]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
do not try to verify certificates when not needed.
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Sat, 18 Feb 2012 11:42:49 +0000 (12:42 +0100)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Sat, 18 Feb 2012 11:42:49 +0000 (12:42 +0100)
src/serv.c

index 33b0fe9fec118e5bd86ad49306b7f38a372db792..e3a62e17cfe27a126e735930c8d197b5a6978d87 100644 (file)
@@ -1308,7 +1308,8 @@ static void tcp_server(const char* name, int port)
                                             &client_address, calen, topbuf,
                                             sizeof (topbuf)));
                         print_info (j->tls_session, verbose);
-                        cert_verify(j->tls_session, NULL);
+                        if (gnutls_auth_get_type (j->tls_session) == GNUTLS_CRD_CERTIFICATE)
+                          cert_verify(j->tls_session, NULL);
                       }
                     j->handshake_ok = 1;
                   }
@@ -1432,7 +1433,8 @@ static void tcp_server(const char* name, int port)
                                             sizeof (topbuf)));
 
                         print_info (j->tls_session, verbose);
-                        cert_verify(j->tls_session, NULL);
+                        if (gnutls_auth_get_type (j->tls_session) == GNUTLS_CRD_CERTIFICATE)
+                          cert_verify(j->tls_session, NULL);
                       }
                     j->handshake_ok = 1;
                   }