mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-21 03:10:25 +08:00
ITS#4354 only set DH callback if OPT_DHFILE has been set.
This commit is contained in:
parent
7b5716ae9b
commit
fb4cba514d
@ -382,7 +382,9 @@ ldap_pvt_tls_init_def_ctx( int is_server )
|
|||||||
tls_opt_require_cert == LDAP_OPT_X_TLS_ALLOW ?
|
tls_opt_require_cert == LDAP_OPT_X_TLS_ALLOW ?
|
||||||
tls_verify_ok : tls_verify_cb );
|
tls_verify_ok : tls_verify_cb );
|
||||||
SSL_CTX_set_tmp_rsa_callback( tls_def_ctx, tls_tmp_rsa_cb );
|
SSL_CTX_set_tmp_rsa_callback( tls_def_ctx, tls_tmp_rsa_cb );
|
||||||
|
if ( tls_opt_dhfile ) {
|
||||||
SSL_CTX_set_tmp_dh_callback( tls_def_ctx, tls_tmp_dh_cb );
|
SSL_CTX_set_tmp_dh_callback( tls_def_ctx, tls_tmp_dh_cb );
|
||||||
|
}
|
||||||
#ifdef HAVE_OPENSSL_CRL
|
#ifdef HAVE_OPENSSL_CRL
|
||||||
if ( tls_opt_crlcheck ) {
|
if ( tls_opt_crlcheck ) {
|
||||||
X509_STORE *x509_s = SSL_CTX_get_cert_store( tls_def_ctx );
|
X509_STORE *x509_s = SSL_CTX_get_cert_store( tls_def_ctx );
|
||||||
|
Loading…
Reference in New Issue
Block a user