From 29a0aff51e0de7eefe2f372deebebcc27bf6153e Mon Sep 17 00:00:00 2001
From: Jean-Frederic Clere <jfclere@apache.org>
Date: Thu, 26 Sep 2013 09:56:41 +0000
Subject: [PATCH] Fix for PR 54626.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1526436 13f79535-47bb-0310-9956-ffa450edef68
---
 CHANGES                  |  2 ++
 modules/ldap/util_ldap.c | 12 ++++++++++++
 2 files changed, 14 insertions(+)

diff --git a/CHANGES b/CHANGES
index 23c8839017..f6d1f441c5 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,7 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
+  *) ldap: Allow to support ldaps on the microsoft ldap sdk
+     PR 54626. [Jean-Frederic Clere]
 
   *) worker MPM: Don't forcibly kill worker threads if the child process is
      exiting gracefully.  [Oracle Corporation]
diff --git a/modules/ldap/util_ldap.c b/modules/ldap/util_ldap.c
index 461e48638a..3b156b47c3 100644
--- a/modules/ldap/util_ldap.c
+++ b/modules/ldap/util_ldap.c
@@ -2352,6 +2352,9 @@ static const char *util_ldap_set_trusted_global_cert(cmd_parms *cmd,
                                                      const char *file,
                                                      const char *password)
 {
+#if APR_HAS_MICROSOFT_LDAPSDK
+    return "certificates cannot be set using this method.";
+#else
     util_ldap_state_t *st =
         (util_ldap_state_t *)ap_get_module_config(cmd->server->module_config,
                                                   &ldap_module);
@@ -2409,6 +2412,7 @@ static const char *util_ldap_set_trusted_global_cert(cmd_parms *cmd,
     }
 
     return(NULL);
+#endif
 }
 
 
@@ -2504,6 +2508,9 @@ static const char *util_ldap_set_trusted_client_cert(cmd_parms *cmd,
 static const char *util_ldap_set_trusted_mode(cmd_parms *cmd, void *dummy,
                                               const char *mode)
 {
+#if APR_HAS_MICROSOFT_LDAPSDK
+    return "certificates cannot be set using this method.";
+#else
     util_ldap_state_t *st =
     (util_ldap_state_t *)ap_get_module_config(cmd->server->module_config,
                                               &ldap_module);
@@ -2551,6 +2558,7 @@ static const char *util_ldap_set_verify_srv_cert(cmd_parms *cmd,
     st->verify_svr_cert = mode;
 
     return(NULL);
+#endif
 }
 
 
@@ -2994,10 +3002,14 @@ static int util_ldap_post_config(apr_pool_t *p, apr_pool_t *plog,
                       NULL,
                       0,
                       &(result_err));
+#if APR_HAS_MICROSOFT_LDAPSDK
+   /* MICROSOFT_LDAPSDK uses Microsoft Management Console (MMC)  for that */
+#else
     if (APR_SUCCESS == rc) {
         rc = apr_ldap_set_option(ptemp, NULL, APR_LDAP_OPT_TLS_CERT,
                                  (void *)st->global_certs, &(result_err));
     }
+#endif
 
     if (APR_SUCCESS == rc) {
         st->ssl_supported = 1;