maskit commented on code in PR #12790:
URL: https://github.com/apache/trafficserver/pull/12790#discussion_r2723263318
##########
include/ts/apidefs.h.in:
##########
@@ -1081,6 +1081,19 @@ using TSAIOCallback = struct tsapi_aiocallback *;
using TSAcceptor = struct tsapi_net_accept *;
using TSRemapPluginInfo = struct tsapi_remap_plugin_info *;
+struct tsapi_ssl_client_hello {
+ uint16_t version;
+ const uint8_t *cipher_suites;
+ size_t cipher_suites_len;
+ const uint8_t *extensions;
+ size_t extensions_len;
+ int *extension_ids;
+ size_t extension_ids_len;
+ void *ssl_ptr;
+};
Review Comment:
Lazy load would be tricky. Best we can do is probably read and cache
everything in `TSVConnClientHelloGet`.
As I commented on somewhere, `SSL_CLIENT_HELLO` is only available during
BoringSSL callback functions are called. So `TSVConnClientHelloGet` needs to be
called on certain hooks (this should be documented). This plugin seems fine
since TSClientHelloDestroy is called on `TS_SSL_CLIENT_HELLO_HOOK`, but if
another plugin needs information from Client Hello later on another hook,
everything needs to be deep copied when `TSVConnClientHelloGet` is called.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
