bail out with error if someone tries to use another cert than PEM with OpenLDAP.

author: Gunter Knauf <gk@gknw.de> 2007-08-25 12:10:30 +0000
committer: Gunter Knauf <gk@gknw.de> 2007-08-25 12:10:30 +0000
commit: 327c0d6b1ccbaa73147ffd3f250c7f95e6f4d70d (patch)
tree: 70d47378d589b646ec37959e0a817512d46ce833
parent: 870842ccee5bb9c116547f29dbb1c548979e0728 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/ldap.c b/lib/ldap.c
index 4e6261632..abbd52f29 100644
--- a/lib/ldap.c
+++ b/lib/ldap.c
@@ -216,6 +216,12 @@ CURLcode Curl_ldap(struct connectdata *conn, bool *done)
 #elif defined(LDAP_OPT_X_TLS)
     if (data->set.ssl.verifypeer) {
       /* OpenLDAP SDK supports BASE64 files. */
+      if ((data->set.str[STRING_CERT_TYPE]) &&
+              (!strequal(data->set.str[STRING_CERT_TYPE], "PEM"))) {
+        failf(data, "LDAP local: ERROR OpenLDAP does only support PEM cert-type!");
+        status = CURLE_SSL_CERTPROBLEM;
+        goto quit;
+      }
       if (!ldap_ca) {
         failf(data, "LDAP local: ERROR PEM CA cert not set!");
         status = CURLE_SSL_CERTPROBLEM;
author	Gunter Knauf <gk@gknw.de>	2007-08-25 12:10:30 +0000
committer	Gunter Knauf <gk@gknw.de>	2007-08-25 12:10:30 +0000
commit	327c0d6b1ccbaa73147ffd3f250c7f95e6f4d70d (patch)
tree	70d47378d589b646ec37959e0a817512d46ce833
parent	870842ccee5bb9c116547f29dbb1c548979e0728 (diff)