/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2004 The OpenLDAP Foundation.
+ * Copyright 1998-2005 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
if ((err = ERR_peek_error())) {
char buf[256];
+
+ if (ld->ld_error ) {
+ LDAP_FREE( ld->ld_error );
+ }
ld->ld_error = LDAP_STRDUP(ERR_error_string(err, buf));
#ifdef HAVE_EBCDIC
if ( ld->ld_error ) __etoa(ld->ld_error);
"TLS: unable to get common name from peer certificate.\n",
0, 0, 0 );
#endif
- ret = LDAP_CONNECT_ERROR;
+ ret = LDAP_CONNECT_ERROR;
+ if (ld->ld_error ) {
+ LDAP_FREE( ld->ld_error );
+ }
ld->ld_error = LDAP_STRDUP(
_("TLS: unable to get CN from peer certificate"));
if( ret == LDAP_LOCAL_ERROR ) {
#ifdef NEW_LOGGING
- LDAP_LOG ( TRANSPORT, ERR, "ldap_pvt_tls_check_hostname: "
- "TLS hostname (%s) does not match "
- "common name in certificate (%s).\n", name, buf, 0 );
+ LDAP_LOG ( TRANSPORT, ERR, "ldap_pvt_tls_check_hostname: "
+ "TLS hostname (%s) does not match "
+ "common name in certificate (%s).\n", name, buf, 0 );
#else
- Debug( LDAP_DEBUG_ANY, "TLS: hostname (%s) does not match "
- "common name in certificate (%s).\n",
- name, buf, 0 );
+ Debug( LDAP_DEBUG_ANY, "TLS: hostname (%s) does not match "
+ "common name in certificate (%s).\n",
+ name, buf, 0 );
#endif
- ret = LDAP_CONNECT_ERROR;
- ld->ld_error = LDAP_STRDUP(
- _("TLS: hostname does not match CN in peer certificate"));
+ ret = LDAP_CONNECT_ERROR;
+ if (ld->ld_error ) {
+ LDAP_FREE( ld->ld_error );
+ }
+ ld->ld_error = LDAP_STRDUP(
+ _("TLS: hostname does not match CN in peer certificate"));
}
}
X509_free(x);
case LDAP_OPT_X_TLS_CERTFILE:
case LDAP_OPT_X_TLS_KEYFILE:
case LDAP_OPT_X_TLS_RANDOM_FILE:
+ case LDAP_OPT_X_TLS_CIPHER_SUITE:
return ldap_pvt_tls_set_option( ld, option, (void *) arg );
case LDAP_OPT_X_TLS_REQUIRE_CERT: