There were bug reports if centos 6 is broken. Which means people actively
use it
On Thu, May 28, 2020, 3:21 AM Tim Düsterhus wrote:
> Ilya,
>
> Am 27.05.20 um 22:53 schrieb Илья Шипицин:
> > Hello,
> >
> > let us skip new test on CentOS6
> >
>
> There definitely should be a smarter solution
Hi Tim,
On Wed, May 27, 2020 at 04:33:47PM +0200, Tim Düsterhus wrote:
> I already asked 2 weeks ago [1], but I'll ask again:
>
> > Is there any date planned for 2.1.5? I'm still running 2.1.3 on one
> > machine, because I use Dovecot.
>
> And I only just realize that 2.1.3 is affected by
Ilya,
Am 27.05.20 um 22:53 schrieb Илья Шипицин:
> Hello,
>
> let us skip new test on CentOS6
>
There definitely should be a smarter solution than "delete test" to skip
tests that depend on OpenSSL's features.
Or maybe we should just get rid of CentOS 6 tests, it will be end of
life on
Hello,
let us skip new test on CentOS6
Cheers,
Ilya Shipitcin
From 4585b4f3b3f6dcbef071b36e7a589cd89757818e Mon Sep 17 00:00:00 2001
From: Ilya Shipitsin
Date: Thu, 28 May 2020 01:50:57 +0500
Subject: [PATCH] CI: cirrus-ci: skip
reg-tests/connection/proxy_protocol_send_unique_id_alpn.vtc on
well, I do not have an idea why
extchk_setenv(check, EXTCHK_HAPROXY_SERVER_ADDR, check->argv[3]);
is used instead of
EXTCHK_SETENV(check, EXTCHK_HAPROXY_SERVER_ADDR, check->argv[3], err);
it means, some environment variables are set in "best effort" mode, i.e.
error is ignored. is it bad ?
Hi Christopher,
On Wed, May 27, 2020 at 07:03:58PM +0200, Christopher Faulet wrote:
> Here are patches to handle customizable 401/407 messages. In fact, only the
> second patch is really meaningful. There is no change for the http-request
> auth rule from the configuration point of view.
hello,
how does haproxy serves queries like that:
Range: bytes=0-,0-,0-,0-,
more info:
https://www.zdnet.com/article/rangeamp-attacks-can-take-down-websites-and-cdn-servers/
Cheers,
Ilya Shipitcin
Le 26/05/2020 à 10:22, Christopher Faulet a écrit :
In HAProxy 2.2, I guess 401/407 responses may be generated using an http-request
return rule, making http-request auth rule more or less deprecated. The only
mess is to handle 2 different responses depending on the request path when the
Hi List,
Willy,
Am 27.05.20 um 02:00 schrieb stable-...@haproxy.com:
> Last release 2.1.4 was issued on 2020-04-02. There are currently 52 patches
> in the queue cut down this way:
> - 1 MAJOR, first one merged on 2020-05-20
> - 20 MEDIUM, first one merged on 2020-05-01
> - 31
Christopher,
Am 27.05.20 um 13:38 schrieb Christopher Faulet:
> Thanks Tim. Now applied.
>
Ugh. I realize that I messed up all the commit hashes within the commit
message, because I've taken the hashes from my testing branch where I
cherry-picked them onto an old commit to verify the test fails
Hello,
On Wed, 27 May 2020 at 13:33, Илья Шипицин wrote:
> ср, 27 мая 2020 г. в 16:09, Tim Düsterhus :
>>
>> William,
>>
>> Am 27.05.20 um 12:40 schrieb William Lallemand:
>> > Hello List,
>> >
>> > Since HAProxy 1.8, the minimum default TLS version for bind lines is
>> > TLSv10. I was thinking
Ilya,
Am 27.05.20 um 13:33 schrieb Илья Шипицин:
>> As a data point:
>>
>> The OpenSSL shipped with Debian Buster does not support anything below
>> TLS 1.2 by default [1]. The same is true starting with Ubuntu 20.04 LTS.
>>
>
>
> I know several real-world cases when people had to build their
On 27 May 12:27, Loïc Chanel wrote:
> Hello,
>
> Do any of you guys know where I could find RPM files for 2.0 or 2.1 version
> ?
> I am looking for a public repository offering an automated build of HAproxy
> 2.X, but all I could find until now was this repo :
>
On 27 May 12:40, William Lallemand wrote:
> Hello List,
>
> Since HAProxy 1.8, the minimum default TLS version for bind lines is
> TLSv10. I was thinking to increase this minimum default to TLSv11 before
> the 2.2 release. But when we discussed the other day about the DH
> param set to 2048 by
Le 27/05/2020 à 12:58, Tim Duesterhus a écrit :
Christopher,
as mentioned in my comment in #640 I wrote a test that verifies that unique IDs
via PPv2 continue to work or ALPN servers in the future:
https://github.com/haproxy/haproxy/issues/640#issuecomment-634117124
The test does the
ср, 27 мая 2020 г. в 16:09, Tim Düsterhus :
> William,
>
> Am 27.05.20 um 12:40 schrieb William Lallemand:
> > Hello List,
> >
> > Since HAProxy 1.8, the minimum default TLS version for bind lines is
> > TLSv10. I was thinking to increase this minimum default to TLSv11 before
> > the 2.2 release.
William,
Am 27.05.20 um 12:40 schrieb William Lallemand:
> Hello List,
>
> Since HAProxy 1.8, the minimum default TLS version for bind lines is
> TLSv10. I was thinking to increase this minimum default to TLSv11 before
> the 2.2 release. But when we discussed the other day about the DH
> param
Christopher,
as mentioned in my comment in #640 I wrote a test that verifies that unique IDs
via PPv2 continue to work or ALPN servers in the future:
https://github.com/haproxy/haproxy/issues/640#issuecomment-634117124
The test does the bare minimum, receiving a single unique ID. The
as a person running pretty large load balancer installation, I confirm
there are a lot of usages of TLS10.
for example, depending on .net version, default setting might be TLS1.0 if
you run .net 4.5
the ability to turn TLS1.0 without recompile is the must thing to have.
I'm even not sure about
Hello List,
Since HAProxy 1.8, the minimum default TLS version for bind lines is
TLSv10. I was thinking to increase this minimum default to TLSv11 before
the 2.2 release. But when we discussed the other day about the DH
param set to 2048 by default, I read that RHEL 8 was also disabling
TLSv11 by
Hello,
Do any of you guys know where I could find RPM files for 2.0 or 2.1 version
?
I am looking for a public repository offering an automated build of HAproxy
2.X, but all I could find until now was this repo :
http://au1.mirror.crc.id.au/repo/el7-extra/x86_64/ and I don't know if the
owner
21 matches
Mail list logo
