This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push: new 2ab5899 TS-4976: Regularize plugins - ssl_sni 2ab5899 is described below commit 2ab58998f14337644c6bcf8cec54fec6af986604 Author: Alan M. Carroll <a...@apache.org> AuthorDate: Fri Aug 25 07:14:22 2017 -0500 TS-4976: Regularize plugins - ssl_sni --- example/Makefile.am | 4 +-- example/{ssl-sni/ssl-sni.cc => ssl_sni/ssl_sni.cc} | 42 ++++++++-------------- example/{ssl-sni => ssl_sni}/ssl_sni.config | 0 3 files changed, 17 insertions(+), 29 deletions(-) diff --git a/example/Makefile.am b/example/Makefile.am index b17b33e..069c9ea 100644 --- a/example/Makefile.am +++ b/example/Makefile.am @@ -53,7 +53,7 @@ example_Plugins = \ session_hooks.la \ ssl_preaccept.la \ ssl-sni-whitelist.la \ - ssl-sni.la \ + ssl_sni.la \ statistic.la \ thread-1.la \ txn-data-sink.la \ @@ -118,7 +118,7 @@ secure_link_la_SOURCES = secure_link/secure_link.c server_push_la_SOURCES = server_push/server_push.c server_transform_la_SOURCES = server_transform/server_transform.c ssl_preaccept_la_SOURCES = ssl_preaccept/ssl_preaccept.cc -ssl_sni_la_SOURCES = ssl-sni/ssl-sni.cc +ssl_sni_la_SOURCES = ssl_sni/ssl_sni.cc ssl_sni_la_LIBADD = $(libtsconfig) ssl_sni_whitelist_la_SOURCES = ssl-sni-whitelist/ssl-sni-whitelist.cc ssl_sni_whitelist_la_LIBADD = $(libtsconfig) diff --git a/example/ssl-sni/ssl-sni.cc b/example/ssl_sni/ssl_sni.cc similarity index 84% rename from example/ssl-sni/ssl-sni.cc rename to example/ssl_sni/ssl_sni.cc index 110f861..2d9e1aa 100644 --- a/example/ssl-sni/ssl-sni.cc +++ b/example/ssl_sni/ssl_sni.cc @@ -1,6 +1,7 @@ -/** - @file - SSL Preaccept test plugin +/** @file + + SSL Preaccept test plugin. + Implements blind tunneling based on the client IP address The client ip addresses are specified in the plugin's config file as an array of IP addresses or IP address ranges under the @@ -29,7 +30,6 @@ #include <memory.h> #include <cinttypes> #include <ts/ts.h> -#include "ts/ink_config.h" #include <tsconfig/TsValue.h> #include <openssl/ssl.h> #include <getopt.h> @@ -37,10 +37,8 @@ using ts::config::Configuration; using ts::config::Value; -#define PN "ssl-sni-test" -#define PCP "[" PN " Plugin] " - -#if TS_USE_TLS_SNI +#define PLUGIN_NAME "ssl_sni" +#define PCP "[" PLUGIN_NAME "] " namespace { @@ -93,7 +91,7 @@ CB_servername(TSCont /* contp */, TSEvent /* event */, void *edata) if (servername_len >= facebook_name_len) { const char *server_ptr = servername + (servername_len - facebook_name_len); if (strcmp(server_ptr, "facebook.com") == 0) { - TSDebug("skh", "Blind tunnel from SNI callback"); + TSDebug(PLUGIN_NAME, "Blind tunnel from SNI callback"); TSVConnTunnel(ssl_vc); // Don't reenable to ensure that we break out of the // SSL handshake processing @@ -102,14 +100,14 @@ CB_servername(TSCont /* contp */, TSEvent /* event */, void *edata) } // If the name is yahoo, look for a context for safelyfiled and use that here if (strcmp("www.yahoo.com", servername) == 0) { - TSDebug("skh", "SNI name is yahoo ssl obj is %p", sslobj); + TSDebug(PLUGIN_NAME, "SNI name is yahoo ssl obj is %p", sslobj); if (sslobj) { TSSslContext ctxobj = TSSslContextFindByName("safelyfiled.com"); if (ctxobj != nullptr) { - TSDebug("skh", "Found cert for safelyfiled"); + TSDebug(PLUGIN_NAME, "Found cert for safelyfiled"); SSL_CTX *ctx = reinterpret_cast<SSL_CTX *>(ctxobj); SSL_set_SSL_CTX(ssl, ctx); - TSDebug("skh", "SNI plugin cb: replace SSL CTX"); + TSDebug(PLUGIN_NAME, "SNI plugin cb: replace SSL CTX"); } } } @@ -133,9 +131,9 @@ TSPluginInit(int argc, const char *argv[]) {const_cast<char *>("config"), required_argument, nullptr, 'c'}, {nullptr, no_argument, nullptr, '\0'}, }; - info.plugin_name = const_cast<char *>("SSL SNI callback test"); - info.vendor_name = const_cast<char *>("Network Geographics"); - info.support_email = const_cast<char *>("shinr...@network-geographics.com"); + info.plugin_name = PLUGIN_NAME; + info.vendor_name = "Apache Software Foundation"; + info.support_email = "d...@trafficserver.apache.org"; int opt = 0; while (opt >= 0) { @@ -150,7 +148,7 @@ TSPluginInit(int argc, const char *argv[]) if (ConfigPath.length() == 0) { static const char *const DEFAULT_CONFIG_PATH = "ssl_sni.config"; ConfigPath = std::string(TSConfigDirGet()) + '/' + std::string(DEFAULT_CONFIG_PATH); - TSDebug(PN, "No config path set in arguments, using default: %s", DEFAULT_CONFIG_PATH); + TSDebug(PLUGIN_NAME, "No config path set in arguments, using default: %s", DEFAULT_CONFIG_PATH); } if (TS_SUCCESS != TSPluginRegister(&info)) { @@ -169,17 +167,7 @@ TSPluginInit(int argc, const char *argv[]) if (!success) { TSError(PCP "not initialized"); } - TSDebug(PN, "Plugin %s", success ? "online" : "offline"); + TSDebug(PLUGIN_NAME, "Plugin %s", success ? "online" : "offline"); return; } - -#else // ! TS_USE_TLS_SNI - -void -TSPluginInit(int, const char *[]) -{ - TSError(PCP "requires TLS SNI which is not available"); -} - -#endif // TS_USE_TLS_SNI diff --git a/example/ssl-sni/ssl_sni.config b/example/ssl_sni/ssl_sni.config similarity index 100% rename from example/ssl-sni/ssl_sni.config rename to example/ssl_sni/ssl_sni.config -- To stop receiving notification emails like this one, please contact ['"commits@trafficserver.apache.org" <commits@trafficserver.apache.org>'].