Decouple ldap-ssl-ads from ldap-ssl option

[samba.git] / source3 / lib / smbldap.c

diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c
index 7a96714ad1a1b795b34fd08cd2e93171cc184534..4815dd81fc38d852a4c21f167a8f2545f075bc8c 100644 (file)
--- a/source3/lib/smbldap.c
+++ b/source3/lib/smbldap.c
@@ -598,20 +598,27 @@ static void smbldap_store_state(LDAP *ld, struct smbldap_state *smbldap_state)
 }
 
 /********************************************************************
- start TLS on an existing LDAP connection
+ start TLS on an existing LDAP connection per config
 *******************************************************************/
 
 int smbldap_start_tls(LDAP *ldap_struct, int version)
-{ 
-#ifdef LDAP_OPT_X_TLS
-       int rc,tls;
-#endif
-
+{
        if (lp_ldap_ssl() != LDAP_SSL_START_TLS) {
                return LDAP_SUCCESS;
        }
 
+       return smbldap_start_tls_start(ldap_struct, version);
+}
+
+/********************************************************************
+ start TLS on an existing LDAP connection unconditionally
+*******************************************************************/
+
+int smbldap_start_tls_start(LDAP *ldap_struct, int version)
+{
 #ifdef LDAP_OPT_X_TLS
+       int rc,tls;
+
        /* check if we use ldaps already */
        ldap_get_option(ldap_struct, LDAP_OPT_X_TLS, &tls);
        if (tls == LDAP_OPT_X_TLS_HARD) {
@@ -1689,7 +1696,7 @@ int smbldap_search_suffix (struct smbldap_state *ldap_state,
                           const char *filter, const char **search_attr,
                           LDAPMessage ** result)
 {
-       return smbldap_search(ldap_state, lp_ldap_suffix(talloc_tos()),
+       return smbldap_search(ldap_state, lp_ldap_suffix(),
                              LDAP_SCOPE_SUBTREE,
                              filter, search_attr, 0, result);
 }