Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Cdo_connect: don't use error-prone ssl:peercert/2

do_connect: don't write stuff to console
do_connect: don't fail worse on connection failures if SSL is used, than
            if not
ldap_closed_p: fix detection of shut down SSL connections
exec_simple_bind_reply: fix usage of incorrect record (that used to work 'by accident')
  • Loading branch information...
commit 1a8db82b51975d62816812a203ab60d6f76c7fee 1 parent a2bb86c
etnt authored
Showing with 15 additions and 10 deletions.
  1. +15 −10 lib/eldap/src/eldap.erl
25 lib/eldap/src/eldap.erl
View
@@ -366,15 +366,7 @@ do_connect(Host, Data, Opts) when Data#eldap.use_tls == true ->
ssl:seed("bkrlnateqqo" ++ integer_to_list(X));
true -> true
end,
- {ok, Fd} = ssl:connect(Host, Data#eldap.port, [{verify,0}|Opts]),
- if Vsn >= "5.3" ->
- %% In R9C, but not in R9B
- {ok, Cert} = ssl:peercert(Fd, [ssl, subject]),
- io:fwrite("ssl_connect: peer cert:~n~p~n", [Cert]);
- true ->
- io:fwrite("ssl-connect succeded~n", [])
- end,
- {ok, Fd}.
+ ssl:connect(Host, Data#eldap.port, [{verify,0}|Opts]).
loop(Cpid, Data) ->
@@ -468,7 +460,7 @@ exec_simple_bind_reply(Data, {ok,Msg}) when
Msg#'LDAPMessage'.messageID == Data#eldap.id ->
case Msg#'LDAPMessage'.protocolOp of
{bindResponse, Result} ->
- case Result#'LDAPResult'.resultCode of
+ case Result#'BindResponse'.resultCode of
success -> {ok,Data};
Error -> {error, Error}
end;
@@ -785,7 +777,20 @@ log(_, _, _, _) ->
send(To,Msg) -> To ! {self(),Msg}.
recv(From) -> receive {From,Msg} -> Msg end.
+ldap_closed_p(Data, Emsg) when Data#eldap.use_tls == true ->
+ %% Check if the SSL socket seems to be alive or not
+ case catch ssl:sockname(Data#eldap.fd) of
+ {error, _} ->
+ ssl:close(Data#eldap.fd),
+ {error, ldap_closed};
+ {ok, _} ->
+ {error, Emsg};
+ _ ->
+ %% sockname crashes if the socket pid is not alive
+ {error, ldap_closed}
+ end;
ldap_closed_p(Data, Emsg) ->
+ %% non-SSL socket
case inet:port(Data#eldap.fd) of
{error,_} -> {error, ldap_closed};
_ -> {error,Emsg}
Please sign in to comment.
Something went wrong with that request. Please try again.