+1 Sent from my iPhone
> On Oct 5, 2021, at 6:29 PM, Brian Neradt <brian.ner...@gmail.com> wrote: > > +1 > > Thanks Randall. > >> On Tue, Oct 5, 2021 at 12:33 PM Robert O Butts <r...@apache.org> wrote: >> >> +1 >> >> IMO we should have APIs for all SSL/SNI data. >> >>> On Tue, Oct 5, 2021 at 11:25 AM Leif Hedstrom <zw...@apache.org> wrote: >>> >>> +1. >>> >>> I think the same pattern is in a couple of other “example” plugins as >>> well, which could be cleaned up the same way. >>> >>> — Leif >>> >>> >>>> On Oct 5, 2021, at 11:02 AM, Randall Meyer <randallme...@yahoo.com >> .INVALID> >>> wrote: >>>> >>>> Hello! >>>> I'd like to propose adding a new API get grab the SNI from the client >>> connection. >>>> >>>> const char * TSSslSNIGet(TSVConn sslp, int *length) >>>> >>>> This would remove some of the redundant code in the rate_limit plugin >>> but also would allow for the rate_limit plugin to be used under >> BoringSSL. >>> The APIs between OpenSSL and BoringSSL here are pretty different here and >>> don't have access to the same underlying structs. We already save off the >>> name in the core (for both open and boring) and this API just exposes >> that >>> value. >>>> >>>> Here is the PR showing the changes (both the API addition and code >>> cleanup). This would be split into 2 PRs if this API addition is >> accepted. >>>> >>>> https://github.com/apache/trafficserver/pull/8313 >>>> >>>> -Randall >>> >>> >> > -- > "Come to Me, all who are weary and heavy-laden, and I will > give you rest. Take My yoke upon you and learn from Me, for > I am gentle and humble in heart, and you will find rest for > your souls. For My yoke is easy and My burden is light." > > ~ Matthew 11:28-30
