summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorPavel Reichl <preichl@redhat.com>2014-09-16 09:42:06 +0100
committerJakub Hrozek <jhrozek@redhat.com>2014-10-12 18:27:19 +0200
commit28929b67fed17df3b7622bb48ed3700f944d91d0 (patch)
tree27a3a480aad7025b0a16e45529a66f1dbfd69e92 /src
parent703dc1eb5b050b24235a6640f271d34ea008cf98 (diff)
downloadsssd-28929b67fed17df3b7622bb48ed3700f944d91d0.tar.gz
sssd-28929b67fed17df3b7622bb48ed3700f944d91d0.tar.xz
sssd-28929b67fed17df3b7622bb48ed3700f944d91d0.zip
SDAP: move deciding of tls usage into new function
Separate code for deciding tls usage from sdap_cli_connect_send() to new function decide_tls_usage(). Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src')
-rw-r--r--src/providers/ldap/sdap_async_connection.c57
1 files changed, 37 insertions, 20 deletions
diff --git a/src/providers/ldap/sdap_async_connection.c b/src/providers/ldap/sdap_async_connection.c
index ca981567f..cc6c58aae 100644
--- a/src/providers/ldap/sdap_async_connection.c
+++ b/src/providers/ldap/sdap_async_connection.c
@@ -1413,6 +1413,37 @@ static void sdap_cli_auth_step(struct tevent_req *req);
static void sdap_cli_auth_done(struct tevent_req *subreq);
static void sdap_cli_rootdse_auth_done(struct tevent_req *subreq);
+static errno_t
+decide_tls_usage(enum connect_tls force_tls, struct dp_option *basic,
+ const char *uri, bool *_use_tls)
+{
+ bool use_tls = true;
+
+ switch (force_tls) {
+ case CON_TLS_DFL:
+ use_tls = dp_opt_get_bool(basic, SDAP_ID_TLS);
+ break;
+ case CON_TLS_ON:
+ use_tls = true;
+ break;
+ case CON_TLS_OFF:
+ use_tls = false;
+ break;
+ default:
+ return EINVAL;
+ break;
+ }
+
+ if (use_tls && sdap_is_secure_uri(uri)) {
+ DEBUG(SSSDBG_TRACE_INTERNAL,
+ "[%s] is a secure channel. No need to run START_TLS\n", uri);
+ use_tls = false;
+ }
+
+ *_use_tls = use_tls;
+ return EOK;
+}
+
struct tevent_req *sdap_cli_connect_send(TALLOC_CTX *memctx,
struct tevent_context *ev,
struct sdap_options *opts,
@@ -1476,21 +1507,14 @@ static void sdap_cli_resolve_done(struct tevent_req *subreq)
struct sdap_cli_connect_state *state = tevent_req_data(req,
struct sdap_cli_connect_state);
int ret;
- bool use_tls = true;
+ bool use_tls;
- switch (state->force_tls) {
- case CON_TLS_DFL:
- use_tls = dp_opt_get_bool(state->opts->basic, SDAP_ID_TLS);
- break;
- case CON_TLS_ON:
- use_tls = true;
- break;
- case CON_TLS_OFF:
- use_tls = false;
- break;
- default:
+ ret = decide_tls_usage(state->force_tls, state->opts->basic,
+ state->service->uri, &use_tls);
+
+ if (ret != EOK) {
tevent_req_error(req, EINVAL);
- break;
+ return;
}
ret = be_resolve_server_recv(subreq, &state->srv);
@@ -1503,13 +1527,6 @@ static void sdap_cli_resolve_done(struct tevent_req *subreq)
return;
}
- if (use_tls && sdap_is_secure_uri(state->service->uri)) {
- DEBUG(SSSDBG_TRACE_INTERNAL,
- "[%s] is a secure channel. No need to run START_TLS\n",
- state->service->uri);
- use_tls = false;
- }
-
subreq = sdap_connect_send(state, state->ev, state->opts,
state->service->uri,
state->service->sockaddr,