Skip to content
Commit 05c4f1d5 authored by Matt Caswell's avatar Matt Caswell
Browse files

Prepare the client certificate earlier



Move the preparation of the client certificate to be post processing work
after reading the CertificateRequest message rather than pre processing
work prior to writing the Certificate message. As part of preparing the
client certificate we may discover that we do not have one available. If
we are also talking SSLv3 then we won't send the Certificate message at
all. However, if we don't discover this until we are about to send the
Certificate message it is too late and we send an empty one anyway. This
is wrong for SSLv3.

Reviewed-by: default avatarEmilia Käsper <emilia@openssl.org>
parent 3c49b2e0
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment