upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-21 15:19:34 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

ITS#6828 fix TLS setup with async connect

Browse source
This commit is contained in:
Howard Chu 2011-06-08 18:27:54 -07:00
parent c0aec23bde
commit 33f3de77f1
4 changed files with 47 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
libraries/libldap/cyrus.c
View file

@ -434,6 +434,10 @@ ldap_int_sasl_bind(
} }
} }
} }
if ( rc == 0 && ld->ld_defconn &&
ld->ld_defconn->lconn_status == LDAP_CONNST_CONNECTING ) {
rc = ldap_int_check_async_open( ld, sd );
}
LDAP_MUTEX_UNLOCK( &ld->ld_conn_mutex ); LDAP_MUTEX_UNLOCK( &ld->ld_conn_mutex );
if( rc != 0 ) return ld->ld_errno; if( rc != 0 ) return ld->ld_errno;

1
libraries/libldap/ldap-int.h
View file

@ -587,6 +587,7 @@ LDAP_F (int) ldap_int_next_line_tokens LDAP_P(( char **bufp, ber_len_t *blenp, c
LDAP_F (int) ldap_open_defconn( LDAP *ld ); LDAP_F (int) ldap_open_defconn( LDAP *ld );
LDAP_F (int) ldap_int_open_connection( LDAP *ld, LDAP_F (int) ldap_int_open_connection( LDAP *ld,
LDAPConn *conn, LDAPURLDesc *srvlist, int async ); LDAPConn *conn, LDAPURLDesc *srvlist, int async );
LDAP_F (int) ldap_int_check_async_open( LDAP *ld, ber_socket_t sd );
/* /*
* in os-ip.c * in os-ip.c

38
libraries/libldap/open.c
View file

@ -429,7 +429,7 @@ ldap_int_open_connection(
#endif #endif
#ifdef HAVE_TLS #ifdef HAVE_TLS
if (ld->ld_options.ldo_tls_mode == LDAP_OPT_X_TLS_HARD || if (rc == 0 && ld->ld_options.ldo_tls_mode == LDAP_OPT_X_TLS_HARD ||
strcmp( srv->lud_scheme, "ldaps" ) == 0 ) strcmp( srv->lud_scheme, "ldaps" ) == 0 )
{ {
++conn->lconn_refcnt; /* avoid premature free */ ++conn->lconn_refcnt; /* avoid premature free */
@ -535,3 +535,39 @@ ldap_dup( LDAP *old )
LDAP_MUTEX_UNLOCK( &old->ld_ldcmutex ); LDAP_MUTEX_UNLOCK( &old->ld_ldcmutex );
return ( ld ); return ( ld );
} }
int
ldap_int_check_async_open( LDAP *ld, ber_socket_t sd )
{
struct timeval tv = { 0 };
int rc;
rc = ldap_int_poll( ld, sd, &tv );
switch ( rc ) {
case 0:
/* now ready to start tls */
ld->ld_defconn->lconn_status = LDAP_CONNST_CONNECTED;
break;
default:
return -1;
case -2:
/* connect not completed yet */
ld->ld_errno = LDAP_X_CONNECTING;
return rc;
}
#ifdef HAVE_TLS
if ( ld->ld_options.ldo_tls_mode == LDAP_OPT_X_TLS_HARD ||
!strcmp( ld->ld_defconn->lconn_server->lud_scheme, "ldaps" )) {
++ld->ld_defconn->lconn_refcnt; /* avoid premature free */
rc = ldap_int_tls_start( ld, ld->ld_defconn, ld->ld_defconn->lconn_server );
--ld->ld_defconn->lconn_refcnt;
}
#endif
return rc;
}

5
libraries/libldap/request.c
View file

@ -120,15 +120,18 @@ ldap_send_initial_request(
ber_int_t msgid) ber_int_t msgid)
{ {
int rc = 1; int rc = 1;
ber_socket_t sd = AC_SOCKET_INVALID;
Debug( LDAP_DEBUG_TRACE, "ldap_send_initial_request\n", 0, 0, 0 ); Debug( LDAP_DEBUG_TRACE, "ldap_send_initial_request\n", 0, 0, 0 );
LDAP_MUTEX_LOCK( &ld->ld_conn_mutex ); LDAP_MUTEX_LOCK( &ld->ld_conn_mutex );
if ( ber_sockbuf_ctrl( ld->ld_sb, LBER_SB_OPT_GET_FD, NULL ) == -1 ) { if ( ber_sockbuf_ctrl( ld->ld_sb, LBER_SB_OPT_GET_FD, &sd ) == -1 ) {
/* not connected yet */ /* not connected yet */
rc = ldap_open_defconn( ld ); rc = ldap_open_defconn( ld );
} }
if ( ld->ld_defconn && ld->ld_defconn->lconn_status == LDAP_CONNST_CONNECTING )
rc = ldap_int_check_async_open( ld, sd );
if( rc < 0 ) { if( rc < 0 ) {
ber_free( ber, 1 ); ber_free( ber, 1 );
LDAP_MUTEX_UNLOCK( &ld->ld_conn_mutex ); LDAP_MUTEX_UNLOCK( &ld->ld_conn_mutex );