checking if client provided a cert and complain if not

2025-12-19 20:50:42 +01:00 · 2008-05-23 11:39:37 +02:00 · 2008-05-23 11:39:37 +02:00 · 3b5c252784
commit 3b5c252784
parent b4baf2bda0
1 changed files with 3 additions and 1 deletions
--- a/runtime/nsd_gtls.c
+++ b/runtime/nsd_gtls.c
@ -638,7 +638,9 @@ gtlsChkPeerCertValidity(nsd_gtls_t *pThis)

 	ISOBJ_TYPE_assert(pThis, nsd_gtls);
 	gnuRet = gnutls_certificate_verify_peers(pThis->sess);
-	if(gnuRet < 1)
+	if(gnuRet == GNUTLS_E_NO_CERTIFICATE_FOUND) {
+		errmsg.LogError(NO_ERRCODE, "peer did not provide a certificate, not permitted to talk to it");
+	} else if(gnuRet < 1)
 		CHKgnutls(gnuRet);

 	if(gnuRet & GNUTLS_CERT_INVALID) {