Add sni to the SSL session digest#567
Conversation
|
I removed the patch to Dockerfile, it's clearly out of date with the github build actions and thus should be handled as a separate issue. Now handling local builds with |
|
I've been using this fix for months in production. I'm surprised it hasn't been added in 0.5 or 0.6. It would be really convenient if it was. @drcaramelsyrup |
|
the entire SSL Digest creation method was changed and it causes merge conflicts and the function signature doesn't take the SNI. So will have to go through some effort to update the patch |
|
Recent changes may have rendered this patch obsolete, as there's another way to solve getting the SNI: Newer versions of Pingora provide:
And then you access it in a pingora callback like this: I'll test this as soon as I get around to upgrading Pingora, and if it works I'll close this issue. There could still be a problem with TLS session resumption not firing the |
|
This can be closed — the functionality is available via the existing |
4 participants
See issue #547
This PR adds the SNI to the session digest for SSL.
Rustls is stubbed because I couldn't figure out how to get it. Be happy to include that if someone can give me a hint.
I note to get the modified code to compile for Docker I had to modify the Dockerfile, as it looks like it hasn't kept up with the changes in optional modules. If you need an issue for that let me know. I doubt the patch is perfectly complete, the documentation on how to build all the options doesn't seem to be anywhere I can find it (and building with all options simultaneously breaks the build)