Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
Joe Martin
OpenLDAP
Commits
d4a0a9b3
Commit
d4a0a9b3
authored
Feb 19, 2019
by
Vernon Smith
Committed by
Quanah Gibson-Mount
Feb 28, 2019
Browse files
ITS#8980 fix async connections with non-blocking TLS
parent
9bd7ad94
Changes
3
Hide whitespace changes
Inline
Side-by-side
libraries/libldap/os-ip.c
View file @
d4a0a9b3
...
...
@@ -443,7 +443,7 @@ ldap_pvt_connect(LDAP *ld, ber_socket_t s,
if
(
connect
(
s
,
sin
,
addrlen
)
!=
AC_SOCKET_ERROR
)
{
osip_debug
(
ld
,
"connect success
\n
"
,
0
,
0
,
0
);
if
(
opt_tv
&&
ldap_pvt_ndelay_off
(
ld
,
s
)
==
-
1
)
if
(
!
async
&&
opt_tv
&&
ldap_pvt_ndelay_off
(
ld
,
s
)
==
-
1
)
return
(
-
1
);
return
(
0
);
}
...
...
libraries/libldap/tls2.c
View file @
d4a0a9b3
...
...
@@ -826,7 +826,7 @@ ldap_int_tls_start ( LDAP *ld, LDAPConn *conn, LDAPURLDesc *srv )
Sockbuf
*
sb
;
char
*
host
;
void
*
ssl
;
int
ret
;
int
ret
,
async
;
#ifdef LDAP_USE_NON_BLOCKING_TLS
struct
timeval
start_time_tv
,
tv
,
tv0
;
ber_socket_t
sd
=
AC_SOCKET_ERROR
;
...
...
@@ -853,8 +853,12 @@ ldap_int_tls_start ( LDAP *ld, LDAPConn *conn, LDAPURLDesc *srv )
/*
* Use non-blocking io during SSL Handshake when a timeout is configured
*/
async
=
LDAP_BOOL_GET
(
&
ld
->
ld_options
,
LDAP_BOOL_CONNECT_ASYNC
);
if
(
ld
->
ld_options
.
ldo_tm_net
.
tv_sec
>=
0
)
{
ber_sockbuf_ctrl
(
sb
,
LBER_SB_OPT_SET_NONBLOCK
,
(
void
*
)
1
);
if
(
!
async
)
{
/* if async, this has already been set */
ber_sockbuf_ctrl
(
sb
,
LBER_SB_OPT_SET_NONBLOCK
,
(
void
*
)
1
);
}
ber_sockbuf_ctrl
(
sb
,
LBER_SB_OPT_GET_FD
,
&
sd
);
tv
=
ld
->
ld_options
.
ldo_tm_net
;
tv0
=
tv
;
...
...
@@ -888,8 +892,10 @@ ldap_int_tls_start ( LDAP *ld, LDAPConn *conn, LDAPURLDesc *srv )
ld
->
ld_errno
=
LDAP_TIMEOUT
;
break
;
}
else
{
/* ldap_int_poll called ldap_pvt_ndelay_off */
ber_sockbuf_ctrl
(
sb
,
LBER_SB_OPT_SET_NONBLOCK
,
(
void
*
)
1
);
/* ldap_int_poll called ldap_pvt_ndelay_off if not async */
if
(
!
async
)
{
ber_sockbuf_ctrl
(
sb
,
LBER_SB_OPT_SET_NONBLOCK
,
(
void
*
)
1
);
}
ret
=
ldap_int_tls_connect
(
ld
,
conn
,
host
);
if
(
ret
>
0
)
{
/* need to call tls_connect once more */
struct
timeval
curr_time_tv
,
delta_tv
;
...
...
@@ -936,7 +942,8 @@ ldap_int_tls_start ( LDAP *ld, LDAPConn *conn, LDAPURLDesc *srv )
}
}
}
if
(
ld
->
ld_options
.
ldo_tm_net
.
tv_sec
>=
0
)
{
/* Leave it nonblocking if async */
if
(
!
async
&&
ld
->
ld_options
.
ldo_tm_net
.
tv_sec
>=
0
)
{
ber_sockbuf_ctrl
(
sb
,
LBER_SB_OPT_SET_NONBLOCK
,
NULL
);
}
#endif
/* LDAP_USE_NON_BLOCKING_TLS */
...
...
libraries/libldap/tls_o.c
View file @
d4a0a9b3
...
...
@@ -452,7 +452,19 @@ tlso_session_connect( LDAP *ld, tls_session *sess )
tlso_session
*
s
=
(
tlso_session
*
)
sess
;
/* Caller expects 0 = success, OpenSSL returns 1 = success */
return
SSL_connect
(
s
)
-
1
;
int
rc
=
SSL_connect
(
s
)
-
1
;
#ifdef LDAP_USE_NON_BLOCKING_TLS
if
(
rc
<
0
)
{
int
sockerr
=
sock_errno
();
int
sslerr
=
SSL_get_error
(
s
,
rc
+
1
);
if
(
sslerr
==
SSL_ERROR_WANT_READ
||
sslerr
==
SSL_ERROR_WANT_WRITE
)
{
rc
=
0
;
}
else
if
(
sslerr
==
SSL_ERROR_SYSCALL
&&
(
sockerr
==
EAGAIN
||
sockerr
==
ENOTCONN
))
{
rc
=
0
;
}
}
#endif
/* LDAP_USE_NON_BLOCKING_TLS */
}
static
int
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
