Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
0.7.0, 0.7.1
-
None
-
None
-
All
Description
The SSLHandler doesn't set the client auth params correctly. The setNeedClientAuth and setWantClientAuth should be set only if true. According to the SSLEngine javadoc, they effect each other.
Can be verified by checking the SSLSession after a successful handshake. Eg, even if you set "need" to true and later set "want" to false, "need" automatically gets reset to false.
The patch fixes this problem.