[Issue 10149] [PATCH] Allow certificates and keys to be read from URIs.

15 Jan 2025

https://bugs.openldap.org/show_bug.cgi?id=10149
--- Comment #6 from minfrin@sharp.fm minfrin@sharp.fm ---
Due to a regression in openssl which broke error handling, the following
additional workaround is needed until
https://github.com/openssl/openssl/issues/26412 is fixed.

diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c
index ab9338944..1619e937a 100644
--- a/libraries/libldap/tls_o.c
+++ b/libraries/libldap/tls_o.c
@@ -556,7 +556,7 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt,
int is_server, char *
                                        }
                                        OSSL_STORE_INFO_free( info );
                                }
-                               if (OSSL_STORE_error(sctx)) {
+                               if (!OSSL_STORE_eof(sctx) &&
OSSL_STORE_error(sctx)) {
                                        Debug1( LDAP_DEBUG_ANY,
                                                "TLS: could not load from uri
`%s'.\n",
                                                lo->ldo_tls_uris[i] );
@@ -776,7 +776,7 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt,
int is_server, char *
                                }
                                OSSL_STORE_INFO_free(info);
                        }
-                       if (OSSL_STORE_error(sctx)) {
+                       if (!OSSL_STORE_eof(sctx) && OSSL_STORE_error(sctx)) {
                                Debug1( LDAP_DEBUG_ANY,
                                        "TLS: could not load from uri `%s'.\n",
                                        lo->ldo_tls_uris[i] );
-- 
You are receiving this mail because:
You are on the CC list for the issue.

    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[Issue 10149] [PATCH] Allow certificates and keys to be read from URIs.