svn commit: samba r17286 - in branches/SAMBA_4_0/source: lib/tls web_server

abartlet at samba.org abartlet at samba.org
Fri Jul 28 03:51:21 GMT 2006 

Author: abartlet
Date: 2006-07-28 03:51:20 +0000 (Fri, 28 Jul 2006)
New Revision: 17286

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17286

Log:
Simply fail the tls_initialise if we don't have TLS compiled in.
Adjust the web_server code to cope with this.

Andrew Bartlett

Modified:
   branches/SAMBA_4_0/source/lib/tls/tls.c
   branches/SAMBA_4_0/source/web_server/web_server.c


Changeset:
Modified: branches/SAMBA_4_0/source/lib/tls/tls.c
===================================================================
--- branches/SAMBA_4_0/source/lib/tls/tls.c	2006-07-27 19:33:15 UTC (rev 17285)
+++ branches/SAMBA_4_0/source/lib/tls/tls.c	2006-07-28 03:51:20 UTC (rev 17286)
@@ -634,8 +634,8 @@
 
 #else
 
-/* for systems without tls we just map the tls socket calls to the
-   normal socket calls */
+/* for systems without tls we just fail the operations, and the caller
+ * will retain the original socket */
 
 struct tls_params *tls_initialise(TALLOC_CTX *mem_ctx)
 {
@@ -650,9 +650,6 @@
 				    struct fd_event *fde, 
 				    const char *plain_chars)
 {
-	if (plain_chars) {
-		return socket;
-	}
 	return NULL;
 }
 

Modified: branches/SAMBA_4_0/source/web_server/web_server.c
===================================================================
--- branches/SAMBA_4_0/source/web_server/web_server.c	2006-07-27 19:33:15 UTC (rev 17285)
+++ branches/SAMBA_4_0/source/web_server/web_server.c	2006-07-28 03:51:20 UTC (rev 17286)
@@ -194,6 +194,7 @@
 	struct task_server *task = talloc_get_type(conn->private, struct task_server);
 	struct esp_data *edata = talloc_get_type(task->private, struct esp_data);
 	struct websrv_context *web;
+	struct socket_context *tls_socket;
 
 	web = talloc_zero(conn, struct websrv_context);
 	if (web == NULL) goto failed;
@@ -209,9 +210,16 @@
 			websrv_timeout, web);
 
 	/* Overwrite the socket with a (possibly) TLS socket */
-	conn->socket = tls_init_server(edata->tls_params, conn->socket, 
-				       conn->event.fde, "GPHO");
-	if (conn->socket == NULL) goto failed;
+	tls_socket = tls_init_server(edata->tls_params, conn->socket, 
+				     conn->event.fde, "GPHO");
+	/* We might not have TLS, or it might not have initilised */
+	if (tls_socket) {
+		talloc_unlink(conn, conn->socket);
+		talloc_steal(conn, tls_socket);
+		conn->socket = tls_socket;
+	} else {
+		DEBUG(3, ("TLS not available for web_server connections\n"));
+	}
 
 	return;

More information about the samba-cvs mailing list