From a80c4ea05450b429b9f9d12800f3a742fc69d19f Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Thu, 26 Apr 2018 16:58:28 +0200
Subject: ssl: Proper handling of clients that choose to send an empty answer
 to a certificate request

Solves ERL-599
---
 lib/ssl/src/ssl_handshake.erl | 6 ------
 1 file changed, 6 deletions(-)

(limited to 'lib/ssl/src/ssl_handshake.erl')

diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl
index 54eb920bda..8ddd4623c1 100644
--- a/lib/ssl/src/ssl_handshake.erl
+++ b/lib/ssl/src/ssl_handshake.erl
@@ -1091,12 +1091,6 @@ select_hashsign(_, Cert, _, _, Version) ->
 %%
 %% Description: Handles signature algorithms selection for certificate requests (client) 
 %%--------------------------------------------------------------------
-select_hashsign(#certificate_request{}, undefined, _, {Major, Minor})  when Major >= 3 andalso Minor >= 3->
-    %% There client does not have a certificate and will send an empty reply, the server may fail 
-    %% or accept the connection by its own preference. No signature algorihms needed as there is
-    %% no certificate to verify.
-    {undefined, undefined}; 
- 
 select_hashsign(#certificate_request{hashsign_algorithms = #hash_sign_algos{hash_sign_algos = HashSigns}, 
 				     certificate_types = Types}, Cert, SupportedHashSigns, 
 		{Major, Minor})  when Major >= 3 andalso Minor >= 3->
-- 
cgit v1.2.3