ITS#6355

diff --git a/CHANGES b/CHANGES
index ef981c9280599474c622bba2ebd4b9a390ca86a7..03089f77347e3619a34afca06583672661d61e8e 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,7 @@
 OpenLDAP 2.4 Change Log
 
 OpenLDAP 2.4.20 Engineering
+       Fixed libldap uninitialized return value (ITS#6355)
        Fixed slapd debug handling of LDAP_DEBUG_ANY (ITS#6324)
 
 OpenLDAP 2.4.19 Release (2009/10/06)

diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c
index 4d08272a21b1aa4ca456405f33da8d9cec0d5da3..dcae8f28947d1b4f4c54450bafa66f37d30fe61a 100644 (file)
--- a/libraries/libldap/tls_o.c
+++ b/libraries/libldap/tls_o.c
@@ -1081,6 +1081,7 @@ tlso_tmp_rsa_cb( SSL *ssl, int is_export, int key_length )
        /* FIXME:  Who frees the key? */
 #if OPENSSL_VERSION_NUMBER > 0x00908000
        BIGNUM *bn = BN_new();
+       tmp_rsa = NULL;
        if ( bn ) {
                if ( BN_set_word( bn, RSA_F4 )) {
                        tmp_rsa = RSA_new();
@@ -1090,8 +1091,6 @@ tlso_tmp_rsa_cb( SSL *ssl, int is_export, int key_length )
                        }
                }
                BN_free( bn );
-       } else {
-               tmp_rsa = NULL;
        }
 #else
        tmp_rsa = RSA_generate_key( key_length, RSA_F4, NULL, NULL );
@@ -1101,7 +1100,6 @@ tlso_tmp_rsa_cb( SSL *ssl, int is_export, int key_length )
                Debug( LDAP_DEBUG_ANY,
                        "TLS: Failed to generate temporary %d-bit %s RSA key\n",
                        key_length, is_export ? "export" : "domestic", 0 );
-               return NULL;
        }
        return tmp_rsa;
 }