On Wed, Feb 26, 2020 at 12:25:52PM +0100, Tim Düsterhus wrote:
> Thank you. When I try this within `conn_si_send_proxy`it works as expected.
>
> I have a question about the '} else if (!cs && conn->owner) {' case,
> though. It was added within this commit:
> https://github.com/haproxy/haproxy/commit/661167d136d5bf4ac40ac4fae450d66dd69a64df.
> The comment says something about SSL handshakes. However I am unable to
> trigger this condition. I tested with both SSL on the frontend bind line
> and on the backend server. Do you happen to know when I might not yet
> have a stream at the send proxy stage?
I don't exactly know but I think it's related to the zero-rtt mode
in TLS-1.3 because in this case we can get the request before the
handshake is complete. I think only Olivier knows how to trigger
this :-)
> Yes, my current implementation looks like that:
>
> server example 127.0.0.1:8082 send-proxy-v2 proxy-v2-options unique-id
Looks clean like this.
> The 'explicit focus' is just that the user should not expect the IDs to
> make sense when using HTTP/2 with multiple streams over a single
> connections.
I agree.
> Yes, I plan to make adjustments for `accept-proxy` with a new sample
> fetch as well.
OK thank you!
Willy
