X-Git-Url: http://git.code-monkey.de/?a=blobdiff_plain;f=src%2Fssl.c;h=e413db6de7b0afb6906b9f5f280d3f17159ff0ff;hb=947de6a51fb26ad72ddf4216635947dcd05b5584;hp=d337e443c26875f0cb41e48acda3e02a8cc83b71;hpb=4e6c6844e928215651d0cb7691a28755f2045efa;p=umurmur.git

diff --git a/src/ssl.c b/src/ssl.c
index d337e44..e413db6 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -80,6 +80,7 @@ char *my_dhm_P =
 	"DEF409C08E8AC24D1732A6128D2220DC53";
 char *my_dhm_G = "4";
 
+#ifdef USE_POLARSSL_TESTCERT
 static void initTestCert()
 {
 	int rc;
@@ -99,6 +100,7 @@ static void initTestKey()
 	if (rc != 0)
 		Log_fatal("Could not parse built-in test RSA key");
 }
+#endif
 
 /*
  * How to generate a self-signed cert with openssl:
@@ -111,14 +113,22 @@ static void initCert()
 	char *crtfile = (char *)getStrConf(CERTIFICATE);
 	
 	if (crtfile == NULL) {
-		Log_warn("No certificate file specified");
+#ifdef USE_POLARSSL_TESTCERT
+		Log_warn("No certificate file specified. Falling back to test certificate.");
 		initTestCert();
+#else
+		Log_fatal("No certificate file specified");
+#endif
 		return;
 	}
 	rc = x509parse_crtfile(&certificate, crtfile);
 	if (rc != 0) {
-		Log_warn("Could not read certificate file %s", crtfile);
+#ifdef USE_POLARSSL_TESTCERT
+		Log_warn("Could not read certificate file '%s'. Falling back to test certificate.", crtfile);
 		initTestCert();
+#else
+		Log_fatal("Could not read certificate file '%s'", crtfile);
+#endif
 		return;
 	}
 }
@@ -147,13 +157,17 @@ void SSLi_init(void)
 	char verstring[12];
 	
 	initCert();
+#ifdef USE_POLARSSL_TESTCERT
 	if (builtInTestCertificate) {
 		Log_warn("*** Using built-in test certificate and RSA key ***");
-		Log_warn("*** This is not secure! Please use a CA-signed certificate or create a self-signed certificate ***");
+		Log_warn("*** This is not secure! Please use a CA-signed certificate or create a key and self-signed certificate ***");
 		initTestKey();
 	}
 	else
 		initKey();
+#else
+	initKey();
+#endif
     havege_init(&hs);
     
 #ifdef POLARSSL_VERSION_MAJOR