void TlsOptions::setOption ( tls_option  opt,
const std::string &  value 
) const

Set string valued options.

Parameters:
optThe following string valued options are available:
valueThe value to apply to that option,

Definition at line 55 of file TlsOptions.cpp.

                                                                         {
    checkOpt(opt, STRING);
    this->setOption( opt, value.empty() ? NULL : (void*) value.c_str() );
}

Here is the call graph for this function:

Here is the caller graph for this function:

void TlsOptions::setOption ( tls_option  opt,
int  value 
) const

Set integer valued options.

Parameters:
optThe following string valued options are available:
valueThe value to apply to that option,

Definition at line 60 of file TlsOptions.cpp.

                                                            {
    checkOpt(opt, INT);
    this->setOption( opt, (void*) &value);
}

Here is the call graph for this function:

void TlsOptions::setOption ( tls_option  opt,
void value 
) const

Generic setOption variant.

Generally you should prefer to use one of the other variants

Definition at line 65 of file TlsOptions.cpp.

                                                              {
    int ret = ldap_set_option( m_ld, optmap[opt].optval, value);
    if ( ret != LDAP_OPT_SUCCESS )
    {
        if ( ret != LDAP_OPT_ERROR ){
            throw( LDAPException( ret ));
        } else {
            throw( LDAPException( LDAP_PARAM_ERROR, "error while setting TLS option" ) );
        }
    }
    this->newCtx();
}

Here is the call graph for this function:


Friends And Related Function Documentation

friend class LDAPAsynConnection [friend]

Definition at line 159 of file TlsOptions.h.


Member Data Documentation

LDAP* TlsOptions::m_ld [private]

Definition at line 157 of file TlsOptions.h.


The documentation for this class was generated from the following files: