Do not attempt to use START_TLS on SSL connections

Not all LDAP servers are capable of handling dual-encryption with both TLS and SSL. https://fedorahosted.org/sssd/ticket/795
author: Stephen Gallagher <sgallagh@redhat.com> 2011-02-16 07:38:16 -0500
committer: Stephen Gallagher <sgallagh@redhat.com> 2011-02-16 09:38:45 -0500
commit: 16ccfd09e6120ab5e104fa2a6762511d398b4e93 (patch)
tree: 20d3dbe9374163e08bfd84669b2877a585baf7cb /src/providers/ldap/ldap_common.c
parent: 0acfbe57146fc4e8da671e79a5881fc0eba44daf (diff)
download: sssd2-16ccfd09e6120ab5e104fa2a6762511d398b4e93.tar.gz
sssd2-16ccfd09e6120ab5e104fa2a6762511d398b4e93.tar.xz
sssd2-16ccfd09e6120ab5e104fa2a6762511d398b4e93.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c
index b99291c9..4ee1e059 100644
--- a/src/providers/ldap/ldap_common.c
+++ b/src/providers/ldap/ldap_common.c
@@ -701,3 +701,13 @@ void sdap_gsh_disconnect_callback(void *pvt)
         ctx->gsh->connected = false;
     }
 }
+
+bool sdap_is_secure_uri(const char *uri)
+{
+    /* LDAPS and LDAPI URI's are secure channels */
+    if ((strncasecmp(uri, LDAP_SSL_URI, strlen(LDAP_SSL_URI)) == 0) ||
+        (strncasecmp(uri, LDAP_LDAPI_URI, strlen(LDAP_LDAPI_URI)) == 0)) {
+        return true;
+    }
+    return false;
+}
author	Stephen Gallagher <sgallagh@redhat.com>	2011-02-16 07:38:16 -0500
committer	Stephen Gallagher <sgallagh@redhat.com>	2011-02-16 09:38:45 -0500
commit	16ccfd09e6120ab5e104fa2a6762511d398b4e93 (patch)
tree	20d3dbe9374163e08bfd84669b2877a585baf7cb /src/providers/ldap/ldap_common.c
parent	0acfbe57146fc4e8da671e79a5881fc0eba44daf (diff)
download	sssd2-16ccfd09e6120ab5e104fa2a6762511d398b4e93.tar.gz sssd2-16ccfd09e6120ab5e104fa2a6762511d398b4e93.tar.xz sssd2-16ccfd09e6120ab5e104fa2a6762511d398b4e93.zip