ITS#6467, use memcpy instead for strcpy when copying across array

[openldap] / servers / slapd / starttls.c

diff --git a/servers/slapd/starttls.c b/servers/slapd/starttls.c
index 746bd76590a407bfa9170ef0feed95983215a87f..dd649f36fe6d8b52da7040273c518fa4ab9b24f7 100644 (file)
--- a/servers/slapd/starttls.c
+++ b/servers/slapd/starttls.c
@@ -1,31 +1,38 @@
 /* $OpenLDAP$ */
-/* 
- * Copyright 1999-2003 The OpenLDAP Foundation.
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2009 The OpenLDAP Foundation.
  * All rights reserved.
  *
- * Redistribution and use in source and binary forms are permitted only
- * as authorized by the OpenLDAP Public License.  A copy of this
- * license is available at http://www.OpenLDAP.org/license.html or
- * in file LICENSE in the top-level directory of the distribution.
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
  */
 
 #include "portable.h"
 
 #include <stdio.h>
 #include <ac/socket.h>
-
-#include <ldap_pvt.h>
+#include <ac/string.h>
 
 #include "slap.h"
+#include "lber_pvt.h"
 
-#ifdef HAVE_TLS
+const struct berval slap_EXOP_START_TLS = BER_BVC(LDAP_EXOP_START_TLS);
 
+#ifdef HAVE_TLS
 int
 starttls_extop ( Operation *op, SlapReply *rs )
 {
-       void *ctx;
        int rc;
 
+       Statslog( LDAP_DEBUG_STATS, "%s STARTTLS\n",
+           op->o_log_prefix, 0, 0, 0, 0 );
+
        if ( op->ore_reqdata != NULL ) {
                /* no request data should be provided */
                rs->sr_text = "no request data expected";
@@ -57,8 +64,8 @@ starttls_extop ( Operation *op, SlapReply *rs )
                ( op->o_conn->c_dn.bv_len != 0 ) )
        {
                Statslog( LDAP_DEBUG_STATS,
-                       "conn=%lu op=%lu AUTHZ anonymous mech=starttls ssf=0",
-                       op->o_connid, op->o_opid, 0, 0, 0 );
+                       "%s AUTHZ anonymous mech=starttls ssf=0\n",
+                       op->o_log_prefix, 0, 0, 0, 0 );
 
                /* force to anonymous */
                connection2anonymous( op->o_conn );
@@ -73,9 +80,7 @@ starttls_extop ( Operation *op, SlapReply *rs )
        }
 
        /* fail if TLS could not be initialized */
-       if (ldap_pvt_tls_get_option( NULL, LDAP_OPT_X_TLS_CTX, &ctx ) != 0
-               || ctx == NULL)
-       {
+       if ( slap_tls_ctx == NULL ) {
                if (default_referral != NULL) {
                        /* caller will put the referral in the result */
                        rc = LDAP_REFERRAL;
@@ -96,8 +101,7 @@ done:
        /* give up connection lock */
        ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
 
-       /*
-        * RACE CONDITION: we give up lock before sending result
+       /* FIXME: RACE CONDITION! we give up lock before sending result
         * Should be resolved by reworking connection state, not
         * by moving send here (so as to ensure proper TLS sequencing)
         */