From 28929b67fed17df3b7622bb48ed3700f944d91d0 Mon Sep 17 00:00:00 2001
From: Pavel Reichl <preichl@redhat.com>
Date: Tue, 16 Sep 2014 09:42:06 +0100
Subject: SDAP: move deciding of tls usage into new function

Separate code for deciding tls usage from sdap_cli_connect_send() to new
function decide_tls_usage().

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
---
 src/providers/ldap/sdap_async_connection.c | 57 +++++++++++++++++++-----------
 1 file changed, 37 insertions(+), 20 deletions(-)

diff --git a/src/providers/ldap/sdap_async_connection.c b/src/providers/ldap/sdap_async_connection.c
index ca981567f..cc6c58aae 100644
--- a/src/providers/ldap/sdap_async_connection.c
+++ b/src/providers/ldap/sdap_async_connection.c
@@ -1413,6 +1413,37 @@ static void sdap_cli_auth_step(struct tevent_req *req);
 static void sdap_cli_auth_done(struct tevent_req *subreq);
 static void sdap_cli_rootdse_auth_done(struct tevent_req *subreq);
 
+static errno_t
+decide_tls_usage(enum connect_tls force_tls, struct dp_option *basic,
+                 const char *uri, bool *_use_tls)
+{
+    bool use_tls = true;
+
+    switch (force_tls) {
+    case CON_TLS_DFL:
+        use_tls = dp_opt_get_bool(basic, SDAP_ID_TLS);
+        break;
+    case CON_TLS_ON:
+        use_tls = true;
+        break;
+    case CON_TLS_OFF:
+        use_tls = false;
+        break;
+    default:
+        return EINVAL;
+        break;
+    }
+
+    if (use_tls && sdap_is_secure_uri(uri)) {
+        DEBUG(SSSDBG_TRACE_INTERNAL,
+              "[%s] is a secure channel. No need to run START_TLS\n", uri);
+        use_tls = false;
+    }
+
+    *_use_tls = use_tls;
+    return EOK;
+}
+
 struct tevent_req *sdap_cli_connect_send(TALLOC_CTX *memctx,
                                          struct tevent_context *ev,
                                          struct sdap_options *opts,
@@ -1476,21 +1507,14 @@ static void sdap_cli_resolve_done(struct tevent_req *subreq)
     struct sdap_cli_connect_state *state = tevent_req_data(req,
                                              struct sdap_cli_connect_state);
     int ret;
-    bool use_tls = true;
+    bool use_tls;
 
-    switch (state->force_tls) {
-    case CON_TLS_DFL:
-        use_tls = dp_opt_get_bool(state->opts->basic, SDAP_ID_TLS);
-        break;
-    case CON_TLS_ON:
-        use_tls = true;
-        break;
-    case CON_TLS_OFF:
-        use_tls = false;
-        break;
-    default:
+    ret = decide_tls_usage(state->force_tls, state->opts->basic,
+                           state->service->uri, &use_tls);
+
+    if (ret != EOK) {
         tevent_req_error(req, EINVAL);
-        break;
+        return;
     }
 
     ret = be_resolve_server_recv(subreq, &state->srv);
@@ -1503,13 +1527,6 @@ static void sdap_cli_resolve_done(struct tevent_req *subreq)
         return;
     }
 
-    if (use_tls && sdap_is_secure_uri(state->service->uri)) {
-        DEBUG(SSSDBG_TRACE_INTERNAL,
-              "[%s] is a secure channel. No need to run START_TLS\n",
-                  state->service->uri);
-        use_tls = false;
-    }
-
     subreq = sdap_connect_send(state, state->ev, state->opts,
                                state->service->uri,
                                state->service->sockaddr,
-- 
cgit