is a libev-based high performance SSL/TLS proxy that terminates TLS/SSL connections and forwards the unencrypted traffic to some backend.
| hitch.conf.man.rst (hitch-1.6.1) | : | hitch.conf.man.rst (hitch-1.7.0) |
|---|
| | |
| skipping to change at line 329 | | skipping to change at line 329 |
|---|
| | |
| Turns on or off enforcement of the cipher ordering set in Hitch. | | Turns on or off enforcement of the cipher ordering set in Hitch. |
| | |
| This option is also available in frontend blocks. | | This option is also available in frontend blocks. |
| | |
| Default is off. | | Default is off. |
| | |
| proxy-proxy = on|off | | proxy-proxy = on|off |
| -------------------- | | -------------------- |
| | |
|
| Proxy an existing PROXY protocol header through this request. At the | | Proxy an incoming PROXY protocol header through to the |
| moment this is equivalent to write-proxy-v2. | | backend. Supports both version 1 and 2 of the PROXY protocol. |
| | |
| This option is mutually exclusive with option write-proxy-v2, write-ip | | This option is mutually exclusive with option write-proxy-v2, write-ip |
| and write-proxy-v1. | | and write-proxy-v1. |
| | |
| Default is off. | | Default is off. |
| | |
| log-level = <num> | | log-level = <num> |
| ----------------- | | ----------------- |
| | |
| Log chattiness. 0=silence, 1=errors, 2=info/debug. | | Log chattiness. 0=silence, 1=errors, 2=info/debug. |
| | |
| skipping to change at line 470 | | skipping to change at line 470 |
|---|
| Currently the following will be transmitted when proxy-tlv is enabled: | | Currently the following will be transmitted when proxy-tlv is enabled: |
| | |
| - Cipher | | - Cipher |
| - Protocol version | | - Protocol version |
| - Client certificate verification result | | - Client certificate verification result |
| - Whether the client transmitted a certificate as part of this | | - Whether the client transmitted a certificate as part of this |
| connection/session (PP2_CLIENT_CERT_CONN, PP2_CLIENT_CERT_SESS) | | connection/session (PP2_CLIENT_CERT_CONN, PP2_CLIENT_CERT_SESS) |
| | |
| Default is on. | | Default is on. |
| | |
|
| | proxy-client-cert = on|off |
| | -------------------------- |
| | |
| | Transmit the authenticated client certificate as part of the PROXYv2 |
| | header. |
| | |
| | The PEM-formatted client certificate will be transmitted as a TLV |
| | field of type 0xe0. |
| | |
| | This is a custom application-specific type, requiring a a custom |
| | handler at the recipient end. Note that using this feature will |
| | inflate the size of the PROXY header substantially, possibly also |
| | requiring tweaking at the receiving end. |
| | |
| tcp-fastopen = on|off | | tcp-fastopen = on|off |
| --------------------- | | --------------------- |
| | |
| Enable TCP Fast Open. | | Enable TCP Fast Open. |
| | |
| Default is off. | | Default is off. |
| | |
| Example | | Example |
| ======= | | ======= |
| | |
| | | |
| End of changes. 2 change blocks. |
|---|
| 2 lines changed or deleted | | 16 lines changed or added |
|---|
"Fossies" - the Fresh Open Source Software Archive 