From 181a367a1f77ae3b88e0e36dcad7b0840b920de6 Mon Sep 17 00:00:00 2001
From: Juan Lang <juan.lang@gmail.com>
Date: Tue, 28 Sep 2010 18:10:40 -0700
Subject: [PATCH] wininet: Don't retrieve a certificate that isn't used.

---
 dlls/wininet/netconnection.c | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/dlls/wininet/netconnection.c b/dlls/wininet/netconnection.c
index 9717b92e617..d6bd567ba2f 100644
--- a/dlls/wininet/netconnection.c
+++ b/dlls/wininet/netconnection.c
@@ -646,7 +646,6 @@ DWORD NETCON_secure_connect(WININET_NETCONNECTION *connection, LPWSTR hostname)
     DWORD res = ERROR_NOT_SUPPORTED;
 #ifdef SONAME_LIBSSL
     long verify_res;
-    X509 *cert;
 
     /* can't connect if we are already connected */
     if (connection->useSSL)
@@ -694,14 +693,6 @@ DWORD NETCON_secure_connect(WININET_NETCONNECTION *connection, LPWSTR hostname)
         res = ERROR_INTERNET_SECURITY_CHANNEL_ERROR;
         goto fail;
     }
-    cert = pSSL_get_peer_certificate(connection->ssl_s);
-    if (!cert)
-    {
-        ERR("no certificate for server %s\n", debugstr_w(hostname));
-        /* FIXME: is this the best error? */
-        res = ERROR_INTERNET_INVALID_CA;
-        goto fail;
-    }
     verify_res = pSSL_get_verify_result(connection->ssl_s);
     if (verify_res != X509_V_OK)
     {