TSVConnReenable

概要

#include <ts/ts.h>
void TSVConnReenable(TSVConn svc)

解説

Re-enable the SSL connection svc. If a plugin hook is called, ATS processing on that connection will not resume until this is invoked for that connection.

If the server is running OpenSSL 1.0.2, the plugin writer can pause SSL handshake processing at the certificate callback by not reenabling the connection. Running an OpenSSL versions older than 1.0.2, the handshake processing in SSL_accept will not be stopped even if the SNI callback does not re-enable the connection.

Additional processing could re-enable the virtual connection causing the SSL_accept to be called again to complete the handshake exchange. In the case of a blind tunnel conversion, the SSL handshake will never be completed by Traffic Server.

This call does appropriate locking and scheduling, so it is safe to call from another thread.

TSVConnReenableEx

概要

#include <ts/ts.h>

void TSVConnReenableEx(TSVConn svc, TSEvent event)

解説

An extended version of TSVConnEnable that allows the plugin to return a status to the core logic. If all goes well this is TS_EVENT_CONTINUE. However, if the plugin wants to stop the processing it can set the event to TS_EVENT_ERROR.

For example, in the case of the TS_SSL_VERIFY_SERVER_HOOK, the plugin make decide the origin certificate is bad. By calling TSVonnReenable with TS_EVENT_ERROR, the certificate check will error and the TLS handshake will fail.