maskit commented on code in PR #12761:
URL: https://github.com/apache/trafficserver/pull/12761#discussion_r2632914964
##########
src/iocore/net/SNIActionPerformer.cc:
##########
@@ -417,7 +417,7 @@ SNI_IpAllow::SNIAction(SSL &ssl, ActionItem::Context const
& /* ctx ATS_UNUSED *
const sockaddr *client_ip = nullptr;
for (int i = 0; i < IpAllow::Subject::MAX_SUBJECTS; ++i) {
if (IpAllow::Subject::PEER == IpAllow::subjects[i]) {
- client_ip = ssl_vc->get_remote_addr();
+ client_ip = ssl_vc->get_client_addr();
Review Comment:
Hmm, I don't think we should do this. If the setting value were CLIENT then
this would make sense, but "PEER" was picked as a term that means the direct
peer to distinguish it from the ambiguous term "client".
Also, this is unrelated to the change, I found that this if-else lacks the
support for PLUGIN (verified address). I'll add it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
