Fix AdvancedTlsX509TrustManager to handle client side validation of s…

…ocket
grpc · Jul 11, 2024 · dcb1c01 · dcb1c01
1 parent 658cbf6
commit dcb1c01
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/util/src/main/java/io/grpc/util/AdvancedTlsX509TrustManager.java b/util/src/main/java/io/grpc/util/AdvancedTlsX509TrustManager.java
@@ -200,7 +200,11 @@ private void checkTrusted(X509Certificate[] chain, String authType, SSLEngine ss
           currentDelegateManager.checkServerTrusted(chain, authType, sslSocket);
         }
       } else {
-        currentDelegateManager.checkClientTrusted(chain, authType, sslEngine);
+        if (sslEngine != null) {
+          currentDelegateManager.checkClientTrusted(chain, authType, sslEngine);
+        } else {
+          currentDelegateManager.checkClientTrusted(chain, authType, socket);
+        }
       }
     }
     // Perform the additional peer cert check.