summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-07-28 03:51:20 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:15:06 -0500
commit84b0eb6a57226b49dc835dda1fa4ed56ebe00037 (patch)
treefc36e4592c21240a8104ec98ae52e5de8fa0c835
parent4fe4093643cc1fe5c13235a9920bb4b006477229 (diff)
downloadsamba-84b0eb6a57226b49dc835dda1fa4ed56ebe00037.tar.gz
samba-84b0eb6a57226b49dc835dda1fa4ed56ebe00037.tar.bz2
samba-84b0eb6a57226b49dc835dda1fa4ed56ebe00037.zip
r17286: Simply fail the tls_initialise if we don't have TLS compiled in.
Adjust the web_server code to cope with this. Andrew Bartlett (This used to be commit 3043969708edbdab58ee57e2fbffa293b6406813)
-rw-r--r--source4/lib/tls/tls.c7
-rw-r--r--source4/web_server/web_server.c14
2 files changed, 13 insertions, 8 deletions
diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c
index 9a37dd0bc3..c3a6047e06 100644
--- a/source4/lib/tls/tls.c
+++ b/source4/lib/tls/tls.c
@@ -634,8 +634,8 @@ BOOL tls_support(struct tls_params *params)
#else
-/* for systems without tls we just map the tls socket calls to the
- normal socket calls */
+/* for systems without tls we just fail the operations, and the caller
+ * will retain the original socket */
struct tls_params *tls_initialise(TALLOC_CTX *mem_ctx)
{
@@ -650,9 +650,6 @@ struct socket_context *tls_init_server(struct tls_params *params,
struct fd_event *fde,
const char *plain_chars)
{
- if (plain_chars) {
- return socket;
- }
return NULL;
}
diff --git a/source4/web_server/web_server.c b/source4/web_server/web_server.c
index 7596ca40fc..5329880d8d 100644
--- a/source4/web_server/web_server.c
+++ b/source4/web_server/web_server.c
@@ -194,6 +194,7 @@ static void websrv_accept(struct stream_connection *conn)
struct task_server *task = talloc_get_type(conn->private, struct task_server);
struct esp_data *edata = talloc_get_type(task->private, struct esp_data);
struct websrv_context *web;
+ struct socket_context *tls_socket;
web = talloc_zero(conn, struct websrv_context);
if (web == NULL) goto failed;
@@ -209,9 +210,16 @@ static void websrv_accept(struct stream_connection *conn)
websrv_timeout, web);
/* Overwrite the socket with a (possibly) TLS socket */
- conn->socket = tls_init_server(edata->tls_params, conn->socket,
- conn->event.fde, "GPHO");
- if (conn->socket == NULL) goto failed;
+ tls_socket = tls_init_server(edata->tls_params, conn->socket,
+ conn->event.fde, "GPHO");
+ /* We might not have TLS, or it might not have initilised */
+ if (tls_socket) {
+ talloc_unlink(conn, conn->socket);
+ talloc_steal(conn, tls_socket);
+ conn->socket = tls_socket;
+ } else {
+ DEBUG(3, ("TLS not available for web_server connections\n"));
+ }
return;