shinrich commented on pull request #7540: URL: https://github.com/apache/trafficserver/pull/7540#issuecomment-782143709
Good point. Should review the client side as well. I noticed double prints from the server verify callback when looking at the debug statements from the autest failures. I had figured that with multiple calls to SSL_*_set_verify, the last one in would be the only one called. But for openssl at least, it appears that there is a slot for the SSL_CTX and a slot for the SSL object itself. Originally we just had the SSL_CTX version. I added the SSL object version to deal with dynamic updates I believe. Need to review some git history. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
