generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix DTLS certificate requesting code.

Browse Source 
Use same logic when determining when to expect a client
certificate for both TLS and DTLS.

PR#3452
This commit is contained in:
Dr. Stephen Henson 2014-07-15 18:21:59 +01:00
parent 199772e534
commit c8d710dc5f
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ssl/d1_srvr.c
View File

@ -616,10 +616,11 @@ int dtls1_accept(SSL *s)
s->state = SSL3_ST_SR_CLNT_HELLO_C; s->state = SSL3_ST_SR_CLNT_HELLO_C;
} }
else { else {
/* could be sent for a DH cert, even if we if (s->s3->tmp.cert_request)
* have not asked for it :-) */ {
ret=ssl3_get_client_certificate(s); ret=ssl3_get_client_certificate(s);
if (ret <= 0) goto end; if (ret <= 0) goto end;
}
s->init_num=0; s->init_num=0;
s->state=SSL3_ST_SR_KEY_EXCH_A; s->state=SSL3_ST_SR_KEY_EXCH_A;
} }