diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2011-02-16 07:38:16 -0500 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-02-16 09:38:45 -0500 |
commit | 16ccfd09e6120ab5e104fa2a6762511d398b4e93 (patch) | |
tree | 20d3dbe9374163e08bfd84669b2877a585baf7cb /src/providers/ldap/ldap_common.c | |
parent | 0acfbe57146fc4e8da671e79a5881fc0eba44daf (diff) | |
download | sssd2-16ccfd09e6120ab5e104fa2a6762511d398b4e93.tar.gz sssd2-16ccfd09e6120ab5e104fa2a6762511d398b4e93.tar.xz sssd2-16ccfd09e6120ab5e104fa2a6762511d398b4e93.zip |
Do not attempt to use START_TLS on SSL connections
Not all LDAP servers are capable of handling dual-encryption with
both TLS and SSL.
https://fedorahosted.org/sssd/ticket/795
Diffstat (limited to 'src/providers/ldap/ldap_common.c')
-rw-r--r-- | src/providers/ldap/ldap_common.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index b99291c9..4ee1e059 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -701,3 +701,13 @@ void sdap_gsh_disconnect_callback(void *pvt) ctx->gsh->connected = false; } } + +bool sdap_is_secure_uri(const char *uri) +{ + /* LDAPS and LDAPI URI's are secure channels */ + if ((strncasecmp(uri, LDAP_SSL_URI, strlen(LDAP_SSL_URI)) == 0) || + (strncasecmp(uri, LDAP_LDAPI_URI, strlen(LDAP_LDAPI_URI)) == 0)) { + return true; + } + return false; +} |