Re: Help tracking "connection refused" under pressure on v2.9

Hi Willy, On Fri, 29 Mar 2024 07:17:56 +0100 Willy Tarreau wrote: > > These "connection refused" is from our watchdog; but the effects are as > > perceptible from the outside. When our watchdog hits this situation, > > it will forcefully restart HAProxy (we have 2 instances) because there > >

[PATCH 2/4] CLEANUP: Reapply strcmp.cocci (2)

This reapplies strcmp.cocci across the whole src/ tree. --- src/event_hdl.c | 2 +- src/hlua_fcn.c | 8 src/sample.c| 2 +- src/tcp_act.c | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/src/event_hdl.c b/src/event_hdl.c index f5bb5b6e7e..f4f7b19e4d 100644

[PATCH 3/4] CLEANUP: Reapply xalloc_cast.cocci

This reapplies xalloc_cast.cocci across the whole src/ tree. --- src/cpuset.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/cpuset.c b/src/cpuset.c index 82e350f132..a20b81a25d 100644 --- a/src/cpuset.c +++ b/src/cpuset.c @@ -280,7 +280,7 @@ int cpu_map_configured(void)

[PATCH 1/4] CLEANUP: Reapply ist.cocci (3)

This reapplies ist.cocci across the whole src/ tree. --- src/resolvers.c | 4 ++-- src/stick_table.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/resolvers.c b/src/resolvers.c index f97fb29b01..d68208555f 100644 --- a/src/resolvers.c +++ b/src/resolvers.c @@

[PATCH 2/2] REGTESTS: Remove REQUIRE_VERSION=1.9 from all tests (2)

see also: 2a5fb62ad REGTESTS: Remove REQUIRE_VERSION=1.9 from all tests --- reg-tests/http-messaging/truncated.vtc | 1 - 1 file changed, 1 deletion(-) diff --git a/reg-tests/http-messaging/truncated.vtc b/reg-tests/http-messaging/truncated.vtc index 7579f6d763..7f262d75dc 100644 ---

[PATCH 1/2] REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+ (4)

Introduced in: dfb1cea69 REGTESTS: promex: Adapt script to be less verbose 36d936dd1 REGTESTS: write a full reverse regtest b57f15158 REGTESTS: provide a reverse-server test with name argument f0bff2947 REGTESTS: provide a reverse-server test see also: fbbbc33df REGTESTS: Do not use

[PATCH] PKCS#11 key support provider & engine (rev. 2)

Diff attached. Regards Richard diff --git a/include/haproxy/ssl_ckch-t.h b/include/haproxy/ssl_ckch-t.h index 0002b84d9..2470c45b2 100644 --- a/include/haproxy/ssl_ckch-t.h +++ b/include/haproxy/ssl_ckch-t.h @@ -56,6 +56,13 @@ struct ckch_data { X509 *ocsp_issuer; OCSP_CERTID *ocsp_cid; int

[RFC] PKCS#11 key support provider & engine (rev. 2) - GH#71

Hello list, [RFC] PKCS#11 key support provider & engine (rev. 2) Addresses: https://github.com/haproxy/haproxy/issues/71 This RFC now supports provider(OpenSSL 3) and engine(OpenSSL 1.1.1) The patch will follow in the next email. Background Here is the revised version of my original RFC[1] to

Re: Help tracking "connection refused" under pressure on v2.9

Hi Ricardo, On Thu, Mar 28, 2024 at 06:21:16PM -0300, Ricardo Nabinger Sanchez wrote: > Hi Willy, > > On Thu, 28 Mar 2024 04:37:11 +0100 > Willy Tarreau wrote: > > > Thanks guys! So there seems to be an annoying bug. However I'm not sure > > how this is related to your "connection refused",