ITS#8484 - Fix MozNSS initialization

[openldap] / libraries / libldap / tls_m.c

diff --git a/libraries/libldap/tls_m.c b/libraries/libldap/tls_m.c
index 05850b08072fad696c8113a622e0811e7bf40282..f13dd2b18b824ff297f5c1954bfcaf1eadab2177 100644 (file)
--- a/libraries/libldap/tls_m.c
+++ b/libraries/libldap/tls_m.c
@@ -624,7 +624,7 @@ nss_parse_ciphers(const char *cipherstr, int cipher_list[ciphernum])
                                                 (ciphers_def[i].strength & strength) ||
                                                 (ciphers_def[i].version & protocol)) &&
                                                (cipher_list[i] != -1)) {
-                                               /* Enable the NULL ciphers only if explicity
+                                               /* Enable the NULL ciphers only if explicitly
                                                 * requested */
                                                if (ciphers_def[i].attr & SSL_eNULL) {
                                                        if (mask & SSL_eNULL)
@@ -1144,6 +1144,8 @@ tlsm_auth_cert_handler(void *arg, PRFileDesc *fd,
        return ret;
 }
 
+static PRCallOnceType tlsm_register_shutdown_callonce = {0,0};
+
 static SECStatus
 tlsm_nss_shutdown_cb( void *appData, void *nssData )
 {
@@ -1156,10 +1158,15 @@ tlsm_nss_shutdown_cb( void *appData, void *nssData )
                SECMOD_DestroyModule( pem_module );
                pem_module = NULL;
        }
+
+       /* init callonce so it can be armed again for cases like persistent daemon with LDAP_OPT_X_TLS_NEWCTX */
+       tlsm_register_shutdown_callonce.initialized = 0;
+       tlsm_register_shutdown_callonce.inProgress = 0;
+       tlsm_register_shutdown_callonce.status = 0;
+
        return rc;
 }
 
-static PRCallOnceType tlsm_register_shutdown_callonce = {0,0};
 static PRStatus PR_CALLBACK
 tlsm_register_nss_shutdown_cb( void )
 {
@@ -1592,7 +1599,7 @@ tlsm_get_certdb_prefix( const char *certdir, char **realcertdir, char **prefix )
 }
 
 /*
- * Currently mutiple MozNSS contexts share one certificate storage. When the
+ * Currently multiple MozNSS contexts share one certificate storage. When the
  * certdb is being opened, only new certificates are added to the storage.
  * When different databases are used, conflicting nicknames make the
  * certificate lookup by the nickname impossible. In addition a token
@@ -3386,6 +3393,7 @@ tls_impl ldap_int_tls_impl = {
        tlsm_session_version,
        tlsm_session_cipher,
        tlsm_session_peercert,
+       NULL,
 
        &tlsm_sbio,