David BERARD e566ecbea8 MEDIUM: ssl: add support for prefer-server-ciphers option ...

I wrote a small path to add the SSL_OP_CIPHER_SERVER_PREFERENCE OpenSSL option
to frontend, if the 'prefer-server-ciphers' keyword is set.

Example :
	bind 10.11.12.13 ssl /etc/haproxy/ssl/cert.pem ciphers RC4:HIGH:!aNULL:!MD5 prefer-server-ciphers

This option mitigate the effect of the BEAST Attack (as I understand), and it
equivalent to :
	- Apache HTTPd SSLHonorCipherOrder option.
	- Nginx ssl_prefer_server_ciphers option.

[WT: added a test for the support of the option]

2012-09-04 15:35:32 +02:00

..

acl.h

MEDIUM: acl: support IPv6 address matching

2012-05-08 21:28:14 +02:00

arg.h

REORG: buffers: split buffers into chunk,buffer,channel

2012-09-03 20:47:32 +02:00

auth.h

[REORG] http: move the http-request rules to proto_http

2011-03-13 22:00:24 +01:00

backend.h

BUG/MAJOR: checks: don't call set_server_status_* when no LB algo is set

2012-05-19 19:09:46 +02:00

capture.h

[MAJOR] last bunch of capture changes for mempool v2

2007-05-13 22:46:04 +02:00

channel.h

CLEANUP: frontend: remove the old proxy protocol decoder

2012-09-03 20:47:35 +02:00

checks.h

MINOR: checks: add on-marked-up option

2012-06-03 23:48:42 +02:00

connection.h

MEDIUM: connection: add a new handshake flag for SSL (CO_FL_SSL_WAIT_HS).

2012-09-03 20:49:14 +02:00

counters.h

[MINOR] stats: report the number of requests intercepted by the frontend

2011-09-10 23:32:41 +02:00

fd.h

CLEANUP: includes: fix includes for a number of users of fd.h

2012-09-03 20:49:14 +02:00

freq_ctr.h

[MINOR] freq_ctr: add new types and functions for periods different from 1s

2010-08-10 14:01:09 +02:00

global.h

MINOR: ssl add global setting tune.sslcachesize to set SSL session cache size.

2012-09-03 22:36:33 +02:00

hdr_idx.h

[BUG] files were missing for hdr_idx in previous commit

2006-12-04 02:20:02 +01:00

lb_chash.h

[MEDIUM] build: switch ebtree users to use new ebtree version

2009-10-26 21:10:04 +01:00

lb_fas.h

MEDIUM: backend: add the 'first' balancing algorithm

2012-02-21 22:27:27 +01:00

lb_fwlc.h

[MEDIUM] build: switch ebtree users to use new ebtree version

2009-10-26 21:10:04 +01:00

lb_fwrr.h

[MEDIUM] build: switch ebtree users to use new ebtree version

2009-10-26 21:10:04 +01:00

lb_map.h

[CLEANUP] proxy: move last lb-specific bits to their respective files

2009-10-03 18:41:18 +02:00

log.h

REORG: buffers: split buffers into chunk,buffer,channel

2012-09-03 20:47:32 +02:00

peers.h

CLEANUP: connection: split sock_ops into data_ops, app_cp and si_ops

2012-09-03 20:47:31 +02:00

pipe.h

[MEDIUM] introduce pipe pools

2009-01-25 13:49:53 +01:00

port_range.h

[MEDIUM] add support for binding to source port ranges during connect

2009-06-10 12:23:32 +02:00

proto_http.h

REORG: buffers: split buffers into chunk,buffer,channel

2012-09-03 20:47:32 +02:00

proto_tcp.h

[MINOR] session-counters: use "track-sc{1,2}" instead of "track-{fe,be}-counters"

2010-08-10 18:04:15 +02:00

protocols.h

MEDIUM: ssl: add support for prefer-server-ciphers option

2012-09-04 15:35:32 +02:00

proxy.h

REORG: buffers: split buffers into chunk,buffer,channel

2012-09-03 20:47:32 +02:00

queue.h

[MAJOR] ported pendconn to mempools v2

2007-05-13 20:19:55 +02:00

sample.h

CLEANUP: includes: fix includes for a number of users of fd.h

2012-09-03 20:49:14 +02:00

server.h

MEDIUM: config: add "nosslv3" and "notlsv1" on bind and server lines

2012-09-03 23:55:16 +02:00

session.h

MAJOR: session: introduce embryonic sessions

2012-09-03 20:47:35 +02:00

signal.h

[MEDIUM] signals: add support for registering functions and tasks

2010-08-27 18:00:40 +02:00

stick_table.h

[MEDIUM] IPv6 support for stick-tables

2011-03-29 01:09:14 +02:00

stream_interface.h

MEDIUM: stream_interface: remove CAP_SPLTCP/CAP_SPLICE flags

2012-09-03 20:47:34 +02:00

task.h

[MEDIUM] signals: add support for registering functions and tasks

2010-08-27 18:00:40 +02:00

template.h

[CLEANUP] included common/version.h everywhere

2006-06-29 18:54:54 +02:00