Hello, we are developing a software that lets users share HTTP resources in a way akin to BitTorrent. For this purpose, we have built a proxy which acts as a signatory of these resources, so that when it is shared among peers, its integrity can be verified.
All the signatory does ATM is, whenever it receives a response from the origin, it signs the HTTP header fields, it forces HTTP chunk encoding and signs each chunk in a chunk extension. We've been using ATS for about 9 years now in another project (https://deflect.ca) and are now thinking whether it would be possible to write an ATS plugin to sign the content from there. The hope is that this would allow us to cache already signed resources to avoid re-signing the content each it it's requested. Another benefit would be that we could reuse our existing deflect infrastructure. That is, whenever ATS receives a response from the origin, we need to: 1. Add HTTP header fields containing signature of the original fields 2. Force chunked encoding (we also need to return chunks of particular sizes) 3. Add chunk extensions containing chunk signatures 4. Add HTTP trailer 5. Ideally, also have ATS store the response together with all the signatures (from header, chunk extensions and the trailer) so that ATS can serve those on the next request. I have last looked into writing ATS plugins more than a year ago, but IIRC #1 is not a problem. However we've so far failed to find an ATS plugin API to do #2,3 and 4 and thus would greatly appreciate any pointers. We have also found [1], which seems to suggest that chunk headers and extensions are not stored in the cache. But maybe there is a workaround? Or the situation has changes since 2016? Thanks, Peter [1] http://apache-traffic-server.24303.n7.nabble.com/Chunked-Transfer-Encodings-in-Traffic-Server-td2782.html
