dovecot-1.1: If sasl_bind=yes or tls=yes is used and ldap_versio...
dovecot at dovecot.org
dovecot at dovecot.org
Wed Mar 5 00:57:21 EET 2008
details: http://hg.dovecot.org/dovecot-1.1/rev/57ae4181bb32
changeset: 7344:57ae4181bb32
user: Timo Sirainen <tss at iki.fi>
date: Wed Mar 05 00:57:17 2008 +0200
description:
If sasl_bind=yes or tls=yes is used and ldap_version<3, fail with an error.
diffstat:
1 file changed, 8 insertions(+), 4 deletions(-)
src/auth/db-ldap.c | 12 ++++++++----
diffs (22 lines):
diff -r 034e18a91a6b -r 57ae4181bb32 src/auth/db-ldap.c
--- a/src/auth/db-ldap.c Wed Mar 05 00:34:59 2008 +0200
+++ b/src/auth/db-ldap.c Wed Mar 05 00:57:17 2008 +0200
@@ -716,10 +716,14 @@ static void db_ldap_set_options(struct l
db_ldap_set_opt(conn, LDAP_OPT_DEREF, &conn->set.ldap_deref,
"deref", conn->set.deref);
- /* If SASL binds are used, the protocol version needs to be
- at least 3 */
- ldap_version = conn->set.sasl_bind &&
- conn->set.ldap_version < 3 ? 3 : conn->set.ldap_version;
+ if (conn->set.ldap_version < 3) {
+ if (conn->set.sasl_bind)
+ i_fatal("LDAP: sasl_bind=yes requires ldap_version=3");
+ if (conn->set.tls)
+ i_fatal("LDAP: tls=yes requires ldap_version=3");
+ }
+
+ ldap_version = conn->set.ldap_version;
db_ldap_set_opt(conn, LDAP_OPT_PROTOCOL_VERSION, &ldap_version,
"protocol_version", dec2str(ldap_version));
db_ldap_set_tls_options(conn);
More information about the dovecot-cvs
mailing list