generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Prevent KSSL server from requesting a client certificate.

Browse Source 
Submitted by Jeffrey Altman <jaltman@columbia.edu>
This commit is contained in:
Richard Levitte
2001-07-12 16:17:33 +00:00
parent 131645ecce
commit 45442167b0
3 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ssl/s3_srvr.c
View File

@@ -311,7 +311,9 @@ int ssl3_accept(SSL *s)
((s->s3->tmp.new_cipher->algorithms & SSL_aNULL) &&
/* ... except when the application insists on verification
* (against the specs, but s3_clnt.c accepts this for SSL 3) */
!(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)))
!(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
/* never request cert in Kerberos ciphersuites */
(s->s3->tmp.new_cipher->algorithms & SSL_aKRB5))
{
/* no cert request */
skip=1;