Lines 330-335
Link Here
|
330 |
|
330 |
|
331 |
timelimit = __session.ls_config->ldc_bind_timelimit; |
331 |
timelimit = __session.ls_config->ldc_bind_timelimit; |
332 |
|
332 |
|
|
|
333 |
#ifdef HAVE_LDAP_START_TLS_S |
334 |
if (__session.ls_config->ldc_ssl_on == SSL_START_TLS) |
335 |
{ |
336 |
int version; |
337 |
|
338 |
if (ldap_get_option |
339 |
(__session.ls_conn, LDAP_OPT_PROTOCOL_VERSION, |
340 |
&version) == LDAP_OPT_SUCCESS) |
341 |
{ |
342 |
if (version < LDAP_VERSION3) |
343 |
{ |
344 |
version = LDAP_VERSION3; |
345 |
ldap_set_option (__session.ls_conn, LDAP_OPT_PROTOCOL_VERSION, |
346 |
&version); |
347 |
} |
348 |
} |
349 |
|
350 |
debug ("==> start_tls"); |
351 |
if (ldap_start_tls_s (__session.ls_conn, NULL, NULL) == LDAP_SUCCESS) |
352 |
{ |
353 |
debug ("TLS startup succeeded"); |
354 |
} |
355 |
else |
356 |
{ |
357 |
debug ("TLS startup failed"); |
358 |
do_close (); |
359 |
debug ("<== do_open"); |
360 |
return NSS_UNAVAIL; |
361 |
} |
362 |
debug ("<== start_tls"); |
363 |
} |
364 |
#endif /* HAVE_LDAP_START_TLS_S */ |
365 |
|
333 |
return do_bind (ld, timelimit, who, cred, with_sasl); |
366 |
return do_bind (ld, timelimit, who, cred, with_sasl); |
334 |
} |
367 |
} |
335 |
#else |
368 |
#else |