#ifdef HAVE_TLS
if ( c->c_is_tls && c->c_needs_tls_accept ) {
- rc = ldap_pvt_tls_accept( c->c_sb, NULL );
+ rc = ldap_pvt_tls_accept( c->c_sb, slap_tls_ctx );
if ( rc < 0 ) {
#if 0 /* required by next #if 0 */
struct timeval tv;
static int check = CHECK_NONE;
static int version = 0;
+void *slap_tls_ctx;
+
static void
usage( char *name )
{
goto destroy;
}
- rc = ldap_pvt_tls_init_def_ctx();
- if( rc != 0) {
+ {
+ void *def_ctx = NULL;
+
+ /* Save existing default ctx, if any */
+ ldap_pvt_tls_get_option( NULL, LDAP_OPT_X_TLS_CTX, &def_ctx );
+
+ /* Force new ctx to be created */
+ ldap_pvt_tls_set_option( NULL, LDAP_OPT_X_TLS_CTX, NULL );
+
+ rc = ldap_pvt_tls_init_def_ctx();
+ if( rc != 0) {
#ifdef NEW_LOGGING
- LDAP_LOG( SLAPD, CRIT, "main: tls init def ctx failed: %d\n", rc, 0, 0 );
+ LDAP_LOG( SLAPD, CRIT, "main: tls init def ctx failed: %d\n", rc, 0, 0 );
#else
- Debug( LDAP_DEBUG_ANY,
- "main: TLS init def ctx failed: %d\n",
- rc, 0, 0 );
+ Debug( LDAP_DEBUG_ANY,
+ "main: TLS init def ctx failed: %d\n",
+ rc, 0, 0 );
#endif
- rc = 1;
- SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 20 );
- goto destroy;
+ rc = 1;
+ SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 20 );
+ goto destroy;
+ }
+ /* Retrieve slapd's own ctx */
+ ldap_pvt_tls_get_option( NULL, LDAP_OPT_X_TLS_CTX, &slap_tls_ctx );
+ /* Restore previous ctx */
+ ldap_pvt_tls_set_option( NULL, LDAP_OPT_X_TLS_CTX, def_ctx );
}
#endif
projects / openldap / commitdiff