upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-19 09:09:36 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
bind9/lib
History
Artem Boldariev 3d1b6c48ab Add PROXY over TLS support to PROXY Stream 
This commit makes it possible to use PROXY Stream not only over TCP,
but also over TLS. That is, now PROXY Stream can work in two modes as
far as TLS is involved:

1. PROXY over (plain) TCP - PROXYv2 headers are sent unencrypted before
TLS handshake messages. That is the main mode as described in the
PROXY protocol specification (as it is clearly stated there), and most
of the software expects PROXYv2 support to be implemented that
way (e.g. HAProxy);

2. PROXY over (encrypted) TLS - PROXYv2 headers are sent after the TLS
handshake has happened. For example, this mode is being used (only ?)
by "dnsdist". As far as I can see, that is, in fact, a deviation from
the spec, but I can certainly see how PROXYv2 could end up being
implemented this way elsewhere.
2023-12-06 15:15:24 +02:00
..
dns Add PROXY support to Stream DNS 2023-12-06 15:15:24 +02:00
isc Add PROXY over TLS support to PROXY Stream 2023-12-06 15:15:24 +02:00
isccc Limit isccc_cc_fromwire recursion depth 2023-09-07 19:46:19 +02:00
isccfg CID 469729: Remove leftover return call 2023-12-06 10:51:15 +01:00
ns Add PROXYv2 support to DNS over HTTP(S) transport 2023-12-06 15:15:24 +02:00
.gitignore The isc/platform.h header has been completely removed 2021-07-06 05:33:48 +00:00
Makefile.am Move irs_resconf into libdns and remove libirs 2023-02-24 09:38:59 +00:00