File 0237-ITS-9468-always-init-lc_time-and-lc_create_time.patch of Package openldap2.24062

From 2be4121973ae073fe80530ed367159888310cc23 Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Tue, 25 May 2021 20:02:45 +0100
Subject: [PATCH 237/238] ITS#9468 always init lc_time and lc_create_time

Doesn't cost us anything and guarantees expiry will work if conn_ttl
or idletimeout are configured at a later time.
---
 servers/slapd/back-ldap/bind.c | 13 ++-----------
 1 file changed, 2 insertions(+), 11 deletions(-)

diff --git a/servers/slapd/back-ldap/bind.c b/servers/slapd/back-ldap/bind.c
index f44bdff06..0ec435c8c 100644
--- a/servers/slapd/back-ldap/bind.c
+++ b/servers/slapd/back-ldap/bind.c
@@ -658,7 +658,6 @@ ldap_back_prepare_conn( ldapconn_t *lc, Operation *op, SlapReply *rs, ldap_back_
 #ifdef HAVE_TLS
 	int		is_tls = op->o_conn->c_is_tls;
 	int		flags = li->li_flags;
-	time_t		lctime = (time_t)(-1);
 	slap_bindconf *sb;
 #endif /* HAVE_TLS */
 
@@ -743,10 +742,6 @@ ldap_back_prepare_conn( ldapconn_t *lc, Operation *op, SlapReply *rs, ldap_back_
 		ldap_unbind_ext( ld, NULL, NULL );
 		rs->sr_text = "Start TLS failed";
 		goto error_return;
-
-	} else if ( li->li_idle_timeout ) {
-		/* only touch when activity actually took place... */
-		lctime = op->o_time;
 	}
 #endif /* HAVE_TLS */
 
@@ -758,9 +753,6 @@ ldap_back_prepare_conn( ldapconn_t *lc, Operation *op, SlapReply *rs, ldap_back_
 	} else {
 		LDAP_BACK_CONN_ISTLS_CLEAR( lc );
 	}
-	if ( lctime != (time_t)(-1) ) {
-		lc->lc_time = lctime;
-	}
 #endif /* HAVE_TLS */
 
 error_return:;
@@ -774,9 +766,8 @@ error_return:;
 		}
 
 	} else {
-		if ( li->li_conn_ttl > 0 ) {
-			lc->lc_create_time = op->o_time;
-		}
+		lc->lc_create_time = op->o_time;
+		lc->lc_time = op->o_time;
 	}
 
 	return rs->sr_err;
-- 
2.32.0