Merge remote branch 'origin/mdb.master' into OPENLDAP_REL_ENG_2_4

[openldap] / libraries / libldap / tls_g.c

diff --git a/libraries/libldap/tls_g.c b/libraries/libldap/tls_g.c
index f5076cdb99c90b8389a4a74def8c08eb97e62227..40616f5e09baafe1541f4b439d65021aa37e5383 100644 (file)
--- a/libraries/libldap/tls_g.c
+++ b/libraries/libldap/tls_g.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2008-2010 The OpenLDAP Foundation.
+ * Copyright 2008-2012 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -14,7 +14,7 @@
  * <http://www.OpenLDAP.org/license.html>.
  */
 /* ACKNOWLEDGEMENTS: GNUTLS support written by Howard Chu and
- * Matt Backes; sponsored by The Written Word (thewrittenword.com)
+ * Emily Backes; sponsored by The Written Word (thewrittenword.com)
  * and Stanford University (stanford.edu).
  */
 
@@ -41,10 +41,6 @@
 #include "ldap-int.h"
 #include "ldap-tls.h"
 
-#ifdef LDAP_R_COMPILE
-#include <ldap_pvt_thread.h>
-#endif
-
 #include <gnutls/gnutls.h>
 #include <gnutls/x509.h>
 #include <gcrypt.h>
@@ -257,13 +253,9 @@ static void
 tlsg_ctx_ref( tls_ctx *ctx )
 {
        tlsg_ctx *c = (tlsg_ctx *)ctx;
-#ifdef LDAP_R_COMPILE
-       ldap_pvt_thread_mutex_lock( &c->ref_mutex );
-#endif
+       LDAP_MUTEX_LOCK( &c->ref_mutex );
        c->refcount++;
-#ifdef LDAP_R_COMPILE
-       ldap_pvt_thread_mutex_unlock( &c->ref_mutex );
-#endif
+       LDAP_MUTEX_UNLOCK( &c->ref_mutex );
 }
 
 static void
@@ -274,13 +266,9 @@ tlsg_ctx_free ( tls_ctx *ctx )
 
        if ( !c ) return;
 
-#ifdef LDAP_R_COMPILE
-       ldap_pvt_thread_mutex_lock( &c->ref_mutex );
-#endif
+       LDAP_MUTEX_LOCK( &c->ref_mutex );
        refcount = --c->refcount;
-#ifdef LDAP_R_COMPILE
-       ldap_pvt_thread_mutex_unlock( &c->ref_mutex );
-#endif
+       LDAP_MUTEX_UNLOCK( &c->ref_mutex );
        if ( refcount )
                return;
 #ifdef HAVE_CIPHERSUITES
@@ -542,9 +530,11 @@ tlsg_x509_cert_dn( struct berval *cert, struct berval *dn, int get_subject )
        ber_init2( ber, cert, LBER_USE_DER );
        tag = ber_skip_tag( ber, &len );        /* Sequence */
        tag = ber_skip_tag( ber, &len );        /* Sequence */
-       tag = ber_skip_tag( ber, &len );        /* Context + Constructed (version) */
-       if ( tag == 0xa0 )      /* Version is optional */
+       tag = ber_peek_tag( ber, &len );        /* Context + Constructed (version) */
+       if ( tag == 0xa0 ) {    /* Version is optional */
+               tag = ber_skip_tag( ber, &len );
                tag = ber_get_int( ber, &i );   /* Int: Version */
+       }
        tag = ber_skip_tag( ber, &len );        /* Int: Serial (can be longer than ber_int_t) */
        ber_skip_data( ber, len );
        tag = ber_skip_tag( ber, &len );        /* Sequence: Signature */
@@ -661,12 +651,8 @@ tlsg_session_chkhost( LDAP *ld, tls_session *session, const char *name_in )
        }
 
 #ifdef LDAP_PF_INET6
-       if (name[0] == '[' && strchr(name, ']')) {
-               char *n2 = ldap_strdup(name+1);
-               *strchr(n2, ']') = 0;
-               if (inet_pton(AF_INET6, n2, &addr))
-                       ntype = IS_IP6;
-               LDAP_FREE(n2);
+       if (inet_pton(AF_INET6, name, &addr)) {
+               ntype = IS_IP6;
        } else 
 #endif
        if ((ptr = strrchr(name, '.')) && isdigit((unsigned char)ptr[1])) {