You are viewing a plain text version of this content. The canonical link for it is here.

Posted to github@trafficserver.apache.org by GitBox <gi...@apache.org> on 2022/01/18 09:29:47 UTC

[GitHub] [trafficserver] maskit opened a new pull request #8612: Introduce TLSTunnelSupport interface

maskit opened a new pull request #8612:
URL: https://github.com/apache/trafficserver/pull/8612


   This introduces a mix-in class for TLS tunneling stuff.
   
   The goal of this PR is to remove `dynamic_cast<SSLNetVConnection *>` from `HttpSM` and cleanup SSLNetVC a bit. Although some code that can be moved to the mix-in class is remained, code for tunneling is spread over multiple modules and I'd like to hand over that part to someone who is familiar with tunneling stuff.
   
   On this PR, although there are two small changes, I simply moved functions that are just for tunneling into the mix-in class, so the logic isn't changed. Please see inline comments for the two changes
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] duke8253 commented on a change in pull request #8612: Introduce TLSTunnelSupport interface

Posted by GitBox <gi...@apache.org>.

duke8253 commented on a change in pull request #8612:
URL: https://github.com/apache/trafficserver/pull/8612#discussion_r792849137



##########
File path: proxy/http/HttpSM.cc
##########
@@ -655,16 +655,16 @@ HttpSM::setup_blind_tunnel_port()
       u.scheme_set(URL_SCHEME_TUNNEL, URL_LEN_TUNNEL);
       t_state.hdr_info.client_request.url_set(&u);
 
-      if (ssl_vc->has_tunnel_destination()) {
-        const char *tunnel_host = ssl_vc->get_tunnel_host();
+      if (tts->has_tunnel_destination()) {
+        const char *tunnel_host = tts->get_tunnel_host();
         t_state.hdr_info.client_request.url_get()->host_set(tunnel_host, strlen(tunnel_host));
-        if (ssl_vc->get_tunnel_port() > 0) {
-          t_state.hdr_info.client_request.url_get()->port_set(ssl_vc->get_tunnel_port());
+        if (tts->get_tunnel_port() > 0) {
+          t_state.hdr_info.client_request.url_get()->port_set(tts->get_tunnel_port());
         } else {
           t_state.hdr_info.client_request.url_get()->port_set(netvc->get_local_port());
         }
       } else {
-        t_state.hdr_info.client_request.url_get()->host_set(ssl_vc->get_server_name(), strlen(ssl_vc->get_server_name()));
+        t_state.hdr_info.client_request.url_get()->host_set(netvc->get_server_name(), strlen(netvc->get_server_name()));

Review comment:
       agreed.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] maskit commented on a change in pull request #8612: Introduce TLSTunnelSupport interface

Posted by GitBox <gi...@apache.org>.

maskit commented on a change in pull request #8612:
URL: https://github.com/apache/trafficserver/pull/8612#discussion_r786564686



##########
File path: proxy/http/HttpSM.cc
##########
@@ -655,16 +655,16 @@ HttpSM::setup_blind_tunnel_port()
       u.scheme_set(URL_SCHEME_TUNNEL, URL_LEN_TUNNEL);
       t_state.hdr_info.client_request.url_set(&u);
 
-      if (ssl_vc->has_tunnel_destination()) {
-        const char *tunnel_host = ssl_vc->get_tunnel_host();
+      if (tts->has_tunnel_destination()) {
+        const char *tunnel_host = tts->get_tunnel_host();
         t_state.hdr_info.client_request.url_get()->host_set(tunnel_host, strlen(tunnel_host));
-        if (ssl_vc->get_tunnel_port() > 0) {
-          t_state.hdr_info.client_request.url_get()->port_set(ssl_vc->get_tunnel_port());
+        if (tts->get_tunnel_port() > 0) {
+          t_state.hdr_info.client_request.url_get()->port_set(tts->get_tunnel_port());
         } else {
           t_state.hdr_info.client_request.url_get()->port_set(netvc->get_local_port());
         }
       } else {
-        t_state.hdr_info.client_request.url_get()->host_set(ssl_vc->get_server_name(), strlen(ssl_vc->get_server_name()));
+        t_state.hdr_info.client_request.url_get()->host_set(netvc->get_server_name(), strlen(netvc->get_server_name()));

Review comment:
       I don't think we need to use `ssl_vc` because `get_server_name` is a virtual function.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] duke8253 commented on a change in pull request #8612: Introduce TLSTunnelSupport interface

Posted by GitBox <gi...@apache.org>.

duke8253 commented on a change in pull request #8612:
URL: https://github.com/apache/trafficserver/pull/8612#discussion_r792848503



##########
File path: iocore/net/SSLNetVConnection.cc
##########
@@ -991,8 +994,6 @@ SSLNetVConnection::free(EThread *t)
   }
   con.close();
 
-  ats_free(tunnel_host);

Review comment:
       agreed.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] maskit merged pull request #8612: Introduce TLSTunnelSupport interface

Posted by GitBox <gi...@apache.org>.

maskit merged pull request #8612:
URL: https://github.com/apache/trafficserver/pull/8612


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] maskit commented on a change in pull request #8612: Introduce TLSTunnelSupport interface

Posted by GitBox <gi...@apache.org>.

maskit commented on a change in pull request #8612:
URL: https://github.com/apache/trafficserver/pull/8612#discussion_r786563736



##########
File path: iocore/net/SSLNetVConnection.cc
##########
@@ -991,8 +994,6 @@ SSLNetVConnection::free(EThread *t)
   }
   con.close();
 
-  ats_free(tunnel_host);

Review comment:
       This part was moved into `TLSTunnelSupport::_clear()`. It should be ok as we call the function in `clear()` on line 1009.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org