TSVConnReenable¶
Description¶
Re-enable the SSL connection svc. If a plugin hook is called, ATS processing on that connection will not resume until this is invoked for that connection.
If the server is running OpenSSL 1.0.2, the plugin writer can pause SSL handshake
processing at the certificate callback by not reenabling the connection.
Running an OpenSSL versions older than 1.0.2, the handshake processing in
SSL_accept
will not be stopped even if the SNI callback does not re-enable
the connection.
Additional processing could re-enable the virtual connection causing the
SSL_accept
to be called again to complete the handshake exchange. In the
case of a blind tunnel conversion, the SSL handshake will never be completed by
Traffic Server.
This call does appropriate locking and scheduling, so it is safe to call from another thread.
TSVConnReenableEx¶
Description¶
An extended version of TSVConnEnable that allows the plugin to return a status to the core logic. If all goes well this is TS_EVENT_CONTINUE. However, if the plugin wants to stop the processing it can set the event to TS_EVENT_ERROR.
For example, in the case of the TS_SSL_VERIFY_SERVER_HOOK, the plugin make decide the origin certificate is bad. By calling TSVonnReenable with TS_EVENT_ERROR, the certificate check will error and the TLS handshake will fail.