gnutls-cli: when no certificate is sent, notify the user

3 files changed, 10 insertions, 5 deletions

diff --git a/src/cli.c b/src/cli.c
index 1ff9bf69d2..d0e75a2f04 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -1629,7 +1629,7 @@ static int do_handshake(socket_st * socket)
 
 	if (ret == 0) {
 		/* print some information */
-		print_info(socket->session, verbose, 0);
+		print_info(socket->session, verbose, (HAVE_OPT(X509CERTFILE)||HAVE_OPT(PGPCERTFILE))?P_WAIT_FOR_CERT:0);
 		socket->secure = 1;
 	} else {
 		gnutls_alert_send_appropriate(socket->session, ret);
diff --git a/src/common.c b/src/common.c
index a5eb1fae65..066022f00d 100644
--- a/src/common.c
+++ b/src/common.c
@@ -433,7 +433,7 @@ static void print_ecdh_info(gnutls_session_t session, const char *str)
 
 }
 
-int print_info(gnutls_session_t session, int verbose, int print_cert)
+int print_info(gnutls_session_t session, int verbose, int flags)
 {
 	const char *tmp;
 	gnutls_credentials_type_t cred;
@@ -513,8 +513,11 @@ int print_info(gnutls_session_t session, int verbose, int print_cert)
 			}
 		}
 
-		if (print_cert)
-			print_cert_info(session, verbose, print_cert);
+		if ((flags & P_WAIT_FOR_CERT) && gnutls_certificate_get_ours(session) == 0)
+			printf("- No certificate was sent to peer\n");
+
+		if (flags& P_PRINT_CERT)
+			print_cert_info(session, verbose, (flags&P_PRINT_CERT));
 
 		if (kx == GNUTLS_KX_DHE_RSA || kx == GNUTLS_KX_DHE_DSS)
 			print_dh_info(session, "Ephemeral ", verbose);
diff --git a/src/common.h b/src/common.h
index a4076b2a75..4024d5455e 100644
--- a/src/common.h
+++ b/src/common.h
@@ -52,7 +52,9 @@
 
 extern const char str_unknown[];
 
-int print_info(gnutls_session_t state, int verbose, int print_cert);
+#define P_PRINT_CERT 1
+#define P_WAIT_FOR_CERT (1<<1)
+int print_info(gnutls_session_t state, int verbose, int flags);
 void print_cert_info(gnutls_session_t, int flag, int print_cert);
 void print_cert_info_compact(gnutls_session_t session);