From: Howard Chu <hyc@openldap.org>
Date: Sun, 15 Nov 2009 22:39:35 +0000 (+0000)
Subject: ITS#6304 retry if tls_accept() returns 1
X-Git-Tag: ACLCHECK_0~110
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=99381a43e12d9ea051dce6f1b037e867e76931d1;p=openldap

ITS#6304 retry if tls_accept() returns 1
---

diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c
index 43faf736a5..80edfb0fd0 100644
--- a/servers/slapd/connection.c
+++ b/servers/slapd/connection.c
@@ -1380,6 +1380,11 @@ connection_read( ber_socket_t s, conn_readinfo *cri )
 			    c->c_connid, (int) s, c->c_tls_ssf, c->c_ssf, 0 );
 			slap_sasl_external( c, c->c_tls_ssf, &authid );
 			if ( authid.bv_val ) free( authid.bv_val );
+		} else if ( rc == 1 ) {	/* need to retry */
+			slapd_set_read( s, 0 );
+			slapd_set_write( s, 1 );
+			connection_return( c );
+			return 0;
 		}
 
 		/* if success and data is ready, fall thru to data input loop */
@@ -1879,6 +1884,14 @@ int connection_write(ber_socket_t s)
 		return -1;
 	}
 
+#ifdef HAVE_TLS
+	if ( c->c_is_tls && c->c_needs_tls_accept ) {
+		connection_return( c );
+		connection_read_activate( s );
+		return 0;
+	}
+#endif
+
 	c->c_n_write++;
 
 	Debug( LDAP_DEBUG_TRACE,