Skip to content

Commit

Permalink
Update main.go (#1812)
Browse files Browse the repository at this point in the history
Add logging for the client certificate verification.
  • Loading branch information
pooneh-m authored Sep 14, 2020
1 parent 6fe2a74 commit 23b60be
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions cmd/allocator/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -295,13 +295,15 @@ func (h *serviceHandler) verifyClientCertificate(rawCerts [][]byte, verifiedChai

c, err := x509.ParseCertificate(rawCerts[0])
if err != nil {
logger.WithError(err).Warning("cannot parse client certificate")
return errors.New("bad client certificate: " + err.Error())
}

h.certMutex.RLock()
defer h.certMutex.RUnlock()
_, err = c.Verify(opts)
if err != nil {
logger.WithError(err).Warning("failed to verify client certificate")
return errors.New("failed to verify client certificate: " + err.Error())
}
return nil
Expand Down

0 comments on commit 23b60be

Please sign in to comment.