Google Git
Sign in
pigweed / third_party / github / ARMmbed / mbedtls / cdf07e997906093cc3c15b56a166b7b6af05ff0e^! / . / library / ssl_tls.c
commitcdf07e997906093cc3c15b56a166b7b6af05ff0e[log] [tgz]
authorPaul Bakker <p.j.bakker@polarssl.org>Sun Jan 30 17:05:13 2011 +0000
committerPaul Bakker <p.j.bakker@polarssl.org>Sun Jan 30 17:05:13 2011 +0000
tree94e583c2a0ab6b33a092a595e833e1df09d4e1d2
parent9fc4659b3073e8e41ac3da8f300f0e65df9c3403 [diff] [blame]
 - Information about missing or non-verified client certificate is not provided as well.


diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 6f36e26..27c456a 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -1280,6 +1280,7 @@
     if( ssl->endpoint == SSL_IS_SERVER &&
         ssl->authmode == SSL_VERIFY_NONE )
     {
+        ssl->verify_result = BADCERT_SKIP_VERIFY;
         SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
         ssl->state++;
         return( 0 );
@@ -1306,6 +1307,7 @@
         {
             SSL_DEBUG_MSG( 1, ( "SSLv3 client has no certificate" ) );
 
+            ssl->verify_result = BADCERT_MISSING;
             if( ssl->authmode == SSL_VERIFY_OPTIONAL )
                 return( 0 );
             else
@@ -1323,6 +1325,7 @@
         {
             SSL_DEBUG_MSG( 1, ( "TLSv1 client has no certificate" ) );
 
+            ssl->verify_result = BADCERT_MISSING;
             if( ssl->authmode == SSL_VERIFY_REQUIRED )
                 return( POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE );
             else