[dovecot-cvs] dovecot/src/auth db-ldap.c, 1.41.2.3, 1.41.2.4 db-ldap.h, 1.20.2.2, 1.20.2.3

[cras at dovecot.org]

Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv16550/src/auth

Modified Files:
      Tag: branch_1_0
	db-ldap.c db-ldap.h 
Log Message:
Added TLS support for LDAP if the library supports it.



Index: db-ldap.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/db-ldap.c,v
retrieving revision 1.41.2.3
retrieving revision 1.41.2.4
diff -u -d -r1.41.2.3 -r1.41.2.4
--- db-ldap.c	17 Jun 2006 16:01:12 -0000	1.41.2.3
+++ db-ldap.c	17 Jun 2006 19:32:14 -0000	1.41.2.4
@@ -35,6 +35,7 @@
 	DEF(SET_STR, dnpass),
 	DEF(SET_BOOL, auth_bind),
 	DEF(SET_STR, auth_bind_userdn),
+	DEF(SET_BOOL, tls),
 	DEF(SET_BOOL, sasl_bind),
 	DEF(SET_STR, sasl_mech),
 	DEF(SET_STR, sasl_realm),
@@ -62,6 +63,7 @@
 	MEMBER(dnpass) NULL,
 	MEMBER(auth_bind) FALSE,
 	MEMBER(auth_bind_userdn) NULL,
+	MEMBER(tls) FALSE,
 	MEMBER(sasl_bind) FALSE,
 	MEMBER(sasl_mech) NULL,
 	MEMBER(sasl_realm) NULL,
@@ -298,6 +300,20 @@
 		}
 	}
 
+	if (conn->set.tls) {
+#ifdef LDAP_HAVE_START_TLS_S
+		ret = ldap_start_tls_s(conn->ld, NULL, NULL);
+		if (ret != LDAP_SUCCESS) {
+			i_error("LDAP: ldap_start_tls_s() failed: %s",
+				ldap_err2string(ret));
+			return FALSE;
+		}
+#else
+		i_error("LDAP: Your LDAP library doesn't support TLS");
+		return FALSE;
+#endif
+	}
+
 	/* FIXME: we shouldn't use blocking bind */
 	if (conn->set.sasl_bind) {
 		context.authcid = conn->set.dn;

Index: db-ldap.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/db-ldap.h,v
retrieving revision 1.20.2.2
retrieving revision 1.20.2.3
diff -u -d -r1.20.2.2 -r1.20.2.3
--- db-ldap.h	31 May 2006 11:03:50 -0000	1.20.2.2
+++ db-ldap.h	17 Jun 2006 19:32:14 -0000	1.20.2.3
@@ -20,6 +20,7 @@
 	bool auth_bind;
 	const char *auth_bind_userdn;
 
+	bool tls;
 	bool sasl_bind;
 	const char *sasl_mech;
 	const char *sasl_realm;