| 12345678910111213141516171819202122232425262728293031323334 |
- From 4c7c73c93825aa2e3550e675dffd9b921df9b634 Mon Sep 17 00:00:00 2001
- From: Alexander Barton <alex@barton.de>
- Date: Sat, 6 Jan 2024 19:57:50 +0100
- Subject: [PATCH 16/20] S2S-TLS/GnuTLS: Fix handling of connections without
- peer certificates
- (cherry picked from commit 8cef3ce42cd645a3ffb0e1eded52b8b77bb8caff)
- ---
- src/ngircd/conn-ssl.c | 9 ++++-----
- 1 file changed, 4 insertions(+), 5 deletions(-)
- --- a/src/ngircd/conn-ssl.c
- +++ b/src/ngircd/conn-ssl.c
- @@ -920,16 +920,15 @@
- gnutls_mac_get_name(gnutls_mac_get(sess)));
- cred = gnutls_auth_get_type(c->ssl_state.gnutls_session);
- if (cred == GNUTLS_CRD_CERTIFICATE) {
- - cert_seen = true;
- -
- gnutls_x509_crt_t cert;
- unsigned cert_list_size;
- const gnutls_datum_t *cert_list =
- gnutls_certificate_get_peers(sess, &cert_list_size);
- - if (!cert_list || cert_list_size == 0) {
- - Log(LOG_ERR, "No certificates found");
- +
- + if (!cert_list || cert_list_size == 0)
- goto done_cn_validation;
- - }
- +
- + cert_seen = true;
- int err = gnutls_x509_crt_init(&cert);
- if (err < 0) {
- Log(LOG_ERR,
|
