Hi, Please read:
<https://www.openldap.org/devel/contributing.html> and re-submit the patch accordingly. Please do not use HTML email. Thanks! --On Tuesday, January 29, 2019 6:05 AM +0000 [email protected] wrote: > <html> > <head> > > <meta http-equiv="content-type" content="text/html; charset=UTF-8"> > </head> > <body text="#000000" bgcolor="#FFFFFF"> > <p><font face="Calibri">I reviewed some of the initial discussion > about this same issue which lead to this fix in version 2.4.26, > "</font>Fixed libldap ASYNC TLS setup (ITS#6828)", and looked at > the code that Ian Puleston suggested should be fixed in > ldap_int_open_connection. This routine does have the code to do > what was need for TSL to work but was not called since it received > an error code of -2 not 0. The -2 simply indicated that this was > an asynchronous call. I changed the test to call the TSL setup if > the return code was either 0 or -2. This fixes my issue. Here is > my patch.</p> > <p>--- openldap-2.4.47/libraries/libldap/open.c?????? 2018-12-19 > 10:57:06.000000000 -0500<br> > +++ openldap-2.4.47.mod/libraries/libldap/open.c?????? 2019-01-26 > 18:24:48.000000000 -0500<br> > @@ -440,7 +440,7 @@<br> > ??#endif<br> > ??<br> > ??#ifdef HAVE_TLS<br> > -?????? if (rc == 0 && ( ld->ld_options.ldo_tls_mode == > LDAP_OPT_X_TLS_HARD ||<br> > +?????? if ((rc == 0 || rc == -2) && ( > ld->ld_options.ldo_tls_mode == LDAP_OPT_X_TLS_HARD ||<br> > ???????? ?????? strcmp( srv->lud_scheme, "ldaps" ) == 0 ))<br> > ???????? {<br> > ???????? ?????? ++conn->lconn_refcnt;?????? /* avoid premature > free */<br> </p> > <p><font face="Arial,Verdana,Helvetica">Thanks,<br> > Vern</font><br> > <font face="Arial,Verdana,Helvetica"></font></p> > </body> > </html> > > > -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>
