From: Quanah Gibson-Mount Date: Tue, 2 Jun 2009 23:50:12 +0000 (+0000) Subject: ITS#6135 X-Git-Tag: OPENLDAP_REL_ENG_2_4_17~84 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=57d49f4e4ac81230ea06ba7db374a4644f5ab956;p=openldap ITS#6135 --- diff --git a/CHANGES b/CHANGES index 1f47c42212..ae30ea7f1c 100644 --- a/CHANGES +++ b/CHANGES @@ -17,6 +17,7 @@ OpenLDAP 2.4.17 Engineering Fixed slapd readonly restrictions (ITS#6109) Fixed slapd sending cancelled operations results (ITS#6103) Fixed slapd sockets usage on windows (ITS#6039) + Fixed slapd tls context after changes (ITS#6135) Fixed slapd-hdb freeing of already freed entries (ITS#6074) Fixed slapd-hdb entryinfo cleanup (ITS#6088) Fixed slapd-hdb dncache lockups (ITS#6095) diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c index c598b94cc0..d78ae6176d 100644 --- a/servers/slapd/bconfig.c +++ b/servers/slapd/bconfig.c @@ -3189,6 +3189,27 @@ config_include(ConfigArgs *c) { } #ifdef HAVE_TLS +static int +config_tls_cleanup(ConfigArgs *c) { + int rc = 0; + + if ( slap_tls_ld ) { + int opt = 1; + + ldap_pvt_tls_ctx_free( slap_tls_ctx ); + + /* Force new ctx to be created */ + rc = ldap_pvt_tls_set_option( slap_tls_ld, LDAP_OPT_X_TLS_NEWCTX, &opt ); + if( rc == 0 ) { + /* The ctx's refcount is bumped up here */ + ldap_pvt_tls_get_option( slap_tls_ld, LDAP_OPT_X_TLS_CTX, &slap_tls_ctx ); + /* This is a no-op if it's already loaded */ + load_extop( &slap_EXOP_START_TLS, 0, starttls_extop ); + } + } + return rc; +} + static int config_tls_option(ConfigArgs *c) { int flag; @@ -3212,9 +3233,11 @@ config_tls_option(ConfigArgs *c) { if (c->op == SLAP_CONFIG_EMIT) { return ldap_pvt_tls_get_option( ld, flag, &c->value_string ); } else if ( c->op == LDAP_MOD_DELETE ) { + c->cleanup = config_tls_cleanup; return ldap_pvt_tls_set_option( ld, flag, NULL ); } ch_free(c->value_string); + c->cleanup = config_tls_cleanup; return(ldap_pvt_tls_set_option(ld, flag, c->argv[1])); } @@ -3236,9 +3259,11 @@ config_tls_config(ConfigArgs *c) { return slap_tls_get_config( slap_tls_ld, flag, &c->value_string ); } else if ( c->op == LDAP_MOD_DELETE ) { int i = 0; + c->cleanup = config_tls_cleanup; return ldap_pvt_tls_set_option( slap_tls_ld, flag, &i ); } ch_free( c->value_string ); + c->cleanup = config_tls_cleanup; if ( isdigit( (unsigned char)c->argv[1][0] ) ) { if ( lutil_atoi( &i, c->argv[1] ) != 0 ) { Debug(LDAP_DEBUG_ANY, "%s: "