From 1818baaa519bf45647df0a3683cfa01c5bfcbe56 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=BCnter=20Obiltschnig?= <guenter.obiltschnig@appinf.com>
Date: Mon, 11 Nov 2024 17:04:59 +0100
Subject: [PATCH] fix(NetSSL_Win): client fails to complete handshake

---
 NetSSL_Win/src/SecureSocketImpl.cpp | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/NetSSL_Win/src/SecureSocketImpl.cpp b/NetSSL_Win/src/SecureSocketImpl.cpp
index 57329e17..86ad8c3c 100644
--- a/NetSSL_Win/src/SecureSocketImpl.cpp
+++ b/NetSSL_Win/src/SecureSocketImpl.cpp
@@ -132,6 +132,15 @@ void SecureSocketImpl::initCommon()
 	{
 		_contextFlags |= ISC_REQ_MANUAL_CRED_VALIDATION;
 	}
+
+	if (_mode == MODE_CLIENT)
+	{
+		// If we do not set this, in some cases the InitializeSecurityContext() will return SEC_I_INCOMPLETE_CREDENTIALS. 
+		// That case is not handled in the handshake, it will try to continue reading, thus blocking until timeout.
+		// The handling of this case would be to repeat the InitializeSecurityContext once again, or as we do here,
+		// inform to use a client cert if available. 
+		_contextFlags |= ISC_REQ_USE_SUPPLIED_CREDS;
+	}
 }