Commit 33f3de77 authored by Howard Chu's avatar Howard Chu
Browse files

ITS#6828 fix TLS setup with async connect

parent c0aec23b
......@@ -433,7 +433,11 @@ ldap_int_sasl_bind(
rc = ld->ld_errno;
}
}
}
}
if ( rc == 0 && ld->ld_defconn &&
ld->ld_defconn->lconn_status == LDAP_CONNST_CONNECTING ) {
rc = ldap_int_check_async_open( ld, sd );
}
LDAP_MUTEX_UNLOCK( &ld->ld_conn_mutex );
if( rc != 0 ) return ld->ld_errno;
......
......@@ -587,6 +587,7 @@ LDAP_F (int) ldap_int_next_line_tokens LDAP_P(( char **bufp, ber_len_t *blenp, c
LDAP_F (int) ldap_open_defconn( LDAP *ld );
LDAP_F (int) ldap_int_open_connection( LDAP *ld,
LDAPConn *conn, LDAPURLDesc *srvlist, int async );
LDAP_F (int) ldap_int_check_async_open( LDAP *ld, ber_socket_t sd );
/*
* in os-ip.c
......
......@@ -429,7 +429,7 @@ ldap_int_open_connection(
#endif
#ifdef HAVE_TLS
if (ld->ld_options.ldo_tls_mode == LDAP_OPT_X_TLS_HARD ||
if (rc == 0 && ld->ld_options.ldo_tls_mode == LDAP_OPT_X_TLS_HARD ||
strcmp( srv->lud_scheme, "ldaps" ) == 0 )
{
++conn->lconn_refcnt; /* avoid premature free */
......@@ -535,3 +535,39 @@ ldap_dup( LDAP *old )
LDAP_MUTEX_UNLOCK( &old->ld_ldcmutex );
return ( ld );
}
int
ldap_int_check_async_open( LDAP *ld, ber_socket_t sd )
{
struct timeval tv = { 0 };
int rc;
rc = ldap_int_poll( ld, sd, &tv );
switch ( rc ) {
case 0:
/* now ready to start tls */
ld->ld_defconn->lconn_status = LDAP_CONNST_CONNECTED;
break;
default:
return -1;
case -2:
/* connect not completed yet */
ld->ld_errno = LDAP_X_CONNECTING;
return rc;
}
#ifdef HAVE_TLS
if ( ld->ld_options.ldo_tls_mode == LDAP_OPT_X_TLS_HARD ||
!strcmp( ld->ld_defconn->lconn_server->lud_scheme, "ldaps" )) {
++ld->ld_defconn->lconn_refcnt; /* avoid premature free */
rc = ldap_int_tls_start( ld, ld->ld_defconn, ld->ld_defconn->lconn_server );
--ld->ld_defconn->lconn_refcnt;
}
#endif
return rc;
}
......@@ -120,15 +120,18 @@ ldap_send_initial_request(
ber_int_t msgid)
{
int rc = 1;
ber_socket_t sd = AC_SOCKET_INVALID;
Debug( LDAP_DEBUG_TRACE, "ldap_send_initial_request\n", 0, 0, 0 );
LDAP_MUTEX_LOCK( &ld->ld_conn_mutex );
if ( ber_sockbuf_ctrl( ld->ld_sb, LBER_SB_OPT_GET_FD, NULL ) == -1 ) {
if ( ber_sockbuf_ctrl( ld->ld_sb, LBER_SB_OPT_GET_FD, &sd ) == -1 ) {
/* not connected yet */
rc = ldap_open_defconn( ld );
}
if ( ld->ld_defconn && ld->ld_defconn->lconn_status == LDAP_CONNST_CONNECTING )
rc = ldap_int_check_async_open( ld, sd );
if( rc < 0 ) {
ber_free( ber, 1 );
LDAP_MUTEX_UNLOCK( &ld->ld_conn_mutex );
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment