Today we peek incoming tcp streams and do an initial attempt at creating bidir tcp connection for tls and http connections, but in many cases where it would be possible to do the same if we just terminated the tls connection, we instead terminate the full http connection and create a new http(s) client for proxying a request via the tower hyper service and hyper legacy client. Would be nice to refactor this so that we can do tls termination without http termination for these cases.
It should be much faster for most cases and also provide an easier way to provide real-time traffic monitoring support.
Today we peek incoming tcp streams and do an initial attempt at creating bidir tcp connection for tls and http connections, but in many cases where it would be possible to do the same if we just terminated the tls connection, we instead terminate the full http connection and create a new http(s) client for proxying a request via the tower hyper service and hyper legacy client. Would be nice to refactor this so that we can do tls termination without http termination for these cases.
It should be much faster for most cases and also provide an easier way to provide real-time traffic monitoring support.