]> git.ipfire.org Git - thirdparty/haproxy.git/commit
projects / thirdparty / haproxy.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6e4dd4c) | patch
MEDIUM: ssl/ocsp: counters for OCSP stapling
authorWilliam Lallemand <wlallemand@haproxy.com>
Mon, 23 Dec 2024 10:06:17 +0000 (11:06 +0100)
committerWilliam Lallemand <wlallemand@haproxy.com>
Mon, 23 Dec 2024 10:23:00 +0000 (11:23 +0100)
commit056ec51c266b54406e52037b815395a4552e712f
tree6ae09466bdedcc7ee199b29a2b3f938e7b816a06tree
parent6e4dd4c64c68a4481fdbd0d4487de76e52e05eaacommit | diff
MEDIUM: ssl/ocsp: counters for OCSP stapling

Add 2 counters in the SSL stats module for OCSP stapling.

- ssl_ocsp_staple is the number of OCSP response successfully stapled
  with the handshake
- ssl_failed_ocsp_stapled is the number of OCSP response that we
  couldn't staple, it could be because of an error or because the
  response is expired.

These counters are incremented in the OCSP stapling callback, so if no
OCSP was configured they won't never increase. Also they are only
working in frontends.

This was discussed in github issue #2822.
include/haproxy/ssl_sock-t.h diff | blob | blame | history
src/ssl_ocsp.c diff | blob | blame | history
src/ssl_sock.c diff | blob | blame | history
Mirror of https://github.com/haproxy/haproxy.git