You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by jp...@apache.org on 2014/09/23 22:51:15 UTC
[2/5] git commit: Add documentation for the SSL extensions.
Add documentation for the SSL extensions.
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/c5dfc23e
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/c5dfc23e
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/c5dfc23e
Branch: refs/heads/master
Commit: c5dfc23e40e880fd48a0eed1dc495cbb1b97ac64
Parents: 25bd7ab
Author: shinrich <sh...@network-geographics.com>
Authored: Tue Sep 23 15:04:52 2014 -0500
Committer: shinrich <sh...@network-geographics.com>
Committed: Tue Sep 23 15:07:39 2014 -0500
----------------------------------------------------------------------
doc/reference/api/TSSslContextFindBy.en.rst | 56 ++++++++++++++++++++
doc/reference/api/TSVConnIsSsl.en.rst | 32 +++++++++++
doc/reference/api/TSVConnReenable.en.rst | 34 ++++++++++++
.../api/TSVConnSslConnectionGet.en.rst | 41 ++++++++++++++
doc/reference/api/TSVConnTunnel.en.rst | 35 ++++++++++++
5 files changed, 198 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c5dfc23e/doc/reference/api/TSSslContextFindBy.en.rst
----------------------------------------------------------------------
diff --git a/doc/reference/api/TSSslContextFindBy.en.rst b/doc/reference/api/TSSslContextFindBy.en.rst
new file mode 100644
index 0000000..fc6a975
--- /dev/null
+++ b/doc/reference/api/TSSslContextFindBy.en.rst
@@ -0,0 +1,56 @@
+.. Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed
+ with this work for additional information regarding copyright
+ ownership. The ASF licenses this file to you under the Apache
+ License, Version 2.0 (the "License"); you may not use this file
+ except in compliance with the License. You may obtain a copy of
+ the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied. See the License for the specific language governing
+ permissions and limitations under the License.
+
+
+TSSslContextFindByName
+======================
+
+Synopsis
+--------
+
+`#include <ts/ts.h>`
+
+
+.. c:function:: TSSslContext TSSslContextFindByName(const char *name)
+
+
+Description
+-----------
+
+ Look for a SSL context created from the :c:type:`ssl_multicert.config` file. Use the server name to search.
+
+TSSslContextFindByAddr
+=======================
+
+Synopsis
+--------
+
+`#include <ts/ts.h>`
+
+.. c:function:: TSSslContext TSSslContextFindByAddr(struct sockaddr const*)
+
+
+Description
+-----------
+
+ Look for a SSL context created from the :c:type:`ssl_multicert.config` file. Use the server address to search.
+
+Type
+----
+
+.. c:type:: TSSslContext
+
+ Corresponds to the SSL_CTX * value in openssl.
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c5dfc23e/doc/reference/api/TSVConnIsSsl.en.rst
----------------------------------------------------------------------
diff --git a/doc/reference/api/TSVConnIsSsl.en.rst b/doc/reference/api/TSVConnIsSsl.en.rst
new file mode 100644
index 0000000..c04c699
--- /dev/null
+++ b/doc/reference/api/TSVConnIsSsl.en.rst
@@ -0,0 +1,32 @@
+.. Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed
+ with this work for additional information regarding copyright
+ ownership. The ASF licenses this file to you under the Apache
+ License, Version 2.0 (the "License"); you may not use this file
+ except in compliance with the License. You may obtain a copy of
+ the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied. See the License for the specific language governing
+ permissions and limitations under the License.
+
+
+TSVConnIsSsl
+============
+
+Synopsis
+--------
+
+`#include <ts/ts.h>`
+
+.. c:function:: int TSVConnIsSsl(TSVConn svc)
+
+Description
+-----------
+
+ Determines whether the connection associated with :arg:`svc` is being processed as an SSL connection. Returns 1 if it is being processed as SSL and 0 otherwise.
+
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c5dfc23e/doc/reference/api/TSVConnReenable.en.rst
----------------------------------------------------------------------
diff --git a/doc/reference/api/TSVConnReenable.en.rst b/doc/reference/api/TSVConnReenable.en.rst
new file mode 100644
index 0000000..c8efb3a
--- /dev/null
+++ b/doc/reference/api/TSVConnReenable.en.rst
@@ -0,0 +1,34 @@
+.. Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed
+ with this work for additional information regarding copyright
+ ownership. The ASF licenses this file to you under the Apache
+ License, Version 2.0 (the "License"); you may not use this file
+ except in compliance with the License. You may obtain a copy of
+ the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied. See the License for the specific language governing
+ permissions and limitations under the License.
+
+
+TSVConnReenable
+===============
+
+Synopsis
+--------
+
+`#include <ts/ts.h>`
+
+.. c:function:: void TSSslVConnReenable(TSVConn svc)
+
+Description
+-----------
+
+ Reenable the SSL connection :arg:`svc`. If a plugin hook is called, ATS processing on that connnection will not resume until this is invoked for that connection.
+
+
+
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c5dfc23e/doc/reference/api/TSVConnSslConnectionGet.en.rst
----------------------------------------------------------------------
diff --git a/doc/reference/api/TSVConnSslConnectionGet.en.rst b/doc/reference/api/TSVConnSslConnectionGet.en.rst
new file mode 100644
index 0000000..610c8a0
--- /dev/null
+++ b/doc/reference/api/TSVConnSslConnectionGet.en.rst
@@ -0,0 +1,41 @@
+.. Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed
+ with this work for additional information regarding copyright
+ ownership. The ASF licenses this file to you under the Apache
+ License, Version 2.0 (the "License"); you may not use this file
+ except in compliance with the License. You may obtain a copy of
+ the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied. See the License for the specific language governing
+ permissions and limitations under the License.
+
+
+TSVConnSslConnectionGet
+===========
+
+Synopsis
+--------
+
+`#include <ts/ts.h>`
+
+.. c:function:: TSSslVConnection TSVConnSslConnectionGet(TSVConn svc)
+
+
+Description
+-----------
+
+ Get the SSL (per connection) object from the SSl connection :arg:`svc`.
+
+
+Types
+-----
+
+.. c:type:: TSSslVConnection
+
+ The SSL (per connection) object. This is an opaque type that can be cast to the appropriate type (SSL * for the openSSL library).
+
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c5dfc23e/doc/reference/api/TSVConnTunnel.en.rst
----------------------------------------------------------------------
diff --git a/doc/reference/api/TSVConnTunnel.en.rst b/doc/reference/api/TSVConnTunnel.en.rst
new file mode 100644
index 0000000..982e1d4
--- /dev/null
+++ b/doc/reference/api/TSVConnTunnel.en.rst
@@ -0,0 +1,35 @@
+.. Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed
+ with this work for additional information regarding copyright
+ ownership. The ASF licenses this file to you under the Apache
+ License, Version 2.0 (the "License"); you may not use this file
+ except in compliance with the License. You may obtain a copy of
+ the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied. See the License for the specific language governing
+ permissions and limitations under the License.
+
+
+TSVConnTunnel
+===========
+
+Synopsis
+--------
+
+`#include <ts/ts.h>`
+
+.. c:function:: TSReturnCode TSVConnTunnel(TSVConn svc)
+
+
+Description
+-----------
+
+ Set the SSL connection :arg:`svc` to convert to a blind tunnel. Can be called from the TS_VCONN_PRE_ACCEPT_HOOK or the TS_SSL_SNI_HOOK.
+
+For this to work from the TS_SSL_SNI_HOOK, the openSSL patch must be applied which adds the ability to break out of the SSL_accept processing by returning SSL_TLSEXT_ERR_READ_AGAIN.
+