]> git.ipfire.org Git - thirdparty/openldap.git/commitdiff
projects / thirdparty / openldap.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 36dd6e2)
ITS#10326 mbedtls: always call mbedtls_ssl_set_hostname()
authorHoward Chu <hyc@openldap.org>
Tue, 22 Apr 2025 16:22:59 +0000 (17:22 +0100)
committerHoward Chu <hyc@openldap.org>
Tue, 22 Apr 2025 16:26:46 +0000 (17:26 +0100)
Even if hostname is NULL, the library requires this be called once.
If non-NULL, mbedtls may do a hostname check which is redundant
since libldap does its own check.

libraries/libldap/tls_mt.c patch | blob | blame | history

diff --git a/libraries/libldap/tls_mt.c b/libraries/libldap/tls_mt.c
index 908d84058cf423d81799774398dbfcc550b37a1e..a92c300aded12a27ceabf5590ebbd1852a1a20db 100644 (file)
--- a/libraries/libldap/tls_mt.c
+++ b/libraries/libldap/tls_mt.c
@@ -380,11 +380,9 @@ static int
 tlsmt_session_connect( LDAP *ld, tls_session *sess, const char *name_in )
 {
        tlsmt_session *s = (tlsmt_session *)sess;
-       if (name_in) {
-               int ret = mbedtls_ssl_set_hostname( &(s->ssl_ctx), name_in );
-               if ( ret != 0 ) {
-                       return ret;
-               }
+       int ret = mbedtls_ssl_set_hostname( &(s->ssl_ctx), name_in );
+       if ( ret != 0 ) {
+               return ret;
        }
 
        return tlsmt_session_accept(sess);
Mirror of https://git.openldap.org/openldap/openldap.git