diff options
author | Stefan Metzmacher <metze@samba.org> | 2010-10-07 11:16:48 +0200 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2010-10-08 11:53:06 +0200 |
commit | cce2f9dde4ae9fb9eec3b8cc7cdaf24534f33142 (patch) | |
tree | 24f4b3c7849f4dd028922ee9489f74afd78e4ea7 /source4 | |
parent | 4e9508172d5d436513b829294b5a73223292d348 (diff) | |
download | samba-cce2f9dde4ae9fb9eec3b8cc7cdaf24534f33142.tar.gz samba-cce2f9dde4ae9fb9eec3b8cc7cdaf24534f33142.tar.bz2 samba-cce2f9dde4ae9fb9eec3b8cc7cdaf24534f33142.zip |
s4:lib/tls: fix enabled logic in tstream_tls_params_server()
metze
Diffstat (limited to 'source4')
-rw-r--r-- | source4/lib/tls/tls.h | 2 | ||||
-rw-r--r-- | source4/lib/tls/tls_tstream.c | 12 |
2 files changed, 12 insertions, 2 deletions
diff --git a/source4/lib/tls/tls.h b/source4/lib/tls/tls.h index 4376039ca4..e1bd9edb51 100644 --- a/source4/lib/tls/tls.h +++ b/source4/lib/tls/tls.h @@ -75,7 +75,7 @@ NTSTATUS tstream_tls_params_client(TALLOC_CTX *mem_ctx, NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx, const char *dns_host_name, - bool disable, + bool enabled, const char *key_file, const char *cert_file, const char *ca_file, diff --git a/source4/lib/tls/tls_tstream.c b/source4/lib/tls/tls_tstream.c index 96e6f6b998..52e94b0453 100644 --- a/source4/lib/tls/tls_tstream.c +++ b/source4/lib/tls/tls_tstream.c @@ -975,7 +975,7 @@ extern void tls_cert_generate(TALLOC_CTX *, const char *, const char *, const ch */ NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx, const char *dns_host_name, - bool disable, + bool enabled, const char *key_file, const char *cert_file, const char *ca_file, @@ -987,6 +987,16 @@ NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx, #if ENABLE_GNUTLS int ret; + if (!enabled || key_file == NULL || *key_file == 0) { + tlsp = talloc_zero(mem_ctx, struct tstream_tls_params); + NT_STATUS_HAVE_NO_MEMORY(tlsp); + talloc_set_destructor(tlsp, tstream_tls_params_destructor); + tlsp->tls_enabled = false; + + *_tlsp = tlsp; + return NT_STATUS_OK; + } + ret = gnutls_global_init(); if (ret != GNUTLS_E_SUCCESS) { DEBUG(0,("TLS %s - %s\n", __location__, gnutls_strerror(ret))); |