Mercurial > dovecot > original-hg > dovecot-1.2
changeset 4415:b91816cd1d16 HEAD
Added TLS support for LDAP if the library supports it.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Sat, 17 Jun 2006 22:32:14 +0300 |
parents | 9017db478693 |
children | fc135e4c169e |
files | configure.in src/auth/db-ldap.c src/auth/db-ldap.h |
diffstat | 3 files changed, 20 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/configure.in Sat Jun 17 22:15:20 2006 +0300 +++ b/configure.in Sat Jun 17 22:32:14 2006 +0300 @@ -1412,6 +1412,9 @@ AC_CHECK_LIB(ldap, ldap_initialize, [ AC_DEFINE(LDAP_HAVE_INITIALIZE,, Define if you have ldap_initialize) ]) + AC_CHECK_LIB(ldap, ldap_start_tls_s, [ + AC_DEFINE(LDAP_HAVE_START_TLS_S,, Define if you have ldap_start_tls_s) + ]) AUTH_LIBS="$AUTH_LIBS -lldap" AC_DEFINE(USERDB_LDAP,, Build with LDAP support)
--- a/src/auth/db-ldap.c Sat Jun 17 22:15:20 2006 +0300 +++ b/src/auth/db-ldap.c Sat Jun 17 22:32:14 2006 +0300 @@ -35,6 +35,7 @@ DEF(SET_STR, dnpass), DEF(SET_BOOL, auth_bind), DEF(SET_STR, auth_bind_userdn), + DEF(SET_BOOL, tls), DEF(SET_BOOL, sasl_bind), DEF(SET_STR, sasl_mech), DEF(SET_STR, sasl_realm), @@ -62,6 +63,7 @@ MEMBER(dnpass) NULL, MEMBER(auth_bind) FALSE, MEMBER(auth_bind_userdn) NULL, + MEMBER(tls) FALSE, MEMBER(sasl_bind) FALSE, MEMBER(sasl_mech) NULL, MEMBER(sasl_realm) NULL, @@ -298,6 +300,20 @@ } } + if (conn->set.tls) { +#ifdef LDAP_HAVE_START_TLS_S + ret = ldap_start_tls_s(conn->ld, NULL, NULL); + if (ret != LDAP_SUCCESS) { + i_error("LDAP: ldap_start_tls_s() failed: %s", + ldap_err2string(ret)); + return FALSE; + } +#else + i_error("LDAP: Your LDAP library doesn't support TLS"); + return FALSE; +#endif + } + /* FIXME: we shouldn't use blocking bind */ if (conn->set.sasl_bind) { context.authcid = conn->set.dn;