Stop client from sending Certificate message when not requested
In a non client-auth renegotiation where the original handshake *was* client auth, then the client will send a Certificate message anyway resulting in a connection failure. Fixes #1920 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1982)
This commit is contained in:
Matt Caswell
parent
a03a9dbe2a
commit
10305baf26
1 changed files with 1 additions and 0 deletions
|
|
@ -355,6 +355,7 @@ static int state_machine(SSL *s, int server)
|
|||
s->hit = 0;
|
||||
|
||||
s->s3->tmp.cert_request = 0;
|
||||
s->s3->tmp.cert_req = 0;
|
||||
|
||||
if (SSL_IS_DTLS(s)) {
|
||||
st->use_timer = 1;
|
||||
|
|
|
|||
Loading…
Reference in a new issue