if ( err < 0 )
{
- char buf[256];
if ( update_flags( sb, ssl, err )) return 1;
- Debug( LDAP_DEBUG_ANY,"TLS: can't accept: %s.\n",
- tls_imp->ti_session_errmsg( err, buf, sizeof(buf) ),0,0 );
+ if ( DebugTest( LDAP_DEBUG_ANY ) ) {
+ char buf[256], *msg;
+ msg = tls_imp->ti_session_errmsg( err, buf, sizeof(buf) );
+ Debug( LDAP_DEBUG_ANY,"TLS: can't accept: %s.\n",
+ msg ? msg : "(unknown)", 0, 0 );
+ }
ber_sockbuf_remove_io( sb, tls_imp->ti_sbio,
LBER_SBIOD_LEVEL_TRANSPORT );
case LDAP_OPT_X_TLS_PROTOCOL_MIN:
*(int *)arg = lo->ldo_tls_protocol_min;
break;
-#ifdef HAVE_OPENSSL
- case LDAP_OPT_X_TLS_RANDOM_FILE: /* OpenSSL only */
+ case LDAP_OPT_X_TLS_RANDOM_FILE:
*(char **)arg = lo->ldo_tls_randfile ?
LDAP_STRDUP( lo->ldo_tls_randfile ) : NULL;
break;
-#endif
case LDAP_OPT_X_TLS_SSL_CTX: {
void *retval = 0;
if ( ld != NULL ) {
if ( !arg ) return -1;
lo->ldo_tls_protocol_min = *(int *)arg;
return 0;
-#ifdef HAVE_OPENSSL
- case LDAP_OPT_X_TLS_RANDOM_FILE: /* OpenSSL only */
+ case LDAP_OPT_X_TLS_RANDOM_FILE:
if ( ld != NULL )
return -1;
if ( lo->ldo_tls_randfile ) LDAP_FREE (lo->ldo_tls_randfile );
lo->ldo_tls_randfile = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
break;
-#endif
case LDAP_OPT_X_TLS_NEWCTX:
if ( !arg ) return -1;
if ( lo->ldo_tls_ctx )
struct berval der_dn;
int rc;
- tls_imp->ti_session_my_dn( session, &der_dn );
- rc = ldap_X509dn2bv(&der_dn, dn, (LDAPDN_rewrite_func *)func, flags );
+ rc = tls_imp->ti_session_my_dn( session, &der_dn );
+ if ( rc == LDAP_SUCCESS )
+ rc = ldap_X509dn2bv(&der_dn, dn, (LDAPDN_rewrite_func *)func, flags );
return rc;
}
#endif /* HAVE_TLS */