Require client provide certs if RequireClientAuth=true#192
Require client provide certs if RequireClientAuth=true#192jared2501 wants to merge 1 commit intobifurcation:masterfrom
Conversation
jared2501
force-pushed
the
jn/require-client-auth
branch
from
efe2340 to
22a9d8a
Compare
jared2501
force-pushed
the
jn/require-client-auth
branch
from
22a9d8a to
a1bd7f1
Compare
|
Hey @bifurcation, before I look into the tests for this, does this look right? The issue I'm trying to fix is when a server requires client certificates, but the client doesn't send any, we let the TLS session establish when we shouldn't. |
|
The spec doesn’t require the client to send a certificate if the server requests one. I think the right way to deal with this is as the standard library does. |
|
@marten-seemann - ah hmm, perhaps RequireClientAuth is a bit of a misnomre then? Also, when you say "as the standard library does", do you mean by allowing the client to set different levels from NoClientCert to RequireAndVerifyClientCert? |
|
Yes, that’s the option I meant. |
2 participants
No description provided.