no need to check s->server as default_nid is never used for TLS 1.2 client authentication
authorDr. Stephen Henson <steve@openssl.org>
Tue, 3 Jul 2012 14:24:33 +0000 (14:24 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 3 Jul 2012 14:24:33 +0000 (14:24 +0000)
ssl/t1_lib.c

index 4553468..eb6aa55 100644 (file)
@@ -3482,7 +3482,7 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain,
                 * have set preferred signature algorithms check we support
                 * sha1.
                 */
-               if (s->server && default_nid > 0 && c->conf_sigalgs)
+               if (default_nid > 0 && c->conf_sigalgs)
                        {
                        size_t j;
                        const unsigned char *p = c->conf_sigalgs;