You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@trafficserver.apache.org by James Peach <jp...@apache.org> on 2014/02/25 01:37:16 UTC

Re: git commit: TS-2437: add a lifecycle hook to expose loaded SSL certificates to plugins

On Feb 24, 2014, at 3:15 PM, jpeach@apache.org wrote:

> Repository: trafficserver
> Updated Branches:
>  refs/heads/master 744eabae0 -> a5a93ac5a
> 
> 
> TS-2437: add a lifecycle hook to expose loaded SSL certificates to plugins
> 
> Add two new lifecycle hooks, TS_LIFECYCLE_SERVER_SSL_CTX_INITIALIZED_HOOK
> and TS_LIFECYCLE_CLIENT_SSL_CTX_INITIALIZED_HOOK.
> 
> The reason for these hooks is that I have a use case to manipulate
> (overwrite) the OpenSSL related callbacks in my plugin. I think it
> is also useful for applications who have a need to change or retrieve
> the SSL related attributes (callbacks, certs, configurations, etc).

The only concern that I had with this patch was whether it is a good idea to send the default SSL_CTX to the plugin. I'm not sure that the plugin can easily know what to do with that, or even do anything sensible. I merged this anyway, but we might want to revisit that part of it.

J