How not to design a wire protocol
Hal Murray
hmurray at megapathdsl.net
Tue Mar 5 20:32:56 UTC 2019
> The spec already mandates that ALPN always be used and allocates a tag with
> IANA.
My call to
SSL_CTX_set_alpn_protos(client_ctx, alpn, sizeof(alpn));
is inside
#if (OPENSSL_VERSION_NUMBER > 0x1000200fL)
> tcp/123 is already a new firewall hole. If you want to work around
> unchangeable firewall rules you probably have to use 443 (and again rely on
> ALPN).
How does that work in practice? 443 is for HTTPS. Does Apache have a call
out mode? Is there a standard utility that does ALPN dispatching? What
fraction of clients send ALPN info?
--
These are my opinions. I hate spam.
More information about the devel
mailing list