bneradt commented on a change in pull request #6699:
URL: https://github.com/apache/trafficserver/pull/6699#discussion_r438178153
##########
File path: iocore/net/SSLClientUtils.cc
##########
@@ -138,6 +138,20 @@ verify_callback(int signature_ok, X509_STORE_CTX *ctx)
return true;
}
+static int
+ssl_client_cert_callback(SSL *ssl, void * /*arg*/)
+{
+ SSLNetVConnection *netvc = SSLNetVCAccess(ssl);
+ SSL_CTX *ctx = SSL_get_SSL_CTX(ssl);
+ if (ctx) {
+ // Do not need to free either the cert or the ssl_ctx
+ // both are internal pointers
+ X509 *cert = SSL_CTX_get0_certificate(ctx);
+ netvc->set_sent_cert(cert != nullptr ? 2 : 1);
Review comment:
It would be helpful to name the 0, 1, 2 values in some way. Perhaps an
enum?
##########
File path: tests/gold_tests/autest-site/when.test.ext
##########
@@ -34,3 +35,20 @@ def FileContains(haystack, needle):
AddWhenFunction(FileContains)
+
+def FilePresent(tsenv, file):
+ cmd = "test -f {0}".format(file)
+ retval = subprocess.run(cmd, shell=True, env=tsenv)
+ return retval.returncode == 0
+
+AddWhenFunction(FilePresent)
+
+def SNIReloadDone(tsenv, diags_file):
+ cmd = "grep 'sni.yaml finished loading' {0} | wc -l | sed -e 's/ //g'>
./test.out".format(diags_file)
+ retval = subprocess.run(cmd, shell=True, env=tsenv)
+ if retval.returncode == 0:
+ cmd ="if [ -f ./test.out -a \"`cat ./test.out`\" = \"2\" ] ; then
true; else false; fi"
Review comment:
To make this a bit easier to read, the outer double quotes could be
replaced with single quotes, and the escaped inner double quotes could just be
unescaped double quotes.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
