r17286: Simply fail the tls_initialise if we don't have TLS compiled in.

author Andrew Bartlett <abartlet@samba.org>

Fri, 28 Jul 2006 03:51:20 +0000 (03:51 +0000)

committer Gerald (Jerry) Carter <jerry@samba.org>

Wed, 10 Oct 2007 19:15:06 +0000 (14:15 -0500)
author Andrew Bartlett <abartlet@samba.org>
Fri, 28 Jul 2006 03:51:20 +0000 (03:51 +0000)
committer Gerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 19:15:06 +0000 (14:15 -0500)
diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c

index 9a37dd0bc31f6d3c7ed4050f04bc095b8c840ec9..c3a6047e065aee25eca68c861e893c7759ea6d76 100644 (file)
--- a/source4/lib/tls/tls.c
+++ b/source4/lib/tls/tls.c
@@ -634,8 +634,8 @@ BOOL tls_support(struct tls_params *params)
  
  #else
  
-/* for systems without tls we just map the tls socket calls to the
-   normal socket calls */
+/* for systems without tls we just fail the operations, and the caller
+ * will retain the original socket */
  
  struct tls_params *tls_initialise(TALLOC_CTX *mem_ctx)
  {
@@ -650,9 +650,6 @@ struct socket_context *tls_init_server(struct tls_params *params,
                                     struct fd_event *fde, 
                                     const char *plain_chars)
  {
-       if (plain_chars) {
-               return socket;
-       }
         return NULL;
  }
  
diff --git a/source4/web_server/web_server.c b/source4/web_server/web_server.c

index 7596ca40fccdd5a4dfcd3ae2c06f3b2b67ef1602..5329880d8d07fbfad3b2e1e912bd55296b863b4f 100644 (file)
--- a/source4/web_server/web_server.c
+++ b/source4/web_server/web_server.c
@@ -194,6 +194,7 @@ static void websrv_accept(struct stream_connection *conn)
         struct task_server *task = talloc_get_type(conn->private, struct task_server);
         struct esp_data *edata = talloc_get_type(task->private, struct esp_data);
         struct websrv_context *web;
+       struct socket_context *tls_socket;
  
         web = talloc_zero(conn, struct websrv_context);
         if (web == NULL) goto failed;
@@ -209,9 +210,16 @@ static void websrv_accept(struct stream_connection *conn)
                         websrv_timeout, web);
  
         /* Overwrite the socket with a (possibly) TLS socket */
-       conn->socket = tls_init_server(edata->tls_params, conn->socket, 
-                                      conn->event.fde, "GPHO");
-       if (conn->socket == NULL) goto failed;
+       tls_socket = tls_init_server(edata->tls_params, conn->socket, 
+                                    conn->event.fde, "GPHO");
+       /* We might not have TLS, or it might not have initilised */
+       if (tls_socket) {
+               talloc_unlink(conn, conn->socket);
+               talloc_steal(conn, tls_socket);
+               conn->socket = tls_socket;
+       } else {
+               DEBUG(3, ("TLS not available for web_server connections\n"));
+       }
  
         return;
author	Andrew Bartlett <abartlet@samba.org>
	Fri, 28 Jul 2006 03:51:20 +0000 (03:51 +0000)
committer	Gerald (Jerry) Carter <jerry@samba.org>
	Wed, 10 Oct 2007 19:15:06 +0000 (14:15 -0500)
source4/lib/tls/tls.c		patch \| blob \| history
source4/web_server/web_server.c		patch \| blob \| history