X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=libraries%2Flibldap%2Fopen.c;h=93019b0915c52b2e55bfb5d9d73f9035cbf2fc81;hb=e0691dfbc07d0b2a0e6bec528b33802ed04f5960;hp=50641603c79ee26974d6560ad26f68959978a65c;hpb=1f52f6e43e678c8f77625f5c96105a1bb51cc1ce;p=openldap

diff --git a/libraries/libldap/open.c b/libraries/libldap/open.c
index 50641603c7..93019b0915 100644
--- a/libraries/libldap/open.c
+++ b/libraries/libldap/open.c
@@ -12,7 +12,8 @@
 #include "portable.h"
 
 #include <stdio.h>
-#include <stdlib.h>
+
+#include <ac/stdlib.h>
 
 #include <ac/socket.h>
 #include <ac/string.h>
@@ -235,13 +236,13 @@ open_ldap_connection( LDAP *ld, Sockbuf *sb, const char *host, int defport,
 			    port = defport;   
 			}
 
-			if (( rc = ldap_connect_to_host( sb, curhost, 0L,
+			if (( rc = ldap_connect_to_host( ld, sb, curhost, 0L,
 			    port, async )) != -1 ) {
 				break;
 			}
 		}
 	} else {
-		rc = ldap_connect_to_host( sb, NULL, htonl( INADDR_LOOPBACK ),
+		rc = ldap_connect_to_host( ld, sb, 0, htonl( INADDR_LOOPBACK ),
 		    defport, async );
 	}
 
@@ -251,6 +252,20 @@ open_ldap_connection( LDAP *ld, Sockbuf *sb, const char *host, int defport,
    
    	ber_pvt_sb_set_io( sb, &ber_pvt_sb_io_tcp, NULL );
 
+#ifdef HAVE_TLS
+   	if ( ld->ld_options.ldo_tls_mode == LDAP_OPT_X_TLS_HARD ) {
+		/*
+		 * Fortunately, the lib uses blocking io...
+		 */
+		if ( ldap_pvt_tls_connect( sb, ld->ld_options.ldo_tls_ctx ) < 
+		     0 ) {
+			return -1;
+		}
+		/* FIXME: hostname of server must be compared with name in
+		 * certificate....
+		 */
+	}
+#endif
 	if ( krbinstancep != NULL ) {
 #ifdef HAVE_KERBEROS
 		char *c;