From: Howard Chu <hyc@openldap.org>
Date: Sun, 9 Oct 2005 20:04:49 +0000 (+0000)
Subject: ITS#4072 prevent ldaps listeners when TLS is not configured
X-Git-Tag: OPENLDAP_REL_ENG_2_2_MP~298
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=4f0c386c68f2e2a98250b1a217f71f2e6405b1e9;p=openldap

ITS#4072 prevent ldaps listeners when TLS is not configured
---

diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c
index 098bce5242..f7e8a7f9b4 100644
--- a/servers/slapd/daemon.c
+++ b/servers/slapd/daemon.c
@@ -836,6 +836,13 @@ static int slap_open_listener(
 #else
 	l.sl_is_tls = ldap_pvt_url_scheme2tls( lud->lud_scheme );
 
+	if ( l.sl_is_tls && !slap_tls_ctx ) {
+		Debug( LDAP_DEBUG_ANY,
+			"daemon: TLS not configured (%s)\n",
+			url, 0, 0 );
+		ldap_free_urldesc( lud );
+		return -1;
+	}
 	if(! lud->lud_port ) {
 		lud->lud_port = l.sl_is_tls ? LDAPS_PORT : LDAP_PORT;
 	}