| 136 | } |
| 137 | |
| 138 | bool |
| 139 | ServerSessionPool::validate_cert(HttpSM *sm, NetVConnection *netvc) |
| 140 | { |
| 141 | bool retval = true; |
| 142 | // Verify that the cert file associated this connection would match the cert file we would have use to create |
| 143 | // a new connection. |
| 144 | // |
| 145 | if (sm->t_state.scheme == URL_WKSIDX_HTTPS) { |
| 146 | const char *session_cert = netvc->options.ssl_client_cert_name; |
| 147 | std::string_view proposed_cert = sm->get_outbound_cert(); |
| 148 | Dbg(dbg_ctl_http_ss, "validate_cert proposed_cert=%.*s, cert=%s", static_cast<int>(proposed_cert.size()), proposed_cert.data(), |
| 149 | session_cert); |
| 150 | if (!session_cert || proposed_cert.length() == 0) { |
| 151 | retval = session_cert == nullptr && proposed_cert.length() == 0; |
| 152 | } else { |
| 153 | retval = proposed_cert.compare(session_cert) == 0; |
| 154 | } |
| 155 | } |
| 156 | return retval; |
| 157 | } |
| 158 | |
| 159 | HSMresult_t |
| 160 | ServerSessionPool::acquireSession(sockaddr const *addr, CryptoHash const &hostname_hash, |
nothing calls this directly
no test coverage detected