From 3b39aa16e48da0eeefc36faae695b8f1e0cbf5be Mon Sep 17 00:00:00 2001 From: Ben Kibbey Date: Sun, 11 Nov 2012 12:33:58 -0500 Subject: [PATCH] Fix TLS connections. --- src/pwmd.c | 12 +++++++----- src/rcfile.c | 4 ++-- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/src/pwmd.c b/src/pwmd.c index af82c698..c526fd9a 100644 --- a/src/pwmd.c +++ b/src/pwmd.c @@ -1211,18 +1211,20 @@ static int start_stop_tls_with_protocol(int ipv6, int term) } for (n = 0, p = servinfo; p != NULL; p = p->ai_next) { + int r = 1; + if ((ipv6 && p->ai_family != AF_INET6) - || (!ipv6 && p->ai_family != AF_INET)) + || (!ipv6 && p->ai_family != AF_INET)) continue; if ((*fd = socket(p->ai_family, p->ai_socktype, - p->ai_protocol)) == -1) { + p->ai_protocol)) == -1) { log_write("socket(): %s", strerror(errno)); continue; } - if (setsockopt(*fd, SOL_SOCKET, SO_REUSEADDR, &n, - sizeof(int)) == -1) { + if (setsockopt(*fd, SOL_SOCKET, SO_REUSEADDR, &r, + sizeof(int)) == -1) { log_write("setsockopt(): %s", strerror(errno)); freeaddrinfo(servinfo); goto fail; @@ -1247,7 +1249,7 @@ static int start_stop_tls_with_protocol(int ipv6, int term) #ifdef HAVE_DECL_SO_BINDTODEVICE char *tmp = config_get_string("global", "tcp_interface"); - if (setsockopt(*fd, SOL_SOCKET, SO_BINDTODEVICE, tmp, 1) == -1) { + if (tmp && setsockopt(*fd, SOL_SOCKET, SO_BINDTODEVICE, tmp, 1) == -1) { log_write("setsockopt(): %s", strerror(errno)); xfree(tmp); goto fail; diff --git a/src/rcfile.c b/src/rcfile.c index 40a64165..2deaca0e 100644 --- a/src/rcfile.c +++ b/src/rcfile.c @@ -91,8 +91,8 @@ static struct config_params_s { { "tcp_wait", PARAM_INT, "0" }, { "tcp_bind", PARAM_CHARP, "any" }, { "tls_cipher_suite", PARAM_CHARP, "SECURE256" }, - { "tls_use_crl", PARAM_BOOL, "1" }, - { "tls_access", PARAM_CHARP, NULL }, + { "tls_use_crl", PARAM_BOOL, "0" }, + { "tls_access", PARAM_CHARPP, NULL }, #endif { NULL, 0, NULL }, }; -- 2.11.4.GIT