- Do not bail out if no client certificate specified. Try to negotiate...

- Do not bail out if no client certificate specified. Try to negotiate anonymous connection (Fixes ticket #12)

- Do not bail out if no client certificate specified. Try to negotiate...
e2a39cc0 · Paul Bakker · 9e7606fc · e2a39cc0 · e2a39cc0
--- a/ChangeLog
+++ b/ChangeLog
@@ -16,9 +16,13 @@ Bugfixes
   * Corrected parsing of UTCTime dates before 1990 and
     after 1950
   * Support more exotic OID's when parsing certificates
+   	 (found by Mads Kiilerich)
   * Support more exotic name representations when parsing
-     certificates
+     certificates (found by Mads Kiilerich)
   * Replaced the expired test certificates
+   * Do not bail out if no client certificate specified. Try
+     to negotiate anonymous connection (Fixes ticket #12,
+	 found by Boris Krasnovskiy)

 = Version 0.99-pre1 released on 2011-01-30
 Features

--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -630,7 +630,7 @@ static int ssl_write_certificate_verify( ssl_context *ssl )

    SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) );

-    if( ssl->client_auth == 0 )
+    if( ssl->client_auth == 0 || ssl->own_cert == NULL )
    {
        SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
        ssl->state++;