diff options
-rw-r--r-- | source4/lib/tls/tls.h | 2 | ||||
-rw-r--r-- | source4/lib/tls/tls_tstream.c | 12 |
2 files changed, 12 insertions, 2 deletions
diff --git a/source4/lib/tls/tls.h b/source4/lib/tls/tls.h index 4376039ca4..e1bd9edb51 100644 --- a/source4/lib/tls/tls.h +++ b/source4/lib/tls/tls.h @@ -75,7 +75,7 @@ NTSTATUS tstream_tls_params_client(TALLOC_CTX *mem_ctx, NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx, const char *dns_host_name, - bool disable, + bool enabled, const char *key_file, const char *cert_file, const char *ca_file, diff --git a/source4/lib/tls/tls_tstream.c b/source4/lib/tls/tls_tstream.c index 96e6f6b998..52e94b0453 100644 --- a/source4/lib/tls/tls_tstream.c +++ b/source4/lib/tls/tls_tstream.c @@ -975,7 +975,7 @@ extern void tls_cert_generate(TALLOC_CTX *, const char *, const char *, const ch */ NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx, const char *dns_host_name, - bool disable, + bool enabled, const char *key_file, const char *cert_file, const char *ca_file, @@ -987,6 +987,16 @@ NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx, #if ENABLE_GNUTLS int ret; + if (!enabled || key_file == NULL || *key_file == 0) { + tlsp = talloc_zero(mem_ctx, struct tstream_tls_params); + NT_STATUS_HAVE_NO_MEMORY(tlsp); + talloc_set_destructor(tlsp, tstream_tls_params_destructor); + tlsp->tls_enabled = false; + + *_tlsp = tlsp; + return NT_STATUS_OK; + } + ret = gnutls_global_init(); if (ret != GNUTLS_E_SUCCESS) { DEBUG(0,("TLS %s - %s\n", __location__, gnutls_strerror(ret))); |