X-Git-Url: http://git.samba.org/?a=blobdiff_plain;f=source3%2Flib%2Fsmbldap.c;h=cdd350fffa1e23051594b7efbedc197456472085;hb=e18610a197aab80a32cae8c1e09b96496679bbad;hp=71166f649bea844ceb084791c69752648ba2e86c;hpb=332b179143f4cccda3f6b4c84abb3c52fac8589c;p=samba.git

diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c
index 71166f649be..cdd350fffa1 100644
--- a/source3/lib/smbldap.c
+++ b/source3/lib/smbldap.c
@@ -278,7 +278,7 @@ void smbldap_set_bind_callback(struct smbldap_state *state,
 		       struct dom_sid *sid)
 {
 	DATA_BLOB blob;
-	bool ret;
+	struct sid_parse_ret ret;
 
 	if (!smbldap_talloc_single_blob(talloc_tos(), ld, msg, attrib,
 					&blob)) {
@@ -286,7 +286,7 @@ void smbldap_set_bind_callback(struct smbldap_state *state,
 	}
 	ret = sid_parse(blob.data, blob.length, sid);
 	TALLOC_FREE(blob.data);
-	return ret;
+	return (ret.len != -1);
 }
 
  static int ldapmsg_destructor(LDAPMessage **result) {
@@ -604,7 +604,7 @@ static void smbldap_store_state(LDAP *ld, struct smbldap_state *smbldap_state)
 int smbldap_start_tls(LDAP *ldap_struct, int version)
 { 
 #ifdef LDAP_OPT_X_TLS
-	int rc;
+	int rc,tls;
 #endif
 
 	if (lp_ldap_ssl() != LDAP_SSL_START_TLS) {
@@ -612,6 +612,12 @@ int smbldap_start_tls(LDAP *ldap_struct, int version)
 	}
 
 #ifdef LDAP_OPT_X_TLS
+	/* check if we use ldaps already */
+	ldap_get_option(ldap_struct, LDAP_OPT_X_TLS, &tls);
+	if (tls == LDAP_OPT_X_TLS_HARD) {
+		return LDAP_SUCCESS;
+	}
+
 	if (version != LDAP_VERSION3) {
 		DEBUG(0, ("Need LDAPv3 for Start TLS\n"));
 		return LDAP_OPERATIONS_ERROR;