]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 950a14e)
Set tls_mode if LDAP scheme is ldaps://
authorNick Porter <nick@portercomputing.co.uk>
Thu, 18 Jul 2024 08:06:57 +0000 (09:06 +0100)
committerNick Porter <nick@portercomputing.co.uk>
Thu, 18 Jul 2024 08:06:57 +0000 (09:06 +0100)
Allows for ldaps:// connections on ports other than 636 to be correctly
identified as using SSL

src/lib/ldap/util.c patch | blob | blame | history

diff --git a/src/lib/ldap/util.c b/src/lib/ldap/util.c
index e58e787625030b64af8c58bf19391f5057efc104..77eed445b70f02357e4e2f061dc7532a413dedd1 100644 (file)
--- a/src/lib/ldap/util.c
+++ b/src/lib/ldap/util.c
@@ -656,6 +656,7 @@ int fr_ldap_server_url_check(fr_ldap_config_t *handle_config, char const *server
                                cf_log_err(ci, "ldaps:// scheme is not compatible with 'start_tls'");
                                goto ldap_url_error;
                        }
+                       handle_config->tls_mode = LDAP_OPT_X_TLS_HARD;
                } else if (strcmp(ldap_url->lud_scheme, "ldapi") == 0) {
                        set_port_maybe = false;
                }
Mirror of https://github.com/FreeRADIUS/freeradius-server.git