Call ldap_install_tls() on ldaps connections

author: Sumit Bose <sbose@redhat.com> 2011-07-05 11:37:45 +0200
committer: Stephen Gallagher <sgallagh@redhat.com> 2011-07-05 13:29:16 -0400
commit: 87f3fa68e8223111bd53e4bc7a4842b1a35f0ee7 (patch)
tree: 23d8e39f923ce7b732349bec4f1eba81c74c2a3f /src
parent: a689ac5f684af13aaff1185e17ccdfb651b30e2f (diff)
download: sssd-87f3fa68e8223111bd53e4bc7a4842b1a35f0ee7.tar.gz
sssd-87f3fa68e8223111bd53e4bc7a4842b1a35f0ee7.tar.xz
sssd-87f3fa68e8223111bd53e4bc7a4842b1a35f0ee7.zip
1 files changed, 15 insertions, 0 deletions
diff --git a/src/util/sss_ldap.c b/src/util/sss_ldap.c
index e24ae82bd..1394b4d6c 100644
--- a/src/util/sss_ldap.c
+++ b/src/util/sss_ldap.c
@@ -422,6 +422,21 @@ static void sss_ldap_init_sys_connect_done(struct tevent_req *subreq)
         return;
     }
 
+    if (ldap_is_ldaps_url(state->uri)) {
+        lret = ldap_install_tls(state->ldap);
+        if (lret != LDAP_SUCCESS) {
+            if (lret == LDAP_LOCAL_ERROR) {
+                DEBUG(5, ("TLS/SSL already in place.\n"));
+            } else {
+                DEBUG(1, ("ldap_install_tls failed: %s\n",
+                          ldap_err2string(lret)));
+
+                tevent_req_error(req, EIO);
+                return;
+            }
+        }
+    }
+
     tevent_req_done(req);
     return;
 }
author	Sumit Bose <sbose@redhat.com>	2011-07-05 11:37:45 +0200
committer	Stephen Gallagher <sgallagh@redhat.com>	2011-07-05 13:29:16 -0400
commit	87f3fa68e8223111bd53e4bc7a4842b1a35f0ee7 (patch)
tree	23d8e39f923ce7b732349bec4f1eba81c74c2a3f /src
parent	a689ac5f684af13aaff1185e17ccdfb651b30e2f (diff)
download	sssd-87f3fa68e8223111bd53e4bc7a4842b1a35f0ee7.tar.gz sssd-87f3fa68e8223111bd53e4bc7a4842b1a35f0ee7.tar.xz sssd-87f3fa68e8223111bd53e4bc7a4842b1a35f0ee7.zip