From: Howard Chu <hyc@openldap.org>
Date: Fri, 30 Aug 2013 19:18:55 +0000 (-0700)
Subject: ITS#7676,7677 don't leak libldap err codes
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=b03ce7af6c5ab108867c5e85b867eee7dcba7224;p=openldap

ITS#7676,7677 don't leak libldap err codes
---

diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
index 8c823f208d..c760a98e2e 100644
--- a/servers/slapd/bconfig.c
+++ b/servers/slapd/bconfig.c
@@ -4027,6 +4027,7 @@ config_tls_cleanup(ConfigArgs *c) {
 		int opt = 1;
 
 		ldap_pvt_tls_ctx_free( slap_tls_ctx );
+		slap_tls_ctx = NULL;
 
 		/* Force new ctx to be created */
 		rc = ldap_pvt_tls_set_option( slap_tls_ld, LDAP_OPT_X_TLS_NEWCTX, &opt );
@@ -4035,6 +4036,11 @@ config_tls_cleanup(ConfigArgs *c) {
 			ldap_pvt_tls_get_option( slap_tls_ld, LDAP_OPT_X_TLS_CTX, &slap_tls_ctx );
 			/* This is a no-op if it's already loaded */
 			load_extop( &slap_EXOP_START_TLS, 0, starttls_extop );
+		} else {
+			if ( rc == LDAP_NOT_SUPPORTED )
+				rc = LDAP_UNWILLING_TO_PERFORM;
+			else
+				rc = LDAP_OTHER;
 		}
 	}
 	return rc;