> On Jan 5, 2015, at 8:40 AM, Lev Stipakov <[email protected]> wrote: > > Hello, > > > In my plugin I play with SNI callback which was introduced in TS-3006. > I have patched OpenSSL, made iptables route packets to ATS and was > able to start a blind tunnel from TS_SSL_SNI_HOOK callback. So far so > good. > > However I'd like to make decision on blind tunnel / proxying / closing > connection at some point in the future. So I start a thread, where I > do some calculations and call, say, TSVConnTunnel(). > > The problem is that while thread does some work (it may take, say, > second), my TS_SSL_SNI_HOOK gets continuously called. Because of that > I have to keep state that particular SSL connection is already > processed and, much more important, that continuous calling eats CPU a > lot.
I don't think that any subsequent hooks are supposed to be called until you re-enable the vconn with TSVConnReenable(). > What I would like to have is to make ATS call TS_SSL_SNI_HOOK *just > once* and, when TSVConnTunnel is called from a thread, start a blind > tunnel (latter seems to be already implemented). > > This will probably require some changes in SSLNetVConnection, could > someone please point me where should I start looking at and (or) maybe > give some advices how this can be achieved. > > -- > -Lev
