[
https://issues.apache.org/jira/browse/TS-2210?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13886094#comment-13886094
]
James Peach commented on TS-2210:
---------------------------------
[~bcall] and I chatted about this on IRC. The fundamental problem with exposing
SSL abstractions is that there's a huge amount of API that is needed for
plugins do be able to do the sorts of things they can do directly with the
OpenSSL API. The number of plugins that actually need this is very small and
the likelihood of Traffic Server using a TLS layer other than OpenSSL is slim.
So I propose the following API:
{code}
void * TSHttpSsnSSLContextGet(TSHttpSsn); // Returns SSL_CTX *
{code}
I don't much like the name of this API, but I think that this addresses the
needs of this ticket and also TS-1584.
> add API to get access to the client cert in the SSL Net VC
> ----------------------------------------------------------
>
> Key: TS-2210
> URL: https://issues.apache.org/jira/browse/TS-2210
> Project: Traffic Server
> Issue Type: Improvement
> Components: SSL, TS API
> Reporter: Bryan Call
> Assignee: James Peach
> Fix For: 4.2.0
>
> Attachments: 2210.diff
>
>
> In SSLNetVConnection SSL_get_peer_certificate(ssl) is called and client_cert
> is set. There is a request from Brian France to get access to the client
> cert.
> He wants to be able to call X509_NAME_oneline(), X509_get_subject_name(), and
> X509_get_issuer_name() on the cert.
> Where the cert is set in the code:
> iocore/net/SSLNetVConnection.cc:499: client_cert =
> SSL_get_peer_certificate(ssl);
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
