[
https://issues.apache.org/jira/browse/TS-2210?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13896336#comment-13896336
]
kang li commented on TS-2210:
-----------------------------
Hi James,
The new API was more concise. I have also done a small test, the new style API
worked well. But for SSL_CTX we need SSL to get the verify result and client
certificate, and SSLNetVConnection store SSL as the domain. So I think return
SSL would be more convenient:
{code}
void *TSHttpSsnSSLConnectionGet(TSHttpSsn); // Returns SSL *
{code}
If SSL_CTX was needed, we could use SSL_get_SSL_CTX to get related SSL_CTX.
If the newer API was suitable, I would send the API review request.
> add API to get access to the client cert in the SSL Net VC
> ----------------------------------------------------------
>
> Key: TS-2210
> URL: https://issues.apache.org/jira/browse/TS-2210
> Project: Traffic Server
> Issue Type: Improvement
> Components: SSL, TS API
> Reporter: Bryan Call
> Assignee: James Peach
> Fix For: 5.0.0
>
> Attachments: 2210.diff
>
>
> In SSLNetVConnection SSL_get_peer_certificate(ssl) is called and client_cert
> is set. There is a request from Brian France to get access to the client
> cert.
> He wants to be able to call X509_NAME_oneline(), X509_get_subject_name(), and
> X509_get_issuer_name() on the cert.
> Where the cert is set in the code:
> iocore/net/SSLNetVConnection.cc:499: client_cert =
> SSL_get_peer_certificate(ssl);
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
