Re: Config Segmentation Fault [2.0.1]
Hi Olivier, That makes sense. I figured it was one of my various odd settings not being tested with the other (this config is rather…complex), and I hoped your eyes would be better than mine. Glad they were! Thanks for getting this fixed up. I'll pull the latest git when I have the chance and confirm it fixes it. Best, Luke — Luke Seelenbinder Stadia Maps | Founder stadiamaps.com > On Jun 28, 2019, at 14:14, Olivier Houchard wrote: > > Hi Luke, > > On Fri, Jun 28, 2019 at 07:05:32AM +0200, Luke Seelenbinder wrote: >> Hello all, >> >> I've found a segfault in v2.0.1. I believe the issue is a no-ssl directive >> on a server line after seeing check ssl on default-server in defaults. >> Here's the snips of my config. I haven't been able to create a minimal >> config that recreates it, since my config is rather complex. >> >> defaults >> log global >> mode http >> default-server ca-file ca-certificates.crt resolvers default inter 5s >> fastinter 2s downinter 10s init-addr libc,last check ssl check-alpn http/1.1 >> pool-purge-delay 60s max-reuse 1500 alpn http/1.1 >> […snip…] >> backend varnish >> server varnish_local unix@/path-to-socket.sock no-check-ssl no-ssl >> >> If I remove no-ssl, it starts up, but the check naturally fails. If I add it >> back, I get a segmentation fault. I've tried this with and without unix >> sockets to verify it wasn't something related to IP binding. >> >> I'm happy to try alternatives / test things a bit. >> >> Best, > > Indeed, "check-alpn" failed to make sure we were really using a SSL connection > before attempting to change the ALPN. This should be fixed by commit > c50eb73b85f80ac1ac6e519fcab2ba6807f5de65, and should be backported to 2.0 > soon. > > Thanks a lot ! > > Olivier
Re: Config Segmentation Fault [2.0.1]
Hi Luke, On Fri, Jun 28, 2019 at 07:05:32AM +0200, Luke Seelenbinder wrote: > Hello all, > > I've found a segfault in v2.0.1. I believe the issue is a no-ssl directive on > a server line after seeing check ssl on default-server in defaults. Here's > the snips of my config. I haven't been able to create a minimal config that > recreates it, since my config is rather complex. > > defaults > log global > mode http > default-server ca-file ca-certificates.crt resolvers default inter 5s > fastinter 2s downinter 10s init-addr libc,last check ssl check-alpn http/1.1 > pool-purge-delay 60s max-reuse 1500 alpn http/1.1 > […snip…] > backend varnish > server varnish_local unix@/path-to-socket.sock no-check-ssl no-ssl > > If I remove no-ssl, it starts up, but the check naturally fails. If I add it > back, I get a segmentation fault. I've tried this with and without unix > sockets to verify it wasn't something related to IP binding. > > I'm happy to try alternatives / test things a bit. > > Best, Indeed, "check-alpn" failed to make sure we were really using a SSL connection before attempting to change the ALPN. This should be fixed by commit c50eb73b85f80ac1ac6e519fcab2ba6807f5de65, and should be backported to 2.0 soon. Thanks a lot ! Olivier
Config Segmentation Fault [2.0.1]
Hello all, I've found a segfault in v2.0.1. I believe the issue is a no-ssl directive on a server line after seeing check ssl on default-server in defaults. Here's the snips of my config. I haven't been able to create a minimal config that recreates it, since my config is rather complex. defaults log global mode http default-server ca-file ca-certificates.crt resolvers default inter 5s fastinter 2s downinter 10s init-addr libc,last check ssl check-alpn http/1.1 pool-purge-delay 60s max-reuse 1500 alpn http/1.1 […snip…] backend varnish server varnish_local unix@/path-to-socket.sock no-check-ssl no-ssl If I remove no-ssl, it starts up, but the check naturally fails. If I add it back, I get a segmentation fault. I've tried this with and without unix sockets to verify it wasn't something related to IP binding. I'm happy to try alternatives / test things a bit. Best, Luke — Luke Seelenbinder Stadia Maps | Founder stadiamaps.com