s4:lib/tls: fix enabled logic in tstream_tls_params_server()

[mat/samba.git] / source4 / lib / tls / tls_tstream.c

diff --git a/source4/lib/tls/tls_tstream.c b/source4/lib/tls/tls_tstream.c
index 96e6f6b99827ce4ad187f61fcdd8a407bdc0cc5f..52e94b045315136babdb809af0af1b842b3d2df9 100644 (file)
--- a/source4/lib/tls/tls_tstream.c
+++ b/source4/lib/tls/tls_tstream.c
@@ -975,7 +975,7 @@ extern void tls_cert_generate(TALLOC_CTX *, const char *, const char *, const ch
 */
 NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx,
                                   const char *dns_host_name,
-                                  bool disable,
+                                  bool enabled,
                                   const char *key_file,
                                   const char *cert_file,
                                   const char *ca_file,
@@ -987,6 +987,16 @@ NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx,
 #if ENABLE_GNUTLS
        int ret;
 
+       if (!enabled || key_file == NULL || *key_file == 0) {
+               tlsp = talloc_zero(mem_ctx, struct tstream_tls_params);
+               NT_STATUS_HAVE_NO_MEMORY(tlsp);
+               talloc_set_destructor(tlsp, tstream_tls_params_destructor);
+               tlsp->tls_enabled = false;
+
+               *_tlsp = tlsp;
+               return NT_STATUS_OK;
+       }
+
        ret = gnutls_global_init();
        if (ret != GNUTLS_E_SUCCESS) {
                DEBUG(0,("TLS %s - %s\n", __location__, gnutls_strerror(ret)));