ITS#4354 only set DH callback if OPT_DHFILE has been set.

author Howard Chu <hyc@openldap.org>

Thu, 19 Jan 2006 18:12:15 +0000 (18:12 +0000)

committer Howard Chu <hyc@openldap.org>

Thu, 19 Jan 2006 18:12:15 +0000 (18:12 +0000)
author Howard Chu <hyc@openldap.org>
Thu, 19 Jan 2006 18:12:15 +0000 (18:12 +0000)
committer Howard Chu <hyc@openldap.org>
Thu, 19 Jan 2006 18:12:15 +0000 (18:12 +0000)
diff --git a/libraries/libldap/tls.c b/libraries/libldap/tls.c

index 6739599db6f123f2ecaf5f9cfac0f5880baeebbf..7bf45805c8a45b30c88be21c1423cb6a5dafb8fb 100644 (file)
--- a/libraries/libldap/tls.c
+++ b/libraries/libldap/tls.c
@@ -382,7 +382,9 @@ ldap_pvt_tls_init_def_ctx( int is_server )
                         tls_opt_require_cert == LDAP_OPT_X_TLS_ALLOW ?
                         tls_verify_ok : tls_verify_cb );
                 SSL_CTX_set_tmp_rsa_callback( tls_def_ctx, tls_tmp_rsa_cb );
-               SSL_CTX_set_tmp_dh_callback( tls_def_ctx, tls_tmp_dh_cb );
+               if ( tls_opt_dhfile ) {
+                       SSL_CTX_set_tmp_dh_callback( tls_def_ctx, tls_tmp_dh_cb );
+               }
  #ifdef HAVE_OPENSSL_CRL
                 if ( tls_opt_crlcheck ) {
                         X509_STORE *x509_s = SSL_CTX_get_cert_store( tls_def_ctx );
author	Howard Chu <hyc@openldap.org>
	Thu, 19 Jan 2006 18:12:15 +0000 (18:12 +0000)
committer	Howard Chu <hyc@openldap.org>
	Thu, 19 Jan 2006 18:12:15 +0000 (18:12 +0000)