Tobias Ljunggren wrote:
Hello,
What is the proper way to de-initialize openLDAP library?
Let's assume I have ldap_initialize (ldaps://....) a couple of general ldap_set_option some ldap_set_option for TLS ldap_sasl_bind_s
Is ldap_unbind_s all that's required?
My problem is that if I do it this way when using openLDAP from a shared object and the process unloads the shared object and then loads it again (restarts my library) TLS won't work anymore. Probably there is one or more global variables in openLDAP that needs to be reset before unload to make sure the initialization works.
libldap only has one set of global variables, and they are maintained in a single structure. Unloading the library will wipe out that structure, reloading the library will force a new initialization.
It sounds like, however, your TLS library is not being fully unloaded. If your app has another reference to that, it would cause a problem like this.
Why do you bother to unload the library if you're just going to need to load it again later?
I looked at the ldapsearch example provided, in common.c, and noticed a call to ldap_pvt_tls_destroy. I tried that but it doesn't make any difference.
I've compiled openLDAP to use Mozilla NSS.
RedHat supports the MozNSS code, ask them for suggestions.