tls13: server: Note down client not being authenticated in SSL context

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2022-09-13 10:16:31 +02:00
parent a709a0f2c6
commit eac00ad2a6
3 changed files with 364 additions and 1081 deletions

View File

@ -2429,7 +2429,10 @@ static int ssl_tls13_certificate_request_coordinate( mbedtls_ssl_context *ssl )
authmode = ssl->conf->authmode; authmode = ssl->conf->authmode;
if( authmode == MBEDTLS_SSL_VERIFY_NONE ) if( authmode == MBEDTLS_SSL_VERIFY_NONE )
{
ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_SKIP_VERIFY;
return( SSL_CERTIFICATE_REQUEST_SKIP ); return( SSL_CERTIFICATE_REQUEST_SKIP );
}
ssl->handshake->certificate_request_sent = 1; ssl->handshake->certificate_request_sent = 1;

File diff suppressed because it is too large Load Diff

View File

@ -398,7 +398,7 @@ class MbedTLSServ(MbedTLSBase):
named_group=named_group, named_group=named_group,
iana_value=NAMED_GROUP_IANA_VALUE[named_group])] iana_value=NAMED_GROUP_IANA_VALUE[named_group])]
check_strings.append("Verifying peer X.509 certificate... ok") check_strings.append("Certificate verification was skipped")
return ['-s "{}"'.format(i) for i in check_strings] return ['-s "{}"'.format(i) for i in check_strings]
def pre_cmd(self): def pre_cmd(self):