I did try to see if there was a n openssl hook that gets invoked when the connection is closed. However, I couldn't find one. I guess it doesn't make sense to have one from openssl perspective since connection close is is always initiated by the application.
What I need is a i.e a callback from SSLNetVConnection::do_io_close. Otherwise, I'll have to go with what you suggested i.e. maintain a table in the plugin. The problem I see with that is, when to expire (i.e. free) the entries in the table? On Wed, Sep 27, 2017 at 4:42 AM, Alan Carroll < solidwallofc...@oath.com.invalid> wrote: > Unfortunately I don't know of a reliable way to do clean up, which is one > reason I would think of a plugin maintained table which at least has the > possibility of cleanup. This does point out a problem with the mentioned > issue - if that is done there must be some reliable way to clean it up. > > I'm not an SSL expert but something dangerous you could try is to see if > there is an openSSL hook you can grab to do the cleanup. The dangerous part > is it is likely the ATS core already has a callback in place so you'd need > to retrieve that and call it from your hook. >
