upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-22 15:49:34 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

ITS#7295 don't init TLS threads by default

Browse source 
Do it explicitly in servers
This commit is contained in:
Howard Chu 2021-03-21 15:25:56 +00:00
parent 7ff1f42f7e
commit bb6844e296
4 changed files with 12 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
include/ldap_pvt.h
View file

@ -426,7 +426,7 @@ LDAP_F (int) ldap_pvt_tls_set_option LDAP_P(( struct ldap *ld,
int option, void *arg )); int option, void *arg ));
LDAP_F (void) ldap_pvt_tls_destroy LDAP_P(( void )); LDAP_F (void) ldap_pvt_tls_destroy LDAP_P(( void ));
LDAP_F (int) ldap_pvt_tls_init LDAP_P(( void )); LDAP_F (int) ldap_pvt_tls_init LDAP_P(( int do_threads ));
LDAP_F (int) ldap_pvt_tls_init_def_ctx LDAP_P(( int is_server )); LDAP_F (int) ldap_pvt_tls_init_def_ctx LDAP_P(( int is_server ));
LDAP_F (int) ldap_pvt_tls_accept LDAP_P(( Sockbuf *sb, void *ctx_arg )); LDAP_F (int) ldap_pvt_tls_accept LDAP_P(( Sockbuf *sb, void *ctx_arg ));
LDAP_F (int) ldap_pvt_tls_connect LDAP_P(( struct ldap *ld, Sockbuf *sb, const char *host )); LDAP_F (int) ldap_pvt_tls_connect LDAP_P(( struct ldap *ld, Sockbuf *sb, const char *host ));

13
libraries/libldap/tls2.c
View file

@ -165,7 +165,7 @@ ldap_pvt_tls_destroy( void )
* Called once per implementation. * Called once per implementation.
*/ */
static int static int
tls_init(tls_impl *impl ) tls_init(tls_impl *impl, int do_threads )
{ {
static int tls_initialized = 0; static int tls_initialized = 0;
@ -177,9 +177,12 @@ tls_init(tls_impl *impl )
if ( impl->ti_inited++ ) return 0; if ( impl->ti_inited++ ) return 0;
if ( do_threads ) {
#ifdef LDAP_R_COMPILE #ifdef LDAP_R_COMPILE
impl->ti_thr_init(); impl->ti_thr_init();
#endif #endif
}
return impl->ti_tls_init(); return impl->ti_tls_init();
} }
@ -187,9 +190,9 @@ tls_init(tls_impl *impl )
* Initialize TLS subsystem. Called once per implementation. * Initialize TLS subsystem. Called once per implementation.
*/ */
int int
ldap_pvt_tls_init( void ) ldap_pvt_tls_init( int do_threads )
{ {
return tls_init( tls_imp ); return tls_init( tls_imp, do_threads );
} }
/* /*
@ -205,7 +208,7 @@ ldap_int_tls_init_ctx( struct ldapoptions *lo, int is_server )
if ( lo->ldo_tls_ctx ) if ( lo->ldo_tls_ctx )
return 0; return 0;
tls_init( ti ); tls_init( ti, 0 );
if ( is_server && !lts.lt_certfile && !lts.lt_keyfile && if ( is_server && !lts.lt_certfile && !lts.lt_keyfile &&
!lts.lt_cacertfile && !lts.lt_cacertdir && !lts.lt_cacertfile && !lts.lt_cacertdir &&
@ -1102,7 +1105,7 @@ ldap_int_tls_start ( LDAP *ld, LDAPConn *conn, LDAPURLDesc *srv )
host = "localhost"; host = "localhost";
} }
(void) tls_init( tls_imp ); (void) tls_init( tls_imp, 0 );
/* /*
* Use non-blocking io during SSL Handshake when a timeout is configured * Use non-blocking io during SSL Handshake when a timeout is configured

2
servers/lloadd/main.c
View file

@ -707,7 +707,7 @@ unhandled_option:;
} }
#ifdef HAVE_TLS #ifdef HAVE_TLS
rc = ldap_pvt_tls_init(); rc = ldap_pvt_tls_init( 1 );
if ( rc != 0 ) { if ( rc != 0 ) {
Debug( LDAP_DEBUG_ANY, "main: " Debug( LDAP_DEBUG_ANY, "main: "
"TLS init failed: %d\n", "TLS init failed: %d\n",

2
servers/slapd/main.c
View file

@ -858,7 +858,7 @@ unhandled_option:;
} }
#ifdef HAVE_TLS #ifdef HAVE_TLS
rc = ldap_pvt_tls_init(); rc = ldap_pvt_tls_init( 1 );
if( rc != 0) { if( rc != 0) {
Debug( LDAP_DEBUG_ANY, Debug( LDAP_DEBUG_ANY,
"main: TLS init failed: %d\n", "main: TLS init failed: %d\n",