+1 Thanks Randall.
On Tue, Oct 5, 2021 at 12:33 PM Robert O Butts <r...@apache.org> wrote: > +1 > > IMO we should have APIs for all SSL/SNI data. > > On Tue, Oct 5, 2021 at 11:25 AM Leif Hedstrom <zw...@apache.org> wrote: > > > +1. > > > > I think the same pattern is in a couple of other “example” plugins as > > well, which could be cleaned up the same way. > > > > — Leif > > > > > > > On Oct 5, 2021, at 11:02 AM, Randall Meyer <randallme...@yahoo.com > .INVALID> > > wrote: > > > > > > Hello! > > > I'd like to propose adding a new API get grab the SNI from the client > > connection. > > > > > > const char * TSSslSNIGet(TSVConn sslp, int *length) > > > > > > This would remove some of the redundant code in the rate_limit plugin > > but also would allow for the rate_limit plugin to be used under > BoringSSL. > > The APIs between OpenSSL and BoringSSL here are pretty different here and > > don't have access to the same underlying structs. We already save off the > > name in the core (for both open and boring) and this API just exposes > that > > value. > > > > > > Here is the PR showing the changes (both the API addition and code > > cleanup). This would be split into 2 PRs if this API addition is > accepted. > > > > > > https://github.com/apache/trafficserver/pull/8313 > > > > > > -Randall > > > > > -- "Come to Me, all who are weary and heavy-laden, and I will give you rest. Take My yoke upon you and learn from Me, for I am gentle and humble in heart, and you will find rest for your souls. For My yoke is easy and My burden is light." ~ Matthew 11:28-30
