diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-02-10 11:52:21 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-02-10 11:52:21 +0100 |
commit | 6229a47d612bfcf556494c7c968b1745d5903eae (patch) | |
tree | 5906acfe61a2fe36ac5fb2566803843f49c65fd5 | |
parent | 1444c78274efe982be18263fbbc8bfbb5e1a63c6 (diff) | |
download | gnutls-6229a47d612bfcf556494c7c968b1745d5903eae.tar.gz |
In client side the verify callback is always being called.
-rw-r--r-- | lib/gnutls_handshake.c | 3 | ||||
-rw-r--r-- | tests/mini-x509-callbacks.c | 1 |
2 files changed, 3 insertions, 1 deletions
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 5bc7d70815..ddd80272d7 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -2498,7 +2498,8 @@ static int run_verify_callback(gnutls_session_t session, unsigned int side) return 0; if (cred != NULL && cred->verify_callback != NULL && - session->internals.send_cert_req != GNUTLS_CERT_IGNORE) + (session->security_parameters.entity == GNUTLS_CLIENT || + session->internals.send_cert_req != GNUTLS_CERT_IGNORE)) { ret = cred->verify_callback (session); if (ret < -1) diff --git a/tests/mini-x509-callbacks.c b/tests/mini-x509-callbacks.c index 9c7a748bec..7671d0b722 100644 --- a/tests/mini-x509-callbacks.c +++ b/tests/mini-x509-callbacks.c @@ -135,6 +135,7 @@ void doit(void) gnutls_transport_set_pull_function (server, server_pull); gnutls_transport_set_ptr (server, (gnutls_transport_ptr_t)server); gnutls_certificate_set_verify_function (serverx509cred, server_callback); + gnutls_certificate_server_set_request (server, GNUTLS_CERT_REQUEST); gnutls_handshake_set_post_client_hello_function (server, post_client_hello_callback); /* Init client */ |