RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2024-12-26 22:52:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
07b2e84bce
haproxy/doc
History
William Lallemand 501d9fdb86 MEDIUM: ssl: allow to change the OpenSSL security level from global section 
The new "ssl-security-level" option allows one to change the OpenSSL
security level without having to change the openssl.cnf global file of
your distribution. This directives applies on every SSL_CTX context.

People sometimes change their security level directly in the ciphers
directive, however there are some cases when the security level change
is not applied in the right order (for example when applying a DH
param).

Before this patch, it was to possible to trick by using a specific
openssl.cnf file and start haproxy this way:

    OPENSSL_CONF=./openssl.cnf ./haproxy -f bug-2468.cfg

Values for the security level can be found there:

https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html

This was discussed in github issue #2468.
2024-03-12 17:37:11 +01:00
..
design-thoughts DOC: design: write first notes about ring-v2 2024-03-09 11:23:52 +01:00
internals [RELEASE] Released version 2.9-dev9 2023-11-04 09:38:16 +01:00
lua-api MINOR: hlua: Be able to disable logging from lua 2024-03-01 15:01:18 +01:00
51Degrees-device-detection.txt DOC: 51d: updated 51Degrees repo URL for v3.2.10 2023-11-23 16:26:13 +01:00
acl.fig
architecture.txt DOC: fix a few remainig cases of "Haproxy" and "HAproxy" in doc and comments 2021-05-09 06:50:46 +02:00
coding-style.txt DOC: fix a few remainig cases of "Haproxy" and "HAproxy" in doc and comments 2021-05-09 06:50:46 +02:00
configuration.txt MEDIUM: ssl: allow to change the OpenSSL security level from global section 2024-03-12 17:37:11 +01:00
cookie-options.txt DOC: fix a few typos in the documentation 2018-11-18 22:23:15 +01:00
DeviceAtlas-device-detection.txt CLEANUP: assorted typo fixes in the code and comments 2024-03-05 11:50:34 +01:00
gpl.txt
haproxy.1 DOC: add description of pidfile in master-worker mode 2020-08-26 18:40:53 +02:00
intro.txt [RELEASE] Released version 3.0-dev0 2023-12-05 16:19:35 +01:00
lgpl.txt
linux-syn-cookies.txt
lua.txt [RELEASE] Released version 2.9-dev9 2023-11-04 09:38:16 +01:00
management.txt MINOR: quic: add MUX output for show quic 2024-02-29 10:03:36 +01:00
netscaler-client-ip-insertion-protocol.txt DOC: fix typos 2019-05-25 07:34:24 +02:00
network-namespaces.txt
peers-v2.0.txt MEDIUM: stick-tables: add a new stored type for glitch_cnt and glitch_rate 2024-02-08 15:51:49 +01:00
peers.txt CLEANUP: assorted typo fixes in the code and comments 2022-12-07 09:08:18 +01:00
proxy-protocol.txt DOC: proxy-protocol: fix wrong byte in provided example 2023-02-12 09:26:48 +01:00
queuing.fig
regression-testing.txt CLEANUP: assorted typo fixes in the code and comments 2023-11-23 16:23:14 +01:00
seamless_reload.txt CLEANUP: removed obsolete examples an move a few to better places 2019-06-15 21:25:06 +02:00
SOCKS4.protocol.txt MEDIUM: connection: Upstream SOCKS4 proxy support 2019-05-31 17:24:06 +02:00
SPOE.txt CLEANUP: assorted typo fixes in the code and comments 2023-11-23 16:23:14 +01:00
WURFL-device-detection.txt CONTRIB: move src/wurfl.c and contrib/wurfl to addons/wurfl 2021-04-02 17:48:42 +02:00