You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by "Leif Hedstrom (JIRA)" <ji...@apache.org> on 2011/06/17 01:35:48 UTC
[jira] [Created] (TS-841) Refactor SSL code to make it possible to
perform NPN negotiation without entering the HTTP SM
Refactor SSL code to make it possible to perform NPN negotiation without entering the HTTP SM
---------------------------------------------------------------------------------------------
Key: TS-841
URL: https://issues.apache.org/jira/browse/TS-841
Project: Traffic Server
Issue Type: New Feature
Components: HTTP, SSL
Reporter: Leif Hedstrom
Fix For: 3.1.0
In order to make it possible to write protocol handlers like SPDY, we need to negotiate NPN protocol before entering the HTTP SM.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (TS-841) support TLS NextProtocol negotiation
Posted by "James Peach (Resolved) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TS-841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
James Peach resolved TS-841.
----------------------------
Resolution: Fixed
Fixed in trunk
> support TLS NextProtocol negotiation
> ------------------------------------
>
> Key: TS-841
> URL: https://issues.apache.org/jira/browse/TS-841
> Project: Traffic Server
> Issue Type: New Feature
> Components: HTTP, SSL
> Reporter: Leif Hedstrom
> Assignee: James Peach
> Fix For: 3.1.3
>
> Attachments: 0001-TS-841-Move-SSLNetAccept-and-SSLNetProcessor-into-ep.patch, 0002-TS-841-Sprinkle-some-const-pixie-dust-on-the-SSL-cla.patch, 0003-TS-841-Propagate-zero-length-read-events-through-SSL.patch, 0004-TS-841-Load-plugins-after-opening-sockets.patch, 0005-TS-841-support-TLS-NextProtocol-negotiation.patch
>
>
> In order to make it possible to write protocol handlers like SPDY, we need to negotiate NPN protocol before entering the HTTP SM.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (TS-841) support TLS NextProtocol negotiation
Posted by "James Peach (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TS-841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
James Peach updated TS-841:
---------------------------
Summary: support TLS NextProtocol negotiation (was: Refactor SSL code to make it possible to perform NPN negotiation without entering the HTTP SM)
Retitle and assign to me. I have this almost complete.
> support TLS NextProtocol negotiation
> ------------------------------------
>
> Key: TS-841
> URL: https://issues.apache.org/jira/browse/TS-841
> Project: Traffic Server
> Issue Type: New Feature
> Components: HTTP, SSL
> Reporter: Leif Hedstrom
> Assignee: James Peach
> Fix For: 3.1.3
>
>
> In order to make it possible to write protocol handlers like SPDY, we need to negotiate NPN protocol before entering the HTTP SM.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (TS-841) support TLS NextProtocol negotiation
Posted by "James Peach (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TS-841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
James Peach updated TS-841:
---------------------------
Attachment: 0005-TS-841-support-TLS-NextProtocol-negotiation.patch
0004-TS-841-Load-plugins-after-opening-sockets.patch
0003-TS-841-Propagate-zero-length-read-events-through-SSL.patch
0002-TS-841-Sprinkle-some-const-pixie-dust-on-the-SSL-cla.patch
0001-TS-841-Move-SSLNetAccept-and-SSLNetProcessor-into-ep.patch
Attached patches.
> support TLS NextProtocol negotiation
> ------------------------------------
>
> Key: TS-841
> URL: https://issues.apache.org/jira/browse/TS-841
> Project: Traffic Server
> Issue Type: New Feature
> Components: HTTP, SSL
> Reporter: Leif Hedstrom
> Assignee: James Peach
> Fix For: 3.1.3
>
> Attachments: 0001-TS-841-Move-SSLNetAccept-and-SSLNetProcessor-into-ep.patch, 0002-TS-841-Sprinkle-some-const-pixie-dust-on-the-SSL-cla.patch, 0003-TS-841-Propagate-zero-length-read-events-through-SSL.patch, 0004-TS-841-Load-plugins-after-opening-sockets.patch, 0005-TS-841-support-TLS-NextProtocol-negotiation.patch
>
>
> In order to make it possible to write protocol handlers like SPDY, we need to negotiate NPN protocol before entering the HTTP SM.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (TS-841) Refactor SSL code to make it possible
to perform NPN negotiation without entering the HTTP SM
Posted by "James Peach (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TS-841?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13177764#comment-13177764 ]
James Peach commented on TS-841:
--------------------------------
>From IRC discussion:
6:17pm] zwoop: but, not sure it should be named TSNetAcceptTLS()
[6:17pm] zwoop: because, TSNetAccept() implies that you (the plugin) own the port
[6:17pm] zwoop: but, with NPN, you "share" it
[6:17pm] jpeach: that's an interesting point
[6:17pm] zwoop: I think we'd wants something like TSRegisterNPNHandler(contp, npn_string);
[6:17pm] zwoop: or some such
[6:18pm] zwoop: where contp implements the SPDY statemachine (or whatever protocol it is)
[6:18pm] jpeach: NPN implies an implementation where the server is able to route external ports to internal named endpoints
[6:18pm] zwoop: and, it follows the same semantics as the continuation that you would normally provide with for TSNetAccept
...
[6:29pm] jpeach: so NPN needs to be in core code
[6:29pm] jpeach: we need an internal endpoint mapper to route NPN endpoints
[6:29pm] jpeach: we need plugin API to hook it all up
> Refactor SSL code to make it possible to perform NPN negotiation without entering the HTTP SM
> ---------------------------------------------------------------------------------------------
>
> Key: TS-841
> URL: https://issues.apache.org/jira/browse/TS-841
> Project: Traffic Server
> Issue Type: New Feature
> Components: HTTP, SSL
> Reporter: Leif Hedstrom
> Fix For: 3.1.3
>
>
> In order to make it possible to write protocol handlers like SPDY, we need to negotiate NPN protocol before entering the HTTP SM.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Assigned] (TS-841) Refactor SSL code to make it possible to
perform NPN negotiation without entering the HTTP SM
Posted by "James Peach (Assigned) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TS-841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
James Peach reassigned TS-841:
------------------------------
Assignee: James Peach
> Refactor SSL code to make it possible to perform NPN negotiation without entering the HTTP SM
> ---------------------------------------------------------------------------------------------
>
> Key: TS-841
> URL: https://issues.apache.org/jira/browse/TS-841
> Project: Traffic Server
> Issue Type: New Feature
> Components: HTTP, SSL
> Reporter: Leif Hedstrom
> Assignee: James Peach
> Fix For: 3.1.3
>
>
> In order to make it possible to write protocol handlers like SPDY, we need to negotiate NPN protocol before entering the HTTP SM.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Reopened] (TS-841) support TLS NextProtocol negotiation
Posted by "Leif Hedstrom (Reopened) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TS-841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Leif Hedstrom reopened TS-841:
------------------------------
It seems when accept threads are disabled, the VC is not properly reset? It used to be, I'm pretty sure, that when we accept on the net thread, we use a proxy allocator for allocating the VC. I remember adding some code around that case, to assure we release the VC on the correct freelist (proy allocator without accept thread, global freelist when accept threads are enabled).
Perhaps this somehow got reverted ? I can definitely trigger the assert after a few requests with accept threads disabled.
> support TLS NextProtocol negotiation
> ------------------------------------
>
> Key: TS-841
> URL: https://issues.apache.org/jira/browse/TS-841
> Project: Traffic Server
> Issue Type: New Feature
> Components: HTTP, SSL
> Reporter: Leif Hedstrom
> Assignee: James Peach
> Fix For: 3.1.3
>
> Attachments: 0001-TS-841-Move-SSLNetAccept-and-SSLNetProcessor-into-ep.patch, 0002-TS-841-Sprinkle-some-const-pixie-dust-on-the-SSL-cla.patch, 0003-TS-841-Propagate-zero-length-read-events-through-SSL.patch, 0004-TS-841-Load-plugins-after-opening-sockets.patch, 0005-TS-841-support-TLS-NextProtocol-negotiation.patch
>
>
> In order to make it possible to write protocol handlers like SPDY, we need to negotiate NPN protocol before entering the HTTP SM.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (TS-841) Refactor SSL code to make it possible to
perform NPN negotiation without entering the HTTP SM
Posted by "Leif Hedstrom (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TS-841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Leif Hedstrom updated TS-841:
-----------------------------
Fix Version/s: (was: 3.1.1)
3.1.2
Moving these to 3.1.2 for now. please move back if they will be worked on asap for 3.1.1.
> Refactor SSL code to make it possible to perform NPN negotiation without entering the HTTP SM
> ---------------------------------------------------------------------------------------------
>
> Key: TS-841
> URL: https://issues.apache.org/jira/browse/TS-841
> Project: Traffic Server
> Issue Type: New Feature
> Components: HTTP, SSL
> Reporter: Leif Hedstrom
> Fix For: 3.1.2
>
>
> In order to make it possible to write protocol handlers like SPDY, we need to negotiate NPN protocol before entering the HTTP SM.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira