missing parts of the starttls patch

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@511 152afb58-edef-0310-8abb-c4023f1b3aa9
18 years ago · 5c26d86fd2
parent 917bdbc1aa
commit 5c26d86fd2
2 changed files with 12 additions and 0 deletions
--- a/src/http_auth.c
+++ b/src/http_auth.c
@ -578,6 +578,16 @@ static int http_auth_basic_password_compare(server *srv, mod_auth_plugin_data *p
 			return -1;
 		}
 		
+		if (p->conf.auth_ldap_starttls == 1) {
+	 		if (LDAP_OPT_SUCCESS != (ret = ldap_start_tls_s(ldap, NULL,  NULL))) {
+	 			log_error_write(srv, __FILE__, __LINE__, "ss", "ldap startTLS failed:", ldap_err2string(ret));
+		
+				ldap_unbind_s(ldap);
+				
+				return -1;
+	 		}
+ 		}
+
 		
 		if (LDAP_SUCCESS != (ret = ldap_simple_bind_s(ldap, dn, pw))) {
 			log_error_write(srv, __FILE__, __LINE__, "ss", "ldap:", ldap_err2string(ret));
--- a/src/http_auth.h
+++ b/src/http_auth.h
@ -28,6 +28,8 @@ typedef struct {
 	buffer *auth_ldap_hostname;
 	buffer *auth_ldap_basedn;
 	buffer *auth_ldap_filter;
+	buffer *auth_ldap_cafile;
+	unsigned short auth_ldap_starttls;
 	
 	unsigned short auth_debug;