tls-server: Add flag that makes client authentication optional
authorTobias Brunner <tobias@strongswan.org>
Thu, 18 Feb 2021 14:10:42 +0000 (15:10 +0100)
committerTobias Brunner <tobias@strongswan.org>
Thu, 18 Feb 2021 14:35:46 +0000 (15:35 +0100)
commit760f3b730fa69a1f8fc5075fcbb34f037d313b16
treea8e44e1a98a84002a4ee258aee1a4b9e11648643
parent11a4687930f4ea9e95ab75d2b40719d731f2f140
tls-server: Add flag that makes client authentication optional

This allows clients to send an empty certificate payload if the server
sent a certificate request.  If an identity was set previously, it will
be reset so get_peer_id() may be used to check if the client was
authenticated.
src/libtls/tls.h
src/libtls/tls_server.c