diff options
Diffstat (limited to 'src/serv.c')
-rw-r--r-- | src/serv.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/src/serv.c b/src/serv.c index a1f9adfa8e..f29b0d8570 100644 --- a/src/serv.c +++ b/src/serv.c @@ -300,13 +300,17 @@ int ret; if (!require_cert && gnutls_certificate_get_peers(session, &size) == NULL) return 0; - if ((require_cert || ENABLED_OPT(VERIFY_CLIENT_CERT)) && cert_verify(session, NULL, NULL) == 0) { - do { - ret = gnutls_alert_send(session, GNUTLS_AL_FATAL, GNUTLS_A_ACCESS_DENIED); - } while(ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN); + if (require_cert || ENABLED_OPT(VERIFY_CLIENT_CERT)) { + if (cert_verify(session, NULL, NULL) == 0) { + do { + ret = gnutls_alert_send(session, GNUTLS_AL_FATAL, GNUTLS_A_ACCESS_DENIED); + } while(ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN); - j->http_state = HTTP_STATE_CLOSING; - return -1; + j->http_state = HTTP_STATE_CLOSING; + return -1; + } + } else { + printf("- Peer's certificate was NOT verified.\n"); } } return 0; |