]> git.ipfire.org Git - thirdparty/openldap.git/commitdiff
projects / thirdparty / openldap.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: dfcaa3f)
ITS#6248 fix prev commit tlso_ca_list
authorHoward Chu <hyc@openldap.org>
Thu, 22 Jul 2021 22:54:25 +0000 (23:54 +0100)
committerHoward Chu <hyc@openldap.org>
Thu, 22 Jul 2021 22:54:25 +0000 (23:54 +0100)
Don't quit on first dir failure, try them all before giving up.

libraries/libldap/tls_o.c patch | blob | blame | history

diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c
index 9c1f019499d8a1097d0ecc40b502d32c8635c64a..283ec4c2661e1084e82bb4e495caa4e15ae163d7 100644 (file)
--- a/libraries/libldap/tls_o.c
+++ b/libraries/libldap/tls_o.c
@@ -172,19 +172,18 @@ tlso_ca_list( char * bundle, char * dir, X509 *cert )
        }
        if ( dir ) {
                char **dirs = ldap_str2charray( dir, CERTPATHSEP );
-               int freeit = 0, i;
+               int freeit = 0, i, success = 0;
 
                if ( !ca_list ) {
                        ca_list = sk_X509_NAME_new_null();
                        freeit = 1;
                }
                for ( i=0; dirs[i]; i++ ) {
-                       if ( !SSL_add_dir_cert_subjects_to_stack( ca_list, dir ) &&
-                               freeit ) {
-                               sk_X509_NAME_free( ca_list );
-                               ca_list = NULL;
-                               break;
-                       }
+                       success += SSL_add_dir_cert_subjects_to_stack( ca_list, dir );
+               }
+               if ( !success && freeit ) {
+                       sk_X509_NAME_free( ca_list );
+                       ca_list = NULL;
                }
                ldap_charray_free( dirs );
        }
Mirror of https://git.openldap.org/openldap/openldap.git