[dovecot-cvs] dovecot/src/auth db-ldap.c, 1.44, 1.45 db-ldap.h, 1.22, 1.23

[cras at dovecot.org]

Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv25807/src/auth

Modified Files:
	db-ldap.c db-ldap.h 
Log Message:
Added TLS support for LDAP if the library supports it.                     



Index: db-ldap.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/db-ldap.c,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -d -r1.44 -r1.45
--- db-ldap.c	17 Jun 2006 16:01:14 -0000	1.44
+++ db-ldap.c	17 Jun 2006 19:32:18 -0000	1.45
@@ -35,6 +35,7 @@
 	DEF(SET_STR, dnpass),
 	DEF(SET_BOOL, auth_bind),
 	DEF(SET_STR, auth_bind_userdn),
+	DEF(SET_BOOL, tls),
 	DEF(SET_BOOL, sasl_bind),
 	DEF(SET_STR, sasl_mech),
 	DEF(SET_STR, sasl_realm),
@@ -62,6 +63,7 @@
 	MEMBER(dnpass) NULL,
 	MEMBER(auth_bind) FALSE,
 	MEMBER(auth_bind_userdn) NULL,
+	MEMBER(tls) FALSE,
 	MEMBER(sasl_bind) FALSE,
 	MEMBER(sasl_mech) NULL,
 	MEMBER(sasl_realm) NULL,
@@ -298,6 +300,20 @@
 		}
 	}
 
+	if (conn->set.tls) {
+#ifdef LDAP_HAVE_START_TLS_S
+		ret = ldap_start_tls_s(conn->ld, NULL, NULL);
+		if (ret != LDAP_SUCCESS) {
+			i_error("LDAP: ldap_start_tls_s() failed: %s",
+				ldap_err2string(ret));
+			return FALSE;
+		}
+#else
+		i_error("LDAP: Your LDAP library doesn't support TLS");
+		return FALSE;
+#endif
+	}
+
 	/* FIXME: we shouldn't use blocking bind */
 	if (conn->set.sasl_bind) {
 		context.authcid = conn->set.dn;

Index: db-ldap.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/db-ldap.h,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -d -r1.22 -r1.23
--- db-ldap.h	8 Jun 2006 17:01:30 -0000	1.22
+++ db-ldap.h	17 Jun 2006 19:32:18 -0000	1.23
@@ -20,6 +20,7 @@
 	bool auth_bind;
 	const char *auth_bind_userdn;
 
+	bool tls;
 	bool sasl_bind;
 	const char *sasl_mech;
 	const char *sasl_realm;