upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-04-21 06:06:59 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
haproxy/doc
History
Olivier Houchard c2aae74f01 MEDIUM: ssl: Handle early data with OpenSSL 1.1.1 
When compiled with Openssl >= 1.1.1, before attempting to do the handshake,
try to read any early data. If any early data is present, then we'll create
the session, read the data, and handle the request before we're doing the
handshake.

For this, we add a new connection flag, CO_FL_EARLY_SSL_HS, which is not
part of the CO_FL_HANDSHAKE set, allowing to proceed with a session even
before an SSL handshake is completed.

As early data do have security implication, we let the origin server know
the request comes from early data by adding the "Early-Data" header, as
specified in this draft from the HTTP working group :

    https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-replay
2017-10-27 10:54:05 +02:00
..
design-thoughts MAJOR: tproxy: remove support for cttproxy 2015-08-20 19:35:14 +02:00
internals [RELEASE] Released version 1.8-dev3 2017-10-22 10:13:45 +02:00
lua-api MINOR: hlua: Add regex class 2017-10-27 10:30:44 +02:00
51Degrees-device-detection.txt DOC: 51d: Updated git URL and instructions for getting Hash Trie data files. 2017-10-06 16:47:25 +02:00
acl.fig [DOC] add diagrams of queuing and future ACL design 2009-02-22 16:46:38 +01:00
architecture.txt DOC: fix "workaround" spelling 2016-01-15 10:27:09 +01:00
close-options.txt [DOC] add a few old and uncommitted docs 2011-09-05 01:04:44 +02:00
coding-style.txt DOC: update coding-style to reference checkpatch.pl 2015-09-21 16:45:45 +02:00
configuration.txt MEDIUM: ssl: Handle early data with OpenSSL 1.1.1 2017-10-27 10:54:05 +02:00
cookie-options.txt [DOC] add a few old and uncommitted docs 2011-09-05 01:04:44 +02:00
DeviceAtlas-device-detection.txt DOC: move the device detection modules documentation to their own files 2016-11-08 15:06:21 +01:00
gpl.txt [LICENSE] licensing clarifications 2006-06-15 21:48:13 +02:00
haproxy.1 MINOR: doc: document the -x flag 2017-04-13 19:15:17 +02:00
intro.txt DOC: fix some typos 2017-10-11 04:26:07 +02:00
lgpl.txt [LICENSE] licensing clarifications 2006-06-15 21:48:13 +02:00
linux-syn-cookies.txt DOC: add doc/linux-syn-cookies.txt 2015-08-11 12:17:41 +02:00
lua.txt DOC: LUA: fix some typos and syntax errors 2016-02-16 11:07:45 +01:00
management.txt MINOR: cli: add socket commands and config to prepend informational messages with severity 2017-09-13 13:37:59 +02:00
netscaler-client-ip-insertion-protocol.txt MINOR: listener: add the "accept-netscaler-cip" option to the "bind" keyword 2016-06-20 23:02:47 +02:00
network-namespaces.txt MAJOR: namespace: add Linux network namespace support 2014-11-21 07:51:57 +01:00
proxy-protocol.txt DOC: mention lighttpd 1.4.46 implements PROXY 2017-04-05 08:42:39 +02:00
queuing.fig [DOC] add diagrams of queuing and future ACL design 2009-02-22 16:46:38 +01:00
SPOE.txt DOC: spoe: Update SPOE documentation to reflect recent changes 2017-03-09 15:32:56 +01:00
WURFL-device-detection.txt DOC: move the device detection modules documentation to their own files 2016-11-08 15:06:21 +01:00