From: Nikos Mavrogiannopoulos Date: Sat, 18 Feb 2012 11:42:49 +0000 (+0100) Subject: do not try to verify certificates when not needed. X-Git-Tag: gnutls_3_0_13~9 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=dcfa2518a99309dd7003948167bdae512cfaf162;p=thirdparty%2Fgnutls.git do not try to verify certificates when not needed. --- diff --git a/src/serv.c b/src/serv.c index 33b0fe9fec..e3a62e17cf 100644 --- a/src/serv.c +++ b/src/serv.c @@ -1308,7 +1308,8 @@ static void tcp_server(const char* name, int port) &client_address, calen, topbuf, sizeof (topbuf))); print_info (j->tls_session, verbose); - cert_verify(j->tls_session, NULL); + if (gnutls_auth_get_type (j->tls_session) == GNUTLS_CRD_CERTIFICATE) + cert_verify(j->tls_session, NULL); } j->handshake_ok = 1; } @@ -1432,7 +1433,8 @@ static void tcp_server(const char* name, int port) sizeof (topbuf))); print_info (j->tls_session, verbose); - cert_verify(j->tls_session, NULL); + if (gnutls_auth_get_type (j->tls_session) == GNUTLS_CRD_CERTIFICATE) + cert_verify(j->tls_session, NULL); } j->handshake_ok = 1; }