Conditionally compile TLS-PSK code (--enable-tls-psk).

Also, allow for PSK-only configuration, i.e. don't barf on missing cert stuff.
author: Linus Nordberg <linus@nordu.net> 2012-04-23 14:44:49 +0200
committer: Linus Nordberg <linus@nordu.net> 2012-04-23 14:44:49 +0200
commit: dcce5a04612c307453519d72f28caceb73fdab2a (patch)
tree: bb872e0fa9fe87556558b1dbfaf528fb10bc485b /lib/rsp_tlscommon.c
parent: 4d61fddb4f7e895b8814e7d18e0276498dca9bdb (diff)
1 files changed, 9 insertions, 8 deletions
diff --git a/lib/rsp_tlscommon.c b/lib/rsp_tlscommon.c
index a34fe33..75aa891 100644
--- a/lib/rsp_tlscommon.c
+++ b/lib/rsp_tlscommon.c
@@ -271,14 +271,15 @@ static SSL_CTX *tlscreatectx(uint8_t type, struct tls *conf) {
 	}
     }
 
-    if (!tlsaddcacrl(ctx, conf)) {
-	if (conf->vpm) {
-	    X509_VERIFY_PARAM_free(conf->vpm);
-	    conf->vpm = NULL;
-	}
-	SSL_CTX_free(ctx);
-	return NULL;
-    }
+    if (conf->cacertfile != NULL || conf->cacertpath != NULL)
+        if (!tlsaddcacrl(ctx, conf)) {
+            if (conf->vpm) {
+                X509_VERIFY_PARAM_free(conf->vpm);
+                conf->vpm = NULL;
+            }
+            SSL_CTX_free(ctx);
+            return NULL;
+        }
 
     debug(DBG_DBG, "tlscreatectx: created TLS context %s", conf->name);
     return ctx;
author	Linus Nordberg <linus@nordu.net>	2012-04-23 14:44:49 +0200
committer	Linus Nordberg <linus@nordu.net>	2012-04-23 14:44:49 +0200
commit	dcce5a04612c307453519d72f28caceb73fdab2a (patch)
tree	bb872e0fa9fe87556558b1dbfaf528fb10bc485b /lib/rsp_tlscommon.c
parent	4d61fddb4f7e895b8814e7d18e0276498dca9bdb (diff)