diff options
author | Simon Rettberg | 2015-10-21 09:58:28 +0200 |
---|---|---|
committer | Simon Rettberg | 2015-10-21 09:58:28 +0200 |
commit | 2dd5d86c44231e570a62277f92e08d1fb741841f (patch) | |
tree | fd414a63830cd0bebe26b8992f85878229199550 /server.c | |
parent | Support certificate verification by ca-bundle and hostname (diff) | |
download | ldadp-2dd5d86c44231e570a62277f92e08d1fb741841f.tar.gz ldadp-2dd5d86c44231e570a62277f92e08d1fb741841f.tar.xz ldadp-2dd5d86c44231e570a62277f92e08d1fb741841f.zip |
Always load default verify locations too when using cert validation. Also quit when initial connect fails in SSL mode.
Diffstat (limited to 'server.c')
-rw-r--r-- | server.c | 10 |
1 files changed, 9 insertions, 1 deletions
@@ -20,6 +20,7 @@ #define MAX_SERVERS 10 static server_t *servers = NULL; static int serverCount = 0; +static BOOL connectionInitDone = FALSE; static void server_init(); static server_t *server_create(const char *server); @@ -88,6 +89,7 @@ void server_setCaBundle(const char *server, const char *file) { server_t *entry = server_create(server); if (entry == NULL) return; + if (file == NULL || *file == '\0') return; int fh = open(file, O_RDONLY); if (fh == -1) { printf("Error: cabundle '%s' not readable.\n", file); @@ -171,6 +173,7 @@ BOOL server_initServers() if (!server_ensureConnected(&servers[i])) return FALSE; } + connectionInitDone = TRUE; return TRUE; } @@ -496,7 +499,9 @@ static BOOL server_ensureConnected(server_t *server) printf("[Server] Creating socket for shared connection failed.\n"); return FALSE; } - helper_nonblock(sock); + if (connectionInitDone) { + helper_nonblock(sock); + } con->fd = sock; con->callback = &server_callback; if (ePoll_add(EPOLLIN | EPOLLOUT | EPOLLET, (epoll_item_t*)con) == -1) { @@ -512,6 +517,9 @@ static BOOL server_ensureConnected(server_t *server) con->fd = -1; return FALSE; } + if (!connectionInitDone) { + helper_nonblock(sock); + } // Now bind - TODO: SASL (DIGEST-MD5?) const size_t bodyLen = fmt_ldapbindrequest(NULL, 3, server->bind, server->password); const size_t headerLen = fmt_ldapmessage(NULL, MSGID_BIND, BindRequest, bodyLen); |