trafficserver-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From oknet <>
Subject [GitHub] trafficserver pull request: TS-4075: add a state check for sslHand...
Date Tue, 29 Dec 2015 05:46:29 GMT
Github user oknet commented on a diff in the pull request:
    --- Diff: iocore/net/ ---
    @@ -1095,6 +1105,12 @@ SSLNetVConnection::sslServerHandShakeEvent(int &err)
       ssl_error_t ssl_error = SSLAccept(ssl);
    +  // if non SNI-Hook set before or SSL Session reuse here:
    +  //   the sslHandshakeHookState should be HOOKS_CERT after SSLAccept().
    +  // thus, set it to HOOKS_DONE directly.
    +  if (HANDSHAKE_HOOKS_CERT == sslHandshakeHookState) {
    +    sslHandshakeHookState = HANDSHAKE_HOOKS_DONE;
    +  }
    --- End diff --
    please hold this pull request,I found a bug on it,and will release a new patch.
    set HookState to DONE if SSLAccept() only send a Server Hello and without certificate.
    next time, SSLAccept() send certificate to client but the HookState already set to DONE.
the default certificate will be used and no Cert Hooks called. I will be update patch soon.
    sorry ...

If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at or file a JIRA ticket
with INFRA.

View raw message