MCPcopy Create free account
hub / github.com/apache/trafficserver / validate_cert

Method validate_cert

src/proxy/http/HttpSessionManager.cc:138–157  ·  view source on GitHub ↗

Source from the content-addressed store, hash-verified

136}
137
138bool
139ServerSessionPool::validate_cert(HttpSM *sm, NetVConnection *netvc)
140{
141 bool retval = true;
142 // Verify that the cert file associated this connection would match the cert file we would have use to create
143 // a new connection.
144 //
145 if (sm->t_state.scheme == URL_WKSIDX_HTTPS) {
146 const char *session_cert = netvc->options.ssl_client_cert_name;
147 std::string_view proposed_cert = sm->get_outbound_cert();
148 Dbg(dbg_ctl_http_ss, "validate_cert proposed_cert=%.*s, cert=%s", static_cast<int>(proposed_cert.size()), proposed_cert.data(),
149 session_cert);
150 if (!session_cert || proposed_cert.length() == 0) {
151 retval = session_cert == nullptr && proposed_cert.length() == 0;
152 } else {
153 retval = proposed_cert.compare(session_cert) == 0;
154 }
155 }
156 return retval;
157}
158
159HSMresult_t
160ServerSessionPool::acquireSession(sockaddr const *addr, CryptoHash const &hostname_hash,

Callers

nothing calls this directly

Calls 5

get_outbound_certMethod · 0.80
sizeMethod · 0.45
dataMethod · 0.45
lengthMethod · 0.45
compareMethod · 0.45

Tested by

no test coverage detected