From 9ae3cdc58118884e3bac4e7702d3d0b23ba0e450 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Fri, 11 Feb 2011 13:10:27 -0500
Subject: Do not attempt to use START_TLS on SSL connections

Not all LDAP servers are capable of handling dual-encryption with
both TLS and SSL.

https://fedorahosted.org/sssd/ticket/795
---
 src/providers/ldap/ldap_common.h | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'src/providers/ldap/ldap_common.h')

diff --git a/src/providers/ldap/ldap_common.h b/src/providers/ldap/ldap_common.h
index 3cbf3f600..9146da5a9 100644
--- a/src/providers/ldap/ldap_common.h
+++ b/src/providers/ldap/ldap_common.h
@@ -34,6 +34,10 @@
 
 #define SSS_LDAP_SRV_NAME "ldap"
 
+#define LDAP_STANDARD_URI "ldap://"
+#define LDAP_SSL_URI "ldaps://"
+#define LDAP_LDAPI_URI "ldapi://"
+
 /* a fd the child process would log into */
 extern int ldap_child_debug_fd;
 
@@ -155,4 +159,7 @@ errno_t list_missing_attrs(TALLOC_CTX *mem_ctx,
                            const char **expected_attrs,
                            struct sysdb_attrs *recvd_attrs,
                            char ***missing_attrs);
+
+bool sdap_is_secure_uri(const char *uri);
+
 #endif /* _LDAP_COMMON_H_ */
-- 
cgit