lib-dict: Add option to enforce SSL

author Aki Tuomi <aki.tuomi@dovecot.fi>

Mon, 11 Apr 2016 19:56:40 +0000 (22:56 +0300)

committer Aki Tuomi <aki.tuomi@dovecot.fi>

Wed, 13 Apr 2016 07:56:57 +0000 (10:56 +0300)
author Aki Tuomi <aki.tuomi@dovecot.fi>
Mon, 11 Apr 2016 19:56:40 +0000 (22:56 +0300)
committer Aki Tuomi <aki.tuomi@dovecot.fi>
Wed, 13 Apr 2016 07:56:57 +0000 (10:56 +0300)
diff --git a/src/lib-dict/dict-ldap-settings.c b/src/lib-dict/dict-ldap-settings.c

index 2d498170fb55499dd0fe87ceeb712dd0ec54cab1..df793a5b73a8e01d1e5cfb170f0a8c13552e2218 100644 (file)
--- a/src/lib-dict/dict-ldap-settings.c
+++ b/src/lib-dict/dict-ldap-settings.c
@@ -209,6 +209,16 @@ parse_setting(const char *key, const char *value,
                         }
                         return NULL;
                 }
+               if (strcmp(key, "require_ssl") == 0) {
+                       if (strcasecmp(value, "yes") == 0) {
+                               ctx->set->require_ssl = TRUE;
+                       } else if (strcasecmp(value, "no") == 0) {
+                               ctx->set->require_ssl = FALSE;
+                       } else {
+                               return "require_ssl must be either yes or no";
+                       }
+                       return NULL;
+               }
                 break;
         case SECTION_MAP:
                 return parse_setting_from_defs(ctx->pool,
diff --git a/src/lib-dict/dict-ldap-settings.h b/src/lib-dict/dict-ldap-settings.h

index a56b300e222d2181be479094d05e0333ee39ac55..dadd32121b001efa43fc33d91b8f05725776f777 100644 (file)
--- a/src/lib-dict/dict-ldap-settings.h
+++ b/src/lib-dict/dict-ldap-settings.h
@@ -25,6 +25,7 @@ struct dict_ldap_settings {
         unsigned int max_idle_time;
         unsigned int debug;
         unsigned int max_attribute_count;
+       bool require_ssl;
         ARRAY(struct dict_ldap_map) maps;
  };
  
diff --git a/src/lib-dict/dict-ldap.c b/src/lib-dict/dict-ldap.c

index 8b64739132ffb09b8edd036bfbd0ce17866f9422..6344681beead9af335d0a61a3cb44fee9a3ce213 100644 (file)
--- a/src/lib-dict/dict-ldap.c
+++ b/src/lib-dict/dict-ldap.c
@@ -160,6 +160,7 @@ int dict_ldap_connect(struct ldap_dict *dict, const char **error_r)
         set.timeout_secs = dict->set->timeout;
         set.max_idle_time_secs = dict->set->max_idle_time;
         set.debug = dict->set->debug;
+       set.require_ssl = dict->set->require_ssl;
         return ldap_client_init(&set, &dict->client, error_r);
  }
author	Aki Tuomi <aki.tuomi@dovecot.fi>
	Mon, 11 Apr 2016 19:56:40 +0000 (22:56 +0300)
committer	Aki Tuomi <aki.tuomi@dovecot.fi>
	Wed, 13 Apr 2016 07:56:57 +0000 (10:56 +0300)
src/lib-dict/dict-ldap-settings.c		patch \| blob \| blame \| history
src/lib-dict/dict-ldap-settings.h		patch \| blob \| blame \| history
src/lib-dict/dict-ldap.c		patch \| blob \| blame \| history