On Feb 11, 2014, at 6:29 AM, Kang Li <kan...@yahoo-inc.com> wrote: > Hi all, > > I'd like to add this new API, TSHttpSsnSSLConnectionGet(), as discussed in > Jira: > > https://issues.apache.org/jira/browse/TS-2210 > > The reason for this API is to get client certificate information, such as > subject DN, issuer DN, etc. This API can also be used for Jira ticket: > > https://issues.apache.org/jira/browse/TS-1584 > > To get the client certificate verify result. > > The new API is : > > tsapi void* TSHttpSsnSSLConnectionGet(TSHttpSsn ssnp); // Returns SSL * > > This use TSHttpSsn to get related SSLNetVConnection, then the SSL object. The > reason exposing SSL abstraction can be found in the discussion: > https://issues.apache.org/jira/browse/TS-2210?focusedCommentId=13886094&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13886094 > > The Doxygen docs for the API is : > > /** Retrives the SSL object of the http session if this connection is > SSL/TLS encrypted. > The return structure SSL is depend on OpenSSL, the function user should refer > OpenSSL to do the appropriate thing. > > @return SSL object of this session if the connection is SSL/TLS > encrypted, NULL otherwise > */ > tsapi void* TSHttpSsnSSLConnectionGet(TSHttpSsn ssnp); //returns SSL * > > The are no ABI / API incompatibilities with this patch.
I don't like exposing OpenSSL data structures, but I don't see a better way to do this. +1 J
