[ 
https://issues.apache.org/jira/browse/TS-3292?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14277447#comment-14277447
 ] 

ASF subversion and git services commented on TS-3292:
-----------------------------------------------------

Commit 2b3dcf6eb4862e6293c91e0427e1e1a8cfe46116 in trafficserver's branch 
refs/heads/master from [~lstipakov]
[ https://git-wip-us.apache.org/repos/asf?p=trafficserver.git;h=2b3dcf6 ]

TS-3292:  Make tr-pass work for SSL port.
This closes #162


> Make tr-pass work for SSL port
> ------------------------------
>
>                 Key: TS-3292
>                 URL: https://issues.apache.org/jira/browse/TS-3292
>             Project: Traffic Server
>          Issue Type: New Feature
>          Components: Core
>            Reporter: Lev Stipakov
>            Assignee: Lev Stipakov
>
> As discussed some time ago on IRC, it would be nice to have tr-pass 
> functionality for SSL port.
> If SSLAccept returns an error and:
> * tr-pass is set
> * first byte is not ClientHello
> we activate blind tunnel.
> If I understand correctly, the only packet we expect in 
> sslServerHandShakeEvent is ClientHello, so it is safe to assume that if first 
> byte is not handshake code (0x16), traffic is not SSL.
> I also think that we should start tunnel for all errors, not only 
> SSL_ERROR_SSL, because if first packet is smaller than expected ClientHello, 
> SSLAccept returns SSL_ERROR_WANT_READ. Subsequent packets will surely 
> generate SSL_ERROR_SSL, but I don't think it is necessary to wait for those.
> https://github.com/apache/trafficserver/pull/162



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to