+1 IMO we should have APIs for all SSL/SNI data.
On Tue, Oct 5, 2021 at 11:25 AM Leif Hedstrom <zw...@apache.org> wrote: > +1. > > I think the same pattern is in a couple of other “example” plugins as > well, which could be cleaned up the same way. > > — Leif > > > > On Oct 5, 2021, at 11:02 AM, Randall Meyer <randallme...@yahoo.com.INVALID> > wrote: > > > > Hello! > > I'd like to propose adding a new API get grab the SNI from the client > connection. > > > > const char * TSSslSNIGet(TSVConn sslp, int *length) > > > > This would remove some of the redundant code in the rate_limit plugin > but also would allow for the rate_limit plugin to be used under BoringSSL. > The APIs between OpenSSL and BoringSSL here are pretty different here and > don't have access to the same underlying structs. We already save off the > name in the core (for both open and boring) and this API just exposes that > value. > > > > Here is the PR showing the changes (both the API addition and code > cleanup). This would be split into 2 PRs if this API addition is accepted. > > > > https://github.com/apache/trafficserver/pull/8313 > > > > -Randall > >
