We're checking for non-null session->sess in VerifyCertificate now. theres very little else we can do, as we know that *whenever* we clear an ssl session, we set this to null.

git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@6697 e03df62e-2008-0410-955e-edbf42e46eb7

1 files changed, 2 insertions, 3 deletions

diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp
index 8847d5c0d..ec6680d24 100644
--- a/src/modules/extra/m_ssl_gnutls.cpp
+++ b/src/modules/extra/m_ssl_gnutls.cpp
@@ -346,7 +346,6 @@ class ModuleSSLGnuTLS : public Module
 
 		gnutls_set_default_priority(session->sess); // Avoid calling all the priority functions, defaults are adequate.
 		gnutls_credentials_set(session->sess, GNUTLS_CRD_CERTIFICATE, x509_cred);
-		gnutls_certificate_server_set_request(session->sess, GNUTLS_CERT_REQUEST); // Request client certificate if any.
 		gnutls_dh_set_prime_bits(session->sess, dh_bits);
 
 		/* This is an experimental change to avoid a warning on 64bit systems about casting between integer and pointer of different sizes
@@ -359,6 +358,8 @@ class ModuleSSLGnuTLS : public Module
 
 		gnutls_transport_set_ptr(session->sess, (gnutls_transport_ptr_t) fd); // Give gnutls the fd for the socket.
 
+		gnutls_certificate_server_set_request(session->sess, GNUTLS_CERT_REQUEST); // Request client certificate if any.
+
 		Handshake(session);
 	}
 
@@ -377,8 +378,6 @@ class ModuleSSLGnuTLS : public Module
 		gnutls_dh_set_prime_bits(session->sess, dh_bits);
 		gnutls_transport_set_ptr(session->sess, (gnutls_transport_ptr_t) fd); // Give gnutls the fd for the socket.
 
-		gnutls_certificate_request(session->sess, GNUTLS_CERT_REQUEST); // Request server certificate if any.
-
 		Handshake(session);
 	}