pingora icon indicating copy to clipboard operation
pingora copied to clipboard
verified publisher icon cloudflare

Add sni to the SSL session digest

Open pszabop opened this issue 10 months ago • 3 comments

See issue #547

This PR adds the SNI to the session digest for SSL.

Rustls is stubbed because I couldn't figure out how to get it. Be happy to include that if someone can give me a hint.

I note to get the modified code to compile for Docker I had to modify the Dockerfile, as it looks like it hasn't kept up with the changes in optional modules. If you need an issue for that let me know. I doubt the patch is perfectly complete, the documentation on how to build all the options doesn't seem to be anywhere I can find it (and building with all options simultaneously breaks the build)

pszabop avatar Mar 24 '25 16:03 pszabop

I removed the patch to Dockerfile, it's clearly out of date with the github build actions and thus should be handled as a separate issue. Now handling local builds with act -j pingora

pszabop avatar Mar 24 '25 18:03 pszabop

I've been using this fix for months in production. I'm surprised it hasn't been added in 0.5 or 0.6. It would be really convenient if it was. @drcaramelsyrup

sdonal00 avatar Sep 17 '25 15:09 sdonal00

the entire SSL Digest creation method was changed and it causes merge conflicts and the function signature doesn't take the SNI. So will have to go through some effort to update the patch

pszabop avatar Nov 06 '25 00:11 pszabop