From 147ce679121a81fe230b4599f8a02dd96b1b9447 Mon Sep 17 00:00:00 2001
From: Rich Megginson <rmeggins@redhat.com>
Date: Oct 08 2010 22:11:46 +0000
Subject: org cannot use LDAP_URL_OPT_SECURE; ldap_sasl_bind result check not correct


have to look at the url to see if it begins with "ldaps://" to see if we
should use TLS/SSL
ldap_sasl_bind failure is != LDAP_SUCCESS

---

diff --git a/doauth.c b/doauth.c
index cd50f17..5fe0472 100644
--- a/doauth.c
+++ b/doauth.c
@@ -70,7 +70,7 @@ post_request()
     cred.bv_val = password;
     cred.bv_len = strlen(password);
     if( ldap_sasl_bind( ld, binddn, LDAP_SASL_SIMPLE, &cred, NULL, NULL, &msgid )
-                                                            == LDAP_SUCCESS ) {
+                                                            != LDAP_SUCCESS ) {
 		rc = dsgw_ldap_get_lderrno( ld, NULL, &lderrtxt );
 		do_autherror( rc, NULL, lderrtxt, authdesturl == NULL );
 		exit( 0 );
diff --git a/orgbin/org.in b/orgbin/org.in
index 6be6b72..07f7d30 100755
--- a/orgbin/org.in
+++ b/orgbin/org.in
@@ -395,7 +395,7 @@ sub get_org_data
     my $host = $h->{host};
     my $port = $h->{port};
     my $securitydir;
-    if ($h->{options} & LDAP_URL_OPT_SECURE) {
+    if ($config_tokens{"ldap-url"} =~ m,^ldaps://,i) {
 		$securitydir = $config_tokens{"securitydir"};
 		if ($securitydir eq "none") {
 			&output_html_header("no-javascript");
@@ -1270,7 +1270,7 @@ sub search_for_enduser_query()
 	my $host = $h->{host};
 	my $port = $h->{port};
 	my $securitydir;
-	if ($h->{options} & LDAP_URL_OPT_SECURE) {
+    if ($config_tokens{"ldap-url"} =~ m,^ldaps://,i) {
 		$securitydir = $config_tokens{"securitydir"};
 		if ($securitydir eq "none") {
 			&output_html_header("no-javascript");