1 file changed, 2 insertions(+), 1 deletion(-)
New commits:
commit 16445ac913a7e8eff2b48edf76a42e2bab7d6bb1
Author: Graham Leggett <minfrin@sharp.fm>
Date: Thu Mar 31 02:48:43 2016 +0200
Ticket #48782 - Make sure that when LDAP_OPT_X_TLS_NEWCTX is set, the value is set to zero.
Description: The attached patch is for the optval issue described above.
Optval is explicitly set to zero, rather than using whatever arbitrary
value is present in optval from the earlier ldap_set_option call.
https://fedorahosted.org/389/ticket/48782
Reviewed by nhosoi@redhat.com.
diff --git a/ldap/servers/slapd/ldaputil.c b/ldap/servers/slapd/ldaputil.c
index e62d1f2..3851be5 100644
--- a/ldap/servers/slapd/ldaputil.c
+++ b/ldap/servers/slapd/ldaputil.c
@@ -605,7 +605,8 @@ setup_ol_tls_conn(LDAP *ld, int clientauth)
/* have to do this last - this creates the new TLS handle and sets/copies
all of the parameters set above into that TLS handle context - note
- that optval is ignored - what matters is that it is not NULL */
+ that optval is zero, meaning create a context for a client */
+ optval = 0;
if ((rc = ldap_set_option(ld, LDAP_OPT_X_TLS_NEWCTX, &optval))) {
slapi_log_error(SLAPI_LOG_FATAL, "setup_ol_tls_conn",
"failed: unable to create new TLS context - %d\n", rc);
--
389 commits mailing list
389-commits@%(host_name)s
http://lists.fedoraproject.org/admin/lists/389-commits@lists.fedoraproject.org
No comments:
Post a Comment