kingluo commented on PR #10066: URL: https://github.com/apache/apisix/pull/10066#issuecomment-1687488440
> Could you explain the reason for the bug? why can't it be reproduced in the old version? Because the current test cases do not cover these bugs: 1. matched_ssl is nil. 2. The MTLS whitelist does not work, which allows subsequent requests to bypass the whitelist check. Only fires when one of the following conditions is met: 1. Second and subsequent requests (HTTP keepalive) within the same SSL connection. 2. All requests in all subsequent new connections using the previously successful SSL session. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
