*API Review of adding TSSslContextCreate and TSSslContextDestroy*
Hi All,
Here's the API review request for the pull request:
It adds two new API functions for creating and destroying SSL
contexts.
Traffic server exposes hooks that plugins can use to load certificates via
other
mechanisms than the ssl_multicert.config, but there's currently no way for
a plugin
to create a new SSL context based on the current ATS settings (cipher
suites, which
protocols to support, etc, etc).
The TSSslContextCreate gives plugins an API function that will return a
wrapped
SSL context that respect all the SSL related settings in records.config
It's up to the plugin to free the context after use, so the pull request
includes
a corresponding TSSslContextDestroy API function for freeing the context
(just
wraps the open ssl call for this, but having an API function makes it more
obvious
that it's up to the plugin author to free the context).
The two new API functions are:
tsapi TSSslContext TSSslContextCreate()
tsapi void TSSslContextDestroy(TSSslContext ctx)
Best,
Matt
On Thu, Apr 21, 2016 at 10:11 AM, David Calavera <david.calav...@gmail.com>
wrote:
> Originally proposed in https://github.com/apache/trafficserver/pull/402.
>
> It would be convenient to have those two methods in the API to properly
> create SSL contexts setting the right configuration from records.config.
>
> I opened a ticket to track the issue:
> https://issues.apache.org/jira/browse/TS-4373
> The final code is in https://github.com/apache/trafficserver/pull/594
> You can see the API documentation is isolated in this commit:
>
> https://github.com/apache/trafficserver/pull/594/commits/523e9e703ecd835dc84e829d4539a1bf40e3ee3c
>
> Please, let me know if there is anything else I should do.
>
> Cheers,
> David
>
