On 2014-10-19 06:07, Howard Chu wrote:
Tobias Ljunggren wrote:
> What is the proper way to de-initialize openLDAP library?
> Let's assume I have
> ldap_initialize (ldaps://....)
> a couple of general ldap_set_option
> some ldap_set_option for TLS
> Is ldap_unbind_s all that's required?
> My problem is that if I do it this way when using openLDAP from a shared object and
the process unloads the shared object and
> then loads it again (restarts my library) TLS won't work anymore. Probably there
is one or more global variables in openLDAP
> that needs to be reset before unload to make sure the initialization works.
libldap only has one set of global variables, and they are maintained in a single
structure. Unloading the library will wipe
out that structure, reloading the library will force a new initialization.
It sounds like, however, your TLS library is not being fully unloaded. If your app has
another reference to that, it would
cause a problem like this.
Yes only a few of the nss (and nspr) modules are unloaded. But I thought that was because
I didn't de inititialize things the
This is whats loadeded on start (shim.dll is the module I'm developing):
But when I shut down this whats unloaded:
I haven't checked whats unloaded on linux but I have the same problem after a restart
so I guess it looks the same.
Why do you bother to unload the library if you're just going to need to load it again
Problem is that my module is built using an api from a service. It must support start,
stop and restart. I load libldap_r and
liblber with dlopen (or LoadLibrary on Windows) and don't unload until I have to.
> I looked at the ldapsearch example provided, in common.c, and noticed a call to
ldap_pvt_tls_destroy. I tried that but it
> doesn't make any difference.
> I've compiled openLDAP to use Mozilla NSS.
RedHat supports the MozNSS code, ask them for suggestions.
Thanks for the tip, I will.