-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 9/09/2014 5:19 p.m., Willy Tarreau wrote:
> Hi Dave,
>
> On Mon, Sep 08, 2014 at 04:25:22PM -0400, Dave McCowan wrote:
>>>
>>>
>>> Second patch :
>>>
>>>> diff --git a/include/types/connection.h
>>>> b/include/types/connection.h index 89f4f38..a75d45d 100644
>>>> --- a/include/types/connection.h +++
>>>> b/include/types/connection.h @@ -334,6 +334,7 @@ struct
>>>> proxy_hdr_v2 { #define PP2_TYPE_SSL 0x20 #define
>>>> PP2_TYPE_SSL_VERSION 0x21 #define PP2_TYPE_SSL_CN
>>>> 0x22 +#define PP2_TYPE_NETWORK_NAMESPACE 0x30
>>>
>>> Could you please avoid to fragment the values here, I fear the
>>> day we need a contiguous array and we can't find one anymore.
>>> Let's start at 0x23 for now. Note, since we're in development,
>>> we can change these numbers later, so let's not consider the
>>> PPv2 spec as "official" whenever it comes to what we stuff in
>>> haproxy-dev.
>>>
>>
>> Can I reserve three spots for SSL_SNI, SSL_NPN, and SSL_ALPN? We
>> can try to keep the SSL block contiguous for now.
I do not think three spots is right for those. Two would suffice for
ALPN and SNI values and I requested 0x01 (for ALPN) and 0x02 (for SNI
authority-URI) earlier. Although I am flexible on the exact values.
NPN is not necessary since ALPN is what got standardized in RFC7301
and contains the NPN value set. PPv2 senders should "upgrade" NPN
values to ALPN for transmission by just sending them in the ALPN TLV.
Also, please do not irrevocably link ALPN and SNI with SSL/TLS in the
macro name. They are also used by other transport and transfer
protocols. Names like these should suffice:
PP2_TYPE_ALPN
PP2_TYPE_ORIGIN or PP2_TYPE_AUTHORITY_URI
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUDtjfAAoJELJo5wb/XPRjE2wH/2+9cnzyyf9Kqbua16cqqPGE
vK8wrYOygzFcO9dGcKWnblUHsGBUOf80WcnIUg7YhhmH3r5afPcoRP7S5uzKtsCA
AY7XUMEZJKwZKR9UhVmgdZIhANZhLw134NnRYBzcPHZdLRVcBR0/4xK5UKvhVIIY
DD4R6CHB5latQ8ODq06lH7eyGoRSep2g3bTARaB6qEFZ+VuxZxbmzu1bOIfoMlPk
57PWUxgVJu2K+9d8laZ34CCUZ+9y3ZnZjbHES2kKsgNIhhEG0JUQ+WsmyCYlCvni
dBc8ZC1nRcky7SYw9RHiQgYiq18alK4tRtVeVpdujiMMhZF79LuE7rFxzs+6Yqw=
=XRC0
-----END PGP SIGNATURE-----
