Hi Pieter,
On Mon, Apr 11, 2016 at 09:14:56PM +0200, PiBa-NL wrote:
> Hi Willy, Emeric,
> Op 11-3-2016 om 16:25 schreef Christopher Faulet:
> >Hi,
> >
> >I've slightly updated my patch to improve it and to fix some
> >inconsistencies.
> >
> >First of all, now "ssl-upgrade" and "no-ssl-upgrade"
Hi,
I've slightly updated my patch to improve it and to fix some
inconsistencies.
First of all, now "ssl-upgrade" and "no-ssl-upgrade" actions can be used
on "tcp-request content" rules _AND_ "tcp-request connection" rules, in
a frontend _OR_ a backend definition.
Then, these actions are now
Hi Christopher, Emeric,
Op 4-3-2016 om 10:44 schreef Christopher Faulet:
Hi guys,
Sorry for the delay, I was pretty busy. I've checked your patch. It is
quite interesting. First of all, I think that "tcp fallback" option and
"conditional SSL offloading" are redundant. Your way to do is more
Le 28/02/2016 23:32, PiBa-NL a écrit :
> Hi Christopher, Willy,
>
> I've created a patch that can be applied on top of your tcp-fallback
> patch to allow for 'conditional' offloading.
> It shows 'ability' to have both offloading and pass-trough for ssl
> depending on a sni name or other acl
Hi Christopher, Willy,
I've created a patch that can be applied on top of your tcp-fallback
patch to allow for 'conditional' offloading.
It shows 'ability' to have both offloading and pass-trough for ssl
depending on a sni name or other acl criteria.
-I resorted rather heavily to changing
Hi Christopher,
thanks for this. It looks clean enough to be merged.
I'm a little bit concerned with the addition of conn->ssl_detection_exp
because we try to keep the connection struct as small as possible. But
in this case there's no other place to store it. Thus I would change it
to "exp" and
Le 09/02/2016 09:04, Willy Tarreau a écrit :
thanks for this. It looks clean enough to be merged.
I'm a little bit concerned with the addition of conn->ssl_detection_exp
because we try to keep the connection struct as small as possible. But
in this case there's no other place to store it. Thus
>From a3b372da2463e98b13e016c9b56344757b0e94bc Mon Sep 17 00:00:00 2001
From: Christopher Faulet <cfau...@qualys.com>
Date: Wed, 29 Jul 2015 16:01:57 +0200
Subject: [PATCH] MAJOR: ssl: add 'tcp-fallback' bind option for SSL listeners
This option can be use to fall back on TCP when
8 matches
Mail list logo