Fix AdvancedTlsX509TrustManager to handle client side validation of socket

2024-07-03 09:50:23 +02:00 · 2024-07-03 09:50:23 +02:00 · dcb1c018c6
parent 658cbf6cfe
commit dcb1c018c6
1 changed files with 5 additions and 1 deletions
--- a/util/src/main/java/io/grpc/util/AdvancedTlsX509TrustManager.java
+++ b/util/src/main/java/io/grpc/util/AdvancedTlsX509TrustManager.java
@ -200,7 +200,11 @@ public final class AdvancedTlsX509TrustManager extends X509ExtendedTrustManager
          currentDelegateManager.checkServerTrusted(chain, authType, sslSocket);
        }
      } else {
-        currentDelegateManager.checkClientTrusted(chain, authType, sslEngine);
+        if (sslEngine != null) {
+          currentDelegateManager.checkClientTrusted(chain, authType, sslEngine);
+        } else {
+          currentDelegateManager.checkClientTrusted(chain, authType, socket);
+        }
      }
    }
    // Perform the additional peer cert check.