Proxy Protocol - CLIENT_SSL

Sander Hoentjen sander at hoentjen.eu
Mon Jan 9 09:50:14 CET 2017 

Does anybody know a better place where I can ask this question?

Regards,
Sander

On 12/29/2016 04:01 PM, Sander Hoentjen wrote:
> On 12/23/2016 11:18 AM, Sander Hoentjen wrote:
>> Hi list,
>>
>> I have a questioned about both Hitch and Varnish:
>> Does hitch support (defines) PP2_CLIENT_SSL from proxy-protocol [1]?
>> The follow-up question is: Can Varnish proxy this information (in
>> essence just keep the proxy header as-is)
>>
>> Regards,
>> Sander
>>
>> _______________________________________________
>> varnish-misc mailing list
>> varnish-misc at varnish-cache.org
>> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
>>
> Hmm, it seems I forgot the link to proxy-protocol [1]:
> http://www.haproxy.org/download/1.8/doc/proxy-protocol.txt
> And then specifically I am talking about the binary header format
> (version 2).
>
> """
>
> If the length specified in the PROXY protocol header indicates that additional
> bytes are part of the header beyond the address information, a receiver may
> choose to skip over and ignore those bytes, or attempt to interpret those
> bytes.
>
> The information in those bytes will be arranged in Type-Length-Value (TLV
> vectors) in the following format.  The first byte is the Type of the vector.
> The second two bytes represent the length in bytes of the value (not included
> the Type and Length bytes), and following the length field is the number of
> bytes specified by the length.
>
>         struct pp2_tlv {
>             uint8_t type;
>             uint8_t length_hi;
>             uint8_t length_lo;
>             uint8_t value[0];
>         };
>
> The following types have already been registered for the <type> field :
>
>         #define PP2_TYPE_ALPN           0x01
>         #define PP2_TYPE_AUTHORITY      0x02
>         #define PP2_TYPE_SSL            0x20
>         #define PP2_SUBTYPE_SSL_VERSION 0x21
>         #define PP2_SUBTYPE_SSL_CN      0x22
>         #define PP2_TYPE_NETNS          0x30
> """
>
> It would be very nice if Hitch supports this, but I can't find any info
> on it. If this is not the right mailing list to ask, it would be nice if
> someone can point me in the right direction.
>
> Regards,
> Sander
>
> _______________________________________________
> varnish-misc mailing list
> varnish-misc at varnish-cache.org
> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
>

More information about the varnish-misc mailing list