From 0ea43c9d7d2fbf08b2078931bebfcaf443230878 Mon Sep 17 00:00:00 2001
From: Kurt Zeilenga <kurt@openldap.org>
Date: Wed, 12 Oct 2005 20:31:04 +0000
Subject: [PATCH] Assume TLS is properly configured if any one of keyfile,
 certfile, cacertfile, or cacertdir is provided.  Note that TLS can be
 properly configured without any of these when non-X.509 cipher suites are
 used, so this might have be rethought.

---
 libraries/libldap/tls.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/libraries/libldap/tls.c b/libraries/libldap/tls.c
index 093d3360ef..6774fed54d 100644
--- a/libraries/libldap/tls.c
+++ b/libraries/libldap/tls.c
@@ -206,8 +206,11 @@ ldap_pvt_tls_init_def_ctx( void )
 #ifdef LDAP_R_COMPILE
 	ldap_pvt_thread_mutex_lock( &tls_def_ctx_mutex );
 #endif
-	if (( !cacertfile && !cacertdir ) || !certfile || !keyfile )
+
+	if ( !certfile && !keyfile && !cacertfile && !cacertdir ) {
+		/* minimum configuration not provided */
 		return LDAP_NOT_SUPPORTED;
+	}
 
 #ifdef HAVE_EBCDIC
 	/* This ASCII/EBCDIC handling is a real pain! */
-- 
2.39.5