From d67a2f20449b82c8a7b1a3b43e011ad7c0c750b6 Mon Sep 17 00:00:00 2001 From: Howard Chu Date: Sat, 5 Nov 2005 12:49:43 +0000 Subject: [PATCH] Move lconn_tls_ctx to ldo_tls_ctx. Otherwise clients cannot set it after ldap_initializ'ing an LD and before connecting on it. Really all of the global TLS options belong in the ldapoptions struct, instead of static vars. --- libraries/libldap/ldap-int.h | 6 ++---- libraries/libldap/tls.c | 13 +++++++------ 2 files changed, 9 insertions(+), 10 deletions(-) diff --git a/libraries/libldap/ldap-int.h b/libraries/libldap/ldap-int.h index ba6e98a6dc..533ef35296 100644 --- a/libraries/libldap/ldap-int.h +++ b/libraries/libldap/ldap-int.h @@ -169,6 +169,8 @@ struct ldapoptions { ber_int_t ldo_sizelimit; #ifdef HAVE_TLS + /* tls context */ + void *ldo_tls_ctx; int ldo_tls_mode; LDAP_TLS_CONNECT_CB *ldo_tls_connect_cb; void* ldo_tls_connect_arg; @@ -210,10 +212,6 @@ struct ldapoptions { */ typedef struct ldap_conn { Sockbuf *lconn_sb; -#ifdef HAVE_TLS - /* tls context */ - void *lconn_tls_ctx; -#endif #ifdef HAVE_CYRUS_SASL void *lconn_sasl_authctx; /* context for bind */ void *lconn_sasl_sockctx; /* for security layer */ diff --git a/libraries/libldap/tls.c b/libraries/libldap/tls.c index c03c8446a8..8cff2aa207 100644 --- a/libraries/libldap/tls.c +++ b/libraries/libldap/tls.c @@ -764,8 +764,10 @@ ldap_int_tls_connect( LDAP *ld, LDAPConn *conn ) } else { struct ldapoptions *lo; - void *ctx = ld->ld_defconn - ? ld->ld_defconn->lconn_tls_ctx : NULL; + void *ctx; + + lo = &ld->ld_options; + ctx = lo->ldo_tls_ctx; ssl = alloc_handle( ctx ); @@ -780,9 +782,8 @@ ldap_int_tls_connect( LDAP *ld, LDAPConn *conn ) if( ctx == NULL ) { ctx = tls_def_ctx; - conn->lconn_tls_ctx = tls_def_ctx; + lo->ldo_tls_ctx = ctx; } - lo = &ld->ld_options; if ( lo->ldo_tls_connect_cb ) lo->ldo_tls_connect_cb( ld, ssl, ctx, lo->ldo_tls_connect_arg ); lo = LDAP_INT_GLOBAL_OPT(); @@ -1245,7 +1246,7 @@ ldap_pvt_tls_get_option( LDAP *ld, int option, void *arg ) if ( ld == NULL ) { *(void **)arg = (void *) tls_def_ctx; } else { - *(void **)arg = ld->ld_defconn->lconn_tls_ctx; + *(void **)arg = lo->ldo_tls_ctx; } break; case LDAP_OPT_X_TLS_CACERTFILE: @@ -1347,7 +1348,7 @@ ldap_pvt_tls_set_option( LDAP *ld, int option, void *arg ) tls_def_ctx = (SSL_CTX *) arg; } else { - ld->ld_defconn->lconn_tls_ctx = arg; + lo->ldo_tls_ctx = arg; } return 0; case LDAP_OPT_X_TLS_CONNECT_CB: -- 2.39.5