clear acl filename
for each pattern entry:
add acl filename
Otherwise, I join a fix. Can you try it ?
i've tried a patch and it solves my problem!
btw, i have 39 frontends with 2 file declarations each, so resulting
regex was quite big.
time for 1.5.9 :)
--
konrad
?
i use haproxy 1.5.8 compiled from
https://github.com/bluerail/haproxy-centos spec with centos 5.
this lb processes 2-8k connections.
--
konrad rzentarzewski -- System Administrator, Efigence S.A.
Office: +48.223801313 Off-hours: +48.222961020 EFI42-RIPE
legal_blurb
Ten mail nie stanowi
version : 6.6 06-Feb-2006
PCRE library supports JIT : no (USE_PCRE_JIT not set)
Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.
--
konrad rzentarzewski
: #error The PCRE lib doesn't support
JIT. Change your lib, or remove the option USE_PCRE_JIT.
--
konrad rzentarzewski -- System Administrator, Efigence S.A.
Office: +48.223801313 Off-hours: +48.222961020 EFI42-RIPE
legal_blurb
Ten mail nie stanowi pisma i zamówienia handlowego wg. Kodeksu spółek
this acl:
acl foo hdr bar
- would match any header in 1.4
- wouldn't match anything in 1.5
as 1.5 documentation doesn't mention using hdr without header name, it
should probably raise error in config parser.
--
konrad rzentarzewski -- System Administrator, Efigence S.A.
Office
for bugs as of compile time
might change in future (as new openssl bugs are being uncovered).
and concerning SSL_OP_NO_SSLv3 versus disabling on protocol level - from
what ssllabs handshake simulation is giving me, i think this option also
disables DH = 1024 bits kex.
--
konrad rzentarzewski -- System
...
not really critical, but i'm just migrating 1.4+stunnel to 1.5 with
openssl builtin and i've found this difference, which gives me worse
score on ssllabs :)
--
konrad rzentarzewski -- System Administrator, Efigence S.A.
Office: +48.223801313 Off-hours: +48.222961020 EFI42-RIPE
7 matches
Mail list logo
