http: Ignore X509_R_CERT_ALREADY_IN_HASH_TABLE

istio-ecosystem / authservice

Move OIDC token acquisition out of your app code and into the Istio mesh

Apache License 2.0

217 stars 63 forks source link

http: Ignore X509_R_CERT_ALREADY_IN_HASH_TABLE #230

Closed dio closed 1 year ago

dio commented 1 year ago

The previous error checking was wrong, since ctx.add_certificate_authority is already done the ERR_get_error. The relevant SSL error should be wrapped as system::error_code.

Signed-off-by: Dhi Aurrahman dio@rockybars.com

dio commented 1 year ago

This supersedes https://github.com/istio-ecosystem/authservice/pull/229 to test the theory presented in: https://github.com/istio-ecosystem/authservice/pull/229#discussion_r1020593895

dio commented 1 year ago

@Shikugawa @incfly when you have time, please help to take a look. 🙇🏾

istio-testing commented 1 year ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dio, Shikugawa

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/istio-ecosystem/authservice/blob/master/OWNERS)~~ [Shikugawa] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

dio commented 1 year ago

Awesome. Thanks, @Shikugawa 🙇🏾!