Hi!

I used trantor as the main networking library in my project.

While working on it, I had a strong need to support automatic SSL/TLS connections. I know that trantor already supports delayed SSL, where the client first sends a signal message (for example, ssl-hello) indicating that it is going to start an encrypted connection, and only then the TLS handshake begins. However, in the project I’m working on, the client can start an SSL/TLS encrypted connection immediately, without any signal message or warning, and it was critically important for us to support this behavior.

To achieve this, I implemented a small helper function called forwardToTLSBuffer. Its purpose is to move the data currently stored in the buffer of the existing plaintext connection into the buffer of the new TLS connection.

If the server receives data on a plaintext connection and that data appears to start with an SSL/TLS handshake, the server detects it and upgrades the connection to TLS, passing the already-received handshake bytes using forwardToTLSBuffer.

To demonstrate how it works, I added two tests: AutomaticSSLClientTest.cc and AutomaticSSLServerTest.cc (following the structure of DelayedSSLClientTest.cc and DelayedSSLServerTest.cc).

With this change, trantor can be used to build a “smart server” that dynamically adapts to the client’s connection type (plain TCP or TLS) on the fly.