miconda left a comment (kamailio/kamailio#4339)

Thanks for the PR!

However, I think it needs some redesign, because now it seems that it adds mutual dependency and quite some code duplication in the modules that are updated to use the new tls_tracker module (in this PR, the tls and http_client).

IMO, the better approach is to have API functions in the tls and http_client module that allow setting callbacks on some events and then the tls_tracker will leverage them to have its own functions executed.

Also, the additional app data stored in SSL structure has to be done more generic. Adding fields directly to tls_extra_data that are not tls module specific is not scalable in long term. As another note here, the values in tls_extra_data have to be in share memory, not in private/pkg, tls connection and context structures can be accessed from many processes.

The associated tcp connection can be added to tls_extra_data structure, being from the core and could be useful as a common resource, but db_session_id and session_key are very specific to tls_tracker, so they have to be stored in a more generic way, that other modules can leverage a similar mechanism without changing tls code every time.

I will think about it and try to come with some proposal.

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.