Uploaded image for project: 'Traffic Server'
  1. Traffic Server
  2. TS-2956

Add ssl_pre_handshake hook for better plugin access to SSL handling and allow for combination of blind tunnel and tunnel proxying

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • None
    • 5.2.0
    • Core, Plugins, SSL
    • None

    Description

      Organizations that want to do more extensive SSL processing than is allowed by the core should be able to write a plugin. To support such plugins, the core needs to allow for the plugin to gain access after the TCP connection has completed but before the SSL Accept has completed.

      One feature that a plug in may want to implement is the ability to determine that some SSL connections should be fully proxied and others should be blind tunneled. To date, this is a global decision. Either all tunnels are proxied by ATS or all are blind tunneled.

      Probably should have been two issues, but the implementations are intertwined.

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. TS-3006 Augment SNI callback processing

          • Major - Major loss of function.
          • Closed

          Activity

            People

              shinrich Susan Hinrichs
              shinrich Susan Hinrichs
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: