Hi, I have code that sets cert retrieval callback with gnutls_certificate_set_retrieve_function2(), and from within that callback checks whether the server required the certificate by calling: gnutls_certificate_client_get_request_status() and expecting "non-zero". Looks like the latter returns 0 there, even though I see "CERTIFICATE REQUEST(13)" while looking at debug output:
... 04/24/15 16:55:39 GNUTLS3: HSK[0x150df00]: CERTIFICATE (11) was received. Length 3915[3915], frag offset 0, frag length: 3915, sequence: 0 04/24/15 16:55:39 3 certificates received from server <-- That's my code reports from a cert verify callback ... 04/24/15 16:55:39 GNUTLS4: REC[0x150df00]: SSL 3.3 Handshake packet received. Epoch 0, length: 6010 ... 04/24/15 16:55:39 GNUTLS6: BUF[REC]: Inserted 6010 bytes of Data(22) 04/24/15 16:55:39 GNUTLS3: HSK[0x150df00]: CERTIFICATE REQUEST (13) was received. Length 6006[6006], frag offset 0, frag length: 6006, sequence: 0 04/24/15 16:55:39 GNUTLS3: EXT[0x150df00]: rcvd signature algo (2.1) RSA-SHA1 04/24/15 16:55:39 Server does not require client authentication <-- This is my output when gnutls_certificate_client_get_request_status() returns 0 04/24/15 16:55:39 Server's 44 trusted certificate authorities: <-- There's 44 CAs sent by the server, nonetheless (it's in the retrieve callback, too) ... What I'm missing here? Thanks, Anton Lavrentiev Contractor NIH/NLM/NCBI _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
