tls-server: Use subject DN as peer identity if it was ID_ANY
To request client authentication if we don't know the client's identity, it's possible to use ID_ANY. However, if we don't change the identity get_peer_id() would still report ID_ANY after the authentication.
This commit is contained in:
parent
d5606ec350
commit
4b7cfb252e
|
@ -729,6 +729,12 @@ static status_t process_certificate(private_tls_server_t *this,
|
|||
DBG1(DBG_TLS, "received TLS peer certificate '%Y'",
|
||||
cert->get_subject(cert));
|
||||
first = FALSE;
|
||||
if (this->peer && this->peer->get_type(this->peer) == ID_ANY)
|
||||
{
|
||||
this->peer->destroy(this->peer);
|
||||
this->peer = cert->get_subject(cert);
|
||||
this->peer = this->peer->clone(this->peer);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue