diff options
Diffstat (limited to 'src/mod_gnutls.c')
-rw-r--r-- | src/mod_gnutls.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/src/mod_gnutls.c b/src/mod_gnutls.c index cb81a26..681411b 100644 --- a/src/mod_gnutls.c +++ b/src/mod_gnutls.c | |||
@@ -294,7 +294,6 @@ static apr_port_t mod_gnutls_hook_default_port(const request_rec * r) | |||
294 | 294 | ||
295 | static void mod_gnutls_changed_servers(mod_gnutls_handle_t *ctxt) | 295 | static void mod_gnutls_changed_servers(mod_gnutls_handle_t *ctxt) |
296 | { | 296 | { |
297 | gnutls_credentials_set(ctxt->session, GNUTLS_CRD_CERTIFICATE, ctxt->sc->certs); | ||
298 | gnutls_certificate_server_set_request(ctxt->session, ctxt->sc->client_verify_mode); | 297 | gnutls_certificate_server_set_request(ctxt->session, ctxt->sc->client_verify_mode); |
299 | } | 298 | } |
300 | 299 | ||
@@ -479,9 +478,11 @@ static mod_gnutls_handle_t* create_gnutls_handle(apr_pool_t* pool, conn_rec * c) | |||
479 | gnutls_certificate_type_set_priority(ctxt->session, sc->cert_types); | 478 | gnutls_certificate_type_set_priority(ctxt->session, sc->cert_types); |
480 | 479 | ||
481 | mod_gnutls_cache_session_init(ctxt); | 480 | mod_gnutls_cache_session_init(ctxt); |
481 | |||
482 | gnutls_credentials_set(ctxt->session, GNUTLS_CRD_CERTIFICATE, ctxt->sc->certs); | ||
482 | 483 | ||
483 | gnutls_certificate_server_set_retrieve_function(sc->certs, cert_retrieve_fn); | 484 | gnutls_certificate_server_set_retrieve_function(sc->certs, cert_retrieve_fn); |
484 | 485 | ||
485 | mod_gnutls_changed_servers(ctxt); | 486 | mod_gnutls_changed_servers(ctxt); |
486 | return ctxt; | 487 | return ctxt; |
487 | } | 488 | } |
@@ -838,7 +839,7 @@ int mod_gnutls_hook_authz(request_rec *r) | |||
838 | 839 | ||
839 | if (dc->client_verify_mode == GNUTLS_CERT_IGNORE) { | 840 | if (dc->client_verify_mode == GNUTLS_CERT_IGNORE) { |
840 | ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, | 841 | ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, |
841 | "GnuTLS: Ignoring Client Certificate!"); | 842 | "GnuTLS: Directory set to Ignore Client Certificate!"); |
842 | return DECLINED; | 843 | return DECLINED; |
843 | } | 844 | } |
844 | 845 | ||
@@ -855,8 +856,10 @@ int mod_gnutls_hook_authz(request_rec *r) | |||
855 | } | 856 | } |
856 | } | 857 | } |
857 | else if (ctxt->sc->client_verify_mode == GNUTLS_CERT_IGNORE) { | 858 | else if (ctxt->sc->client_verify_mode == GNUTLS_CERT_IGNORE) { |
859 | #if MOD_GNUTLS_DEBUG | ||
858 | ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, | 860 | ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, |
859 | "GnuTLS: Peer is set to IGNORE"); | 861 | "GnuTLS: Peer is set to IGNORE"); |
862 | #endif | ||
860 | return DECLINED; | 863 | return DECLINED; |
861 | } | 864 | } |
862 | 865 | ||