Github user oknet commented on a diff in the pull request:
https://github.com/apache/trafficserver/pull/374#discussion_r48522460
--- Diff: iocore/net/SSLNetVConnection.cc ---
@@ -1095,6 +1105,12 @@ SSLNetVConnection::sslServerHandShakeEvent(int &err)
}
ssl_error_t ssl_error = SSLAccept(ssl);
+ // if non SNI-Hook set before or SSL Session reuse here:
+ // the sslHandshakeHookState should be HOOKS_CERT after SSLAccept().
+ // thus, set it to HOOKS_DONE directly.
+ if (HANDSHAKE_HOOKS_CERT == sslHandshakeHookState) {
+ sslHandshakeHookState = HANDSHAKE_HOOKS_DONE;
+ }
--- End diff --
please hold this pull requestï¼I found a bug on itï¼and will release a
new patch.
set HookState to DONE if SSLAccept() only send a Server Hello and without
certificate.
next time, SSLAccept() send certificate to client but the HookState already
set to DONE. the default certificate will be used and no Cert Hooks called. I
will be update patch soon.
sorry ...
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
