fix substring_comp_candidates logic if intersection of candidates

[openldap] / servers / slapd / connection.c

diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c
index dbae86bd30129d453f071398347095433d1fcc5f..b05c8fbf0a8b2c7077d50e2275c24f11d6a7e8f9 100644 (file)
--- a/servers/slapd/connection.c
+++ b/servers/slapd/connection.c
@@ -50,6 +50,7 @@ static void connection_close( Connection *c );
 static int connection_op_activate( Connection *conn, Operation *op );
 static int connection_resched( Connection *conn );
 static void connection_abandon( Connection *conn );
+static void connection_destroy( Connection *c );
 
 struct co_arg {
        Connection      *co_conn;
@@ -271,7 +272,8 @@ static void connection_return( Connection *c )
 long connection_init(
        ber_socket_t s,
        const char* name,
-       const char* addr)
+       const char* addr,
+       int use_tls)
 {
        unsigned long id;
        Connection *c;
@@ -392,6 +394,11 @@ long connection_init(
     c->c_conn_state = SLAP_C_INACTIVE;
     c->c_struct_state = SLAP_C_USED;
 
+    if ( use_tls ) {
+           c->c_is_tls = 1;
+           c->c_needs_tls_accept = 1;
+    }
+
     ldap_pvt_thread_mutex_unlock( &c->c_mutex );
     ldap_pvt_thread_mutex_unlock( &connections_mutex );
 
@@ -414,6 +421,7 @@ connection_destroy( Connection *c )
     backend_connection_destroy(c);
 
     c->c_protocol = 0;
+    c->c_connid = -1;
 
     c->c_activitytime = c->c_starttime = 0;
 
@@ -681,18 +689,22 @@ connection_operation( void *arg_v )
                rc = do_abandon( conn, arg->co_op );
                break;
 
-#if 0
        case LDAP_REQ_EXTENDED:
                rc = do_extended( conn, arg->co_op );
                break;
-#endif
 
        default:
-               Debug( LDAP_DEBUG_ANY, "unknown request 0x%lx\n",
-                   arg->co_op->o_tag, 0, 0 );
+               Debug( LDAP_DEBUG_ANY, "unknown LDAP request 0x%lx\n",
+                   tag, 0, 0 );
+               arg->co_op->o_tag = LBER_ERROR;
+               send_ldap_disconnect( conn, arg->co_op,
+                       LDAP_PROTOCOL_ERROR, "unknown LDAP request" );
+               rc = -1;
                break;
        }
 
+       if( rc == -1 ) tag = LBER_ERROR;
+
        ldap_pvt_thread_mutex_lock( &num_ops_mutex );
        num_ops_completed++;
        ldap_pvt_thread_mutex_unlock( &num_ops_mutex );
@@ -710,6 +722,7 @@ connection_operation( void *arg_v )
        arg = NULL;
 
        switch( tag ) {
+       case LBER_ERROR:
        case LDAP_REQ_UNBIND:
                /* c_mutex is locked */
                connection_closing( conn );
@@ -774,6 +787,27 @@ int connection_read(ber_socket_t s)
                "connection_read(%d): checking for input on id=%ld\n",
                s, c->c_connid, 0 );
 
+#ifdef HAVE_TLS
+       if ( c->c_is_tls && c->c_needs_tls_accept ) {
+               rc = ldap_pvt_tls_accept( c->c_sb, NULL );
+               if ( rc < 0 ) {
+                       Debug( LDAP_DEBUG_TRACE,
+                              "connection_read(%d): TLS accept error error=%d id=%ld, closing.\n",
+                              s, rc, c->c_connid );
+
+                       c->c_needs_tls_accept = 0;
+                       /* connections_mutex and c_mutex are locked */
+                       connection_closing( c );
+                       connection_close( c );
+               } else if ( rc == 0 ) {
+                       c->c_needs_tls_accept = 0;
+               }
+               connection_return( c );
+               ldap_pvt_thread_mutex_unlock( &connections_mutex );
+               return 0;
+       }
+#endif
+
 #define CONNECTION_INPUT_LOOP 1
 
 #ifdef DATA_READY_LOOP
@@ -957,6 +991,7 @@ static int connection_op_activate( Connection *conn, Operation *op )
        arg->co_op->o_ndn = dn_normalize_case( ch_strdup( arg->co_op->o_dn ) );
 
        arg->co_op->o_protocol = conn->c_protocol;
+       arg->co_op->o_connid = conn->c_connid;
 
        arg->co_op->o_authtype = conn->c_authtype;
        arg->co_op->o_authmech = conn->c_authmech != NULL