From 84b0eb6a57226b49dc835dda1fa4ed56ebe00037 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 28 Jul 2006 03:51:20 +0000 Subject: r17286: Simply fail the tls_initialise if we don't have TLS compiled in. Adjust the web_server code to cope with this. Andrew Bartlett (This used to be commit 3043969708edbdab58ee57e2fbffa293b6406813) --- source4/lib/tls/tls.c | 7 ++----- source4/web_server/web_server.c | 14 +++++++++++--- 2 files changed, 13 insertions(+), 8 deletions(-) (limited to 'source4') diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c index 9a37dd0bc3..c3a6047e06 100644 --- a/source4/lib/tls/tls.c +++ b/source4/lib/tls/tls.c @@ -634,8 +634,8 @@ BOOL tls_support(struct tls_params *params) #else -/* for systems without tls we just map the tls socket calls to the - normal socket calls */ +/* for systems without tls we just fail the operations, and the caller + * will retain the original socket */ struct tls_params *tls_initialise(TALLOC_CTX *mem_ctx) { @@ -650,9 +650,6 @@ struct socket_context *tls_init_server(struct tls_params *params, struct fd_event *fde, const char *plain_chars) { - if (plain_chars) { - return socket; - } return NULL; } diff --git a/source4/web_server/web_server.c b/source4/web_server/web_server.c index 7596ca40fc..5329880d8d 100644 --- a/source4/web_server/web_server.c +++ b/source4/web_server/web_server.c @@ -194,6 +194,7 @@ static void websrv_accept(struct stream_connection *conn) struct task_server *task = talloc_get_type(conn->private, struct task_server); struct esp_data *edata = talloc_get_type(task->private, struct esp_data); struct websrv_context *web; + struct socket_context *tls_socket; web = talloc_zero(conn, struct websrv_context); if (web == NULL) goto failed; @@ -209,9 +210,16 @@ static void websrv_accept(struct stream_connection *conn) websrv_timeout, web); /* Overwrite the socket with a (possibly) TLS socket */ - conn->socket = tls_init_server(edata->tls_params, conn->socket, - conn->event.fde, "GPHO"); - if (conn->socket == NULL) goto failed; + tls_socket = tls_init_server(edata->tls_params, conn->socket, + conn->event.fde, "GPHO"); + /* We might not have TLS, or it might not have initilised */ + if (tls_socket) { + talloc_unlink(conn, conn->socket); + talloc_steal(conn, tls_socket); + conn->socket = tls_socket; + } else { + DEBUG(3, ("TLS not available for web_server connections\n")); + } return; -- cgit