Don't print out certificate messages if there are no certificates

diff --git a/src/lib/curl/base.c b/src/lib/curl/base.c
index d8d27abaa9c9a31c12acaae741de5dac436a19f3..a8767303181cc93aa7e28c8edd4e437de937994d 100644 (file)
--- a/src/lib/curl/base.c
+++ b/src/lib/curl/base.c
@@ -117,6 +117,7 @@ int fr_curl_response_certinfo(request_t *request, fr_curl_io_request_t *randle)
        char                    buffer[265];
        char                    *p , *q;
        fr_pair_list_t          cert_vps;
+
        /*
         *      Examples and documentation show cert_info being
         *      a struct curl_certinfo *, but CPP checks require
@@ -139,6 +140,13 @@ int fr_curl_response_certinfo(request_t *request, fr_curl_io_request_t *randle)
                return -1;
        }
 
+       /*
+        *      There doesn't seem to be any way to determine if
+        *      the session uses ssl or not, so if no certs are
+        *      returned, we assume it's not an ssl session.
+        */
+       if (ptr.to_certinfo->num_of_certs == 0) return 0;
+
        RDEBUG2("Chain has %i certificate(s)", ptr.to_certinfo->num_of_certs);
        for (i = 0; i < ptr.to_certinfo->num_of_certs; i++) {
                struct curl_slist *cert_attrs;