mirror of
https://github.com/curl/curl.git
synced 2024-11-21 01:16:58 +08:00
GnuTLS: Always send client cert
TLS servers may request a certificate from the client. This request includes a list of 0 or more acceptable issuer DNs. The client may use this list to determine which certificate to send. GnuTLS's default behavior is to not send a client certificate if there is no match. However, OpenSSL's default behavior is to send the configured certificate. The `GNUTLS_FORCE_CLIENT_CERT` flag mimics OpenSSL behavior. Authored-by: jethrogb on github Fixes #1411 Closes #4958
This commit is contained in:
parent
7224e70f40
commit
41fcb4f609
@ -664,7 +664,7 @@ gtls_connect_step1(struct connectdata *conn,
|
||||
}
|
||||
|
||||
/* Initialize TLS session as a client */
|
||||
init_flags = GNUTLS_CLIENT;
|
||||
init_flags = GNUTLS_CLIENT | GNUTLS_FORCE_CLIENT_CERT;
|
||||
|
||||
#if defined(GNUTLS_NO_TICKETS)
|
||||
/* Disable TLS session tickets */
|
||||
|
Loading…
Reference in New Issue
Block a user