auth: Fail authentication if certificate username was unexpectedly missing

diff --git a/src/auth/auth-request-handler.c b/src/auth/auth-request-handler.c
index ae7b458c9c821d29f105eb100ac0e2bf568d3e7e..318f150316c0f0f8349ee6127a8a4e8297cafbff 100644 (file)
--- a/src/auth/auth-request-handler.c
+++ b/src/auth/auth-request-handler.c
@@ -581,6 +581,14 @@ bool auth_request_handler_auth_begin(struct auth_request_handler *handler,
                return TRUE;
        }
 
+        if (request->set->ssl_require_client_cert &&
+            request->set->ssl_username_from_cert &&
+            !request->cert_username) {
+                 auth_request_handler_auth_fail(handler, request,
+                        "SSL certificate didn't contain username");
+                return TRUE;
+        }
+
        /* Handle initial respose */
        if (initial_resp == NULL) {
                /* No initial response */