From dff993dcea7caaf6d48ca64997fe163e1af94261 Mon Sep 17 00:00:00 2001
From: Roland Gruber <post@rolandgruber.de>
Date: Sat, 16 Aug 2003 16:54:11 +0000
Subject: [PATCH] try to start TLS, fall back to standard connection if it
 failed

---
 lam/lib/ldap.inc | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/lam/lib/ldap.inc b/lam/lib/ldap.inc
index 8d997578..d7852832 100644
--- a/lam/lib/ldap.inc
+++ b/lam/lib/ldap.inc
@@ -97,7 +97,16 @@ class Ldap{
 			// use LDAPv3
 			ldap_set_option($this->server, LDAP_OPT_PROTOCOL_VERSION, 3);
 			// start TLS if possible
-			//if (function_exists('ldap_start_tls')) ldap_start_tls($this->server);
+			if (function_exists('ldap_start_tls')) {
+				@ldap_start_tls($this->server);
+				// connect without TLS if it failed
+				if (ldap_errno($this->server) > 0) {
+					@ldap_close($this->server);
+					$this->server = @ldap_connect($this->conf->get_ServerURL());
+					ldap_set_option($this->server, LDAP_OPT_PROTOCOL_VERSION, 3);
+				}
+			}
+			//echo ldap_error($this->server) . " | " . ldap_errno($this->server);
 			$bind = @ldap_bind($this->server, $user, $passwd);
 			if ($bind) {
 				// return server handle