> > That seems strange indeed but looking at the code that's what I'm
> > seeing. Was your access to ssl_fc_has_early placed before or after the
> > rule above ? If it's after it must indeed report false.
fetcher is placed before the rule
> > I seem to remember there was one but can't find it, so
On Wed, Sep 09, 2020 at 05:43:08PM +0200, Olivier Houchard wrote:
> > I seem to remember there was one but can't find it, so I may have been
> > confused. With this said, it doesn't provide a big information since
> > once the handshake is completed, it's exactly identical to a regular
> > one. But
On Wed, Sep 09, 2020 at 05:35:28PM +0200, Willy Tarreau wrote:
> On Wed, Sep 09, 2020 at 04:57:58PM +0200, William Dauchy wrote:
> > > I think it's not easy to reproduce these tests, you need a high enough
> > > latency between haproxy and the client so that the handshake is not
> > > already compl
On Wed, Sep 09, 2020 at 04:57:58PM +0200, William Dauchy wrote:
> > I think it's not easy to reproduce these tests, you need a high enough
> > latency between haproxy and the client so that the handshake is not
> > already completed when you evaluate the rule, and of course you need
> > to make sur
Hello Willy,
Thank you for your answer,
On Wed, Sep 9, 2020 at 4:39 PM Willy Tarreau wrote:
> If I remember well, the principle consists in detecting whether or not
> the request was received using TLS early data (0-rtt) before the handshake
> was completed. The problem is that early data may tr
Hi William!
On Wed, Sep 09, 2020 at 12:02:03PM +0200, William Dauchy wrote:
> On Wed, Sep 9, 2020 at 10:48 AM William Dauchy wrote:
> > I'm trying to understand `ssl_fc_has_early` fetcher behavior as I'm
> > unable to find a single request where it returns 1.
>
> (sorry, forgot to mention, all o
On Wed, Sep 9, 2020 at 10:48 AM William Dauchy wrote:
> I'm trying to understand `ssl_fc_has_early` fetcher behavior as I'm
> unable to find a single request where it returns 1.
(sorry, forgot to mention, all of these tests were done on v2.2.x)
--
William
7 matches
Mail list logo