Re: compile warning
2013/5/22 Dmitry Sivachenko trtrmi...@gmail.com: Hello! Hi, When compiling the latest haproxy snapshot on FreeBSD-9 I get the following warning: cc -Iinclude -Iebtree -Wall -O2 -pipe -O2 -fno-strict-aliasing -pipe -DFREEBSD _PORTS-DTPROXY -DCONFIG_HAP_CRYPT -DUSE_GETADDRINFO -DUSE_ZLIB -DENABLE_POL L -DENABLE_KQUEUE -DUSE_OPENSSL -DUSE_PCRE -I/usr/local/include -DCONFIG_HAPROX Y_VERSION=\1.5-dev18\ -DCONFIG_HAPROXY_DATE=\2013/04/03\ -c -o src/ev_kqueue .o src/ev_kqueue.c In file included from include/types/listener.h:33, from include/types/global.h:29, from src/ev_kqueue.c:30: include/common/mini-clist.h:141:1: warning: LIST_PREV redefined In file included from /usr/include/sys/event.h:32, from src/ev_kqueue.c:21: /usr/include/sys/queue.h:426:1: warning: this is the location of the previous definition For my part I can't reproduce it. $ uname -a FreeBSD mailhost2 9.1-RELEASE-p3 FreeBSD 9.1-RELEASE-p3 #0: Mon Apr 29 18:27:25 UTC 2013 r...@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 $ cc -v Using built-in specs. Target: amd64-undermydesk-freebsd Configured with: FreeBSD/amd64 system compiler Thread model: posix gcc version 4.2.1 20070831 patched [FreeBSD] rm src/ev_kqueue.o; cc -Iinclude -Iebtree -Wall -Werror -O2 -pipe -O2 -fno-strict-aliasing -pipe -DFREEBSD_PORTS -DTPROXY -DCONFIG_HAP_CRYPT -DUSE_GETADDRINFO -DUSE_ZLIB -DENABLE_POLL -DENABLE_KQUEUE -DUSE_OPENSSL -DUSE_PCRE -I/usr/local/include -DCONFIG_HAPROXY_VERSION=\1.5-dev18\ -DCONFIG_HAPROXY_DATE=\2013/04/03\ -c -o src/ev_kqueue.o src/ev_kqueue.c Doesn't produce any warning with haproxy-ss-20130515. Could you please tell me how to reproduce it ? Joris JFYI.
Re: compile warning
On 23.05.2013, at 11:22, joris dedieu joris.ded...@gmail.com wrote: For my part I can't reproduce it. $ uname -a FreeBSD mailhost2 9.1-RELEASE-p3 FreeBSD 9.1-RELEASE-p3 #0: Mon Apr 29 18:27:25 UTC 2013 r...@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 $ cc -v Using built-in specs. Target: amd64-undermydesk-freebsd Configured with: FreeBSD/amd64 system compiler Thread model: posix gcc version 4.2.1 20070831 patched [FreeBSD] rm src/ev_kqueue.o; cc -Iinclude -Iebtree -Wall -Werror -O2 -pipe -O2 -fno-strict-aliasing -pipe -DFREEBSD_PORTS -DTPROXY -DCONFIG_HAP_CRYPT -DUSE_GETADDRINFO -DUSE_ZLIB -DENABLE_POLL -DENABLE_KQUEUE -DUSE_OPENSSL -DUSE_PCRE -I/usr/local/include -DCONFIG_HAPROXY_VERSION=\1.5-dev18\ -DCONFIG_HAPROXY_DATE=\2013/04/03\ -c -o src/ev_kqueue.o src/ev_kqueue.c Doesn't produce any warning with haproxy-ss-20130515. Could you please tell me how to reproduce it ? Update to FreeBSD-9-STABLE if you want to reproduce it. This change was MFC'd to 9/stable after 9.1-RELEASE: http://svnweb.freebsd.org/base/stable/9/sys/sys/queue.h?view=log
Possible bug with compression
Hi,
I think I've found a possible bug with the combination SSL, compression
and NTLM auth. But, I'm not sure if it's really a bug or if NTLM auth is
crap (well it is...).
When enabling compression the authorization fails sometimes. When I
disable compression everything is fine. I don't know if it's just a
silly thing to enable compression in this situation. Has anyone else
tried this?
I'm running haproxy-dev18-ss-20130512 and my config is like:
defaults
log global
mode http
compression algo gzip
option http-server-close
option tcp-smart-accept
option tcp-smart-connect
option abortonclose
frontend default-fe
bind 1.2.3.4:80
bind a:b:c:d:e:f:80
bind 1.2.3.4:443 ssl crt /etc/haproxy/ssl/some.pem ciphers
RC4:HIGH:!aNULL:!MD5
bind a:b:c:d:e:f:443 ssl crt /etc/haproxy/ssl/some.pem ciphers
RC4:HIGH:!aNULL:!MD5
maxconn 512
option httplog
option forwardfor
option splice-auto
# Add X-Forwarded-* headers
http-request set-header X-Forwarded-Proto https if { ssl_fc }
http-request set-header X-Forwarded-Ssl on if { ssl_fc }
http-request set-header X-Forwarded-Proto http if ! { ssl_fc }
http-request set-header X-Forwarded-Ssl off if ! { ssl_fc }
# Define hosts which need to redirect to HTTPS
acl need_ssl hdr(Host) -i iis.host.local
redirect scheme https if need_ssl ! { ssl_fc }
# Define backends and redirect correct hostnames
use_backend iis-backend if { hdr(Host) -i iis.host.local }
backend iis-backend
fullconn 20
no option http-server-close
option httpchk GET / HTTP/1.0
server iis-stuff 2.3.4.5:80 cookie iis check inter 2000
Regard,
Sander
Re: compile warning
2013/5/23 Dmitry Sivachenko trtrmi...@gmail.com: On 23.05.2013, at 11:22, joris dedieu joris.ded...@gmail.com wrote: For my part I can't reproduce it. $ uname -a FreeBSD mailhost2 9.1-RELEASE-p3 FreeBSD 9.1-RELEASE-p3 #0: Mon Apr 29 18:27:25 UTC 2013 r...@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 $ cc -v Using built-in specs. Target: amd64-undermydesk-freebsd Configured with: FreeBSD/amd64 system compiler Thread model: posix gcc version 4.2.1 20070831 patched [FreeBSD] rm src/ev_kqueue.o; cc -Iinclude -Iebtree -Wall -Werror -O2 -pipe -O2 -fno-strict-aliasing -pipe -DFREEBSD_PORTS -DTPROXY -DCONFIG_HAP_CRYPT -DUSE_GETADDRINFO -DUSE_ZLIB -DENABLE_POLL -DENABLE_KQUEUE -DUSE_OPENSSL -DUSE_PCRE -I/usr/local/include -DCONFIG_HAPROXY_VERSION=\1.5-dev18\ -DCONFIG_HAPROXY_DATE=\2013/04/03\ -c -o src/ev_kqueue.o src/ev_kqueue.c Doesn't produce any warning with haproxy-ss-20130515. Could you please tell me how to reproduce it ? Update to FreeBSD-9-STABLE if you want to reproduce it. This change was MFC'd to 9/stable after 9.1-RELEASE: http://svnweb.freebsd.org/base/stable/9/sys/sys/queue.h?view=log Thanks Dimitry for this precision.
change in stick-table mapping
Hi, I'm running haproxy-ss-20130509. I have load balancing set up with a stick table using an application-generated sticky session cookie. This running on two haproxy instances (with an Amazon ELB front-end). I'm noticing that the server will occasionally change a mapping from one server to another for no apparent reason. In other words, a given cookie value will go to server app1, and then later it will switch over to app2. The log doesn't show a DOWN message for app1. What might the cause of this be? As I read the docs, the entries in the stick-table are supposed to expire only after idle time - is that correct? peers balancers peer balancer1 10.0.2.85:1024 peer balancer2 10.0.3.174:1024 backend simulate option httpchk OPTIONS /simulate/api/status stick-table type string len 40 size 5M expire 120m peers balancers stick store-response set-cookie(SIMULATE_STICKY_SESSION) table simulate stick on cookie(SIMULATE_STICKY_SESSION) table simulate stick on url_param(SIMULATE_STICKY_SESSION,;) table simulate server app1 10.0.2.11:8080 cookie app1 check inter 1 server app2 10.0.3.11:8080 cookie app2 check inter 1 Best, WILL
[PATCH] MINOR: mute warnings while compiling with clang
Hello,
I noticed several warings while compiling haproxy with clang (from
FreeBSD 9.1 base system).
* 145 unused-value regarding mini-clist.h (LIST_ADD, LIST_ADDQ,
LIST_DEL) and standard.h (UBOUND
src/haproxy.c:1206:4: warning: expression result unused [-Wunused-value]
LIST_DEL(log-list);
^~~~
include/common/mini-clist.h:117:95: note: expanded from macro 'LIST_DEL'
...({ typeof(el) __ret = (el); (el)-n-p = (el)-p; (el)-p-n =
(el)-n; (__ret); })
^
The patch mute then by casting the return value to (void) as we can
expect further usage of those values.
* 14 empty-body regarding a gcc warning fix
src/haproxy.c:1532:73: warning: if statement has empty body [-Wempty-body]
if (write(pidfd, pidstr,
strlen(pidstr)) 0) /* shut gcc warning */;
^
src/haproxy.c:1532:73: note: put the semicolon on a separate line to
silence this warning [-Wempty-body]
The patch just apply clang recommendation put the semicolon on a
separate line to silence this warning (adding a hack to another).
As they are quite long, patches are attached.
Best regards
Joris
clang-unused-value.patch
Description: Binary data
clang-empty-body.patch
Description: Binary data
