Add options for no certificates in test srv/cli
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index cd5b99d..ff6a2a9 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -661,9 +661,15 @@
#if defined(POLARSSL_FS_IO)
if( strlen( opt.ca_path ) )
- ret = x509_crt_parse_path( &cacert, opt.ca_path );
+ if( strcmp( opt.ca_path, "none" ) == 0 )
+ ret = 0;
+ else
+ ret = x509_crt_parse_path( &cacert, opt.ca_path );
else if( strlen( opt.ca_file ) )
- ret = x509_crt_parse_file( &cacert, opt.ca_file );
+ if( strcmp( opt.ca_file, "none" ) == 0 )
+ ret = 0;
+ else
+ ret = x509_crt_parse_file( &cacert, opt.ca_file );
else
#endif
#if defined(POLARSSL_CERTS_C)
@@ -693,7 +699,10 @@
#if defined(POLARSSL_FS_IO)
if( strlen( opt.crt_file ) )
- ret = x509_crt_parse_file( &clicert, opt.crt_file );
+ if( strcmp( opt.crt_file, "none" ) == 0 )
+ ret = 0;
+ else
+ ret = x509_crt_parse_file( &clicert, opt.crt_file );
else
#endif
#if defined(POLARSSL_CERTS_C)
@@ -713,7 +722,10 @@
#if defined(POLARSSL_FS_IO)
if( strlen( opt.key_file ) )
- ret = pk_parse_keyfile( &pkey, opt.key_file, "" );
+ if( strcmp( opt.key_file, "none" ) == 0 )
+ ret = 0;
+ else
+ ret = pk_parse_keyfile( &pkey, opt.key_file, "" );
else
#endif
#if defined(POLARSSL_CERTS_C)
@@ -813,8 +825,16 @@
ssl_legacy_renegotiation( &ssl, opt.allow_legacy );
#if defined(POLARSSL_X509_CRT_PARSE_C)
- ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name );
- ssl_set_own_cert( &ssl, &clicert, &pkey );
+ if( strcmp( opt.ca_path, "none" ) != 0 &&
+ strcmp( opt.ca_file, "none" ) != 0 )
+ {
+ ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name );
+ }
+ if( strcmp( opt.crt_file, "none" ) != 0 &&
+ strcmp( opt.key_file, "none" ) != 0 )
+ {
+ ssl_set_own_cert( &ssl, &clicert, &pkey );
+ }
#endif
#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
