Hi Tim, Joseph,
Thank you both very much for answering; so very much appreciated.
Am 02.09.2018 um 00:12 schrieb Joseph Sible:
Try removing the highlighted block of code:
https://github.com/TimWolla/haproxy-auth-request/blob/e6a686e6f192200a6c7001c303b87d2d6e9d4788/auth-request.lua#L45-L51
It's a monkey-patch to haproxy's socket that you might not need.
Yes, it's obsolete as of haproxy 1.8.4. But I don't believe it to be the
cause of the issues. It looks like the monkey patched function itself is
given invalid parameters.
so, this is good to know, but for the sake of completeness, I will
mention that I have commented that particular block of code, as well as
just the :old_settimeout line, as well as the block of code above it,
and I commented the timeout in the http.lua file, as suggested in the
blog post, plus I tried commenting and changing several other lines in
the auth-request.lua file.
the commenting and changing mostly(always?) ended up in the following error:
Lua function 'auth-request': runtime error: attempt to yield across a
C-call boundary from [C] field 'request',
/Computerisms/config/etc/haproxy.auth.lua:95 C function line 56.
I believe the issue might be that your version of LuaSocket calls
`settimeout` differently that I anticipated in haproxy-auth-request.
What version of LuaSocket are you using? Can you give your configuration?
Absolutely! I am really new to lua and haproxy both, so very possibly I
didn't do something as I was supposed to. I installed luasocket via
luarocks, I had to do some digging around to get it to install the
lua5.3 version, on debian it apparently has preference over lua5.1.
As per luarocks:
root@sand2lian:/etc/apache2# luarocks list
Installed rocks:
----------------
luasocket
3.0rc1-2 (installed) - /usr/local/lib/luarocks/rocks
As per dpkg:
root@sand2lian:/etc/apache2# dpkg -l lua5.3
ii lua5.3 5.3.3-1
my haproxy.cfg file is largely by the book as per your instructions on
github:
backend auth_request
mode http
option forwardfor
server auth-request 127.0.0.1:8044
frontend httpfront
bind ${ADDRESS}:80
mode http
option httplog
log global
http-request lua.auth-request auth_request /index.html
http-request deny if ! { var(txn.auth_response_successful) -m bool }
# redirect scheme https code 301 if !{ ssl_fc }
default_backend mooglehttp
hm, Tim, what you say about different versions actually might be the
right track; in your blog post the http.lua file you link to shows the line:
h.try(c:settimeout(_M.TIMEOUT))
as line 119, but in my file, that line is number 116, so doesn't seem to
be the same file... will see if I can follow this trail to a solution...
Best regards
Tim Düsterhus
