haproxy 1.9.6 segfault in srv_update_status

We haven't had a chance to update to 1.9.8 yet, so we're still running 1.9.6 (Linux) in production, and just had 2 segfaults happen a little over an hour apart. When I look at the core dumps from them, the stack trace is the same. I'm not sure if this is an issue already fixed, so providing

Re: [PATCH 0/6] Kill deprecated configuration options

Hi Aleks, On Wed, May 15, 2019 at 05:51:25AM +0200, Aleksandar Lazic wrote: > For example such a generic replacement could be like this? > > http://cbonte.github.io/haproxy-dconv/1.9/configuration.html#4.2-reqrep > > # replace "/static/" with "/" at the beginning of any request path. > reqrep

Re: [PATCH 0/6] Kill deprecated configuration options

Hi. Wed May 15 05:07:05 GMT+02:00 2019 Willy Tarreau : > Hi Tim, > > On Tue, May 14, 2019 at 08:57:55PM +0200, Tim Duesterhus wrote: > > Okay, I did a sweep through the configuration parser and: > > > > 1. Made deprecated directives fatal and removed them from the docs. The > > error

Re: [PATCH 0/6] Kill deprecated configuration options

Hi Tim, On Tue, May 14, 2019 at 08:57:55PM +0200, Tim Duesterhus wrote: > Okay, I did a sweep through the configuration parser and: > > 1. Made deprecated directives fatal and removed them from the docs. The >error messages speak of "HAProxy 2.1", thus it should be merged into >some kind

Re: Loading multiple TLS certificates

On Mon, May 13, 2019 at 09:10:15PM +, Gibson, Brian (IMS) wrote: > > For the first time, I have a client that refused to let me use a wildcard > certificate. > So I submitted 6 separate CSRs and now have 6 separate certificates and 6 > separate keys. > The intermediate certificates all

[PATCH 3/6] CLEANUP: Make 'redispatch' directive fatal

It was deprecated with HAProxy 1.5. Time to remove it. --- doc/configuration.txt | 26 -- include/types/global.h | 2 +- src/cfgparse-listen.c | 14 +++--- 3 files changed, 4 insertions(+), 38 deletions(-) diff --git a/doc/configuration.txt

[PATCH 2/6] CLEANUP: Make 'block' directive fatal

It was deprecated with HAProxy 1.5. Time to remove it. --- doc/configuration.txt | 30 -- include/types/global.h | 2 +- src/cfgparse-listen.c | 30 -- 3 files changed, 5 insertions(+), 57 deletions(-) diff --git a/doc/configuration.txt

[PATCH 0/6] Kill deprecated configuration options

Willy, Am 06.05.19 um 07:23 schrieb Willy Tarreau: > On Mon, May 06, 2019 at 01:29:20AM +0200, Tim Düsterhus wrote: >> - What about 'resolution_pool_size'? The only thing it does is emitting >> a warning (not a fatal error). I believe it can also be removed from the >> documentation. > >

[PATCH 5/6] CLEANUP: Make 'option forceclose' actually warn

It is deprecated since 315b39c3914f4c2301ce19a93564566caa2ede50 (1.9-dev), but only was deprecated in the docs. Make it warn when being used and remove it from the docs. --- doc/configuration.txt | 8 examples/haproxy.vim | 2 +- include/types/global.h | 1 + src/cfgparse-listen.c |

[PATCH 1/6] CLEANUP: Make 'resolution_pool_size' directive fatal

This directive never appeared in a stable release and instead was introduced and deprecated within 1.8-dev. While it technically could be outright removed we detect it and error out for good measure. --- doc/configuration.txt | 5 - src/cfgparse.c| 4 ++-- 2 files changed, 2

[PATCH 4/6] CLEANUP: Make '(cli|con|srv)timeout' directive fatal

They were deprecated with HAProxy 1.5. Time to remove them. --- doc/configuration.txt | 139 ++--- examples/haproxy.vim | 4 +- include/types/global.h | 6 +- src/proxy.c| 29 - 4 files changed, 25 insertions(+), 153 deletions(-)

[PATCH 6/6] CLEANUP: Remove 'option independant-streams'

It is deprecated with HAProxy 1.5. Time to remove it. --- doc/configuration.txt | 4 src/proxy.c | 1 - 2 files changed, 5 deletions(-) diff --git a/doc/configuration.txt b/doc/configuration.txt index 85309bcc9..86251768c 100644 --- a/doc/configuration.txt +++

Re: [RFC PATCH v2] BUG/MEDIUM: compression: Rewrite strong ETags

Willy, Am 29.01.19 um 19:42 schrieb Willy Tarreau: >> Note: I added an `assert` in there to make sure that ht*_select_comp_reshdr >> actually verified the ETag header before I am touching it. There *is* >> precedence >> for `assert` in `checks.c`. Please remove the `assert` if you are not happy

Info required regarding health check in http mode.

Hi , I am using haproxy as L7 load balancer and in my configuration have enabled L4 level health checks to back end nodes. During testing for long duration saw intermittent healthcheck errors. Have few queries: 1) is it advisable to use L4 health checks for L7 load balancer ? 2) if backend

[PATCH] wurfl device detection fixes

Hi All. Here attached you may find a set of patches related to WURFL module. Patches from 0001 to 0004 should implements Christopher's last suggestions/issues. - segfault when I try to retrieve an unknown data (I mean not listed in wurfl-information-list). - the channel validity must

Re: [PATCH 1/2] BUG/MINOR: mworker: Prevent potential use-after-free in mworker_env_to_proc_list

William, Am 14.05.19 um 11:40 schrieb William Lallemand: > Sorry, I'm only reading this mail and I already fixed this one in the master! > All good, at least it's fixed. Take a look at the other patch (the memory leak), though! Best regards Tim Düsterhus

Re: [PATCH 1/2] BUG/MINOR: mworker: Prevent potential use-after-free in mworker_env_to_proc_list

Hi Tim, On Mon, May 13, 2019 at 02:37:24PM +0200, Tim Duesterhus wrote: > This was found by reading the code while investigating issue #96 and not > verified with any tools: > > If `child->pid` is falsy `child` will be freed instead of being added to > `proc_list`. The setting of

Did you know your society can be made more secure and convenient without any additional infrastructure?