Commit d31a3fb9 authored by Howard Chu's avatar Howard Chu
Browse files

ITS#2570 - don't permanently give up on TLS due to transient failures

parent 5083977f
......@@ -763,6 +763,7 @@ do_bind(
)
{
int ldrc;
int do_tls = ri->ri_tls;
*lderr = 0;
......@@ -885,7 +886,7 @@ retry:
}
ldap_set_option(ri->ri_ldp, LDAP_OPT_RESTART, LDAP_OPT_ON);
if( ri->ri_tls ) {
if( do_tls ) {
int err = ldap_start_tls_s(ri->ri_ldp, NULL, NULL);
if( err != LDAP_SUCCESS ) {
......@@ -907,7 +908,7 @@ retry:
ri->ri_ldp = NULL;
return BIND_ERR_TLS_FAILED;
}
ri->ri_tls = TLS_OFF;
do_tls = TLS_OFF;
goto retry;
}
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment