When initiating the TLS connection use tls_server.

Conflicts: src/filed/authenticate.c
bareos · Feb 20, 2015 · 67ba3e3 · 67ba3e3
1 parent 502145b
commit 67ba3e3
Showing 1 changed file with 11 additions and 8 deletions.
diff --git a/src/filed/authenticate.c b/src/filed/authenticate.c
@@ -327,16 +327,19 @@ static inline bool two_way_authenticate(BSOCK *bs, JCR *jcr, bool initiate, cons
        */
       if (initiate) {
          verify_list = me->tls_allowed_cns;
+         if (!bnet_tls_server(me->tls_ctx, bs, verify_list)) {
+            Jmsg(jcr, M_FATAL, 0, _("TLS negotiation failed.\n"));
+            auth_success = false;
+            goto auth_fatal;
+         }
+      } else {
+         if (!bnet_tls_client(me->tls_ctx, bs, verify_list)) {
+            Jmsg(jcr, M_FATAL, 0, _("TLS negotiation failed.\n"));
+            auth_success = false;
+            goto auth_fatal;
+         }
       }
 
-      /*
-       * Engage TLS! Full Speed Ahead!
-       */
-      if (!bnet_tls_client(me->tls_ctx, bs, verify_list)) {
-         Jmsg(jcr, M_FATAL, 0, _("TLS negotiation failed.\n"));
-         auth_success = false;
-         goto auth_fatal;
-      }
       if (me->tls_authenticate) {           /* tls authentication only? */
          bs->free_tls();                    /* yes, shutdown tls */
       }