From: Howard Chu <hyc@openldap.org>
Date: Wed, 19 Nov 2003 09:25:56 +0000 (+0000)
Subject: ITS#2570 - don't permanently give up on TLS due to transient failures
X-Git-Tag: OPENLDAP_REL_ENG_2_1_MP~428
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=d31a3fb98130af9773b8db5775011d2366c4b37a;p=openldap

ITS#2570 - don't permanently give up on TLS due to transient failures
---

diff --git a/servers/slurpd/ldap_op.c b/servers/slurpd/ldap_op.c
index a5308058dc..879932f806 100644
--- a/servers/slurpd/ldap_op.c
+++ b/servers/slurpd/ldap_op.c
@@ -763,6 +763,7 @@ do_bind(
 )
 {
     int		ldrc;
+    int		do_tls = ri->ri_tls;
 
     *lderr = 0;
 
@@ -885,7 +886,7 @@ retry:
 	}
 	ldap_set_option(ri->ri_ldp, LDAP_OPT_RESTART, LDAP_OPT_ON);
 
-	if( ri->ri_tls ) {
+	if( do_tls ) {
 		int err = ldap_start_tls_s(ri->ri_ldp, NULL, NULL);
 
 		if( err != LDAP_SUCCESS ) {
@@ -907,7 +908,7 @@ retry:
 				ri->ri_ldp = NULL;
 				return BIND_ERR_TLS_FAILED;
 			}
-			ri->ri_tls = TLS_OFF;
+			do_tls = TLS_OFF;
 			goto retry;
 		}
 	}