From 6f2c29a13cfee0e816499f8aea4076aaee9e2f85 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 19 Jun 2015 13:30:10 +0200 Subject: [PATCH] s4:lib/tls: ignore non-existing ca and crl files in tstream_tls_params_client() Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison --- source4/lib/tls/tls_tstream.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source4/lib/tls/tls_tstream.c b/source4/lib/tls/tls_tstream.c index 5b2329bcc19..113e03ab9dc 100644 --- a/source4/lib/tls/tls_tstream.c +++ b/source4/lib/tls/tls_tstream.c @@ -919,7 +919,7 @@ NTSTATUS tstream_tls_params_client(TALLOC_CTX *mem_ctx, return NT_STATUS_NO_MEMORY; } - if (ca_file && *ca_file) { + if (ca_file && *ca_file && file_exist(ca_file)) { ret = gnutls_certificate_set_x509_trust_file(tlsp->x509_cred, ca_file, GNUTLS_X509_FMT_PEM); @@ -931,7 +931,7 @@ NTSTATUS tstream_tls_params_client(TALLOC_CTX *mem_ctx, } } - if (crl_file && *crl_file) { + if (crl_file && *crl_file && file_exist(crl_file)) { ret = gnutls_certificate_set_x509_crl_file(tlsp->x509_cred, crl_file, GNUTLS_X509_FMT_PEM);