NAME

       TSVConnProtocolEnable/Disable - TSVConnProtocol API function

SYNOPSIS

          #include <ts/ts.h>

       TSReturnCode TSVConnProtocolEnable(TSVConn vconn, const char *protocol)

       TSReturnCode TSVConnProtocolDisable(TSVConn vconn, const char *protocol)

DESCRIPTION

       TSVConnProtocolEnable()  will  enable  the  protocol  specified  by  protocol to be advertised in the TLS
       protocol negotiation.

       Similarly, TSVConnProtocolDisable() will remove the protocol specified by protocol from the TLS  protocol
       negotiation.

       To   be   effective,   these   calls   must   be   made   from  the  early  TLS  negotiation  hooks  like
       TS_SSL_CLIENT_HELLO_HOOK or TS_SSL_SERVERNAME_HOOK.

EXAMPLES

       The example below is excerpted from example/plugins/c-api/disable_http2/disable_http2.cc in  the  Traffic
       Server  source  distribution.  It shows how the TSVConnProtocolDisable() function can be used in a plugin
       called from the TS_SSL_SERVERNAME_HOOK.

          int
          CB_SNI(TSCont contp, TSEvent, void *cb_data)
          {
            auto vc                  = static_cast<TSVConn>(cb_data);
            TSSslConnection ssl_conn = TSVConnSslConnectionGet(vc);
            auto *ssl                = reinterpret_cast<SSL *>(ssl_conn);
            char const *sni          = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
            if (sni) {
              if (Domains.find(sni) != Domains.end()) {
                TSDebug(PLUGIN_NAME, "Disable H2 for SNI=%s", sni);
                TSVConnProtocolDisable(vc, TS_ALPN_PROTOCOL_HTTP_2_0);
              }
            }

COPYRIGHT

       2024, dev@trafficserver.apache.org