]> git.sur5r.net Git - openldap/commitdiff
projects / openldap / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 622d13a)
ITS#7506 cleanup prev commit
authorHoward Chu <hyc@openldap.org>
Sat, 7 Sep 2013 13:31:58 +0000 (06:31 -0700)
committerHoward Chu <hyc@openldap.org>
Sat, 7 Sep 2013 13:31:58 +0000 (06:31 -0700)
libraries/libldap/tls_g.c patch | blob | history

diff --git a/libraries/libldap/tls_g.c b/libraries/libldap/tls_g.c
index 969960e9c485975e3c73b045fb416a81f54fe3f1..60e592f2f2997ec1cd27367de84237035eff76cd 100644 (file)
--- a/libraries/libldap/tls_g.c
+++ b/libraries/libldap/tls_g.c
@@ -406,7 +406,7 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
                rc = 0;
        }
 
-       /* FIXME: ITS#5992 - this should go be configurable,
+       /* FIXME: ITS#5992 - this should be configurable,
         * and V1 CA certs should be phased out ASAP.
         */
        gnutls_certificate_set_verify_flags( ctx->cred,
@@ -416,13 +416,10 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
                gnutls_datum_t buf;
                rc = tlsg_getfile( lo->ldo_tls_dhfile, &buf );
                if ( rc ) return -1;
-               rc = gnutls_dh_params_init(&ctx->dh_params);
-               if ( rc ) {
-                       LDAP_FREE( buf.data );
-                       return -1;
-               }
-               rc = gnutls_dh_params_import_pkcs3( ctx->dh_params, &buf,
-                       GNUTLS_X509_FMT_PEM );
+               rc = gnutls_dh_params_init( &ctx->dh_params );
+               if ( rc == 0 )
+                       rc = gnutls_dh_params_import_pkcs3( ctx->dh_params, &buf,
+                               GNUTLS_X509_FMT_PEM );
                LDAP_FREE( buf.data );
                if ( rc ) return -1;
                gnutls_certificate_set_dh_params( ctx->cred, ctx->dh_params );
Cloned from git://git.openldap.org/openldap.git