summaryrefslogtreecommitdiff
path: root/apt-inst/extract.cc
diff options
context:
space:
mode:
authorMichael Zhivich <mzhivich@akamai.com>2019-05-20 15:07:04 -0400
committerJulian Andres Klode <julian.klode@canonical.com>2019-05-21 14:53:01 +0200
commitf3e109d40937dbf90994bcf74b76837ec670205c (patch)
tree5c1139fbe0300e8768a84fa1502d19ff0ce94f90 /apt-inst/extract.cc
parentb758eea96f89c929f14ca558e9ec2b2e82bf485a (diff)
methods: https: handle requests for TLS re-handshake
When accessing repository protected by TLS mutual auth, apt may receive a "re-handshake" request from the server, which must be handled in order for download to proceed. This situation arises when the server requests a client certificate based on the resource path provided in the GET request, after the inital handshake in UnwrapTLS() has already occurred, and a secure connection has been established. This issue has been observed with Artifactory-backed Debian repository. To address the issue, split TLS handshake code out into its own method in TlsFd, and call it when GNUTLS_E_REHANDSHAKE error is received. Signed-off-by: Michael Zhivich <mzhivich@akamai.com> (merged from Debian/apt#93) LP: #1829861
Diffstat (limited to 'apt-inst/extract.cc')
0 files changed, 0 insertions, 0 deletions