Commit Diff


commit - 6ed61a2e441276f1aac83a187bd2b160c8e9a6cc
commit + ce5f27d25b61a206ccde7c6445c07f9c5df5fe5e
blob - 1dce76b2ea92a3ad7fdab809768d0971a2b00bfe
blob + b52c8528f9e701186450729f53be41f977cda1b9
--- vostok/transport.cc
+++ vostok/transport.cc
@@ -92,6 +92,9 @@ Server::Server(NotNull<czstring> cert_file, NotNull<cz
         );
         return;
     }
+    tls_config_verify_client_optional(cfg.get());
+    tls_config_insecure_noverifycert(cfg.get());
+    tls_config_insecure_noverifytime(cfg.get());
 
     ContextPtr ctx{tls_server()};
     if (!ctx)
blob - 37162dd8e110c679705509a62f7d62fc46447ccf
blob + b426f6fd9af1562f45254604f36bbd2381d63f67
--- vostok/vostok.cc
+++ vostok/vostok.cc
@@ -82,6 +82,10 @@ process_gateway_request(
     const ProcessRequestContext &context
 )
 {
+    czstring client_cert_hash = tls_peer_cert_hash(accepted_client.get_ctx());
+    error::g_log << "tls_peer_cert_provided(...)=" << tls_peer_cert_provided(accepted_client.get_ctx()) << std::endl;
+    error::g_log << "tls_peer_cert_hash(...)=" << (client_cert_hash ? client_cert_hash : "(nullptr)") << std::endl;
+
     int stdin_pair[2];
     if (pipe(stdin_pair) != 0)
     {