From 315c8e086fe689771d99ec73bbb959de8bb5f2cb Mon Sep 17 00:00:00 2001
From: Quanah Gibson-Mount <quanah@openldap.org>
Date: Fri, 1 May 2009 21:39:02 +0000
Subject: [PATCH] ITS#6079

---
 CHANGES                      | 1 +
 libraries/libldap/ldap-int.h | 4 ++++
 libraries/libldap/tls2.c     | 9 ++++++---
 3 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/CHANGES b/CHANGES
index a17fa2b2c8..f5729548a6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,7 @@ OpenLDAP 2.4 Change Log
 OpenLDAP 2.4.17 Engineering
 	Fixed liblber to use ber_strnlen (ITS#6080)
 	Fixed libldap gnutls private key init (ITS#6053)
+	Fixed libldap tls NULL error messages (ITS#6079)
 	Fixed liblutil opendir/closedir on windows (ITS#6041)
 	Fixed liblutil for _GNU_SOURCE (ITS#5464,ITS#5666)
 	Fixed slapd errno handling (ITS#6037)
diff --git a/libraries/libldap/ldap-int.h b/libraries/libldap/ldap-int.h
index f079753ed3..883566f429 100644
--- a/libraries/libldap/ldap-int.h
+++ b/libraries/libldap/ldap-int.h
@@ -75,6 +75,9 @@
 
 #ifdef LDAP_DEBUG
 
+#define DebugTest( level ) \
+	( ldap_debug & level )
+
 #define Debug( level, fmt, arg1, arg2, arg3 ) \
 	do { if ( ldap_debug & level ) \
 	ldap_log_printf( NULL, (level), (fmt), (arg1), (arg2), (arg3) ); \
@@ -85,6 +88,7 @@
 
 #else
 
+#define DebugTest( level )                                    (0 == 1)
 #define Debug( level, fmt, arg1, arg2, arg3 )                 ((void)0)
 #define LDAP_Debug( subsystem, level, fmt, arg1, arg2, arg3 ) ((void)0)
 
diff --git a/libraries/libldap/tls2.c b/libraries/libldap/tls2.c
index 69e6f609e8..3c440e9e51 100644
--- a/libraries/libldap/tls2.c
+++ b/libraries/libldap/tls2.c
@@ -434,11 +434,14 @@ ldap_pvt_tls_accept( Sockbuf *sb, void *ctx_arg )
 
 	if ( err < 0 )
 	{
-		char buf[256];
 		if ( update_flags( sb, ssl, err )) return 1;
 
-		Debug( LDAP_DEBUG_ANY,"TLS: can't accept: %s.\n",
-			tls_imp->ti_session_errmsg( err, buf, sizeof(buf) ),0,0 );
+		if ( DebugTest( LDAP_DEBUG_ANY ) ) {
+			char buf[256], *msg;
+			msg = tls_imp->ti_session_errmsg( err, buf, sizeof(buf) );
+			Debug( LDAP_DEBUG_ANY,"TLS: can't accept: %s.\n",
+				msg ? msg : "(unknown)", 0, 0 );
+		}
 
 		ber_sockbuf_remove_io( sb, tls_imp->ti_sbio,
 			LBER_SBIOD_LEVEL_TRANSPORT );
-- 
GitLab