CA-83270: fix incompatible changes with XOP-229.

Signed-off-by: Jerome Maloberti <jerome.maloberti@citrix.com>
robhoes · Mar 21, 2013 · 2a13ba9 · 2a13ba9
1 parent d6b603b
commit 2a13ba9
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 5 deletions.
diff --git a/http-svr/xmlrpc_client.ml b/http-svr/xmlrpc_client.ml
@@ -96,10 +96,11 @@ let get_new_stunnel_id =
 
 (** Returns an stunnel, either from the persistent cache or a fresh one which
     has been checked out and guaranteed to work. *)
-let get_reusable_stunnel ?use_fork_exec_helper ?write_to_log host port verify_cert =
+let get_reusable_stunnel ?use_fork_exec_helper ?write_to_log host port ?verify_cert =
   let start_time = Unix.gettimeofday () in
   let found = ref None in
   (* 1. First check if there is a suitable stunnel in the cache. *)
+  let verify_cert = Stunnel.must_verify_cert verify_cert in
   begin
     try
       while !found = None do
@@ -213,7 +214,7 @@ let with_transport transport f = match transport with
 		task_id = task_id}, host, port) ->
 		let st_proc =
 			if use_stunnel_cache
-			then get_reusable_stunnel ~use_fork_exec_helper ~write_to_log host port verify_cert
+			then get_reusable_stunnel ~use_fork_exec_helper ~write_to_log host port ?verify_cert
 			else
 				let unique_id = get_new_stunnel_id () in
 				Stunnel.connect ~use_fork_exec_helper ~write_to_log ~unique_id ?verify_cert ~extended_diagnosis:true host port in

diff --git a/stunnel/stunnel.ml b/stunnel/stunnel.ml
@@ -254,6 +254,11 @@ let rec retry f = function
 	ignore(Unix.select [] [] [] 3.);
 	retry f (n - 1)
 
+let must_verify_cert verify_cert =
+  match verify_cert with
+  | Some x -> x
+  | None -> Sys.file_exists verify_certificates_ctrl
+
 (** Establish a fresh stunnel to a (host, port)
     @param extended_diagnosis If true, the stunnel log file will not be
     deleted.  Instead, it is the caller's responsibility to delete it.  This
@@ -266,9 +271,7 @@ let connect
 		?(extended_diagnosis=false)
 		host
 		port = 
-	let _verify_cert = match verify_cert with
-		| Some x -> x
-		| None -> Sys.file_exists verify_certificates_ctrl in
+	let _verify_cert = must_verify_cert verify_cert in
   let _ = match write_to_log with 
     | Some logger -> stunnel_logger := logger
     | None -> () in

diff --git a/stunnel/stunnel.mli b/stunnel/stunnel.mli
@@ -56,3 +56,5 @@ val disconnect : ?wait:bool -> ?force:bool -> t -> unit
 val diagnose_failure : t -> unit
 
 val test : string -> int -> unit
+
+val must_verify_cert : bool option -> bool