Error when user tries to mix command line and default URI components.

Remove TLS hard as an ldap.conf option as being not a over-writable default. The appropriate way to request ldaps:// is use an ldaps:// URI. A rewrite to only sent hard for the default URIs but ignored if the application provides it own URI would be acceptable.
2025-12-24 00:29:35 -05:00 · 2003-05-22 00:13:00 +00:00 · 2003-05-22 00:13:00 +00:00 · 65bfb44e8e
commit 65bfb44e8e
parent a0faa93683
2 changed files with 6 additions and 2 deletions
--- a/clients/tools/common.c
+++ b/clients/tools/common.c
@ -520,7 +520,12 @@ tool_args( int argc, char **argv )
 #endif
 	}

-	if( ldapuri != NULL ) {
+	if( ldapuri == NULL ) {
+		if( ldapport && ( ldaphost == NULL )) {
+			fprintf( stderr, "%s: -p without -h is invalid.\n", prog );
+			exit( EXIT_FAILURE );
+		}
+	} else {
 		if( ldaphost != NULL ) {
 			fprintf( stderr, "%s: -H incompatible with -h\n", prog );
 			exit( EXIT_FAILURE );
--- a/libraries/libldap/init.c
+++ b/libraries/libldap/init.c
@ -81,7 +81,6 @@ static const struct ol_attribute {
 #endif

 #ifdef HAVE_TLS
-  	{0, ATTR_TLS,		"TLS",			NULL,	LDAP_OPT_X_TLS},
 	{1, ATTR_TLS,		"TLS_CERT",		NULL,	LDAP_OPT_X_TLS_CERTFILE},
 	{1, ATTR_TLS,		"TLS_KEY",		NULL,	LDAP_OPT_X_TLS_KEYFILE},
  	{0, ATTR_TLS,		"TLS_CACERT",	NULL,	LDAP_OPT_X_TLS_CACERTFILE},