From: Howard Chu <hyc@openldap.org>
Date: Thu, 19 Jan 2006 18:12:15 +0000 (+0000)
Subject: ITS#4354 only set DH callback if OPT_DHFILE has been set.
X-Git-Tag: OPENLDAP_REL_ENG_2_4_BP~286
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=fb4cba514d468883e36725898ce7399e0bb975f8;p=openldap

ITS#4354 only set DH callback if OPT_DHFILE has been set.
---

diff --git a/libraries/libldap/tls.c b/libraries/libldap/tls.c
index 6739599db6..7bf45805c8 100644
--- a/libraries/libldap/tls.c
+++ b/libraries/libldap/tls.c
@@ -382,7 +382,9 @@ ldap_pvt_tls_init_def_ctx( int is_server )
 			tls_opt_require_cert == LDAP_OPT_X_TLS_ALLOW ?
 			tls_verify_ok : tls_verify_cb );
 		SSL_CTX_set_tmp_rsa_callback( tls_def_ctx, tls_tmp_rsa_cb );
-		SSL_CTX_set_tmp_dh_callback( tls_def_ctx, tls_tmp_dh_cb );
+		if ( tls_opt_dhfile ) {
+			SSL_CTX_set_tmp_dh_callback( tls_def_ctx, tls_tmp_dh_cb );
+		}
 #ifdef HAVE_OPENSSL_CRL
 		if ( tls_opt_crlcheck ) {
 			X509_STORE *x509_s = SSL_CTX_get_cert_store( tls_def_ctx );