patch: SSL connection to Yahoo with gnutls
joe at manyfish.co.uk
Thu Nov 11 07:23:42 EST 2010
On Wed, Nov 10, 2010 at 01:40:21PM +0000, Patrick Ohly wrote:
> It is uncertain in which cases this behavior is desired. If the app
> sets neither certificate nor provider callback, then it is obvious
> that it wants an SSL connection without client certificate and neon
> should allow gnutls to proceed. This patch achieves that by returning
> from provide_client_cert() without error in that case.
Thanks a lot for the report and patch.
I've changed the behaviour here to simply return 0 unconditionally when
no client cert is available. This matches the behaviour with OpenSSL,
and allows the server to continue/reject the connection as appropriate.
More information about the neon