SOURCES (RA-branch): pam_ldap-CAN-2005-2069.patch (NEW) - fix for ...

Wed Aug 10 13:01:09 CEST 2005

Author: hawk                         Date: Wed Aug 10 11:01:09 2005 GMT
Module: SOURCES                       Tag: RA-branch
---- Log message:
- fix for CAN-2005-2069

---- Files affected:
SOURCES:
   pam_ldap-CAN-2005-2069.patch (NONE -> 1.1.2.1)  (NEW)

---- Diffs:

================================================================
Index: SOURCES/pam_ldap-CAN-2005-2069.patch
diff -u /dev/null SOURCES/pam_ldap-CAN-2005-2069.patch:1.1.2.1

--- /dev/null	Wed Aug 10 13:01:09 2005
+++ SOURCES/pam_ldap-CAN-2005-2069.patch	Wed Aug 10 13:01:03 2005
@@ -0,0 +1,29 @@
+diff -urN pam_ldap-176/pam_ldap.c pam_ldap-176.new/pam_ldap.c
+--- pam_ldap-176/pam_ldap.c	2004-10-01 03:33:14.000000000 +0100
++++ pam_ldap-176.new/pam_ldap.c	2005-06-22 01:40:06.000000000 +0100
+@@ -1587,6 +1587,7 @@
+   pam_ldap_session_t *session = global_session;
+ #endif
+   char *who, *cred;
++  int rc;
+ 
+   if (session->info != NULL && session->info->bound_as_user == 1)
+     {
+@@ -1607,6 +1608,17 @@
+ 	}
+     }
+ 
++  if (session->conf->ssl_on == SSL_START_TLS)
++    {
++      rc = ldap_start_tls_s (session->ld, NULL, NULL);
++      if (rc != LDAP_SUCCESS)
++        {
++          syslog (LOG_ERR, "pam_ldap: ldap_starttls_s: %s",
++                  ldap_err2string (rc));
++          return PAM_SERVICE_ERR;
++        }
++    }
++
+   return ldap_simple_bind_s (ld, who, cred);
+ }
+ #else
================================================================

