From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 7 Oct 2010 09:16:48 +0000 (+0200)
Subject: s4:lib/tls: fix enabled logic in tstream_tls_params_server()
X-Git-Url: http://git.samba.org/?p=metze%2Fsamba%2Fwip.git;a=commitdiff_plain;h=f43158e88d6f145c9c64

s4:lib/tls: fix enabled logic in tstream_tls_params_server()

metze
---

diff --git a/source4/lib/tls/tls.h b/source4/lib/tls/tls.h
index 4376039ca44a..e1bd9edb51cf 100644
--- a/source4/lib/tls/tls.h
+++ b/source4/lib/tls/tls.h
@@ -75,7 +75,7 @@ NTSTATUS tstream_tls_params_client(TALLOC_CTX *mem_ctx,
 
 NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx,
 				   const char *dns_host_name,
-				   bool disable,
+				   bool enabled,
 				   const char *key_file,
 				   const char *cert_file,
 				   const char *ca_file,
diff --git a/source4/lib/tls/tls_tstream.c b/source4/lib/tls/tls_tstream.c
index 96e6f6b99827..52e94b045315 100644
--- a/source4/lib/tls/tls_tstream.c
+++ b/source4/lib/tls/tls_tstream.c
@@ -975,7 +975,7 @@ extern void tls_cert_generate(TALLOC_CTX *, const char *, const char *, const ch
 */
 NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx,
 				   const char *dns_host_name,
-				   bool disable,
+				   bool enabled,
 				   const char *key_file,
 				   const char *cert_file,
 				   const char *ca_file,
@@ -987,6 +987,16 @@ NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx,
 #if ENABLE_GNUTLS
 	int ret;
 
+	if (!enabled || key_file == NULL || *key_file == 0) {
+		tlsp = talloc_zero(mem_ctx, struct tstream_tls_params);
+		NT_STATUS_HAVE_NO_MEMORY(tlsp);
+		talloc_set_destructor(tlsp, tstream_tls_params_destructor);
+		tlsp->tls_enabled = false;
+
+		*_tlsp = tlsp;
+		return NT_STATUS_OK;
+	}
+
 	ret = gnutls_global_init();
 	if (ret != GNUTLS_E_SUCCESS) {
 		DEBUG(0,("TLS %s - %s\n", __location__, gnutls_strerror(ret)));