tls: Support a null encryption flag on TLS socket abstraction

author: Martin Willi <martin@revosec.ch> 2014-03-25 10:19:41 +0100
committer: Martin Willi <martin@revosec.ch> 2014-04-01 14:28:55 +0200
commit: 5313880261fe271ac5b334ccacf92d6253efaf3d (patch)
tree: 89c5c3130a29b9a5d2b6d7c4b062ea97a62c3530 /src/libtls/tls_socket.c
parent: ddf5222096321580dd307adcb2d61cbfbb96f463 (diff)
download: strongswan-5313880261fe271ac5b334ccacf92d6253efaf3d.tar.bz2
strongswan-5313880261fe271ac5b334ccacf92d6253efaf3d.tar.xz
1 files changed, 13 insertions, 2 deletions
diff --git a/src/libtls/tls_socket.c b/src/libtls/tls_socket.c
index 19232750b..4b18fa60e 100644
--- a/src/libtls/tls_socket.c
+++ b/src/libtls/tls_socket.c
@@ -406,9 +406,11 @@ METHOD(tls_socket_t, destroy, void,
  * See header
  */
 tls_socket_t *tls_socket_create(bool is_server, identification_t *server,
-							identification_t *peer, int fd, tls_cache_t *cache)
+							identification_t *peer, int fd, tls_cache_t *cache,
+							bool nullok)
 {
 	private_tls_socket_t *this;
+	tls_purpose_t purpose;
 
 	INIT(this,
 		.public = {
@@ -430,7 +432,16 @@ tls_socket_t *tls_socket_create(bool is_server, identification_t *server,
 		.fd = fd,
 	);
 
-	this->tls = tls_create(is_server, server, peer, TLS_PURPOSE_GENERIC,
+	if (nullok)
+	{
+		purpose = TLS_PURPOSE_GENERIC_NULLOK;
+	}
+	else
+	{
+		purpose = TLS_PURPOSE_GENERIC;
+	}
+
+	this->tls = tls_create(is_server, server, peer, purpose,
 						   &this->app.application, cache);
 	if (!this->tls)
 	{
author	Martin Willi <martin@revosec.ch>	2014-03-25 10:19:41 +0100
committer	Martin Willi <martin@revosec.ch>	2014-04-01 14:28:55 +0200
commit	5313880261fe271ac5b334ccacf92d6253efaf3d (patch)
tree	89c5c3130a29b9a5d2b6d7c4b062ea97a62c3530 /src/libtls/tls_socket.c
parent	ddf5222096321580dd307adcb2d61cbfbb96f463 (diff)
download	strongswan-5313880261fe271ac5b334ccacf92d6253efaf3d.tar.bz2 strongswan-5313880261fe271ac5b334ccacf92d6253efaf3d.tar.xz