VMOD Proxy-从PROXYv2中提取TLV属性的Varnish模块¶
SYNOPSIS¶
import proxy [as name] [from "path"] 字符串alpn() 字符串授权() Bool is_ssl() Bool Client_Has_Cert_Sess() Bool CLIENT_HAS_CERT_CONN() Int ssl_Verify_Result() 字符串ssl_Version() 字符串CLIENT_CERT_CN() 字符串ssl_cipher() 字符串cert_sign() 字符串cert_key()
DESCRIPTION¶
vmod_proxy 包含提取代理协议v2 TLV属性的函数,如https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt.中所述
字符串alpn()¶
提取ALPN属性。
示例::
set req.http.alpn = proxy.alpn();
仅限于: client 。
Bool is_ssl()¶
报告代理协议v2是否具有SSLTLV。
示例::
if (proxy.is_ssl()) {
set req.http.ssl-version = proxy.ssl_version();
}
仅限于: client 。
Bool Client_Has_Cert_Sess()¶
报告客户端是否在此连接所属的TLS会话上至少提供了一次证书。
仅限于: client 。
Bool CLIENT_HAS_CERT_CONN()¶
报告客户端是否通过当前连接提供证书。
仅限于: client 。
Int ssl_Verify_Result()¶
报告来自TLS会话的SSL_GET_VERIFY_RESULT。只有当CLIENT_HAS_CERT_Sess()为真时才重要。默认情况下,值设置为0(X509_V_OK)。
示例::
if (proxy.client_has_cert_sess() && proxy.ssl_verify_result() == 0) {
set req.http.ssl-verify = "ok";
}
仅限于: client 。
字符串ssl_Version()¶
提取SSL版本属性。
示例::
set req.http.ssl-version = proxy.ssl_version();
仅限于: client 。
字符串CLIENT_CERT_CN()¶
提取客户端证书的通用名称属性。
- 示例::
Set req.Http.cert-CN=proxy.client_cert_CN();
仅限于: client 。
字符串ssl_cipher()¶
提取SSLcipher属性。
示例::
set req.http.ssl-cipher = proxy.ssl_cipher();
仅限于: client 。
字符串cert_sign()¶
提取证书签名算法属性。
示例::
set req.http.cert-sign = proxy.cert_sign();
仅限于: client 。
字符串cert_key()¶
提取证书密钥算法属性。
示例::
set req.http.cert-key = proxy.cert_key();
仅限于: client 。
另请参阅¶
COPYRIGHT¶
Copyright (c) 2018 GANDI SAS
All rights reserved.
Author: Emmanuel Hocdet <manu@gandi.net>
SPDX-License-Identifier: BSD-2-Clause
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.