r18747@catbus: nickm | 2008-03-11 13:21:25 -0400

Request client certs when renegotiating on server-side. Spotted by lodger. Bugfix on 0.2.0.x. svn:r13973
author: Nick Mathewson <nickm@torproject.org> 2008-03-11 17:21:44 +0000
committer: Nick Mathewson <nickm@torproject.org> 2008-03-11 17:21:44 +0000
commit: 24f91d2876a6f94149ef8c13d56be9f12d2daf14 (patch)
tree: 5ff517dfa4433e2721447159a3037a066474f0d7 /src/common/tortls.c
parent: 2cb7f63c9cc98b8344a782aaa9cf130d031fbb93 (diff)
download: tor-24f91d2876a6f94149ef8c13d56be9f12d2daf14.tar.gz
tor-24f91d2876a6f94149ef8c13d56be9f12d2daf14.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/common/tortls.c b/src/common/tortls.c
index a73b0fb40a..6773639e21 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -930,7 +930,7 @@ tor_tls_handshake(tor_tls_t *tls)
     tls->state = TOR_TLS_ST_OPEN;
     if (tls->isServer) {
       SSL_set_info_callback(tls->ssl, NULL);
-      SSL_set_verify(tls->ssl, SSL_VERIFY_NONE, always_accept_verify_cb);
+      SSL_set_verify(tls->ssl, SSL_VERIFY_PEER, always_accept_verify_cb);
       /* There doesn't seem to be a clear OpenSSL API to clear mode flags. */
       tls->ssl->mode &= ~SSL_MODE_NO_AUTO_CHAIN;
 #ifdef V2_HANDSHAKE_SERVER
author	Nick Mathewson <nickm@torproject.org>	2008-03-11 17:21:44 +0000
committer	Nick Mathewson <nickm@torproject.org>	2008-03-11 17:21:44 +0000
commit	24f91d2876a6f94149ef8c13d56be9f12d2daf14 (patch)
tree	5ff517dfa4433e2721447159a3037a066474f0d7 /src/common/tortls.c
parent	2cb7f63c9cc98b8344a782aaa9cf130d031fbb93 (diff)
download	tor-24f91d2876a6f94149ef8c13d56be9f12d2daf14.tar.gz tor-24f91d2876a6f94149ef8c13d56be9f12d2daf14.zip