mirror of
https://github.com/haproxy/haproxy.git
synced 2026-02-11 23:03:06 -05:00
HAProxy - Load balancer
1b03f8016d
Highly inspired from nginx openssl wrapper code. This wrapper implement this list of functions: SSL_set_quic_method(), SSL_quic_read_level(), SSL_quic_write_level(), SSL_set_quic_transport_params(), SSL_provide_quic_data(), SSL_process_quic_post_handshake() and SSL_QUIC_METHOD QUIC specific bio method which are also implemented by quictls to support QUIC from OpenSSL. So, its aims is to support QUIC from a standard OpenSSL stack without QUIC support. It relies on the OpenSSL keylog feature to retreive the secrets derived by the OpenSSL stack during a handshake and to pass them to the ->set_encryption_secrets() callback as this is done by quictls. It makes usage of a callback (quic_tls_compat_msg_callback()) to handle some TLS messages only on the receipt path. Some of them must be passed to the ->add_handshake_data() callback as this is done with quictls to be sent to the peer as CRYPTO data. quic_tls_compat_msg_callback() callback also sends the received TLS alert with ->send_alert() callback. AES 128-bits with CCM mode is not supported at this time. It is often disabled by the OpenSSL stack, but as it can be enabled by "ssl-default-bind-ciphersuites", the wrapper will send a TLS alerts (Handhshake failure) if this algorithm is negotiated between the client and the server. 0rtt is also not supported by this wrapper. |
||
|---|---|---|
| .github | ||
| addons | ||
| admin | ||
| dev | ||
| doc | ||
| examples | ||
| include | ||
| reg-tests | ||
| scripts | ||
| src | ||
| tests | ||
| .cirrus.yml | ||
| .gitattributes | ||
| .gitignore | ||
| .mailmap | ||
| .travis.yml | ||
| BRANCHES | ||
| BSDmakefile | ||
| CHANGELOG | ||
| CONTRIBUTING | ||
| INSTALL | ||
| LICENSE | ||
| MAINTAINERS | ||
| Makefile | ||
| README | ||
| SUBVERS | ||
| VERDATE | ||
| VERSION | ||
The HAProxy documentation has been split into a number of different files for ease of use. Please refer to the following files depending on what you're looking for : - INSTALL for instructions on how to build and install HAProxy - BRANCHES to understand the project's life cycle and what version to use - LICENSE for the project's license - CONTRIBUTING for the process to follow to submit contributions The more detailed documentation is located into the doc/ directory : - doc/intro.txt for a quick introduction on HAProxy - doc/configuration.txt for the configuration's reference manual - doc/lua.txt for the Lua's reference manual - doc/SPOE.txt for how to use the SPOE engine - doc/network-namespaces.txt for how to use network namespaces under Linux - doc/management.txt for the management guide - doc/regression-testing.txt for how to use the regression testing suite - doc/peers.txt for the peers protocol reference - doc/coding-style.txt for how to adopt HAProxy's coding style - doc/internals for developer-specific documentation (not all up to date)