Proxy Protocol - CLIENT_SSL

Guillaume Quintard guillaume at varnish-software.com
Mon Jan 9 15:09:34 CET 2017 

Hi,

To my knowledge, the answer to both questions is no, at the moment.

-- 
Guillaume Quintard

On Mon, Jan 9, 2017 at 9:50 AM, Sander Hoentjen <sander at hoentjen.eu> wrote:

> Does anybody know a better place where I can ask this question?
>
> Regards,
> Sander
>
> On 12/29/2016 04:01 PM, Sander Hoentjen wrote:
> > On 12/23/2016 11:18 AM, Sander Hoentjen wrote:
> >> Hi list,
> >>
> >> I have a questioned about both Hitch and Varnish:
> >> Does hitch support (defines) PP2_CLIENT_SSL from proxy-protocol [1]?
> >> The follow-up question is: Can Varnish proxy this information (in
> >> essence just keep the proxy header as-is)
> >>
> >> Regards,
> >> Sander
> >>
> >> _______________________________________________
> >> varnish-misc mailing list
> >> varnish-misc at varnish-cache.org
> >> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
> >>
> > Hmm, it seems I forgot the link to proxy-protocol [1]:
> > http://www.haproxy.org/download/1.8/doc/proxy-protocol.txt
> > And then specifically I am talking about the binary header format
> > (version 2).
> >
> > """
> >
> > If the length specified in the PROXY protocol header indicates that
> additional
> > bytes are part of the header beyond the address information, a receiver
> may
> > choose to skip over and ignore those bytes, or attempt to interpret those
> > bytes.
> >
> > The information in those bytes will be arranged in Type-Length-Value (TLV
> > vectors) in the following format.  The first byte is the Type of the
> vector.
> > The second two bytes represent the length in bytes of the value (not
> included
> > the Type and Length bytes), and following the length field is the number
> of
> > bytes specified by the length.
> >
> >         struct pp2_tlv {
> >             uint8_t type;
> >             uint8_t length_hi;
> >             uint8_t length_lo;
> >             uint8_t value[0];
> >         };
> >
> > The following types have already been registered for the <type> field :
> >
> >         #define PP2_TYPE_ALPN           0x01
> >         #define PP2_TYPE_AUTHORITY      0x02
> >         #define PP2_TYPE_SSL            0x20
> >         #define PP2_SUBTYPE_SSL_VERSION 0x21
> >         #define PP2_SUBTYPE_SSL_CN      0x22
> >         #define PP2_TYPE_NETNS          0x30
> > """
> >
> > It would be very nice if Hitch supports this, but I can't find any info
> > on it. If this is not the right mailing list to ask, it would be nice if
> > someone can point me in the right direction.
> >
> > Regards,
> > Sander
> >
> > _______________________________________________
> > varnish-misc mailing list
> > varnish-misc at varnish-cache.org
> > https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
> >
>
>
> _______________________________________________
> varnish-misc mailing list
> varnish-misc at varnish-cache.org
> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20170109/27e057cc/attachment.html>

More information about the varnish-misc mailing list