- Do not bail out if no client certificate specified. Try to negotiate anonymous connection (Fixes ticket #12)
diff --git a/ChangeLog b/ChangeLog
index 4cc88e6..7c9f402 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -16,9 +16,13 @@
* Corrected parsing of UTCTime dates before 1990 and
after 1950
* Support more exotic OID's when parsing certificates
+ (found by Mads Kiilerich)
* Support more exotic name representations when parsing
- certificates
+ certificates (found by Mads Kiilerich)
* Replaced the expired test certificates
+ * Do not bail out if no client certificate specified. Try
+ to negotiate anonymous connection (Fixes ticket #12,
+ found by Boris Krasnovskiy)
= Version 0.99-pre1 released on 2011-01-30
Features
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 2ff0964..555ed73 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -630,7 +630,7 @@
SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) );
- if( ssl->client_auth == 0 )
+ if( ssl->client_auth == 0 || ssl->own_cert == NULL )
{
SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
ssl->state++;
