ITS#3109 - added slap_tls_ctx

2025-12-28 02:29:34 -05:00 · 2004-04-26 01:10:49 +00:00 · 2004-04-26 01:10:49 +00:00 · 9b38cd2572
commit 9b38cd2572
parent 2919bc09ac
3 changed files with 27 additions and 10 deletions
--- a/servers/slapd/connection.c
+++ b/servers/slapd/connection.c
@ -1279,7 +1279,7 @@ int connection_read(ber_socket_t s)

 #ifdef HAVE_TLS
 	if ( c->c_is_tls && c->c_needs_tls_accept ) {
-		rc = ldap_pvt_tls_accept( c->c_sb, NULL );
+		rc = ldap_pvt_tls_accept( c->c_sb, slap_tls_ctx );
 		if ( rc < 0 ) {
 #if 0 /* required by next #if 0 */
 			struct timeval tv;
--- a/servers/slapd/main.c
+++ b/servers/slapd/main.c
@ -132,6 +132,8 @@ static int   cnvt_str2int( char *, STRDISP_P, int );
 static int check = CHECK_NONE;
 static int version = 0;

+void *slap_tls_ctx;
+
 static void
 usage( char *name )
 {
@ -622,18 +624,32 @@ int main( int argc, char **argv )
 		goto destroy;
 	}

-	rc = ldap_pvt_tls_init_def_ctx();
-	if( rc != 0) {
+	{
+		void *def_ctx = NULL;
+
+		/* Save existing default ctx, if any */
+		ldap_pvt_tls_get_option( NULL, LDAP_OPT_X_TLS_CTX, &def_ctx );
+
+		/* Force new ctx to be created */
+		ldap_pvt_tls_set_option( NULL, LDAP_OPT_X_TLS_CTX, NULL );
+
+		rc = ldap_pvt_tls_init_def_ctx();
+		if( rc != 0) {
 #ifdef NEW_LOGGING
-		LDAP_LOG( SLAPD, CRIT, "main: tls init def ctx failed: %d\n", rc, 0, 0 );
+			LDAP_LOG( SLAPD, CRIT, "main: tls init def ctx failed: %d\n", rc, 0, 0 );
 #else
-		Debug( LDAP_DEBUG_ANY,
-		    "main: TLS init def ctx failed: %d\n",
-		    rc, 0, 0 );
+			Debug( LDAP_DEBUG_ANY,
+			    "main: TLS init def ctx failed: %d\n",
+			    rc, 0, 0 );
 #endif
-		rc = 1;
-		SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 20 );
-		goto destroy;
+			rc = 1;
+			SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 20 );
+			goto destroy;
+		}
+		/* Retrieve slapd's own ctx */
+		ldap_pvt_tls_get_option( NULL, LDAP_OPT_X_TLS_CTX, &slap_tls_ctx );
+		/* Restore previous ctx */
+		ldap_pvt_tls_set_option( NULL, LDAP_OPT_X_TLS_CTX, def_ctx );
 	}
 #endif

--- a/servers/slapd/proto-slap.h
+++ b/servers/slapd/proto-slap.h
@ -582,6 +582,7 @@ LDAP_SLAPD_V( const struct berval ) slap_unknown_bv;
 LDAP_SLAPD_V( const struct berval ) slap_true_bv;
 LDAP_SLAPD_V( const struct berval ) slap_false_bv;
 LDAP_SLAPD_V( struct slap_sync_cookie_s ) slap_sync_cookie;
+LDAP_SLAPD_V( void * ) slap_tls_ctx;

 /*
 * index.c