Lev Stipakov created TS-3292:
--------------------------------
Summary: Make tr-pass work for SSL port
Key: TS-3292
URL: https://issues.apache.org/jira/browse/TS-3292
Project: Traffic Server
Issue Type: New Feature
Components: Core
Reporter: Lev Stipakov
As discussed some time ago on IRC, it would be nice to have tr-pass
functionality for SSL port.
If SSLAccept returns an error and:
* tr-pass is set
* first byte is not ClientHello
we activate blind tunnel.
If I understand correctly, the only packet we expect in sslServerHandShakeEvent
is ClientHello, so it is safe to assume that if first byte is not handshake
code (0x16), traffic is not SSL.
I also think that we should start tunnel for all errors, not only
SSL_ERROR_SSL, because if first packet is smaller than expected ClientHello,
SSLAccept returns SSL_ERROR_WANT_READ. Subsequent packets will surely generate
SSL_ERROR_SSL, but I don't think it is necessary to wait for those.
https://github.com/apache/trafficserver/pull/162
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
