diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-06-27 11:01:08 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-08-10 17:13:46 +0200 |
| commit | 259d1252b9da852363b62efb671d6f57b3d5415c (patch) | |
| tree | 8777f7a394a2b89a4577a559d83d5117afaa3b17 /src/serv.c | |
| parent | c24a68e4f79a411d2936fd591628bf55c70d9e3b (diff) | |
| download | gnutls-259d1252b9da852363b62efb671d6f57b3d5415c.tar.gz | |
gnutls-serv: --require-client-cert no longer implies --verify-client-cert
That is, it is now possible to require a client certificate without
verifying it.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'src/serv.c')
| -rw-r--r-- | src/serv.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/serv.c b/src/serv.c index c0937b6f7e..c6c2e18bf8 100644 --- a/src/serv.c +++ b/src/serv.c @@ -270,7 +270,7 @@ int ret; if (!require_cert && gnutls_certificate_get_peers(session, &size) == NULL) return 0; - if (require_cert || ENABLED_OPT(VERIFY_CLIENT_CERT)) { + if (ENABLED_OPT(VERIFY_CLIENT_CERT)) { if (cert_verify(session, NULL, NULL) == 0) { do { ret = gnutls_alert_send(session, GNUTLS_AL_FATAL, GNUTLS_A_ACCESS_DENIED); |