[06/13] libnsdb: nsdb_start_tls() should always get a certfile argument

Message ID 20130108172758.65133.3394.stgit@seurat.1015granger.net
State Accepted
Headers show

Commit Message

Chuck Lever Jan. 8, 2013, 5:27 p.m.
nsdb_start_tls() is called only when FEDFS_SEC_TLS is set for an
NSDB.  It doesn't make sense to return success if no certfile is
passed to it: it should be a failure, since the connection to the
NSDB is not secured if there is no certificate to use.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>

 src/libnsdb/ldap.c |    8 ++------
 1 files changed, 2 insertions(+), 6 deletions(-)


diff --git a/src/libnsdb/ldap.c b/src/libnsdb/ldap.c
index 5436a1e..5916c19 100644
--- a/src/libnsdb/ldap.c
+++ b/src/libnsdb/ldap.c
@@ -564,10 +564,6 @@  nsdb_bind(LDAP *ld, const char *binddn, const char *passwd,
  * @param certfile NUL-terminated C string containing pathname of X.509 cert file
  * @param ldap_err OUT: possibly an LDAP error code
  * @return a FedFsStatus code
- *
- * If "certfile" is not NULL, then the certfile contents are used to
- * authenticate the server, and TLS must be started and operating
- * before this function returns true.
 nsdb_start_tls(LDAP *ld, const char *certfile, unsigned int *ldap_err)
@@ -575,9 +571,9 @@  nsdb_start_tls(LDAP *ld, const char *certfile, unsigned int *ldap_err)
 	int value, rc;
 	char *uri;
-	/* Nothing to do if no certfile was provided */
 	if (certfile == NULL)
-		return FEDFS_OK;
+		return FEDFS_ERR_INVAL;
+	xlog(D_CALL, "%s: Using certfile %s", __func__, certfile);
 	rc = ldap_set_option(ld, LDAP_OPT_X_TLS_CERTFILE, certfile);
 	if (rc != LDAP_OPT_SUCCESS) {