diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-09-23 16:01:07 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-09-23 16:01:09 +0200 |
commit | ae9acc56be22f25daab9081fb5ab5d3247c4175f (patch) | |
tree | 81053621dfec43b87f336258173aa328599b1455 /lib | |
parent | 8f4dcf8efe02096a782f24e202d5faed60ec94ce (diff) | |
download | gnutls-ae9acc56be22f25daab9081fb5ab5d3247c4175f.tar.gz |
Only send the status request extension on cert authentication
That is, do not both asking for it, or replying to it, if we are
not using any certificates.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/ext/status_request.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/ext/status_request.c b/lib/ext/status_request.c index b6bf7d2fe9..01d0266151 100644 --- a/lib/ext/status_request.c +++ b/lib/ext/status_request.c @@ -216,6 +216,11 @@ _gnutls_status_request_send_params(gnutls_session_t session, status_request_ext_st *priv; int ret; + /* Do not bother sending the OCSP status request extension + * if we are not using certificate authentication */ + if (_gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE) == NULL) + return 0; + ret = _gnutls_ext_get_session_data(session, GNUTLS_EXTENSION_STATUS_REQUEST, &epriv); |