mirror of
https://git.haproxy.org/git/haproxy.git/
synced 2025-09-22 14:21:25 +02:00
b33fe2f4a2
Instead of using the same proxy as other http client calls (through lua for instance), the OCSP update will use a dedicated proxy which will enable it to change the log format and log conditions (for instance). This proxy will have the NOLOGNORM option and regular logging will be managed by the update task itself because in order to dump information related to OCSP updates, we need to control the moment when the logs are emitted (instead or relying on the stream's life which is decorrelated from the update itself). The update task then calls sess_log directly, which uses a dedicated ocsp logformat that fetches specific OCSP data. Sess_log was preferred to the more low level app_log because it offers the strength of "regular" sample fetches and allows to add generic information alongside OCSP ones in the log line. In case of connection error (unreachable server for instance), a regular httpclient log line will also be emitted. This line will have some extra HTTP related info that can't be provided by the ocsp update logging mechanism.