mirror of
https://git.haproxy.org/git/haproxy.git/
synced 2025-10-18 02:51:24 +02:00
e43d5323c6
Just like the previous commit, we sometimes want to limit the rate of incoming SSL connections. While it can be done for a frontend, it was not possible for a whole process, which makes sense when multiple processes are running on a system to server multiple customers. The new global "maxsslrate" setting is usable to fix a limit on the session rate going to the SSL frontends. The limits applies before the SSL handshake and not after, so that it saves the SSL stack from expensive key computations that would finally be aborted before being accounted for. The same setting may be changed at run time on the CLI using "set rate-limit ssl-session global".