summaryrefslogtreecommitdiffstatsabout
diff options
context:
space:
mode:
-rw-r--r--src/gnutls_hooks.c14
1 files changed, 8 insertions, 6 deletions
diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c
index 82a9a99..d761b56 100644
--- a/src/gnutls_hooks.c
+++ b/src/gnutls_hooks.c
@@ -123,7 +123,7 @@ static int mgs_select_virtual_server_cb(gnutls_session_t session)
123 ctxt->sc = tsc; 123 ctxt->sc = tsc;
124 124
125 gnutls_certificate_server_set_request(session, 125 gnutls_certificate_server_set_request(session,
126 ctxt->sc->client_verify_mode); 126 ctxt->sc->client_verify_mode);
127 127
128 /* set the new server credentials 128 /* set the new server credentials
129 */ 129 */
@@ -819,11 +819,13 @@ int mgs_hook_authz(request_rec * r)
819 ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, 819 ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
820 "GnuTLS: Peer is set to IGNORE"); 820 "GnuTLS: Peer is set to IGNORE");
821#endif 821#endif
822 } else { 822 return DECLINED;
823 rv = mgs_cert_verify(r, ctxt); 823 }
824 if (rv != DECLINED) { 824 rv = mgs_cert_verify(r, ctxt);
825 return rv; 825 if (rv != DECLINED &&
826 } 826 (rv != HTTP_FORBIDDEN ||
827 dc->client_verify_mode == GNUTLS_CERT_REQUIRE)) {
828 return rv;
827 } 829 }
828 } 830 }
829 831