ITS#4072 prevent ldaps listeners when TLS is not configured

diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c
index 098bce5242d7d042e2d977dfb8c015b551d36178..f7e8a7f9b4c7312fd3b7994677747dcb37b62e76 100644 (file)
--- a/servers/slapd/daemon.c
+++ b/servers/slapd/daemon.c
@@ -836,6 +836,13 @@ static int slap_open_listener(
 #else
        l.sl_is_tls = ldap_pvt_url_scheme2tls( lud->lud_scheme );
 
+       if ( l.sl_is_tls && !slap_tls_ctx ) {
+               Debug( LDAP_DEBUG_ANY,
+                       "daemon: TLS not configured (%s)\n",
+                       url, 0, 0 );
+               ldap_free_urldesc( lud );
+               return -1;
+       }
        if(! lud->lud_port ) {
                lud->lud_port = l.sl_is_tls ? LDAPS_PORT : LDAP_PORT;
        }