TLSConfiguration.certificateRequired attribute

[borisreitman]

I have implemented a new attribute .certificateRequired in TLSConfiguration. When set to false, it makes presence of client certificates optional. If the client certificate is provided, then the customVerificationCallback will be called. By default, the attribute is true, which is the current behaviour (failure without client certificate).

From an article referenced below, here is a quote:

"[We] tell it to accept requests with no valid certificate. We need this to handle invalid connections as well (for example to display an error message), otherwise, they would just get a cryptic HTTPS error message from the browser (ERR_BAD_SSL_CLIENT_AUTH_CERT to be precise)"

Reference: https://medium.com/@sevcsik/authentication-using-https-client-certificates-3c9d270e8326

[swift-server-bot]

Can one of the admins verify this patch?

[swift-server-bot]

Can one of the admins verify this patch?

[swift-server-bot]

Can one of the admins verify this patch?

[swift-server-bot]

Can one of the admins verify this patch?

[swift-server-bot]

Can one of the admins verify this patch?

[swift-server-bot]

Can one of the admins verify this patch?

[swift-server-bot]

Can one of the admins verify this patch?

[swift-server-bot]

Can one of the admins verify this patch?

[swift-server-bot]

Can one of the admins verify this patch?

[swift-server-bot]

Can one of the admins verify this patch?

[borisreitman]

@dnadoba Can you check it again, I pushed a new changeset.

[Lukasa]

@swift-server-bot test this please