From a030e1186161c3f231841d38c9338940a7ba28c9 Mon Sep 17 00:00:00 2001
From: Jun Kurihara <junkurihara@users.noreply.github.com>
Date: Tue, 11 Oct 2022 18:44:54 +0900
Subject: [PATCH] refactor. todo: move the consistency check between client
 certificate and sni to http layer and emit 400

---
 src/proxy/proxy_tls.rs | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/src/proxy/proxy_tls.rs b/src/proxy/proxy_tls.rs
index 153c6cd..6e3200c 100644
--- a/src/proxy/proxy_tls.rs
+++ b/src/proxy/proxy_tls.rs
@@ -88,7 +88,6 @@ where
             debug!("HTTP/2 or 1.1: SNI in ClientHello: {:?}", server_name);
             let server_name = server_name.map_or_else(|| None, |v| Some(v.to_server_name_vec()));
             if server_name.is_none(){
-              // conn.send_close_notify();
               Err(RpxyError::Proxy("No SNI is given".to_string()))
             } else {
               //////////////////////////////
@@ -97,10 +96,6 @@ where
               let client_certs = conn.peer_certificates();
               let client_certs_setting_for_sni = sni_cc_map.get(&server_name.clone().unwrap());
               check_client_authentication(client_certs, client_certs_setting_for_sni)?;
-              // if let Err(e) = check_client_authentication(client_certs, client_certs_setting_for_sni){
-              //   conn.send_close_notify();
-              //   return Err(e);
-              // }
               //////////////////////////////
               // this immediately spawns another future to actually handle stream. so it is okay to introduce timeout for handshake.
               self_inner.client_serve(stream, server_clone, client_addr, server_name); // TODO: don't want to pass copied value...
@@ -109,7 +104,6 @@ where
           };
           self.globals.runtime_handle.spawn( async move {
             if let Err(e) = handshake_fut.await {
-
               error!("{}", e);
             }
           });