Provided by: trafficserver-dev_9.2.0+ds-2_amd64 bug

NAME

       TSVConnProtocolEnable/Disable - TSVConnProtocol API function

SYNOPSIS

          #include <ts/ts.h>

       TSReturnCode TSVConnProtocolEnable(TSVConn vconn, const char *protocol)

       TSReturnCode TSVConnProtocolDisable(TSVConn vconn, const char *protocol)

DESCRIPTION

       TSVConnProtocolEnable() will enable the protocol specified by protocol to be advertised in
       the TLS protocol negotiation.

       Similarly, TSVConnProtocolDisable() will remove the protocol specified  by  protocol  from
       the TLS protocol negotiation.

       To  be  effective,  these  calls  must  be  made from the early TLS negotiation hooks like
       TS_SSL_CLIENT_HELLO_HOOK or TS_SSL_SERVERNAME_HOOK.

EXAMPLES

       The example below is excerpted  from  example/plugins/c-api/disable_http2/disable_http2.cc
       in  the  Traffic  Server  source  distribution.  It shows how the TSVConnProtocolDisable()
       function can be used in a plugin called from the TS_SSL_SERVERNAME_HOOK.

          int
          CB_SNI(TSCont contp, TSEvent, void *cb_data)
          {
            auto vc                  = static_cast<TSVConn>(cb_data);
            TSSslConnection ssl_conn = TSVConnSslConnectionGet(vc);
            auto *ssl                = reinterpret_cast<SSL *>(ssl_conn);
            char const *sni          = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
            if (sni) {
              if (Domains.find(sni) != Domains.end()) {
                TSDebug(PLUGIN_NAME, "Disable H2 for SNI=%s", sni);
                TSVConnProtocolDisable(vc, TS_ALPN_PROTOCOL_HTTP_2_0);
              }
            }

COPYRIGHT

       2023, dev@trafficserver.apache.org