RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-02-18 11:47:03 +00:00
Code Issues Packages Projects Releases Wiki Activity
31af49d62b
haproxy/include/common
History
Christopher Faulet 31af49d62b MEDIUM: ssl: Add options to forge SSL certificates 
With this patch, it is possible to configure HAProxy to forge the SSL
certificate sent to a client using the SNI servername. We do it in the SNI
callback.

To enable this feature, you must pass following BIND options:

 * ca-sign-file <FILE> : This is the PEM file containing the CA certitifacte and
   the CA private key to create and sign server's certificates.

 * (optionally) ca-sign-pass <PASS>: This is the CA private key passphrase, if
   any.

 * generate-certificates: Enable the dynamic generation of certificates for a
   listener.

Because generating certificates is expensive, there is a LRU cache to store
them. Its size can be customized by setting the global parameter
'tune.ssl.ssl-ctx-cache-size'.
2015-06-12 18:06:59 +02:00
..
accept4.h BUILD: syscalls: remove improper inline statement in front of syscalls 2014-05-08 22:38:02 +02:00
appsession.h [MINOR] Make appsess{,ion}_refresh static 2011-06-25 21:07:01 +02:00
base64.h [MINOR] add encode/decode function for 30-bit integers from/to base64 2010-10-30 19:04:33 +02:00
buffer.h BUG/MEDIUM: lua: segfault with buffer_replace2 2015-03-09 18:12:59 +01:00
cfgparse.h MEDIUM: config: report it when tcp-request rules are misplaced 2014-09-16 15:43:24 +02:00
chunk.h MINOR: chunks: centralize the trash chunk allocation 2012-12-23 21:46:07 +01:00
compat.h BUILD: fix dependencies between config and compat.h 2014-07-15 19:09:36 +02:00
compiler.h CLEANUP: ebtree: clarify licence and update to 6.0.6 2011-12-02 17:09:49 +01:00
config.h BUILD: fix dependencies between config and compat.h 2014-07-15 19:09:36 +02:00
debug.h REORG/MAJOR: session: rename the "session" entity to "stream" 2015-04-06 11:23:56 +02:00
defaults.h MEDIUM: ssl: Add options to forge SSL certificates 2015-06-12 18:06:59 +02:00
epoll.h MAJOR: polling: replace epoll with sepoll and remove sepoll 2012-11-11 20:53:30 +01:00
errors.h [MINOR] errors: provide new status codes for config parsing functions 2010-08-10 14:01:15 +02:00
hash.h MINOR: hash: add new function hash_crc32 2015-01-20 19:48:05 +01:00
memory.h MEDIUM: memory: improve pool_refill_alloc() to pass a refill count 2014-12-24 23:47:31 +01:00
mini-clist.h CLEANUP: lists: remove dead code 2014-12-24 23:47:31 +01:00
namespace.h CLEANUP: namespaces: fix protection against multiple inclusions 2015-04-08 17:31:40 +02:00
rbtree.h [MINOR] imported the rbtree function from Linux kernel 2007-01-07 02:12:57 +01:00
regex.h MAJOR: config: remove the deprecated reqsetbe / reqisetbe actions 2015-05-26 12:18:29 +02:00
sessionhash.h [MAJOR] remove files distributed under an obscure license 2007-09-09 21:56:53 +02:00
splice.h BUILD: syscalls: remove improper inline statement in front of syscalls 2014-05-08 22:38:02 +02:00
standard.h MINOR: common: escape CSV strings 2015-05-28 17:47:19 +02:00
syscall.h BUILD: syscalls: remove improper inline statement in front of syscalls 2014-05-08 22:38:02 +02:00
template.h
ticks.h [MEDIUM] scheduler: get rid of the 4 trees thanks and use ebtree v4.1 2009-03-21 10:25:14 +01:00
time.h BUILD: time: adapt the type of TV_ETERNITY to the local system 2013-12-13 09:22:23 +01:00
tools.h [MINOR] tools: add two macros MID_RANGE and MAX_RANGE 2011-03-28 15:55:43 +02:00
uri_auth.h [REORG] http: move the http-request rules to proto_http 2011-03-13 22:00:24 +01:00
version.h DOC: stop referencing the slow git repository in the README 2014-05-10 11:04:39 +02:00