From e224920ea5641b71bbd38604cb58bd1922537e7d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Kuzn=C3=ADk?= <ondra@mistotebe.net>
Date: Mon, 15 Jul 2019 15:48:52 +0200
Subject: [PATCH] ITS#8427 Take late TLS configuration into account

---
 servers/slapd/back-ldap/config.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/servers/slapd/back-ldap/config.c b/servers/slapd/back-ldap/config.c
index c2f59439a5..33f1cb0f29 100644
--- a/servers/slapd/back-ldap/config.c
+++ b/servers/slapd/back-ldap/config.c
@@ -942,6 +942,10 @@ slap_idassert_parse( ConfigArgs *c, slap_idassert_t *si )
 	}
 
 	bindconf_tls_defaults( &si->si_bc );
+	if ( si->si_bc.sb_tls_ctx ) {
+		ldap_pvt_tls_ctx_free( si->si_bc.sb_tls_ctx );
+		si->si_bc.sb_tls_ctx = NULL;
+	}
 
 	return 0;
 }
@@ -1746,6 +1750,10 @@ done_url:;
 			}
 			bindconf_tls_defaults( &li->li_tls );
 		}
+		if ( li->li_tls.sb_tls_ctx ) {
+			ldap_pvt_tls_ctx_free( li->li_tls.sb_tls_ctx );
+			li->li_tls.sb_tls_ctx = NULL;
+		}
 		break;
 
 	case LDAP_BACK_CFG_ACL_AUTHCDN:
@@ -1805,6 +1813,10 @@ done_url:;
 			}
 		}
 		bindconf_tls_defaults( &li->li_acl );
+		if ( li->li_acl.sb_tls_ctx ) {
+			ldap_pvt_tls_ctx_free( li->li_acl.sb_tls_ctx );
+			li->li_acl.sb_tls_ctx = NULL;
+		}
 		break;
 
 	case LDAP_BACK_CFG_IDASSERT_MODE:
-- 
GitLab