diff options
-rw-r--r-- | NEWS | 4 | ||||
-rw-r--r-- | lib/gnutls_state.c | 31 |
2 files changed, 21 insertions, 14 deletions
@@ -3,6 +3,10 @@ Copyright (C) 2004, 2005, 2006, 2007 Simon Josefsson Copyright (C) 2000, 2001, 2002, 2003, 2004 Nikos Mavrogiannopoulos See the end for copying conditions. +* Version 2.2.1 (unreleased) + +** Fix for certificate selection in servers with certificate callbacks. + * Version 2.2.0 (released 2007-12-14) ** Update internal copy of libtasn1 to version 1.2. diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index c95f723d7a..4058dbcf9d 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -135,20 +135,23 @@ _gnutls_session_cert_type_supported (gnutls_session_t session, if (cred == NULL) return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; - for (i = 0; i < cred->ncerts; i++) - { - if (cred->cert_list[i][0].cert_type == cert_type) - { - cert_found = 1; - break; - } - } - if (cert_found == 0) - /* no certificate is of that type. - */ - return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; - } - + if( cred->server_get_cert_callback == NULL) + { + for (i = 0; i < cred->ncerts; i++) + { + if (cred->cert_list[i][0].cert_type == cert_type) + { + cert_found = 1; + break; + } + } + + if (cert_found == 0) + /* no certificate is of that type. + */ + return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; + } + } if (session->internals.priorities.cert_type.algorithms == 0 && cert_type == DEFAULT_CERT_TYPE) |