svn commit: samba r7016 - in branches/SAMBA_4_0/source: param web_server

tridge at samba.org tridge at samba.org
Fri May 27 12:23:53 GMT 2005 

Author: tridge
Date: 2005-05-27 12:23:52 +0000 (Fri, 27 May 2005)
New Revision: 7016

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=7016

Log:
- added smb.conf parm 'web tls = true/false'

- by default enable tls if the certfile is set in smb.conf and gnutls library
  was compiled in






Modified:
   branches/SAMBA_4_0/source/param/loadparm.c
   branches/SAMBA_4_0/source/web_server/tls.c


Changeset:
Modified: branches/SAMBA_4_0/source/param/loadparm.c
===================================================================
--- branches/SAMBA_4_0/source/param/loadparm.c	2005-05-27 12:11:48 UTC (rev 7015)
+++ branches/SAMBA_4_0/source/param/loadparm.c	2005-05-27 12:23:52 UTC (rev 7016)
@@ -179,6 +179,7 @@
 	char *szIDMapBackend;
 	char *szGuestaccount;
 	char *swat_directory;
+	BOOL web_tls;
 	char *web_keyfile;
 	char *web_certfile;
 	char *web_cafile;
@@ -595,6 +596,7 @@
 	{"dgram port", P_INTEGER, P_GLOBAL, &Globals.dgram_port, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
 	{"cldap port", P_INTEGER, P_GLOBAL, &Globals.cldap_port, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
 	{"web port", P_INTEGER, P_GLOBAL, &Globals.web_port, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
+	{"web tls", P_BOOL, P_GLOBAL, &Globals.web_tls, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
 	{"web tls keyfile", P_STRING, P_GLOBAL, &Globals.web_keyfile, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
 	{"web tls certfile", P_STRING, P_GLOBAL, &Globals.web_certfile, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
 	{"web tls cafile", P_STRING, P_GLOBAL, &Globals.web_cafile, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
@@ -1044,6 +1046,7 @@
 	do_parameter("max wins ttl", "432000");
 	do_parameter("min wins ttl", "10");
 
+	do_parameter("web tls", "True");
 	do_parameter_var("web tls keyfile", "%s/tls/key.pem", dyn_PRIVATE_DIR);
 	do_parameter_var("web tls certfile", "%s/tls/cert.pem", dyn_PRIVATE_DIR);
 	do_parameter_var("web tls cafile", "%s/tls/ca.pem", dyn_PRIVATE_DIR);
@@ -1148,6 +1151,7 @@
 FN_GLOBAL_INTEGER(lp_web_port, &Globals.web_port)
 FN_GLOBAL_STRING(lp_dos_charset, &Globals.dos_charset)
 FN_GLOBAL_STRING(lp_swat_directory, &Globals.swat_directory)
+FN_GLOBAL_BOOL(lp_web_tls, &Globals.web_tls)
 FN_GLOBAL_STRING(lp_web_keyfile, &Globals.web_keyfile)
 FN_GLOBAL_STRING(lp_web_certfile, &Globals.web_certfile)
 FN_GLOBAL_STRING(lp_web_cafile, &Globals.web_cafile)

Modified: branches/SAMBA_4_0/source/web_server/tls.c
===================================================================
--- branches/SAMBA_4_0/source/web_server/tls.c	2005-05-27 12:11:48 UTC (rev 7015)
+++ branches/SAMBA_4_0/source/web_server/tls.c	2005-05-27 12:23:52 UTC (rev 7016)
@@ -57,7 +57,7 @@
 	const char *cafile = lp_web_cafile();
 	const char *crlfile = lp_web_crlfile();
 
-	if (!lp_parm_bool(-1, "web", "tls", False)) {
+	if (!lp_web_tls() || keyfile == NULL || *keyfile == 0) {
 		return;
 	}

More information about the samba-cvs mailing list