Bug 1395289

Summary: [RHEL6] ldap_install_tls reports TLS was established even after a socket timeout
Product: Red Hat Enterprise Linux 6 Reporter: Stefan Kremen <skremen>
Component: openldapAssignee: Matus Honek <mhonek>
Status: CLOSED WONTFIX QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: low Docs Contact:
Priority: low    
Version: 6.8CC: jhrozek, lslebodn, mhonek, mmarusic, nkinder, pkis
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1310069 Environment:
Last Closed: 2017-11-21 15:27:03 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Stefan Kremen 2016-11-15 15:57:14 UTC 
+++ This bug was initially created as a clone of Bug #1310069 +++

Description of problem:
When there is an LDAP server listening on ldaps:// but the connection attempt is not successfull and interrupted with LDAP_OPT_X_TLS_CONNECT_CB, ldap_install_tls still returns LOCAL_ERROR which indicates the connection was established.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
please see the attached C reproducer.

Actual results:


Expected results:


Additional info:
this happens with both NSS and OpenSSL as crypto back ends.