1 files changed, 23 insertions, 8 deletions

diff --git a/net/liblinphone/files/patch-src_ldap_ldap-contact-provider.cpp b/net/liblinphone/files/patch-src_ldap_ldap-contact-provider.cpp
index a6fa44138a6f..38c7bb6daeff 100644
--- a/net/liblinphone/files/patch-src_ldap_ldap-contact-provider.cpp
+++ b/net/liblinphone/files/patch-src_ldap_ldap-contact-provider.cpp
@@ -1,13 +1,28 @@
---- src/ldap/ldap-contact-provider.cpp.orig	2023-03-17 13:29:37 UTC
+--- src/ldap/ldap-contact-provider.cpp.orig	2025-03-20 22:21:32 UTC
 +++ src/ldap/ldap-contact-provider.cpp
-@@ -221,11 +221,6 @@ void LdapContactProvider::initializeLdap(){
- 		ms_error("[LDAP] Cannot initialize address to %s : %x (%s), err %x (%s)",mConfig["server"].c_str(), ret, ldap_err2string(ret), err, ldap_err2string(err));
- 		mCurrentAction = ACTION_ERROR;
- 	}else if(mConfig.count("use_tls")>0 && mConfig["use_tls"] == "1"){
--		if(mConfig.count("use_sal")>0 && mConfig["use_sal"] == "1"){// Using Sal give an IP for a domain. So check the domain rather than the IP.
--			belle_generic_uri_t *serverUri = belle_generic_uri_parse(mConfig["server"].c_str());
--			std::string hostname = belle_generic_uri_get_host(serverUri);
+@@ -269,7 +269,9 @@ void LdapContactProvider::initializeLdap() {
+ 			lError() << "[LDAP] Problem initializing TLS on setting require SAN '" << mServerUrl[mServerUrlIndex]
+ 			         << "': " << ret << " (" << ldap_err2string(ret) << ")";
+ 
++#ifdef LDAP_OPT_X_TLS_RANDOM_FUNC
+ 		ret = ldap_set_option(NULL, LDAP_OPT_X_TLS_RANDOM_FUNC, (void *)randomProvider);
++#endif
+ 		if (ret != LDAP_SUCCESS) {
+ 			lError() << "[LDAP] Problem initializing TLS random generator function.";
+ 		}
+@@ -291,16 +293,6 @@ void LdapContactProvider::initializeLdap() {
+ 		         << ldap_err2string(ret) << "), err " << err << " (" << ldap_err2string(err) << ")";
+ 		fallbackToNextServerUrl();
+ 	} else if (mConfig.count("use_tls") > 0 && mConfig["use_tls"][0] == "1") {
+-		if (mConfig.count("use_sal") > 0 &&
+-		    mConfig["use_sal"][0] ==
+-		        "1") { // Using Sal give an IP for a domain. So check the domain rather than the IP.
+-			belle_generic_uri_t *serverUri = belle_generic_uri_parse(
+-			    mConfig["server"][mConfigServerIndex].c_str()); // mServer are results of sal. Use the root urls.
+-			const char *cHost = belle_generic_uri_get_host(serverUri);
+-			std::string hostname = cHost ? cHost : "";
 -			ldap_set_option(mLd, LDAP_OPT_X_TLS_PEER_CN, &hostname[0]);
+-			if (serverUri) belle_sip_object_unref(serverUri);
 -		}
  		mTlsConnectionId = -1;
  		mCurrentAction = ACTION_WAIT_TLS_CONNECT;