tls-peer: Simply ignore certificate request context
authorTobias Brunner <tobias@strongswan.org>
Tue, 25 Aug 2020 15:21:02 +0000 (17:21 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 12 Feb 2021 10:45:44 +0000 (11:45 +0100)
This SHALL be zero length for server authentication anyway.

src/libtls/tls_peer.c

index 4cba0bb..fa81ee7 100644 (file)
@@ -409,11 +409,6 @@ static status_t process_certificate(private_tls_peer_t *this,
                        this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR);
                        return NEED_MORE;
                }
-               if (data.len > 0)
-               {
-                       DBG1(DBG_TLS, "certificate request context available,"
-                                "but CertificateRequest not received");
-               }
        }
        if (!reader->read_data24(reader, &data))
        {