diff options
Diffstat (limited to 'platform')
| -rw-r--r-- | platform/include/internal/ssl_stream_core.h | 1 | ||||
| -rw-r--r-- | platform/src/proxy.cpp | 3 | ||||
| -rw-r--r-- | platform/src/ssl_stream.cpp | 1 |
3 files changed, 4 insertions, 1 deletions
diff --git a/platform/include/internal/ssl_stream_core.h b/platform/include/internal/ssl_stream_core.h index e2d1601..5f24e60 100644 --- a/platform/include/internal/ssl_stream_core.h +++ b/platform/include/internal/ssl_stream_core.h @@ -26,7 +26,6 @@ void ssl_manager_destroy(struct ssl_mgr * mgr); unsigned long ssl_stream_log_error(struct bufferevent * bev, enum tfe_conn_dir dir, struct ssl_mgr* mgr); void ssl_stream_process_error(struct ssl_stream * s_stream, unsigned long sslerr, struct ssl_mgr* mgr); const char* ssl_stream_get_error_string(enum ssl_stream_error error); -void ssl_stream_set_cmsg_string(struct ssl_stream *stream, enum tfe_cmsg_tlv_type type, const char *value_str); void ssl_stream_process_zero_eof(struct ssl_stream *s_stream, struct ssl_mgr *mgr); enum ssl_stream_action ssl_upstream_create_result_release_action(future_result_t * result); diff --git a/platform/src/proxy.cpp b/platform/src/proxy.cpp index b485209..b43129f 100644 --- a/platform/src/proxy.cpp +++ b/platform/src/proxy.cpp @@ -192,10 +192,13 @@ int tfe_proxy_fds_accept(struct tfe_proxy * ctx, int fd_downstream, int fd_upstr if (unlikely(ctx->tcp_all_passthrough) || tcp_passthrough > 0) { bool __true = true; + uint64_t ssl_intercept_status = SSL_ACTION_PASSTHROUGH; enum tfe_stream_proto __session_type = STREAM_PROTO_PLAIN; tfe_stream_option_set(stream, TFE_STREAM_OPT_PASSTHROUGH, &__true, sizeof(__true)); tfe_stream_option_set(stream, TFE_STREAM_OPT_SESSION_TYPE, &__session_type, sizeof(__session_type)); + tfe_cmsg_set(cmsg, TFE_CMSG_SSL_PASSTHROUGH_REASON, (const unsigned char *)"TCP Passthrough", (uint16_t)strlen("TCP Passthrough")); + tfe_cmsg_set(cmsg, TFE_CMSG_SSL_INTERCEPT_STATE, (const unsigned char *)&ssl_intercept_status, (uint16_t)sizeof(ssl_intercept_status)); } TFE_LOG_DEBUG(ctx->logger, "%p: fetch tcp options: cmsg's tcp_passthrough: %d, conf's tcp_passthrough: %d, enalbe passthrough: %d", stream, tcp_passthrough, ctx->tcp_all_passthrough, (ctx->tcp_all_passthrough > 0 || tcp_passthrough > 0) ? 1 : 0); diff --git a/platform/src/ssl_stream.cpp b/platform/src/ssl_stream.cpp index a6baa70..f826129 100644 --- a/platform/src/ssl_stream.cpp +++ b/platform/src/ssl_stream.cpp @@ -1476,6 +1476,7 @@ static void peek_chello_on_succ(future_result_t * result, void * user) if (ATOMIC_READ(&certstore_is_unavailable) > 3) { s_stream->up_parts.action=SSL_ACTION_PASSTHROUGH; + ssl_stream_set_cmsg_string(s_stream, TFE_CMSG_SSL_PASSTHROUGH_REASON, "Certstore Unavailable"); TFE_LOG_ERROR(ctx->mgr->logger, "CertStore is unavailable, PASSTHROUGH"); } |