From: Collison, Steven <soco@amazon.com>
Date: Wed, 27 Aug 2025 17:26:25 +0000 (+0000)
Subject: DOC: proxy-protocol: Make example for PP2_SUBTYPE_SSL_SIG_ALG accurate
X-Git-Tag: v3.3-dev8~59
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=00be3584260b050638a1d9c58c53f60c8ea54f18;p=thirdparty%2Fhaproxy.git

DOC: proxy-protocol: Make example for PP2_SUBTYPE_SSL_SIG_ALG accurate

The docs call out that this field is the algorithm used to
sign the certificate. However, the example only had the hash portion of
the signature algorithm. This change updates the example to be accurate
based on a value written by HAProxy, which is based on an OID for
signature algorithms. I based example on a real TLV written by
HAProxy on my machine with all SSL TLVs enabled in config.
---

diff --git a/doc/proxy-protocol.txt b/doc/proxy-protocol.txt
index fac033176..75a7e1f74 100644
--- a/doc/proxy-protocol.txt
+++ b/doc/proxy-protocol.txt
@@ -654,7 +654,7 @@ of the used cipher, for example "ECDHE-RSA-AES128-GCM-SHA256".
 The second level TLV PP2_SUBTYPE_SSL_SIG_ALG provides the US-ASCII string name
 of the algorithm used to sign the certificate presented by the frontend when
 the incoming connection was made over an SSL/TLS transport layer, for example
-"SHA256".
+"RSA-SHA256".
 
 The second level TLV PP2_SUBTYPE_SSL_KEY_ALG provides the US-ASCII string name
 of the algorithm used to generate the key of the certificate presented by the