www.formilux.org

Hi, I hope you are well. I represent an experienced video production and marketing company that has produced over 800 episodes and 1000 Promotional videos. Plus we can actually help promote your company to the world as we have broadcast partners locally, internationally and online with stunning Vie

Re: Problems with haproxy 1.7.3 on FreeBSD 11.0-p8

On 17/03/2017 05:57 μμ, Aleksandar Lazic wrote: > Willy. > > Am 14-03-2017 22:17, schrieb Willy Tarreau: >> Matthias, >> >> I could finally track the problem down to a 5-year old bug in the >> connection handler. It already used to affect Unix sockets but it >> requires so rare a set of options an

Re: Problems with haproxy 1.7.3 on FreeBSD 11.0-p8

Hi Aleks, On Fri, Mar 17, 2017 at 05:57:02PM +0100, Aleksandar Lazic wrote: > I love your commit massages ;-). > > They are very detailed and sometimes bigger the the code change. That's expected, especially on a bug. The code is the result of a long analysis. If this analysis is lost, next time

Re: Some compilation SSL errors/warnings on debian testing

Le 16 mars 2017 à 17:49, Emmanuel Hocdet a écrit :Hi Emeric,Le 16 mars 2017 à 14:44, Emeric Brun a écrit :I'm clearly not sure that setting openssl's options to ~no-tlsxx have the same behavior than forcing the callback sets (using force-) to one protocol.I alwa

rsyslog -> tcp -> ssl -> SNI -> ssl -> rsyslog

Hi. The subject looks strange so let me the explain the setup a little bit. I have a old rsyslog without ssl module. I need to send syslog messages via tcp to a remote syslog server. Between the local server and the remote server is a haproxy which I can only use as https-sni-forwarder. http

Re: Problems with haproxy 1.7.3 on FreeBSD 11.0-p8

Willy. Am 14-03-2017 22:17, schrieb Willy Tarreau: Matthias, I could finally track the problem down to a 5-year old bug in the connection handler. It already used to affect Unix sockets but it requires so rare a set of options and even then its occurrence rate is so low that probably nobody not

Re: Problems with haproxy 1.7.3 on FreeBSD 11.0-p8

Dear Willy and Dmitry, Am 14.03.17 um 22:17 schrieb Willy Tarreau: Or you may prefer to wait for 1.7.4. It's not planned yet given that there are other fixes in the wild waiting for some feedback though. Thanks guys for the detailed feedback, it's now time to turn the page and switch to less di

WebSocket + compression + timeout tunnel broken in v1.7?

Hi! I upgraded a HAProxy instance from v1.6.10 to v1.7.3 with no changes to configuration and I noticed that now clients connecting to a WebSocket backend are getting disconnected after being idle for "timeout client" time rather than the much longer "timeout tunnel" time. As I understand it,

Re: Problems with haproxy 1.7.3 on FreeBSD 11.0-p8

> On 17 Mar 2017, at 12:04, Willy Tarreau wrote: > > Hi Dmitry, > > On Wed, Mar 15, 2017 at 12:45:54AM +0300, Dmitry Sivachenko wrote: >> I committed your patch to FreeBSD ports. > > I was just reported an undesired side effect of this patch with smtp > in clear without proxy-proto :-( > > [.

Re: Problems with haproxy 1.7.3 on FreeBSD 11.0-p8

Hi Dmitry, On Wed, Mar 15, 2017 at 12:45:54AM +0300, Dmitry Sivachenko wrote: > I committed your patch to FreeBSD ports. I was just reported an undesired side effect of this patch with smtp in clear without proxy-proto :-( The problem is that we're using the CONNECTED flag to indicate whether we

Re: Considering HAProxy to Bump TLS 1.1 Traffic to TLS 1.2

Hello, Ryan! I also propose a different approach... just in case. I had the same problem with some further constraints. The Java client runs on Windows and an haproxy instance running on another server was very difficult to setup complying to all the security policies. In this case it was mu