[
https://issues.apache.org/jira/browse/TS-3372?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Susan Hinrichs reassigned TS-3372:
----------------------------------
Assignee: Susan Hinrichs
> Need to find another solution to SSL_set_rbio
> ---------------------------------------------
>
> Key: TS-3372
> URL: https://issues.apache.org/jira/browse/TS-3372
> Project: Traffic Server
> Issue Type: Bug
> Components: SSL
> Reporter: Susan Hinrichs
> Assignee: Susan Hinrichs
>
> We currently use readonly membuf BIOs to feed the handshake buffers into the
> SSL_accept. We added this to enable a SSL connection to transition into a
> blind tunneled connection. We would have the first packet in a io buffer
> ready to send onto the origin server if the plugin decided to blind tunnel.
> To make this work, we would have to reset the read bio on each packet, since
> we are passing in read-only pointers to our io buffer structures.
> Openssl provides a SSL_set_bio() call that lets you reset the read and write
> bios for the SSL. And you could use SSL_get_wbio() to feed back in the same
> write bio. But in the code, if buffered output is enabled (which it is in
> our case), the write bio state is changed even if the write bio we pass in is
> identical to the write bio that is already present.
> To make things work, I added a SSL_set_rbio that only frees and sets the
> rbio. This works fine for us. But with the next major version (1.1) we will
> not be able to read into the ssl data structure and adjust the rbio field
> directly.
> Either we need to find the official approved solution to this problem or get
> them to add one.
> We have also discussed bypassing the openssl buffering and use ATS buffing
> based on io buffers.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
