trafficserver-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From oknet <...@git.apache.org>
Subject [GitHub] trafficserver pull request: TS-4075: add a state check for sslHand...
Date Mon, 14 Dec 2015 12:07:27 GMT
GitHub user oknet opened a pull request:

    https://github.com/apache/trafficserver/pull/374

    TS-4075: add a state check for sslHandshakeHookState

    Add a state check for sslHandshakeHookState after PreAcceptHookState checking in sslServerHandShakeEvent().
    and modify the codes in reenable() and callHooks() to fit the patch
    
    The Processing:
    path A for normal handshake.
    path B for ssl session reuse
    
    1. client initial a tcp connection with ATS
    2. ATS trigger a PreAccept Hooks
    3. PreAccept Hooks Done
    4a. client send a "Client Hello with Sever Cert Request"
    5a. set handshakestate to CERT from PRE
    6a. SSLAccept() got a "Server Cert Request" then trigger callHooks()
    7a. set curHooks
    8a. if curHook != NULL then set handshakestate to INVOKE and invoke hooks.
    9a. reenable in Hooks A
    10a. invoke Hook B and next Hooks ... until curHook == NULL
    11a. set handshakestate to DONE
    12. SSLAccept() handshake finished
    
    4b. client send a "ssl session reuse request"
    5b. set handshakestate to CERT from PRE
    6b. SSLAccept() got a "ssl session reuse reques" then reuse session handshake finished
    7b. set handshakestate to DONE from CERT

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/oknet/trafficserver patch-2

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/trafficserver/pull/374.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #374
    
----
commit 0de7e196aadac090a412b720df7e5faf9183b5ba
Author: Oknet <xuchao@gmail.com>
Date:   2015-12-14T12:00:45Z

    TS-4075: add a state check for sslHandshakeHookState after PreAcceptHookState checking
    
    Add a state check for sslHandshakeHookState after PreAcceptHookState checking in sslServerHandShakeEvent().
    and modify the codes in reenable() and callHooks() to fit the patch
    
    The Processing:
    
    1. client initial a tcp connection with ATS
    2. ATS trigger a PreAccept Hooks
    3. PreAccept Hooks Done
    4a. client send a "Client Hello with Sever Cert Request"
    5a. set handshakestate to CERT from PRE
    6a. SSLAccept() got a "Server Cert Request" then trigger callHooks()
    7a. set curHooks
    8a. if curHook != NULL then set handshakestate to INVOKE and invoke hooks.
    9a. reenable in Hooks A
    10a. invoke Hook B and next Hooks ... until curHook == NULL
    11a. set handshakestate to DONE
    12. SSLAccept() handshake finished
    
    4b. client send a "ssl session reuse request"
    5b. set handshakestate to CERT from PRE
    6b. SSLAccept() got a "ssl session reuse reques" then reuse session handshake finished
    7b. set handshakestate to DONE from CERT

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message