projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3c49b2e) | patch
Prepare the client certificate earlier
authorMatt Caswell <matt@openssl.org>
Wed, 22 Jun 2016 13:31:32 +0000 (14:31 +0100)
committerMatt Caswell <matt@openssl.org>
Mon, 18 Jul 2016 13:30:14 +0000 (14:30 +0100)
commit05c4f1d563bf7978543e3b5bdb292cbf11688886
treed2d9ea0abc4b364c8f107004e0eb3c22c8cb8f14tree | snapshot
parent3c49b2e0cdb1c82f424ba172ca819360fa6ccfe2commit | diff
Prepare the client certificate earlier

Move the preparation of the client certificate to be post processing work
after reading the CertificateRequest message rather than pre processing
work prior to writing the Certificate message. As part of preparing the
client certificate we may discover that we do not have one available. If
we are also talking SSLv3 then we won't send the Certificate message at
all. However, if we don't discover this until we are about to send the
Certificate message it is too late and we send an empty one anyway. This
is wrong for SSLv3.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
ssl/statem/statem_clnt.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.