]> git.sur5r.net Git - openldap/commitdiff
projects / openldap / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8307edf)
ITS#7506 cleanup prev commit
authorHoward Chu <hyc@openldap.org>
Sat, 7 Sep 2013 13:31:58 +0000 (06:31 -0700)
committerQuanah Gibson-Mount <quanah@openldap.org>
Wed, 10 Feb 2016 23:37:01 +0000 (17:37 -0600)
libraries/libldap/tls_g.c patch | blob | history

diff --git a/libraries/libldap/tls_g.c b/libraries/libldap/tls_g.c
index f6d3697bad46368eb918da93b1307a6714b52f5a..d9902ee1cb2641923e8a87fd6ed4e07f92d5a8cd 100644 (file)
--- a/libraries/libldap/tls_g.c
+++ b/libraries/libldap/tls_g.c
@@ -300,7 +300,7 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
                rc = 0;
        }
 
-       /* FIXME: ITS#5992 - this should go be configurable,
+       /* FIXME: ITS#5992 - this should be configurable,
         * and V1 CA certs should be phased out ASAP.
         */
        gnutls_certificate_set_verify_flags( ctx->cred,
@@ -310,13 +310,10 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
                gnutls_datum_t buf;
                rc = tlsg_getfile( lo->ldo_tls_dhfile, &buf );
                if ( rc ) return -1;
-               rc = gnutls_dh_params_init(&ctx->dh_params);
-               if ( rc ) {
-                       LDAP_FREE( buf.data );
-                       return -1;
-               }
-               rc = gnutls_dh_params_import_pkcs3( ctx->dh_params, &buf,
-                       GNUTLS_X509_FMT_PEM );
+               rc = gnutls_dh_params_init( &ctx->dh_params );
+               if ( rc == 0 )
+                       rc = gnutls_dh_params_import_pkcs3( ctx->dh_params, &buf,
+                               GNUTLS_X509_FMT_PEM );
                LDAP_FREE( buf.data );
                if ( rc ) return -1;
                gnutls_certificate_set_dh_params( ctx->cred, ctx->dh_params );
Cloned from git://git.openldap.org/openldap.git