]> git.ipfire.org Git - thirdparty/haproxy.git/commit
projects / thirdparty / haproxy.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 83e3cbc) | patch
MEDIUM: ssl/ech: config and load keys
authorsftcd <stephen.farrell@cs.tcd.ie>
Fri, 26 Sep 2025 21:10:36 +0000 (22:10 +0100)
committerWilliam Lallemand <wlallemand@haproxy.com>
Thu, 30 Oct 2025 09:37:12 +0000 (10:37 +0100)
commitdba4fd248a13fb0f3135619b14e3cf20b6674d10
tree432dc69fa9518364592bf81bc0d287cdec55e4fetree | snapshot
parent83e3cbc262a6992246dcc53e3e2e565842c85aa2commit | diff
MEDIUM: ssl/ech: config and load keys

This patch introduces the USE_ECH option in the Makefile to enable
support for Encrypted Client Hello (ECH) with OpenSSL.

A new function, load_echkeys, is added to load ECH keys from a specified
directory. The SSL context initialization process in ssl_sock.c is
updated to load these keys if configured.

A new configuration directive, `ech`, is introduced to allow users to
specify the ECH key  directory in the listener configuration.
Makefile diff | blob | blame | history
include/haproxy/ech.h [new file with mode: 0644] blob
include/haproxy/listener-t.h diff | blob | blame | history
src/ech.c [new file with mode: 0644] blob
src/ssl_sock.c diff | blob | blame | history
Mirror of https://github.com/haproxy/haproxy.git