RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2024-12-27 15:12:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
de827958a2
haproxy/include
History
Willy Tarreau de827958a2 MEDIUM: ssl: improve retrieval of ssl_sock_ctx and SSL detection 
Historically there was a single way to have an SSL transport on a
connection, so detecting if the transport layer was SSL and a context
was present was sufficient to detect SSL. With QUIC, things have changed
because QUIC also relies on SSL, but the context is embedded inside the
quic_conn and the transport layer doesn't match expectations outside,
making it difficult to detect that SSL is in use over the connection.

The approach taken here to improve this consists in adding a new method
at the transport layer, get_ssl_sock_ctx(), to retrieve this often needed
ssl_sock_ctx, and to use this to detect the presence of SSL. This will
even allow some simplifications and cleanups to be made in the SSL code
itself, and QUIC will be able to provide one to export its ssl_sock_ctx.
2022-04-11 19:33:04 +02:00
..
haproxy MEDIUM: ssl: improve retrieval of ssl_sock_ctx and SSL detection 2022-04-11 19:33:04 +02:00
import CLEANUP: tree-wide: remove a few rare non-ASCII chars 2022-03-04 08:58:32 +01:00