Add documentation for the SSL extensions.
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/c5dfc23e Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/c5dfc23e Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/c5dfc23e Branch: refs/heads/master Commit: c5dfc23e40e880fd48a0eed1dc495cbb1b97ac64 Parents: 25bd7ab Author: shinrich <[email protected]> Authored: Tue Sep 23 15:04:52 2014 -0500 Committer: shinrich <[email protected]> Committed: Tue Sep 23 15:07:39 2014 -0500 ---------------------------------------------------------------------- doc/reference/api/TSSslContextFindBy.en.rst | 56 ++++++++++++++++++++ doc/reference/api/TSVConnIsSsl.en.rst | 32 +++++++++++ doc/reference/api/TSVConnReenable.en.rst | 34 ++++++++++++ .../api/TSVConnSslConnectionGet.en.rst | 41 ++++++++++++++ doc/reference/api/TSVConnTunnel.en.rst | 35 ++++++++++++ 5 files changed, 198 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c5dfc23e/doc/reference/api/TSSslContextFindBy.en.rst ---------------------------------------------------------------------- diff --git a/doc/reference/api/TSSslContextFindBy.en.rst b/doc/reference/api/TSSslContextFindBy.en.rst new file mode 100644 index 0000000..fc6a975 --- /dev/null +++ b/doc/reference/api/TSSslContextFindBy.en.rst @@ -0,0 +1,56 @@ +.. Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed + with this work for additional information regarding copyright + ownership. The ASF licenses this file to you under the Apache + License, Version 2.0 (the "License"); you may not use this file + except in compliance with the License. You may obtain a copy of + the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied. See the License for the specific language governing + permissions and limitations under the License. + + +TSSslContextFindByName +====================== + +Synopsis +-------- + +`#include <ts/ts.h>` + + +.. c:function:: TSSslContext TSSslContextFindByName(const char *name) + + +Description +----------- + + Look for a SSL context created from the :c:type:`ssl_multicert.config` file. Use the server name to search. + +TSSslContextFindByAddr +======================= + +Synopsis +-------- + +`#include <ts/ts.h>` + +.. c:function:: TSSslContext TSSslContextFindByAddr(struct sockaddr const*) + + +Description +----------- + + Look for a SSL context created from the :c:type:`ssl_multicert.config` file. Use the server address to search. + +Type +---- + +.. c:type:: TSSslContext + + Corresponds to the SSL_CTX * value in openssl. http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c5dfc23e/doc/reference/api/TSVConnIsSsl.en.rst ---------------------------------------------------------------------- diff --git a/doc/reference/api/TSVConnIsSsl.en.rst b/doc/reference/api/TSVConnIsSsl.en.rst new file mode 100644 index 0000000..c04c699 --- /dev/null +++ b/doc/reference/api/TSVConnIsSsl.en.rst @@ -0,0 +1,32 @@ +.. Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed + with this work for additional information regarding copyright + ownership. The ASF licenses this file to you under the Apache + License, Version 2.0 (the "License"); you may not use this file + except in compliance with the License. You may obtain a copy of + the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied. See the License for the specific language governing + permissions and limitations under the License. + + +TSVConnIsSsl +============ + +Synopsis +-------- + +`#include <ts/ts.h>` + +.. c:function:: int TSVConnIsSsl(TSVConn svc) + +Description +----------- + + Determines whether the connection associated with :arg:`svc` is being processed as an SSL connection. Returns 1 if it is being processed as SSL and 0 otherwise. + http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c5dfc23e/doc/reference/api/TSVConnReenable.en.rst ---------------------------------------------------------------------- diff --git a/doc/reference/api/TSVConnReenable.en.rst b/doc/reference/api/TSVConnReenable.en.rst new file mode 100644 index 0000000..c8efb3a --- /dev/null +++ b/doc/reference/api/TSVConnReenable.en.rst @@ -0,0 +1,34 @@ +.. Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed + with this work for additional information regarding copyright + ownership. The ASF licenses this file to you under the Apache + License, Version 2.0 (the "License"); you may not use this file + except in compliance with the License. You may obtain a copy of + the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied. See the License for the specific language governing + permissions and limitations under the License. + + +TSVConnReenable +=============== + +Synopsis +-------- + +`#include <ts/ts.h>` + +.. c:function:: void TSSslVConnReenable(TSVConn svc) + +Description +----------- + + Reenable the SSL connection :arg:`svc`. If a plugin hook is called, ATS processing on that connnection will not resume until this is invoked for that connection. + + + http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c5dfc23e/doc/reference/api/TSVConnSslConnectionGet.en.rst ---------------------------------------------------------------------- diff --git a/doc/reference/api/TSVConnSslConnectionGet.en.rst b/doc/reference/api/TSVConnSslConnectionGet.en.rst new file mode 100644 index 0000000..610c8a0 --- /dev/null +++ b/doc/reference/api/TSVConnSslConnectionGet.en.rst @@ -0,0 +1,41 @@ +.. Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed + with this work for additional information regarding copyright + ownership. The ASF licenses this file to you under the Apache + License, Version 2.0 (the "License"); you may not use this file + except in compliance with the License. You may obtain a copy of + the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied. See the License for the specific language governing + permissions and limitations under the License. + + +TSVConnSslConnectionGet +=========== + +Synopsis +-------- + +`#include <ts/ts.h>` + +.. c:function:: TSSslVConnection TSVConnSslConnectionGet(TSVConn svc) + + +Description +----------- + + Get the SSL (per connection) object from the SSl connection :arg:`svc`. + + +Types +----- + +.. c:type:: TSSslVConnection + + The SSL (per connection) object. This is an opaque type that can be cast to the appropriate type (SSL * for the openSSL library). + http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c5dfc23e/doc/reference/api/TSVConnTunnel.en.rst ---------------------------------------------------------------------- diff --git a/doc/reference/api/TSVConnTunnel.en.rst b/doc/reference/api/TSVConnTunnel.en.rst new file mode 100644 index 0000000..982e1d4 --- /dev/null +++ b/doc/reference/api/TSVConnTunnel.en.rst @@ -0,0 +1,35 @@ +.. Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed + with this work for additional information regarding copyright + ownership. The ASF licenses this file to you under the Apache + License, Version 2.0 (the "License"); you may not use this file + except in compliance with the License. You may obtain a copy of + the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied. See the License for the specific language governing + permissions and limitations under the License. + + +TSVConnTunnel +=========== + +Synopsis +-------- + +`#include <ts/ts.h>` + +.. c:function:: TSReturnCode TSVConnTunnel(TSVConn svc) + + +Description +----------- + + Set the SSL connection :arg:`svc` to convert to a blind tunnel. Can be called from the TS_VCONN_PRE_ACCEPT_HOOK or the TS_SSL_SNI_HOOK. + +For this to work from the TS_SSL_SNI_HOOK, the openSSL patch must be applied which adds the ability to break out of the SSL_accept processing by returning SSL_TLSEXT_ERR_READ_AGAIN. +
