summaryrefslogtreecommitdiff
path: root/source4/lib/tls
diff options
context:
space:
mode:
Diffstat (limited to 'source4/lib/tls')
-rw-r--r--source4/lib/tls/tls.h2
-rw-r--r--source4/lib/tls/tls_tstream.c12
2 files changed, 12 insertions, 2 deletions
diff --git a/source4/lib/tls/tls.h b/source4/lib/tls/tls.h
index 4376039ca4..e1bd9edb51 100644
--- a/source4/lib/tls/tls.h
+++ b/source4/lib/tls/tls.h
@@ -75,7 +75,7 @@ NTSTATUS tstream_tls_params_client(TALLOC_CTX *mem_ctx,
NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx,
const char *dns_host_name,
- bool disable,
+ bool enabled,
const char *key_file,
const char *cert_file,
const char *ca_file,
diff --git a/source4/lib/tls/tls_tstream.c b/source4/lib/tls/tls_tstream.c
index 96e6f6b998..52e94b0453 100644
--- a/source4/lib/tls/tls_tstream.c
+++ b/source4/lib/tls/tls_tstream.c
@@ -975,7 +975,7 @@ extern void tls_cert_generate(TALLOC_CTX *, const char *, const char *, const ch
*/
NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx,
const char *dns_host_name,
- bool disable,
+ bool enabled,
const char *key_file,
const char *cert_file,
const char *ca_file,
@@ -987,6 +987,16 @@ NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx,
#if ENABLE_GNUTLS
int ret;
+ if (!enabled || key_file == NULL || *key_file == 0) {
+ tlsp = talloc_zero(mem_ctx, struct tstream_tls_params);
+ NT_STATUS_HAVE_NO_MEMORY(tlsp);
+ talloc_set_destructor(tlsp, tstream_tls_params_destructor);
+ tlsp->tls_enabled = false;
+
+ *_tlsp = tlsp;
+ return NT_STATUS_OK;
+ }
+
ret = gnutls_global_init();
if (ret != GNUTLS_E_SUCCESS) {
DEBUG(0,("TLS %s - %s\n", __location__, gnutls_strerror(ret)));