isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Need to call ldapssl_clientauth_init() for start_tls on Mozilla

Browse Source 
LDAP SDK.
This commit is contained in:
Todd C. Miller
2012-04-24 12:52:36 -04:00
parent 28268ed99c
commit e82b67314c
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
plugins/sudoers/ldap.c
View File

@@ -124,6 +124,7 @@ extern int ldapssl_set_strength(LDAP *ldap, int strength);
#define CONF_LIST_STR 4
#define CONF_DEREF_VAL 5
#define SUDO_LDAP_CLEAR 0
#define SUDO_LDAP_SSL 1
#define SUDO_LDAP_STARTTLS 2
@@ -522,7 +523,8 @@ sudo_ldap_init(LDAP **ldp, const char *host, int port)
debug_decl(sudo_ldap_init, SUDO_DEBUG_LDAP)
#ifdef HAVE_LDAPSSL_INIT
if (ldap_conf.ssl_mode == SUDO_LDAP_SSL) {
if (ldap_conf.ssl_mode != SUDO_LDAP_CLEAR) {
const int defsecure = ldap_conf.ssl_mode == SUDO_LDAP_SSL;
DPRINTF(("ldapssl_clientauth_init(%s, %s)",
ldap_conf.tls_certfile ? ldap_conf.tls_certfile : "NULL",
ldap_conf.tls_keyfile ? ldap_conf.tls_keyfile : "NULL"), 2);
@@ -566,8 +568,8 @@ sudo_ldap_init(LDAP **ldp, const char *host, int port)
goto done;
}
DPRINTF(("ldapssl_init(%s, %d, 1)", host, port), 2);
if ((ld = ldapssl_init(host, port, 1)) != NULL)
DPRINTF(("ldapssl_init(%s, %d, %d)", host, port, defsecure), 2);
if ((ld = ldapssl_init(host, port, defsecure)) != NULL)
rc = LDAP_SUCCESS;
} else
#endif