X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=bacula%2Fsrc%2Ffiled%2Fauthenticate.c;h=7609d108eb66f621c23ef9a83bb05ef7246ebfe7;hb=2c10d832689907ccbbd02369a7a397c545145837;hp=1c173ae7dfd82e37c48e9556fcf8c76e33163d46;hpb=9c901077567250aa558f48ec84804703a3af0353;p=bacula%2Fbacula

diff --git a/bacula/src/filed/authenticate.c b/bacula/src/filed/authenticate.c
index 1c173ae7df..7609d108eb 100644
--- a/bacula/src/filed/authenticate.c
+++ b/bacula/src/filed/authenticate.c
@@ -7,22 +7,17 @@
  *
  */
 /*
-   Copyright (C) 2000-2004 Kern Sibbald and John Walker
+   Copyright (C) 2000-2005 Kern Sibbald
 
    This program is free software; you can redistribute it and/or
-   modify it under the terms of the GNU General Public License as
-   published by the Free Software Foundation; either version 2 of
-   the License, or (at your option) any later version.
+   modify it under the terms of the GNU General Public License
+   version 2 as amended with additional clauses defined in the
+   file LICENSE in the main source directory.
 
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-   General Public License for more details.
-
-   You should have received a copy of the GNU General Public
-   License along with this program; if not, write to the Free
-   Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
-   MA 02111-1307, USA.
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 
+   the file LICENSE for additional details.
 
  */
 
@@ -43,17 +38,15 @@ static int authenticate(int rcode, BSOCK *bs, JCR* jcr)
    int tls_local_need = BNET_TLS_NONE;
    int tls_remote_need = BNET_TLS_NONE;
    bool auth_success = false;
-#ifdef HAVE_TLS
    alist *verify_list = NULL;
-#endif /* HAVE_TLS */
 
    if (rcode != R_DIRECTOR) {
-      Dmsg1(50, _("I only authenticate directors, not %d\n"), rcode);
+      Dmsg1(50, "I only authenticate directors, not %d\n", rcode);
       Emsg1(M_FATAL, 0, _("I only authenticate directors, not %d\n"), rcode);
       return 0;
    }
    if (bs->msglen < 25 || bs->msglen > 200) {
-      Dmsg2(50, _("Bad Hello command from Director at %s. Len=%d.\n"),
+      Dmsg2(50, "Bad Hello command from Director at %s. Len=%d.\n",
             bs->who, bs->msglen);
       Emsg2(M_FATAL, 0, _("Bad Hello command from Director at %s. Len=%d.\n"),
             bs->who, bs->msglen);
@@ -65,7 +58,7 @@ static int authenticate(int rcode, BSOCK *bs, JCR* jcr)
    if (sscanf(bs->msg, "Hello Director %s calling\n", dirname) != 1) {
       free_pool_memory(dirname);
       bs->msg[100] = 0;
-      Dmsg2(50, _("Bad Hello command from Director at %s: %s\n"),
+      Dmsg2(50, "Bad Hello command from Director at %s: %s\n",
             bs->who, bs->msg);
       Emsg2(M_FATAL, 0, _("Bad Hello command from Director at %s: %s\n"),
             bs->who, bs->msg);
@@ -79,7 +72,7 @@ static int authenticate(int rcode, BSOCK *bs, JCR* jcr)
    }
    UnlockRes();
    if (!director) {
-      Dmsg2(50, _("Connection from unknown Director %s at %s rejected.\n"),
+      Dmsg2(50, "Connection from unknown Director %s at %s rejected.\n",
             dirname, bs->who);
       Emsg2(M_FATAL, 0, _("Connection from unknown Director %s at %s rejected.\n"
        "Please see http://www.bacula.org/rel-manual/faq.html#AuthorizationErrors for help.\n"),
@@ -88,20 +81,20 @@ static int authenticate(int rcode, BSOCK *bs, JCR* jcr)
       return 0;
    }
 
-#ifdef HAVE_TLS
-   /* TLS Requirement */
-   if (director->tls_enable) {
-      if (director->tls_require) {
-         tls_local_need = BNET_TLS_REQUIRED;
-      } else {
-         tls_local_need = BNET_TLS_OK;
+   if (have_tls) {
+      /* TLS Requirement */
+      if (director->tls_enable) {
+         if (director->tls_require) {
+            tls_local_need = BNET_TLS_REQUIRED;
+         } else {
+            tls_local_need = BNET_TLS_OK;
+         }
       }
-   }
 
-   if (director->tls_verify_peer) {
-      verify_list = director->tls_allowed_cns;
+      if (director->tls_verify_peer) {
+         verify_list = director->tls_allowed_cns;
+      }
    }
-#endif /* HAVE_TLS */
 
    btimer_t *tid = start_bsock_timer(bs, AUTH_TIMEOUT);
    auth_success = cram_md5_auth(bs, director->password, tls_local_need);
@@ -136,16 +129,16 @@ static int authenticate(int rcode, BSOCK *bs, JCR* jcr)
       goto auth_fatal;
    }
 
-#ifdef HAVE_TLS
-   if (tls_local_need >= BNET_TLS_OK && tls_remote_need >= BNET_TLS_OK) {
-      /* Engage TLS! Full Speed Ahead! */
-      if (!bnet_tls_server(director->tls_ctx, bs, verify_list)) {
-         Emsg0(M_FATAL, 0, "TLS negotiation failed.\n");
-         director = NULL;
-         goto auth_fatal;
+   if (have_tls) {
+      if (tls_local_need >= BNET_TLS_OK && tls_remote_need >= BNET_TLS_OK) {
+         /* Engage TLS! Full Speed Ahead! */
+         if (!bnet_tls_server(director->tls_ctx, bs, verify_list)) {
+            Emsg0(M_FATAL, 0, _("TLS negotiation failed.\n"));
+            director = NULL;
+            goto auth_fatal;
+         }
       }
    }
-#endif /* HAVE_TLS */
 
 auth_fatal:
    stop_bsock_timer(tid);
@@ -236,7 +229,7 @@ int authenticate_storagedaemon(JCR *jcr)
    if (tls_local_need >= BNET_TLS_OK && tls_remote_need >= BNET_TLS_OK) {
       /* Engage TLS! Full Speed Ahead! */
       if (!bnet_tls_client(me->tls_ctx, sd)) {
-         Jmsg(jcr, M_FATAL, 0, "TLS negotiation failed.\n");
+         Jmsg(jcr, M_FATAL, 0, _("TLS negotiation failed.\n"));
          auth_success = false;
          goto auth_fatal;
       }