On Tue, Aug 11, 2020 at 11:22:18AM +0900, Seri, Kim wrote:
> Hi,
>
> I've applied this patch in 2.2.x repository.
> It works well in any case.
>
>
Thanks, It will be backported in the next 2.2 release.
--
William Lallemand
On Thu, Jul 30, 2020 at 12:03:52PM +0200, William Lallemand wrote:
> On Fri, Jul 17, 2020 at 04:47:10PM +0900, Sehoon Kim wrote:
> > Hi,
> >
> > ssl-skip-self-issued-ca option does not work.
> > commit "83cb2cb7" seems to remove this option.
> >
> &
On Fri, Aug 07, 2020 at 10:19:23PM +0200, William Dauchy wrote:
> trivial commit, does not change the code behaviour
>
Thanks, merged!
--
William Lallemand
gt; v3:
> - add ssl_s_chain_der support
Thanks William, I merged both patches.
--
William Lallemand
On Wed, Aug 05, 2020 at 03:07:19PM +0200, William Dauchy wrote:
> On Wed, Aug 5, 2020 at 2:41 PM William Lallemand
> wrote:
> > I don't know if this is possible to fix it, but I think must of the SSL
> > fetches have
> > the problem.
>
> ok makes sense in
;
> + tmp_trash = alloc_trash_chunk();
> + for (i = 0; i < num_certs; i++) {
> + crt = sk_X509_value(certs, i);
> + if (ssl_sock_crt2der(crt, tmp_trash) <= 0)
> + goto out;
> + chunk_cat(smp_trash, tmp_trash);
> + }
--
William Lallemand
problem there, because a previous patch was breaking
the compatibility with the bundles...
I'm not sure how to fix this since we can't skip the the Root CA with
SSL_CTX_set1_chain. Maybe we could move it from the chain and move it to
the issuer.
--
William Lallemand
icial" mirror, I deliberately
wrote "unofficial mirror" everywhere in the description because it was
used for test purposes at some point, but we decided to use github
instead.
--
William Lallemand
> * function returns a SSL_CTX object or NULL if an error occurs. */
> static SSL_CTX *
> @@ -1828,6 +1876,11 @@ ssl_sock_do_create_cert(const char *servername, struct
> bind_conf *bind_conf, SSL
> X509_EXTENSION_free(ext);
> }
>
> + /* Add SAN extension */
> + if (bind_conf->ca_sign_use_san && ssl_sock_add_san_ext(, newcrt,
> servername)) {
> + goto mkcert_error;
> + }
> +
> /* Sign the certificate with the CA private key */
>
> key_type = EVP_PKEY_base_id(capkey);
I'll be away for a few days but I'm totally okay with merging these
once you made the small changes I suggested!
Thanks!
--
William Lallemand
etting is optional and used only when
Copy-paste error there :-)
> + the dynamic generation of certificates is enabled. See
> + 'generate-certificates' for details.
> + Enabling this flag will attach all public certificates encoded in
> `ca-sign-file`
> + to the served certificate to the client, enabling trust.
> +
--
William Lallemand
On Fri, Jun 26, 2020 at 01:25:42PM +0500, Илья Шипицин wrote:
> пт, 26 июн. 2020 г. в 13:18, William Lallemand :
>
> > Hello,
> >
> > On Sat, Jun 20, 2020 at 11:42:57PM +0500, Илья Шипицин wrote:
> > > include/haproxy/openssl-compat.h | 7 +++
> >
X509_get_X509_PUBKEY
> -#define X509_get_X509_PUBKEY(x) ((x)->cert_info->key
> -#endif
> -
> #endif
>
> #if (HA_OPENSSL_VERSION_NUMBER < 0x1000100fL)
> --
> 2.26.2
>
Regards,
--
William Lallemand
t possible yet, but we were asked this many time
and we will definitively improve that.
At the moment the moment what is logged is the error string which is
provided by OpenSSL.
A ticket was open a few days ago about it on github
https://github.com/haproxy/haproxy/issues/693
Regards,
--
William Lallemand
your help and replies, this is a very interesting
> approach to loading/unloading certificates without the need to restart
> the instance.
>
You are right, currently you should use the exact path as seen in
"show ssl crt-list", the command was for crt-lists only at the
beginnin
On Wed, Jun 17, 2020 at 03:34:41PM +0200, bjun...@gmail.com wrote:
> Am Mittwoch, 17. Juni 2020 schrieb William Lallemand >
> > With these commands you created a certificate storage, but the
> > certificate is unused because it is not associated with any bind
> > line.
ncrypt/CN=Let's Encrypt Authority X3
> Chain Issuer: /O=Digital Signature Trust Co./CN=DST Root CA X3
> --[End]----------
>
With these commands you created a certificate storage, but the
certificate is unused because it is not associated with any bind
line. To do so, you should add your certificate to a crt-list or a
directory.
In your configuration file, "/etc/haproxy/ssl/" is the directory
associated to your bind line. To associate this file to your directory
you must do:
"add ssl crt-list /etc/haproxy/ssl/ /etc/haproxy/ssl/bar.com.pem"
as documented here:
https://cbonte.github.io/haproxy-dconv/2.2/management.html#add%20ssl%20crt-list
Regards,
--
William Lallemand
raw the line.
>
I think that's a good idea but It will probably because it will let us
test the deinit() with all the diversity of configuration we have in the
reg-tests.
But I also agree with Willy and we should be careful about the
consequences of this change. If there is too much changes to handle it
may be painful to do it before the 2.2 release.
--
William Lallemand
On Mon, Jun 15, 2020 at 03:48:40PM +0200, Tim Düsterhus wrote:
> William,
>
> Am 15.06.20 um 14:56 schrieb William Lallemand:
> > I think I found the problem, could you try the attached patch for 2.1?
> >
>
> I'd prefer not, because I don't have a staging system where
hould I file a bug report?
>
> Best regards
> Tim Düsterhus
Hello Tim,
I think I found the problem, could you try the attached patch for 2.1?
Thanks,
--
William Lallemand
>From 671197ebf116b053169d6a2ec27ded0b2d090f93 Mon Sep 17 00:00:00 2001
From: William Lallemand
Date: Mon, 15
: connections: align function declaration
BUG/MINOR: pollers: remove uneeded free in global init
Revert "BUG/MEDIUM: connections: force connections cleanup on server
changes"
William Lallemand (7):
REGTEST: ssl: test the client certificate authentication
BUG/MEDIUM: mw
d it and pushed it in the 2.1 git.
Regards,
--
William Lallemand
On Thu, Jun 11, 2020 at 07:47:32PM +0200, Jerome Magnin wrote:
> On Thu, Jun 11, 2020 at 07:27:26PM +0200, William Lallemand wrote:
> > On Thu, Jun 11, 2020 at 12:41:51PM +0200, Jerome Magnin wrote:
> > > 72d9f3351 BUILD: chunk: properly declare pool_head_trash as extern
>
warning with some compilers/linkers
>
> regards,
> Jérôme
The 1.8 didn't receive any new backports since the 1.8.25 release, but I
take notes of these two, thanks!
--
William Lallemand
want to plan a final
> 1.9 release then as well.
>
We could probably do that, yes, I'll do a 2.0 and probably a 1.9 after
that.
--
William Lallemand
etwork key type mapping.
William Dauchy (1):
Revert "BUG/MEDIUM: connections: force connections cleanup on server
changes"
William Lallemand (6):
BUG/MEDIUM: mworker: fix the copy of options in copy_argv()
BUG/MINOR: init: -x can have a parameter starting with a dash
cause
> they don't fix bugs, but when you troubleshoot you quickly hate return :-)
>
> I didn't find any other one. Arre you using "set ssl cert" on the CLI ?
> I hope it's only that, it will be easy to fix. CCing William just in case.
>
I fixed the issue, the patch will come in the 2.1.6 which will be
released today.
--
William Lallemand
e at run time (i.e from running to
> maintenance state) and/or change ip/port of servers at runtime for a
> given backend.
>
> So basically, it will impact heavy users of the runtime API.
>
I'll issue a 2.1.6 on Monday.
--
William Lallemand
On Sat, May 30, 2020 at 04:19:02PM -0400, Joseph C. Sible wrote:
> On Sat, May 30, 2020 at 4:15 PM William Lallemand
> wrote:
> >
> > On Sat, May 30, 2020 at 03:41:51PM -0400, Joseph C. Sible wrote:
> > > Anyway, when max < TLSv1.2, I think we should make min
n 2.1 with "ssl-max-ver TLSv1.1" alone, HAProxy will
accept both TLSv1.0 and TLSv1.1. If we do this change in 2.2, the same
configuration will only accept TLSv1.1. I think this kind of
configurations is ambiguous so it's better to emit a warning if the max
if lower thant the default min.
--
William Lallemand
On Sat, May 30, 2020 at 08:41:04PM +0200, William Lallemand wrote:
> On Sat, May 30, 2020 at 02:04:56PM -0400, Joseph C. Sible wrote:
> > > Thanks for the feedbacks, I made the change and pushed it in the master.
> > >
> >
> > I'm happy about this c
won't be used. This was already the case
previously in fact, but the default was TLSv1.0 so it was less a
problem.
What I suggest is to display a warning if it happens, so people don't have
any surprise.
What do you think?
--
William Lallemand
that likely boil down to
> newer dependencies, timestamps, etc (since my older build is from 2
> weeks ago).
>
> (I'm not subscribed, so please keep me on CC for replies!)
>
The content of the tarball didn't changed, only the metadata.
I'm reuploading the old one as well as
ns cleanup on server changes
CLEANUP: connections: align function declaration
BUG/MINOR: pollers: remove uneeded free in global init
William Lallemand (5):
MINOR: ssl: improve the errors when a crt can't be open
BUG/MINOR: ssl/cli: memory leak in 'set ssl cert'
BUG
On Fri, May 29, 2020 at 11:35:42AM +0200, William Dauchy wrote:
> On Wed, May 27, 2020 at 12:42 PM William Lallemand
> wrote:
> > So in my opinion we should do the same, and set the minimum version to
> > TLSv12 by default on bind lines. It's still configurable with
> >
d support of
RHEL5 ends this year.
The recommandation is to use an OpenSSL version which is supported by
your maintained distribution or maintained by OpenSSL.
It's not quite difficult to keep the 0.9.8 support at the moment, but
once it begins to be painful, we'll probably drop it.
--
William Lallemand
On Wed, May 27, 2020 at 12:40:54PM +0200, William Lallemand wrote:
> Hello List,
>
> Since HAProxy 1.8, the minimum default TLS version for bind lines is
> TLSv10. I was thinking to increase this minimum default to TLSv11 before
> the 2.2 release. But when we discussed the other d
send_unique_id_alpn}.vtc
> - env VTEST_PROGRAM=../vtest/vtest make reg-tests || (for folder in
> /tmp/*regtest*/vtc.*; do cat $folder/INFO $folder/LOG; done && exit 1)
Thanks I pushed it.
--
William Lallemand
e how that
> evolves.
>
> I'm not suggesting we go down that route immediately, that's just food
> for a possibly durable design. Maybe as a first step we should at least
> plan for a dedicated command line option to list them all and implement
> very basic registration (without target version) as mentioned above.
>
I agree, could be a good idea.
--
William Lallemand
gt;
I agree for now, but once we have something we should remove all these
"rm vtc" in the CI.
--
William Lallemand
ould do a cleaner thing, set constants for SSL features
depending on the lib and version, and checks these constants instead of
the version in the code. The constant could then be reported like the
build options in haproxy -vv, and use that in REQUIRE_OPTIONS or in a
new variable like REQUIRE_FEATURES.
For example we could have in the .vtc:
REQUIRE_FEATURES=SSL_ALPN
--
William Lallemand
?
--
William Lallemand
riginal proposition in the commit message. As you
> wish.
Hello guys,
I just wanted to notify you that we are soon reaching the release of the
2.2 version. If the patches are ready before the end of the month, I'm
okay with taking them for this branch since this is not a major change.
--
William Lallemand
difficult to test every sample fetches nowadays.
There is already a vtc for client auth which is available here:
https://git.haproxy.org/?p=haproxy.git;a=blob;f=reg-tests/ssl/ssl_client_auth.vtc
Thanks!
--
William Lallemand
0
> Subject: [PATCH] DOC/MINOR: halog: Add long help info for ic flag
>
> Add missing long help text for the ic (ip count) flag
> ---
Thanks, applied!
--
William Lallemand
word here, but that stored value is
> overwritten before it can be used.
> 958word = args[arg + 1];
> 959arg = arg_end;
> ---
I made a few changes in your patch, I replaced 'src/acl.c' by 'acl' in
the subject, and I wrapped the body to 80 columns.
Thanks, applied.
--
William Lallemand
rt needed.
>
> Fixes: c0cdaffaa338 ("REORG: ssl: move ssl_sock_ctx and fix
> cross-dependencies issues")
> Signed-off-by: William Dauchy
Thanks, merged!
--
William Lallemand
used with mode http and
> ignored otherwise.
>
> Jérôme
> From e030ea97758cc8b6af5f655637137230e9a1791f Mon Sep 17 00:00:00 2001
> From: Jerome Magnin
> Date: Wed, 13 May 2020 20:09:57 +0200
> Subject: [PATCH] DOC: retry-on can only be used with mode http
Thanks, merged.
--
William Lallemand
ecisely the SSL, for each certificate
file, by loading separately the certs in a crt-list, instead of
configuring all certificates on the bind line.
--
William Lallemand
2.2 is
released, so it will simplify a lot of things. I encourage people
writing new features to not support multi-cert bundles, more
particularly on the CLI.
Unfortunately your patch is too late for 2.2, but I think it could be
great for the next release!
Regards,
--
William Lallemand
er(). If it ok for you, I can amend the commit to do
> the same. Let me know.
>
Hi,
Also, it should probably be tagged 'BUG/MEDIUM' instead of 'MEDIUM'
--
William Lallemand
On Wed, May 06, 2020 at 08:25:06PM +0200, William Lallemand wrote:
> I recall a discussion where the default openssl.cnf in some distribution
> was denying a DH lower than 2048. You probably think about this one.
>
Found the commit related to this:
https://github.com/haproxy/hapro
ue of 2048 because of
the warning, their modern distribution will probably deny a lower value,
and we add this warning a long time ago.
--
William Lallemand
o Ilya,
I'm surprised because I don't see anything related to PCRE in these
configurations. If it's related to the refactoring of the checks, it
seems weird to me because these 2 VTCs doesn't have complex checks or
tcp-checks.
--
William Lallemand
ate: Mon, 27 Apr 2020 23:35:13 +0500
> Subject: [PATCH] CI: cirrus-ci: remove reg-tests/checks/tcp-check-ssl.vtc on
> CentOS 6
>
Thanks, merged!
--
William Lallemand
> not used
>
> From aafd1cc7fd97de2d0e395197cd2a80a3d885e60d Mon Sep 17 00:00:00 2001
> From: Jerome Magnin
> Date: Fri, 3 Apr 2020 15:28:22 +0200
> Subject: [PATCH] MINOR: config: add a global directive to set default SSL
> curves
>
Thanks, both applied!
--
William Lallemand
sued-ca global option
>
> This option activate the feature introduce in commit 16739778:
> "MINOR: ssl: skip self issued CA in cert chain for ssl_ctx".
> The patch disable the feature per default.
Thanks, merged!
--
William Lallemand
On Wed, Apr 22, 2020 at 11:23:05AM +0200, Emmanuel Hocdet wrote:
> Hi William,
>
> It’s ok, thanks. I hope is the case for all of us.
>
> I will take time to do it.
>
> ++
> Manu
>
Okay, thanks!
--
William Lallemand
e listeners by default but I can't
display them either. I don't know if that's a regression in the master
or if I forgot the keyword doing that in the configuration.
--
William Lallemand
On Fri, Apr 03, 2020 at 10:34:12AM +0200, Emmanuel Hocdet wrote:
>
> > Le 31 mars 2020 à 18:40, William Lallemand a écrit
> > :
> >
> > On Thu, Mar 26, 2020 at 06:29:48PM +0100, William Lallemand wrote:
> >>
> >> After some thinking and
CH] CLEANUP: src/log.c: fix comment
>
> "fmt" is passed to parse_logformat_string, adjust comment
> accordingly
Thanks, merged.
--
William Lallemand
find that more readable too!
--
William Lallemand
>
> > (well, I first thought to add those option to travis, but it became
> > over-engineered from my point of view)
> >
> > Lukas, if you have suggestions how to add to travis, I can try.
> >
> > Cheers,
> > Ilya Shipitsin
> >
Thanks Ilya, I merged it.
--
William Lallemand
xy-dconv/2.2/configuration.html#3.1-mworker-max-reloads
Regards,
--
William Lallemand
I don't know the configuration of this page but it's probably just a
"use_backend" line in the frontend configuration
> Thanks,
> Ionel
>
--
William Lallemand
this yet, but
could be added in the future.
Regards,
--
William Lallemand
opment cycle.
--
William Lallemand
oxy was not trying to bind with it.
The error you observe is common when you try to launch HAProxy with a
port which is already used.
Please check with netstat or ss if the port used in your peer
configuration is already in use.
Regards,
--
William Lallemand
> Ilya Shipitcin
> From c0023f9a7328980e7313c0f7ebfb6d355dab0ea9 Mon Sep 17 00:00:00 2001
> From: Ilya Shipitsin
> Date: Tue, 7 Apr 2020 23:35:49 +0500
> Subject: [PATCH] CI: adopt openssl download script to download all versions
>
Merged, thanks!
--
William Lallemand
, 8 Apr 2020 00:29:26 +0500
> Subject: [PATCH] CI: cirrus-ci: rename openssl package after it is renamed in
> FreeBSD
>
> for the reason yet to be determined FreeBSD has renamed openssl111
> to openssl. let us rename as well
Merged, thanks.
--
William Lallemand
l crt-list certlist1 foobpar.pem' | socat /tmp/sock1 -
This is available in haproxy 2.2, tests and feedbacks are welcome!
--
William Lallemand
On Thu, Mar 26, 2020 at 06:29:48PM +0100, William Lallemand wrote:
>
> After some thinking and discussing with people involved in this part of
> HAProxy. I'm not feeling very confortable with setting this behavior by
> default, on top on that the next version is an LTS so its not a
LIB and the ADDLIB variables. You don't need to
change the LDFLAGS.
For example, you can do it this way:
USE_OPENSSL=1 SSL_INC='/opt/openssl-1.0.2u/include/'
SSL_LIB='/opt/openssl-1.0.2u/lib/' ADDLIB='-Wl,-rpath=/opt/openssl-1.0.2u/lib/'
> Cheers,
> Ilya Shipitcin
Regards,
--
William Lallemand
ision, CN = Thawte Premium Server CA,
> emailAddress = premium-ser...@thawte.com <mailto:premium-ser...@thawte.com>
After some thinking and discussing with people involved in this part of
HAProxy. I'm not feeling very confortable with setting this behavior by
default, on top on that the next version is an LTS so its not a good
idea to change this behavior yet. I think in most case it won't be a
problem but it would be better if it's enabled by an option in the
global section.
--
William Lallemand
new patch with an update of the documentation as you
suggested? Thanks
--
William Lallemand
On Wed, Mar 25, 2020 at 11:15:37AM +0100, Baptiste wrote:
> Hi there,
>
> A couple of patches here to cleanup and fix some bugs introduced
> by 13a9232ebc63fdf357ffcf4fa7a1a5e77a1eac2b.
>
> Baptiste
Thanks Baptiste, merged.
--
William Lallemand
is a patch which may fix this issue.
>
> Olivier, please could you give it a try?
>
>
> Regards.
>
I confirm that the patch does not produce any use after
free with this configuration.
Merged in master, thanks for the quick fix!
--
William Lallemand
al peer in the section. It should still
start in your case by specifying -L toto on the command line.
I think the peer pointer is still referenced in the stick-table which
tries to use it during its initialization. So if we want to free the
peer we need to remove its reference too.
--
William Lallemand
» proposal.
>
> ++
> Manu
>
>
Thanks, merged.
--
William Lallemand
On Mon, Mar 23, 2020 at 03:26:20PM +0100, Emmanuel Hocdet wrote:
>
> > Le 23 mars 2020 à 15:12, William Lallemand a écrit :
> >
> > On Mon, Mar 23, 2020 at 02:50:03PM +0100, Emmanuel Hocdet wrote:
> >>
> >> As discussed in #559
> >>
&
if (chain == NULL) {
> struct issuer_chain *issuer;
> - issuer = ssl_get_issuer_chain(ckchs->ckch->cert);
> + issuer = ssl_get0_issuer_chain(ckchs->ckch->cert);
> if (issuer) {
> chain = issuer->chain;
> chunk_appendf(out, "Chain Filename: ");
--
William Lallemand
I attached patch that fixes memory leak, described in #559
> >
>
> ++
> Manu
>
Thanks Manu, merged.
--
William Lallemand
For example you could explain what's the problem with travis,
link to a mailing thread where we discussed the problem etc.
Thanks!
--
William Lallemand
NULL when
fcount is 0.
This mistake was returning a NULL ptr with fcount == 0 because of
calloc, but with your patch that won't be the case anymore.
It will probably works since we don't do much thing when fcount is 0 but
we better be consistent.
I'm merging your patch and making another one for this.
Thanks Tim!
--
William Lallemand
On Wed, Mar 18, 2020 at 01:32:30PM +0100, Tim Düsterhus wrote:
> William,
>
> Am 18.03.20 um 13:30 schrieb William Lallemand:
> > Actually I think it's possible to run the CI on the pull requests :-)
> >
>
> Yes, in fact Travis does this by default. You can check
On Wed, Mar 18, 2020 at 01:23:44PM +0100, William Lallemand wrote:
> On Wed, Mar 18, 2020 at 01:17:09PM +0100, Willy Tarreau wrote:
> > It's really annoying to have to constantly commits into the project
> > just to experiment with random fixes there. The problem coul
t's what CI guys does
generally.
Or people could just run the CI on their own fork before submitting the
patches, but I don't know how complex this is, and we will need some doc
if we doc that.
--
William Lallemand
;.
If you grep on BUILD: in the git log, this keyword does not mean
anything anymore. And this is confusing in my opinion. We could
introduce "CI: " instead.
--
William Lallemand
On Wed, Mar 04, 2020 at 11:28:13AM +0100, Emmanuel Hocdet wrote:
> Hi,
>
> « ca-no-names-file » renamed to « ca-verify-file »
>
> ++
> Manu
>
Thanks, merged.
I made a small edit in the documentation file so the directive is at the
right place in the alphabetical order.
--
William Lallemand
ique id, so it should be ok)
> >
> >
>
> Yes, it is safe to keep temp directories between 2 runs.
>
>
Not sure what you are trying to do, but keep in mind that the HTTP
legacy support was removed in 2.1, so you can't use
"no option http-use-htx" anymore.
--
William Lallemand
em
> >
>
> Rebased with current dev branch.
>
Thanks, applied.
I made a cosmetic change in the "show ssl cert" output, and also
reworded the commit message a little bit.
--
William Lallemand
ce with gdb? The arguments looks weird to
me, (too much arguments and weird values) and I don't know how reliable
is pstack about this.
Did you try to build haproxy 2.0 with your new compiler and do the same
tests? Do you have the same issue?
--
William Lallemand
ha_warning(warn);
> + ha_warning("%s", warn);
> free(warn);
> warn = NULL;
> }
> --
> 2.25.0
>
Merged, thanks!
--
William Lallemand
HOST="\[::1\]"
> fi
>
> md5=$(which md5 || which md5sum)
>
>
/bin/sh can be a symlink to bash, dash or anything else.
--
William Lallemand
>
> > ok
>
>
> documentation updated:
>
Thanks Manu!
Merged and pushed in master.
--
William Lallemand
On Thu, Feb 13, 2020 at 02:19:48PM +0500, Илья Шипицин wrote:
> Hello,
>
> while investigating #429, I've found some unused functions.
> let us remove them.
>
> Cheers,
> Ilya Shipitcin
Thanks Ilya, applied.
--
William Lallemand
covery of the
issuer is done in the documentation?
I think we will probably need more information in the "show ssl cert"
output in the future so the users can debug this kind of feature easily.
Thanks,
--
William Lallemand
> > section to prevent HAProxy to launch the dataplane-api again.
> >
>
>
> thank you, I'll try
>
> maybe it should be added to docs.
>
Could you open an issue on the dataplaneapi bugtracker? Because I'm not sure
this is the right behavior.
The doc speaks about "no option start-on-reload" but only if used by docker.
https://www.haproxy.com/documentation/hapee/1-9r1/configuration/dataplaneapi/
--
William Lallemand
lready being in use by
> > the old dataplane API process.
> >
>From what I understand of the dataplaneapi, it is reloaded upon a USR1 signal,
signal which is sent by the master process upon a reload.
So you probably just need to add "no option start-on-reload" in your program
section to prevent HAProxy to launch the dataplane-api again.
--
William Lallemand
ject.org/results/chipitsine/haproxy-rpm/fedora-31-aarch64/01207488-haproxy/builder-live.log.gz
>
> Martin, do you have arm64, can you check that ?
>
> cheers,
> Ilya Shipitcin
You probably need a lua-devel package which contain the .a and the .h.
--
William Lallemand
On Sat, Jan 25, 2020 at 04:59:42PM +, William Dauchy wrote:
> On Fri, Jan 24, 2020 at 4:40 PM William Lallemand
> wrote:
> > What we are trying to do with the certificates and the CLI, is to be able
> > to do
> > a 'reload' of the filesystem, but without relo
301 - 400 of 682 matches
Mail list logo
