You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by jp...@apache.org on 2014/09/23 22:51:15 UTC

[2/5] git commit: Add documentation for the SSL extensions.

Add documentation for the SSL extensions.


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/c5dfc23e
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/c5dfc23e
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/c5dfc23e

Branch: refs/heads/master
Commit: c5dfc23e40e880fd48a0eed1dc495cbb1b97ac64
Parents: 25bd7ab
Author: shinrich <sh...@network-geographics.com>
Authored: Tue Sep 23 15:04:52 2014 -0500
Committer: shinrich <sh...@network-geographics.com>
Committed: Tue Sep 23 15:07:39 2014 -0500

----------------------------------------------------------------------
 doc/reference/api/TSSslContextFindBy.en.rst     | 56 ++++++++++++++++++++
 doc/reference/api/TSVConnIsSsl.en.rst           | 32 +++++++++++
 doc/reference/api/TSVConnReenable.en.rst        | 34 ++++++++++++
 .../api/TSVConnSslConnectionGet.en.rst          | 41 ++++++++++++++
 doc/reference/api/TSVConnTunnel.en.rst          | 35 ++++++++++++
 5 files changed, 198 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c5dfc23e/doc/reference/api/TSSslContextFindBy.en.rst
----------------------------------------------------------------------
diff --git a/doc/reference/api/TSSslContextFindBy.en.rst b/doc/reference/api/TSSslContextFindBy.en.rst
new file mode 100644
index 0000000..fc6a975
--- /dev/null
+++ b/doc/reference/api/TSSslContextFindBy.en.rst
@@ -0,0 +1,56 @@
+.. Licensed to the Apache Software Foundation (ASF) under one or more
+   contributor license agreements.  See the NOTICE file distributed
+   with this work for additional information regarding copyright
+   ownership.  The ASF licenses this file to you under the Apache
+   License, Version 2.0 (the "License"); you may not use this file
+   except in compliance with the License.  You may obtain a copy of
+   the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied.  See the License for the specific language governing
+   permissions and limitations under the License.
+
+
+TSSslContextFindByName
+======================
+
+Synopsis
+--------
+
+`#include <ts/ts.h>`
+
+
+.. c:function:: TSSslContext TSSslContextFindByName(const char *name)
+
+
+Description
+-----------
+
+   Look for a SSL context created from the :c:type:`ssl_multicert.config` file.  Use the server name to search.
+
+TSSslContextFindByAddr
+=======================
+
+Synopsis
+--------
+
+`#include <ts/ts.h>`
+
+.. c:function:: TSSslContext TSSslContextFindByAddr(struct sockaddr const*)
+
+
+Description
+-----------
+
+   Look for a SSL context created from the :c:type:`ssl_multicert.config` file.  Use the server address to search.
+
+Type
+----
+
+.. c:type:: TSSslContext
+
+   Corresponds to the SSL_CTX * value in openssl.

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c5dfc23e/doc/reference/api/TSVConnIsSsl.en.rst
----------------------------------------------------------------------
diff --git a/doc/reference/api/TSVConnIsSsl.en.rst b/doc/reference/api/TSVConnIsSsl.en.rst
new file mode 100644
index 0000000..c04c699
--- /dev/null
+++ b/doc/reference/api/TSVConnIsSsl.en.rst
@@ -0,0 +1,32 @@
+.. Licensed to the Apache Software Foundation (ASF) under one or more
+   contributor license agreements.  See the NOTICE file distributed
+   with this work for additional information regarding copyright
+   ownership.  The ASF licenses this file to you under the Apache
+   License, Version 2.0 (the "License"); you may not use this file
+   except in compliance with the License.  You may obtain a copy of
+   the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied.  See the License for the specific language governing
+   permissions and limitations under the License.
+
+
+TSVConnIsSsl
+============
+
+Synopsis
+--------
+
+`#include <ts/ts.h>`
+
+.. c:function:: int TSVConnIsSsl(TSVConn svc)
+
+Description
+-----------
+
+   Determines whether the connection associated with :arg:`svc` is being processed as an SSL connection. Returns 1 if it is being processed as SSL and 0 otherwise.
+

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c5dfc23e/doc/reference/api/TSVConnReenable.en.rst
----------------------------------------------------------------------
diff --git a/doc/reference/api/TSVConnReenable.en.rst b/doc/reference/api/TSVConnReenable.en.rst
new file mode 100644
index 0000000..c8efb3a
--- /dev/null
+++ b/doc/reference/api/TSVConnReenable.en.rst
@@ -0,0 +1,34 @@
+.. Licensed to the Apache Software Foundation (ASF) under one or more
+   contributor license agreements.  See the NOTICE file distributed
+   with this work for additional information regarding copyright
+   ownership.  The ASF licenses this file to you under the Apache
+   License, Version 2.0 (the "License"); you may not use this file
+   except in compliance with the License.  You may obtain a copy of
+   the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied.  See the License for the specific language governing
+   permissions and limitations under the License.
+
+
+TSVConnReenable
+===============
+
+Synopsis
+--------
+
+`#include <ts/ts.h>`
+
+.. c:function:: void TSSslVConnReenable(TSVConn svc)
+
+Description
+-----------
+
+   Reenable the SSL connection :arg:`svc`. If a plugin hook is called, ATS processing on that connnection will not resume until this is invoked for that connection.
+
+
+

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c5dfc23e/doc/reference/api/TSVConnSslConnectionGet.en.rst
----------------------------------------------------------------------
diff --git a/doc/reference/api/TSVConnSslConnectionGet.en.rst b/doc/reference/api/TSVConnSslConnectionGet.en.rst
new file mode 100644
index 0000000..610c8a0
--- /dev/null
+++ b/doc/reference/api/TSVConnSslConnectionGet.en.rst
@@ -0,0 +1,41 @@
+.. Licensed to the Apache Software Foundation (ASF) under one or more
+   contributor license agreements.  See the NOTICE file distributed
+   with this work for additional information regarding copyright
+   ownership.  The ASF licenses this file to you under the Apache
+   License, Version 2.0 (the "License"); you may not use this file
+   except in compliance with the License.  You may obtain a copy of
+   the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied.  See the License for the specific language governing
+   permissions and limitations under the License.
+
+
+TSVConnSslConnectionGet
+===========
+
+Synopsis
+--------
+
+`#include <ts/ts.h>`
+
+.. c:function:: TSSslVConnection TSVConnSslConnectionGet(TSVConn svc)
+
+
+Description
+-----------
+
+   Get the SSL (per connection) object from the SSl connection :arg:`svc`.
+
+
+Types
+-----
+
+.. c:type:: TSSslVConnection
+
+   The SSL (per connection) object.  This is an opaque type that can be cast to the appropriate type (SSL * for the openSSL library).
+

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c5dfc23e/doc/reference/api/TSVConnTunnel.en.rst
----------------------------------------------------------------------
diff --git a/doc/reference/api/TSVConnTunnel.en.rst b/doc/reference/api/TSVConnTunnel.en.rst
new file mode 100644
index 0000000..982e1d4
--- /dev/null
+++ b/doc/reference/api/TSVConnTunnel.en.rst
@@ -0,0 +1,35 @@
+.. Licensed to the Apache Software Foundation (ASF) under one or more
+   contributor license agreements.  See the NOTICE file distributed
+   with this work for additional information regarding copyright
+   ownership.  The ASF licenses this file to you under the Apache
+   License, Version 2.0 (the "License"); you may not use this file
+   except in compliance with the License.  You may obtain a copy of
+   the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied.  See the License for the specific language governing
+   permissions and limitations under the License.
+
+
+TSVConnTunnel
+===========
+
+Synopsis
+--------
+
+`#include <ts/ts.h>`
+
+.. c:function:: TSReturnCode TSVConnTunnel(TSVConn svc)
+
+
+Description
+-----------
+
+   Set the SSL connection :arg:`svc` to convert to a blind tunnel.  Can be called from the TS_VCONN_PRE_ACCEPT_HOOK or the TS_SSL_SNI_HOOK.
+
+For this to work from the TS_SSL_SNI_HOOK, the openSSL patch must be applied which adds the ability to break out of the SSL_accept processing by returning SSL_TLSEXT_ERR_READ_AGAIN.
+