Hi, Here is a patch to add a new fetcher for cert chain. It follows discussion after thread https://www.mail-archive.com/[email protected]/msg35607.html
It currently does not support session reuse, but I was looking for inputs about it, whether I could make use of `reused_sess` objects in haproxy, and in which way. Indeed, as pointed by Emeric in https://www.mail-archive.com/[email protected]/msg37380.html `SSL_get_peer_cert_chain` returns NULL in case of resumed session. Thanks, William Dauchy (2): CLEANUP: ssl: ssl_sock_crt2der semicolon and spaces MINOR: ssl: add ssl_c_chain_der fetch method doc/configuration.txt | 7 ++ reg-tests/ssl/client1.pem | 106 +++++++++++++++++++++++++++ reg-tests/ssl/ssl_client_samples.vtc | 2 + src/ssl_sample.c | 61 +++++++++++++++ src/ssl_utils.c | 6 +- 5 files changed, 179 insertions(+), 3 deletions(-) -- 2.27.0
