From ccf48aa7761065283483d667f3efaf33b5b2a728 Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Tue, 1 Dec 2020 14:12:33 +0100
Subject: [PATCH 1/3] service: make sure use_ldaps is not only set for
automatic join
The check if ldaps is requested or not was only called if an automatic
join was enabled. With this patch it is checked in all cases.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1826964
---
service/realm-sssd-ad.c | 26 +++++++++++++-------------
1 file changed, 13 insertions(+), 13 deletions(-)
diff --git a/service/realm-sssd-ad.c b/service/realm-sssd-ad.c
index 00a9093..ea5f28c 100644
--- a/service/realm-sssd-ad.c
+++ b/service/realm-sssd-ad.c
@@ -349,19 +349,6 @@ parse_join_options (JoinClosure *join,
return FALSE;
}
- /*
- * Check if ldaps should be used and if membership software supports
- * it.
- */
- join->use_ldaps = realm_option_use_ldaps (options);
- if (join->use_ldaps &&
- g_str_equal (software, REALM_DBUS_IDENTIFIER_SAMBA)) {
- realm_diagnostics_info (join->invocation,
- "Membership software %s does "
- "not support ldaps, trying "
- "without.", software);
- }
-
/*
* If we are enrolling with a user password, then we have to use samba,
* adcli only supports admin passwords.
@@ -393,6 +380,19 @@ parse_join_options (JoinClosure *join,
g_assert (software != NULL);
+ /*
+ * Check if ldaps should be used and if membership software supports
+ * it.
+ */
+ join->use_ldaps = realm_option_use_ldaps (options);
+ if (join->use_ldaps &&
+ g_str_equal (software, REALM_DBUS_IDENTIFIER_SAMBA)) {
+ realm_diagnostics_info (join->invocation,
+ "Membership software %s does "
+ "not support ldaps, trying "
+ "without.", software);
+ }
+
if (g_str_equal (software, REALM_DBUS_IDENTIFIER_ADCLI)) {
join->use_adcli = TRUE;
join->packages = ADCLI_PACKAGES;
--
2.28.0