Error when user tries to mix command line and default URI components.

Remove TLS hard as an ldap.conf option as being not a over-writable
default.  The appropriate way to request ldaps:// is use an ldaps://
URI.  A rewrite to only sent hard for the default URIs but ignored
if the application provides it own URI would be acceptable.

diff --git a/clients/tools/common.c b/clients/tools/common.c
index 2ca3d2ed8d0c96d82bebfc1283d45180ff01c045..c301ee618d024859d70cdb5b887140483e85c1f2 100644 (file)
--- a/clients/tools/common.c
+++ b/clients/tools/common.c
@@ -520,7 +520,12 @@ tool_args( int argc, char **argv )
 #endif
        }
 
-       if( ldapuri != NULL ) {
+       if( ldapuri == NULL ) {
+               if( ldapport && ( ldaphost == NULL )) {
+                       fprintf( stderr, "%s: -p without -h is invalid.\n", prog );
+                       exit( EXIT_FAILURE );
+               }
+       } else {
                if( ldaphost != NULL ) {
                        fprintf( stderr, "%s: -H incompatible with -h\n", prog );
                        exit( EXIT_FAILURE );

diff --git a/libraries/libldap/init.c b/libraries/libldap/init.c
index 093cedf32f4f47bbeb537e9a352bb0bcfc981c68..1a09236687c90031451ac9d8eca6e7ed6b0ab2e5 100644 (file)
--- a/libraries/libldap/init.c
+++ b/libraries/libldap/init.c
@@ -81,7 +81,6 @@ static const struct ol_attribute {
 #endif
 
 #ifdef HAVE_TLS
-       {0, ATTR_TLS,           "TLS",                  NULL,   LDAP_OPT_X_TLS},
        {1, ATTR_TLS,           "TLS_CERT",             NULL,   LDAP_OPT_X_TLS_CERTFILE},
        {1, ATTR_TLS,           "TLS_KEY",              NULL,   LDAP_OPT_X_TLS_KEYFILE},
        {0, ATTR_TLS,           "TLS_CACERT",   NULL,   LDAP_OPT_X_TLS_CACERTFILE},