- Do not bail out if no client certificate specified. Try to negotiate anonymous connection (Fixes ticket #12)

2025-10-30 19:20:40 -04:00 · 2011-02-20 13:49:27 +00:00 · 2011-02-20 13:49:27 +00:00 · e2a39cc0fa
commit e2a39cc0fa
parent 9e7606fcd8
2 changed files with 6 additions and 2 deletions
--- a/6
+++ b/6
@ -16,9 +16,13 @@ Bugfixes
   * Corrected parsing of UTCTime dates before 1990 and
     after 1950
   * Support more exotic OID's when parsing certificates
+   	 (found by Mads Kiilerich)
   * Support more exotic name representations when parsing
-     certificates
+     certificates (found by Mads Kiilerich)
   * Replaced the expired test certificates
+   * Do not bail out if no client certificate specified. Try
+     to negotiate anonymous connection (Fixes ticket #12,
+	 found by Boris Krasnovskiy)

 = Version 0.99-pre1 released on 2011-01-30
 Features
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@ -630,7 +630,7 @@ static int ssl_write_certificate_verify( ssl_context *ssl )

    SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) );

-    if( ssl->client_auth == 0 )
+    if( ssl->client_auth == 0 || ssl->own_cert == NULL )
    {
        SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
        ssl->state++;