From 5a7f08063f0c41cf1227769e4775f77f0270b2b2 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat, 9 Feb 2013 13:21:58 +0100
Subject: Do not call the certificate verification callback if certificates are
 ignored.

---
 lib/gnutls_handshake.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'lib/gnutls_handshake.c')

diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index 4be633881f..5bc7d70815 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -2497,7 +2497,8 @@ static int run_verify_callback(gnutls_session_t session, unsigned int side)
   if (type != GNUTLS_CRD_CERTIFICATE)
     return 0;
 
-  if (cred != NULL && cred->verify_callback != NULL)
+  if (cred != NULL && cred->verify_callback != NULL && 
+  	session->internals.send_cert_req != GNUTLS_CERT_IGNORE)
     {
       ret = cred->verify_callback (session);
       if (ret < -1)
-- 
cgit v1.2.1