Re: compile warning
2013/5/22 Dmitry Sivachenko trtrmi...@gmail.com: Hello! Hi, When compiling the latest haproxy snapshot on FreeBSD-9 I get the following warning: cc -Iinclude -Iebtree -Wall -O2 -pipe -O2 -fno-strict-aliasing -pipe -DFREEBSD _PORTS-DTPROXY -DCONFIG_HAP_CRYPT -DUSE_GETADDRINFO -DUSE_ZLIB -DENABLE_POL L -DENABLE_KQUEUE -DUSE_OPENSSL -DUSE_PCRE -I/usr/local/include -DCONFIG_HAPROX Y_VERSION=\1.5-dev18\ -DCONFIG_HAPROXY_DATE=\2013/04/03\ -c -o src/ev_kqueue .o src/ev_kqueue.c In file included from include/types/listener.h:33, from include/types/global.h:29, from src/ev_kqueue.c:30: include/common/mini-clist.h:141:1: warning: LIST_PREV redefined In file included from /usr/include/sys/event.h:32, from src/ev_kqueue.c:21: /usr/include/sys/queue.h:426:1: warning: this is the location of the previous definition For my part I can't reproduce it. $ uname -a FreeBSD mailhost2 9.1-RELEASE-p3 FreeBSD 9.1-RELEASE-p3 #0: Mon Apr 29 18:27:25 UTC 2013 r...@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 $ cc -v Using built-in specs. Target: amd64-undermydesk-freebsd Configured with: FreeBSD/amd64 system compiler Thread model: posix gcc version 4.2.1 20070831 patched [FreeBSD] rm src/ev_kqueue.o; cc -Iinclude -Iebtree -Wall -Werror -O2 -pipe -O2 -fno-strict-aliasing -pipe -DFREEBSD_PORTS -DTPROXY -DCONFIG_HAP_CRYPT -DUSE_GETADDRINFO -DUSE_ZLIB -DENABLE_POLL -DENABLE_KQUEUE -DUSE_OPENSSL -DUSE_PCRE -I/usr/local/include -DCONFIG_HAPROXY_VERSION=\1.5-dev18\ -DCONFIG_HAPROXY_DATE=\2013/04/03\ -c -o src/ev_kqueue.o src/ev_kqueue.c Doesn't produce any warning with haproxy-ss-20130515. Could you please tell me how to reproduce it ? Joris JFYI.
Re: compile warning
On 23.05.2013, at 11:22, joris dedieu joris.ded...@gmail.com wrote: For my part I can't reproduce it. $ uname -a FreeBSD mailhost2 9.1-RELEASE-p3 FreeBSD 9.1-RELEASE-p3 #0: Mon Apr 29 18:27:25 UTC 2013 r...@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 $ cc -v Using built-in specs. Target: amd64-undermydesk-freebsd Configured with: FreeBSD/amd64 system compiler Thread model: posix gcc version 4.2.1 20070831 patched [FreeBSD] rm src/ev_kqueue.o; cc -Iinclude -Iebtree -Wall -Werror -O2 -pipe -O2 -fno-strict-aliasing -pipe -DFREEBSD_PORTS -DTPROXY -DCONFIG_HAP_CRYPT -DUSE_GETADDRINFO -DUSE_ZLIB -DENABLE_POLL -DENABLE_KQUEUE -DUSE_OPENSSL -DUSE_PCRE -I/usr/local/include -DCONFIG_HAPROXY_VERSION=\1.5-dev18\ -DCONFIG_HAPROXY_DATE=\2013/04/03\ -c -o src/ev_kqueue.o src/ev_kqueue.c Doesn't produce any warning with haproxy-ss-20130515. Could you please tell me how to reproduce it ? Update to FreeBSD-9-STABLE if you want to reproduce it. This change was MFC'd to 9/stable after 9.1-RELEASE: http://svnweb.freebsd.org/base/stable/9/sys/sys/queue.h?view=log
Possible bug with compression
Hi, I think I've found a possible bug with the combination SSL, compression and NTLM auth. But, I'm not sure if it's really a bug or if NTLM auth is crap (well it is...). When enabling compression the authorization fails sometimes. When I disable compression everything is fine. I don't know if it's just a silly thing to enable compression in this situation. Has anyone else tried this? I'm running haproxy-dev18-ss-20130512 and my config is like: defaults log global mode http compression algo gzip option http-server-close option tcp-smart-accept option tcp-smart-connect option abortonclose frontend default-fe bind 1.2.3.4:80 bind a:b:c:d:e:f:80 bind 1.2.3.4:443 ssl crt /etc/haproxy/ssl/some.pem ciphers RC4:HIGH:!aNULL:!MD5 bind a:b:c:d:e:f:443 ssl crt /etc/haproxy/ssl/some.pem ciphers RC4:HIGH:!aNULL:!MD5 maxconn 512 option httplog option forwardfor option splice-auto # Add X-Forwarded-* headers http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Ssl on if { ssl_fc } http-request set-header X-Forwarded-Proto http if ! { ssl_fc } http-request set-header X-Forwarded-Ssl off if ! { ssl_fc } # Define hosts which need to redirect to HTTPS acl need_ssl hdr(Host) -i iis.host.local redirect scheme https if need_ssl ! { ssl_fc } # Define backends and redirect correct hostnames use_backend iis-backend if { hdr(Host) -i iis.host.local } backend iis-backend fullconn 20 no option http-server-close option httpchk GET / HTTP/1.0 server iis-stuff 2.3.4.5:80 cookie iis check inter 2000 Regard, Sander
Re: compile warning
2013/5/23 Dmitry Sivachenko trtrmi...@gmail.com: On 23.05.2013, at 11:22, joris dedieu joris.ded...@gmail.com wrote: For my part I can't reproduce it. $ uname -a FreeBSD mailhost2 9.1-RELEASE-p3 FreeBSD 9.1-RELEASE-p3 #0: Mon Apr 29 18:27:25 UTC 2013 r...@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 $ cc -v Using built-in specs. Target: amd64-undermydesk-freebsd Configured with: FreeBSD/amd64 system compiler Thread model: posix gcc version 4.2.1 20070831 patched [FreeBSD] rm src/ev_kqueue.o; cc -Iinclude -Iebtree -Wall -Werror -O2 -pipe -O2 -fno-strict-aliasing -pipe -DFREEBSD_PORTS -DTPROXY -DCONFIG_HAP_CRYPT -DUSE_GETADDRINFO -DUSE_ZLIB -DENABLE_POLL -DENABLE_KQUEUE -DUSE_OPENSSL -DUSE_PCRE -I/usr/local/include -DCONFIG_HAPROXY_VERSION=\1.5-dev18\ -DCONFIG_HAPROXY_DATE=\2013/04/03\ -c -o src/ev_kqueue.o src/ev_kqueue.c Doesn't produce any warning with haproxy-ss-20130515. Could you please tell me how to reproduce it ? Update to FreeBSD-9-STABLE if you want to reproduce it. This change was MFC'd to 9/stable after 9.1-RELEASE: http://svnweb.freebsd.org/base/stable/9/sys/sys/queue.h?view=log Thanks Dimitry for this precision.
change in stick-table mapping
Hi, I'm running haproxy-ss-20130509. I have load balancing set up with a stick table using an application-generated sticky session cookie. This running on two haproxy instances (with an Amazon ELB front-end). I'm noticing that the server will occasionally change a mapping from one server to another for no apparent reason. In other words, a given cookie value will go to server app1, and then later it will switch over to app2. The log doesn't show a DOWN message for app1. What might the cause of this be? As I read the docs, the entries in the stick-table are supposed to expire only after idle time - is that correct? peers balancers peer balancer1 10.0.2.85:1024 peer balancer2 10.0.3.174:1024 backend simulate option httpchk OPTIONS /simulate/api/status stick-table type string len 40 size 5M expire 120m peers balancers stick store-response set-cookie(SIMULATE_STICKY_SESSION) table simulate stick on cookie(SIMULATE_STICKY_SESSION) table simulate stick on url_param(SIMULATE_STICKY_SESSION,;) table simulate server app1 10.0.2.11:8080 cookie app1 check inter 1 server app2 10.0.3.11:8080 cookie app2 check inter 1 Best, WILL
[PATCH] MINOR: mute warnings while compiling with clang
Hello, I noticed several warings while compiling haproxy with clang (from FreeBSD 9.1 base system). * 145 unused-value regarding mini-clist.h (LIST_ADD, LIST_ADDQ, LIST_DEL) and standard.h (UBOUND src/haproxy.c:1206:4: warning: expression result unused [-Wunused-value] LIST_DEL(log-list); ^~~~ include/common/mini-clist.h:117:95: note: expanded from macro 'LIST_DEL' ...({ typeof(el) __ret = (el); (el)-n-p = (el)-p; (el)-p-n = (el)-n; (__ret); }) ^ The patch mute then by casting the return value to (void) as we can expect further usage of those values. * 14 empty-body regarding a gcc warning fix src/haproxy.c:1532:73: warning: if statement has empty body [-Wempty-body] if (write(pidfd, pidstr, strlen(pidstr)) 0) /* shut gcc warning */; ^ src/haproxy.c:1532:73: note: put the semicolon on a separate line to silence this warning [-Wempty-body] The patch just apply clang recommendation put the semicolon on a separate line to silence this warning (adding a hack to another). As they are quite long, patches are attached. Best regards Joris clang-unused-value.patch Description: Binary data clang-empty-body.patch Description: Binary data