Mercurial > hg > nginx-site
comparison xml/en/docs/stream/ngx_stream_ssl_preread_module.xml @ 1798:59d1f512c3a0
Documented the ngx_stream_ssl_preread_module module.
author | Yaroslav Zhuravlev <yar@nginx.com> |
---|---|
date | Wed, 21 Sep 2016 20:46:16 +0300 |
parents | |
children | 9f7e12cf974f |
comparison
equal
deleted
inserted
replaced
1797:be868c8f6e9c | 1798:59d1f512c3a0 |
---|---|
1 <?xml version="1.0"?> | |
2 | |
3 <!-- | |
4 Copyright (C) Nginx, Inc. | |
5 --> | |
6 | |
7 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> | |
8 | |
9 <module name="Module ngx_stream_ssl_preread_module" | |
10 link="/en/docs/stream/ngx_stream_ssl_preread_module.html" | |
11 lang="en" | |
12 rev="1"> | |
13 | |
14 <section id="summary"> | |
15 | |
16 <para> | |
17 The <literal>ngx_stream_ssl_preread_module</literal> module (1.11.5) allows | |
18 extracting information from the | |
19 <link url="https://tools.ietf.org/html/rfc5246#section-7.4.1.2">ClientHello</link> | |
20 message without terminating SSL/TLS, | |
21 for example, the sever name requested through | |
22 <link url="https://tools.ietf.org/html/rfc6066#section-3">SNI</link>. | |
23 This module is not built by default, it should be enabled with the | |
24 <literal>--with-stream_ssl_preread_module</literal> | |
25 configuration parameter. | |
26 </para> | |
27 | |
28 </section> | |
29 | |
30 | |
31 <section id="example" name="Example Configuration"> | |
32 | |
33 <para> | |
34 <example> | |
35 map $ssl_preread_server_name $name { | |
36 backend.example.com backend; | |
37 default backend2; | |
38 } | |
39 | |
40 upstream backend { | |
41 server 192.168.0.1:12345; | |
42 server 192.168.0.2:12345; | |
43 } | |
44 | |
45 upstream backend2 { | |
46 server 192.168.0.3:12345; | |
47 server 192.168.0.4:12345; | |
48 } | |
49 | |
50 server { | |
51 listen 12346; | |
52 proxy_pass $name; | |
53 ssl_preread on; | |
54 } | |
55 </example> | |
56 | |
57 </para> | |
58 | |
59 </section> | |
60 | |
61 | |
62 <section id="directives" name="Directives"> | |
63 | |
64 <directive name="ssl_preread"> | |
65 <syntax><literal>on</literal> | <literal>off</literal></syntax> | |
66 <default>off</default> | |
67 <context>stream</context> | |
68 <context>server</context> | |
69 | |
70 <para> | |
71 Enables extracting information from the ClientHello message at | |
72 the <link doc="stream_processing.xml" id="preread_phase">preread</link> phase. | |
73 </para> | |
74 | |
75 </directive> | |
76 | |
77 </section> | |
78 | |
79 | |
80 <section id="variables" name="Embedded Variables"> | |
81 | |
82 <para> | |
83 <list type="tag"> | |
84 | |
85 <tag-name id="var_ssl_preread_server_name"><var>$ssl_preread_server_name</var></tag-name> | |
86 <tag-desc> | |
87 returns the server name requested through SNI | |
88 </tag-desc> | |
89 | |
90 </list> | |
91 </para> | |
92 | |
93 </section> | |
94 | |
95 </module> |