tls-server: Terminate connection if peer certificate is required but not sent
authorPascal Knecht <pascal.knecht@hsr.ch>
Wed, 4 Nov 2020 12:07:49 +0000 (13:07 +0100)
committerTobias Brunner <tobias@strongswan.org>
Fri, 12 Feb 2021 13:35:23 +0000 (14:35 +0100)
commitdc49d457a289f5686975b1784bceda4f5f209cbf
tree84a6b027cc2dfa32e89bf071102103409df3e1f0
parent4bba89fff3dfd2dfa510e6a0ad38a905fa7f96f0
tls-server: Terminate connection if peer certificate is required but not sent

This change mainly affects legacy TLS versions because TLS 1.3
connections are terminated by the server once the peer does not send a
CertificateVerify message next to its empty Certificate message.
src/libtls/tls_server.c