upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-04-21 22:28:41 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 14
HAProxy - Load balancer
11711 commits 19 branches 413 tags 230 MiB
C 98.1%
Shell 0.9%
Makefile 0.5%
Lua 0.2%
Python 0.1%
Find a file
Christopher Faulet f61f33a1b2 BUG/MINOR: checks: Respect the no-check-ssl option 
This options is used to force a non-SSL connection to check a SSL server or to
invert a check-ssl option inherited from the default section. The use_ssl field
in the check structure is used to know if a SSL connection must be used
(use_ssl=1) or not (use_ssl=0). The server configuration is used by default.

The problem is that we cannot distinguish the default case (no specific SSL
check option) and the case of an explicit non-SSL check. In both, use_ssl is set
to 0. So the server configuration is always used. For a SSL server, when
no-check-ssl option is set, the check is still performed using a SSL
configuration.

To fix the bug, instead of a boolean value (0=TCP, 1=SSL), we use a ternary value :

  * 0  = use server config
  * 1  = force SSL
  * -1 = force non-SSL

The same is done for the server parameter. It is not really necessary for
now. But it is a good way to know is the server no-ssl option is set.

In addition, the PR_O_TCPCHK_SSL proxy option is no longer used to set use_ssl
to 1 for a check. Instead the flag is directly tested to prepare or destroy the
server SSL context.

This patch should be backported as far as 1.8.
2020-04-27 09:39:37 +02:00
.github CI: run weekly OpenSSL "no-deprecated" builds 2020-04-21 10:27:41 +02:00
contrib MINOR: contrib: make the peers wireshark dissector a plugin 2020-04-26 11:29:05 +02:00
doc MINOR: checks: Add a way to send custom headers and payload during http chekcs 2020-04-27 09:39:37 +02:00
ebtree CLEANUP: assorted typo fixes in the code and comments 2020-04-16 10:04:36 +02:00
examples CLEANUP: removed obsolete examples an move a few to better places 2019-06-15 21:25:06 +02:00
include BUG/MINOR: checks: Respect the no-check-ssl option 2020-04-27 09:39:37 +02:00
reg-tests MINOR: checks: Add a way to send custom headers and payload during http chekcs 2020-04-27 09:39:37 +02:00
scripts CLEANUP: assorted typo fixes in the code and comments 2020-04-17 09:37:36 +02:00
src BUG/MINOR: checks: Respect the no-check-ssl option 2020-04-27 09:39:37 +02:00
tests CLEANUP: assorted typo fixes in the code and comments 2020-04-16 10:04:36 +02:00
.cirrus.yml CI: cirrus-ci: rename openssl package after it is renamed in FreeBSD 2020-04-07 21:58:35 +02:00
.gitignore DOC: create a BRANCHES file to explain the life cycle 2019-06-15 22:00:14 +02:00
.travis.yml CI: travis-ci: upgrade openssl to 1.1.1f 2020-04-07 07:26:21 +02:00
BRANCHES DOC: assorted typo fixes in the documentation 2020-03-09 14:45:58 +01:00
CHANGELOG [RELEASE] Released version 2.2-dev6 2020-04-17 14:19:38 +02:00
CONTRIBUTING DOC: assorted typo fixes in the documentation and Makefile 2020-03-06 10:49:55 +01:00
INSTALL BUILD: Makefile: add linux-musl to TARGET 2020-04-16 15:17:13 +02:00
LICENSE LICENSE: add licence exception for OpenSSL 2012-09-07 13:52:26 +02:00
MAINTAINERS DOC: wurfl: added point of contact in MAINTAINERS file 2019-04-23 11:00:23 +02:00
Makefile BUILD: Makefile: add linux-musl to TARGET 2020-04-16 15:17:13 +02:00
README DOC: create a BRANCHES file to explain the life cycle 2019-06-15 22:00:14 +02:00
ROADMAP DOC: update the outdated ROADMAP file 2019-06-15 21:59:54 +02:00
SUBVERS BUILD: use format tags in VERDATE and SUBVERS files 2013-12-10 11:22:49 +01:00
VERDATE [RELEASE] Released version 2.2-dev6 2020-04-17 14:19:38 +02:00
VERSION [RELEASE] Released version 2.2-dev6 2020-04-17 14:19:38 +02:00

README 

The HAProxy documentation has been split into a number of different files for
ease of use.

Please refer to the following files depending on what you're looking for :

  - INSTALL for instructions on how to build and install HAProxy
  - BRANCHES to understand the project's life cycle and what version to use
  - LICENSE for the project's license
  - CONTRIBUTING for the process to follow to submit contributions

The more detailed documentation is located into the doc/ directory :

  - doc/intro.txt for a quick introduction on HAProxy
  - doc/configuration.txt for the configuration's reference manual
  - doc/lua.txt for the Lua's reference manual
  - doc/SPOE.txt for how to use the SPOE engine
  - doc/network-namespaces.txt for how to use network namespaces under Linux
  - doc/management.txt for the management guide
  - doc/regression-testing.txt for how to use the regression testing suite
  - doc/peers.txt for the peers protocol reference
  - doc/coding-style.txt for how to adopt HAProxy's coding style
  - doc/internals for developer-specific documentation (not all up to date)