1// $OpenLDAP$ 2/* 3 * Copyright 2010-2021 The OpenLDAP Foundation, All Rights Reserved. 4 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file 5 */ 6 7#include <iostream> 8#include <string> 9#include "LDAPAsynConnection.h" 10#include "TlsOptions.h" 11 12int main( int argc, char* argv[]){ 13 if ( argc != 4 ){ 14 std::cerr << "usage: " << argv[0] << " <ldap-uri> <cacertfile> <cacertdir>" << std::endl; 15 return(-1); 16 } 17 std::string uri(argv[1]); 18 std::string cacert(argv[2]); 19 std::string cadir(argv[3]); 20 TlsOptions tls; 21 std::cout << "Current global settings:" << std::endl; 22 std::cout << " CaCertfile: " << tls.getStringOption( TlsOptions::CACERTFILE) << std::endl; 23 std::cout << " CaCertDir: " << tls.getStringOption( TlsOptions::CACERTDIR ) << std::endl; 24 std::cout << " Require Cert: " << tls.getIntOption( TlsOptions::REQUIRE_CERT ) << std::endl; 25 std::cout << "Applying new settings:" << std::endl; 26 tls.setOption( TlsOptions::CACERTFILE, cacert ); 27 tls.setOption( TlsOptions::REQUIRE_CERT, TlsOptions::DEMAND ); 28 std::cout << " CaCertfile: " << tls.getStringOption( TlsOptions::CACERTFILE ) << std::endl; 29 std::cout << " Require Cert: " << tls.getIntOption( TlsOptions::REQUIRE_CERT ) << std::endl; 30 31 try { 32 // 1. connect using global options 33 LDAPAsynConnection l(uri); 34 try { 35 l.start_tls(); 36 std::cout << "StartTLS successful." << std::endl; 37 l.unbind(); 38 } catch ( LDAPException e ) { 39 std::cerr << e << std::endl; 40 } 41 42 // 2. connect using connection specific option 43 LDAPAsynConnection l1(uri); 44 tls=l1.getTlsOptions(); 45 std::cout << "Current connection specific settings:" << std::endl; 46 std::cout << " CaCertfile: " << tls.getStringOption( TlsOptions::CACERTFILE) << std::endl; 47 std::cout << " CaCertDir: " << tls.getStringOption( TlsOptions::CACERTDIR ) << std::endl; 48 std::cout << " Require Cert: " << tls.getIntOption( TlsOptions::REQUIRE_CERT ) << std::endl; 49 std::cout << "Applying new settings:" << std::endl; 50 tls.setOption( TlsOptions::CACERTDIR, cadir ); 51 tls.setOption( TlsOptions::REQUIRE_CERT, TlsOptions::DEMAND ); 52 std::cout << " CaCertDir: " << tls.getStringOption( TlsOptions::CACERTDIR ) << std::endl; 53 std::cout << " Require Cert: " << tls.getIntOption( TlsOptions::REQUIRE_CERT ) << std::endl; 54 try { 55 l1.start_tls(); 56 std::cout << "StartTLS successful." << std::endl; 57 l1.unbind(); 58 } catch ( LDAPException e ) { 59 std::cerr << e << std::endl; 60 } 61 62 // 3. and once again using the globals 63 try { 64 LDAPAsynConnection l2(uri); 65 TlsOptions tls2; 66 std::cout << "Current global settings:" << std::endl; 67 std::cout << " CaCertfile: " << tls2.getStringOption( TlsOptions::CACERTFILE) << std::endl; 68 std::cout << " CaCertDir: " << tls2.getStringOption( TlsOptions::CACERTDIR ) << std::endl; 69 std::cout << " Require Cert: " << tls2.getIntOption( TlsOptions::REQUIRE_CERT ) << std::endl; 70 l2.start_tls(); 71 std::cout << "StartTLS successful." << std::endl; 72 l2.unbind(); 73 } catch ( LDAPException e ) { 74 std::cerr << e << std::endl; 75 } 76 } catch ( LDAPException e ) { 77 std::cerr << e << std::endl; 78 } 79} 80