[PATCH] smbldap: don't try start tls on ldaps:// connections

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[PATCH] smbldap: don't try start tls on ldaps:// connections

Samba - samba-technical mailing list
From: Bjoern Jacke <[hidden email]>

BUG: https://bugzilla.samba.org/show_bug.cgi?id=6079

Signed-off-by: Bjoern Jacke <[hidden email]>
---
 source3/lib/smbldap.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c
index 9c7664f1..10e81f2 100644
--- a/source3/lib/smbldap.c
+++ b/source3/lib/smbldap.c
@@ -604,7 +604,7 @@ static void smbldap_store_state(LDAP *ld, struct smbldap_state *smbldap_state)
 int smbldap_start_tls(LDAP *ldap_struct, int version)
 {
 #ifdef LDAP_OPT_X_TLS
- int rc;
+ int rc,tls;
 #endif
 
  if (lp_ldap_ssl() != LDAP_SSL_START_TLS) {
@@ -612,6 +612,12 @@ int smbldap_start_tls(LDAP *ldap_struct, int version)
  }
 
 #ifdef LDAP_OPT_X_TLS
+ /* check if we use ldaps already */
+ ldap_get_option(ldap_struct, LDAP_OPT_X_TLS, &tls);
+ if (tls == LDAP_OPT_X_TLS_HARD) {
+ return LDAP_SUCCESS;
+ }
+
  if (version != LDAP_VERSION3) {
  DEBUG(0, ("Need LDAPv3 for Start TLS\n"));
  return LDAP_OPERATIONS_ERROR;
--
2.7.4