[Date Prev][Date Next] [Chronological] [Thread] [Top]

bug in libldap/tls.c:ldap_start_tls_s() (ITS#685)



Full_Name: Art Corcoran
Version: 2.0 gamma
OS: Solaris and NT
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (12.22.53.83)


In libldap/tls.c, the method ldap_start_tls_s() has this statement:

   if (ldap_pvt_tls_inplace(lc->lconn_sb) != 0)
      return LDAP_OPERATIONS_ERROR;

The error is returned if the function returns anything but zero.  However, the
function returns one if TLS is working OK and zero if it is not.  So the bug is
that if TLS is working at this point of the code, the statement will return the
operations error.  

The statement should be as follows:

   if (ldap_pvt_tls_inplace(lc->lconn_sb) == 0)
      return LDAP_OPERATIONS_ERROR;