Full_Name: kobi beifus Version: 2.4.39 OS: Linux URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (195.110.40.242) Hi, I implemented a program that does the following: rc = ldap_initialize(ld, uri); if (rc != LDAP_SUCCESS) { return LOGIN_FAILURE_LDAP_SERVER_UNREACHABLE; } struct timeval tv = { .tv_sec = self->timeout, .tv_usec 0 0 }; int version = LDAP_VERSION3; ldap_set_option(*ld, LDAP_OPT_NETWORK_TIMEOUT, &tv); ldap_set_option(*ld, LDAP_OPT_PROTOCOL_VERSION, &version); ldap_set_option(*ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); if (self->ssl) { //int zero = 0; int tls_minimum_version = LDAP_OPT_X_TLS_PROTOCOL_TLS1_0; ldap_set_option(*ld, LDAP_OPT_X_TLS_PROTOCOL_MIN, &tls_minimum_version); ldap_set_option(*ld, LDAP_OPT_X_TLS_CACERTFILE, "/var/ldap/ldap.pem"); //ldap_set_option(*ld, LDAP_OPT_X_TLS_NEWCTX, &zero); } rc = ldap_sasl_bind_s(*ld, credentials_username, NULL, &credentials, NULL, NULL, NULL); When I updated the ldap.pem while the program is running, and try to established new LDAP connection, it is not connecting with the updated pem file and failed in ldap_sasl_bind_s. With version 20, set option LDAP_OPT_X_TLS_NEWCTX was added and it worked. However, when I added it to version 2.4.39, it failed. It looks like LDAP_OPT_X_TLS_NEWCTX doesn't work on 2.4.39 while the process is not ended and trying to connect several connections.
published 8410 marked public
*** Issue 8403 has been marked as a duplicate of this issue. ***