diff options
| author |  Nokis Mavrogiannopoulos
| 2009-06-30 18:42:11 +0000 |
|---|---|---|
| committer | Nokis Mavrogiannopoulos
| 2009-06-30 18:42:11 +0000 |
| commit | 4196f5acb2bd1161bca1f3ac4ac1568b3b43bddb (patch) | |
| tree | 8b0ee17430f8eeff923e60b26786ce4322ec52d9 /src | |
| parent | 45cbd99483fd410efd98bdf511f5669e5711a5d2 (diff) | |
Avoid requesting certificate from client when we already have it. Patch by AlainKnaff.
Diffstat (limited to 'src')
| -rw-r--r-- | src/gnutls_hooks.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c index d761b56..ea59bbf 100644 --- a/src/gnutls_hooks.c +++ b/src/gnutls_hooks.c | |||
| @@ -808,6 +808,12 @@ int mgs_hook_authz(request_rec * r) | |||
| 808 | ctxt->sc->client_verify_mode, | 808 | ctxt->sc->client_verify_mode, |
| 809 | dc->client_verify_mode); | 809 | dc->client_verify_mode); |
| 810 | 810 | ||
| 811 | /* If we already have a client certificate, there's no point in | ||
| 812 | * re-handshaking... */ | ||
| 813 | rv = mgs_cert_verify(r, ctxt); | ||
| 814 | if (rv != DECLINED && rv != HTTP_FORBIDDEN) | ||
| 815 | return rv; | ||
| 816 | |||
| 811 | gnutls_certificate_server_set_request(ctxt->session, | 817 | gnutls_certificate_server_set_request(ctxt->session, |
| 812 | dc->client_verify_mode); | 818 | dc->client_verify_mode); |
| 813 | 819 | ||