use TLS right away or not on that connection.
static int connection_op_activate( Connection *conn, Operation *op );
static int connection_resched( Connection *conn );
static void connection_abandon( Connection *conn );
+static void connection_destroy( Connection *c );
struct co_arg {
Connection *co_conn;
long connection_init(
ber_socket_t s,
const char* name,
- const char* addr)
+ const char* addr,
+ int use_tls)
{
unsigned long id;
Connection *c;
c->c_conn_state = SLAP_C_INACTIVE;
c->c_struct_state = SLAP_C_USED;
+#ifdef HAVE_TLS
+ if ( use_tls ) {
+ /* FIXME: >0 means incomplete read */
+ if ( ldap_pvt_tls_accept( c->c_sb, NULL ) < 0 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "connection_init(%d): TLS accept failed.\n",
+ s, 0, 0);
+ ldap_pvt_thread_mutex_unlock( &c->c_mutex );
+ ldap_pvt_thread_mutex_unlock( &connections_mutex );
+ connection_destroy( c );
+ return -1;
+ }
+ }
+#endif
+
ldap_pvt_thread_mutex_unlock( &c->c_mutex );
ldap_pvt_thread_mutex_unlock( &connections_mutex );
}
} else {
- if( connection_init( (ber_socket_t) 0, NULL, NULL ) ) {
+ if( connection_init( (ber_socket_t) 0, NULL, NULL, 0 ) ) {
Debug( LDAP_DEBUG_ANY,
"connection_init(%d) failed.\n",
0, 0, 0 );
}
#endif /* HAVE_TCPD */
- if( (id = connection_init(s, client_name, client_addr)) < 0 ) {
+ if( (id = connection_init(s, client_name, client_addr,
+ listeners[l].use_tls)) < 0 ) {
Debug( LDAP_DEBUG_ANY,
"daemon: connection_init(%ld, %s, %s) failed.\n",
(long) s,
long connection_init LDAP_P((
ber_socket_t s,
- const char* name, const char* addr));
+ const char* name, const char* addr, int use_tls));
void connection_closing LDAP_P(( Connection *c ));
int connection_state_closing LDAP_P(( Connection *c ));
projects / openldap / commitdiff