From: Amos Jeffries <squid3@treenet.co.nz>
Date: Mon, 7 Sep 2009 06:02:25 +0000 (+1200)
Subject: Author: Henrik Nordstrom <hno@squid-cache.org>
X-Git-Tag: SQUID_3_2_0_1~735
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=59bce1e80b711c4bc7c7ad5642e3ca227dced424;p=thirdparty%2Fsquid.git

Author: Henrik Nordstrom <hno@squid-cache.org>
Bug 2510: digest_ldap_auth uses incorrect logic with TLS
---

diff --git a/helpers/digest_auth/ldap/ldap_backend.c b/helpers/digest_auth/ldap/ldap_backend.c
index 0e4a9fecda..47b440829c 100644
--- a/helpers/digest_auth/ldap/ldap_backend.c
+++ b/helpers/digest_auth/ldap/ldap_backend.c
@@ -361,10 +361,12 @@ ldapconnect(void)
         }
         if (use_tls) {
 #ifdef LDAP_OPT_X_TLS
-            if ((version == LDAP_VERSION3) && (ldap_start_tls_s(ld, NULL, NULL) == LDAP_SUCCESS)) {
+            if (version != LDAP_VERSION3) {
+                fprintf(stderr, "TLS requires LDAP version 3\n");
+                exit(1);
+            } else if (ldap_start_tls_s(ld, NULL, NULL) != LDAP_SUCCESS) {
                 fprintf(stderr, "Could not Activate TLS connection\n");
-                ldap_unbind(ld);
-                ld = NULL;
+                exit(1);
             }
 #else
             fprintf(stderr, "TLS not supported with your LDAP library\n");