From: Julio Sánchez Fernández Date: Wed, 14 Jul 1999 19:44:18 +0000 (+0000) Subject: connection_init now takes one more argument that indicates whether to X-Git-Tag: OPENLDAP_REL_ENG_2_BP~133 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=6d75d0f8fbfefb77fb317c0133ed44e0504c7863;p=openldap connection_init now takes one more argument that indicates whether to use TLS right away or not on that connection. --- diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c index e8defc9674..bea96c20b0 100644 --- a/servers/slapd/connection.c +++ b/servers/slapd/connection.c @@ -50,6 +50,7 @@ static void connection_close( Connection *c ); static int connection_op_activate( Connection *conn, Operation *op ); static int connection_resched( Connection *conn ); static void connection_abandon( Connection *conn ); +static void connection_destroy( Connection *c ); struct co_arg { Connection *co_conn; @@ -271,7 +272,8 @@ static void connection_return( Connection *c ) long connection_init( ber_socket_t s, const char* name, - const char* addr) + const char* addr, + int use_tls) { unsigned long id; Connection *c; @@ -392,6 +394,21 @@ long connection_init( c->c_conn_state = SLAP_C_INACTIVE; c->c_struct_state = SLAP_C_USED; +#ifdef HAVE_TLS + if ( use_tls ) { + /* FIXME: >0 means incomplete read */ + if ( ldap_pvt_tls_accept( c->c_sb, NULL ) < 0 ) { + Debug( LDAP_DEBUG_ANY, + "connection_init(%d): TLS accept failed.\n", + s, 0, 0); + ldap_pvt_thread_mutex_unlock( &c->c_mutex ); + ldap_pvt_thread_mutex_unlock( &connections_mutex ); + connection_destroy( c ); + return -1; + } + } +#endif + ldap_pvt_thread_mutex_unlock( &c->c_mutex ); ldap_pvt_thread_mutex_unlock( &connections_mutex ); diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c index 53490b9927..ee09d97731 100644 --- a/servers/slapd/daemon.c +++ b/servers/slapd/daemon.c @@ -330,7 +330,7 @@ slapd_daemon_task( } } else { - if( connection_init( (ber_socket_t) 0, NULL, NULL ) ) { + if( connection_init( (ber_socket_t) 0, NULL, NULL, 0 ) ) { Debug( LDAP_DEBUG_ANY, "connection_init(%d) failed.\n", 0, 0, 0 ); @@ -579,7 +579,8 @@ slapd_daemon_task( } #endif /* HAVE_TCPD */ - if( (id = connection_init(s, client_name, client_addr)) < 0 ) { + if( (id = connection_init(s, client_name, client_addr, + listeners[l].use_tls)) < 0 ) { Debug( LDAP_DEBUG_ANY, "daemon: connection_init(%ld, %s, %s) failed.\n", (long) s, diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index bc628db77a..442f2f450a 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -144,7 +144,7 @@ int connections_timeout_idle LDAP_P((time_t)); long connection_init LDAP_P(( ber_socket_t s, - const char* name, const char* addr)); + const char* name, const char* addr, int use_tls)); void connection_closing LDAP_P(( Connection *c )); int connection_state_closing LDAP_P(( Connection *c ));