The name change makes sense to me. I'll make the change everywhere in my PR tomorrow if everyone agrees with it. To be clear:
- Method to create SSL server context: `TSSslServerContextCreate` - Method to destroy any kind of SSL context: `TSSslContextDestroy` On Sun, Apr 24, 2016 at 2:57 PM, James Peach <[email protected]> wrote: > This looks pretty reasonable to me. One concern I have is that this API > creates SSL server contexts, so we ought to distinguish that in the API > name. > > I propose that TSSslContextCreate() be named TSSslServerContextCreate(), > and that we define TSSslContextDestroy() will be able to destroy both > server and client contexts (assuming we ever implement the latter). > > How does that sound? > > > On Apr 21, 2016, at 10:22 AM, Mathias Biilmann <[email protected]> > wrote: > > > > *API Review of adding TSSslContextCreate and TSSslContextDestroy* > > > > Hi All, > > > > Here's the API review request for the pull request: > > > > It adds two new API functions for creating and destroying SSL > > contexts. > > > > Traffic server exposes hooks that plugins can use to load certificates > via > > other > > mechanisms than the ssl_multicert.config, but there's currently no way > for > > a plugin > > to create a new SSL context based on the current ATS settings (cipher > > suites, which > > protocols to support, etc, etc). > > > > The TSSslContextCreate gives plugins an API function that will return a > > wrapped > > SSL context that respect all the SSL related settings in records.config > > > > It's up to the plugin to free the context after use, so the pull request > > includes > > a corresponding TSSslContextDestroy API function for freeing the context > > (just > > wraps the open ssl call for this, but having an API function makes it > more > > obvious > > that it's up to the plugin author to free the context). > > > > The two new API functions are: > > > > tsapi TSSslContext TSSslContextCreate() > > tsapi void TSSslContextDestroy(TSSslContext ctx) > > > > Best, > > Matt > > > > On Thu, Apr 21, 2016 at 10:11 AM, David Calavera < > [email protected]> > > wrote: > > > >> Originally proposed in https://github.com/apache/trafficserver/pull/402 > . > >> > >> It would be convenient to have those two methods in the API to properly > >> create SSL contexts setting the right configuration from records.config. > >> > >> I opened a ticket to track the issue: > >> https://issues.apache.org/jira/browse/TS-4373 > >> The final code is in https://github.com/apache/trafficserver/pull/594 > >> You can see the API documentation is isolated in this commit: > >> > >> > https://github.com/apache/trafficserver/pull/594/commits/523e9e703ecd835dc84e829d4539a1bf40e3ee3c > >> > >> Please, let me know if there is anything else I should do. > >> > >> Cheers, > >> David > >> > >
