lib/libadminutil/admutil.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-)

New commits: commit da9e1186eb93d050aa4c49e66e645fed5d2bb699 Author: Rich Megginson rmeggins@redhat.com Date: Fri Feb 3 15:05:06 2012 -0700

Ticket #281 - TLS not working with latest openldap

https://fedorahosted.org/389/ticket/281 Resolves: Ticket #281 Bug Description: TLS not working with latest openldap Reviewed by: nhosoi (Thanks!) Branch: master Fix Description: Be sure to call ldap_set_option(ld, LDAP_OPT_X_TLS_NEWCTX, &val); last after setting all of the other TLS options. Platforms tested: RHEL6 x86_64, Fedora 16 Flag Day: no Doc impact: no

diff --git a/lib/libadminutil/admutil.c b/lib/libadminutil/admutil.c index 51dae4e..d773bce 100644 --- a/lib/libadminutil/admutil.c +++ b/lib/libadminutil/admutil.c @@ -2305,12 +2305,6 @@ admutil_ldap_init( #endif /* !USE_OPENLDAP */

#if defined(USE_OPENLDAP) - if ((rc = ldap_set_option(ld, LDAP_OPT_X_TLS_NEWCTX, &optval))) { -#ifdef DEBUG - fprintf(stderr, "admutil_ldap_init: " - "failed: unable to create new TLS context\n"); -#endif - } if ((rc = ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &ssl_strength))) { #ifdef DEBUG fprint(stderr, "admutil_ldap_init: " @@ -2335,6 +2329,12 @@ admutil_ldap_init( #endif } #endif /* LDAP_OPT_X_TLS_PROTOCOL_MIN */ + if ((rc = ldap_set_option(ld, LDAP_OPT_X_TLS_NEWCTX, &optval))) { +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_init: " + "failed: unable to create new TLS context\n"); +#endif + } #else /* !USE_OPENLDAP */ if ((rc = ldapssl_set_strength(myld, ssl_strength)) || (rc = ldapssl_set_option(myld, SSL_ENABLE_SSL2, PR_FALSE)) ||