From f08f0867ab673a67e0a408ded80b5a6e6a91872f Mon Sep 17 00:00:00 2001
From: Paolo Pellegrino <paolo.pellegrino@zirak.it>
Date: Fri, 17 Jun 2011 16:20:26 +0200
Subject: gsupplicant: Client certificate is not mandatory for TTLS/PEAP

---
 gsupplicant/supplicant.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

(limited to 'gsupplicant/supplicant.c')

diff --git a/gsupplicant/supplicant.c b/gsupplicant/supplicant.c
index 485b6719..bbb04ae5 100644
--- a/gsupplicant/supplicant.c
+++ b/gsupplicant/supplicant.c
@@ -2633,7 +2633,7 @@ static void add_network_security_peap(DBusMessageIter *dict,
 	 *              The 2nd phase authentication method
 	 *              The 2nd phase passphrase
 	 *
-	 * The Client certificate is optional although strongly required
+	 * The Client certificate is optional although strongly recommended
 	 * When setting it, we need in addition
 	 *              The Client private key file
 	 *              The Client private key file password
@@ -2641,9 +2641,6 @@ static void add_network_security_peap(DBusMessageIter *dict,
 	if (ssid->passphrase == NULL)
 		return;
 
-	if (ssid->ca_cert_path == NULL)
-		return;
-
 	if (ssid->phase2_auth == NULL)
 		return;
 
@@ -2678,7 +2675,8 @@ static void add_network_security_peap(DBusMessageIter *dict,
 						DBUS_TYPE_STRING,
 						&ssid->passphrase);
 
-	supplicant_dbus_dict_append_basic(dict, "ca_cert",
+	if (ssid->ca_cert_path)
+		supplicant_dbus_dict_append_basic(dict, "ca_cert",
 						DBUS_TYPE_STRING,
 						&ssid->ca_cert_path);
 
-- 
cgit v1.2.3