diff options
author | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2022-07-20 15:21:39 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2022-07-20 15:21:39 +0200 |
commit | 4dcb1c83c96b51ec9a1770c269e75a94debebb9d (patch) | |
tree | f53aa75709ae5018809faa2a547c46bb70fb8981 /security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java | |
parent | ea71048bca7b1d5633040ce8d13f9b418632f843 (diff) |
Include client certificate chain even when authorization is disabled
Diffstat (limited to 'security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java')
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java b/security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java index 99787725063..5db86fd93bc 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java @@ -35,7 +35,7 @@ public class PeerAuthorizer { public ConnectionAuthContext authorizePeer(X509Certificate cert) { return authorizePeer(List.of(cert)); } public ConnectionAuthContext authorizePeer(List<X509Certificate> certChain) { - if (authorizedPeers.isEmpty()) return ConnectionAuthContext.defaultAllCapabilities(); + if (authorizedPeers.isEmpty()) return ConnectionAuthContext.defaultAllCapabilities(certChain); X509Certificate cert = certChain.get(0); Set<String> matchedPolicies = new HashSet<>(); Set<CapabilitySet> grantedCapabilities = new HashSet<>(); |