[Openvas-commits] r245 - in trunk/openvas-libraries: . libopenvas

Mon, 02 Jul 2007 11:29:01 -0700 

Author: bh
Date: 2007-07-02 20:29:34 +0200 (Mon, 02 Jul 2007)
New Revision: 245

Modified:
   trunk/openvas-libraries/ChangeLog
   trunk/openvas-libraries/libopenvas/network.c
Log:
* libopenvas/network.c (verify_peer_certificate): If the peer
did not send a certificate, treat it as valid.


Modified: trunk/openvas-libraries/ChangeLog
===================================================================
--- trunk/openvas-libraries/ChangeLog   2007-07-02 16:32:07 UTC (rev 244)
+++ trunk/openvas-libraries/ChangeLog   2007-07-02 18:29:34 UTC (rev 245)
@@ -1,5 +1,10 @@
 2007-07-02  Bernhard Herzog  <[EMAIL PROTECTED]>
 
+       * libopenvas/network.c (verify_peer_certificate): If the peer
+       did not send a certificate, treat it as valid.
+
+2007-07-02  Bernhard Herzog  <[EMAIL PROTECTED]>
+
        * libopenvas/network.c (OVAS_CONNECTION_FROM_FD): New. Macro to
        determine the nessus_connection* given a nessus file descriptor
        (nessus_register_connection, ovas_allocate_connection): Most of

Modified: trunk/openvas-libraries/libopenvas/network.c
===================================================================
--- trunk/openvas-libraries/libopenvas/network.c        2007-07-02 16:32:07 UTC 
(rev 244)
+++ trunk/openvas-libraries/libopenvas/network.c        2007-07-02 18:29:34 UTC 
(rev 245)
@@ -557,7 +557,8 @@
  * Verifies the peer's certificate.  If the certificate is not valid or
  * cannot be verified, the function prints diagnostics to stderr and
  * returns -1.  If the certificate was verified successfully the
- * function returns 0.
+ * function returns 0.  If the peer did not send a certificate, the
+ * function also returns 0.
  */
 static int
 verify_peer_certificate(gnutls_session_t session)
@@ -577,6 +578,10 @@
   int i;
 
   ret = gnutls_certificate_verify_peers2(session, &status);
+  if (ret == GNUTLS_E_NO_CERTIFICATE_FOUND)
+    /* The peer did not send a certificate.  We treat it as a valid
+     * certificate in this function */
+    return 0;
   if (ret < 0)
     {
       tlserror("gnutls_certificate_verify_peers2", ret);

_______________________________________________
Openvas-commits mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-commits

Reply via email to