From 3c3a573562d3da453db59adf53baba81c4606b27 Mon Sep 17 00:00:00 2001
From: cinap_lenrek <cinap_lenrek@gmx.de>
Date: Thu, 15 Aug 2013 00:29:42 +0200
Subject: libsec: only send client cert when we have one (fix regression from
 r6e976b2004dd)

---
 sys/src/libsec/port/tlshand.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'sys/src')

diff --git a/sys/src/libsec/port/tlshand.c b/sys/src/libsec/port/tlshand.c
index 10b1002c0..c9dd093db 100644
--- a/sys/src/libsec/port/tlshand.c
+++ b/sys/src/libsec/port/tlshand.c
@@ -726,9 +726,11 @@ tlsClient2(int ctl, int hand, uchar *csid, int ncsid, uchar *cert, int certlen,
 	}
 
 	if(creq) {
-		m.u.certificate.ncert = 1;
-		m.u.certificate.certs = emalloc(m.u.certificate.ncert * sizeof(Bytes));
-		m.u.certificate.certs[0] = makebytes(cert, certlen);		
+		if(cert != nil && certlen > 0){
+			m.u.certificate.ncert = 1;
+			m.u.certificate.certs = emalloc(m.u.certificate.ncert * sizeof(Bytes));
+			m.u.certificate.certs[0] = makebytes(cert, certlen);
+		}		
 		m.tag = HCertificate;
 		if(!msgSend(c, &m, AFlush))
 			goto Err;
-- 
cgit v1.2.3