This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 2ab5899 TS-4976: Regularize plugins - ssl_sni
2ab5899 is described below
commit 2ab58998f14337644c6bcf8cec54fec6af986604
Author: Alan M. Carroll <a...@apache.org>
AuthorDate: Fri Aug 25 07:14:22 2017 -0500
TS-4976: Regularize plugins - ssl_sni
---
example/Makefile.am | 4 +--
example/{ssl-sni/ssl-sni.cc => ssl_sni/ssl_sni.cc} | 42 ++++++++--------------
example/{ssl-sni => ssl_sni}/ssl_sni.config | 0
3 files changed, 17 insertions(+), 29 deletions(-)
diff --git a/example/Makefile.am b/example/Makefile.am
index b17b33e..069c9ea 100644
--- a/example/Makefile.am
+++ b/example/Makefile.am
@@ -53,7 +53,7 @@ example_Plugins = \
session_hooks.la \
ssl_preaccept.la \
ssl-sni-whitelist.la \
- ssl-sni.la \
+ ssl_sni.la \
statistic.la \
thread-1.la \
txn-data-sink.la \
@@ -118,7 +118,7 @@ secure_link_la_SOURCES = secure_link/secure_link.c
server_push_la_SOURCES = server_push/server_push.c
server_transform_la_SOURCES = server_transform/server_transform.c
ssl_preaccept_la_SOURCES = ssl_preaccept/ssl_preaccept.cc
-ssl_sni_la_SOURCES = ssl-sni/ssl-sni.cc
+ssl_sni_la_SOURCES = ssl_sni/ssl_sni.cc
ssl_sni_la_LIBADD = $(libtsconfig)
ssl_sni_whitelist_la_SOURCES = ssl-sni-whitelist/ssl-sni-whitelist.cc
ssl_sni_whitelist_la_LIBADD = $(libtsconfig)
diff --git a/example/ssl-sni/ssl-sni.cc b/example/ssl_sni/ssl_sni.cc
similarity index 84%
rename from example/ssl-sni/ssl-sni.cc
rename to example/ssl_sni/ssl_sni.cc
index 110f861..2d9e1aa 100644
--- a/example/ssl-sni/ssl-sni.cc
+++ b/example/ssl_sni/ssl_sni.cc
@@ -1,6 +1,7 @@
-/**
- @file
- SSL Preaccept test plugin
+/** @file
+
+ SSL Preaccept test plugin.
+
Implements blind tunneling based on the client IP address
The client ip addresses are specified in the plugin's
config file as an array of IP addresses or IP address ranges under the
@@ -29,7 +30,6 @@
#include <memory.h>
#include <cinttypes>
#include <ts/ts.h>
-#include "ts/ink_config.h"
#include <tsconfig/TsValue.h>
#include <openssl/ssl.h>
#include <getopt.h>
@@ -37,10 +37,8 @@
using ts::config::Configuration;
using ts::config::Value;
-#define PN "ssl-sni-test"
-#define PCP "[" PN " Plugin] "
-
-#if TS_USE_TLS_SNI
+#define PLUGIN_NAME "ssl_sni"
+#define PCP "[" PLUGIN_NAME "] "
namespace
{
@@ -93,7 +91,7 @@ CB_servername(TSCont /* contp */, TSEvent /* event */, void
*edata)
if (servername_len >= facebook_name_len) {
const char *server_ptr = servername + (servername_len -
facebook_name_len);
if (strcmp(server_ptr, "facebook.com") == 0) {
- TSDebug("skh", "Blind tunnel from SNI callback");
+ TSDebug(PLUGIN_NAME, "Blind tunnel from SNI callback");
TSVConnTunnel(ssl_vc);
// Don't reenable to ensure that we break out of the
// SSL handshake processing
@@ -102,14 +100,14 @@ CB_servername(TSCont /* contp */, TSEvent /* event */,
void *edata)
}
// If the name is yahoo, look for a context for safelyfiled and use that
here
if (strcmp("www.yahoo.com", servername) == 0) {
- TSDebug("skh", "SNI name is yahoo ssl obj is %p", sslobj);
+ TSDebug(PLUGIN_NAME, "SNI name is yahoo ssl obj is %p", sslobj);
if (sslobj) {
TSSslContext ctxobj = TSSslContextFindByName("safelyfiled.com");
if (ctxobj != nullptr) {
- TSDebug("skh", "Found cert for safelyfiled");
+ TSDebug(PLUGIN_NAME, "Found cert for safelyfiled");
SSL_CTX *ctx = reinterpret_cast<SSL_CTX *>(ctxobj);
SSL_set_SSL_CTX(ssl, ctx);
- TSDebug("skh", "SNI plugin cb: replace SSL CTX");
+ TSDebug(PLUGIN_NAME, "SNI plugin cb: replace SSL CTX");
}
}
}
@@ -133,9 +131,9 @@ TSPluginInit(int argc, const char *argv[])
{const_cast<char *>("config"), required_argument, nullptr, 'c'}, {nullptr,
no_argument, nullptr, '\0'},
};
- info.plugin_name = const_cast<char *>("SSL SNI callback test");
- info.vendor_name = const_cast<char *>("Network Geographics");
- info.support_email = const_cast<char *>("shinr...@network-geographics.com");
+ info.plugin_name = PLUGIN_NAME;
+ info.vendor_name = "Apache Software Foundation";
+ info.support_email = "d...@trafficserver.apache.org";
int opt = 0;
while (opt >= 0) {
@@ -150,7 +148,7 @@ TSPluginInit(int argc, const char *argv[])
if (ConfigPath.length() == 0) {
static const char *const DEFAULT_CONFIG_PATH = "ssl_sni.config";
ConfigPath =
std::string(TSConfigDirGet()) + '/' + std::string(DEFAULT_CONFIG_PATH);
- TSDebug(PN, "No config path set in arguments, using default: %s",
DEFAULT_CONFIG_PATH);
+ TSDebug(PLUGIN_NAME, "No config path set in arguments, using default: %s",
DEFAULT_CONFIG_PATH);
}
if (TS_SUCCESS != TSPluginRegister(&info)) {
@@ -169,17 +167,7 @@ TSPluginInit(int argc, const char *argv[])
if (!success) {
TSError(PCP "not initialized");
}
- TSDebug(PN, "Plugin %s", success ? "online" : "offline");
+ TSDebug(PLUGIN_NAME, "Plugin %s", success ? "online" : "offline");
return;
}
-
-#else // ! TS_USE_TLS_SNI
-
-void
-TSPluginInit(int, const char *[])
-{
- TSError(PCP "requires TLS SNI which is not available");
-}
-
-#endif // TS_USE_TLS_SNI
diff --git a/example/ssl-sni/ssl_sni.config b/example/ssl_sni/ssl_sni.config
similarity index 100%
rename from example/ssl-sni/ssl_sni.config
rename to example/ssl_sni/ssl_sni.config
--
To stop receiving notification emails like this one, please contact
['"commits@trafficserver.apache.org" <commits@trafficserver.apache.org>'].
