From 48f39402181d959cad88cb3f460210c007169f50 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Hoguin?= Date: Wed, 12 May 2021 11:13:47 +0200 Subject: Cowboy 2.9.0 --- .../ranch/1.8/manual/ranch_proxy_header/index.html | 274 +++++++++++++++++++++ 1 file changed, 274 insertions(+) create mode 100644 docs/en/ranch/1.8/manual/ranch_proxy_header/index.html (limited to 'docs/en/ranch/1.8/manual/ranch_proxy_header/index.html') diff --git a/docs/en/ranch/1.8/manual/ranch_proxy_header/index.html b/docs/en/ranch/1.8/manual/ranch_proxy_header/index.html new file mode 100644 index 00000000..3aae5bda --- /dev/null +++ b/docs/en/ranch/1.8/manual/ranch_proxy_header/index.html @@ -0,0 +1,274 @@ + + + + + + + + + + Nine Nines: ranch_proxy_header(3) + + + + + + + + + + + + + + +
+
+
+
+

99s

+
+
+ +
+ +
    +
  • + Github +
    • +
  • + +
    • +
+
+
+
+
+ + +
+ +
+
+
+
+ +

ranch_proxy_header(3)

+ +

Name

+

ranch_proxy_header - PROXY protocol

+

Description

+

The module ranch_proxy_header provides functions for parsing and building the PROXY protocol header.

+

Exports

+ +

Types

+

proxy_info()

+
+
proxy_info() = #{
+    %% Mandatory part.
+    version := 1 | 2,
+    command := local | proxy,
+    transport_family   => undefined | ipv4 | ipv6 | unix,
+    transport_protocol => undefined | stream | dgram,
+
+    %% Addresses.
+    src_address  => inet:ip_address() | binary(),
+    src_port     => inet:port_number(),
+    dest_address => inet:ip_address() | binary(),
+    dest_port    => inet:port_number(),
+
+    %% Extra TLV-encoded data.
+    alpn      => binary(), %% US-ASCII.
+    authority => binary(), %% UTF-8.
+    netns     => binary(), %% US-ASCII.
+    ssl       => #{
+        client   := [ssl | cert_conn | cert_sess],
+        verified := boolean(),
+        version  => binary(), %% US-ASCII.
+        cipher   => binary(), %% US-ASCII.
+        sig_alg  => binary(), %% US-ASCII.
+        key_alg  => binary(), %% US-ASCII.
+        cn       => binary()  %% UTF-8.
+    },
+
+    %% Unknown TLVs can't be parsed so the raw data is given.
+    raw_tlvs => [{0..255, binary()}]
+}.
+
+

The PROXY protocol information.

+

The following fields may be found, although most of them are optional:

+
version
+

The PROXY protocol version used.

+
+
command
+

proxy is used for proxied connections. local for non-proxied connections. Those do not have any additional information.

+
+
transport_family
+

The transport family of the original connection.

+
+
transport_protocol
+

The transport protocol of the original connection.

+
+
src_address
+

The source address of the original connection. This is the original address of the client.

+
+
src_port
+

The source port of the original connection. This is the port the client opened on its end for the connection. It is not defined for UNIX domain sockets.

+
+
dest_address
+

The destination address of the original connection.

+
+
dest_port
+

The destination port of the original connection. It is not defined for UNIX domain sockets.

+
+
alpn
+

The upper layer protocol in use over the connection. This is typically negotiated via the ALPN extension for TLS.

+
+
authority
+

The host name serving as authority for the connection. This is typically passed using the SNI extension for TLS.

+
+
netns
+

The namespace's name for the original connection.

+
+
ssl
+

Various informations pertaining to the original SSL/TLS connection.

+
client
+

A list containing a number of flags. ssl indicates that the client connected over SSL/TLS. cert_conn indicates that the client provided a certificate over the original connection. cert_sess indicates that the client provided a certificate at least once over the TLS session this connection belongs to.

+
+
verified
+

Whether the client presented a certificate and it was successfully verified.

+
+
version
+

The US-ASCII string containing the SSL/TLS version used for the original connection.

+
+
cipher
+

The US-ASCII string name of the cipher used.

+
+
sig_alg
+

The US-ASCII string name of the algorithm used to sign the certificate provided by the client.

+
+
key_alg
+

The US-ASCII string name of the algorithm used to generate the key of the certificate provided by the client.

+
+
cn
+

The UTF-8 string representation of the Common Name field of the client certificate's Distinguished Name.

+
+
+
+
raw_tlvs
+

The non-standard TLVs that Ranch was not able to parse.

+
+
+

Changelog

+
  • 1.7: Module introduced. +
    • +
+

See also

+

ranch(7)

+ + + + + + +
+ +
+ + +

+ Ranch + 1.8 + Function Reference + +

+ + + +

Navigation

+ +

Version select

+ + +

Like my work? Donate!

+

Donate to Loïc Hoguin because his work on Cowboy, Ranch, Gun and Erlang.mk is fantastic:

+
+ + + + + + + + + +

Recurring payment options are also available via GitHub Sponsors. These funds are used to cover the recurring expenses like food, dedicated servers or domain names.

+ + + +
+
+
+
+ + + + + + + + + -- cgit v1.2.3