[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3791) start_tls while chasing referrals

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#3791) start_tls while chasing referrals
From: ando@sys-net.it
Date: Thu, 11 Aug 2005 13:11:10 GMT

> But this would again return LDAP_LOCAL_ERROR since ldap_pvt_tls_inplace()
> is
> true for ld->ld_sb. If I see it correctly ld->ld_sb still points to the
> original connection (not to the new connection of the referral). Please
> correct me if I am wrong here.

That's correct.  After re-checking the code, it appears that the option
LDAP_OPT_X_TLS_HARD is not working as intended.  I need to investigate it
a bit further.  However, the patch looks essentially correct, so I'm going
to apply it with some reworking.  I think it's reasonable that tls refers
to the ld_defconn, so I've modified ldap_tls_inplace() to refer to the
Sockbuf of ld_defconn, and used that test inside libldap tls code as well.
 The test can be performed from outside instead of delegating to the
library.

p.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it


    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

Prev by Date: Re: (ITS#3791) start_tls while chasing referrals
Next by Date: Re: (ITS#3928) Libtool relinks overlays with bad library paths during install target
Index(es):
- Chronological
- Thread