summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--NEWS4
-rw-r--r--lib/gnutls_state.c31
2 files changed, 21 insertions, 14 deletions
diff --git a/NEWS b/NEWS
index 89d5013ee8..3b134b3392 100644
--- a/NEWS
+++ b/NEWS
@@ -3,6 +3,10 @@ Copyright (C) 2004, 2005, 2006, 2007 Simon Josefsson
Copyright (C) 2000, 2001, 2002, 2003, 2004 Nikos Mavrogiannopoulos
See the end for copying conditions.
+* Version 2.2.1 (unreleased)
+
+** Fix for certificate selection in servers with certificate callbacks.
+
* Version 2.2.0 (released 2007-12-14)
** Update internal copy of libtasn1 to version 1.2.
diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c
index c95f723d7a..4058dbcf9d 100644
--- a/lib/gnutls_state.c
+++ b/lib/gnutls_state.c
@@ -135,20 +135,23 @@ _gnutls_session_cert_type_supported (gnutls_session_t session,
if (cred == NULL)
return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
- for (i = 0; i < cred->ncerts; i++)
- {
- if (cred->cert_list[i][0].cert_type == cert_type)
- {
- cert_found = 1;
- break;
- }
- }
- if (cert_found == 0)
- /* no certificate is of that type.
- */
- return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
- }
-
+ if( cred->server_get_cert_callback == NULL)
+ {
+ for (i = 0; i < cred->ncerts; i++)
+ {
+ if (cred->cert_list[i][0].cert_type == cert_type)
+ {
+ cert_found = 1;
+ break;
+ }
+ }
+
+ if (cert_found == 0)
+ /* no certificate is of that type.
+ */
+ return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
+ }
+ }
if (session->internals.priorities.cert_type.algorithms == 0
&& cert_type == DEFAULT_CERT_TYPE)
View Lorry Controller Status