From d1d018768afd79cb2ecd1805f0d8f3ed23f4076b Mon Sep 17 00:00:00 2001
From: Stefan Fritsch <sf@sfritsch.de>
Date: Sun, 29 Jan 2012 13:30:57 +0100
Subject: Upstream tarball 2.2.22

---
 srclib/apr-util/ldap/apr_ldap_init.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'srclib/apr-util/ldap/apr_ldap_init.c')

diff --git a/srclib/apr-util/ldap/apr_ldap_init.c b/srclib/apr-util/ldap/apr_ldap_init.c
index 458f281b..8aacb2a5 100644
--- a/srclib/apr-util/ldap/apr_ldap_init.c
+++ b/srclib/apr-util/ldap/apr_ldap_init.c
@@ -156,13 +156,29 @@ APU_DECLARE_LDAP(int) apr_ldap_init(apr_pool_t *pool,
     *result_err = result;
 
 #if APR_HAS_LDAPSSL_INIT
+#if APR_HAS_SOLARIS_LDAPSDK
+    /*
+     * Using the secure argument should aways be possible.  But as LDAP SDKs
+     * tend to have different quirks and bugs, this needs to be tested for
+     * for each of them, first. For Solaris LDAP it works, and the method
+     * with ldap_set_option doesn't.
+     */
+    *ldap = ldapssl_init(hostname, portno, secure == APR_LDAP_SSL);
+#else
     *ldap = ldapssl_init(hostname, portno, 0);
+#endif
 #elif APR_HAS_LDAP_SSLINIT
     *ldap = ldap_sslinit((char *)hostname, portno, 0);
 #else
     *ldap = ldap_init((char *)hostname, portno);
 #endif
+
     if (*ldap != NULL) {
+#if APR_HAS_SOLARIS_LDAPSDK
+        if (secure == APR_LDAP_SSL)
+            return APR_SUCCESS;
+        else
+#endif
         return apr_ldap_set_option(pool, *ldap, APR_LDAP_OPT_TLS, &secure, result_err);
     }
     else {
-- 
cgit v1.2.3