void ldap_mods_free( LDAPMod **mods, int freemods ) { int i; if ( mods == NULL ) return; for ( i = 0; mods[i] != NULL; i++ ) { if ( mods[i]->mod_op & LDAP_MOD_BVALUES ) { if( mods[i]->mod_bvalues != NULL ) ber_bvecfree( mods[i]->mod_bvalues ); } else if( mods[i]->mod_values != NULL ) { LDAP_VFREE( mods[i]->mod_values ); } if ( mods[i]->mod_type != NULL ) { LDAP_FREE( mods[i]->mod_type ); } LDAP_FREE( (char *) mods[i] ); } if ( freemods ) { LDAP_FREE( (char *) mods ); } }
/* * Merge error information in "lr" with "parentr" error code and string. */ static void merge_error_info( LDAP *ld, LDAPRequest *parentr, LDAPRequest *lr ) { if ( lr->lr_res_errno == LDAP_PARTIAL_RESULTS ) { parentr->lr_res_errno = lr->lr_res_errno; if ( lr->lr_res_error != NULL ) { (void)ldap_append_referral( ld, &parentr->lr_res_error, lr->lr_res_error ); } } else if ( lr->lr_res_errno != LDAP_SUCCESS && parentr->lr_res_errno == LDAP_SUCCESS ) { parentr->lr_res_errno = lr->lr_res_errno; if ( parentr->lr_res_error != NULL ) { LDAP_FREE( parentr->lr_res_error ); } parentr->lr_res_error = lr->lr_res_error; lr->lr_res_error = NULL; if ( LDAP_NAME_ERROR( lr->lr_res_errno ) ) { if ( parentr->lr_res_matched != NULL ) { LDAP_FREE( parentr->lr_res_matched ); } parentr->lr_res_matched = lr->lr_res_matched; lr->lr_res_matched = NULL; } } Debug( LDAP_DEBUG_TRACE, "merged parent (id %d) error info: ", parentr->lr_msgid, 0, 0 ); Debug( LDAP_DEBUG_TRACE, "result errno %d, error <%s>, matched <%s>\n", parentr->lr_res_errno, parentr->lr_res_error ? parentr->lr_res_error : "", parentr->lr_res_matched ? parentr->lr_res_matched : "" ); }
/* protected by req_mutex */ static void ldap_free_request_int( LDAP *ld, LDAPRequest *lr ) { LDAP_ASSERT_MUTEX_OWNER( &ld->ld_req_mutex ); /* if lr_refcnt > 0, the request has been looked up * by ldap_find_request_by_msgid(); if in the meanwhile * the request is free()'d by someone else, just decrease * the reference count and extract it from the request * list; later on, it will be freed. */ if ( lr->lr_prev == NULL ) { if ( lr->lr_refcnt == 0 ) { /* free'ing the first request? */ assert( ld->ld_requests == lr ); } if ( ld->ld_requests == lr ) { ld->ld_requests = lr->lr_next; } } else { lr->lr_prev->lr_next = lr->lr_next; } if ( lr->lr_next != NULL ) { lr->lr_next->lr_prev = lr->lr_prev; } if ( lr->lr_refcnt > 0 ) { lr->lr_refcnt = -lr->lr_refcnt; lr->lr_prev = NULL; lr->lr_next = NULL; return; } if ( lr->lr_ber != NULL ) { ber_free( lr->lr_ber, 1 ); lr->lr_ber = NULL; } if ( lr->lr_res_error != NULL ) { LDAP_FREE( lr->lr_res_error ); lr->lr_res_error = NULL; } if ( lr->lr_res_matched != NULL ) { LDAP_FREE( lr->lr_res_matched ); lr->lr_res_matched = NULL; } LDAP_FREE( lr ); }
void ldap_int_tls_destroy( struct ldapoptions *lo ) { if ( lo->ldo_tls_ctx ) { ldap_pvt_tls_ctx_free( lo->ldo_tls_ctx ); lo->ldo_tls_ctx = NULL; } #ifdef HAVE_SECURE_TRANSPORT if ( lo->ldo_tls_identity ) { LDAP_FREE( lo->ldo_tls_identity ); lo->ldo_tls_identity = NULL; } if ( lo->ldo_tls_trusted_certs ) { LDAP_FREE( lo->ldo_tls_trusted_certs ); lo->ldo_tls_trusted_certs = NULL; } #else if ( lo->ldo_tls_certfile ) { LDAP_FREE( lo->ldo_tls_certfile ); lo->ldo_tls_certfile = NULL; } if ( lo->ldo_tls_keyfile ) { LDAP_FREE( lo->ldo_tls_keyfile ); lo->ldo_tls_keyfile = NULL; } #endif if ( lo->ldo_tls_dhfile ) { LDAP_FREE( lo->ldo_tls_dhfile ); lo->ldo_tls_dhfile = NULL; } #ifndef HAVE_SECURE_TRANSPORT if ( lo->ldo_tls_cacertfile ) { LDAP_FREE( lo->ldo_tls_cacertfile ); lo->ldo_tls_cacertfile = NULL; } if ( lo->ldo_tls_cacertdir ) { LDAP_FREE( lo->ldo_tls_cacertdir ); lo->ldo_tls_cacertdir = NULL; } #endif if ( lo->ldo_tls_ciphersuite ) { LDAP_FREE( lo->ldo_tls_ciphersuite ); lo->ldo_tls_ciphersuite = NULL; } if ( lo->ldo_tls_crlfile ) { LDAP_FREE( lo->ldo_tls_crlfile ); lo->ldo_tls_crlfile = NULL; } #if defined(__APPLE__) && !defined(HAVE_SECURE_TRANSPORT) if ( lo->ldo_tls_cert_ref ) { CFRelease( lo->ldo_tls_cert_ref ); lo->ldo_tls_cert_ref = NULL; } #endif }
int ldap_domain2dn( LDAP_CONST char *domain_in, char **dnp) { char *domain, *s, *tok_r, *dn, *dntmp; size_t loc; assert( domain_in != NULL ); assert( dnp != NULL ); domain = LDAP_STRDUP(domain_in); if (domain == NULL) { return LDAP_NO_MEMORY; } dn = NULL; loc = 0; for (s = ldap_pvt_strtok(domain, ".", &tok_r); s != NULL; s = ldap_pvt_strtok(NULL, ".", &tok_r)) { size_t len = strlen(s); dntmp = (char *) LDAP_REALLOC(dn, loc + sizeof(",dc=") + len ); if (dntmp == NULL) { if (dn != NULL) LDAP_FREE(dn); LDAP_FREE(domain); return LDAP_NO_MEMORY; } dn = dntmp; if (loc > 0) { /* not first time. */ strcpy(dn + loc, ","); loc++; } strcpy(dn + loc, "dc="); loc += sizeof("dc=")-1; strcpy(dn + loc, s); loc += len; } LDAP_FREE(domain); *dnp = dn; return LDAP_SUCCESS; }
/* * ldap_kerberos_bind1 - initiate a bind to the ldap server using * kerberos authentication. The dn is supplied. It is assumed the user * already has a valid ticket granting ticket. The msgid of the * request is returned on success (suitable for passing to ldap_result()), * -1 is returned if there's trouble. * * Example: * ldap_kerberos_bind1( ld, "cn=manager, o=university of michigan, c=us" ) */ int ldap_kerberos_bind1( LDAP *ld, LDAP_CONST char *dn ) { BerElement *ber; char *cred; int rc; ber_len_t credlen; ber_int_t id; Debug( LDAP_DEBUG_TRACE, "ldap_kerberos_bind1\n", 0, 0, 0 ); if( ld->ld_version > LDAP_VERSION2 ) { ld->ld_errno = LDAP_NOT_SUPPORTED; return -1; } if ( dn == NULL ) dn = ""; if ( (cred = ldap_get_kerberosv4_credentials( ld, dn, "ldapserver", &credlen )) == NULL ) { return( -1 ); /* ld_errno should already be set */ } /* create a message to send */ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) { LDAP_FREE( cred ); return( -1 ); } LDAP_NEXT_MSGID( ld, id ); /* fill it in */ rc = ber_printf( ber, "{it{istoN}N}", id, LDAP_REQ_BIND, ld->ld_version, dn, LDAP_AUTH_KRBV41, cred, credlen ); if ( rc == -1 ) { LDAP_FREE( cred ); ber_free( ber, 1 ); ld->ld_errno = LDAP_ENCODING_ERROR; return( -1 ); } LDAP_FREE( cred ); /* send the message */ return ( ldap_send_initial_request( ld, LDAP_REQ_BIND, dn, ber, id )); }
/* * Initialize TLS subsystem. Should be called only once. */ static int tlso_init( void ) { struct ldapoptions *lo = LDAP_INT_GLOBAL_OPT(); #ifdef HAVE_EBCDIC { char *file = LDAP_STRDUP( lo->ldo_tls_randfile ); if ( file ) __atoe( file ); (void) tlso_seed_PRNG( file ); LDAP_FREE( file ); } #else (void) tlso_seed_PRNG( lo->ldo_tls_randfile ); #endif #if OPENSSL_VERSION_NUMBER < 0x10100000 SSL_load_error_strings(); SSL_library_init(); OpenSSL_add_all_digests(); #else OPENSSL_init_ssl(0, NULL); #endif /* FIXME: mod_ssl does this */ X509V3_add_standard_extensions(); return 0; }
static int tlsg_mutex_destroy( void **lock ) { int err = ldap_pvt_thread_mutex_destroy( *lock ); LDAP_FREE( *lock ); return err; }
int ldap_create_page_control( LDAP *ld, ber_int_t pagesize, struct berval *cookie, int iscritical, LDAPControl **ctrlp ) { struct berval value; if ( ctrlp == NULL ) { ld->ld_errno = LDAP_PARAM_ERROR; return ld->ld_errno; } ld->ld_errno = ldap_create_page_control_value( ld, pagesize, cookie, &value ); if ( ld->ld_errno == LDAP_SUCCESS ) { ld->ld_errno = ldap_control_create( LDAP_CONTROL_PAGEDRESULTS, iscritical, &value, 0, ctrlp ); if ( ld->ld_errno != LDAP_SUCCESS ) { LDAP_FREE( value.bv_val ); } } return ld->ld_errno; }
/* * NOTE: this API is bad; it could be much more efficient... */ int ldap_create_session_tracking_control( LDAP *ld, char *sessionSourceIp, char *sessionSourceName, char *formatOID, struct berval *sessionTrackingIdentifier, LDAPControl **ctrlp ) { struct berval value; if ( ctrlp == NULL ) { ld->ld_errno = LDAP_PARAM_ERROR; return ld->ld_errno; } ld->ld_errno = ldap_create_session_tracking_value( ld, sessionSourceIp, sessionSourceName, formatOID, sessionTrackingIdentifier, &value ); if ( ld->ld_errno == LDAP_SUCCESS ) { ld->ld_errno = ldap_control_create( LDAP_CONTROL_X_SESSION_TRACKING, 0, &value, 0, ctrlp ); if ( ld->ld_errno != LDAP_SUCCESS ) { LDAP_FREE( value.bv_val ); } } return ld->ld_errno; }
int ldap_create_deref_control( LDAP *ld, LDAPDerefSpec *ds, int iscritical, LDAPControl **ctrlp ) { struct berval value; if ( ctrlp == NULL ) { ld->ld_errno = LDAP_PARAM_ERROR; return ld->ld_errno; } ld->ld_errno = ldap_create_deref_control_value( ld, ds, &value ); if ( ld->ld_errno == LDAP_SUCCESS ) { ld->ld_errno = ldap_control_create( LDAP_CONTROL_PAGEDRESULTS, iscritical, &value, 0, ctrlp ); if ( ld->ld_errno != LDAP_SUCCESS ) { LDAP_FREE( value.bv_val ); } } return ld->ld_errno; }
char * ldap_pvt_get_fqdn( char *name ) { char *fqdn, *ha_buf; char hostbuf[MAXHOSTNAMELEN+1]; struct hostent *hp, he_buf; int rc, local_h_errno; if( name == NULL ) { if( gethostname( hostbuf, MAXHOSTNAMELEN ) == 0 ) { hostbuf[MAXHOSTNAMELEN] = '\0'; name = hostbuf; } else { name = "localhost"; } } rc = ldap_pvt_gethostbyname_a( name, &he_buf, &ha_buf, &hp, &local_h_errno ); if( rc < 0 || hp == NULL || hp->h_name == NULL ) { fqdn = LDAP_STRDUP( name ); } else { fqdn = LDAP_STRDUP( hp->h_name ); } LDAP_FREE( ha_buf ); return fqdn; }
int ldap_create_sort_control( LDAP *ld, LDAPSortKey **keyList, int isCritical, LDAPControl **ctrlp ) { struct berval value; assert( ld != NULL ); assert( LDAP_VALID( ld ) ); if ( ld == NULL ) { return LDAP_PARAM_ERROR; } if ( ctrlp == NULL ) { ld->ld_errno = LDAP_PARAM_ERROR; return ld->ld_errno; } ld->ld_errno = ldap_create_sort_control_value( ld, keyList, &value ); if ( ld->ld_errno == LDAP_SUCCESS ) { ld->ld_errno = ldap_control_create( LDAP_CONTROL_SORTREQUEST, isCritical, &value, 0, ctrlp ); if ( ld->ld_errno != LDAP_SUCCESS ) { LDAP_FREE( value.bv_val ); } } return ld->ld_errno; }
int ldap_create_assertion_control( LDAP *ld, char *assertion, int iscritical, LDAPControl **ctrlp ) { struct berval value; if ( ctrlp == NULL ) { ld->ld_errno = LDAP_PARAM_ERROR; return ld->ld_errno; } ld->ld_errno = ldap_create_assertion_control_value( ld, assertion, &value ); if ( ld->ld_errno == LDAP_SUCCESS ) { ld->ld_errno = ldap_control_create( LDAP_CONTROL_ASSERT, iscritical, &value, 0, ctrlp ); if ( ld->ld_errno != LDAP_SUCCESS ) { LDAP_FREE( value.bv_val ); } } return ld->ld_errno; }
int ldap_create_vlv_control( LDAP *ld, LDAPVLVInfo *vlvinfop, LDAPControl **ctrlp ) { struct berval value; if ( ctrlp == NULL ) { ld->ld_errno = LDAP_PARAM_ERROR; return ld->ld_errno; } ld->ld_errno = ldap_create_vlv_control_value( ld, vlvinfop, &value ); if ( ld->ld_errno == LDAP_SUCCESS ) { ld->ld_errno = ldap_control_create( LDAP_CONTROL_VLVREQUEST, 1, &value, 0, ctrlp ); if ( ld->ld_errno != LDAP_SUCCESS ) { LDAP_FREE( value.bv_val ); } } return ld->ld_errno; }
static void tlsg_ctx_free ( tls_ctx *ctx ) { tlsg_ctx *c = (tlsg_ctx *)ctx; int refcount; if ( !c ) return; #ifdef LDAP_R_COMPILE ldap_pvt_thread_mutex_lock( &c->ref_mutex ); #endif refcount = --c->refcount; #ifdef LDAP_R_COMPILE ldap_pvt_thread_mutex_unlock( &c->ref_mutex ); #endif if ( refcount ) return; #ifdef HAVE_CIPHERSUITES gnutls_priority_deinit( c->prios ); #else LDAP_FREE( c->kx_list ); #endif gnutls_certificate_free_credentials( c->cred ); ber_memfree ( c ); }
/* * Free a LDAPControl */ void ldap_control_free( LDAPControl *c ) { LDAP_MEMORY_DEBUG_ASSERT( c != NULL ); if ( c != NULL ) { if( c->ldctl_oid != NULL) { LDAP_FREE( c->ldctl_oid ); } if( c->ldctl_value.bv_val != NULL ) { LDAP_FREE( c->ldctl_value.bv_val ); } LDAP_FREE( c ); } }
int ldap_get_entry_controls( LDAP *ld, LDAPMessage *entry, LDAPControl ***sctrls ) { int rc; BerElement be; assert( ld != NULL ); assert( LDAP_VALID( ld ) ); assert( entry != NULL ); assert( sctrls != NULL ); if ( entry->lm_msgtype != LDAP_RES_SEARCH_ENTRY ) { return LDAP_PARAM_ERROR; } /* make a local copy of the BerElement */ AC_MEMCPY(&be, entry->lm_ber, sizeof(be)); if ( ber_scanf( &be, "{xx" /*}*/ ) == LBER_ERROR ) { rc = LDAP_DECODING_ERROR; goto cleanup_and_return; } rc = ldap_pvt_get_controls( &be, sctrls ); cleanup_and_return: if( rc != LDAP_SUCCESS ) { ld->ld_errno = rc; if( ld->ld_matched != NULL ) { LDAP_FREE( ld->ld_matched ); ld->ld_matched = NULL; } if( ld->ld_error != NULL ) { LDAP_FREE( ld->ld_error ); ld->ld_error = NULL; } } return rc; }
/* * Free a LDAPControl */ void ldap_control_free( LDAPControl *c ) { #ifdef LDAP_MEMORY_DEBUG assert( c != NULL ); #endif if ( c != NULL ) { if( c->ldctl_oid != NULL) { LDAP_FREE( c->ldctl_oid ); } if( c->ldctl_value.bv_val != NULL ) { LDAP_FREE( c->ldctl_value.bv_val ); } LDAP_FREE( c ); } }
/* * Tear down the TLS subsystem. Should only be called once. */ static void tlsg_destroy( void ) { #ifndef HAVE_CIPHERSUITES LDAP_FREE( tlsg_ciphers ); tlsg_ciphers = NULL; tlsg_n_ciphers = 0; #endif gnutls_global_deinit(); }
static int tlso_verify_cb( int ok, X509_STORE_CTX *ctx ) { X509 *cert; int errnum; int errdepth; X509_NAME *subject; X509_NAME *issuer; char *sname; char *iname; char *certerr = NULL; cert = X509_STORE_CTX_get_current_cert( ctx ); errnum = X509_STORE_CTX_get_error( ctx ); errdepth = X509_STORE_CTX_get_error_depth( ctx ); /* * X509_get_*_name return pointers to the internal copies of * those things requested. So do not free them. */ subject = X509_get_subject_name( cert ); issuer = X509_get_issuer_name( cert ); /* X509_NAME_oneline, if passed a NULL buf, allocate memomry */ sname = X509_NAME_oneline( subject, NULL, 0 ); iname = X509_NAME_oneline( issuer, NULL, 0 ); if ( !ok ) certerr = (char *)X509_verify_cert_error_string( errnum ); #ifdef HAVE_EBCDIC if ( sname ) __etoa( sname ); if ( iname ) __etoa( iname ); if ( certerr ) { certerr = LDAP_STRDUP( certerr ); __etoa( certerr ); } #endif Debug( LDAP_DEBUG_TRACE, "TLS certificate verification: depth: %d, err: %d, subject: %s,", errdepth, errnum, sname ? sname : "-unknown-" ); Debug( LDAP_DEBUG_TRACE, " issuer: %s\n", iname ? iname : "-unknown-", 0, 0 ); if ( !ok ) { Debug( LDAP_DEBUG_ANY, "TLS certificate verification: Error, %s\n", certerr, 0, 0 ); } if ( sname ) CRYPTO_free ( sname ); if ( iname ) CRYPTO_free ( iname ); #ifdef HAVE_EBCDIC if ( certerr ) LDAP_FREE( certerr ); #endif return ok; }
/* * Tear down the TLS subsystem. Should only be called once. */ static void tlso_destroy( void ) { struct ldapoptions *lo = LDAP_INT_GLOBAL_OPT(); EVP_cleanup(); ERR_remove_state(0); ERR_free_strings(); if ( lo->ldo_tls_randfile ) { LDAP_FREE( lo->ldo_tls_randfile ); lo->ldo_tls_randfile = NULL; } }
void ldap_derefresponse_free( LDAPDerefRes *dr ) { for ( ; dr; ) { LDAPDerefRes *drnext = dr->next; LDAPDerefVal *dv; LDAP_FREE( dr->derefAttr ); LDAP_FREE( dr->derefVal.bv_val ); for ( dv = dr->attrVals; dv; ) { LDAPDerefVal *dvnext = dv->next; LDAP_FREE( dv->type ); ber_bvarray_free( dv->vals ); LDAP_FREE( dv ); dv = dvnext; } LDAP_FREE( dr ); dr = drnext; } }
/* * Free an array of LDAPControl's */ void ldap_controls_free( LDAPControl **controls ) { LDAP_MEMORY_DEBUG_ASSERT( controls != NULL ); if ( controls != NULL ) { int i; for( i=0; controls[i] != NULL; i++) { ldap_control_free( controls[i] ); } LDAP_FREE( controls ); } }
/* * Free an array of LDAPControl's */ void ldap_controls_free( LDAPControl **controls ) { #ifdef LDAP_MEMORY_DEBUG assert( controls != NULL ); #endif if ( controls != NULL ) { int i; for( i=0; controls[i] != NULL; i++) { ldap_control_free( controls[i] ); } LDAP_FREE( controls ); } }
int ldap_msgfree( LDAPMessage *lm ) { LDAPMessage *next; int type = 0; Debug( LDAP_DEBUG_TRACE, "ldap_msgfree\n", 0, 0, 0 ); for ( ; lm != NULL; lm = next ) { next = lm->lm_chain; type = lm->lm_msgtype; ber_free( lm->lm_ber, 1 ); LDAP_FREE( (char *) lm ); } return type; }
static int tlsg_mutex_init( void **priv ) { int err = 0; ldap_pvt_thread_mutex_t *lock = LDAP_MALLOC( sizeof( ldap_pvt_thread_mutex_t )); if ( !lock ) err = ENOMEM; if ( !err ) { err = ldap_pvt_thread_mutex_init( lock ); if ( err ) LDAP_FREE( lock ); else *priv = lock; } return err; }
int ldap_pvt_thread_rdwr_destroy( ldap_pvt_thread_rdwr_t *rwlock ) { struct ldap_int_thread_rdwr_s *rw; assert( rwlock != NULL ); rw = *rwlock; assert( rw != NULL ); assert( rw->ltrw_valid == LDAP_PVT_THREAD_RDWR_VALID ); if( rw->ltrw_valid != LDAP_PVT_THREAD_RDWR_VALID ) return LDAP_PVT_THREAD_EINVAL; ldap_pvt_thread_mutex_lock( &rw->ltrw_mutex ); assert( rw->ltrw_w_active >= 0 ); assert( rw->ltrw_w_wait >= 0 ); assert( rw->ltrw_r_active >= 0 ); assert( rw->ltrw_r_wait >= 0 ); /* active threads? */ if( rw->ltrw_r_active > 0 || rw->ltrw_w_active > 0) { ldap_pvt_thread_mutex_unlock( &rw->ltrw_mutex ); return LDAP_PVT_THREAD_EBUSY; } /* waiting threads? */ if( rw->ltrw_r_wait > 0 || rw->ltrw_w_wait > 0) { ldap_pvt_thread_mutex_unlock( &rw->ltrw_mutex ); return LDAP_PVT_THREAD_EBUSY; } rw->ltrw_valid = 0; ldap_pvt_thread_mutex_unlock( &rw->ltrw_mutex ); ldap_pvt_thread_mutex_destroy( &rw->ltrw_mutex ); ldap_pvt_thread_cond_destroy( &rw->ltrw_read ); ldap_pvt_thread_cond_destroy( &rw->ltrw_write ); LDAP_FREE(rw); *rwlock = NULL; return 0; }
/* * Tear down the TLS subsystem. Should only be called once. */ static void tlso_destroy( void ) { struct ldapoptions *lo = LDAP_INT_GLOBAL_OPT(); EVP_cleanup(); #if OPENSSL_VERSION_NUMBER < 0x10000000 ERR_remove_state(0); #else ERR_remove_thread_state(NULL); #endif ERR_free_strings(); if ( lo->ldo_tls_randfile ) { LDAP_FREE( lo->ldo_tls_randfile ); lo->ldo_tls_randfile = NULL; } }
void ldap_int_tls_destroy( struct ldapoptions *lo ) { if ( lo->ldo_tls_ctx ) { ldap_pvt_tls_ctx_free( lo->ldo_tls_ctx ); lo->ldo_tls_ctx = NULL; } if ( lo->ldo_tls_certfile ) { LDAP_FREE( lo->ldo_tls_certfile ); lo->ldo_tls_certfile = NULL; } if ( lo->ldo_tls_keyfile ) { LDAP_FREE( lo->ldo_tls_keyfile ); lo->ldo_tls_keyfile = NULL; } if ( lo->ldo_tls_dhfile ) { LDAP_FREE( lo->ldo_tls_dhfile ); lo->ldo_tls_dhfile = NULL; } if ( lo->ldo_tls_ecname ) { LDAP_FREE( lo->ldo_tls_ecname ); lo->ldo_tls_ecname = NULL; } if ( lo->ldo_tls_cacertfile ) { LDAP_FREE( lo->ldo_tls_cacertfile ); lo->ldo_tls_cacertfile = NULL; } if ( lo->ldo_tls_cacertdir ) { LDAP_FREE( lo->ldo_tls_cacertdir ); lo->ldo_tls_cacertdir = NULL; } if ( lo->ldo_tls_ciphersuite ) { LDAP_FREE( lo->ldo_tls_ciphersuite ); lo->ldo_tls_ciphersuite = NULL; } if ( lo->ldo_tls_crlfile ) { LDAP_FREE( lo->ldo_tls_crlfile ); lo->ldo_tls_crlfile = NULL; } }