From: Howard Chu <hyc@openldap.org>
Date: Sat, 7 Sep 2013 13:31:58 +0000 (-0700)
Subject: ITS#7506 cleanup prev commit
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=a72d1ffe0fcb792e3e474402eec13d1ff936b969;p=openldap

ITS#7506 cleanup prev commit
---

diff --git a/libraries/libldap/tls_g.c b/libraries/libldap/tls_g.c
index 969960e9c4..60e592f2f2 100644
--- a/libraries/libldap/tls_g.c
+++ b/libraries/libldap/tls_g.c
@@ -406,7 +406,7 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
 		rc = 0;
 	}
 
-	/* FIXME: ITS#5992 - this should go be configurable,
+	/* FIXME: ITS#5992 - this should be configurable,
 	 * and V1 CA certs should be phased out ASAP.
 	 */
 	gnutls_certificate_set_verify_flags( ctx->cred,
@@ -416,13 +416,10 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
 		gnutls_datum_t buf;
 		rc = tlsg_getfile( lo->ldo_tls_dhfile, &buf );
 		if ( rc ) return -1;
-		rc = gnutls_dh_params_init(&ctx->dh_params);
-		if ( rc ) {
-			LDAP_FREE( buf.data );
-			return -1;
-		}
-		rc = gnutls_dh_params_import_pkcs3( ctx->dh_params, &buf,
-			GNUTLS_X509_FMT_PEM );
+		rc = gnutls_dh_params_init( &ctx->dh_params );
+		if ( rc == 0 )
+			rc = gnutls_dh_params_import_pkcs3( ctx->dh_params, &buf,
+				GNUTLS_X509_FMT_PEM );
 		LDAP_FREE( buf.data );
 		if ( rc ) return -1;
 		gnutls_certificate_set_dh_params( ctx->cred, ctx->dh_params );