From 3f5b7536546e99595c05d803b56a64c60ef0f0e4 Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Fri, 21 Jun 2013 15:13:59 +0200
Subject: [PATCH] ssl_write_certificate_request() can handle empty ca_chain
 (cherry picked from commit 21360ca4d45c47f16952fa1f75c21600c4e26d7e)

Conflicts:
	library/ssl_srv.c
---
 ChangeLog         | 1 +
 library/ssl_srv.c | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index a1c1dba45..f8a46d9e5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,7 @@ Bugfix
      instead of the x509parse_crt() wrapper that can also parse PEM
 	 certificates
    * Fixed values for 2-key Triple DES in cipher layer
+   * ssl_write_certificate_request() can handle empty ca_chain
 
 Security
    * A possible DoS during the SSL Handshake, due to faulty parsing of
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 5f2891db2..175a50c9e 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -505,7 +505,7 @@ static int ssl_write_certificate_request( ssl_context *ssl )
     p += 2;
     crt = ssl->ca_chain;
 
-    while( crt != NULL )
+    while( crt != NULL && crt->version != 0)
     {
         if( p - buf > 4096 )
             break;