summaryrefslogtreecommitdiff
path: root/source4/lib/tls
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2010-10-07 11:16:48 +0200
committerStefan Metzmacher <metze@samba.org>2010-10-08 11:53:06 +0200
commitcce2f9dde4ae9fb9eec3b8cc7cdaf24534f33142 (patch)
tree24f4b3c7849f4dd028922ee9489f74afd78e4ea7 /source4/lib/tls
parent4e9508172d5d436513b829294b5a73223292d348 (diff)
downloadsamba-cce2f9dde4ae9fb9eec3b8cc7cdaf24534f33142.tar.gz
samba-cce2f9dde4ae9fb9eec3b8cc7cdaf24534f33142.tar.bz2
samba-cce2f9dde4ae9fb9eec3b8cc7cdaf24534f33142.zip
s4:lib/tls: fix enabled logic in tstream_tls_params_server()
metze
Diffstat (limited to 'source4/lib/tls')
-rw-r--r--source4/lib/tls/tls.h2
-rw-r--r--source4/lib/tls/tls_tstream.c12
2 files changed, 12 insertions, 2 deletions
diff --git a/source4/lib/tls/tls.h b/source4/lib/tls/tls.h
index 4376039ca4..e1bd9edb51 100644
--- a/source4/lib/tls/tls.h
+++ b/source4/lib/tls/tls.h
@@ -75,7 +75,7 @@ NTSTATUS tstream_tls_params_client(TALLOC_CTX *mem_ctx,
NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx,
const char *dns_host_name,
- bool disable,
+ bool enabled,
const char *key_file,
const char *cert_file,
const char *ca_file,
diff --git a/source4/lib/tls/tls_tstream.c b/source4/lib/tls/tls_tstream.c
index 96e6f6b998..52e94b0453 100644
--- a/source4/lib/tls/tls_tstream.c
+++ b/source4/lib/tls/tls_tstream.c
@@ -975,7 +975,7 @@ extern void tls_cert_generate(TALLOC_CTX *, const char *, const char *, const ch
*/
NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx,
const char *dns_host_name,
- bool disable,
+ bool enabled,
const char *key_file,
const char *cert_file,
const char *ca_file,
@@ -987,6 +987,16 @@ NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx,
#if ENABLE_GNUTLS
int ret;
+ if (!enabled || key_file == NULL || *key_file == 0) {
+ tlsp = talloc_zero(mem_ctx, struct tstream_tls_params);
+ NT_STATUS_HAVE_NO_MEMORY(tlsp);
+ talloc_set_destructor(tlsp, tstream_tls_params_destructor);
+ tlsp->tls_enabled = false;
+
+ *_tlsp = tlsp;
+ return NT_STATUS_OK;
+ }
+
ret = gnutls_global_init();
if (ret != GNUTLS_E_SUCCESS) {
DEBUG(0,("TLS %s - %s\n", __location__, gnutls_strerror(ret)));