lib/libadmin/util.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-)

New commits: commit b579d9201af8fdcb7cba1e5543fa314481667fdd Author: Rich Megginson rmeggins@redhat.com Date: Fri Feb 3 15:02:23 2012 -0700

Ticket #281 - TLS not working with latest openldap

https://fedorahosted.org/389/ticket/281 Resolves: Ticket #281 Bug Description: TLS not working with latest openldap Reviewed by: nhosoi (Thanks!) Branch: master Fix Description: Be sure to call ldap_set_option(ld, LDAP_OPT_X_TLS_NEWCTX, &val); last after setting all of the other TLS options. Platforms tested: RHEL6 x86_64, Fedora 16 Flag Day: no Doc impact: no

diff --git a/lib/libadmin/util.c b/lib/libadmin/util.c index c5689a6..21fbde8 100644 --- a/lib/libadmin/util.c +++ b/lib/libadmin/util.c @@ -1577,12 +1577,6 @@ util_ldap_init( #endif /* !USE_OPENLDAP */

#if defined(USE_OPENLDAP) - if ((rc = ldap_set_option(ld, LDAP_OPT_X_TLS_NEWCTX, &optval))) { -#ifdef DEBUG - fprintf(stderr, "util_ldap_init: " - "failed: unable to create new TLS context\n"); -#endif - } if ((rc = ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &ssl_strength))) { #ifdef DEBUG fprintf(stderr, "util_ldap_init: " @@ -1605,6 +1599,12 @@ util_ldap_init( #endif } #endif /* LDAP_OPT_X_TLS_PROTOCOL_MIN */ + if ((rc = ldap_set_option(ld, LDAP_OPT_X_TLS_NEWCTX, &optval))) { +#ifdef DEBUG + fprintf(stderr, "util_ldap_init: " + "failed: unable to create new TLS context\n"); +#endif + } #else /* !USE_OPENLDAP */ if ((rc = ldapssl_set_strength(myld, ssl_strength)) || (rc = ldapssl_set_option(myld, SSL_ENABLE_SSL2, PR_FALSE)) ||