{
tls_session_t *state = NULL;
SSL *new_tls = NULL;
- int verify_mode = SSL_VERIFY_NONE;
+
+ client_cert = client_cert; /* -Wunused. See bug #350 */
if ((new_tls = SSL_new(ssl_ctx)) == NULL) {
radlog(L_ERR, "rlm_eap_tls: Error creating new SSL");
SSL_set_info_callback(new_tls, cbtls_info);
/*
- * Verify the peer certificate, if asked.
- */
- if (client_cert) {
- DEBUG2(" rlm_eap_tls: Requiring client certificate");
- verify_mode = SSL_VERIFY_PEER;
- verify_mode |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
- verify_mode |= SSL_VERIFY_CLIENT_ONCE;
- }
- SSL_set_verify(state->ssl, verify_mode, cbtls_verify);
-
- /*
* In Server mode we only accept.
*/
SSL_set_accept_state(state->ssl);