Re: JWT payloads break b64dec convertor

2018-05-27 Thread cripy
while probably not the most ideal solution... i found a quick method to do this using the builtin converters within the configuration to append the padding where necessary. here is an example: log-format %[var(txn.jwtpayload),b64dec] http-request set-var(txn.jwtpayload) req.hdr('x-jwtpayload')

[1.8.9] 100 CPU when using lxd resolver

2018-05-27 Thread Zinsser Zhang
After I updated from 1.8.8 to 1.8.9, the child process consumes 100% of one core from startup. Most of haproxy's functionality works fine (and of course much slower than before) except that commands (e.g. set state to MAINT) in the stat web page often result in a 502 bad gateway. After some

Re: Use acl on spoe events

2018-05-27 Thread Joao Morais
> Em 27 de mai de 2018, à(s) 12:02, Daniel Corbett > escreveu: > > Hello Joao, > > On 05/26/2018 05:54 PM, Joao Morais wrote: >> >> There is no difference if I use acl like the example above, or use the `if >> {...}` syntax or remove the acl at all, my modsecurity

Re: [PATCH] BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters

2018-05-27 Thread Daniel Corbett
Hello Willy, On 05/24/2018 04:16 PM, Willy Tarreau wrote: Interesting one! However it's not correct, it doesn't decrement the refcount on the return 0 path so the problem remains when a data type is looked up in a table where it is not stored. For example : Nice catch.  Thanks for pointing

Re: Use acl on spoe events

2018-05-27 Thread Daniel Corbett
Hello Joao, On 05/26/2018 05:54 PM, Joao Morais wrote: There is no difference if I use acl like the example above, or use the `if {...}` syntax or remove the acl at all, my modsecurity agent always receive a new connection despite of the host I’m using. Is there a way to use a spoe filter