Re: Seeing server termination_state SD after updating from 1.6.11 to 1.7.5

2017-07-19 Thread Christopher Faulet
Le 06/07/2017 à 21:18, Christopher Faulet a écrit : Le 06/07/2017 à 18:56, Lukas Tribus a écrit : Hi Christopher, Am 30.06.2017 um 11:14 schrieb Christopher Faulet: We are seeing this as well on 1.7.5. The problem seems to be intermittent--it doesn't happen very often when I hit a system

RE: Build error with 51degrees library

2017-07-19 Thread Ben Shillito
Hi Willy, Thanks for the additional change. And that's quite alright, if there is a problem with our API that is affecting users live builds like this, then it will always be our top priority. Regards, Ben Shillito Developer O: +44 1183 287152 E: b...@51degrees.com T: @51Degrees

Re: Build error with 51degrees library

2017-07-19 Thread Willy Tarreau
Hi Ben, On Wed, Jul 19, 2017 at 05:49:44PM +, Ben Shillito wrote: > Hi Willy and HaProxy Forum, > > I appreciate this has caused users problems which we overlooked when making > these changes. Rest assured we are introducing fixed feature branches as part > of procedure to prevent this from

RE: Build error with 51degrees library

2017-07-19 Thread Ben Shillito
Hi Willy and HaProxy Forum, I appreciate this has caused users problems which we overlooked when making these changes. Rest assured we are introducing fixed feature branches as part of procedure to prevent this from happening again. We have done the following to remedy the current issues: 1.

Re: Failed to compile haproxy with lua on Solaris 10

2017-07-19 Thread Willy Tarreau
Hi! On Tue, Jul 18, 2017 at 03:17:29AM +, Akhnin Nikita wrote: > Bump! Any updates for this? So I actually implemented it in the master branch, in case you want to give it a try. "it works for me(tm)" :-) I'll stick a note to backport it into the next 1.7. Cheers, Willy

Re: [PATCH] BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0

2017-07-19 Thread Willy Tarreau
On Wed, Jul 19, 2017 at 04:15:49PM +0200, Emmanuel Hocdet wrote: > >> > >> src/ssl_sock.c: In function 'ssl_sock_load_cert_chain_file': > >> src/ssl_sock.c:3038:20: error: 'TLSEXT_signature_anonymous' undeclared > >> (first use in this function) > >> src/ssl_sock.c:3038:20: note: each undeclared

Re: [PATCH] BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0

2017-07-19 Thread Emmanuel Hocdet
Le 19 juil. 2017 à 15:37, Emmanuel Hocdet a écrit :Le 19 juil. 2017 à 14:54, Willy Tarreau a écrit :Hi guys,On Wed, Jul 12, 2017 at 03:36:24PM +0200, Emeric Brun wrote:Same worries, the openssl 0.9.8 is still maintained in redhat 5 so we shouldbe able to compile with

Re: [PATCH] BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0

2017-07-19 Thread Emmanuel Hocdet
> Le 19 juil. 2017 à 14:54, Willy Tarreau a écrit : > > Hi guys, > > On Wed, Jul 12, 2017 at 03:36:24PM +0200, Emeric Brun wrote: >> Same worries, the openssl 0.9.8 is still maintained in redhat 5 so we should >> be able to compile with this version. > > OK so I checked and this

Re: [PATCH] BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0

2017-07-19 Thread Willy Tarreau
Hi guys, On Wed, Jul 12, 2017 at 03:36:24PM +0200, Emeric Brun wrote: > Same worries, the openssl 0.9.8 is still maintained in redhat 5 so we should > be able to compile with this version. OK so I checked and this patch is OK with 0.9.8zh, 1.0.0t, 1.0.1u and 1.0.2k, so I merged it. However

Re: [PATCH] BUG/MINOR: contrib/mod_defender

2017-07-19 Thread Willy Tarreau
On Wed, Jun 07, 2017 at 02:07:32PM +0200, Dragan Dosen wrote: > Hi David, > > Thanks for feedback! > > On 7.6.2017. 12:45, David CARLIER wrote: > > Hi all, > > similarly to modsecurity, here is a proposal for mod_defender. > > > > Hope it is useful. > > > > Kind regards. > > It looks good to

Re: [PATCH] bis contrib mod security

2017-07-19 Thread Willy Tarreau
On Tue, Jun 06, 2017 at 11:36:49AM +0200, Thierry Fournier wrote: > It seems good for me. Willy can you integrate this patch ? applied, thanks guys! Willy

Re: [PATCH] Support proxies with identical names in Lua core.proxies

2017-07-19 Thread Willy Tarreau
Hi Adis, I missed this one. Thierry, I *think* it's OK, are you OK with me merging it ? Willy On Mon, Jun 05, 2017 at 05:37:23PM +0200, Adis Nezirovic wrote: > Hi guys, > > While playing with Lua API I've noticed that core.proxies attribute > doesn't return all the proxies, more precisely the

Re: Build error with 51degrees library

2017-07-19 Thread Willy Tarreau
Hi Ben, On Wed, Jul 19, 2017 at 09:33:28AM +, Ben Shillito wrote: > Hi HaProxy Forum, > > In relation to the build error with 51Degrees library. The data files > associated with Trie are very large and were destroying the performance of > the Git repository. As we believe a very small

RE: Build error with 51degrees library

2017-07-19 Thread Ben Shillito
Hi HaProxy Forum, In relation to the build error with 51Degrees library. The data files associated with Trie are very large and were destroying the performance of the Git repository. As we believe a very small percentage of users were actually using the files they are now being distributed

Re: Build error with 51degrees library

2017-07-19 Thread Florian Tham
On Wed, Jul 19, 2017 at 9:27 AM, Willy Tarreau wrote: > I just found a fork of the github repo here which I think could possibly > work, it even contains the v3.2.5 branch : > > https://github.com/aerendil/device-detection-nginx-fix > > It would be a good idea to clone it before

Re: Seeking Assistance: HTTP Headers Conf. to Access Web Product

2017-07-19 Thread Igor Cicimov
On Wed, Jul 19, 2017 at 5:29 PM, Coscend@HAProxy < haproxy.insig...@coscend.com> wrote: > Attached is the correct HAProxy log output. > > > > The attachment in the previous post was from an unrelated context. > Apologies. Thank you for your assistance. > > > > *From:* Coscend@HAProxy

RE: Seeking Assistance: HTTP Headers Conf. to Access Web Product

2017-07-19 Thread Coscend@HAProxy
Attached is the correct HAProxy log output. The attachment in the previous post was from an unrelated context. Apologies. Thank you for your assistance. From: Coscend@HAProxy [mailto:haproxy.insig...@coscend.com] Sent: Wednesday, July 19, 2017 2:16 AM To: haproxy@formilux.org Subject:

Re: Build error with 51degrees library

2017-07-19 Thread Willy Tarreau
On Wed, Jul 19, 2017 at 08:55:09AM +0200, Florian Tham wrote: > Same problem here. It seems 51degrees close-sourced the trie > algorithm, see > https://github.com/51Degrees/Device-Detection/blob/master/data/TRIE.txt: > > "The 51Degrees 'trie' algorithm is not open source and is only made >

Seeking Assistance: HTTP Headers Conf. to Access Web Product

2017-07-19 Thread Coscend@HAProxy
Hello HAProxy Community, We are seeking your assistance with the following issue we are facing with HAProxy being used as a reverse proxy server. Your vectors could help us learn and identify the cause of our issue and solve it. Thank you. ISSUE = We are able to successfully access

Re: Build error with 51degrees library

2017-07-19 Thread Florian Tham
Same problem here. It seems 51degrees close-sourced the trie algorithm, see https://github.com/51Degrees/Device-Detection/blob/master/data/TRIE.txt: "The 51Degrees 'trie' algorithm is not open source and is only made available through a proprietary license.". The github repo history has been