a9766c2c23
So far, `ssl_client2` printed the CRT info for the peer's CRT by requesting the latter through `mbedtls_ssl_get_peer_cert()` at the end of the handshake, and printing it via `mbedtls_x509_crt_info()`. When `MBEDTLS_SSL_KEEP_PEER_CERTIFICATE` is disabled, this does no longer work because the peer's CRT isn't stored beyond the handshake. This makes some tests in `ssl-opt.sh` fail which rely on the CRT info output for the peer certificate. This commit modifies `ssl_client2` to extract the peer CRT info from the verification callback, which is always called at a time when the peer's CRT is available. This way, the peer's CRT info is still printed if `MBEDTLS_SSL_KEEP_PEER_CERTIFICATE` is disabled. |
||
|---|---|---|
| .. | ||
| CMakeLists.txt | ||
| dtls_client.c | ||
| dtls_server.c | ||
| mini_client.c | ||
| query_config.c | ||
| ssl_client1.c | ||
| ssl_client2.c | ||
| ssl_fork_server.c | ||
| ssl_mail_client.c | ||
| ssl_pthread_server.c | ||
| ssl_server.c | ||
| ssl_server2.c | ||