Hi again, Le mer. 6 mai 2020 à 17:47, Willy Tarreau <w...@1wt.eu> a écrit :
> Hi Olivier, > > On Wed, May 06, 2020 at 05:29:59PM +0200, Olivier D wrote: > > > Try applying this commit: > > > > > > > https://github.com/haproxy/haproxy/commit/02c88036a61e09d0676a2b6b4086af677b023b94 > > > > > > So this patch is not working for me, with or without patching Apache2 > with > > https://bz.apache.org/bugzilla/show_bug.cgi?id=63893 > > > > But "good news" : reverting 7f26391bc51 did the trick. > > This is sad. So this means that we've trained external components to > get used to our bugs and consider them to be the default behavior > despite what the doc says. > > > To make sure we are talking about the same things, I've attached both > > commits as patch files. > > - applying 7f26391bc.patch did not fix the issue > > - reverting 02c88036a.patch fixed the issue > > Then this is confusing because 7f2639 was already applied to your tree > and is supposed to be the one causing you the issue, and 02c88 was not > yet so you couldn't revert it. That's why I'd like to have a precise > description of the starting state and what operations you did which > worked and those which didn't. > My bad, I've inverted 7f26391bc and 02c88036a ... I should have used named patches instead of dealing with commit number. So to be clear : I'm using 2.0.14 source code. In this version, patch 7f26391bc is already applied and 02c88036a is not. So applying 02c88036a did nothing (well, it triggers two different non-working behaviour with Apache 2.4 patched, and a single behaviour without the patch on remoteip). And with clean source again, reverting 7f26391bc did the trick (on both Apache 2.4 versions). > > How safe is it to use 02c88036a reverted in production ? > > Either choice is safe for a given component. It's just that we send > wrong information on health checks, forcing other implementations to > implement bugs (see bug #511), that at least Dovecot doesn't support > a "relaxed" approach combining LOCAL with an address, and that from > what you're saying, Apache2 doesn't support LOCAL without an address. > > At this point I guess we'll have to revert all this from older branches > and provide a config option for 2.2+ to re-enable the old behavior for > compatibility with servers that got it wrong the first time. > Yes I understand. That's the price of fame :) HAProxy is now so widely used that softwares are implemented based on what HAProxy does instead of what the specs says. Olivier
