From cc2b267e14db7073e7247b52cc9d82dfdf280076 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Fri, 11 Feb 2011 13:10:27 -0500
Subject: Do not attempt to use START_TLS on SSL connections

Not all LDAP servers are capable of handling dual-encryption with
both TLS and SSL.

https://fedorahosted.org/sssd/ticket/795
---
 src/providers/ldap/ldap_common.c | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'src/providers/ldap/ldap_common.c')

diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c
index f2ea16ae..ce6d41d5 100644
--- a/src/providers/ldap/ldap_common.c
+++ b/src/providers/ldap/ldap_common.c
@@ -993,3 +993,12 @@ done:
     talloc_free(tmp_ctx);
     return ret;
 }
+
+bool sdap_is_secure_uri(const char *uri)
+{
+    /* LDAPS URI's are secure channels */
+    if (strncasecmp(uri, LDAP_SSL_URI, strlen(LDAP_SSL_URI)) == 0) {
+        return true;
+    }
+    return false;
+}
-- 
cgit