From e7d435e4266cf589fd7dc98b73302bf76db3d3c5 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Tue, 3 Mar 2020 13:04:27 +0000
Subject: [PATCH] Name only authentication with GNUTLS

---
 src/stub.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/stub.c b/src/stub.c
index e215fd51..15f40dc8 100644
--- a/src/stub.c
+++ b/src/stub.c
@@ -957,7 +957,9 @@ tls_create_object(getdns_dns_req *dnsreq, int fd, getdns_upstream *upstream)
 		}
 	}
 
-	_getdns_tls_connection_set_host_pinset(tls, upstream->tls_auth_name, upstream->tls_pubkey_pinset);
+	if (upstream->tls_pubkey_pinset)
+		_getdns_tls_connection_set_host_pinset(
+		    tls, upstream->tls_auth_name, upstream->tls_pubkey_pinset);
 
 	/* Session resumption. There are trade-offs here. Want to do it when
 	   possible only if we have the right type of connection. Note a change