Summary: Isode provides a number of APIs which allow integrators and product developers to build components that allow client programs to connect to, query and modify data in the directory.
dsapi_identity.h File Reference

API methods for handling an "identity". More...

#include <stddef.h>
#include <sys/stat.h>
#include <isode/ds/dsapi/dsapi_cdecl.h>
#include <isode/ds/dsapi/dsapi_types.h>
#include <openssl/evp.h>
#include <isode/crypto/x509.h>

Go to the source code of this file.


DS_Status DS_Identity_New (DS_Identity **identity_p, const char *authz, const char *pkcs12_file, const char *pkcs12_pphr)
 Create an identity. More...
DS_Status DS_Identity_Copy (const DS_Identity *source_identity, DS_Identity **copy_p)
 Copy a DS_Identity structure. More...
DS_Status DS_Identity_get_authz (DS_Identity *identity, const char **authz)
 Get the authz identity [in] Handle authz [out] authz (may be NULL)
DS_Status DS_Identity_get_ident (DS_Identity *identity, X509_IDENTITY **id)
 Get the underlying X509_IDENTITY identity [in] Handle id [out] underlying identity.
DS_Status DS_Identity_get_cert_ctx (DS_Identity *identity, X509_CERT_CTX **ctx)
 Get the underlying X509_CERT_CTX. This generates one if necessary (from the identity and the application certificates) identity [in] Handle ctx [out] underlying certificate context.
void DS_Identity_Delete (DS_Identity *identity)
 Delete identity. More...
DS_Status DS_Identity_get_user_certificate (DS_Identity *identity, X509 **cert)
 Extract the certificate identity [in] Handle cert [out] cert.
DS_Status DS_Identity_get_trust_anchors (DS_Identity *identity, DS_AttrValList **av_list_p)
 Get trust anchors identity [in] Handle av_list_p [out] certificates.
DS_Status DS_Identity_get_certificates (DS_Identity *identity, DS_AttrValList **av_list_p)
 Get untrusted certificates identity [in] Handle av_list_p [out] certificates.

Detailed Description

API methods for handling an "identity".

Currently this is useful for strong authentication (DAP) and LDAP using TLS client authentication. To that end in addition to an X509_IDENTITY it stores an authz string that can be used in SASL.

Definition in file dsapi_identity.h.