[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4726) ldap_pvt_tls_init not called when new CTX requested



Full_Name: Eric Covener
Version: 2.4.3
OS: ppc linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (129.33.49.251)


I'm using 2.4.3 and trying to set SSL client certificates on a per-connection
basis.  

A call to ldap_set_option(ld, LDAP_OPT_X_TLS_NEWCTX, &newctx) fails in my simple
test application because ldap_pvt_tls_init hasn't had a chance to call
SSLeay_add_ssl_algorithms() yet.

I'm not familiar enough w/ openldap to track down how this path occurs, but it
seems like the code in tls.c that handles the SSL_CTX_new() in the event of
LDAP_OPT_X_TLS_NEWCTX should make sure the initializer has been run by calling
ldap_pvt_tls_init()

(My simple test app works when I add SSLeay_add_ssl_algorithms() before
ldap_set_option).  The failure without the call is 

TLS: could not allocate default ctx (336236705).