Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 71f9a06e4baf8750714a2386e9290c2f0d1d1305
commit71f9a06e4baf8750714a2386e9290c2f0d1d1305[log] [tgz]
authorAmaury Denoyelle <adenoyelle@haproxy.com>Thu May 20 15:10:55 2021 +0200
committerAmaury Denoyelle <adenoyelle@haproxy.com>Fri Jun 18 16:42:26 2021 +0200
tree3b97e7d146eb37f361f6c09395a1cf1f499178f1
parentfde82605cda91d313f947f081f345fcb3c593e7e [diff]
MINOR: ssl: enable a series of ssl keywords for dynamic servers

These keywords are deemed safe-enough to be enable on dynamic servers.
Their parsing functions are simple and can be called at runtime.

- allow-0rtt
- alpn
- ciphers
- ciphersuites
- force-sslv3/tlsv10/tlsv11/tlsv12/tlsv13
- no-sslv3/tlsv10/tlsv11/tlsv12/tlsv13
- no-ssl-reuse
- no-tls-tickets
- npn
- send-proxy-v2-ssl
- send-proxy-v2-ssl-cn
- sni
- ssl-min-ver
- ssl-max-ver
- tls-tickets
- verify
- verifyhost

'no-ssl-reuse' and 'no-tls-tickets' are enabled to override the default
behavior.

'tls-tickets' is enable to override a possible 'no-tls-tickets' set via
the global option 'ssl-default-server-options'.

'force' and 'no' variants of tls method options are useful to override a
possible 'ssl-default-server-options'.
1 file changed
tree: 3b97e7d146eb37f361f6c09395a1cf1f499178f1
  1. .github/
  2. addons/
  3. admin/
  4. dev/
  5. doc/
  6. examples/
  7. include/
  8. reg-tests/
  9. scripts/
  10. src/
  11. tests/
  12. .cirrus.yml
  13. .gitattributes
  14. .gitignore
  15. .travis.yml
  16. BRANCHES
  17. CHANGELOG
  18. CONTRIBUTING
  19. INSTALL
  20. LICENSE
  21. MAINTAINERS
  22. Makefile
  23. README
  24. ROADMAP
  25. SUBVERS
  26. VERDATE
  27. VERSION