diff options
| -rw-r--r-- | net/socket/ssl_client_socket_nss.cc | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc index 52dc09e..994f1f3 100644 --- a/net/socket/ssl_client_socket_nss.cc +++ b/net/socket/ssl_client_socket_nss.cc @@ -1150,7 +1150,9 @@ SECStatus SSLClientSocketNSS::ClientAuthHandler( CERT_FreeNicknames(names); } - return SECFailure; + // Tell NSS to suspend the client authentication. We will then abort the + // handshake by returning ERR_SSL_CLIENT_AUTH_CERT_NEEDED. + return SECWouldBlock; #endif } @@ -1286,7 +1288,7 @@ int SSLClientSocketNSS::DoVerifyCertComplete(int result) { } completed_handshake_ = true; - // TODO(ukai): we may not need this call because it is now harmless to have an + // TODO(ukai): we may not need this call because it is now harmless to have a // session with a bad cert. InvalidateSessionIfBadCertificate(); // Exit DoHandshakeLoop and return the result to the caller to Connect. |