void
ldap_int_tls_destroy( struct ldapoptions *lo )
{
- SSL_CTX_free( lo->ldo_tls_ctx );
- lo->ldo_tls_ctx = NULL;
+ if ( lo->ldo_tls_ctx ) {
+ SSL_CTX_free( lo->ldo_tls_ctx );
+ lo->ldo_tls_ctx = NULL;
+ }
if ( lo->ldo_tls_certfile ) {
LDAP_FREE( lo->ldo_tls_certfile );
void
ldap_pvt_tls_destroy( void )
{
+ struct ldapoptions *lo = LDAP_INT_GLOBAL_OPT();
+
+ ldap_int_tls_destroy( lo );
+
EVP_cleanup();
ERR_remove_state(0);
ERR_free_strings();
break;
case LDAP_OPT_X_TLS_CTX:
*(void **)arg = lo->ldo_tls_ctx;
+ if ( lo->ldo_tls_ctx ) {
+ SSL_CTX *ctx = lo->ldo_tls_ctx;
+ CRYPTO_add( &ctx->references, 1, CRYPTO_LOCK_SSL_CTX );
+ }
break;
case LDAP_OPT_X_TLS_CACERTFILE:
*(char **)arg = lo->ldo_tls_cacertfile ?
return -1;
case LDAP_OPT_X_TLS_CTX:
+ if ( lo->ldo_tls_ctx )
+ SSL_CTX_free( lo->ldo_tls_ctx );
lo->ldo_tls_ctx = arg;
return 0;
case LDAP_OPT_X_TLS_CONNECT_CB:
case LDAP_OPT_X_TLS_NEWCTX:
if ( !arg ) return -1;
+ if ( lo->ldo_tls_ctx )
+ SSL_CTX_free( lo->ldo_tls_ctx );
lo->ldo_tls_ctx = NULL;
return ldap_int_tls_init_ctx( lo, *(int *)arg );
default: