[PATCH 1/2] MINOR: ssl: disable SSL sample fetches when unsupported

Previously these fetches would return empty results when HAProxy was compiled without the requisite SSL support. This results in confusion and problem reports from people who unexpectedly encounter the behavior. --- src/ssl_sock.c | 27 +++ 1 file changed, 15

[PATCH 0/2] Re: Logging SSL pre-master-key

On 2017/6/30 10:32, Willy Tarreau wrote: > Hi Patrick, > > On Fri, Jun 30, 2017 at 10:28:11AM -0400, Patrick Hemmer wrote: >>> The issue I'm having is that there's no notification >>> that this will not work. Using #ifdef ensures that what is not supported will >>> report an error. Then the user

[PATCH 2/2] MINOR: ssl: add fetch 'ssl_fc_session_key' and 'ssl_bc_session_key'

These fetches return the SSL master key of the front/back connection. This is useful to decrypt traffic encrypted with ephemeral ciphers. --- doc/configuration.txt | 13 + src/ssl_sock.c| 35 +++ 2 files changed, 48 insertions(+) diff --git

Building on AIX 7.2

This is just for a quick sanity check. I'm not seeing much sign of any mention of haproxy on AIX beyond 5.3. Before I involve myself heavily in it, has anyone attempted a build of haproxy on AIX 7.2 or am I highly likely on a road to nowhere? TIA. Donald.

Re: [PATCH][MINOR] config: Implement 'parse-resolv-conf' directive for resolvers

> > > I also fixed the memory leaks that you pointed out. (I think) But I did > > notice that > > valgrind reports that the 'newnameserver' allocation is being leaked > > anyway, both > > when using parse-resolv-conf as well as the regular nameserver > > directive...Let > > me know if I should do